E-commerce and trade

EU court clarifies age verification rules for pornographic websites

The Court of Justice of the European Union (CJEU) has clarified the conditions under which EU Member States may require age verification for users of pornographic websites and restrict the rebroadcasting of information about certain roadside checks.

The ruling concerns joined cases involving WebGroup Czech Republic, NKL Associates and Coyote System. The cases were referred by France’s Council of State and concerned French measures requiring pornographic websites to verify users’ ages and allowing restrictions on geolocation driving assistance services that rebroadcast information about certain roadside checks.

The companies argued that the measures breached the country-of-origin principle under the Directive on electronic commerce. Under that principle, information society services are generally governed by the laws of the Member State in which the provider is established.

The Court found that the contested measures, including age verification requirements, fall within the directive’s coordinated field and that applying them to providers established in other Member States constitutes a restriction on the free movement of the services concerned. However, it said the directive allows such restrictions under certain conditions.

The CJEU said Member States may impose measures on providers established elsewhere in the EU where necessary for recognised objectives such as public policy, public security, or public safety. According to the Court, protecting minors through age verification may constitute a public policy objective, while restrictions on rebroadcasting information about certain roadside checks may be justified on public security grounds.

The Court said such measures must be proportionate and targeted at specific information society services that actually prejudice those objectives. Except in urgent cases, the Member State taking the measure must first ask the provider’s Member State of establishment to act and must notify the European Commission and that Member State before adopting the measure.

The ruling means an EU Member State may require providers established in another Member State to introduce age verification systems to prevent minors from accessing pornographic websites, provided the directive’s conditions are met. The referring French court must determine whether the national age verification measures satisfy those conditions.

The Court also addressed liability for information stored and rebroadcast by online services. It said a provider cannot rely on the hosting liability exemption if it has knowledge of or control over the information. Control can exist when a provider uses an algorithm to determine the conditions, methods and priority according to which information is rebroadcast.

The decision therefore clarifies both the limits of the e-commerce country-of-origin principle and the circumstances in which algorithmic control over content distribution may affect platform liability.

Why does it matter?

The ruling provides important guidance on how EU Member States can pursue online safety objectives while respecting the Digital Single Market’s country-of-origin principle. In particular, it confirms that age verification requirements aimed at protecting minors may be applied to providers established in other Member States, provided procedural safeguards and proportionality requirements are met.

The judgement also has broader implications for platform governance and intermediary liability. By highlighting the relevance of algorithmic control in determining whether a provider can benefit from hosting liability exemptions, the Court contributes to ongoing debates about platform responsibility, content moderation and the legal consequences of algorithm-driven content distribution.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Thailand updates legal framework to modernise capital markets 

Thailand is advancing amendments to the Securities and Exchange Act to create a legal framework for electronic securities and support the digitalisation of its capital markets.

The draft bill has passed its first reading in the House of Representatives, with a special committee appointed to review the details before the second and third readings. The proposal would allow securities to be issued, held, transferred and used as collateral in electronic form with legal effect.

Government officials said the reform is intended to improve access to capital, reduce transaction costs and make capital market processes more efficient. The initiative forms part of Thailand’s broader effort to modernise financial infrastructure and support the digital economy.

The framework would apply to existing capital market instruments, including shares, bonds and investment units. Authorities have presented the measure as a way to digitise securities processes under a clearer legal and regulatory framework, rather than as a move to create a new category of unregulated digital assets.

The proposal also includes safeguards for investors and market integrity, including rules on securities registries, client assets and regulatory oversight of electronic securities transactions.

Why does it matter?

The reform shows how digital finance policy is moving beyond cryptocurrencies and payment systems into the core infrastructure of capital markets. By giving electronic securities legal effect, Thailand could reduce paperwork, lower transaction costs, and make fundraising more efficient. The practical impact will depend on the final text, regulatory implementation and whether market participants adopt the new digital processes at scale.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Netherlands requires one-click cancellation button for online purchases

The Netherlands has announced that online retailers and providers of online services will be required to include a clear cancellation button on their websites from 19 June 2026. The measure is intended to make it easier for consumers to exercise their right of withdrawal during the statutory 14 day cooling off period.

Under the new rules, customers will be able to cancel a purchase or service through a dedicated online button rather than completing a form or contacting customer services. The cancellation button will serve as an additional withdrawal mechanism and will not replace the standard withdrawal form.

After selecting the button, customers will need to confirm that they wish to cancel their purchase or service. Businesses will then be required to send a confirmation message acknowledging receipt of the cancellation request. This is in line with the right of withdrawal under the EU Consumer Rights Directive.

The requirements will apply to online retailers, providers of digital services such as online courses and coaching programmes, and sellers operating through social media platforms. The measure has been approved by the Dutch parliament.

Why does it matter?

The measure reflects a broader European effort to strengthen consumer protection in digital markets. While consumers already have the right to withdraw from many online purchases within a statutory cooling-off period, exercising that right can sometimes involve complex procedures or interactions with customer support.

By requiring a clear and accessible cancellation option, the Netherlands aims to reduce friction in the withdrawal process and improve transparency for consumers. The initiative also reflects growing regulatory attention to user experience and consumer rights in digital commerce, particularly in areas such as subscriptions, online services and social media-based sales.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Europol warns of rising online exploitation of minors

Europol has warned that criminal networks are increasingly using digital platforms to target, manipulate and recruit minors into criminal activity.

The agency said offenders exploit online environments, including dark web portals, social media networks, games and e-commerce platforms, which can offer anonymity, reach and operational efficiency. Europol and the EU member states have observed growing use of these digital tools to target and recruit minors.

According to Europol, young people are being drawn into offences including cyberattacks, drug distribution, online fraud and money laundering. In some cases, minors are also exposed to extremist ideologies, manipulation and pressure from online communities.

Europol said digital tools have made recruitment easier to scale and harder to detect. Minors may initially be approached as victims, but can later be pressured into carrying out further offences, increasing both the harm to the child and the reach of criminal networks.

The agency said it is working with the EU member states and international partners to strengthen intelligence sharing, operational support and the disruption of criminal groups. Prevention efforts also include awareness-raising and guidance for parents, educators and communities to help identify risks and support vulnerable minors.

Why does it matter?

The warning shows how child safety and organised crime are increasingly overlapping in online spaces. Social media, gaming environments, e-commerce platforms and dark web channels can be used not only to exploit minors, but also to recruit them into cybercrime, fraud, drug distribution or extremist networks. That creates a governance challenge for law enforcement, schools, parents and platforms, especially where manipulation, anonymity and cross-border digital services make early detection difficult.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Yen stablecoin planned by Japan’s largest lenders

Japan’s three largest banking groups aim to conduct live commercial transactions using a jointly issued stablecoin during fiscal year 2026, marking a significant step for the country’s regulated digital payments market.

MUFG Bank, Mizuho Bank and Sumitomo Mitsui Banking Corporation said the stablecoin would be issued under a trust agreement, with the three banks acting as joint settlors and a trust bank or similar institution acting as trustee.

The banks have signed a memorandum of understanding to establish a voluntary council to examine operational frameworks, governance, and other requirements for practical implementation. The stablecoin initiative follows a demonstration experiment selected in 2025 by Japan’s Financial Services Agency under its FinTech Proof-of-Concept Hub.

The banks said they plan to accelerate work towards live transactions in fiscal year 2026, while taking account of relevant laws, regulations and market trends. The council will also consider possible collaboration with other financial institutions and stakeholders.

The initiative comes as Japan continues to develop a regulated stablecoin market. Amendments to the Payment Services Act that took effect in June 2023 created a legal framework for fiat-backed stablecoins as electronic payment instruments, while recent rule changes have further clarified conditions for foreign stablecoins and cross-border digital payment activity.

Why does it matter?

The project shows how stablecoin development is moving from crypto-native markets into regulated banking infrastructure. A jointly issued stablecoin by Japan’s largest banks could support payments, settlement and cross-border transactions while keeping issuance within a supervised financial framework. It also signals Japan’s effort to position stablecoins as part of mainstream payment infrastructure rather than a parallel, lightly regulated crypto market.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Philippine regulator tightens oversight of digital assets

The Bangko Sentral ng Pilipinas has issued new coin and token listing guidelines for virtual asset service providers, setting clearer expectations for due diligence, monitoring and delisting.

The memorandum applies to all VASPs and clarifies how providers should review virtual assets before listing or offering them to customers. The central bank said the guidelines are intended to support financial stability and protect customers by ensuring virtual asset services are provided in a safe, sound and consumer-focused way.

VASPs are expected to assess coins and tokens across six areas: issuer background, market maturity, use cases, transparency, traceability and security, redemption, liquidity and reserves, and legal and compliance considerations.

For asset-backed or fiat-backed tokens, the guidelines call for information on lifecycle processes, reserve composition, reserve verifiability and stabilisation mechanisms. Providers should also assess cybersecurity risks, blockchain traceability, independent audits, legal status in other jurisdictions and potential anti-money laundering risks.

The BSP also requires VASPs to conduct ongoing monitoring of listed assets and define thresholds that would trigger suspension or delisting. Privacy-enhancing virtual assets, also known as privacy coins, remain prohibited from being listed or supported by licensed providers.

Why does it matter?

The guidelines show how crypto oversight is moving from licensing exchanges towards detailed supervision of which tokens can be offered to consumers. By requiring structured due diligence, reserve checks, legal review, cybersecurity assessment and delisting triggers, the Philippines is aligning digital asset oversight more closely with risk management and consumer protection. The stablecoin-related checks are especially relevant as regulators globally focus on reserve quality, redemption rights and market stability.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Europol-backed operation dismantles crypto laundering service used by ransomware gangs

An international law enforcement operation has dismantled a cryptocurrency laundering service allegedly used by ransomware gangs and cybercriminal networks to process more than €336 million in illicit funds.

The platform, known as ‘AudiA6’, is suspected of laundering proceeds from ransomware attacks, large-scale cryptocurrency thefts and other cybercrime activity between 2022 and 2025. Europol said the service was linked through its analysis to more than 15 international cybercrime investigations.

The coordinated action, supported by Europol and Eurojust, led to the arrest of two alleged administrators in Georgia. Authorities also took down 25 domains, seized more than 30 servers, blocked Telegram accounts used by the network and froze or seized cryptocurrency assets worth more than €778,000.

Investigators allege that the service used thousands of fraudulent exchange accounts created with stolen or purchased identities. Criminal clients allegedly transferred cryptocurrency to wallets controlled by the group and received laundered funds through complex transaction chains designed to obscure the money trail.

Authorities also confiscated more than 80 vehicles and several properties in Georgia. Europol said the case highlights how specialised money laundering services help sustain ransomware and other forms of cybercrime by making it easier for criminal groups to cash out stolen digital assets.

Why does it matter?

Crypto laundering services are a key part of the cybercrime economy because they allow ransomware groups and other attackers to turn stolen digital assets into usable funds. Disrupting such infrastructure can weaken criminal business models. Still, the case also shows why cybercrime investigations increasingly require cooperation between cyber units, financial investigators, prosecutors, crypto exchanges and cross-border law enforcement agencies.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Kraken becomes official crypto exchange supporter of FIFA World Cup 2026

Cryptocurrency exchange Kraken has been named the Official Crypto Exchange Supporter of the FIFA World Cup 2026, extending the visibility of digital asset firms in mainstream sports and entertainment.

According to Kraken, the partnership will focus on fan activations and product experiences across the tournament’s 16 host cities in Mexico, Canada and the United States. The company said the event is expected to reach a cumulative global audience of more than six billion people during its seven-week run.

The FIFA World Cup 2026 will be the first edition of the tournament to feature 48 teams, with 104 matches scheduled from 11 June to 19 July 2026. Kraken said the partnership is part of its broader strategy to use sports and cultural partnerships to raise awareness of digital assets.

The collaboration is expected to begin with the FIFA World Cup 2026 Countdown Concert, followed by further fan-focused programming during the tournament.

The announcement reflects the continued use of global sports events by crypto companies to reach mainstream audiences, even as digital asset products remain subject to regulatory scrutiny and consumer-risk concerns in many markets.

Why does it matter?

The partnership shows how crypto firms continue to use high-visibility sports events to reach mass audiences and normalise digital asset products. For digital policy, the relevant issue is not the sponsorship itself, but the consumer protection and regulatory context around crypto promotion, especially when marketing is attached to global events watched by millions of casual fans.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Visa expands AI and stablecoin tools for programmable commerce

Visa has announced new AI, stablecoin and tokenisation capabilities aimed at supporting agentic and programmable commerce.

The updates were presented at the Visa Payments Forum 2026 and focus on transactions initiated or supported by AI agents, as well as blockchain-based settlement and value transfer. Visa said the tools are intended to add trust, security and control as commerce becomes more automated.

The company introduced Agent Score, which allows merchants to assess whether their websites are ready for AI agents to navigate and complete tasks. It also announced an Agentic Directory of verified agents and merchants, intended to help participants identify legitimate actors in agentic commerce.

Visa also announced a strategic partnership with OpenAI that would allow AI agents to initiate Visa payments within defined user permissions. OpenAI will provide the conversational interface, while Visa will provide the underlying payment infrastructure.

The company introduced a Large Transaction Model trained on billions of transactions to improve fraud detection, authorisation performance and reduce false declines. It also announced token enhancements designed to add more transaction context, identity, permissions and behavioural signals to digital payment credentials.

On the settlement side, Visa said it is developing technology that would allow banks to issue tokenised deposits and is expanding stablecoin settlement pilots across multiple regions, blockchains and currencies. The company said it has moved billions of dollars in stablecoins across VisaNet, with an annualised run rate of about $7 billion as of March 2026. More than 160 stablecoin-linked card programmes are live or in development globally, according to Visa.

Why does it matter?

Visa’s announcements show how major payment networks are preparing for AI agents to initiate transactions and for stablecoins and tokenised deposits to play a larger role in settlement. The policy relevance lies in trust infrastructure: verifying agents and merchants, defining user permissions, managing fraud risk, strengthening digital identity signals and keeping programmable payment systems within regulated financial channels.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Crypto mixers gain recognition in US Treasury assessment

The US Treasury Department has acknowledged that cryptocurrency mixers may have lawful privacy uses, while warning that such tools remain vulnerable to abuse by illicit actors.

In a March 2026 report to Congress on innovative technologies to counter illicit finance involving digital assets, Treasury said lawful users may rely on mixers to protect sensitive financial information when transacting on public blockchains. The report said users may seek to conceal details about personal wealth, business payments, charitable donations or consumer spending habits.

Treasury distinguished between custodial digital asset services, including custodial mixers, and decentralised or non-custodial mechanisms that can operate without a central intermediary. Custodial services that accept and transmit value may be required to register with the Financial Crimes Enforcement Network as money services businesses, maintain records and file suspicious activity reports.

The report nevertheless stressed that criminals commonly use mixers, bridges and swaps to make illicit digital asset flows harder to trace. Treasury said mixing is frequently used by North Korea-linked cyber actors, money launderers, ransomware actors and darknet market participants.

Treasury also warned that stablecoins can form part of complex laundering processes involving mixers and other obfuscation techniques. According to the report, illicit actors may move stolen or fraud-linked assets through mixers and then swap them into stablecoins to break the traceable link to the original criminal activity.

The assessment was prepared under the GENIUS Act, which required the Treasury to examine innovative tools for countering illicit finance involving digital assets, including the role of mixers, tumblers and similar services.

Why does it matter?

The report shows the regulatory tension at the centre of digital asset policy: privacy tools can protect legitimate users on transparent public blockchains, but the same tools can also weaken AML/CFT controls, sanctions enforcement and law enforcement tracing. Treasury’s framing matters because future rules on mixers, DeFi, blockchain analytics and stablecoin compliance will need to balance financial privacy with security and illicit finance risks.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Diplo chatbot can make mistakes. Consider checking important information.