Disney, Warner Bros. Discovery and NBCUniversal have filed a lawsuit in California against Chinese AI company MiniMax, accusing it of large-scale copyright infringement.
The studios allege that MiniMax’s Hailuo AI service generates unauthorised images and videos featuring well-known characters such as Darth Vader, marketing itself as a ‘Hollywood studio in your pocket’ instead of respecting copyright laws.
According to the complaint, MiniMax, reportedly worth $4 billion, ignored cease-and-desist requests and continues to profit from copyrighted works. The studios argue that the company could easily implement safeguards, pointing to existing controls that already block violent or explicit content.
MiniMax’s approach, as they claim, represents a serious threat to both creators and the broader film industry, which contributes hundreds of billions of dollars to the US economy.
Plaintiffs, including Disney’s Marvel and Lucasfilm units, Universal’s DreamWorks Animation and Warner Bros.’ DC Comics, are seeking statutory damages of up to $150,000 per infringed work or unspecified compensation.
They are also asking for an injunction to prevent MiniMax from continuing its alleged violations instead of simply paying damages.
The Motion Picture Association has backed the lawsuit, with its chairman Charles Rivkin warning that unchecked copyright infringement could undermine millions of jobs and the cultural value created by the American film industry.
MiniMax, based in Shanghai, has not responded publicly to the claims but has previously described itself as a global AI foundation model company with over 157 million users worldwide.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Ghana has launched the National Privacy Awareness Campaign, a year-long initiative to strengthen citizens’ privacy rights and build public trust in the country’s expanding digital ecosystem.
Unveiled by Deputy Minister Mohammed Adams Sukparu, the campaign emphasises that data protection is not just a legal requirement but essential to innovation, digital participation, and Ghana’s goal of becoming Africa’s AI hub.
The campaign will run from September 2025 to September 2026 across all 16 regions, using English and key local languages to promote widespread awareness.
The initiative includes the inauguration of the Ghana Association of Privacy Professionals (GAPP) and recognition of new Certified Data Protection Officers, many trained through the One Million Coders Programme.
Officials stressed that effective data governance requires government, private sector, civil society, and media collaboration. The Data Protection Commission reaffirmed its role in protecting privacy while noting ongoing challenges such as limited awareness and skills gaps.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Microsoft and OpenAI have agreed to new non-binding terms that will allow OpenAI to restructure into a for-profit company, marking a significant shift in their long-standing partnership.
The agreement sets the stage for OpenAI to raise capital, pursue additional cloud partnerships, and eventually go public, while Microsoft retains access to its technology.
The previous deal gave Microsoft exclusive rights to sell OpenAI tools via Azure and made it the primary provider of compute power. OpenAI has since expanded its options, including a $300 billion cloud deal with Oracle and an agreement with Google, allowing it to develop its own data centre project, Stargate.
OpenAI aims to maintain its nonprofit arm, which will receive more than $100 billion from the projected $500 billion private market valuation.
Regulatory approval from the attorneys general of California and Delaware is required for the new structure, with OpenAI targeting completion by the end of the year to secure key funding.
Both companies continue to compete across AI products, from consumer chatbots to business tools, while Microsoft works on building its own AI models to reduce reliance on OpenAI technology.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The UK’s National Cyber Security Centre has released version 4.0 of its Cyber Assessment Framework to help organisations protect essential services from rising cyber threats.
An updated CAF that provides a structured approach for assessing and improving cybersecurity and resilience across critical sectors.
Version 4.0 introduces a deeper focus on attacker methods and motivations to inform risk decisions, ensures software in essential services is developed and maintained securely, and strengthens guidance on threat detection through security monitoring and threat hunting.
AI-related cyber risks are also now covered more thoroughly throughout the framework.
The CAF primarily supports energy, healthcare, transport, digital infrastructure, and government organisations, helping them meet regulatory obligations such as the NIS Regulations.
Developed in consultation with UK cyber regulators, the framework provides clear benchmarks for assessing security outcomes relative to threat levels.
Authorities encourage system owners to adopt CAF 4.0 alongside complementary tools such as Cyber Essentials, the Cyber Resilience Audit, and Cyber Adversary Simulation services. These combined measures enhance confidence and resilience across the nation’s critical infrastructure.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The US Federal Trade Commission has launched an inquiry into AI chatbots that act as digital companions, raising concerns about their impact on children and teenagers.
Seven firms, including Alphabet, Meta, OpenAI and Snap, have been asked to provide information about how they address risks linked to ΑΙ chatbots designed to mimic human relationships.
Chairman Andrew Ferguson said protecting children online was a top priority, stressing the need to balance safety with maintaining US leadership in AI. Regulators fear minors may be particularly vulnerable to forming emotional bonds with AI chatbots that simulate friendship and empathy.
An inquiry that will investigate how companies develop AI chatbot personalities, monetise user interactions and enforce age restrictions. It will also assess how personal information from conversations is handled and whether privacy laws are being respected.
Other companies receiving orders include Character.AI and Elon Musk’s xAI.
The probe follows growing public concern over the psychological effects of generative AI on young people.
Last month, the parents of a 16-year-old who died by suicide sued OpenAI, alleging ChatGPT provided harmful instructions. The company later pledged corrective measures, admitting its chatbot does not always recommend mental health support during prolonged conversations.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
OpenAI has taken a significant step into entertainment by backing Critterz, the first animated feature film generated with GPT models.
Human artists sketch characters and scenes, while AI transforms them into moving images. The $30 million project, expected to finish in nine months, is far cheaper and faster than traditional animation and could debut at the Cannes Film Festival in 2026.
Yet the film has triggered a fierce copyright debate in India and beyond. Under India’s Copyright Act of 1957, only human works are protected.
Legal experts argue that while AI can be used as a tool when human skill and judgement are clearly applied, autonomously generated outputs may not qualify for copyright at all.
The uncertainty carries significant risks. Producers may struggle to combat piracy or unauthorised remakes, while streaming platforms and investors could hesitate to support projects without clear ownership rights.
A recent case involving an AI tool credited as a co-author of a painting, later revoked, shows how untested the law remains.
Global approaches vary. The US and the EU require human creativity for copyright, while the UK recognises computer-generated works under certain conditions.
In India, lawyers suggest contracts provide the safest path until the law evolves, with detailed agreements on ownership, revenue sharing and disclosure of AI input.
The government has already set up an expert panel to review the Copyright Act, even as AI-driven projects and trailers rapidly gain popularity.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Jaguar Land Rover (JLR) has confirmed that data was affected in a cyberattack that has kept its UK factories idle for more than a week. The company stated that it is contacting anyone whose data was involved, although it did not clarify whether the breach affected customers, suppliers, or internal systems.
JLR reported the incident to the Information Commissioner’s Office and immediately shut down IT systems to limit damage. Production at Midlands and Merseyside sites has been halted until at least Thursday, with staff instructed not to return before next week.
The disruption has also hit suppliers and retailers, with garages struggling to order spare parts and dealers facing delays registering vehicles. JLR said it is working around the clock to restore operations in a safe and controlled way, though the process is complex.
Responsibility for the hack has been claimed by Scattered Lapsus$ Hunters, a group linked to previous attacks on Marks & Spencer, the Co-op, and Las Vegas casinos in the UK and the US. The hackers posted alleged screenshots from JLR’s internal systems on Telegram last week.
Cybersecurity experts say the group’s claim that ransomware was deployed raises questions, as it appears to have severed ties with Russian ransomware gangs. Analysts suggest the hackers may have only stolen data or are building their own ransomware infrastructure.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
OpenAI is set to argue in an Ontario court that a copyright lawsuit by Canadian news publishers should be heard in the United States. The case, the first of its kind in Canada, alleges that OpenAI scraped Canadian news content to train ChatGPT without permission or payment.
The coalition of publishers, including CBC/Radio-Canada, The Globe and Mail, and Postmedia, says the material was created and hosted in Ontario, making the province the proper venue. They warn that accepting OpenAI’s stance would undermine Canadian sovereignty in the digital economy.
OpenAI, however, says the training of its models and web crawling occurred outside Canada and that the Copyright Act cannot apply extraterritorially. It argues the publishers are politicising the case by framing it as a matter of sovereignty rather than jurisdiction.
The dispute reflects a broader global clash over how generative AI systems use copyrighted works. US courts are already handling several similar cases, though no clear precedent has been established on whether such use qualifies as fair use.
Publishers argue Canadian courts must decide the matter domestically, while OpenAI insists it belongs in US courts. The outcome could shape how copyright laws apply to AI training and digital content across borders.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The US tech giant Google will not be forced to divest Chrome or Android following the long-running US monopoly case.
Judge Mehta ruled that while Google holds a monopoly in traditional search, the rise of AI companies is creating new competitive pressures.
The judgement prevents Google from striking exclusive distribution deals but still allows it to pay partners for preloading and placement of its products. The court also ordered Google to loosen its control over search data, a move that could enable rivals to build their own AI-driven search tools.
Yet, concerns remain for e-commerce businesses.
Google Zero, the company’s AI-powered search summary, is cutting website traffic by keeping users within Google’s results.
Research shows sharp declines in mobile click-through rates, leaving online retailers uncertain of their future visibility.
Experts warn that zero-click searches are becoming the norm. Businesses are being urged to optimise for Google’s AI overviews, enhance the value of product and review pages, track traffic impacts, and diversify their marketing channels.
While Google has avoided structural remedies, its dominance in search and AI appears far from over.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The EU’s digital transformation and the rise of trusted digital identities
The EU, like the rest of the world, is experiencing a significant digital transformation driven by emerging technologies, with citizens, businesses, and governments increasingly relying on online services.
At the centre of the shift lies digital identity, which enables secure, verifiable, and seamless online interactions.
Digital identity has also become a cornerstone of the EU’s transition toward a secure and competitive digital economy. As societies, businesses, and governments increasingly rely on online platforms, the ability for citizens to prove who they are in a reliable, secure, and user-friendly way has gained central importance.
Without trusted digital identities, essential services ranging from healthcare and education to banking and e-commerce risk fragmentation, fraud, and inefficiency.
However, it quickly became clear that further steps were necessary to improve adoption, interoperability, and user trust.
In May 2024, the updated framework, eIDAS 2 (Regulation (EU) 2024/1183), came into force.
At its heart lies the European Digital Identity Wallet, or EDIW, a tool designed to empower EU citizens with a secure, voluntary, and interoperable way to authenticate themselves and store personal credentials.
By doing so, eIDAS 2 aims to strengthen trust, security, and cross-border services, ensuring Europe builds digital sovereignty while safeguarding fundamental rights.
Lessons from eIDAS 1 and the need for a stronger digital identity framework
Back in 2014, when the first eIDAS Regulation was adopted, its purpose was to enable the mutual recognition of electronic identification and trust services across member states.
The idea was simple (and logical) yet ambitious: a citizen of one EU country should be able to use their national digital ID to access services in another, whether it is to enrol in a university abroad or open a bank account.
The original regulation created legal certainty for electronic signatures, seals, timestamps, and website authentication, helping digital transactions gain recognition equal to their paper counterparts.
For businesses and governments, it reduced bureaucracy and built trust in digital processes, both essential for sustainable development.
Despite the achievements, significant limitations emerged. Adoption rates varied widely across member states, with only a handful, such as Estonia and Denmark, achieving robust national digital ID systems.
Others lagged due to technical, political, or budgetary issues. Interoperability across borders was inconsistent, often forcing citizens and businesses to rely on paper processes.
Stakeholders and industry associations also expressed concerns about the complexity of implementation and the absence of user-friendly solutions.
The gaps highlighted the need for a new approach. As Commission President Ursula von der Leyen emphasised in 2020, ‘every time an app or website asks us to create a new digital identity or to easily log on via a big platform, we have no idea what happens to our data in reality.’
Concerns about reliance on non-European technology providers, combined with the growing importance of secure online transactions, paved the way for eIDAS 2.
The eIDAS 2 framework and the path to interoperable digital services
Regulation (EU) 2024/1183, adopted in the spring of 2024, updates the original eIDAS to reflect new technological and social realities.
Its guiding principle is technological neutrality, ensuring that no single vendor or technology dominates and allowing member states to adopt diverse solutions provided they remain interoperable.
Among its key innovations is the expansion of qualified trust services. While the original eIDAS mainly covered signatures and seals, the new regulation broadens the scope to include services such as qualified electronic archiving, ledgers, and remote signature creation devices.
The broader approach ensures that the regulation keeps pace with emerging technologies such as distributed ledgers and cloud-based security solutions.
eIDAS 2 also strengthens compliance mechanisms. Providers of trust services and digital wallets must adhere to rigorous security and operational standards, undergo audits, and demonstrate resilience against cyber threats.
In this way, the regulation not only fosters a common European market for digital identity but also reinforces Europe’s commitment to digital sovereignty and trust.
The European Digital Identity Wallet in action
The EDIW represents the most visible and user-facing element of eIDAS 2.
Available voluntarily to all EU citizens, residents, and businesses, the wallet is designed to act as a secure application on mobile devices where users can link their national ID documents, certificates, and credentials.
For citizens, the benefits are tangible. Rather than managing numerous passwords or carrying a collection of physical documents, individuals can rely on the wallet as a single, secure tool.
It allows them to prove their identity when travelling or accessing services in another country, while offering a reliable space to store and share essential credentials such as diplomas, driving licences, or health insurance cards.
In addition, it enables signing contracts with qualified electronic signatures directly from personal devices, reducing the need for paper-based processes and making everyday interactions considerably more efficient.
For businesses, the wallet promises smoother cross-border operations. For example, banks can streamline customer onboarding through secure, interoperable identification. Professional services can verify qualifications instantly.
E-commerce platforms can reduce fraud and improve compliance with ‘Know Your Customer’ requirements.
By reducing bureaucracy and offering convenience, the wallet embodies Europe’s ambition to create a truly single digital market.
Cybersecurity and privacy in the EDIW
Cybersecurity and privacy are central to the success of the wallet. On the positive side, the system enhances security through encryption, multi-factor authentication, and controlled data sharing.
Instead of exposing unnecessary information, users can share only the attributes required, for example, confirming age without disclosing a birth date.
Yet risks remain. The most pressing concern is risk aggregation. By consolidating multiple credentials in a single wallet, the consequences of a breach could be severe, leading to fraud, identity theft, or large-scale data exposure. The system, therefore, becomes an attractive target for attackers.
To address such risks, eIDAS 2 mandates safeguards. Article 45k requires providers to maintain data integrity and chronological order in electronic ledgers, while regular audits and compliance checks ensure adherence to strict standards.
Furthermore, the regulation mandates open-source software for the wallet components, enhancing transparency and trust.
The challenge is to balance security, usability, and confidence. If the wallet is overly restrictive, citizens may resist adoption. If it is too permissive, privacy could be undermined.
The European approach aims to strike the delicate balance between trust and efficiency.
Practical implications across sectors with the EDIW
The European Digital Identity Wallet has the potential to reshape multiple sectors across the EU, and its relevance is already visible in national pilot projects as well as in existing electronic identification systems.
Public services stand to benefit most immediately. Citizens will be able to submit tax declarations, apply for social benefits, or enrol in universities abroad without needing paper-based procedures.
Healthcare is another area where digital identity is of great importance, since medical records can be transferred securely across borders.
Businesses are also likely to experience greater efficiency. Banks and financial institutions will be able to streamline compliance with the ‘Know Your Customer’ and anti-money laundering rules.
In the field of e-commerce, platforms can provide seamless authentication, which will reduce fraud and enhance customer trust.
Citizens will also enjoy greater convenience in their daily lives when signing rental contracts, proving identity while travelling, or accessing utilities and other services.
National approaches to digital identity across the EU
National experiences illustrate both diversity and progress. Let’s review some examples.
Estonia has been recognised as a pioneer, having built a robust e-Identity system over two decades. Its citizens already use secure digital ID cards, mobile ID, and smart ID applications to access almost all government services online, meaning that integration with the EDIW will be relatively smooth.
Denmark has also made significant progress with its MitID solution, which replaced NemID and is now used by millions of citizens to access both public and private services with high security standards, including biometric authentication.
Germany has introduced BundID, a central portal for accessing public administration services, and has invested in enabling the use of national ID cards via NFC-based smartphones, although adoption is still limited compared to Scandinavian countries.
Italy has taken a different route by rolling out SPID, the Public Digital Identity System, which is now used by more than thirty-five million citizens to access thousands of services. The country also supports the Electronic Identity Card, known as CIE, and both solutions are being aligned with wallet requirements.
Spain has launched Cl@ve, a platform that combines permanent passwords and electronic certificates, and has joined several wallet pilot projects funded by the European Commission to test cross-border use.
France is developing its France Identité application, which allows the use of the electronic ID card for online authentication, and the project is at the centre of the national effort to meet European standards.
The Netherlands relies on DigiD, which provides access to healthcare, taxation, and education services. Although adoption is high, the system will require enhanced security features to meet the new regulations.
Greece has made significant strides in digital identity with the introduction of the Gov.gr Wallet. The mobile application allows citizens to store digital versions of their national identity card and driving licence on smartphones, giving them the same legal validity as physical documents in the country.
These varied examples reveal a mixed landscape. Countries such as Estonia and Denmark have developed advanced and widely used systems that will integrate readily with the European framework.
Others are still building broader adoption and enhancing their infrastructure. The wallet, therefore, offers an opportunity to harmonise national approaches, bridge existing gaps, and create a coherent European ecosystem.
By building on what already exists, member states can speed up adoption and deliver benefits to citizens and businesses in a consistent and trusted way.
Risks and limitations of the EDIW
Despite the promises, the rollout of the wallet faces significant challenges, several of which have already been highlighted in our analysis.
First, data privacy remains a concern. Citizens must trust that wallet providers and national authorities will not misuse or over-collect their data, especially given existing concerns about data breaches and increased surveillance across the Union. Any breach of that trust could significantly undermine adoption.
Second, Europe’s digital infrastructure remains uneven. Countries such as Estonia and Denmark (as mentioned earlier) already operate sophisticated e-ID systems, while others fall behind. Bridging the gap requires financial and technical support, as well as political will.
Third, balancing innovation with harmonisation is not easy. While technological neutrality allows for flexibility, too much divergence risks interoperability problems. The EU must carefully monitor implementation to avoid fragmentation.
Finally, there are long-term risks of over-centralisation. By placing so much reliance on a single tool, the EU may inadvertently create systemic vulnerabilities. Ensuring redundancy and diversity in digital identity solutions will be key to resilience.
Opportunities and responsibilities in the EU’s digital identity strategy
Looking forward, the success of eIDAS 2 and the wallet will depend on careful implementation and strong governance.
Opportunities abound. Scaling the wallet across sectors, from healthcare and education to transport and finance, could solidify Europe’s position as a global leader in digital identity. By extending adoption to the private sector, the EU can create a thriving ecosystem of secure, trusted services.
Yet the initiative requires continuous oversight. Cyber threats evolve rapidly, and regulatory frameworks must adapt. Ongoing audits, updates, and refinements will be necessary to keep pace. Member states will need to share best practices and coordinate closely to ensure consistent standards.
At a broader level, the wallet represents a step toward digital sovereignty. By reducing reliance on non-European identity providers and platforms, the EU strengthens its control over the digital infrastructure underpinning its economy. In doing so, it enhances both competitiveness and resilience.
The EU’s leap toward a digitally sovereign future
In conclusion, we firmly believe that the adoption of eIDAS 2 and the rollout of the European Digital Identity Wallet mark a decisive step in Europe’s digital transformation.
By providing a secure, interoperable, and user-friendly framework, the EU has created the conditions for greater trust, efficiency, and cross-border collaboration.
The benefits are clear. Citizens gain convenience and control, businesses enjoy streamlined operations, and governments enhance security and transparency.
But we have to keep in mind that challenges remain, from uneven national infrastructures to concerns over data privacy and cybersecurity.
Ultimately, eIDAS 2 is both a legal milestone and a technological experiment. Its success will depend on building and maintaining trust, ensuring inclusivity, and adapting to emerging risks.
If the EU can meet the challenges, the European Digital Identity Wallet will not only transform the daily lives of millions of its citizens but also serve as a model for digital governance worldwide.
Would you like to learn more aboutAI, tech and digital diplomacy? If so, ask our Diplo chatbot!
