EU

EDPB approves global extension of Europrivacy certification

The European Centre for Certification and Privacy announced that the European Data Protection Board (EDPB) has approved the extension of the Europrivacy certification scheme beyond Europe. Organisations worldwide that are subject to the General Data Protection Regulation (GDPR) will now be able to seek Europrivacy certification.

The Centre also announced approval of a specific version of the certification criteria for use as a safeguard mechanism for international data transfers. The measure is intended to support organisations outside the EEA in demonstrating compliance when handling transferred personal data.

According to the organisation, the decisions are intended to strengthen legal certainty, support trusted cross-border data flows and provide an additional compliance mechanism based on independent assessments and regular audits.

The decisions represent a significant step towards broader adoption of data protection certification mechanisms at the international level. The announcement follows recent EDPB approvals and reflects the growing role of certification mechanisms in international data governance and cross-border data transfers across the EU.

Why does it matter?

Certification mechanisms are becoming an increasingly important part of international data governance, particularly as organisations seek to demonstrate compliance with GDPR requirements across jurisdictions.

The expansion of Europrivacy beyond Europe and its use in international data transfers could provide organisations with an additional tool for demonstrating accountability, supporting cross-border data flows and navigating evolving data protection obligations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

European Commission proposes EU-wide satellite spectrum authorisation system

The European Commission has proposed a new EU-wide authorisation system for mobile satellite services operating in the harmonised 2 GHz frequency band once current licences expire in 2027. The move is intended to strengthen connectivity, resilience, competitiveness and critical communications across the bloc.

Under the proposal, an EU-level selection process would replace the framework introduced in 2008. The European Commission said a single authorisation system across Member States would improve regulatory consistency and enable satellite operators to provide cross-border services more efficiently.

The proposal would reserve one-third of the 2 GHz band for governmental uses, including critical communications, security and defence, through an EU operator associated with the Union’s IRIS² Secure Connectivity programme.

The European Commission said the new framework is intended to support secure, resilient and innovative satellite services while strengthening critical communications capabilities and reducing strategic dependencies. The proposal was presented in Brussels and aligns with broader plans for EU-level satellite spectrum management.

Why does it matter?

Satellite communications are becoming increasingly important for connectivity, emergency response, government communications and critical infrastructure resilience. A harmonised EU authorisation system could simplify cross-border operations for satellite providers while strengthening the bloc’s ability to support secure communications services.

The proposal also reflects broader European efforts to improve resilience in strategic digital and space infrastructure and reduce dependence on external providers in critical sectors.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU welcomes G7 adoption of online child protection principles

The European Commission has welcomed a new agreement by G7 digital and technology ministers on a shared set of principles aimed at improving online safety for children and teenagers. The principles reflect approaches already present in several EU initiatives, including measures focused on online safety, digital literacy and the protection of minors.

The principles build on existing EU measures, including the Digital Services Act, the Better Internet for Kids Strategy and the AI Act. They focus on improving online safety while safeguarding privacy, fundamental rights and access to digital opportunities.

The framework promotes safety-by-design measures, privacy-conscious age assurance tools, stronger protections against harmful and illegal content, parental controls, and digital literacy initiatives. It also promotes greater cooperation between technology companies, researchers, governments and civil society organisations.

Why does it matter?

Governments are increasingly examining how digital platforms, recommendation systems and generative AI tools affect children’s wellbeing, privacy and online experiences. Concerns about harmful content, exploitation and age-inappropriate services have prompted policymakers worldwide to explore new approaches to online child protection.

The G7 agreement signals growing international convergence around child safety principles, while emphasising the need to balance protection measures with privacy, fundamental rights and access to digital opportunities.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU launches consultation on trusted flagger guidelines under the DSA

The European Commission has launched a public consultation on draft guidelines for trusted flaggers under the Digital Services Act, aiming to establish a clearer and more consistent framework for organisations that identify and report illegal online content.

Trusted flaggers are specialised entities whose notices about illegal content must be prioritised by online platforms under the DSA. Platforms remain responsible for assessing whether the reported content is illegal.

More than 70 trusted flaggers have already been designated across the EU, covering areas such as child sexual abuse material, intellectual property infringements, online fraud, financial scams, and online harassment.

The proposed guidelines clarify the criteria and procedures used by national Digital Services Coordinators to grant trusted flagger status. They also set out technical requirements for trusted flaggers and platforms when processing notices of illegal content.

The draft guidelines include safeguards intended to ensure that trusted flaggers remain independent, objective, and accountable while operating in full respect of freedom of expression. They also include measures to prevent misuse of the mechanism, including public annual transparency reports and procedures to suspend or revoke trusted flagger status.

The Commission is inviting feedback from platforms, trusted flaggers, applicants, researchers, civil society organisations, and other stakeholders until 26 June 2026. Following the consultation, the Commission plans to adopt the final guidelines in the second half of 2026.

Why does it matter?

Trusted flaggers are becoming an important procedural tool in the EU’s online safety framework. Clearer rules could improve the reporting and handling of illegal content while reducing fragmentation across member states. The safeguards are also important because prioritised notices must be balanced with accountability, transparency, and protection of freedom of expression.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

European Commission fines Temu €200 million under DSA

The European Commission has imposed a €200 million fine on Temu after finding that the online marketplace breached obligations under the Digital Services Act by failing to properly assess and mitigate systemic risks linked to illegal products sold to consumers in the EU.

According to the Commission, Temu’s 2024 risk assessment did not meet DSA requirements because it relied on general information about the wider e-commerce sector rather than evidence specific to its own platform. Regulators also found that the company significantly underestimated the likelihood that the EU consumers would encounter illegal or unsafe products.

The investigation drew on mystery shopping exercises and information from customs and market surveillance authorities. Findings included chargers that failed basic safety requirements and baby toys that contained chemicals above legal limits or presented choking hazards.

Regulators also criticised Temu for failing to sufficiently assess how recommender systems and influencer promotion programmes could contribute to the spread of illegal products on the platform.

Temu must now submit a detailed action plan explaining how it will address the shortcomings identified by the Commission. The plan will be reviewed with the European Board for Digital Services before implementation requirements are set. Failure to comply could lead to additional penalties under the DSA.

The decision is part of a wider Commission investigation into Temu, including issues related to potentially addictive design, recommender systems, and data access for researchers.

Why does it matter?

The fine marks one of the most significant enforcement actions under the Digital Services Act against a major online marketplace. It shows that the DSA is being used not only to address illegal content, but also to require platforms to assess and reduce consumer safety risks linked to illegal and unsafe goods. The case reinforces the EU’s focus on proactive risk management by very large online platforms, including how marketplace design, recommendations, and influencer promotion can amplify the reach of harmful products.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU ICT workforce grows to 10.45 million in 2025, Eurostat says

The number of ICT specialists in the EU reached 10.45 million in 2025, representing 5% of total employment, according to new data published by Eurostat. Although annual growth slowed compared with the post-pandemic increases recorded in 2020 and 2021, the number of ICT specialists has continued to rise over the past decade.

Northern European countries continued to lead the bloc in ICT employment concentration. Sweden recorded the highest share of ICT specialists in the workforce at 8.9%, followed by Luxembourg and Finland. At the opposite end, Greece, Romania and Italy reported the lowest shares.

The figures also highlighted the persistent gender imbalance within Europe’s technology workforce. Men represented more than 80% of ICT specialists in 2025, although the share of women increased modestly compared with 2015. Romania, Latvia and Bulgaria recorded the highest proportions of women working in ICT roles.

Eurostat noted that ICT specialists include professionals responsible for developing, operating and maintaining digital systems across all sectors of the economy. Eurostat noted that ICT specialists include professionals responsible for developing, operating and maintaining digital systems across sectors of the economy. The growth of the workforce coincides with increasing digitalisation across businesses, public services and industry.

Why does it matter?

The steady growth of ICT specialists reflects Europe’s accelerating digital transformation and the increasing dependence of economies, governments and businesses on advanced digital infrastructure. The figures also underline major regional and gender disparities that could affect Europe’s competitiveness, digital sovereignty and long-term technology workforce resilience.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU adopts unified cyber incident reporting templates under NIS2

The NIS Cooperation Group has adopted common templates for cybersecurity incident reporting across the EU, marking a step towards more harmonised compliance requirements for companies subject to the NIS2 Directive.

The templates were adopted during the group’s 39th plenary meeting in Cyprus and are intended to provide a uniform format for reporting cyber incidents across member states. The NIS Cooperation Group brings together the EU member states, the European Commission, and the EU Agency for Cybersecurity (ENISA) as part of wider EU cybersecurity coordination efforts.

According to the Commission, the standardised templates are designed to reduce administrative burdens and simplify compliance for companies required to report cybersecurity incidents under NIS2. The move also aligns with broader EU efforts to create a single-entry point for incident reporting under the proposed Digital Omnibus initiative.

The Commission now plans to adopt the templates through an implementing act, which would make them mandatory for all member states. The EU officials say harmonised reporting fields should reduce fragmentation, simplify reporting obligations, and help strengthen cybersecurity resilience across the bloc.

Why does it matter?

Cybersecurity reporting requirements across Europe have often created complexity for companies operating in multiple jurisdictions. Common templates could reduce duplication, make reporting procedures more predictable, and improve coordination between national authorities. The move also fits into the EU’s broader push to simplify digital compliance while strengthening cyber resilience under NIS2.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

European Commission marks .eu anniversary with internet governance focus

The European Commission has marked the 20th anniversary of the .eu top-level domain, presenting it as a symbol of European identity online and an element of Europe’s technological sovereignty agenda.

The milestone was celebrated during the 2026 European Internet Governance Dialogue in Brussels, where policymakers, technical experts, businesses, civil society representatives, and other stakeholders discussed the future of global internet governance.

According to the Commission, .eu has grown into the fourth-largest country-code top-level domain in Europe, with 3.8 million registrations since its launch in April 2006. The EU officials described the domain as a symbol of European identity online and an example of resilient European digital infrastructure, noting that it has operated without a single outage for two decades.

The discussions also focused on Europe’s broader approach to internet governance, digital autonomy, and the reduction of strategic technological dependencies. Executive Vice-President Henna Virkkunen said Europe is at a pivotal moment where digital autonomy, reduced dependencies, and global leadership in internet governance must go hand in hand.

The Commission linked the anniversary to future EU initiatives, including the upcoming Technological Sovereignty Package, which it said would further support Europe’s vision for a decentralised and open internet where users, businesses, and governments have real alternatives and control over their digital future.

Officials also stressed the importance of ensuring that European values, including human rights, inclusivity, and competition, continue to shape the next decade of global internet governance.

Why does it matter?

The anniversary shows how domain governance and internet infrastructure are increasingly being linked to digital sovereignty and technological dependence. By framing .eu as part of Europe’s identity, resilience, and internet governance agenda, the Commission is connecting a long-standing country-code top-level domain to broader debates on autonomy, infrastructure, trust, and Europe’s role in shaping the future of the open internet.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

European Commission delays tech sovereignty package again

The European Commission has postponed the presentation of its tech sovereignty package until 3 June, following several earlier delays. The publication had previously been scheduled for 25 March, 15 April and 27 May.

According to Euractiv, the package is expected to include the proposed Cloud and AI Development Act and Chips Act 2. The initiatives are intended to support digital infrastructure development and strengthen Europe’s semiconductor sector. The measures are also expected to encourage data centre investment and semiconductor manufacturing within the EU.

The latest postponement follows comments from the US ambassador to the EU concerning potential trade implications of European digital regulation. Euractiv additionally reported uncertainty regarding a proposed EU open-source strategy previously linked to the package.

The European Commission did not comment publicly on the latest delay.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU and Africa deepen cooperation on AI investment and digital infrastructure

European Commission has expanded cooperation discussions with African partners on AI through a new EU-Africa AI Tech Business Offer Event held in Brussels.

The event brought together policymakers, technology companies, development finance institutions, and digital cooperation organisations from Europe and Africa.

Government representatives from Kenya, Nigeria, Senegal, South Africa, and Tanzania participated in discussions alongside European digital companies and private sector organisations.

According to the European Commission, discussions focused on investment opportunities, AI infrastructure, and long-term cooperation between European and African digital ecosystems.

The initiative was organised under the Team Europe approach in cooperation with Smart Africa, the German development agency GIZ, and the Digital for Development Hub.

Why does it matter?

The event highlights increasing geopolitical and economic competition around ΑΙ partnerships, infrastructure, and digital influence across emerging markets. For Europe, cooperation with African countries supports broader goals linked to digital development, technological sovereignty, and global AI governance. For African governments, the partnerships may accelerate access to AI infrastructure, investment capital, skills development, and digital innovation ecosystems.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Diplo chatbot can make mistakes. Consider checking important information.