Digital cooperation

AI promises better communication tools for disabled users

Students with disabilities met technology executives at National Star College in Gloucestershire, UK to explain what they need from communication devices. Battery life emerged as the top priority, with users saying they need devices that last 24 hours without charging so they can communicate all day long.

One student who controls his device by moving his eyes said losing power during the day feels like having his voice ripped away from him. Another student with cerebral palsy wants her device to help her run a bath independently and eventually design fairground rides that disabled people can enjoy.

Technology companies responded by promising artificial intelligence improvements that will make the devices work much faster. The new AI features will help users type more quickly, correct mistakes automatically and even create personalised voices that sound like the actual person speaking.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

NVIDIA pushes forward with AI-ready data

Enterprises are facing growing pressure to prepare unstructured data for use in modern AI systems as organisations struggle to turn prototypes into production tools.

Around forty percent of AI projects advance beyond the pilot phase, largely due to limits in data quality and availability. Most organisational information now comes in unstructured form, ranging from emails to video files, which offers little coherence and places a heavy load on governance systems.

AI agents need secure, recent and reliable data instead of fragmented information scattered across multiple storage silos. Preparing such data demands extensive curation, metadata work, semantic chunking and the creation of vector embeddings.

Enterprises also struggle with the rising speed of data creation and the spread of duplicate copies, which increases both operational cost and security concerns.

An emerging approach by NVIDIA, known as the AI data platform, aims to address these challenges by embedding GPU acceleration directly into the data path. The platform prepares and indexes information in place, allowing enterprises to reduce data drift, strengthen governance and avoid unnecessary replication.

Any change to a source document is immediately reflected in the associated AI representations, improving accuracy and consistency for business applications.

NVIDIA is positioning its own AI Data Platform reference design as a next step for enterprise storage. The design combines RTX PRO 6000 Blackwell Server Edition GPUs, BlueField three DPUs and integrated AI processing pipelines.

Leading technology providers including Cisco, Dell Technologies, IBM, HPE, NetApp, Pure Storage and others have adopted the model as they prepare storage systems for broader use of generative AI in the enterprise sector.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

OpenAI and Intuit expand financial AI collaboration

Yesterday, OpenAI and Intuit announced a major strategic partnership aimed at reshaping how people manage their personal and business finances. The arrangement will allow Intuit apps to appear directly inside ChatGPT, enabling secure and personalised financial actions within a single environment.

An agreement that is worth more than one hundred million dollars and reinforces Intuit’s long-term push to strengthen its AI-driven expert platform.

Intuit will broaden its use of OpenAI’s most advanced models to support financial tasks across its products. Frontier models will help power AI agents that assist with tax preparation, cash flow forecasting, payroll management and wider financial planning.

Intuit will also continue using ChatGPT Enterprise internally so employees can work with greater speed and accuracy.

The partnership is expected to help consumers make more informed financial choices instead of relying on fragmented tools. Users will be able to explore suitable credit offers, receive clearer tax answers, estimate refunds and connect with tax specialists.

Businesses will gain tailored insights based on real time data that can improve cash flow, automate customer follow ups and support more effective outreach through email marketing.

Leaders from both companies argue that the collaboration will give people and firms a meaningful financial advantage. They say greater personalisation, deeper data analysis and more effortless decision making will support stronger household finances and more resilient small enterprises.

The deal expands the growing community of OpenAI enterprise customers and strengthens Intuit’s position in global financial technology.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Growing internet connections mask deep inequalities, says ITU report

According to a recent International Telecommunication Union (ITU) report, the number of internet connections continues to grow, but important inequalities persist across quality, affordability and usage.

The ITU’s Facts and Figures 2025 report estimates that nearly 6 billion people (around three-quarters of the world’s population) are online in 2025, up from 5.8 billion in 2024. Despite the increase, 2.2 billion remain offline, the majority in low- and middle-income countries.

The divide is especially stark in quality of connection. While 5G now reaches 55 per cent of the global population, coverage is heavily skewed: just 4 per cent of people in low-income countries have 5G access, compared to 84 per cent in high-income economies.

Users in wealthier countries also generate much more data, a typical user in a high-income country now sends or receives nearly eight times more mobile data than someone in a low-income country.

Affordability remains a major hurdle: even with falling median prices for mobile broadband, access is still unaffordable for about 60 per cent of the population in many low- and middle-income countries. Meanwhile, digital skills, especially advanced skills like online safety, problem-solving and content-creation, lag behind basic usage, limiting how effectively people can benefit from connectivity.

ITU Secretary-General Doreen Bogdan-Martin emphasised that achieving universal and meaningful connectivity isn’t just about getting people online, it also requires prioritising speed, reliability, cost and skills.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UAE unveils first regulated AED-backed stablecoin

The UAE has taken a major step in its digital finance strategy as the Central Bank of the UAE approved Zand to launch Zand AED, the nation’s first regulated, multi-chain AED-backed stablecoin. The new asset places the dirham on global blockchain rails under the oversight of a fully licensed bank.

Zand AED is fully backed by reserves in regulated accounts, with real-time transparency through independently audited smart contracts and attestations.

Being available on multiple public blockchains enables fast cross-border settlement and simpler integration for developers, enterprises, and financial institutions.

Zand leadership described the launch as a significant advancement for the UAE’s position in global financial innovation. They highlighted that Zand AED bridges traditional and decentralised finance, enabling payments, tokenisation, and digital asset applications.

Analysts expect the global stablecoin market to expand to trillions, and Zand AED positions the UAE as a leading hub for regulated digital finance. The stablecoin offers a secure, scalable foundation for institutions and FinTechs in a leading global financial ecosystem.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

The future of the EU data protection under the Omnibus Package

Introduction and background information

The Commission claims that the Omnibus Package aims to simplify certain European Union legislation to strengthen the Union’s long-term competitiveness. A total of six omnibus packages have been announced in total.

The latest (no. 4) targets small mid-caps and digitalisation. Package no. 4 covers data legislation, cookies and tracking technologies (i.e. the General Data Protection Regulation (GDPR) and ePrivacy Directive (ePD)), as well as cybersecurity incident reporting and adjustments to the Artificial Intelligence Act (AIA).

That ‘simplification’ is part of a broader agenda to appease business, industry and governments who argue that the EU has too much red tape. In her September 2025 speech to German economic and business associations, Ursula von der Leyen sided with industry and stated that simplification is ‘the only way to remain competitive’.

As for why these particular laws were selected, the rationale is unclear. One stated motivation for including the GDPR is its mention in Mario Draghi’s 2024 report on ‘The Future of European Competitiveness’.

Draghi, the former President of the European Central Bank, focused on innovation in advanced technologies, decarbonisation and competitiveness, as well as security. Yet, the report does not outline any concrete way in which the GDPR allegedly reduces competitiveness or requires revision.

The GDPR appears only twice in the report. First, as a brief reference to regulatory fragmentation affecting the reuse of sensitive health data across Member States (MS).

Second, in the concluding remarks, it is claimed that ‘the GDPR in particular has been implemented with a large degree of fragmentation which undermines the EU’s digital goals’. There is, however, no explanation of this ‘large fragmentation’, no supporting evidence, and no dedicated section on the GDPR as its first mention being buried in the R&I (research and innovation) context.

It is therefore unclear what legal or analytical basis the Commission relies on to justify including the GDPR in this simplification exercise.

The current debate

There are two main sides to this Omnibus, which are the privacy forward and the competitive/SME side. The two need not be mutually exclusive, but civil society warns that ‘simplification’ risks eroding privacy protection. Privacy advocates across civil society expressed strong concern and opposition to simplification in their responses to the European Commission’s recent call for evidence.

Industry positions vary in tone and ambition. For example, CrowdStrike calls for greater legal certainty under the Cybersecurity Act, such as making recital 55 binding rather than merely guiding and introducing a one-stop-shop mechanism for incident reporting.

Meta, by contrast, urges the Commission to go beyond ‘easing administrative burdens’, calling for a pause in AI Act enforcement and a sweeping reform of the EU data protection law. On the civil society side, Access Now argues that fundamental rights protections are at stake.

It warns that any reduction in consent prompts could allow tracking technologies to operate without users ever being given a real opportunity to refuse. A more balanced, yet cautious line can be found in the EDPB and EDPS joint opinion regarding easing records of processing activities for SMEs.

Similar to the industry, they support reducing administrative burdens, but with the caveat that amendments should not compromise the protection of fundamental rights, echoing key concerns of civil society.

Regarding Member State support, Estonia, France, Austria and Slovenia are firmly against any reopening of the GDPR. By contrast, the Czech Republic, Finland and Poland propose targeted amendments while Germany proposes a more systematic reopening of the GDPR.

Individual Members of the European Parliament have also come out in favour of reopening, notably Aura Salla, a Finnish centre-right MEP who previously headed Meta’s Brussels lobbying office.

Therefore, given the varied opinions, it cannot be said what the final version of the Omnibus would look like. Yet, a leaked draft document of the GDPR’s potential modifications suggests otherwise. Upon examination, it cannot be disputed that the views from less privacy-friendly entities have served as a strong guiding path.

Leaked draft document main changes

The leaked draft introduces several core changes.

Those changes include a new definition of personal and sensitive data, the use of legitimate interest (LI) for AI processing, an intertwining of the ePrivacy Directive (ePD) and GDPR, data breach reforms, a centralised data protection impact assessment (DPIA) whitelist/blacklist, and access rights being conditional on motive for use.

A new definition of personal data

The draft redefines personal data so that ‘information is not personal data for everyone merely because another entity can identify that natural person’. That directly contradicts established EU case law, which holds that if an entity can, with reasonable means, identify a natural person, then the information is personal data, regardless of who else can identify that person.

A new definition of sensitive data

Under current rules, inferred information can be sensitive personal data. If a political opinion is inferred from browsing history, that inference is protected.

The draft would narrow this by limiting sensitive data to information that ‘directly reveals’ special categories (political views, health, religion, sexual orientation, race/ethnicity, trade union membership). That would remove protection from data derived through profiling and inference.

Detected patterns, such as visits to a health clinic or political website, would no longer be treated as sensitive, and only explicit statements similar to ‘I support the EPP’ or ‘I am Muslim’ would remain covered.

Intertwining article 5(3) ePD and the GDPR

Article 5(3) ePD is effectively copied into the GDPR as a new Article 88a. Article 88a would allow the processing of personal data ‘on or from’ terminal equipment where necessary for transmission, service provision, creating aggregated information (e.g. statistics), or for security purposes, alongside the existing legal bases in Articles 6(1) and 9(2) of the GDPR.

That generates confusion about how these legal bases interact, especially when combined with AI processing under LI. Would this mean that personal data ‘on or from’ a terminal equipment may be allowed if it is done by AI?

The scope is widened. The original ePD covered ‘storing of information, or gaining access to information already stored, in the terminal equipment’. The draft instead regulates any processing of personal data ‘on or from’ terminal equipment. That significantly expands the ePD’s reach and would force controllers to reassess and potentially adapt a broad range of existing operations.

LI for AI personal data processing

A new Article 88c GDPR, ‘Processing in the context of the development and operation of AI’, would allow controllers to rely on LI to process personal data for AI processing. That move would largely sideline data subject control. Businesses could train AI systems on individuals’ images, voices or creations without obtaining consent.

A centralised data breach portal, deadline extension and change in threshold reporting

The draft introduces three main changes to data breach reporting.

  • Extending the notification deadline from 72 to 96 hours, giving privacy teams more time to investigate and report.
  • A single EU-level reporting portal, simplifying reporting for organisations active in multiple MS.
  • Raising the notification threshold when the rights and freedoms of data subjects are at ‘risk’ to ‘high risk’.

The first two changes are industry-friendly measures designed to streamline operations. The third is more contentious. While industry welcomes fewer reporting obligations, civil society warns that a ‘high-risk’ threshold could leave many incidents unreported. Taken together, these reforms simplify obligations, albeit at the potential cost of reducing transparency.

Centralised processing activity (PA) list requiring a DPIA

This is another welcome change as it would clarify which PAs would automatically require a DPIA and which would not. The list would be updated every 3 years.

What should be noted here is that some controllers may not see their PA on this list and assume or argue that a DPIA is not required. Therefore, the language on this should make it clear that it is not a closed list.

Access requests denials

Currently, a data subject may request a copy of their data regardless of the motive. Under the draft, if a data subject exploits the right of access by using that material against the controller, the controller may charge or refuse the request.

That is problematic for the protection of rights as it impacts informational self-determination and weakens an important enforcement tool for individuals.

For more information, an in depth analysis by noyb has been carried out which can be accessed here.

The Commission’s updated version

On 19 November, the European Commission is expected to present its official simplification package. This section will be updated once the final text is published.

Final remarks

Simplification in itself is a good idea, and businesses need to have enough freedom to operate without being suffocated with red tape. However, changing a cornerstone of data protection law to such an extent that it threatens fundamental rights protections is just cause for concern.

Alarms have already been raised after the previous Omnibus package on green due diligence obligations was scrapped. We may now be witnessing a similar rollback, this time targeting digital rights.

As a result, all eyes are on 19 November, a date that could reshape not only the EU privacy standards but also global data protection norms.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU examines Amazon and Microsoft influence in cloud services

European regulators have launched three market investigations into cloud computing amid growing concerns about sector concentration.

The European Commission will assess whether Amazon Web Services and Microsoft Azure should be designated as gatekeepers for their cloud services under the Digital Markets Act, despite not meeting the formal threshold criteria.

Officials argue that cloud infrastructure now underpins AI development and many digital services, so competition must remain open and fair.

A move that signals a broader shift in EU oversight of strategic technologies. Rather than focusing solely on size, investigators will examine whether the two providers act as unavoidable gateways between businesses and users.

They will analyse network effects, switching costs and the role of corporate structures that might deepen market dominance. If the inquiries confirm gatekeeper status, both companies will face the DMA’s full obligations and a six-month compliance period.

A parallel investigation will explore whether existing DMA rules adequately address cloud-specific risks that might limit competition. Regulators aim to clarify whether obstacles to interoperability, restricted access to data, tying of services and imbalanced contractual terms require updated obligations.

Insights gathered from industry, public bodies and civil society will feed into a final report within 18 months, potentially leading to changes via a delegated act.

EU officials underline that Europe’s competitiveness, technological resilience and future AI capacity rely on a fair cloud environment. They argue that a transparent and contestable market will strengthen Europe’s strategic autonomy and encourage innovation.

The inquiries will shape how digital platforms are regulated as cloud services become increasingly central to economic and social life.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft and NVIDIA expand partnership with Anthropic

Microsoft, NVIDIA, and Anthropic have announced new strategic partnerships to expand access to Anthropic’s rapidly growing Claude AI models. Claude will scale on Microsoft Azure with NVIDIA support, offering enterprise customers broader model choices and enhanced capabilities.

Anthropic has committed to purchase $30 billion of Azure compute capacity and additional capacity up to one gigawatt. NVIDIA and Anthropic will optimise Claude models for performance, efficiency, and cost, while aligning future NVIDIA architectures with Anthropic workloads.

The partnerships also extend Claude access across Microsoft Foundry, including frontier models like Claude Sonnet 4.5, Claude Opus 4.1, and Claude Haiku 4.5.

Microsoft Copilot products, including GitHub Copilot, Microsoft 365 Copilot, and Copilot Studio, will continue to feature Claude capabilities, providing enterprise users with integrated AI tools.

Microsoft and NVIDIA have committed $5 billion and $10 billion respectively to support Anthropic’s growth. The partnership makes Claude the only frontier AI model on all three top cloud platforms, boosting enterprise AI adoption and innovation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Old laws now target modern tracking technology

Class-action privacy litigation continues to grow in frequency, repurposing older laws to address modern data tracking technologies. Recent high-profile lawsuits have applied the California Invasion of Privacy Act and the Video Privacy Protection Act.

A unanimous jury verdict recently found Meta Platforms violated CIPA Section 632 (which is now under appeal) by eavesdropping on users’ confidential communications without consent. The court ruled that Meta intentionally used its SDK within a sexual health app, Flo, to intercept sensitive real-time user inputs.

That judgement suggests an electronic device under the statute need not be physical, with a user’s phone qualifying as the requisite device. The legal success in these cases highlights a significant, rising risk for all companies utilising tracking pixels and software development kits (SDKs).

Separately, the VPPA has found new power against tracking pixels in the case of Jancik v. WebMD concerning video-viewing data. The court held that a consumer need not pay for a video service but can subscribe by simply exchanging their email address for a newsletter.

Companies must ensure their privacy policies clearly disclose all such tracking conduct to obtain explicit, valid consent. The courts are taking real-time data interception seriously, noting intentionality may be implied when a firm fails to stem the flow of sensitive personally identifiable information.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

ALX and Anthropic partner with Rwanda on AI education

A landmark partnership between ALX, Anthropic, and the Government of Rwanda has launched a major AI learning initiative across Africa.

The program introduces ‘Chidi’, an AI-powered learning companion built on Anthropic’s Claude model. Instead of providing direct answers, the system is designed to guide learners through critical thinking and problem-solving, positioning African talent at the centre of global tech innovation.

An initiative, described as one of the largest AI-enhanced education deployments on the continent, that will see Chidi integrated into Rwanda’s public education system. A pilot phase will involve up to 2,000 educators and select civil servants.

According to the partners, the collaboration aims to ensure Africa’s youth become creators of AI technology instead of remaining merely consumers of it.

A three-way collaboration that unites ALX’s training infrastructure, Anthropic’s AI technology, and Rwanda’s progressive digital policy. The working group, the researchers noted, will document insights to inform Rwanda’s national AI policy.

The initiative sets a new standard for inclusive, AI-powered learning, with Rwanda serving as a launch hub for future deployments across the continent.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!