Consumer protection

OpenAI upgrades GPT-5.5 Instant conversation skills

OpenAI has updated GPT-5.5 Instant to make ChatGPT conversations more natural, useful and responsive to user intent.

According to the company’s release notes, the update is designed to improve conversational quality, especially when users are making decisions, asking for advice, planning, researching options or shopping.

OpenAI said GPT-5.5 Instant is now better at identifying the underlying goal behind a question and carrying context across multiple turns. The company also said the model follows complex instructions more reliably, including requests with several constraints or requirements.

The update is intended to make the model more adaptive during ongoing conversations. When users add constraints or push back on an answer, GPT-5.5 Instant should adjust its approach more effectively, rather than simply repeating its original response.

The change reflects a wider shift in consumer AI systems from one-off answer generation towards more context-aware and interactive assistance.

Why does it matter?

The update shows how competition in AI assistants is moving beyond raw accuracy and benchmark performance towards conversational quality. For everyday users, the ability to understand intent, track context, follow multiple constraints and respond well to feedback can determine whether AI tools feel genuinely useful in education, work, shopping, planning and customer support.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Digital trade agreement gains legal backing in Kyrgyzstan

Kyrgyz President Sadyr Japarov has signed a law ratifying the Digital Economy Partnership Agreement between member states of the Organisation of Turkic States.

The Jogorku Kenesh adopted the law on 3 June 2026 and approved the agreement signed in Bishkek on 6 November 2024. The presidential administration said it was the first law signed in a fully digital format in Kyrgyzstan.

The agreement aims to strengthen trade relations among Turkic states through e-commerce and broader digital-economy cooperation. It also seeks to increase consumer confidence in digital services and online transactions.

The partnership covers areas including electronic commerce, consumer protection in online trade, express delivery services, personal data protection and cooperation between business communities involved in e-commerce.

The move forms part of Kyrgyzstan’s wider digital transformation agenda and adds legal backing to a regional framework for digital trade cooperation among OTS members.

Why does it matter?

The ratification supports efforts to align digital trade rules among Turkic states and make cross-border e-commerce more predictable. The agreement is relevant because it links digital economy cooperation with consumer protection, data protection and delivery infrastructure, areas that are essential for trust in online trade. It also shows how regional organisations are developing their own digital trade frameworks alongside larger global and Asia-Pacific digital economy agreements.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

EU drops browser-based cookie consent proposal from Digital Omnibus

The European Commission had proposed replacing cookie banners with an automated browser-based privacy signal as part of its ‘Digital Omnibus’ package, a move that would have allowed devices to communicate users’ tracking preferences directly to websites. The plan, outlined in Article 88b of the GDPR, was intended to cut red tape and reduce the burden on consumers navigating consent requests across the web.

According to digital rights organisation noyb, cookie banners were not created by data protection law but emerged as a mechanism for the online advertising industry to obtain users’ consent for data sharing with third parties. Studies suggest only 3 to 10 per cent of users actually wish to be tracked, yet so-called dark patterns, such as hidden ‘no’ buttons and pre-ticked boxes, allow the industry to achieve consent rates of up to 90 per cent. Across more than 450 million EU citizens, this results in billions of unnecessary clicks each year.

According to noyb, a lobbying document submitted by Google argued that removing cookie banners would effectively halt all online advertising, citing figures that the European Commission has since described as highly exaggerated. The Commission had made clear that consent would still be possible on a per-website and per-purpose basis, meaning users could grant access to specific outlets while withholding it from others. Google’s paper also claimed that media outlets would be harmed, despite the fact that they are explicitly exempt from the proposed provision.

According to noyb, the lobbying campaign appears to have influenced the legislative process. In the Council’s position paper of 18 June 2026, Article 88b was removed entirely from the Digital Omnibus. Noyb added that Germany, France, and Poland were among the member states supporting the article’s removal following lobbying by the online advertising industry.

The outcome is particularly striking given that many of the same member states have long called on the EU to simplify regulation and cut red tape. noyb, the European digital rights organisation, has described the result as a victory for lobbying over public interest, noting that the majority of EU citizens have consistently expressed frustration with cookie banners.

The European Parliament has not yet taken a position on Article 88b, and negotiations between the Parliament and the Council are ongoing. Noyb has urged the European Parliament to support reinstating Article 88b during the next stage of negotiations.

Why does it matter?

The debate highlights the growing tension between digital simplification efforts, privacy protection and the economic interests of the online advertising ecosystem. Browser-based privacy signals have long been discussed as a way to reduce repetitive consent requests while preserving users’ ability to decide when and how their personal data may be used.

The proposal’s removal also illustrates the influence that industry stakeholders can have during the EU legislative process. Whether Article 88b is reinstated during negotiations with the European Parliament could shape the future of online consent management in Europe, affecting digital advertising, user experience and the practical implementation of data protection rules.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Google expands financial ad verification across EU and EEA

Google has announced the expansion of its financial services advertiser verification programme to every country in the EU and European Economic Area, extending requirements aimed at reducing fraudulent financial advertising.

The rollout will cover 24 additional countries and builds on an existing programme already active in six EU member states and the United Kingdom.

Under the programme, advertisers seeking to promote financial products or services must complete an additional verification process showing that the relevant national regulator authorises them. Google said it will check credentials against official registries across the EU and EEA.

The requirements will be introduced in phases. Businesses will have 30 days to complete the process after notification, and unverified advertisers will have their financial services ads restricted until verification is completed.

Google said the additional requirements build on its wider advertiser identity verification programme, which it says already covers more than 98% of ads seen across the EU. The company also said its systems blocked or removed more than 1.6 billion ads in the EU last year.

The expansion comes amid continuing concern over online financial scams, including fraudulent ads that impersonate legitimate financial services providers or promote misleading investment products.

Why does it matter?

Financial scams increasingly rely on digital advertising to reach consumers at scale. Google’s expansion adds another gatekeeping layer for financial advertisers across Europe by linking ad eligibility to authorisation in official regulatory registers. The measure also shows how large platforms are being pushed, by regulators and reputational pressure, to take more responsibility for the trustworthiness of high-risk advertising categories such as finance.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

UK ICO warns against unauthorised access to patient records

The UK’s Information Commissioner’s Office (ICO) has warned that unauthorised access to patient records is a serious breach of trust and an ongoing concern across the healthcare sector. In a new blog, the regulator said medical records contain some of the most sensitive personal information and must only be accessed for legitimate reasons.

The ICO said inappropriate access remains rare and does not reflect the behaviour of most healthcare professionals. However, recent high-profile incidents suggest the problem is not confined to isolated cases and requires a stronger organisational response.

According to the regulator, personal curiosity is never a legitimate basis for accessing patient records. Deliberate or reckless access to personal data without authorisation is unlawful and may result in disciplinary measures, loss of professional registration and, in some cases, criminal prosecution.

The ICO called on healthcare leaders to strengthen organisational culture through clear communication, role-specific data protection training and technical safeguards, including role-based access controls and audit logging. Protecting patient privacy is fundamental to maintaining trust in the healthcare system in the UK.

Why does it matter?

Healthcare records contain some of the most sensitive categories of personal information, including medical histories, diagnoses and treatment details. Even isolated cases of unauthorised access can undermine public trust in healthcare institutions and raise concerns about privacy, confidentiality and professional accountability.

The warning also highlights the growing importance of data governance in healthcare. As health systems become increasingly digital and interconnected, organisations must combine technical safeguards, staff training and strong organisational culture to ensure sensitive information is accessed only when necessary and for legitimate purposes. Maintaining patient trust remains essential to the effective delivery of healthcare services.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

UK and Malaysia launch negotiations on digital trade agreement

The UK and Malaysia have launched negotiations on a digital trade agreement aimed at supporting economic growth, creating jobs and expanding cross-border digital services.

The UK government said the talks mark the next step in its effort to strengthen the country’s role as a global hub for services and digital trade. Digital trade encompasses the exchange of goods, services and data that are enabled or delivered through digital technologies.

The proposed agreement could support activities such as UK businesses selling software to overseas customers through online platforms or providing financial consultancy services remotely across borders.

The UK said standalone digital trade agreements can deliver benefits similar to digital trade chapters in traditional free trade agreements while remaining more agile, flexible and quicker to negotiate and implement.

The UK and Malaysia already maintain a growing trade relationship. The UK said bilateral trade was worth £6.4 billion in 2025, and that it exported £730 million in digitally delivered services to Malaysia in 2023. The UK also cited OECD estimates showing that exports to Malaysia supported 31,100 UK jobs in 2022.

The proposed digital trade agreement aims to make trade with Malaysia easier, cheaper, and more secure through cross-border data flows. Other potential benefits include reducing paperwork and border friction through digital systems.

The agreement could also include provisions on personal data protection, intellectual property rights, online consumer protection and cybersecurity cooperation. The UK said the deal aims to strengthen international digital and technology cooperation by supporting responsible innovation in areas such as AI and data.

The government said the agreement could create new partnerships that support more efficient supply chains, infrastructure, and global competitiveness.

UK Trade Minister Chris Bryant said launching negotiations with Malaysia marks an important step in strengthening the UK’s position as a global leader in digital trade.

Bryant said a UK-Malaysia digital trade agreement could unlock new opportunities for British businesses, support high-skilled jobs, and help firms compete in fast-growing, technology-driven markets.

Why does it matter?

Digital trade is becoming a central pillar of international economic policy as services, data flows and digital platforms play a growing role in global commerce. For economies such as the UK, which have strong services sectors, agreements that facilitate cross-border data flows and remote service delivery can create new opportunities for businesses while reducing regulatory and administrative barriers.

The negotiations also reflect a broader shift towards standalone digital trade agreements as a faster and more flexible alternative to traditional trade deals. Beyond commercial benefits, such agreements increasingly address issues including AI governance, cybersecurity, consumer protection and data regulation, making them important instruments for shaping the rules of the digital economy and strengthening international digital cooperation.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Bank of England drops stablecoin holding limits in revised framework

The Bank of England has revised its proposed regulatory approach for sterling-denominated systemic stablecoins, removing planned individual holding limits and introducing a temporary £40 billion issuance guardrail for each systemic stablecoin.

The policy statement and draft Code of Practice set out how the Bank intends to regulate stablecoin issuers that become systemic because their use in payments could pose risks to UK financial stability. The final Code of Practice is expected by the end of 2026.

The Bank said it had changed its approach following industry feedback on two key issues: backing asset composition and holding limits. Earlier proposals would have imposed individual limits of £20,000 per coin for individuals and £10 million for businesses, with possible exemptions.

Instead, the Bank now plans to use a temporary issuance guardrail, initially set at £40 billion per systemic stablecoin. The Bank said the approach would be simpler to implement while still managing credit risks as stablecoins scale.

Backing asset rules have also been adjusted. The Bank now proposes a steady-state backing asset composition of 70% short-term UK government debt and 30% unremunerated Bank of England deposits, compared with an earlier 60/40 proposal. It said the change should support more viable stablecoin business models while maintaining safeguards for financial stability.

The framework forms part of the UK’s wider stablecoin regime, under which the FCA will regulate qualifying stablecoin issuance, custody and trading, while systemic stablecoins recognised by HM Treasury will be regulated jointly by the Bank and the FCA.

The Bank said the approach is intended to support innovation and market entry while preserving trust in money, safeguarding financial stability and enabling sterling-denominated stablecoins to operate at scale.

Why does it matter?

The Bank of England’s revised approach shows the UK trying to make systemic stablecoin regulation more workable without abandoning financial stability safeguards. Removing individual holding limits addresses a major industry concern, while the £40 billion issuance guardrail keeps regulatory focus on systemic scale rather than day-to-day user holdings. The framework also matters because stablecoins are being treated as part of the UK’s future payments landscape, alongside bank deposits, tokenised deposits and potentially a retail CBDC.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Cybercriminals exploit World Cup hype with phishing schemes

Cybercriminals are exploiting World Cup interest through fake streaming platforms, phishing campaigns, counterfeit online stores and betting-related scams, according to Kaspersky researchers.

The security company said it had identified more than 336 fake websites designed to imitate official World Cup pages. Many scams target fans looking for cheaper tickets, free match streams or tournament merchandise.

Some fake streaming sites ask users to register and pay for access to matches, sometimes using cryptocurrency. Others collect personal data that can later be used in further phishing attacks.

Kaspersky also identified counterfeit merchandise shops, fraudulent betting schemes and phishing emails promoting fake offers or paid predictions. Some scams rely on urgency, limited-time claims and professional-looking websites to pressure users into sharing payment or personal information.

The company warned that AI-generated websites and more polished scam designs are making fraudulent pages harder to distinguish from legitimate services during high-demand events.

Kaspersky advised fans to use official sources, check website addresses carefully and avoid offers that promise free access, unrealistic discounts or guaranteed betting results.

Why does it matter?

Major sporting events create ideal conditions for online fraud because demand, urgency and emotion are all high. World Cup scams show how criminals combine phishing, fake e-commerce, streaming fraud and social engineering to steal money and personal data. The use of polished or AI-generated websites also reflects a wider challenge for consumer protection: scams are becoming easier to create at scale and harder for users to recognise.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

EU introduces updated crypto anti-money laundering framework for 2027

The European Union has adopted new anti-money laundering (AML) rules that will prohibit regulated crypto-asset service providers from supporting privacy-focused cryptocurrencies from July 2027. The measures form part of a broader effort to strengthen oversight of financial activities considered vulnerable to money laundering and illicit finance.

Under the framework, crypto-asset service providers, including exchanges and custodians, will be required to apply enhanced customer due diligence measures to occasional crypto transactions valued at €1,000 or more. Anonymous crypto accounts and services designed to increase transaction anonymity will also be banned within the regulated sector.

Despite the stricter requirements, direct transfers between self-hosted crypto wallets will not be subject to mandatory identity verification obligations. Customer identification obligations will apply primarily when regulated intermediaries are involved, while peer-to-peer transactions conducted without such entities remain outside the scope of the rules.

Beyond digital assets, the regulation introduces a €10,000 cap on commercial cash payments across the EU and expands AML obligations to additional sectors, including professional football, crowdfunding platforms, luxury goods dealers, and investment migration businesses.

New beneficial ownership disclosure requirements will also apply to companies, trusts, and certain non-EU entities operating within the EU.

Why does it matter? 

The reforms represent one of the EU’s most significant efforts to create a unified anti-money laundering framework across member states. By introducing common standards for crypto-assets, cash transactions, beneficial ownership transparency and customer due diligence, the rules aim to reduce regulatory fragmentation and strengthen the bloc’s ability to detect and prevent illicit financial activity.

The measures also signal the continued integration of crypto-assets into mainstream financial regulation. While the EU is imposing stricter requirements on regulated intermediaries and anonymity-enhancing services, it is maintaining a distinction between supervised financial activity and peer-to-peer transactions involving self-hosted wallets. The balance struck by the framework may influence future AML approaches in other jurisdictions seeking to regulate digital assets while preserving elements of decentralised finance.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Apple expands app distribution options in Brazil

Apple will introduce changes to iOS in Brazil following an agreement with the country’s competition regulator, Conselho Administrativo de Defesa Econômica.

The changes, beginning with iOS 26.5, will give developers new options to distribute apps through alternative app marketplaces, operate those marketplaces and process payments for digital goods and services outside Apple’s In-App Purchase system.

Apple said the changes reflect a recent agreement with CADE and are intended to create new options for developers in Brazil. The agreement follows competition scrutiny of Apple’s App Store rules in the country.

The company warned that alternative app distribution and payment options may create new risks, including malware, fraud, scams and privacy and security concerns. It said it has worked with CADE on measures designed to reduce those risks, including app notarisation, marketplace authorisation and protections for children.

Apple also said all current members of the Apple Developer Program must agree to updated licence terms by 6 July 2026 to access the new options in Brazil. The company has made online appointments available for developers seeking more information.

Why does it matter?

The changes show how competition enforcement is reshaping closed app ecosystems beyond the EU. Brazil’s intervention adds pressure on Apple to allow alternative distribution and payment models while preserving security and privacy safeguards. The case also highlights a recurring policy tension: regulators want more competition and developer choice, while Apple argues that opening iOS can increase risks for users.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Diplo chatbot can make mistakes. Consider checking important information.