The European Commission has extended the deadline for mandatory cybersecurity requirements targeting wireless and connected devices sold within the EU.
Under the Delegated Act (2022/30) of the Radio Equipment Directive, manufacturers must embed robust security features to guard against risks such as unauthorised access and data breaches. The rules will now take effect from 1 August 2025.
A broad range of products will be affected, including mobile phones, tablets, cameras, and telecommunications devices using radio signals.
Internet of Things (IoT) items—such as baby monitors, smartwatches, fitness trackers, and connected industrial machinery—also fall within the scope. Any device capable of transmitting or receiving data wirelessly may be subject to the new requirements.
The deadline extension aims to give manufacturers additional time to adopt harmonised standards and integrate cybersecurity into product design. The Commission emphasised the importance of early action to avoid compliance issues when the rules become binding.
Despite the grace period, businesses are urged to act now by reviewing development cycles and addressing potential vulnerabilities well ahead of the implementation date.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The US National Telecommunications and Information Administration (NTIA) has issued a series of policy recommendations in response to the Federal Communications Commission’s (FCC) proposed rule changes concerning submarine cable security. First, the NTIA urges the FCC to avoid imposing redundant licensing and reporting requirements that are already addressed through existing interagency mechanisms, particularly those managed by the Committee for the Assessment of Foreign Participation in the US Telecommunications Services Sector.
It recommends that the FCC rely on existing security review processes, streamline reporting obligations, and adopt a more efficient certification model, such as allowing ‘no-change’ certifications for licensees when no material updates have occurred since the previous review. The NTIA also strongly advises against shortening the current 25-year license term for submarine cables.
Reducing it to 15 years would not only create regulatory uncertainty but could also harm investment incentives and deter long-term infrastructure development in the US. The agency further warns that increasing the frequency and scope of periodic reviews, such as the FCC’s proposal for a three-year reporting requirement, could place a significant compliance burden on US firms without providing proportional national security benefits.
In terms of regulatory language, the NTIA recommends that the FCC use more legally precise terms, suggesting ‘areas beyond the limits of national jurisdiction’ instead of ‘international waters,’ in alignment with the UN Convention on the Law of the Sea. Additionally, NTIA calls for a whole-of-government approach to the oversight of submarine cables, encouraging better coordination between the FCC, Team Telecom, and other executive branch agencies.
NTIA’s recommendations aim to protect national security without hindering innovation or growth. Acting as a key link between government and industry, it supports streamlined, consensus-based policies that enhance security while encouraging investment.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
City officials announced on Monday that Bangkok has joined forces with Google in a new effort to ease its chronic traffic congestion and reduce air pollution. The initiative will rely on Google’s AI and significant data capabilities to optimise traffic signals’ response to real-time driving patterns.
The system will analyse ongoing traffic conditions and suggest changes to signal timings that could help relieve road bottlenecks, especially during rush hours. That adaptive approach marks a shift from fixed-timing traffic lights to a more dynamic and responsive traffic flow management.
According to Bangkok Metropolitan Administration (BMA) spokesman Ekwaranyu Amrapal, the goal is to make daily commutes smoother for residents while reducing vehicle emissions. He emphasised the city’s commitment to innovative urban solutions that blend technology and sustainability.
Residents are also urged to report traffic problems via the city’s Traffy Fondue platform, which will help officials address specific trouble spots more quickly and effectively.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
X, formerly known as Twitter, has resumed normal operations for most users following a global outage early Friday.
Reports of the disruption surged shortly after 8AM ET, before rapidly declining within the hour. NetBlocks confirmed the outage was not linked to any national internet restrictions.
The incident followed a fire earlier in the week at a data centre in US Oregon reportedly owned by X.
Sources cited by Wired indicated that the blaze involved backup batteries and required a prolonged emergency response. Users had already reported problems in the days prior.
Although service has stabilised, the X developer status page still notes degraded performance with login features.
We're still experiencing issues from yesterday's data center outage. Login and signup services are unavailable for some users, and there may be delays in notifications and Premium features.
Our team is working 24/7 to resolve this. Thanks for your patience—updates soon.
Microsoft has come under scrutiny after the Associated Press reported that the company blocked the email account of Karim Khan, Chief Prosecutor of the International Criminal Court (ICC), in compliance with US sanctions imposed by the Trump administration.
While this ban is widely reported, Microsoft, according to DataNews, strongly denied this action, arguing that ICC moved Khan’s email to the Proton service. So far, there has been no response from the ICC.
Legal and sovereignty implications
The incident highlights tensions between US sanctions regimes and global digital governance. Section 2713 of the 2018 CLOUD Act requires US-based tech firms to provide data under their ‘possession, custody, or control,’ even if stored abroad or legally covered by a foreign jurisdiction – a provision critics argue undermines foreign data sovereignty.
That clash resurfaces as Microsoft campaigns to be a trusted partner for developing the EU digital and AI infrastructure, pledging alignment with European regulations as outlined in the company’s EU strategy.
Broader impact on AI and digital governance
The controversy emerges amid a global race among US tech giants to secure data for AI development. Initiatives like OpenAI’s for Countries programmes, which offer tailored AI services in exchange for data access, now face heightened scrutiny. European governments and international bodies are increasingly wary of entrusting critical digital infrastructure to firms bound by US laws, fearing legal overreach could compromise sovereignty.
Why does it matter?
The ‘Khan email’ controversy makes the question of digital vulnerabilities more tangible. It also brings into focus the question of data and digital sovereignty and the risks of exposure to foreign cloud and tech providers.
DataNews reports that the fallout may accelerate Europe’s push for sovereign cloud solutions and stricter oversight of foreign tech collaborations.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The Federal Communications Commission (FCC) has implemented new policies aimed at strengthening the security of the United States’ communications infrastructure against foreign threats. These policies expand the FCC’s authority to prohibit the authorisation of communications equipment from companies identified as national security risks, including Huawei, ZTE, Hytera, Hikvision, and Dahua.
Additionally, the FCC now has the power to revoke previously granted equipment authorisations if a company is later added to the ‘covered list.’ The scope of these regulations has also broadened to cover not only core network infrastructure but also a wide range of devices such as routers, switches, and consumer electronics, thereby reducing vulnerabilities and protecting against foreign interference.
US telecom companies must comply by replacing equipment from covered vendors, which may involve significant costs. While this transition poses challenges, the FCC stresses minimal short-term impact on consumers and highlights the long-term security benefits.
The agency also has enforcement powers, including fines, to ensure compliance. Going forward, the FCC will keep monitoring threats and update its policies as needed.
It will also work with government and international partners to strengthen cybersecurity efforts, showing its commitment to protecting critical communications infrastructure.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Chadian authorities have unveiled a set of strategic policies aimed at strengthening the country’s digital infrastructure and reducing its dependence on Cameroon for international internet connectivity. Central to these reforms is the establishment of Internet Exchange Points (IXPs) in major cities to enhance local traffic handling and reduce latency.
Additionally, the government plans to create redundant international links with neighbouring countries such as Libya, Algeria, and Nigeria. These policies are designed to diversify connectivity routes, bolster digital resilience, and support Chad’s long-term goal of achieving greater digital sovereignty.
These initiatives come in response to persistent vulnerabilities in the country’s current connectivity framework. Chad, being landlocked, lacks direct access to submarine cables and relies heavily on a single route through Cameroon.
The dependence has led to frequent service disruptions, including a major 24-hour outage in October and a recent suspension of connectivity due to unpaid dues. The country also faces challenges such as uneven fibre optic coverage, high access costs, and limited interconnection between networks, all of which have negatively impacted the quality and reliability of internet services.
By pursuing these reforms, Chadian authorities aim not only to stabilise and modernise the national digital infrastructure but also to integrate more effectively into regional projects like the Trans-Saharan Optical Fibre Backbone, which includes Algeria and Nigeria.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The Nigerian government has taken decisive action to address the persistent problem of vandalism and theft of telecom infrastructure by declaring telecom infrastructure as Critical National Information Infrastructure (CNII). That designation aims to provide stronger legal protection and prioritise the security of telecom assets, which are vital to the country’s information and communication networks.
Building on this policy framework, IHS Nigeria has formed a strategic partnership with the Nigeria Security and Civil Defence Corps (NSCDC) to operationalise these protections and enhance the security of telecom infrastructure nationwide. Through a Memorandum of Understanding (MoU), both organisations will collaborate to develop and implement strategies designed to safeguard IHS Nigeria’s extensive assets, including over 16,000 telecom towers and more than 15,000 kilometres of fibre optic cables.
Under the partnership, the NSCDC will provide support in areas such as site surveillance, emergency response, incident reporting, and assistance with tower decommissioning. The agency will also take on responsibilities to investigate, apprehend, and prosecute individuals involved in vandalism or theft of telecom infrastructure.
The collaboration is expected to create a safer environment for telecom operations, ultimately improving the resilience, reliability, and quality of connectivity services across Nigeria. Despite these efforts, vandalism remains a major challenge.
Airtel Nigeria and MTN Nigeria report 40 to 43 daily fibre cuts, many caused by theft and sabotage. The IHS Nigeria–NSCDC partnership is a crucial step to reduce these disruptions and protect critical telecom infrastructure.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
The Ugandan Communications Commission (UCC), together with major telecom operators including MTN Uganda, Airtel Uganda, and ATC Uganda, has launched a national anti-vandalism campaign named ‘Tokigeza’ (meaning ‘Do not do it’) to combat the rising problem of telecom infrastructure vandalism. The three-month initiative aims to raise public awareness and mobilise communities to protect vital telecom assets.
The campaign employs a multi-channel approach involving radio, television, and digital media outreach, as well as grassroots engagement through schools, local meetings, landowners, law enforcement, and boda-boda (motorcycle taxi) drivers. Alongside the campaign, stakeholders call for stronger laws and better enforcement to combat vandalism.
Proposed measures include tougher penalties, tighter scrap metal trade controls, and linking telecom surveillance with national police monitoring. A cross-agency task force is also proposed.
The government supports these moves, with Ugandan President backing the classification of telecom towers as Critical National Infrastructure (CNI) and pushing for harsher penalties by treating vandalism as economic sabotage. The Ministry of ICT stresses the need for public-private cooperation to protect ICT infrastructure as Uganda’s digital network grows.
Despite these efforts, no formal timeline exists for legal reforms, and there are doubts about whether CNI status alone will stop vandalism. Nigeria’s experience shows that even with such classification, sabotage, especially of fibre optic cables, continues. Uganda will need sustained and coordinated action to protect its telecom infrastructure effectively.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Cybersecurity experts are warning of a rapid and highly advanced phishing campaign that targets Meta and PayPal users with instant account takeovers. The attack exploits Google’s AppSheet platform to send emails from a legitimate domain, bypassing standard security checks.
Victims are tricked into entering login details and two-factor authentication codes, which are then harvested in real time. Emails used in the campaign pose as urgent security alerts from Meta or PayPal, urging recipients to click a fake appeal link.
A double-prompt technique falsely claims an initial login attempt failed, increasing the likelihood of accurate information being submitted. KnowBe4 reports that 98% of detected threats impersonated Meta, with the remaining targeting PayPal.
Google confirmed it has taken steps to reduce the campaign’s impact by improving AppSheet security and deploying advanced Gmail protections. The company advised users to stay alert and consult their guide to spotting scams. Meta and PayPal have not yet commented on the situation.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
