NVIDIA and Palantir expand sovereign AI for US government

Palantir has announced a new sovereign AI capability built on NVIDIA’s open-source Nemotron models, enabling US government agencies and critical infrastructure operators to deploy, customise and continuously improve AI models within highly secure environments.

The platform combines NVIDIA Nemotron open models with Palantir’s Sovereign AI Operating System, allowing organisations to retain full control over their data, model weights and deployment infrastructure.

The system is designed for air-gapped and highly regulated environments where sensitive information cannot be connected to external networks.

Agencies will be able to train AI models using their own operational data, retain ownership of the resulting models and continuously improve performance through internal feedback loops.

The deployment is supported by NVIDIA AI Enterprise and Palantir’s Artificial Intelligence Platform (AIP), Foundry, Ontology and Apollo platforms.

NVIDIA said the initiative reflects the growing importance of open AI models for government and enterprise development, arguing that they offer greater transparency, customisation and lower deployment costs than proprietary alternatives.

The company also highlighted the role of open models in strengthening AI adoption across sectors including defence, healthcare, energy, transportation and public administration.

Why does it matter?

The announcement reflects the growing importance of sovereign AI, as governments and operators of critical infrastructure seek to deploy advanced AI systems without relying on externally hosted services or relinquishing control over sensitive data. Open models combined with secure, self-managed infrastructure offer an alternative approach for organisations with strict security and regulatory requirements.

The partnership also highlights the strategic role of open foundation models in the evolving AI ecosystem. As competition intensifies between proprietary and open AI approaches, governments are increasingly viewing customisable, locally deployable models as critical assets for national security, digital sovereignty and public-sector modernisation.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Chief AI Officers to lead AI adoption across Australian government

Australian public service agencies are formalising the appointment of Chief AI Officers (CAIOs) to guide the safe, strategic and coordinated use of AI across government.

Under the APS AI Plan, all non-corporate Commonwealth entities must appoint a senior leader as Chief AI Officer by 30 June 2026. Corporate Commonwealth entities and Commonwealth companies are strongly encouraged to make similar appointments.

The role is intended to help agencies adopt and use AI, particularly generative AI, as the technology reshapes government operations, public service delivery and internal processes.

Chief AI Officers will complement, rather than replace, AI Accountable Officials. While Accountable Officials focus on governance, compliance and risk management, CAIOs will lead strategic adoption, organisational transformation and AI capability building.

The government said CAIOs should provide strategic leadership rather than focus primarily on technical implementation. Their responsibilities include identifying high-value AI use cases, building staff capability, championing responsible adoption and ensuring AI is deployed safely and effectively.

CAIOs will work across technology, data, policy, cybersecurity, privacy and human resources functions, while collaborating with counterparts across the Australian Public Service and the Department of Finance’s AI Delivery and Enablement team.

Chief AI Officers will also collaborate across the Australian Public Service, including with other CAIOs and the AI Delivery and Enablement function in the Department of Finance.

The government said AI should be viewed as a general-purpose capability rather than a conventional technology upgrade, reflecting its potential to transform multiple areas of public-sector work.

The CAIO role is intended to help agencies move from experimentation to more systematic and responsible adoption. It is also designed to support a whole-of-organisation view of AI risks and opportunities.

The AI Delivery and Enablement team has developed an information pack to support agencies in appointing CAIOs, along with a blog for newly appointed leaders.

A wide range of agencies have already appointed Chief AI Officers. The published list includes major departments, regulators, integrity bodies, health and research agencies, cultural institutions, security agencies and service delivery organisations.

A wide range of organisations have already appointed CAIOs, including major government departments, regulators, law enforcement bodies, research organisations and service delivery agencies such as the Department of Finance, Home Affairs, Treasury, the Australian Federal Police, Services Australia and the Australian Electoral Commission.

The appointments of Chief AI Officers reflect a broader effort to coordinate AI adoption across government while maintaining attention to safety, privacy, cybersecurity, governance and public value.

Why does it matter?

Australia’s initiative reflects a broader shift from experimental AI projects to coordinated, organisation-wide adoption across the public sector. By establishing dedicated AI leadership roles, the government is seeking to embed strategic oversight while ensuring that innovation is balanced with governance, privacy, cybersecurity and public accountability.

The creation of Chief AI Officers also highlights the growing recognition that AI adoption is an organisational transformation challenge rather than solely a technical one. As governments integrate AI into public services, dedicated leadership is becoming increasingly important to coordinate implementation, build capability and ensure AI delivers public value responsibly.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Spain’s AI sandbox offers early test for biometric AI compliance

Spain’s AI regulatory sandbox is becoming an early test of how high-risk AI systems may prepare for compliance with the EU AI Act, with facial recognition among the technologies examined.

Spanish company Herta said it has completed the sandbox process for its facial-recognition video-surveillance system, BioSurveillance. The company presented the pilot as a step towards AI Act-ready deployments in public settings.

Herta describes BioSurveillance as a real-time video-surveillance system capable of detecting multiple faces, enrolling individuals during operation, identifying previously registered people and managing alerts. Its BioSurveillance NEXT product is designed for simultaneous identification in crowded and changing environments.

Spain’s AI agency, AESIA, says practical guides developed through the national AI regulatory sandbox are intended to help companies that develop or deploy high-risk AI systems prepare for their obligations under the EU AI Act. The guides provide recommendations while harmonised EU standards are still being developed.

However, sandbox participation should not be treated as approval for public facial recognition deployments. Remote biometric identification in publicly accessible spaces remains one of the most sensitive areas under the EU AI Act. It is subject to strict limits, depending on the use case, operator and context.

The case highlights how companies developing biometric AI systems are seeking early compliance pathways, while regulators face pressure to balance innovation, public safety, privacy and fundamental rights.

Why does it matter?

Facial recognition is one of the most contested areas of AI regulation because it combines public-space surveillance, biometric data processing and risks to privacy and fundamental rights. Spain’s sandbox offers an early view of how high-risk AI providers may prepare documentation, testing and compliance processes under the EU AI Act. The case also shows why compliance language must be used carefully: participation in a sandbox may support readiness, but it does not remove the legal restrictions surrounding biometric identification in public spaces.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot 

UK CMA consults on Apple App Store steering rules

The UK Competition and Markets Authority has opened a consultation on a proposed conduct requirement that would allow app developers to steer users outside Apple’s App Store to complete digital purchases.

The proposal applies to Apple’s Mobile Platform, which the CMA designated as having Strategic Market Status in October 2025. The consultation is part of the UK’s digital markets competition regime and closes on 28 July 2026.

The CMA said Apple’s App Store is a key gateway for developers distributing native apps in the UK. Its proposal focuses on apps that sell digital goods and services, where developers are generally restricted from directing users to alternative offers or purchases outside Apple’s in-app payment system.

Under the proposed steering conduct requirement, Apple would have to allow developers to communicate with UK users and include redirection mechanisms, such as links or buttons, that lead to external websites for purchases.

Apple could still impose restrictions where they are strictly necessary and objectively justified, including to address malware, fraud, scams, unlawful content or content harmful to children.

The proposal would also regulate how external purchasing options are presented. Apple could use a single interstitial screen to inform users that they are leaving its in-app purchase system, but the screen would need to use neutral language and must not discourage users from completing transactions elsewhere.

The CMA is also proposing that any fee Apple charges on steered transactions must be fair and reasonable. It would also prohibit Apple from discriminating against developers that use redirection mechanisms, including through app review, search ranking, platform functionality or access to interoperability features.

The CMA said effective steering could give developers more control over pricing, billing, refunds and customer support, while giving users more choice and potentially lower prices.

Why does it matter?

The consultation shows the UK’s digital markets regime moving from platform designation to targeted behavioural rules. If adopted, the requirement could weaken Apple’s control over in-app transactions for digital goods and services in the UK and give developers more room to offer alternative payment channels. It also tests how the CMA will balance competition, consumer choice, security, privacy and platform investment under the new Strategic Market Status framework.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Australia doubles penalties and expands eSafety powers under social media age law

The Australian Government has introduced legislation to strengthen enforcement of its minimum age law for social media platforms, expanding the powers of the eSafety Commissioner and significantly increasing penalties for non-compliance.

The reforms are intended to strengthen oversight of platforms operating in Australia that fail to prevent users under the age of 16 from accessing their services.

Under the proposed legislation, the eSafety Commissioner would receive enhanced information-gathering powers, including the authority to compel platforms and relevant third parties, such as age assurance providers and app stores, to provide documents and evidence demonstrating compliance.

The reforms would also substantially increase penalties for failing to comply with information requests and for systemic breaches of the legislation.

The government said millions of accounts belonging to users under 16 have already been removed, deactivated or restricted since the law entered into force.

However, the government argues that some major platforms continue to do only the minimum required, prompting the need for stronger enforcement powers and greater regulatory accountability.

Why does it matter?

The reforms mark a shift from establishing online child safety rules to enforcing them more aggressively. By expanding the eSafety Commissioner’s investigative powers and increasing penalties, Australia is signalling that platforms will face greater accountability if they fail to implement effective age assurance measures.

The legislation also reinforces Australia’s position as one of the most active jurisdictions in regulating children’s online safety. Its approach could influence other countries considering stronger enforcement mechanisms for age verification, platform responsibility and the protection of minors in digital environments.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EU launches funding for youth-centred social media platforms

The European Commission has launched a €1.48 million call for proposals to support the development and testing of safer, more inclusive social media platforms designed for young people.

The initiative aims to involve young people from diverse backgrounds in designing digital services that prioritise privacy, well-being, accessibility and user safety.

Selected projects will develop or enhance protocol-based social media platforms aligned with EU values, while giving users greater control over their data, content moderation and overall online experience.

The programme also supports market analysis, platform development, adoption strategies and recommendations for the future of social media in the EU.

Why does it matter?

The initiative reflects the EU’s growing emphasis on promoting digital platforms that prioritise user wellbeing, privacy and safety rather than engagement-driven business models. By supporting protocol-based alternatives, the Commission is seeking to encourage a more open and user-centric social media ecosystem.

It also highlights a broader policy shift towards involving young people directly in the design of digital services. Giving users greater control over their data, online experience and content moderation aligns with the EU’s wider objectives on digital rights, platform accountability and safer online environments.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Singapore launches Online Safety Commission for online harms

Singapore’s Online Safety Commission has begun operations, giving victims of online harms a dedicated channel to seek faster support and redress.

The commission was established to support the office of the Commissioner of Online Safety under the Online Safety (Relief and Accountability) Act 2025. Specified provisions on statutory torts under the Act also came into effect on 29 June 2026.

In its first phase, the commission will support victims affected by five categories of online harm: online harassment, including online sexual harassment, doxxing, online stalking, intimate image abuse and image-based child abuse.

Victims of online harassment and online stalking are generally expected to report harmful content to the relevant platform first. If the platform fails to respond promptly or provides an inadequate response within 24 hours, the platform may be reported to the commission. More serious harms, including doxxing and image-based abuse, can be reported directly.

Where there is reason to suspect that online harm has occurred, the Commissioner may issue directions to the person who posted the content, the administrator of the online space or the platform hosting it. These directions may require access to harmful content to be disabled or an account to be restricted. Non-compliance is a criminal offence.

Singapore is also introducing court-based remedies through statutory torts. Victims may bring civil claims against communicators, administrators, or platforms that fail to meet the duties set out in the law. For intimate image abuse and image-based child abuse, courts must award at least $5,000 for each image or recording if the claim succeeds.

The commission will also work with community partners that can provide counselling and practical support to victims and families.

Why does it matter?

Singapore’s Online Safety Commission provides victims of online harms with a dedicated institutional route for faster relief, rather than leaving them to rely solely on platform complaint systems or lengthy court processes. The model combines administrative directions, platform duties, community support and civil remedies. It is especially relevant for image-based abuse, doxxing and child safety, where rapid content restriction and victim support can be critical.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot 

IWF urges EU to restore legal basis for voluntary CSAM detection

The Internet Watch Foundation has urged the EU policymakers to adopt a permanent legal framework allowing technology companies to voluntarily detect, report and remove child sexual abuse material online.

The organisation said Europe cannot keep relying on children to protect themselves from online predators, warning that awareness campaigns and digital literacy measures cannot replace platform responsibility, technical safeguards and proactive detection tools.

The IWF said the EU’s failure to agree on a long-term Child Sexual Abuse Regulation has created legal uncertainty after the expiry of the temporary framework that previously allowed online services to use voluntary detection measures.

According to the organisation, child sexual abuse increasingly begins online through grooming, coercion, sextortion and blackmail. The IWF said that more than a quarter of the 500,000 unique child sexual abuse images and videos it identified in 2025 were self-generated after children were manipulated into creating explicit material.

The group argues that voluntary detection should become a minimum standard across the EU, supported by legal safeguards that protect privacy and prevent misuse.

The debate remains one of the EU’s most contested digital policy issues. Child-safety organisations warn that legal uncertainty could reduce the detection of abuse, while privacy advocates have raised concerns about surveillance, false positives and the scanning of private communications.

The IWF said policymakers should not treat child protection and privacy as a binary choice, but should create a framework that allows technology companies to detect abuse while maintaining appropriate safeguards.

Why does it matter?

The debate goes to the heart of EU online safety policy: how to protect children from grooming, sextortion and the circulation of abuse material while preserving privacy and communications rights. The IWF’s intervention highlights the child-protection argument for legal certainty around voluntary detection tools. At the same time, the controversy shows why any permanent framework will need strong safeguards, transparency and limits on how detection technologies are used.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

UK’s Youth Justice Board highlights growing risks of online harms for children

The UK Youth Justice Board has published new evidence on how online harms affect children across England and Wales, warning that digital risks are increasingly linked to safeguarding, well-being and youth justice outcomes.

The Evidence and Insights Pack brings together research, data and practice examples to improve understanding of the risks children face online and how services can protect them more effectively.

The report says children face overlapping digital harms, including cyberbullying, sexual abuse, radicalisation, exploitation and the non-consensual sharing of intimate images. It also warns that harmful content and image-based abuse are becoming increasingly normalised among children, disproportionately affecting girls.

The YJB says many children who engage in problematic online behaviour have complex needs or have experienced abuse themselves. Weak platform design and limited digital literacy among adults can increase children’s vulnerability and make safeguarding more difficult.

The report calls for responses that go beyond criminal justice. It identifies promising approaches, including safety-by-design and teen-by-default platform measures, early intervention, harm-reduction responses, digital media and gaming literacy, healthy relationships education and gender-sensitive programmes.

The YJB also highlights strength-based interventions that promote belonging, critical thinking and positive identity building for children. It says such approaches can help reduce harm while avoiding unnecessary criminalisation.

The publication comes as the UK implements the Online Safety Act and prepares to ban social media for under-16s by spring 2027. The YJB said protecting children will require coordinated action across education, health, policing, local government, housing and social care.

Why does it matter?

The report strengthens the case for treating online harms as a safeguarding and public policy issue, not only a matter for platforms or the police. It shows that children can be victims, perpetrators and vulnerable participants in the same digital environments, especially where abuse, exploitation, misogyny or harmful content are normalised. The YJB’s focus on prevention and early support is important because punitive responses can deepen children’s contact with the justice system without addressing the underlying risks.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

NIST explores OT asset management to strengthen cybersecurity

NIST’s National Cybersecurity Center of Excellence (NCCoE) is seeking public feedback on a new project focused on operational technology (OT) asset management as the foundation for stronger OT cybersecurity.

The draft project description, Asset Management as a Foundation for OT Cybersecurity, outlines the project’s scope, challenges and technical approach. The NCCoE plans to demonstrate practical methods for OT asset discovery, inventory, configuration and change management.

The project will involve collaboration with asset owners, operators, and solution providers. The NCCoE plans to demonstrate real-world OT asset management and visibility solutions using commercially available products.

The proposal also includes a high-level reference architecture, desired technical capabilities and alignment with relevant standards, including outcomes from the NIST Cybersecurity Framework 2.0.

The NCCoE said AI is accelerating both the discovery and exploitation of vulnerabilities, making strong OT asset management increasingly important as organisations modernise industrial systems, adopt zero trust architectures and respond to AI-driven cyber threats.

Many organisations struggle to maintain a complete inventory of OT assets. Without effective asset management, activities such as risk assessment, network segmentation, vulnerability management, incident response and technology modernisation become significantly more difficult.

The NCCoE said the laboratory demonstration will support the development of source code, scripts, architectures, procedures, and guidelines. These resources are intended to help organisations gain the visibility needed to detect and respond to modern cyber threats in OT environments.

The centre is seeking input from asset owners, operators, technology providers, and cybersecurity practitioners. Feedback will help refine the project scope, use cases, reference architecture, and demonstration objectives.

Following the consultation, the NCCoE plans to recruit collaborators for project demonstrations and development activities. Public comments on the draft are open until 31 July 2026.

Why does it matter?

Operational technology underpins critical infrastructure, manufacturing and industrial operations, making accurate asset visibility a prerequisite for effective cybersecurity. As AI enables attackers to identify and exploit vulnerabilities more quickly, organisations need reliable inventories, configuration management and continuous monitoring to support risk assessments, zero trust strategies and incident response.

The project also reflects a broader shift towards practical cybersecurity guidance. By working with industry to develop reference architectures, tools and implementation guidance aligned with the NIST Cybersecurity Framework 2.0, the NCCoE aims to help organisations translate cybersecurity best practices into operational improvements across industrial environments.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!