Privacy and data protection

UK government urges firms to keep paper backups for cyberattack recovery

The UK government has issued a strong warning to company leaders to prepare for cyber incidents by maintaining paper-based contingency plans. The National Cyber Security Centre (NCSC) emphasised that firms must plan how to continue operations and rebuild IT systems if networks are compromised.

The advice follows a series of high-profile cyberattacks this year targeting major UK firms, including Marks & Spencer, The Co-op, and Jaguar Land Rover, which experienced production halts and supply disruptions after their systems were breached.

According to NCSC chief executive Richard Horne, organisations need to adopt ‘resilience engineering’ strategies, systems designed to anticipate, absorb, recover, and adapt during cyberattacks.

The agency recommends storing response plans offline and outlining alternative communication methods, such as phone trees and manual record-keeping, should email systems fail.

While the total number of cyber incidents investigated by the NCSC, 429 in the first nine months of 2025, remained stable, the number of ‘nationally significant’ attacks nearly doubled from 89 to 204. These include Category 1–3 incidents, ranging from ‘significant’ to ‘national cyber emergency.’

Recent cases highlight the human and operational toll of such events, including a ransomware attack on a London blood testing provider last year that caused severe clinical disruption and contributed to at least one patient death.

Experts say the call for offline backups may sound old-fashioned but is pragmatic. ‘You wouldn’t walk onto a building site without a helmet, yet companies still go online without basic protection,’ said Graeme Stewart, head of public sector at Check Point. ‘Cybersecurity must be treated like health and safety: not optional, but essential.’

The government is also encouraging companies, particularly SMEs, to use the NCSC’s free support tools, including cyber insurance linked to its Cyber Essentials programme.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

California introduces first AI chatbot safety law

California has become the first US state to regulate AI companion chatbots after Governor Gavin Newsom signed landmark legislation designed to protect children and vulnerable users. The new law, SB 243, holds companies legally accountable if their chatbots fail to meet new safety and transparency standards.

The US legislation follows several tragic cases, including the death of a teenager who reportedly engaged in suicidal conversations with an AI chatbot. It also comes after leaked documents revealed that some AI systems allowed inappropriate exchanges with minors.

Under the new rules, firms must introduce age verification, self-harm prevention protocols, and warnings for users engaging with companion chatbots. Platforms must clearly state that conversations are AI-generated and are barred from presenting chatbots as healthcare professionals.

Major developers including OpenAI, Replika, and Character.AI say they are introducing stronger parental controls, content filters, and crisis support systems to comply. Lawmakers hope the move will inspire other states to adopt similar protections as AI companionship tools become increasingly popular.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

A common EU layer for age verification without a single age limit

Denmark will push for EU-wide age-verification rules to avoid a patchwork of national systems. As Council presidency, Copenhagen prioritises child protection online while keeping flexibility on national age limits. The aim is coordination without a single ‘digital majority’ age.

Ministers plan to give the European Commission a clear mandate for interoperable, privacy-preserving tools. An updated blueprint is being piloted in five states and aligns with the EU Digital Identity Wallet, which is due by the end of 2026. Goal: seamless, cross-border checks with minimal data exposure.

Copenhagen’s domestic agenda moves in parallel with a proposed ban on under-15 social media use. The government will consult national parties and EU partners on the scope and enforcement. Talks in Horsens, Denmark, signalled support for stronger safeguards and EU-level verification.

The emerging compromise separates ‘how to verify’ at the EU level from ‘what age to set’ at the national level. Proponents argue this avoids fragmentation while respecting domestic choices; critics warn implementation must minimise privacy risks and platform dependency.

Next steps include expanding pilots, formalising the Commission’s mandate, and publishing impact assessments. Clear standards on data minimisation, parental consent, and appeals will be vital. Affordable compliance for SMEs and independent oversight can sustain public trust.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot.

EU nations back Danish plan to strengthen child protection online

EU countries have agreed to step up efforts to improve child protection online by supporting Denmark’s Jutland Declaration. The initiative, signed by 25 member states, focuses on strengthening existing EU rules that safeguard minors from harmful and illegal online content.

However, Denmark’s proposal to ban social media for children under 15 did not gain full backing, with several governments preferring other approaches.

The declaration highlights growing concern about young people’s exposure to inappropriate material and the addictive nature of online platforms.

It stresses the need for more reliable age verification tools and refers to the upcoming Digital Fairness Act as an opportunity to introduce such safeguards. Ministers argued that the same protections applied offline should exist online, where risks for minors remain significant.

Danish officials believe stronger measures are essential to address declining well-being among young users. Some EU countries, including Germany, Spain and Greece, expressed support for tighter protections but rejected outright bans, calling instead for balanced regulation.

Meanwhile, the European Commission has asked major platforms such as Snapchat, YouTube, Apple and Google to provide details about their age verification systems under the Digital Services Act.

These efforts form part of a broader EU drive to ensure a safer digital environment for children, as investigations into online platforms continue across Europe.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft strengthens UAE AI infrastructure

Microsoft has announced a strategic investment to enable in-country data processing for Microsoft 365 Copilot in the UAE. The service will be available to qualified UAE organisations in early 2026, hosted in Microsoft’s Dubai and Abu Dhabi cloud centres for secure, local AI processing.

The move aligns with the UAE’s ambition to become a global AI hub, supported by initiatives such as the National Artificial Intelligence Strategy 2031 and the Dubai Universal Blueprint for AI.

Government leaders emphasise that in-country AI infrastructure strengthens trust, cyber resilience, and innovation across ministries and public entities.

Collaboration with the UAE Cybersecurity Council (CSC) and the Dubai Electronic Security Center (DESC) ensures Microsoft 365 Copilot complies with national AI policies and data governance standards.

Local processing cuts latency, protects data, and supports regulated environments, allowing government stakeholders to adopt AI securely.

Microsoft and its strategic partner G42 International highlight the initiative’s broader impact on the UAE’s digital economy. The project could create 152,000 jobs and train one million UAE learners in AI by 2027, supporting a secure and innovative digital future.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Bhutan moves national ID system to Ethereum

Bhutan has moved its national ID system to the Ethereum blockchain, aiming to enhance security, transparency, and citizen control. Nearly 800,000 residents will use Ethereum to verify identities, replacing the Polygon system.

The migration of all credentials is expected to be completed by the first quarter of 2026. Ethereum co-founder Vitalik Buterin and Ethereum Foundation President Aya Miyaguchi joined Bhutan’s Prime Minister Tshering Tobgay and Crown Prince Jigme Namgyel Wangchuk at the launch ceremony.

Miyaguchi described the project as a ‘world-first’ achievement in self-sovereign digital identity.

Bhutan previously used Hyperledger Indy and then Polygon for its national ID solution, making Ethereum its third blockchain platform. The nation’s National Digital Identity and GovTech teams played key roles, supported by the local crypto community.

Other countries, including Brazil and Vietnam, have partially adopted blockchain-based identity systems.

In addition to digital IDs, Bhutan has become a significant crypto adopter. It holds 11,286 Bitcoin, worth $1.31 billion, largely mined via renewable Himalayan hydropower. The country has also met with former Binance CEO Changpeng Zhao, suggesting potential future crypto initiatives.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ethernet wins in raw security, but Wi-Fi can compete with the right setup

The way you connect to the internet matters, not just the speed, but also your privacy and security. That’s the main takeaway from a recent Fox News report comparing Ethernet and Wi-Fi security.

At its core, Ethernet is inherently more secure in many scenarios because it requires physical access. Data travels along a cable directly to your router, reducing risks of eavesdropping or intercepting signals mid-air.

Wi-Fi, by contrast, sends data through the air. That makes it more vulnerable, especially if a network uses weak passwords or outdated encryption standards. Attackers within signal range might exploit poorly secured networks.

But Ethernet isn’t a guaranteed fortress. The Fox article emphasises that security depends largely on your entire setup. A Wi-Fi network with strong encryption (ideally WPA3), robust passwords, regular firmware updates, and a well-configured router can approach the network security level of wired connections.

Each device you connect, smartphones, smart home gadgets, IoT sensors, increases your network’s exposure. Wi-Fi amplifies that risk since more devices can join wirelessly. Ethernet limits the number of direct connection points, which reduces the attack surface.

In short, Ethernet gives you a baseline security advantage, but a well-secured Wi-Fi network can be quite robust. The critical factor is how carefully you manage your network settings and devices.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Cities take on tech giants in a new diplomatic arena

In a world once defined by borders and treaties, a new kind of diplomacy is emerging, one where cities, not nations, take the lead. Instead of traditional embassies, this new diplomacy unfolds in startup hubs and conference halls, where ‘tech ambassadors’ represent cities in negotiations with powerful technology companies.

These modern envoys focus not on trade tariffs but on data sharing, digital infrastructure, and the balance between innovation and public interest. The growing influence of global tech firms has shifted the map of power.

Apple’s 2024 revenue alone exceeded the GDP of several mid-sized nations, and algorithms designed in Silicon Valley now shape urban life worldwide. Recognising this shift, cities such as Amsterdam, Barcelona, and London have appointed tech ambassadors to engage directly with the digital giants.

Their role combines diplomacy, investment strategy, and public policy, ensuring that cities have a voice in how technologies, from ride-sharing platforms to AI systems, affect their citizens. But the rise of this new urban diplomacy comes with risks.

Tech firms wield enormous influence, spending tens of millions on lobbying while many municipalities struggle with limited resources. Cities eager for investment may compromise on key issues like data governance or workers’ rights.

There’s also a danger of ‘technological solutionism’, the belief that every problem can be solved by an app, overshadowing more democratic or social solutions.

Ultimately, the mission of the tech ambassador is to safeguard the public interest in a digital age where power often lies in code rather than constitutions. As cities negotiate with the world’s most powerful corporations, they must balance innovation with accountability, ensuring that the digital future serves citizens, not just shareholders.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Microsoft ends support for Windows 10

Windows 10 support ends on Tuesday, 14 October 2025, and routine security patches and fixes will no longer be provided. Devices will face increased cyber risk without updates. Microsoft urges upgrades to Windows 11 where possible.

Windows powers more than 1.4 billion devices, with Windows 10 still widely used. UK consumer group Which? estimates 21 million local users. Some plan to continue regardless, citing cost, waste, and working hardware.

Upgrade to Windows 11 is free for eligible PCs via the Settings app. Others can enrol in Extended Security Updates, which deliver security fixes only until October 2026. ESU offers no technical support or feature updates.

Personal users in the European Economic Area can register for ESU at no charge. Elsewhere, eligibility may unlock ESU for free, or it costs $30 or 1,000 Microsoft Rewards points. Businesses pay $61 per device for year one.

Unsupported systems become easier targets for malware and scams, and some software may degrade over time. Organisations risk compliance issues running out-of-support platforms. Privacy-minded users may also dislike Windows 11’s tighter Microsoft account requirements.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

AI remakes the future of music

Asia’s creative future takes centre stage at Singapore’s All That Matters, a September forum for sports, tech, marketing, gaming, and music. AI dominated the music track, spanning creation, distribution, and copyright. Session notes signal rapid structural change across the industry.

The web is shifting again as AI reshapes search and discovery. AI-first browsers and assistants challenge incumbents, while Google’s Gemini and Microsoft’s Copilot race on integration. Early builds feel rough, yet momentum points to a new media discovery order.

Consumption defined the last 25 years, moving from CDs to MP3s, piracy, streaming, and even vinyl’s comeback. Creation looks set to define the next decade as generative tools become ubiquitous. Betting against that shift may be comfortable, yet market forces indicate it is inevitable.

Music generators like Suno are advancing fast amid lawsuits and talks with rights holders. Expected label licensing will widen training data and scale models. Outputs should grow more realistic and, crucially, more emotionally engaging.

Simpler interfaces will accelerate adoption. The prevailing design thesis is ‘less UI’: creators state intent and the system orchestrates cloud tools. Some services already turn a hummed idea into an arranged track, foreshadowing release-ready music from plain descriptions.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!