22 – 26 June 2026
HIGHLIGHT OF THE WEEK
Quantum sandcastles: The US races to turn theory into power
The USA is accelerating its push into quantum technologies, with President Donald Trump signing two executive orders at the beginning of the week.
The first order (EO 1142) seeks to speed up the migration of government systems to post-quantum cryptography, with key systems expected to transition by 2030 or 2031. The administration argues that current encryption standards could eventually be broken by sufficiently powerful quantum computers, creating long-term risks for government, financial, and critical infrastructure systems.
The second order (EO 1143) directs federal agencies, research institutions, and industry partners to work towards a quantum computer capable of conducting advanced scientific research within the next two years. The order also promotes the deployment of quantum sensors and quantum networks, with agencies tasked to develop five-year plans for commercial, scientific, and space applications. It also seeks to strengthen domestic quantum supply chains by expanding manufacturing capacity, supporting quantum-enabling technologies, encouraging private-sector investment, and reducing dependence on foreign suppliers.
The headline goal of achieving a powerful quantum computer by 2028 is ambitious and uncertain. The more immediate impact may come from the push toward post-quantum cryptography. On the international level, the orders could intensify international discussions on standards, export controls, and security frameworks for quantum technologies.
Why does it matter? The announcement is just the latest development that shows that governments are preparing for a future in which quantum technologies are no longer a distant possibility but an emerging strategic capability. Governments are investing in regulation, standards, security, and migration planning – data shows governments worldwide committing more than €43 billion in dedicated public funding in 2026. Even if the technical timelines prove optimistic, the policy response is already underway, a rare thing in the tech sector.
IN OTHER NEWS LAST WEEK
AI governance
The UN. UN Secretary-General António Guterres has called on AI companies to publicly disclose the environmental impact of their operations, including carbon emissions, water consumption, and land use. Guterres also called on AI firms to commit to powering their facilities entirely from renewable sources such as wind and solar by 2030, though existing clean energy commitments from major tech companies have already been complicated by the rapid pace of AI deployment.
The EU. The European Commission has signed the Pax Silica Declaration on behalf of the EU, joining an international initiative focused on AI security and resilient silicon supply chains. The EU’s signature follows the adoption of the European Technological Sovereignty Package, which includes Chips Act 2.0 and measures to strengthen Europe’s capacity in semiconductors, AI, cloud and open-source technologies.
Estonia. Estonia is moving forward with plans to create official digital identities for AI agents, a move that could make it the first country to establish a formal framework for AI systems acting on behalf of individuals and organisations. Officials argue that digital identities for AI could prevent users from granting excessive access to personal data and services while supporting the growing use of AI across the economy.
Indonesia. A draft presidential regulation outlines plans to integrate AI across key government programmes as part of a broader AI roadmap for 2026–2029. The policy positions AI as a tool for administrative efficiency, service optimisation and economic growth, with projected GDP gains of up to 12% by 2030 if implementation succeeds at scale. The framework proposes using AI in the free-meal scheme to design region-specific menus, forecast demand, monitor kitchen hygiene, detect irregularities and integrate health data for early warning systems. It also extends to public health functions such as disease screening and monitoring. A proposed sovereign AI fund under Danantara would support implementation, alongside fiscal incentives for research and talent development. Government agencies would be required to report AI-related risks, including deepfakes, biometric misuse and intellectual property violations.
Norway. The government has introduced a near-ban on the use of AI in elementary education, restricting AI use for pupils aged 6 to 13 and setting stricter limits across lower school levels. Prime Minister Jonas Gahr Stoere said the measures are intended to prevent children from bypassing essential learning processes in reading, writing and mathematics through early reliance on AI tools. However, pupils in lower secondary school (ages 14–16) may use AI tools only cautiously and under teacher supervision, while upper secondary students (ages 17–19) are expected to develop appropriate AI literacy to prepare for further study and the labour market.
Child online protection
This week, several governments moved toward direct limitations on device and platform use in education and early adolescence.
Czech Prime Minister Andrej Babis stated that the Czech government is preparing a nationwide ban on mobile phones in schools from September 2027. A government-appointed panel in Germany recommended a social media ban for under-13s and tiered protection standards for the 13–16 and 16–18 age groups, seeking to shield young people from online risks without excluding them from digital spaces entirely.
The approval of Spain’s Law for the Protection of Minors in Digital Environments is expected in autumn 2026. Measures in the bill include mandatory parental control systems for mobile devices, rules on loot boxes in video games and on platforms, and requirements for schools to regulate the use of mobile phones and digital devices. The proposal would also introduce criminal law changes covering digital violence. These include penalties restricting aggressors from contacting victims online, offences linked to making pornography indiscriminately available to minors, and criminalisation of sexual or seriously degrading deepfakes. Large audiovisual service providers and major influencers would also be required to provide reporting channels for inappropriate content, inform users about content that may harm minors, use effective age verification systems and separate pornographic or violent content from other material.
In the USA, Meta is pushing lawmakers to include legal protections in the Kids Online Safety Act that would largely shield the company from lawsuits alleging harm to children on platforms such as Instagram. The proposal would shift liability into a federal framework and preempt many state-level claims. Meta argues it is seeking a consistent national standard rather than broad immunity, but critics warn the measure could effectively derail existing and future lawsuits over children’s online safety.
The legal pressure on platforms continues elsewhere. Google’s YouTube has settled a social media addiction lawsuit brought by a 15-year-old in Florida, who alleged that YouTube and other platforms deliberately designed their services to be addictive and harmful to young users. The settlement adds to a growing wave of litigation linking social media design to children’s mental health.
Across the Atlantic, the European Commission is reportedly preparing to escalate its own scrutiny of Meta. According to reports, Brussels is set to issue preliminary findings claiming that Facebook and Instagram are using addictive and exploitative design practices to keep children engaged.
Why does it matter? Children’s online protection has become one of the defining digital policy issues of the past year, and nothing indicates that that momentum is slowing. The simultaneous push for new legislation, tougher enforcement, and private litigation leaves platforms under pressure from all sides. Even as companies seek greater legal certainty, policymakers appear increasingly determined to hold them accountable for how their products are designed and used by children.
Submarine cables on a Thursday
Washington and Brussels took different approaches to the same challenge this Thursday: protecting submarine cables, the largely invisible infrastructure that carries almost all of the world’s internet traffic.
In the USA, the Federal Communications Commission (FCC) voted to tighten oversight of submarine communications cables, introducing a more restrictive licensing regime for submarine line terminal equipment — the systems that connect undersea cables to terrestrial networks. For the first time, operators of this equipment will require FCC licences, a move designed to give regulators greater visibility and control over the most sensitive chokepoints in cable infrastructure.
The framework is also explicitly tilted toward national security screening, making it harder for Chinese-linked companies to supply equipment or participate in high-risk deployments. At the same time, the FCC is streamlining approvals for US technology firms, including major platforms such as Meta and Alphabet, which are expanding their undersea cable portfolios to meet rising global bandwidth demand.
Across the Atlantic, the European Commission is taking a more infrastructure-centric approach. It has announced €8.3 million to establish regional hubs tasked with monitoring and repairing subsea cables, alongside a broader €40 million call for proposals to strengthen repair capacity in the Mediterranean and Atlantic basins.
The new hubs will be split between two regional clusters: the Baltic Sea hub, coordinated by Finland with Denmark, Estonia, Germany, Latvia and Sweden, and a Mediterranean hub led by Italy with participation from Cyprus, Greece and Malta. The Commission’s stated aim is to detect and prevent threats to subsea infrastructure while also reducing repair latency, a known vulnerability in cable systems where outages can take weeks to resolve, depending on ship and parts availability.
The initiative comes amid heightened concern over damage to cables in the Baltic Sea, which EU officials and several member states have linked to hybrid threats and suspected sabotage operations in the context of the war in Ukraine.
Why does it matter? Carrying around 99% of international internet traffic, subsea cables are essential to economic security, national defence, and digital sovereignty. As geopolitical tensions rise, governments are paying as much attention to who builds, operates, and repairs them as to the data flowing through them.
EU targets AWS and Azure cloud computing services under the DMA
The European Commission has informed Amazon and Microsoft of its preliminary view that their cloud computing services, Amazon Web Services and Microsoft Azure, should be designated as gatekeepers under the Digital Markets Act.
The Commission opened market investigations into AWS and Azure in November 2025. It has now been provisionally concluded that both services act as important gateways between businesses and customers in the EU, despite not meeting the DMA’s standard quantitative thresholds.
What’s next? Amazon and Microsoft now have the opportunity to examine the investigation files and respond to the preliminary findings. If the Commission confirms its assessment, AWS and Azure would be designated as gatekeepers, and the companies would have six months to comply with DMA obligations.
Bank of England drops stablecoin holding limits in revised framework
The Bank of England has revised its proposed regulatory approach for sterling-denominated systemic stablecoins, removing planned individual holding limits and introducing a temporary £40 billion issuance guardrail for each systemic stablecoin.
The policy statement and draft Code of Practice set out how the Bank intends to regulate stablecoin issuers that become systemic because their use in payments could pose risks to UK financial stability. The final Code of Practice is expected by the end of 2026.
The Bank said it had changed its approach following industry feedback on two key issues: backing asset composition and holding limits. Earlier proposals would have imposed individual limits of £20,000 per coin for individuals and £10 million for businesses, with possible exemptions.
Instead, the Bank now plans to use a temporary issuance guardrail, initially set at £40 billion per systemic stablecoin. The Bank said the approach would be simpler to implement while still managing credit risks as stablecoins scale.
EDPB adopts common data breach notification template
The European Data Protection Board adopted a common template for GDPR data breach notifications, aiming to simplify compliance and improve consistency across the EU. The template is designed to help organisations and data protection authorities structure breach reports under Article 33 of the GDPR, with predefined fields and guidance intended to reduce administrative burdens.
This is a technical change, but a meaningful one. Data breach notification is one of the practical mechanisms through which privacy law becomes operational. Fragmented national practices can make compliance harder, especially for organisations operating across several EU countries. A shared template may support more predictable enforcement, faster reporting, and better incident comparison across jurisdictions.
LAST WEEK IN GENEVA
UNIDIR launches a Centre of Excellence on AI, Peace and Security
UNIDIR has launched a Centre of Excellence on AI, Peace and Security in Geneva to address gaps in the governance of AI in the peace and security domain.
While AI has become a priority across international policy forums, efforts remain fragmented across regions and institutions, precisely the gap the centre aims to address. It is designed as a permanent platform to consolidate knowledge and expertise, enable sustained multistakeholder dialogue, and support the translation of high-level principles into practical governance and operational approaches.
The approach combines three strands: generating evidence-based knowledge on emerging risks, facilitating inclusive dialogue among governments, industry, and expert communities, and supporting action-oriented pathways that move policy discussions toward implementation.
Rather than duplicating existing initiatives, the centre positions itself as a complementary coordination space.
Global Conference on AI, Security and Ethics 2026
The UNIDIR Global Conference on AI, Security and Ethics 2026 (#AISE26) was held on 18–19 June in Geneva and online, bringing together diplomats, policymakers, researchers, industry representatives, civil society, and military experts to examine the implications of AI for international peace and security.
Across two days, discussions were structured around technology foundations, applications and integration, stakeholder perspectives, and forward-looking governance approaches. Sessions examined issues such as algorithmic bias, dual-use AI systems, adversarial testing, and the integration of AI into defence and security infrastructures. Particular attention was given to counter-AI risks, infrastructure dependencies, and the growing role of autonomous or agentic systems.
The second day shifted toward governance dynamics, including investor responsibility, public–private cooperation, regional AI strategies—especially in Africa and the Global South—and compliance challenges linked to emerging uses such as deepfakes in conflict contexts. Speakers also highlighted tensions between innovation, accountability, and international humanitarian law.
The conference featured fireside chats, technical demonstrations, lightning talks, and panel discussions, aiming to bridge technical and policy communities.
The 62nd session of the HRC continues
The 62nd session of the UN Human Rights Council (HRC) is ongoing, with this week’s programme featuring several discussions on digital governance.
On Monday, discussions included ‘From Rabat to Glion – Safeguarding Freedom of Expression and Freedom of Religion or Belief in the Digital Age’, co-organised by the Permanent Missions of Albania, Switzerland, Morocco, OHCHR, and Article 19, as well as ‘From Rights to Architecture: Women, Girls, and the Governance of Artificial Intelligence’, supported by a broad coalition including Japan, France, Estonia, Armenia, Costa Rica, Mexico, and the Republic of Korea.
On Wednesday, attention shifted to child protection in digital environments with an event on ‘Protecting Children from Emerging Forms of Harm in the Digital Era’, led by Egypt and supported by multiple states and organisations. The Special Rapporteur’s report on the chilling effects of digital surveillance on assembly and association rights (A/HRC/62/45) was also presented at a side event organised by the Permanent Mission of the Czech Republic and the OHCHR Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression. The week also included a Thursday session on child protection in digital spaces, organised by the United Arab Emirates and the Permanent Committee for Human Rights.
The HRC is in session until 7 July.
First global rules for fully driverless cars adopted by UNECE
The UNECE World Forum for Harmonization of Vehicle Regulations (WP.29) has adopted the world’s first global regulatory framework enabling fully autonomous driving systems (ADS).
The rules establish uniform safety requirements based on a ‘safety-case’ approach, requiring manufacturers to demonstrate through testing, simulation, and real-world validation that autonomous systems perform at least as safely as competent human drivers.
The framework introduces mandatory Safety Management Systems, strict testing standards, continuous in-service monitoring, and data recording requirements, while also updating around 90 existing UN vehicle regulations to accommodate automation. Backed by major automotive markets including the EU, the USA, China, Japan, the UK, and Canada, the agreement aims to prevent fragmented national rules and provide a coordinated pathway for global deployment of autonomous vehicles.
READING CORNER
In an interview with Diplo’s Executive Director Jovan Kurbalija, the city of Geneva is presented as a unique meeting point where technology, diplomacy, history, and humanity converge to shape global discussions on the future of AI.
Experts participating in a Diplo webinar on cyber diplomacy in Africa highlighted the importance of stronger regional coordination, greater participation in global digital governance, and investment in local digital capacity.
Findings suggest AI systems should be assessed through public value frameworks prioritising equity, governance and societal impact alongside openness.
The AI literacy framework aims to support learning outcomes for primary and secondary students worldwide.
A new OECD report highlights opportunities and risks of AI in VET systems.
DON’T MISS
Follow the road to the 2027 Geneva AI Summit, a global journey shaping AI’s future. Bookmark the page and register for updates to stay informed and involved every step of the way to Geneva 2027.