Jurisdiction

UK government announces new cyber bill to strengthen national defences and protect critical infrastructure

The UK government has unveiled plans for a new Cyber Security and Resilience Bill aimed at enhancing the country’s ability to defend against the growing risk of cyber threats. Scheduled to be introduced later this year, the Bill forms a key part of the government’s broader strategy to protect critical national infrastructure (CNI), support economic growth, and ensure the resilience of the UK’s digital landscape.

The forthcoming legislation will focus on bolstering the cyber resilience of essential services—such as healthcare, energy, and IT providers—that underpin the economy and daily life. Around 1,000 vital service providers will be required to meet strengthened cyber security standards under the new rules. These measures are designed to safeguard supply chains and key national functions from increasingly sophisticated cyber attacks affecting both public and private sectors.

In addition, the government is considering extending cyber security regulations to over 200 data centres across the country. These centres are integral to the functioning of modern finance, e-commerce, and digital communication. By improving their security, the government hopes to safeguard services that rely heavily on data, such as online banking, shopping platforms, and social media.

If adopted, the government’s proposals include:

  • Expanding the scope of the NIS Regulations. The scope of the Network and Information Systems (NIS) Regulations would be broadened to include a wider range of organisations and suppliers. This expansion would bring data centres, Managed Service Providers (MSPs), and other critical suppliers under the regulatory framework, ensuring that more entities are held to high standards of cyber security and resilience.
  • Enhanced regulatory powers. Regulators would be equipped with additional tools to strengthen cyber resilience within the sectors they oversee. This includes new obligations for organisations to report a broader range of significant cyber incidents, enabling faster and more informed responses to emerging threats.
  • Greater Flexibility to Adapt. The government would gain increased flexibility to update the framework in line with the evolving threat landscape. This means regulations could be swiftly extended to cover new and emerging sectors, ensuring the UK remains agile in the face of dynamic cyber risks.
  • New Executive Powers for National Security. In circumstances where national security is at stake, the government would be granted new executive powers to act decisively in response to serious cyber threats.

For more information on these topics, visit diplomacy.edu.

Japan passes landmark cyber defence bill

Japan has passed the Active Cyber Defence Bill, which permits the country’s military and law enforcement agencies to undertake pre-emptive measures in response to cyber threats.

The legislation adopts a two-pronged approach, focusing on both passive and active cyber defence. It includes the establishment of a cybersecurity council and an oversight committee to enhance threat analysis and information-gathering capabilities. The bill also introduces new requirements for critical infrastructure providers to report cybersecurity incidents promptly. Additionally, it enables the government to collect technical information—such as IP addresses and timestamps—from telecommunications providers in cases where a potential cyberattack is identified, to monitor communications between Japan and external actors.

The legislation also grants the military powers to carry out active measures against cyber threats. This includes the deployment of ‘cyber harm-prevention officers’, tasked with actions such as disrupting servers involved in cyberattacks and responding to critical incidents.

While the bill is positioned as part of Japan’s broader efforts to strengthen its cyber resilience, some commentary has raised questions about the balance between security and oversight.

For more information on these topics, visit diplomacy.edu.

Japan targets Apple and Google with new law

The Japan Fair Trade Commission (JFTC) announced on Monday that it has designated Apple Inc., its Japanese subsidiary iTunes K.K., and Google LLC under the new smartphone software competition promotion law.

The law targets dominant IT companies in the smartphone app market, regulating areas like smartphone operating systems, app stores, web browsing software, and search engines.

The primary aim of the law is to prevent these giants from blocking market entry for other companies or giving preferential treatment to their own services. The law will take full effect in December, with the designated companies required to correct any problematic practices.

Apple will be required to allow other companies into the App Store business instead of monopolising it, fostering price competition. Google will be prohibited from displaying its services in search results instead of favouring them.

In response, both companies expressed concerns, with Apple questioning the impact on user experience and Google vowing to engage in discussions to ensure fairness.

For more information on these topics, visit diplomacy.edu.

OpenAI is now valued at $300 billion after new funding

OpenAI has secured a $40 billion funding deal from SoftBank, pushing its valuation to $300 billion instead of staying below that mark, making it the third most valuable private company in the world.

It now ranks behind Elon Musk’s SpaceX, valued at around $350 billion, instead of taking the top spot, and TikTok’s parent company, ByteDance, which stands at approximately $315 billion.

The valuation surpasses major firms like Chevron, Salesforce, McDonald’s, Pepsico, and Samsung instead of lagging behind them.

Funding is structured in two phases, beginning with an initial $10 billion investment. The remaining $30 billion is expected to be provided by the end of 2025, as reported by the New York Times.

OpenAI stated that this capital will allow the company to advance AI research instead of stagnating and expand its infrastructure with more powerful tools.

Founded in 2015 as a non-profit, OpenAI later shifted to a capped-profit model to attract investment instead of relying solely on donations while continuing its work in AI development.

Despite facing operational challenges and legal disputes, including a high-profile lawsuit from Musk opposing its transition to a profit-driven model, OpenAI has continued to grow.

Its ChatGPT platform now boasts 500 million weekly users instead of seeing a decline. In February, investors, including Musk, sought control of the firm, but CEO Sam Altman firmly rejected the proposal, reaffirming that ‘OpenAI is not for sale’ instead of giving in to external pressure.

For more information on these topics, visit diplomacy.edu.

MetaAI launches in Europe amid data concerns

Meta has resumed the roll-out of its MetaAI across Europe after halting the launch last year due to regulatory uncertainty.

The Irish Data Protection Commission (DPC) still has questions regarding Meta’s AI tool, particularly in relation to its use of personal data from Facebook and Instagram users to train large language models.

The company has been in discussions with the DPC, but instead of an agreement, it remains under review as the tool continues to roll out.

MetaAI was first introduced in the US in September 2023, followed by India in June 2024, and the UK in October. It enables users to interact with a chat function across Facebook, Instagram, Messenger, and WhatsApp.

However, its expansion in Europe faced delays last summer due to concerns raised by the Irish privacy watchdog.

The company has expressed confidence in its compliance with the EU’s data protection laws and has been transparent with the DPC about its launch. However, failure to comply with the General Data Protection Regulation (GDPR) could lead to significant fines.

Additionally, certain aspects of MetaAI fall under the scope of Europe’s Digital Services Act (DSA), which requires the company to meet specific standards on user safety and transparency.

The European Commission has indicated it is waiting for a risk assessment from Meta to ensure that the tool complies with DSA obligations. While initial elements may not be directly relevant to the DSA, the Commission will continue to monitor the deployment closely.

For more information on these topics, visit diplomacy.edu.

European Commission charges €58.2 million in fees for DSA enforcement

The European Commission has charged the largest online platforms in the EU a total of €58.2 million in supervisory fees for their enforcement under the Digital Services Act (DSA).

These fees, which apply to platforms with over 45 million users per month, aim to fund the Commission’s activities for DSA enforcement, including administrative and human resource costs.

Meta, TikTok, and Google have filed five pending court cases against the fees, challenging the charges.

The DSA, designed to increase platform accountability, became fully applicable in February 2024, and the Commission has designated 25 Very Large Online Platforms, including major players like Amazon and LinkedIn.

During the 2024 period, the Commission launched formal proceedings against several platforms and sent over 100 requests for information.

However, instead of these fees fully covering the Commission’s expenses, they led to a deficit of €514,061. Investigations into platforms like X are ongoing, with transparency issues being a key concern.

For more information on these topics, visit diplomacy.edu.

EU regulators seek common approach on DSA

The Coimisiún na Meán has warned that differing interpretations of the Digital Services Act (DSA) by EU regulators are hindering a unified approach to online platform regulation.

Maria Donde, Director of International Affairs at Coimisiún na Meán, highlighted the challenges of aligning various regulators’ approaches to the DSA, which has left room for interpretation.

She emphasised the importance of finding common ground, especially as the DSA, which came into effect last February, imposes transparency and election integrity requirements on platforms.

The DSA requires each EU member state to appoint a Digital Services Coordinator as a point of contact for platforms. Ireland, home to major platforms like TikTok and X, is at the forefront of enforcement.

Donde stressed the need for a consistent voice within the EU, particularly as the law faces criticism globally. The US government has condemned the EU’s regulatory approach, calling it a threat to free speech and accusing Europe of sidelining US tech companies.

The European Commission has already initiated several investigations under the DSA, targeting platforms such as X, TikTok, and Temu. These probes are ongoing, with potential fines for non-compliance reaching up to 6% of a company’s global turnover.

For more information on these topics, visit diplomacy.edu.

French watchdog fines Apple for abuse of app tracking tool

Apple has been fined €150 million ($162.42 million) by French antitrust regulators for allegedly abusing its dominant position in mobile app advertising between 2021 and 2023. The fine is the first to be imposed on Apple over its App Tracking Transparency (ATT) tool.

While the tool, which allows iPhone and iPad users to control app tracking, is not criticised itself, the French competition watchdog claimed its implementation was excessive and not proportional to its goal of protecting personal data.

The French regulators stated that ATT particularly harmed smaller publishers, who rely heavily on third-party data for their business. Despite the fine, Apple was not required to modify the ATT tool.

The decision follows complaints from online advertisers, publishers, and internet networks, who accused Apple of misusing its market power. Apple expressed disappointment with the fine but noted that no changes to the tool were mandated.

The fine comes after a €1.8 billion penalty last year from the EU, which accused Apple of restricting music streaming competitors. Additionally, the German antitrust agency has launched a probe into Apple for allegedly giving itself preferential treatment with the same privacy tool.

For more information on these topics, visit diplomacy.edu.

TikTok ban threatens 170 million American users

The US is just days away from imposing a ban on TikTok unless a deal is struck with its Chinese parent company ByteDance. The ban, set to take effect on Saturday, would affect 170 million American users of the popular app.

However, President Donald Trump has expressed confidence that an agreement will be reached in time. He extended the deadline from January to April 5 to give ByteDance more time to find a non-Chinese buyer for TikTok’s US operations.

Trump mentioned that there is significant interest from potential buyers, with private equity firm Blackstone reportedly evaluating a minority investment in TikTok’s US business.

The discussions are centred on ByteDance’s existing non-Chinese shareholders, including Susquehanna International Group and General Atlantic. Washington’s main concern is that TikTok’s ownership by ByteDance allows the Chinese government to potentially influence the app and collect data on Americans.

Despite the pressure, TikTok has yet to comment on the situation. If no agreement is reached by the deadline, TikTok faces the risk of being banned, though the app would remain on users’ devices if already installed. However, new users would not be able to download it.

The app is already banned in countries like India over similar national security concerns.

For more information on these topics, visit diplomacy.edu.

OpenAI faces copyright debate over Ghibli-style images

Studio Ghibli-style artwork has gone viral on social media, with users flocking to ChatGPT’s feature to create or transform images into Japanese anime-inspired versions. Celebrities have also joined the trend, posting Ghibli-style photos of themselves.

However, what began as a fun trend has sparked concerns over copyright infringement and the ethics of AI recreating the work of established artists instead of respecting their intellectual property.

While OpenAI has allowed premium users to create Ghibli-style images, users without subscriptions can still make up to three images for free.

The rise of this feature has led to debates over whether these AI-generated images violate copyright laws, particularly as the style is closely associated with renowned animator Hayao Miyazaki.

Intellectual property lawyer Even Brown clarified that the style itself isn’t explicitly protected, but he raised concerns that OpenAI’s AI may have been trained on Ghibli’s previous works instead of using independent sources, which could present potential copyright issues.

OpenAI has responded by taking a more conservative approach with its tools, introducing a refusal feature when users attempt to generate images in the style of living artists instead of allowing such images.

Despite this, the controversy continues, as artists like Karla Ortiz are suing other AI generators for copyright infringement. Ortiz has criticised OpenAI for not valuing the work and livelihoods of artists, calling the Ghibli trend a clear example of such disregard.

For more information on these topics, visit diplomacy.edu.

Diplo chatbot can make mistakes. Consider checking important information.