Privacy and data protection

EU renews UK data adequacy decisions until 2031

The European Commission has renewed its two adequacy decisions allowing the continued free flow of personal data between the European Union and the United Kingdom. The decision confirms that UK data protection rules remain essentially equivalent to EU standards.

The adequacy findings cover both the General Data Protection Regulation and the Law Enforcement Directive, enabling personal data to move freely between the European Economic Area and the UK without additional safeguards.

In June 2025, the Commission adopted a temporary six-month extension after the original decisions were due to expire, allowing time to assess changes introduced by the UK’s Data (Use and Access) Act.

The renewal follows a positive opinion from the European Data Protection Board and approval from EU member states through the comitology procedure, completing the formal adoption process.

The renewed decisions include a six-year sunset clause, running until December 2031. A joint review by the Commission and the European Data Protection Board is scheduled after four years.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Android botnet Kimwolf infects nearly two million smart devices

Cybersecurity researchers have identified a large Android-based botnet capable of more than distributed denial-of-service attacks, highlighting growing risks from compromised consumer devices. The botnet, dubbed Kimwolf, is estimated to control close to two million infected systems worldwide.

The findings come from QiAnXin XLab, which said Kimwolf has infected around 1.8 million devices, mainly smart TVs, set-top boxes and tablets. Most infections were observed in Brazil, India, the US, Argentina, South Africa and the Philippines.

XLab said the infection vector remains unclear, but affected devices were linked to low-cost Android-based brands used for media streaming. Researchers noted repeated attempts to disrupt the Kimwolf, with its command-and-control infrastructure taken down several times before re-emerging.

According to the report, Kimwolf has adapted by shifting to decentralised infrastructure, including the use of Ethereum Name Service domains. Analysts also identified overlaps in code and infrastructure with AISURU, a botnet linked to record-scale DDoS attacks.

Cloudflare recently described AISURU as one of the largest robot networks observed, capable of attacks exceeding 29 terabits per second. XLab said shared infrastructure suggests both botnets are operated by the same threat group.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU moves to extend child abuse detection rules

The European Commission has proposed extending the Interim Regulation that allows online service providers to voluntarily detect and report child sexual abuse instead of facing a legal gap once the current rules expire.

These measures would preserve existing safeguards while negotiations on permanent legislation continue.

The Interim Regulation enables providers of certain communication services to identify and remove child sexual abuse material under a temporary exemption from e-Privacy rules.

Without an extension beyond April 2026, voluntary detection would have to stop, making it easier for offenders to share illegal material and groom children online.

According to the Commission, proactive reporting by platforms has played a critical role for more than fifteen years in identifying abuse and supporting criminal investigations. Extending the interim framework until April 2028 is intended to maintain these protections until long-term EU rules are agreed.

The proposal now moves to the European Parliament and the Council, with the Commission urging swift agreement to ensure continued protection for children across the Union.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Civil servants and AI will work together in 2050

Public administrations worldwide are facing unprecedented change as AI reshapes automation, procurement, and decision-making. Governments must stay flexible, open, and resilient, preparing for multiple futures with foresight, continuous learning, and adaptability.

During World Futures Day, experts from the SPARK-AI Alliance and representatives from governments, academia, and the private sector explored four potential scenarios for public service in 2050.

Scenarios ranged from human-centred administrations that reinforce trust, to algorithmic bureaucracies focused on oversight, agentic administrations with semi-autonomous AI actors, and data-eroded futures that require renewed governance of poor-quality data.

Key insights highlighted the growing importance of anticipatory capacity, positioning AI as a ‘co-worker’ rather than a replacement, and emphasising the need to safeguard public trust.

Civil servants will increasingly focus on ethical reasoning, interpretation of automated processes, and cross-disciplinary collaboration, supported by robust accountability and transparent data governance.

The SPARK-AI Alliance has launched a Working Group on the Future of Work in the Public Sector to help governments anticipate and prepare for change. Its focus will be on building resilient public administrations, evolving civil-service roles, and maintaining trust in AI-enabled governance.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

TSA introduces a fee for travellers without ID

From 1 February, the US Transportation Security Administration will charge a $45 fee to travellers who arrive at airports without a valid form of identification, such as a REAL ID or passport.

A measure that is linked to the rollout of a new alternative identity verification system designed to modernise security checks.

The fee applies to passengers using TSA Confirm.ID, a process that may involve biometric or biographic verification. Even after payment, access to the secure area is not guaranteed, and the charge will remain non-refundable, valid for a period of ten days.

According to the TSA, the policy ensures that the traveller, instead of taxpayers, bears the cost of verifying insufficient identification. Officials have urged passengers to obtain a REAL ID or other approved documentation to avoid delays or missed flights.

The agency has indicated that travellers will be encouraged to pay the fee online before arrival. At the same time, further details are expected on how advance payment and verification will operate across different airports.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Google study shows teens embrace AI

Google’s new study, The Future Report, surveyed over 7,000 teenagers across Europe about their use of digital technologies. Most respondents describe themselves as curious, critical, and optimistic about AI in their daily lives.

Many teens use AI daily or several times a week for learning, creativity, and exploring new topics. They report benefits such as instant feedback and more engaging learning while remaining cautious about over-reliance.

Young people value personalised content recommendations and algorithmic suggestions, but emphasise verifying information and avoiding bias. They adopt strategies to verify sources and ensure the trustworthiness of online content.

The report emphasises the importance of digital literacy, safety, balanced technology use, and youth engagement in shaping the digital future. Participants request guidance from educators and transparent AI design to promote the responsible and ethical use of AI.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK plans ban on deepfake AI nudification apps

Britain plans to ban AI-nudification apps that digitally remove clothing from images. Creating or supplying these tools would become illegal under new proposals.

The offence would build on existing UK laws covering non-consensual sexual deepfakes and intimate image abuse. Technology Secretary Liz Kendall said developers and distributors would face harsh penalties.

Experts warn that nudification apps cause serious harm, mainly when used to create child sexual abuse material. Children’s Commissioner Dame Rachel de Souza has called for a total ban on the technology.

Child protection charities welcomed the move but want more decisive action from tech firms. The government said it would work with companies to stop children from creating or sharing nude images.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK Foreign Office hit by cyber-attack

The UK Foreign, Commonwealth and Development Office was hacked in October, according to minister Chris Bryant. Officials say there is a low risk to any individual from the breach.

Reports suggest that a Chinese group, Storm 1849, may have been involved, but Bryant cautioned that the perpetrator has not been confirmed. Tens of thousands of visa details could have been targeted, though the exact scope remains unclear.

The attack shares similarities with a 2024 campaign called ArcaneDoor, linked to state-sponsored actors. Cybersecurity experts warn that the incidents may be connected and highlight risks of large-scale data targeting.

Officials have quickly closed the vulnerability and continue to investigate the matter. Bryant emphasised that speculation is unhelpful and said the investigation could take some time to identify the responsible party.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Digital fraud declines in Russia after rollout of Cyberbez measures

Russia has reported a sharp decline in cyber fraud following the introduction of new regulatory measures in 2025. Officials say legislative action targeting telephone and online scams has begun to deliver measurable results.

State Secretary and Deputy Minister of Digital Development Ivan Lebedev told the State Duma that crimes covered by the first package of reforms, known as ‘Cyberbez 1.0’, have fallen by 40%, according to confirmed statistics.

Earlier this year, Lebedev said Russia records roughly 677,000 cases of phone and online fraud annually, with incidents rising by more than 35% since 2022, highlighting the scale of the challenge faced by authorities.

In April, President Vladimir Putin signed a law introducing a range of countermeasures, including a state information system to combat fraud, limits on unsolicited marketing calls, stricter SIM card issuance rules, and new compliance obligations for banks.

Further steps are now under discussion. Officials say a second package is being prepared, while a third set of initiatives was announced in December as Russia continues to strengthen its digital security framework.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

UK report quantifies rapid advances in frontier AI capabilities

For the first time, the UK has published a detailed, evidence-based assessment of frontier AI capabilities. The Frontier AI Trends Report draws on two years of structured testing across areas including cybersecurity, software engineering, chemistry, and biology.

The findings show rapid progress in technical performance. Success rates on apprentice-level cyber tasks rose from under 9% in 2023 to around 50% in 2025, while models also completed expert-level cyber challenges previously requiring a decade of experience.

Safeguards designed to limit misuse are also improving, according to the report. Red-team testing found that the time required to identify universal jailbreaks increased from minutes to several hours between model generations, representing an estimated forty-fold improvement in resistance.

The analysis highlights advances beyond cybersecurity. AI systems now complete hour-long software engineering tasks more than 40% of the time, while biology and chemistry models outperform PhD-level researchers in controlled knowledge tests and support non-experts in laboratory-style workflows.

While the report avoids policy recommendations, UK officials say it strengthens transparency around advanced AI systems. The government plans to continue investing in evaluation science through the AI Security Institute, supporting independent testing and international collaboration.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.