29 May – 4 June 2026
HIGHLIGHT OF THE WEEK
‘Tech Liberation Day’: EU launches tech sovereignty push
The European Commission has presented its long-awaited European Technological Sovereignty Package to strengthen Europe’s capacity in semiconductors, AI, cloud infrastructure, and open-source technologies. We examine what tech sovereignty is, what it is not, the building blocks of the package, and the context behind it.
What is technological sovereignty? A 2025 JRC report defines it as ‘Europe’s ability to develop, control and scale the critical technologies, infrastructure, services and data, including digital ecosystems, that underpin its economy, security and society, while derisking and diversifying supply chains and technological exposure to reduce strategic dependencies and resist foreign interference.’
What tech sovereignty isn’t. The Commission was explicit: Tech sovereignty is not isolation, protectionism, or tech decoupling. A technologically sovereign EU would remain integrated into the global economy but would better manage risks and opportunities stemming from global technological interdependence.
The building blocks. The package brings together two legislative proposals—the Chips Act 2.0 and the Cloud and AI Development Act (CADA)—alongside an Open Source Strategy and a Strategic roadmap for digitalisation and AI in energy.
Chips, chips, chips. The first pillar of the package focuses on semiconductors. The original Chips Act, adopted in 2023, was Europe’s response to the supply-chain shocks that exposed just how dependent global industries had become on a handful of manufacturing hubs. But the Commission now believes the challenge has evolved.
The rise of AI has transformed semiconductors from a supply-chain issue into a strategic competition. AI-related components are expected to account for more than 70% of the semiconductor market by 2030, making access to advanced chips one of the defining questions of the next decade.
Chips Act 2.0, therefore, goes beyond manufacturing capacity. Alongside support for research, innovation, and production, it introduces measures designed to stimulate demand for European chips, strengthen chip design capabilities, and encourage closer cooperation between manufacturers and the industries that rely on them.
The proposal also reflects a broader shift in thinking. The first Chips Act focused heavily on supply. The new version recognises that supply and demand are interconnected. If Europe wants a stronger semiconductor industry, it needs European customers willing—and able—to buy European chips.
Building Europe’s cloud. The Cloud and AI Development Act seeks to address what Brussels increasingly sees as one of Europe’s biggest weaknesses: a shortage of computing capacity. As AI systems become larger and more resource-intensive, access to data centres and cloud services is becoming as strategically important as access to energy or transportation infrastructure. Yet Europe remains heavily dependent on foreign providers, particularly US hyperscalers.
That dependence raises economic questions, but it also raises political and legal ones. European governments are increasingly uncomfortable with the idea that critical services, sensitive data, and key parts of the digital economy rely on infrastructure operating under foreign jurisdictions.
The Commission’s answer is ambitious. CADA aims to triple Europe’s data-centre capacity over the next five to seven years while creating a framework to assess the sovereignty of cloud and AI services based on factors such as infrastructure location, supply-chain control, and cybersecurity.
Open source enters the sovereignty debate. For years, open source was discussed primarily in terms of innovation, collaboration, and software development. The Commission is now framing it as a sovereignty issue.
The argument is simple enough. Europe is home to more than three million open-source contributors and hundreds of companies built around open-source technologies. Yet public administrations and businesses continue to spend vast sums on proprietary digital products and services, many of them provided by companies outside Europe. At the same time, European developers often contribute to projects whose economic value is ultimately captured elsewhere.
Brussels sees an opportunity to change that. The strategy aims to support European open-source alternatives in areas such as cloud services, AI, cybersecurity, semiconductors, and digital identity. It also seeks to address some of the long-standing challenges facing the ecosystem, including limited funding, difficulties scaling successful projects, and the often-overlooked problem of maintaining critical software once the initial development work is complete.
No digital sovereignty without energy sovereignty. There is another reality shaping Europe’s digital ambitions: AI requires enormous amounts of electricity. As policymakers race to build more data centres, they are also confronting the question of how those facilities will fit into Europe’s energy system. According to the Commission, data centres already consume enough electricity to power nearly 20 million European households, and demand is expected to more than double by 2030.
The Strategic Roadmap for Digitalisation and AI in Energy seeks to ensure that expanding digital infrastructure does not overwhelm Europe’s energy transition. It promotes closer coordination among energy operators, public authorities, and data centre providers while encouraging the deployment of smart grids, smart meters, and AI-driven energy management systems.
The wider context. The backdrop is a growing concern that Europe has become too dependent on technologies and services controlled elsewhere. The Commission estimates that the EU relies on non-EU providers for more than 80% of its digital products, services, and infrastructure. In cloud computing, three non-European hyperscalers account for more than 70% of the market, while Europe’s own share has steadily declined.
For years, these dependencies were largely seen as the inevitable consequence of globalisation. European businesses gained access to cutting-edge technologies, consumers benefited from competitive services, and policymakers paid little attention to who controlled the underlying infrastructure.
That calculus has changed. The past few years have seen a sharp increase in export controls, investment restrictions, supply-chain disruptions, and efforts by major powers to use their technological advantages as geopolitical leverage. What was once seen as healthy interdependence increasingly looks like—and is—a vulnerability.
The Commission’s response is straightforward. The goal is not to shut down foreign providers. It is the ability to make choices, manage risks, and avoid finding itself locked into dependencies that others can exploit. Europe does not need to produce everything itself, but it wants greater control over the technologies and infrastructure on which its economy depends. Whether that balance can be maintained will be one of the most closely watched aspects of the proposal.
But, can Europe deliver? Europe has become increasingly good at identifying strategic problems. Turning that diagnosis into industrial capacity has proven more difficult. The Commission is asking Europe to build more chips, more cloud infrastructure, more open-source alternatives, and more AI capacity. None of that will happen overnight. The legislative proposals must still pass through the European Parliament and the Council. Significant investment gaps remain. And competitors are not standing still. The harder question is whether Europe can move quickly enough to close the gap.
IN OTHER NEWS LAST WEEK
AI governance
The UN. The UN Office for Digital and Emerging Technologies (ODET) has launched the AI Governance for Humanity Lab in Valencia to strengthen international cooperation on AI governance. The Lab will focus on improving interoperability between national and regional governance frameworks and supporting practical implementation across regions and sectors. Its work will include network mobilisation, comparative policy analysis, and the development of cooperative tools for AI governance.
G7. The G7 Digital and Technology Ministers agreed on a set of priorities covering secure AI, AI openness, digital sector resilience and online safety for minors following a meeting in Paris under France’s presidency. The ministers committed to advancing secure, responsible, and trustworthy AI by continuing to implement the Hiroshima AI Process and its reporting framework, while broadening international participation and cooperation in AI risk assessment and governance. They plan to launch discussions to improve the comparability of AI evaluation frameworks, promote the adoption of AI procurement guidelines in the public sector, and strengthen collaboration on detecting AI-generated content, including through the development of synthetic-content detection tools. To boost AI adoption, they called for clearer principles on AI openness, greater support for AI literacy and skills development, and targeted measures to help SMEs adopt AI, including a new G7 SME AI Readiness Tool and expanded access to training resources.
The OECD. The Organisation for Economic Co-operation and Development (OECD) has launched the AI Policy Toolkit, a practical guide intended to help governments translate AI principles into policy action. The toolkit is intended to help governments identify policy priorities, compare international approaches and adapt guidance to national circumstances. The platform incorporates AI-powered semantic search to help users identify relevant policy examples and practical approaches drawn from real-world experience.
The EU. The European Commission has appointed two new expert bodies to support the implementation and enforcement of the EU’s AI Act. The Scientific Panel and Advisory Forum will provide independent expertise to the Commission’s AI Office and national authorities responsible for supervising compliance with the regulation. The panel will focus on general-purpose AI (GPAI) models and systems, systemic risk assessment, model classification, evaluation methodologies, and cross-border market surveillance. The forum will bring together representatives from academia, civil society, industry, startups and SMEs and provide technical advice on implementation challenges, standardisation efforts, and broader issues related to the enforcement of the AI Act.
The USA. US President Donald Trump has issued an executive order aimed at strengthening US cybersecurity through closer cooperation with the AI industry while preserving a light-touch approach to AI regulation to maintain American technological leadership. The order directs federal agencies to accelerate the protection of government networks, expand access to AI-enabled cybersecurity tools, and improve support for critical infrastructure operators, including hospitals, banks, and utilities. The order also establishes a voluntary AI cybersecurity clearinghouse to coordinate vulnerability discovery and patching efforts across government and industry. In addition, federal authorities will develop a classified process for assessing advanced AI systems and identifying “covered frontier models” with significant cyber capabilities. Developers will be encouraged, but not required, to provide the government with early access to such models before wider release.
Canada. Canada has launched AI for All, a national strategy to accelerate AI adoption while strengthening digital sovereignty and positioning the country as a leading AI economy. The strategy rests on three pillars: trust, opportunity, and sovereignty. On trust, Canada plans to modernise digital legislation, strengthen data protection, address risks such as deepfakes and surveillance pricing, introduce online safety rules, and expand the Canadian AI Safety Institute. On opportunity, it will roll out a national AI literacy initiative, support SMEs and worker reskilling, provide access to AI tools for students, and launch sectoral “AI Missions,” including a flagship health programme focused on diagnostics and system efficiency.
On sovereignty, the plan prioritises domestic AI infrastructure—covering compute, cloud, connectivity, data, and talent—through investments in a national AI supercomputer, sovereign cloud capacity, improved financing for AI firms, strategic procurement, and expanded talent programmes.
Australia. Australia has launched an AI safety institute, aiming to analyse and test new AI models and applications, support regulators and agencies in responding to emerging AI harms, and shape safe AI development, deployment and international governance in Australia’s interests.
The UK. The UK’s signals intelligence agency GCHQ has announced plans to develop an AI-powered national cyber defence capability that would use autonomous software agents to identify and respond to cyber threats at machine speed. Speaking publicly, GCHQ director Anne Keast-Butler described the initiative as a ‘blueprint for a new national cyber defence capability’ to be operational within five years. The programme would apply agentic AI to monitor and protect critical sectors, including energy, water, healthcare, transport, and financial services.
India-South Africa. India and South Africa have agreed to strengthen bilateral cooperation in emerging technologies, with AI, digital infrastructure and advanced manufacturing identified as key areas for future collaboration. Discussions covered biotechnology, genomics, vaccine development, health technologies, renewable energy, hydrogen, advanced manufacturing and digital innovation. The two countries also explored opportunities to deepen cooperation in quantum technologies, geospatial technologies and digital infrastructure.
The UK-France. The UK and France have launched a science and technology partnership focused on applying AI, advanced imaging, and data science to major healthcare challenges, including women’s health, infectious diseases, and antimicrobial resistance.
Cybersecurity: Attack and defend
Germany’s federal cabinet has approved draft legislation that would expand cyber defence capabilities for three federal agencies, the Federal Office for Information Security (BSI), the Federal Criminal Police Office (BKA), and the Federal Police (Bundespolizei). Authorities would be able to block or disrupt software and server infrastructure used in cyberattacks, including systems located outside Germany. The BSI would also receive expanded authority to collect, store, and analyse data to detect activities indicative of attack preparation.
This reflects a broader international trend where cyber operations are becoming more proactive, but defence is only one side of the coin.
In parallel, reporting suggests that the USA is exploring the use of advanced AI systems in offensive cyber operations. According to media reports, the US National Security Agency (NSA) may be using Anthropic’s Claude Mythos model to support cyber operations, with Anthropic reportedly deploying Forward Deployed Engineers to assist integration and deployment. The model is described as highly capable in vulnerability discovery and cyber exploitation scenarios, raising questions about the dual-use nature of frontier AI systems and their role in both defence and offensive planning.
While Germany and the USA focus on hardening state-level cyber power, efforts elsewhere are persisting in defending vulnerable users: children. Malaysia started banning children under 16 from creating social media accounts on 1 June. Major platforms such as Facebook, Instagram, TikTok, and YouTube have been required to verify users’ ages against government records, with penalties of up to 10 million ringgit (around US$2.5 million) for non-compliance. Existing users will be subject to age verification checks during a 6-month transition period.
Meanwhile, Sweden is also considering a social media ban for young users. In an interim report submitted to the Minister of Social Affairs, government investigators appointed last year have recommended that under-15s be banned from platforms that enable users to discover, connect with, and communicate with each other, or where content can be shared or discovered.
Both moves reflect a growing consensus that unmediated access to social media carries risks for younger populations, and that age verification is becoming a regulatory baseline.
That consensus finds its most formal expression at the multilateral level. The G7 Digital and Technology Ministers agreed on a Common Set of Principles defining a safer and more secure digital space for minors. The ministers emphasise effective age assurance, safety-by-design platform features, including default protections, parental controls, and recommendation systems that limit exposure to harmful or addictive content. They also call for strong prevention and enforcement against severe harms such as child sexual abuse material and non-consensual intimate imagery, including AI-generated forms, alongside better support for victims. In parallel, they emphasise empowering parents with usable control tools, strengthening digital and AI literacy for minors, improving transparency and user control over data, and ensuring platforms systematically assess, mitigate, and report risks. The principles also stress coordinated action between governments, industry, researchers, educators, and civil society.
China updates trade secret protection rules to include digital assets
China has updated its trade secret protection rules to explicitly include digital assets such as data, algorithms, software code, and computer programs. The new framework, in force since 1 June 2026, modernises rules from 1995 and strengthens requirements for corporate safeguards, including confidentiality agreements, employee training, access controls, encryption, and data management practices. It also introduces detailed provisions for digital and remote work environments, encouraging tools such as permission-based access, data masking, and activity logging, while explicitly banning illicit methods, such as hacking, fraud, and unauthorised system access to obtain trade secrets. The rules further extend protection to overseas infringements that affect China’s domestic market or the rights of Chinese companies.
Why does it matter? It gives Chinese companies a stronger legal shield to protect AI algorithms, software code, and data from foreign espionage or theft, especially amid US-China tech decoupling. It also signals Beijing’s intent to enforce economic security laws extraterritorially, potentially triggering cross-border legal disputes and raising compliance risks for multinational firms operating in or with China.
France fines Shein over consumer protection breaches
France’s consumer watchdog has imposed two administrative fines on companies linked to Shein after finding consumer protection and environmental disclosure breaches on the retailer’s French website.
The Directorate General for Competition, Consumer Affairs and Fraud Control said an investigation carried out in 2025 on fr.shein.com found failures linked to the right of withdrawal, environmental product information, and order confirmation requirements.
Infinite Styles Ecommerce Co Limited, the seller of Shein-branded products on the French site, was fined €5.76 million. The investigation found that consumers were unable to cancel purchases under the legally required withdrawal procedures. It also found missing information on product traceability and the presence of plastic microfibres in certain textile products. The watchdog said consumers must be informed when textiles containing more than 50% synthetic fibres release plastic microfibres into the environment during washing.
A second company, Infinite Styles Services Co Limited, which operates fr.shein.com, was fined €16.73 million for non-compliant order confirmations. The DGCCRF said confirmations sent to consumers were missing mandatory information, including the price of goods, delivery dates or deadlines, seller identity and contact details, legal guarantees, mediation options, and withdrawal forms and rights. French authorities said the missing information weakened consumer protection by making it harder for customers to exercise rights such as cancelling purchases or seeking refunds.
Reminder. In February, France announced it would step up its pushback against ultra-low-cost online retailers, with Minister for Small and Medium Enterprises, Trade, Crafts, Tourism, and Purchasing Power Serge Papin declaring 2026 a ‘year of resistance’ to platforms such as Shein. The government argues that physical French shops face strict rules and liability, while global online marketplaces operate under looser standards, creating unfair competition. The latest fines are in line with this policy.
Russia orders safeguards for essential services during mobile internet shutdowns
Russian President Vladimir Putin has instructed the government and the FSB to ensure uninterrupted access to essential medical, information, and payment services during periods of restricted mobile internet in Russia.
The move sits within a broader pattern of intermittent mobile internet disruptions, expanding app bans, and tighter controls on VPN use and foreign platforms. Previous reporting has documented how connectivity disruptions in major cities, including Moscow, have led residents to rely on offline or low-tech alternatives such as paper maps, walkie-talkies, and older messaging devices to maintain coordination during outages.
Prime Minister Mikhail Mishustin and FSB Director Alexander Bortnikov are to report back on their progress by 1 July.
LAST WEEK IN GENEVA
The WTO organised the Trade and Environment Week 2026 from 1–5 June 2026 at the WTO Headquarters in Geneva and online. The 2026 event included sessions on topics such as eco-design and digital product passports, carbon accounting and emissions standards, trade in environmental goods and services, biodiversity, climate-related border measures, fossil fuel subsidy reform, and the role of trade in supporting global climate action.
The 114th International Labour Conference convened in Geneva from 1–12 June 2026, bringing together governments, employers, and workers from ILO member states. The agenda included standard-setting discussions on decent work in the platform economy, a general discussion on advancing gender equality in the world of work, and oversight of the implementation of international labour standards. Delegates also considered programme, budget, and institutional matters, including supervisory reports and procedural questions.
Geneva in Action: Scaling School Connectivity Worldwide (Part II) was held on 3 June at the Giga Connectivity Centre in Geneva. Co-hosted with Diplo, the 75-minute session brought together Geneva-based organisations and government officials participating in the Giga Learning Hub. The discussion focused on scaling school connectivity within broader digital transformation and e-government reforms, with emphasis on national ownership, global frameworks, and the balance between digital sovereignty and locally adapted technology solutions.
READING CORNER
Why do advanced LLMs fail at basic math and logic? Explore an engineering perspective on the return of deterministic AI and why the future of digital governance and industry lies in hybrid systems that combine symbolic reasoning with natural language interfaces.
DON’T MISS
Follow the road to the 2027 Geneva AI Summit, a global journey shaping AI’s future. Bookmark the page and register for updates to stay informed and involved every step of the way to Geneva 2027.