Internet of things

UK plans major social media ban for under-16s

The UK government plans to introduce a social media ban for children under 16 as part of a wider package of online safety measures aimed at reducing children’s exposure to harmful content and risky online interactions.

Prime Minister Keir Starmer said the planned restrictions are intended to protect children from harmful material, excessive screen time and contact with unknown adults online. The measure is expected to apply to major social media platforms, while gaming and livestreaming services could face restrictions on features that allow children to interact with strangers.

The move follows a national consultation on children’s online safety, which examined possible age restrictions on social media and other online services, as well as limits on addictive design features and risky functionalities.

Further details are expected on implementation and enforcement, including how platforms would be required to verify users’ ages. The government has previously said that restrictions on children’s access to social media should be considered alongside broader protections for gaming platforms, AI chatbots and other online services used by young people.

The proposal would place the UK among a growing number of countries moving towards age-based restrictions on children’s access to social media. Australia has already adopted an under-16 social media ban, while other governments are considering similar approaches.

Supporters argue that age restrictions could reduce online harms and give parents clearer backing in setting boundaries for children’s technology use. Critics warn that enforcement may raise privacy concerns, increase reliance on age-verification systems and push children towards less regulated online spaces.

Why does it matter?

The proposal would move the UK closer to an age-based model of online safety regulation, where platforms may be expected to prevent under-16s from accessing certain services rather than only reduce harmful content after children join. That raises major governance questions around age assurance, privacy, platform design, parental responsibility and enforcement. The measure could also increase pressure on social media, gaming, livestreaming and AI chatbot services to redesign features that expose children to unknown adults, addictive interaction patterns or harmful content.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Singapore warns of Microsoft impersonation scams causing major losses

The Singapore Police Force (SPF) and the Cyber Security Agency of Singapore (CSA) have warned the public about technical support scams that impersonate Microsoft. Authorities said at least 10 cases had been reported since February 2026, with total losses exceeding S$1.7 million.

In this scam variant, victims typically encounter a pop-up alert in their web browser. The alert falsely appears to originate from Microsoft and claims that the user’s device has been hacked or compromised.

Victims are then instructed to contact a so-called technical support officer through an internet-based phone number. After making contact, victims may be transferred to another scammer posing as a police officer, who claims that their device has been used for criminal activities such as money laundering.

Authorities in Singapore said victims may be instructed to make bank transfers, provide banking credentials, or grant remote access to their devices. In some cases, scammers asked victims to download remote access applications or click links that allowed them to take control of bank accounts.

SPF and CSA advised members of the public to verify alerts through official software provider channels. They noted that Microsoft does not include phone numbers in error or warning messages, and that users should not call numbers displayed in suspicious pop-ups or click links or buttons within such alerts.

People who believe they have fallen victim to the scam are advised to disconnect their computer from the internet, contact their bank, remove applications installed under the scammer’s instructions, and run an anti-virus scan. They should also change passwords and banking credentials using a trusted device, remove unauthorised payees, and report the incident to the police and CSA’s SingCERT.

Why does it matter?

Technical support scams remain one of the most effective forms of cyber-enabled fraud because they combine social engineering, impersonation and remote access techniques. By exploiting trust in well-known brands such as Microsoft and creating a sense of urgency, scammers can persuade victims to hand over sensitive information or direct access to their devices.

The cases also highlight how cybersecurity and financial security are increasingly interconnected. Basic cyber hygiene practices, such as verifying security alerts through official channels, avoiding unsolicited remote access requests and reporting incidents quickly, can help prevent account compromise and reduce financial losses.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Starlink enters European ultra-low-cost flights through Wizz Air

Wizz Air has announced plans to roll out Starlink connectivity across its fleet from 2027, bringing low-Earth-orbit satellite internet to the European ultra-low-cost airline market.

The airline said it would become the first European ultra-low-cost carrier to offer Starlink’s in-flight internet technology to passengers. The service is expected to provide high-speed, low-latency connectivity during flights.

The move is significant because high-quality in-flight internet has often been treated as a premium service or a paid add-on, rather than a standard feature for low-cost travel. Wizz Air said passengers should not have to choose between affordable fares and reliable onboard connectivity.

The rollout would place Wizz Air among a growing group of airlines using Starlink to upgrade in-flight internet. Several full-service and hybrid carriers have already announced or begun Starlink deployments, but low-cost airlines have been more cautious because of installation, operating, weight and fuel-cost concerns.

Wizz Air’s decision suggests that satellite-based connectivity is moving beyond premium cabins and long-haul carriers into mass-market aviation. If implemented across the fleet, the service could change passenger expectations for affordable short- and medium-haul travel.

Ian Malin, Wizz Air’s Chief Commercial Officer, said ultra-low-cost travel has been about making opportunities accessible to more people and that the airline now wants to extend that approach to connectivity.

Starlink, operated by SpaceX, uses low-Earth orbit satellites to provide broadband connectivity with lower latency than traditional satellite internet systems. Its growing use in aviation reflects the wider expansion of satellite internet into transport, consumer connectivity and digital infrastructure markets.

Why does it matter?

The story matters because Starlink is helping shift in-flight connectivity from a premium airline feature towards a broader digital access expectation. If ultra-low-cost carriers can offer reliable satellite internet without undermining their fare model, connected air travel could become more common across short- and medium-haul routes. The move also shows how low-Earth-orbit satellite networks are expanding into mainstream transport infrastructure, not just for rural broadband or emergency connectivity.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU court annuls Meta Marketplace designation

The General Court of the European Union has annulled the European Commission’s decision designating Meta as a gatekeeper for Marketplace under the Digital Markets Act, while upholding the company’s designation for Messenger.

The case concerned the Commission’s 5 September 2023 decision designating Meta as a gatekeeper for several core platform services, including Facebook, Messenger, and Marketplace. Meta challenged the decision in part, contesting the classification of Messenger and Marketplace as important gateways under the DMA.

The General Court upheld the Commission’s assessment of Messenger, finding that the service is a number-independent interpersonal communications service distinct from Facebook. The court said Messenger is available through standalone applications, can be used independently of Facebook, and includes tools that allow businesses to engage with users.

The court also found that the Commission did not have to count only Messenger users who were not also Facebook users when assessing whether the quantitative threshold under the DMA was met. It also said the Commission was not required to open a market investigation in the absence of sufficiently substantiated arguments from Meta calling the DMA presumptions into question.

For Marketplace, the court found that the Commission erred in law by relying only on data from the three years preceding designation without taking account of changes made at the end of July 2023. Those changes limited the number of listings that could be published per user and led to the disappearance of the criterion used by the Commission to identify business users.

The court also found that the Commission had not provided sufficient reasoning for classifying Marketplace as an online intermediation service. It said the Commission failed to provide a concrete analysis of the July 2023 changes or to explain their effect on whether Marketplace-enabled business users could offer goods and services to consumers.

As a result, the decision was annulled only to the extent that it designated Meta as a gatekeeper for Marketplace. Meta’s Messenger designation remains in place.

Why does it matter?

The judgement is an important test of how the EU courts will review Digital Markets Act gatekeeper designations. It confirms that the Commission can rely on DMA presumptions where companies do not provide sufficiently substantiated counterarguments, as seen with Messenger. But it also shows that the Commission must properly assess relevant changes and provide sufficient reasoning when classifying a service as a core platform service, as the Marketplace annulment demonstrates.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Singapore and Japan launch mutual recognition of IoT cybersecurity labels

Singapore and Japan have launched mutual recognition of their cybersecurity labelling schemes for Internet of Things (IoT) under a Memorandum of Cooperation that entered into force on 1 June 2026. The arrangement covers Singapore’s Cybersecurity Labelling Scheme and Japan’s JC-STAR scheme.

The Memorandum of Cooperation was signed by Rahayu Mahzam, Singapore’s Minister of State for Digital Development and Information, and Ino Toshiro, Japan’s State Minister of Economy, Trade and Industry. The Cyber Security Agency of Singapore (CSA) and Japan’s Ministry of Economy, Trade and Industry agreed to recognise cybersecurity labels issued under either scheme.

IoT devices certified under either Japan’s JC-STAR scheme or Singapore’s Cybersecurity Labelling Scheme will be eligible for streamlined recognition in the other market. Covered products include smart home assistants, home automation and alarm systems, and IoT gateways and hubs that connect multiple devices.

Japan is the fifth country to establish such an arrangement with Singapore, following Finland, Germany, South Korea, and the United Kingdom. According to Singapore authorities, the arrangement is expected to support stronger cybersecurity practices for connected devices, reduce certification burdens for manufacturers, and increase consumer confidence in smart technologies.

The CSA launched the Cybersecurity Labelling Scheme in 2020. Since then, it has received applications for more than 1,000 products, including routers, smart lighting, and smart cameras.

Why does it matter?

Connected devices are increasingly used in homes, businesses, and critical services, making cybersecurity a growing concern for governments and consumers. Cybersecurity labelling schemes are designed to help buyers identify products that meet recognised security requirements while encouraging manufacturers to improve security practices.

By recognising each other’s certification schemes, Singapore and Japan are reducing regulatory barriers and promoting greater interoperability in cybersecurity standards. The agreement also reflects broader international efforts to strengthen trust and security in the rapidly expanding IoT ecosystem.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

European Commission’s proposal strengthens mobile satellite services rules

The European Commission has proposed a new EU-level authorisation system for mobile satellite services using the harmonised 2 GHz frequency band, following the expiry of current licences in 2027.

The proposal would establish a selection procedure for mobile satellite service providers authorised to use the 2 GHz band across all EU member states. According to the Commission, EU-level authorisation would support regulatory consistency and allow operators to develop and provide services across borders.

The 2 GHz mobile satellite services band is suited to direct-to-device services, including satellite and terrestrial connectivity directly to mobile devices. It can support high-speed internet and critical communications in areas without terrestrial coverage.

Under the proposal, one-third of the band would be reserved for governmental use, including critical communications, security, and military purposes. The services would be provided by an EU operator, which would be required to integrate with IRIS², the EU’s Secure Connectivity programme, and its current and future capabilities.

The remaining two-thirds would be allocated to commercial uses, including direct-to-device services, mobile coverage where terrestrial networks are unavailable, and internet of things applications such as fitness trackers, energy monitoring, and emergency response devices.

The commercial portion would be split equally between use by the EU operators entering the market and use by the EU and non-EU operators. The structure is intended to diversify suppliers and support the entry of the EU providers.

The proposed regulation would replace the 2008 decision that selected the current operators. The Commission said the proposal is consistent with the Digital Networks Act approach, under which satellite spectrum would be authorised at the EU level on a single set of conditions.

Why does it matter?

The proposal links satellite spectrum policy to Europe’s wider goals around connectivity, resilience, security, defence, and technological sovereignty. By moving towards EU-level authorisation for the 2 GHz band, the Commission is trying to reduce regulatory fragmentation while supporting direct-to-device services, critical communications, and future integration with IRIS².

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK expert panel to shape online safety policy

The UK Department for Science, Innovation and Technology has published the terms of reference for the Growing Up in the Online World expert panel, an independent group that will advise the government on children’s digital experiences.

The panel will provide impartial, evidence-based advice to support government policy development on children’s online well-being. Its remit includes digital technology, social media, gaming, AI chatbots, and proposals under the Growing up in the online world consultation.

DSIT said the panel will help identify evidence gaps and priority research needs for 2026 to 2027 and beyond. It is also intended to provide independent assurance that policy options are considered in the context of the evolving evidence base.

The panel’s responsibilities include reviewing emerging data on children’s online experiences, online safety, and design interventions. It will also scrutinise DSIT’s presentation of consultation evidence, identify risks and dependencies, and provide recommendations to inform advice to ministers.

Members will serve in a personal capacity and must declare conflicts of interest. DSIT said it will publish the panel’s membership once it has been agreed, along with declarations of conflicts of interest.

The panel will bring together expertise in child development, psychology, education, digital harms, online safety, behavioural science, platform design, data infrastructure, algorithmic systems, ethics, safeguarding, equality, human rights, and lived experience.

DSIT expects the panel to meet monthly via Microsoft Teams for the initial 4-month period, with additional meetings around key milestones. The panel will not set government policy, publish independent reports, represent employers or sectors, or engage with media on behalf of DSIT.

Why does it matter?

The panel shows how the UK is trying to ground children’s online safety and well-being policy in a broader evidence base covering platform design, AI chatbots, gaming, behavioural science, safeguarding, and lived experience. Its creation also points to a more formal advisory process around future policy choices, even though the panel itself will not set policy.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU advances DSA researcher access with platform roundtable

The European Commission and a group of Digital Services Coordinators have held a roundtable with Very Large Online Platforms and Very Large Online Search Engines to support the first data access requests by vetted researchers under the Digital Services Act.

The meeting focused on the new mechanism for submitting vetted researcher status applications. The DSA and its delegated act give researchers a route to request platform data needed to study systemic risks and societal impacts, while adding safeguards to prevent misuse of accessed data.

Digital Services Coordinators told participants that they had received 49 applications for assessment as of 19 May. The applications mainly request data from social media platforms and focus on risks such as illegal content, advertising transparency and AI features.

The roundtable forms part of the EU’s wider supervision of designated platforms under the DSA. The regime applies to major online services that meet the threshold for Very Large Online Platforms or Very Large Online Search Engines, including XNXX, which was designated as a Very Large Online Platform in 2024 and is therefore subject to stricter transparency, risk assessment and researcher access duties.

The Commission said Digital Services Coordinators are assessing the applications and preparing guidance to help researchers navigate the process. VLOPs and VLOSEs also shared updates on their work to manage data access requests and make data catalogues available.

Although Digital Services Coordinators assess individual applications, the Commission remains responsible for enforcing VLOP and VLOSE compliance with vetted researcher data access obligations. It said it would closely monitor whether platforms provide researchers with access to data as required under the DSA.

The Commission noted that it has already taken action on research-related transparency obligations under the DSA, including proceedings, commitments from AliExpress and the first non-compliance decision and fine issued to X.

Why does it matter?

The roundtable marks an important step toward operationalising DSA researchers’ access. Independent researchers need platform data to study systemic risks such as illegal content, advertising transparency, AI-driven features and risks linked to large online platforms, including adult services such as XNXX. The process will test whether the DSA can turn platform transparency from a legal obligation into usable evidence for public-interest research, while balancing access with privacy, security and safeguards against misuse.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

OpenAI tests financial data integration in ChatGPT

OpenAI has launched a preview of a personal finance experience in ChatGPT for Pro users in the United States. The feature allows users to connect financial accounts, view a dashboard, and ask questions based on their financial data.

The feature is available on web and iOS apps and supports more than 12,000 financial institutions. OpenAI said the preview will initially be available to a smaller group of users before expanding more broadly.

Users can connect accounts through Plaid, with Intuit support planned. Once authenticated, ChatGPT syncs and categorises financial data, allowing users to view portfolio performance, spending, subscriptions, upcoming payments, and other financial activity.

OpenAI said the feature supports questions related to budgeting, planning, subscriptions, investments, and spending activity. OpenAI said ChatGPT is intended to help users review financial information but is not a substitute for professional financial advice.

Users can also choose to save financial context as ‘Financial memories’ for future conversations, according to OpenAI. OpenAI says those memories are a dedicated type of memory used specifically for financial conversations and can be viewed or deleted from the Finances page.

OpenAI said connected accounts allow access to balances, transactions, investments, and liabilities, but not full account numbers or account controls. Users can disconnect accounts at any time, after which synced account data will be deleted from OpenAI’s systems within 30 days.

Conversations with connected financial accounts default to GPT-5.5 Thinking. OpenAI said it worked with finance professionals to evaluate the feature on personal finance tasks and response quality.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

YouTube expands AI likeness detection tool to more creators

YouTube said it is expanding its AI likeness detection tool to all eligible creators over 18, allowing more users to identify and request the removal of unauthorised AI-generated videos that use their facial likeness.

The company said the feature, available through YouTube Studio, is intended to detect altered or synthetic videos that may depict a user’s face. Once enrolled, users can review detected matches and request the removal of content that violates YouTube’s Privacy Guidelines.

The platform said likeness detection had recently been introduced as a pilot for creators in the YouTube Partner Program and will now roll out gradually over the coming weeks to all eligible creators aged 18 or older.

YouTube said the tool is intended to help users understand where their likeness appears, safeguard their identity, and protect audiences from being misled by AI-generated depictions.

To enrol, users must grant the platform permission to use likeness-detection technology and complete a one-time verification process. According to YouTube, the tool works only on facial likeness and does not cover other identifying features such as voice.

YouTube said removal requests will be assessed under YouTube’s privacy policy, including whether the content is realistic, whether it is labelled as AI-generated, and whether the person can be uniquely identified. The company also provides exceptions for content such as parody or satire.

YouTube spokesperson Jack Malon said:

‘With this expansion, we’re making clear that whether creators have been uploading to YouTube for a decade or are just starting, they’ll have access to the same level of protection.’

The expansion follows earlier testing with creators and broader availability for groups including public officials, politicians, journalists, and the entertainment industry. It comes amid growing concern about deepfakes affecting both public figures and private individuals.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.