Jurisdiction Archives | Digital Watch Observatory

How early internet choices shaped today’s AI

Two decisions taken on the same day in February 1996 continue to shape how the internet, and now AI, is governed today. That is the central argument of Jovan Kurbalija’s blog ‘Thirty years of Original Sin of digital and AI governance,’ which traces how early legal and ideological choices created a lasting gap between technological power and public accountability.

The first moment unfolded in Davos, where John Perry Barlow published his Declaration of the Independence of Cyberspace, portraying the internet as a realm beyond the reach of governments and existing laws. According to Kurbalija, this vision helped popularise the idea that digital space was fundamentally separate from the physical world, a powerful narrative that encouraged the belief that technology should evolve faster than, and largely outside of, politics and law.

In reality, the blog argues, there is no such thing as a stateless cyberspace. Every online action relies on physical infrastructure, data centres, and networks that exist within national jurisdictions. Treating the internet as a lawless domain, Kurbalija suggests, was less a triumph of freedom than a misconception that sidelined long-standing legal and ethical traditions.

The second event happened the same day in Washington, D.C., when the United States enacted the Communications Decency Act. Hidden within it was Section 230, a provision that granted internet platforms broad immunity from liability for the content they host. While originally designed to protect a young industry, this legal shield remains in place even as technology companies have grown into trillion-dollar corporations.

Kurbalija notes that the myth of a separate cyberspace and the legal immunity of platforms reinforced each other. The idea of a ‘new world’ helped justify why old legal principles should not apply, despite early warnings, including from US judge Frank Easterbrook, that existing laws were sufficient to regulate new technologies by focusing on human relationships rather than technical tools.

Today, this unresolved legacy has expanded into the realm of AI. AI companies, the blog argues, benefit from the same logic of non-liability, even as their systems can amplify harm at a scale comparable to, or even greater than, that of other heavily regulated industries.

Kurbalija concludes that addressing AI’s societal impact requires ending this era of legal exceptionalism and restoring a basic principle that those who create, deploy, and profit from technology must also be accountable for its consequences.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU strengthens cyber defence after attack on Commission mobile systems

A cyber-attack targeting the European Commission’s central mobile infrastructure was identified on 30 January, raising concerns that staff names and mobile numbers may have been accessed.

The Commission isolated the affected system within nine hours instead of allowing the breach to escalate, and no mobile device compromise was detected.

Also, the Commission plans a full review of the incident to reinforce the resilience of internal systems.

Officials argue that Europe faces daily cyber and hybrid threats targeting essential services and democratic institutions, underscoring the need for stronger defensive capabilities across all levels of the EU administration.

CERT-EU continues to provide constant threat monitoring, automated alerts and rapid responses to vulnerabilities, guided by the Interinstitutional Cybersecurity Board.

These efforts support the broader legislative push to strengthen cybersecurity, including the Cybersecurity Act 2.0, which introduces a Trusted ICT Supply Chain to reduce reliance on high-risk providers.

Recent measures are complemented by the NIS2 Directive, which sets a unified legal framework for cybersecurity across 18 critical sectors, and the Cyber Solidarity Act, which enhances operational cooperation through the European Cyber Shield and the Cyber Emergency Mechanism.

Together, they aim to ensure collective readiness against large-scale cyber threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Czechia weighs under-15 social media ban as government debate intensifies

A ban on social media use for under-15s is being weighed in Czechia, with government officials suggesting the measure could be introduced before the end of the year.

Prime Minister Andrej Babiš has voiced strong support and argues that experts point to potential harm linked to early social media exposure.

France recently enacted an under-15 restriction, and a growing number of European countries are exploring similar limits rather than relying solely on parental guidance.

The discussion is part of a broader debate about children’s digital habits, with Czech officials also considering a ban on mobile phones in schools. Slovakia has already adopted comparable rules, giving Czech ministers another model to study as they work on their own proposals.

Not all political voices agree on the direction of travel. Some warn that strict limits could undermine privacy rights or diminish online anonymity, while others argue that educational initiatives would be more effective than outright prohibition.

UNICEF has cautioned that removing access entirely may harm children who rely on online platforms for learning or social connection instead of traditional offline networks.

Implementing a nationwide age restriction poses practical and political challenges. The government of Czechia heavily uses social media to reach citizens, complicating attempts to restrict access for younger users.

Age verification, fair oversight and consistent enforcement remain open questions as ministers continue consultations with experts and service providers.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

New York moves toward data centre moratorium as energy fears grow

Lawmakers in New York have proposed a three-year moratorium on permits for new data centres amid pressure to address the strain prominent AI facilities place on local communities.

The proposal mirrors similar moves in several other states and reflects rising concern that rapidly expanding infrastructure may raise electricity costs and worsen environmental conditions rather than supporting balanced development.

Politicians from both major parties have voiced unease about the growing power demand created by data-intensive services. Figures such as Bernie Sanders and Ron DeSantis have warned that unchecked development could drive household bills higher and burden communities.

More than 230 environmental organisations recently urged Congress to consider a national pause to prevent further disruption.

The New York bill, sponsored by Liz Krueger and Anna Kelles, aims to give regulators time to build strict rules before major construction continues. Krueger described the state as unprepared for the scale of facilities seeking entry, arguing that residents should not be left covering future costs.

Supporters say a temporary halt would provide time to design policies that protect consumers rather than encourage unrestrained corporate expansion.

Governor Kathy Hochul recently announced the Energize NY Development initiative, intended to modernise the grid connection process and ensure large energy users contribute fairly.

The scheme would require data centre operators to improve their financial responsibility as New York reassesses its approach to extensive AI-driven infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

OpenClaw faces rising security pushback in South Korea

Major technology companies in South Korea are tightening restrictions on OpenClaw after rising concerns about security and data privacy.

Kakao, Naver and Karrot Market have moved to block the open-source agent within corporate networks, signalling a broader effort to prevent sensitive information from leaking into external systems.

Their decisions follow growing unease about how autonomous tools may interact with confidential material, rather than remaining contained within controlled platforms.

OpenClaw serves as a self-hosted agent that performs actions on behalf of a large language model, acting as the hands of a system that can browse the web, edit files and run commands.

Its ability to run directly on local machines has driven rapid adoption, but it has also raised concerns that confidential data could be exposed or manipulated.

Industry figures argue that companies are acting preemptively to reduce regulatory and operational risks by ensuring that internal materials never feed external training processes.

China has urged organisations to strengthen protections after identifying cases of OpenClaw running with inadequate safeguards.

Security analysts in South Korea warn that the agent’s open-source design and local execution model make it vulnerable to misuse, especially when compared to cloud-based chatbots that operate in more restricted environments.

Wiz researchers recently uncovered flaws in agents linked to OpenClaw that exposed personal information.

Despite the warnings, OpenClaw continues to gain traction among users who value its ability to automate complex tasks, rather than rely on manual workflows.

Some people purchase separate devices solely to run the agent, while an active South Korea community on X has drawn more than 1,800 members who exchange advice and share mitigation strategies.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Smart policing project halted by Greek data protection authority

Greece’s data protection authority has warned against activating an innovative policing system planned by the Hellenic Police. The ruling said biometric identity checks carried out on the street would breach data protection law in Greece.

The system would allow police patrols in Greece to use portable devices to scan fingerprints and facial images during spot checks. Regulators said Greek law lacks a clear legal basis for such biometric processing.

The authority said existing rules cited by the Hellenic Police only apply to suspects or detainees and do not cover modern biometric technologies. Greece, therefore, faces unlawful processing risks if the system enters full operation.

The innovative policing project in Greece received the EU funding of around four million euros and received backlash in the past. Regulators said deployment must wait until new legislation explicitly authorises police to use biometrics.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Yuan-pegged stablecoins face new restrictions under China policy

Chinese regulators have tightened controls on digital assets by banning the unauthorised issuance of yuan-pegged stablecoins overseas. The move extends existing restrictions to tokenised financial products linked to China’s currency and reinforces state control over monetary instruments.

In a joint notice, the People’s Bank of China and seven other agencies said no domestic or foreign entity may issue renminbi-linked stablecoins without approval. Authorities warned that such tokens replicate core monetary functions and could undermine currency sovereignty.

The rules also cover blockchain-based representations of real-world assets, including tokenised bonds and equities. Overseas providers are prohibited from offering these services to users in China without regulatory permission.

Beijing reaffirmed that cryptocurrencies such as Bitcoin and Ether have no legal tender status. Facilitating payments or related services using such assets remains illegal under China’s financial laws.

The measures align with China’s broader strategy of restricting private digital currencies while advancing the state-backed digital yuan. Officials have recently expanded the e-CNY’s role by allowing interest payments to encourage wider adoption.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

TikTok accused of breaching EU digital safety rules

The European Commission has concluded that TikTok’s design breaches the Digital Services Act by encouraging compulsive use and failing to protect users, particularly children and teenagers.

Preliminary findings say the platform relies heavily on features such as infinite scroll, which automatically delivers new videos and makes disengagement difficult.

Regulators argue that such mechanisms place users into habitual patterns of repeated viewing rather than supporting conscious choice. EU officials found that safeguards introduced by TikTok do not adequately reduce the risks linked to excessive screen time.

Daily screen time limits were described as ineffective because alerts are easy to dismiss, even for younger users who receive automatic restrictions. Parental control tools were also criticised for requiring significant effort, technical knowledge and ongoing involvement from parents.

Henna Virkkunen, the Commission’s executive vice-president for tech sovereignty, security and democracy, said addictive social media design can harm the development of young people. European law, she said, makes platforms responsible for the effects their services have on users.

Regulators concluded that compliance with the Digital Services Act would require TikTok to alter core elements of its product, including changes to infinite scroll, recommendation systems and screen break features.

TikTok rejected the findings, calling them inaccurate and saying the company would challenge the assessment. The platform argues that it already offers a range of tools, including sleep reminders and wellbeing features, to help users manage their time.

The investigation remains ongoing and no penalties have yet been imposed. A final decision could still result in enforcement measures, including fines of up to six per cent of TikTok’s global annual turnover.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Slovenia plans social media ban for children under 15

Among several countries lately, Slovenia is also moving towards banning access to social media platforms for children under the age of 15, as the government prepares draft legislation aimed at protecting minors online.

Deputy Prime Minister Matej Arčon said the Education Ministry initiated the proposal and would be developed with input from professionals.

The planned law would apply to major social networks where user-generated content is shared, including TikTok, Snapchat and Instagram. Arčon said the initiative reflects growing international concern over the impact of social media on children’s mental health, privacy and exposure to addictive design features.

Slovenia’s move follows similar debates and proposals across Europe and beyond. Countries such as Italy, France, Spain, UK, Greece and Austria have considered restrictions, while Australia has already introduced a nationwide minimum age for social media use.

Spain’s prime minister recently defended proposed limits, arguing that technology companies should not influence democratic decision-making.

Critics of such bans warn of potential unintended consequences. Telegram founder Pavel Durov has argued that age-based restrictions could lead to broader data collection and increased state control over online content.

Despite these concerns, Slovenia’s government appears determined to proceed, positioning the measure as part of a broader effort to strengthen child protection in the digital space.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU split widens over ban on AI nudification apps

European lawmakers remain divided over whether AI tools that generate non-consensual sexual images should face an explicit ban in the EU legislation.

The split emerged as debate intensified over the AI simplification package, which is moving through Parliament and the Council rather than remaining confined to earlier negotiations.

Concerns escalated after Grok was used to create images that digitally undressed women and children.

The EU regulators responded by launching an investigation under the Digital Services Act, and the Commission described the behaviour as illegal under existing European rules. Several lawmakers argue that the AI Act should name pornification apps directly instead of relying on broader legal provisions.

Lead MEPs did not include a ban in their initial draft of the Parliament’s position, prompting other groups to consider adding amendments. Negotiations continue as parties explore how such a restriction could be framed without creating inconsistencies within the broader AI framework.

The Commission appears open to strengthening the law and has hinted that the AI omnibus could be an appropriate moment to act. Lawmakers now have a limited time to decide whether an explicit prohibition can secure political agreement before the amendment deadline passes.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!