EU negotiations over the controversial ‘chat control’ proposal have once again failed to reach a breakthrough, leaving the future of the plan uncertain. The European Commission’s three-year-old proposal aims to curb the spread of child sexual abuse material by allowing authorities to require chat services to screen messages before they are encrypted.
Critics, however, warn that such measures would undermine privacy and amount to state surveillance of private communications.
Under the plan, chat services could only be ordered to scan messages after approval from a judicial authority, and the system would target known child abuse images stored in databases. Text-based messages would not be monitored, according to the Danish EU presidency, which insists that sufficient safeguards are in place.
Despite those assurances, several member states remain unconvinced. Germany has yet to reach a unified position, with Justice Minister Stefanie Hubig stressing that ‘chat control without cause must be taboo in a rule of law.’
Belgium, too, continues to deliberate, with Interior Minister Bernard Quintin calling for a ‘balanced and proportional’ approach between privacy protection and child safety.
The debate remains deeply divisive across Europe, as lawmakers and citizens grapple with a difficult question. How to effectively combat online child abuse without sacrificing the right to private communication?
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Joining the broader trend, Denmark plans to ban children under 15 from using social media as Prime Minister Mette Frederiksen announced during her address to parliament on Tuesday.
Describing platforms as having ‘stolen our children’s childhood’, she said the government must act to protect young people from the growing harms of digital dependency.
Frederiksen urged lawmakers to ‘tighten the law’ to ensure greater child safety online, adding that parents could still grant consent for children aged 13 and above to have social media accounts.
Although the proposal is not yet part of the government’s legislative agenda, it builds on a 2024 citizen initiative that called for banning platforms such as TikTok, Snapchat and Instagram.
The prime minister’s comments reflect Denmark’s broader push within the EU to require age verification systems for online platforms.
Her statement follows a broader debate across Europe over children’s digital well-being and the responsibilities of tech companies in verifying user age and safeguarding minors.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Google researchers have unveiled CodeMender, an AI-powered agent designed to automatically detect and fix software vulnerabilities.
The tool aims to improve code security by generating and applying patches that address critical flaws, allowing developers to focus on building reliable software instead of manually locating and repairing weaknesses.
Built on the Gemini Deep Think models, CodeMender operates autonomously, identifying vulnerabilities, reasoning about the underlying code, and validating patches to ensure they are correct and do not introduce regressions.
Over the past six months, it has contributed 72 security fixes to open source projects, including those with millions of lines of code.
The system combines advanced program analysis with multi-agent collaboration to strengthen its decision-making. It employs techniques such as static and dynamic analysis, fuzzing and differential testing to trace the root causes of vulnerabilities.
Each proposed fix undergoes rigorous validation before being reviewed by human developers to guarantee quality and compliance with coding standards.
According to Google, CodeMender’s dual approach (reactively patching new flaws and proactively rewriting code to eliminate entire vulnerability classes) represents a major step forward in AI-driven cybersecurity.
The company says the tool’s success demonstrates how AI can transform the maintenance and protection of modern software systems.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Despite privacy concerns and parliamentary criticism, the Dutch Tax Administration will move much of its digital workplace to Microsoft’s cloud. State Secretary Eugène Heijnen told lawmakers that no suitable European alternatives met the technical, legal, and functional requirements.
Privacy advocates warn that using a US-based provider could put compliance with GDPR at risk, especially when data may leave the EU. Concerns about long-term dependency on a single cloud vendor have also been raised, making future transitions costly and complex.
Heijnen said sensitive documents would remain on internal servers, while cloud services would handle workplace functions. Employees had complained that the current system was inefficient and difficult to use.
The Court of Audit reported earlier this year that nearly two-thirds of the Dutch government’s public cloud services had not been properly risk-assessed. Despite this, Heijnen insisted that Microsoft offered the most viable option.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The US National Institute of Standards and Technology (NIST) has updated its password guidelines, urging organisations to drop strict complexity rules. NIST states that requirements such as mandatory symbols and frequent resets often harm usability without significantly improving security.
Instead, the agency recommends using blocklists for breached or commonly used passwords, implementing hashed storage, and rate limiting to resist brute-force attacks. Multi-factor authentication and password managers are encouraged as additional safeguards.
Password length remains essential. Short strings are easily cracked, but users should be allowed to create longer passphrases. NIST recommends limiting only extremely long passwords that slow down hashing.
The new approach replaces mandatory resets with changes triggered only after suspected compromise, such as a data breach. NIST argues this method reduces fatigue while improving overall account protection.
Businesses adopting these guidelines must audit their existing policies, reconfigure authentication systems, deploy blocklists, and train employees to adapt accordingly. Clear communication of the changes will be key to ensuring compliance.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
The University of Pennsylvania’s engineering team has made a breakthrough that could bring the quantum internet much closer to practical use. Researchers have demonstrated that quantum and classical networks can share the same backbone by transmitting quantum signals over standard fibre optic infrastructure using the same Internet Protocol (IP) that powers today’s web.
Their silicon photonics ‘Q-Chip’ achieved over 97% fidelity in real-world field tests, showing that the quantum internet does not necessarily require building entirely new networks from scratch.
That result, while highly technical, has far-reaching implications. Beyond physics and computer science, it raises urgent questions for governance, national infrastructures, and the future of digital societies.
Quantum signals were transmitted as packets with classical headers readable by conventional routers, while the quantum information itself remained intact.
Noise management
The chip corrected disturbances by analysing the classical header without disturbing the quantum payload. An interesting fact is that the test ran on a Verizon fibre link between two buildings, not just in a controlled lab.
That fact makes the experiment different from earlier advances focusing mainly on quantum key distribution (QKD) or specialised lab setups. It points toward a future in which quantum networking and classical internet coexist and are managed through similar protocols.
Implications for governance and society
Government administration
Governments increasingly rely on digital infrastructure to deliver services, store sensitive records, and conduct diplomacy. The quantum internet could provide secure e-government services resistant to espionage or tampering, protected digital IDs and voting systems, reinforcing democratic integrity, and classified communication channels that even future quantum computers cannot decrypt.
That positions quantum networking as a sovereignty tool, not just a scientific advance.
Healthcare
Health systems are frequent targets of cyberattacks. Quantum-secured communication could protect patient records and telemedicine platforms, enable safe data sharing between hospitals and research centres, support quantum-assisted drug discovery and personalised medicine via distributed quantum computing.
Here, the technology directly impacts citizens’ trust in digital health.
Critical infrastructure and IT systems
National infrastructures, such as energy grids, financial networks, and transport systems, could gain resilience from quantum-secured communication layers.
In addition, quantum-enhanced sensing could provide more reliable navigation independent of GPS, enable early-warning systems for earthquakes or natural disasters, and strengthen resilience against cyber-sabotage of strategic assets.
Citizens and everyday services
For ordinary users, the quantum internet will first be invisible. Their emails, bank transactions, and medical consultations will simply become harder to hack.
Over time, however, quantum-secured platforms may become a market differentiator for banks, telecoms, and healthcare providers.
Citizens and universities may gain remote access to quantum computing resources, democratising advanced research and innovation.
Building a quantum-ready society
The Penn experiment matters because it shows that quantum internet infrastructure can evolve on top of existing systems. For policymakers, this raises several urgent points.
Standardisation
International bodies (IETF, ITU-T, ETSI) will need to define packet structures, error correction, and interoperability rules for quantum-classical networks.
Strategic investment
Countries face a decision whether to invest early in pilot testbeds (urban campuses, healthcare systems, or government services).
Cybersecurity planning
Quantum internet deployment should be aligned with the post-quantum cryptography transition, ensuring coherence between classical and quantum security measures.
Public trust
As with any critical infrastructure, clear communication will be needed to explain how quantum-secured systems benefit citizens and why governments are investing in them.
Key takeaways for policymakers
Quantum internet is governance, not just science. The Penn breakthrough shows that quantum signals can run on today’s networks, shifting the conversation from pure research to infrastructure and policy planning.
Governments should treat the quantum internet as a strategic asset, protecting national administrations, elections, and critical services from future cyber threats.
Early adoption in health systems could secure patient data, telemedicine, and medical research, strengthening public trust in digital services.
International cooperation (IETF, ITU-T, ETSI) will be needed to define protocols, interoperability, and security frameworks before large-scale rollouts.
Policymakers should align quantum network deployment with the global transition to post-quantum encryption, ensuring coherence across digital security strategies.
Governments could start with small-scale testbeds (smart cities, e-government nodes, or healthcare networks) to build expertise and shape standards from within.
Why does it matter?
The University of Pennsylvania’s ‘Q-Chip’ is a proof-of-concept that quantum and classical networks can speak the same language. While technical challenges remain, especially around scaling and quantum repeaters, the political and societal questions can no longer be postponed.
The quantum internet is not just a scientific project. It is emerging as a strategic infrastructure for the digital state of the future. Governments, regulators, and international organisations must begin preparing today so that tomorrow’s networks deliver speed and efficiency, trust, sovereignty, and resilience.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
A global survey commissioned by Yubico suggests that younger workers are more vulnerable to phishing scams than older generations. Gen Z respondents reported the highest level of interaction with phishing messages, with 62 percent admitting they engaged with a scam in the past year.
The study gathered responses from 18,000 employed adults in nine countries, including the UK, US, France, and Japan. In the past twelve months, 44 percent of participants admitted to clicking on or replying to a phishing message.
AI is raising the stakes for cybersecurity. Seventy percent of those surveyed believe phishing has become more effective due to AI, and 78 percent said the attacks seem more sophisticated. More than half could not confidently identify a phishing email when shown one.
Despite growing risks, cyber defences remain patchy. Only 48 percent said their workplace used multi-factor authentication across all services, and 40 percent reported never receiving cybersecurity training from their employer.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Hackers have targeted up to two million Cisco devices using a newly disclosed vulnerability in the company’s networking software. The flaw, tracked as CVE-2025-20352, affects all supported versions of Cisco IOS and IOS XE, which power many routers and switches.
Cisco confirmed that attackers have exploited the weakness in the wild, crashing systems, implanting malware, and potentially extracting sensitive data. The campaign builds on previous activity by the same threat group, which has also exploited Cisco Adaptive Security Appliance devices.
Attackers gained access after local administrator credentials were compromised, allowing them to implant malware and execute commands. The company’s Product Security Incident Response Team urged customers to upgrade immediately to fixed software releases to secure their systems.
The Canadian Centre for Cyber Security has warned organisations about sophisticated malware exploiting flaws in outdated Cisco ASA devices, urging immediate patching and stronger defences to protect critical systems.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Ant International has introduced AI SHIELD, a security framework to protect AI systems used in financial services. The toolkit aims to reduce risks such as fraud, bias, and misuse in AI applications like fraud detection, payment authorisation, and customer chatbots.
At the centre of AI SHIELD is the AI Security Docker, which applies safeguards throughout development and deployment. The framework includes authentication of AI agents, continuous monitoring to block threats in real time, and ongoing adversarial testing.
Ant said the system will support over 100 million merchants and 1.8 billion users worldwide across services like Alipay+, Antom, Bettr, and WorldFirst. It will also defend against deepfake attacks and account takeovers, with the firm claiming its EasySafePay 360 tool can cut such incidents by 90%.
The initiative is part of Ant’s wider role in setting industry standards, including its work with Google on the Agent Payments Protocol, which defines how AI agents transact securely with user approval.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The UK government has announced plans to make digital ID mandatory for proving the right to work by the end of the current Parliament, expected no later than 2029. Prime Minister Sir Keir Starmer said the scheme would tighten controls on illegal employment while offering wider benefits for citizens.
The digital ID will be stored on smartphones in a format similar to contactless payment cards or the NHS app. It is expected to include core details such as name, date of birth, nationality or residency status, and a photo.
The system aims to provide a more consistent and secure alternative to paper-based checks, reducing the risk of forged documents and streamlining verification for employers.
Officials believe the scheme could extend beyond employment, potentially simplifying access to driving licences, welfare, childcare, and tax records.
A consultation later in the year will decide whether additional data, such as residential addresses, should be integrated. The government has also pledged accessibility for citizens unable to use smartphones.
The proposal has faced political opposition, with critics warning of privacy risks, administrative burdens, and fears of creating a de facto compulsory ID card system.
Despite these objections, the government argues that digital ID will strengthen border controls, counter the shadow economy, and modernise public service access.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
