EU drops browser-based cookie consent proposal from Digital Omnibus

The European Commission had proposed replacing cookie banners with an automated browser-based privacy signal as part of its ‘Digital Omnibus’ package, a move that would have allowed devices to communicate users’ tracking preferences directly to websites. The plan, outlined in Article 88b of the GDPR, was intended to cut red tape and reduce the burden on consumers navigating consent requests across the web.

According to digital rights organisation noyb, cookie banners were not created by data protection law but emerged as a mechanism for the online advertising industry to obtain users’ consent for data sharing with third parties. Studies suggest only 3 to 10 per cent of users actually wish to be tracked, yet so-called dark patterns, such as hidden ‘no’ buttons and pre-ticked boxes, allow the industry to achieve consent rates of up to 90 per cent. Across more than 450 million EU citizens, this results in billions of unnecessary clicks each year.

According to noyb, a lobbying document submitted by Google argued that removing cookie banners would effectively halt all online advertising, citing figures that the European Commission has since described as highly exaggerated. The Commission had made clear that consent would still be possible on a per-website and per-purpose basis, meaning users could grant access to specific outlets while withholding it from others. Google’s paper also claimed that media outlets would be harmed, despite the fact that they are explicitly exempt from the proposed provision.

According to noyb, the lobbying campaign appears to have influenced the legislative process. In the Council’s position paper of 18 June 2026, Article 88b was removed entirely from the Digital Omnibus. Noyb added that Germany, France, and Poland were among the member states supporting the article’s removal following lobbying by the online advertising industry.

The outcome is particularly striking given that many of the same member states have long called on the EU to simplify regulation and cut red tape. noyb, the European digital rights organisation, has described the result as a victory for lobbying over public interest, noting that the majority of EU citizens have consistently expressed frustration with cookie banners.

The European Parliament has not yet taken a position on Article 88b, and negotiations between the Parliament and the Council are ongoing. Noyb has urged the European Parliament to support reinstating Article 88b during the next stage of negotiations.

Why does it matter?

The debate highlights the growing tension between digital simplification efforts, privacy protection and the economic interests of the online advertising ecosystem. Browser-based privacy signals have long been discussed as a way to reduce repetitive consent requests while preserving users’ ability to decide when and how their personal data may be used.

The proposal’s removal also illustrates the influence that industry stakeholders can have during the EU legislative process. Whether Article 88b is reinstated during negotiations with the European Parliament could shape the future of online consent management in Europe, affecting digital advertising, user experience and the practical implementation of data protection rules.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Google expands financial ad verification across EU and EEA

Google has announced the expansion of its financial services advertiser verification programme to every country in the EU and European Economic Area, extending requirements aimed at reducing fraudulent financial advertising.

The rollout will cover 24 additional countries and builds on an existing programme already active in six EU member states and the United Kingdom.

Under the programme, advertisers seeking to promote financial products or services must complete an additional verification process showing that the relevant national regulator authorises them. Google said it will check credentials against official registries across the EU and EEA.

The requirements will be introduced in phases. Businesses will have 30 days to complete the process after notification, and unverified advertisers will have their financial services ads restricted until verification is completed.

Google said the additional requirements build on its wider advertiser identity verification programme, which it says already covers more than 98% of ads seen across the EU. The company also said its systems blocked or removed more than 1.6 billion ads in the EU last year.

The expansion comes amid continuing concern over online financial scams, including fraudulent ads that impersonate legitimate financial services providers or promote misleading investment products.

Why does it matter?

Financial scams increasingly rely on digital advertising to reach consumers at scale. Google’s expansion adds another gatekeeping layer for financial advertisers across Europe by linking ad eligibility to authorisation in official regulatory registers. The measure also shows how large platforms are being pushed, by regulators and reputational pressure, to take more responsibility for the trustworthiness of high-risk advertising categories such as finance.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU launches ADACities for autonomous driving

The European Commission has launched the Autonomous Drive Ambition Cities initiative to support the deployment of autonomous driving technologies in cities across the EU.

The initiative, known as ADACities, was announced by Executive Vice-President Henna Virkkunen during the first international forum of the European Connected and Autonomous Vehicle Alliance in Brussels.

The Commission said ADACities will serve as a mobility flagship under the Apply AI Strategy, allowing selected EU cities to become real-world deployment sites for autonomous mobility innovation.

The initiative will support technologies such as robo-taxis, car-sharing services, autonomous shuttles for multimodal urban mobility and advanced self-driving cars. Participating cities will target fleets of 100 or more autonomous vehicles by 2030.

The Commission said partnerships supported by ADACities should be EU-centric, with European vehicle manufacturers and technology providers at the core, while still allowing international collaboration.

The initiative is also linked to the EU Technological Sovereignty Package. The Commission said autonomous driving deployment will draw on European capabilities in semiconductors, sovereign cloud and data infrastructure, AI Factories and open-source technologies.

ADACities builds on a joint declaration of intent to create a cross-border testbed for automated vehicle deployment. The Commission has opened a call for expressions of interest and will hold an online information session for cities and stakeholders.

Why does it matter?

ADACities shows how the EU is treating autonomous driving as part of AI deployment, urban mobility and industrial competitiveness, not only as a transport technology. By linking autonomous mobility to sovereign cloud, semiconductors, data infrastructure and AI Factories, the Commission is framing city-level deployment as a test of Europe’s ability to turn AI and automotive expertise into scalable public services. The initiative also raises governance questions around safety, liability, infrastructure readiness, data use and public trust.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU agrees tougher child protection rules against AI-generated abuse

The agreement between the European Parliament and the Council updates legislation first adopted in 2011, reflecting the growing role of digital technologies and AI in facilitating abuse.

Under the revised directive, designing, adapting or distributing AI systems intended to generate child sexual abuse material would become a criminal offence. The updated rules would also cover deepfake abuse material, livestreamed child sexual abuse, sexual extortion, and the possession or distribution of instructions on how to commit such crimes.

The agreement also strengthens rules on consent. It clarifies that consent must be given voluntarily, cannot be inferred from silence, lack of resistance or a previous relationship, and can be withdrawn at any time.

Grooming offences would be expanded to cover situations involving coercion, threats or deception, including cases where offenders falsely present themselves as peers of the child.

Victim protection would also be strengthened through access to healthcare, legal aid, helplines, accommodation support and compensation mechanisms. The agreement also extends limitation periods, recognising that many victims need years or decades before reporting abuse.

The revised directive still requires formal adoption by the European Parliament and the Council before entering into force.

Why does it matter?

The agreement shows how EU criminal law is being adapted to AI-enabled and online forms of child sexual abuse. Criminalising AI systems designed to generate abusive material is especially significant because it targets not only harmful content but also the tools used to produce it. The revised directive also strengthens victim support and prosecution timelines, addressing the reality that many survivors report abuse years after it occurred.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EU selects EUROPA consortium to build multilingual frontier AI model

The European Commission has selected the EUROPA consortium, led by Italian company Domyn, as the winner of its Frontier AI Grand Challenge. The project will develop a large-scale open-source AI model capable of operating across all 24 official languages of the EU.

Launched in February 2026, the competition challenged European AI innovators to propose a frontier model exceeding 400 billion parameters, a scale typically associated with some of the world’s most advanced AI systems.

The Commission said the initiative demonstrates Europe’s capacity to develop advanced AI using its domestic talent, infrastructure and industrial capabilities.

The EUROPA model will be openly accessible and designed to support businesses, researchers, public institutions and developers across the EU. By covering every official EU language, the project aims to address Europe’s linguistic diversity while expanding access to advanced AI technologies.

The Commission views the project as a strategic step towards greater technological sovereignty, strengthening Europe’s AI ecosystem while promoting openness, trust and European values in AI development.

Why does it matter?

The EUROPA project reflects Europe’s growing determination to develop advanced AI capabilities within its own technological ecosystem. As AI becomes increasingly important for economic competitiveness, public services and scientific research, access to large-scale models is emerging as a strategic capability alongside semiconductors, cloud infrastructure and high-performance computing.

The initiative is also notable for its focus on linguistic diversity and open access. By developing a frontier model capable of operating across all 24 official EU languages and making it openly available, the project aims to broaden participation in AI innovation while reducing dependence on a small number of predominantly US-based providers. Its success could become an important test of Europe’s ability to combine technological sovereignty with open and collaborative AI development.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU and OECD launch AI literacy framework for schools

The European Commission and the OECD have presented a new AI literacy framework for primary and secondary education, aimed at helping schools prepare learners for a world increasingly shaped by AI technologies.

The AI Literacy Framework was unveiled on 18 June during the European Digital Education Hub flagship event in Brussels. The event, titled ‘Collaborate for Impact: Advancing European Digital Education and Skills’, brought together policymakers, educators, experts, and stakeholders from across Europe.

Developed with support from international experts, including CodeAI, the framework provides a common reference point for integrating AI literacy across education systems. It is accompanied by practical classroom examples for primary and secondary levels to help educators translate AI literacy into learning experiences.

The framework defines AI literacy as the combination of technical knowledge, durable skills and future-ready attitudes needed to participate effectively in a world influenced by AI. It aims to help learners engage with, create with, manage, and shape AI while critically evaluating its benefits, risks, and ethical implications.

The European Commission said AI is reshaping how people learn, work, communicate, and make decisions. It said education systems need to prepare young people to navigate AI in daily life and use it responsibly.

The framework defines AI literacy as the combination of technical knowledge, durable skills and future-ready attitudes needed to participate effectively in a world influenced by AI.

According to the Commission, 68% of teenagers already use AI tools, yet many education systems still lack structured approaches for integrating AI into teaching and learning. Addressing these barriers could help learners use AI more creatively, ethically, and effectively.

The framework is intended for teachers, education leaders, policymakers, and learning designers. It offers guidance on curriculum integration, school-level AI literacy initiatives, policy development, and the design of educational content and teacher training materials.

The framework is structured around four dimensions that describe how learners engage with, create with, manage, and shape AI. It also includes 19 competences organised around knowledge, skills, and attitudes, along with learner expectations, learning scenarios, and classroom examples.

The Commission said the framework supports the EU’s ambition to deliver high-quality, inclusive, and future-oriented digital education. It also contributes to the Digital Education Action Plan and the Union of Skills by helping learners develop competences for a digital and AI-driven society.

The framework complements several European initiatives and policy priorities, including the PISA 2029 Media and AI Literacy assessment, the Digital Education Action Plan 2021-2027, updated ethical guidelines for educators on AI use, the AI Act, and the European Digital Competence Framework.

Why does it matter?

AI is rapidly becoming a foundational digital skill, comparable to information literacy or internet literacy. As AI tools become increasingly integrated into education, work and everyday life, schools face growing pressure to help students understand not only how to use these technologies, but also how to evaluate their outputs, recognise their limitations and engage with them responsibly.

The framework also represents an important step towards harmonising AI education across Europe. By providing common competences, classroom examples and guidance for educators, it creates a bridge between AI policy objectives and practical teaching. This could help ensure that future generations develop the skills needed to participate in an AI-driven society while supporting broader European goals related to digital skills, innovation and trustworthy AI.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EDPS and EU data protection officers focus on AI, cybersecurity and compliance

The European Data Protection Supervisor (EDPS) and data protection officers (DPOs) from EU institutions, bodies, offices and agencies met in Brussels on 18 June to discuss emerging data protection priorities and compliance challenges.

The 58th meeting of the EDPS-DPO network was hosted by the Executive Agencies of the European Commission. The meeting brought together DPOs from across the EU administration at a time of significant regulatory and technological change.

European Data Protection Supervisor Wojciech Wiewiórowski opened the meeting by emphasising the importance of safeguarding DPO independence in practice. He pointed to recent EDPS action, guidance, and procedures intended to safeguard the role of DPOs across EU institutions.

Wiewiórowski also reviewed key developments from 2025, including the closure of the EDPS investigation into the European Commission’s use of Microsoft 365, a rise in complaints, and the growing impact of AI-generated submissions. He noted that regulatory simplification should reduce unnecessary administrative burdens without undermining fundamental rights protections.

Thomas Zerdick, Head of the EDPS Supervision and Enforcement Unit, introduced a follow-up tracker designed to maintain continuity between EDPS-DPO meetings. The first tracker focused on EDPS supervisory guidance on the role of DPOs in EU institutions and the EDPS decision on prior consent to DPO dismissal.

Zerdick also presented recent developments in supervision and enforcement, including complaint handling, compliance issues affecting several EU institutions, and practical guidance on international transfers and data protection impact assessments. The update also covered work linked to the Area of Freedom, Security and Justice, including audits, opinions, and preparations for upcoming systems.

Luis Velasco, Head of the EDPS Technology and Privacy Unit, outlined initiatives to help EU institutions meet compliance requirements for automated systems and AI. He announced that an updated version of the EDPS guidance on risk management for AI systems is expected to be published later this summer.

Velasco also referred to a practical checklist on human intervention, intended to help organisations establish effective safeguards for automated systems. He warned that cyberattacks targeting EU institutions pose a growing threat and pose serious risks to individuals’ personal data.

The discussion also addressed the response to a personal data breach. Velasco stressed that individuals affected by a personal data breach should be informed without undue delay when a breach is likely to pose a high risk to their rights and freedoms.

A practical workshop focused on developing a common data protection impact assessment template under the EU Data Protection Regulation. Participants tested a draft template through a case study and discussed issues, including necessity, proportionality, and risk assessment.

The afternoon sessions included a discussion of the 2024 data breach at the European Agency for Law Enforcement Training. The CEPOL DPO and the EDPS Data Breach Notification Team shared lessons with the wider DPO community, highlighting that major data breaches create organisational and human challenges as well as compliance obligations.

The meeting also included a session on privacy and data protection case law, presented by Zerdick. The session focused on the EDPS’s interpretation of recent judgments and their practical implications for supervisory work and controllers.

Participants also received an update on the EDPS Website Compliance Awareness Campaign. Following pilot phases in 2024 and 2025, the Technology and Privacy Unit presented preliminary findings from the first wave of the campaign’s second phase, which involved automated scans of public-facing websites of EU institutions.

The EDPS said the meeting demonstrated the value of bringing together the EU’s DPO community to address shared challenges, exchange practical experience and strengthen compliance across institutions. The discussions focused on practical cooperation, support for compliance, and stronger data protection safeguards across the EU administration.

Why does it matter?

The meeting highlights how data protection within EU institutions is evolving beyond traditional compliance issues toward broader challenges involving AI governance, cybersecurity, automated decision-making and digital service oversight. As public administrations increasingly adopt AI-enabled systems and process larger volumes of personal data, data protection officers are playing a more strategic role in managing operational and regulatory risks.

The discussions also illustrate a growing emphasis on practical implementation. Common templates, coordinated guidance and shared lessons from data breaches can help institutions apply data protection rules more consistently across the EU administration. This is particularly important as regulators seek to align privacy requirements with emerging frameworks governing AI, cybersecurity and digital public services.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Google Cloud urges changes to EU tech sovereignty plans

Google Cloud has urged EU policymakers to revise parts of the European Commission’s Tech Sovereignty Package, arguing that some proposed cloud sovereignty measures could unintentionally isolate the European digital market.

In a policy statement, Giorgia Abeltino, Head of Government Affairs and Public Policy for Google Cloud in EMEA, said Europe requires significant investment in digital infrastructure to strengthen competitiveness, security and technological sovereignty. She said the EU is considering how to expand its digital footprint across chips, cloud adoption, and AI data infrastructure.

Google Cloud said it supports the Commission’s emphasis on openness, partnerships and fair competition, particularly measures aimed at interoperability and reducing vendor lock-in. It welcomed measures on interoperability, efforts to address vendor lock-in, an open source strategy for the public sector, and faster data centre deployment.

However, the company said certain elements of the proposed Cloud and AI Development Act should be changed to avoid unintended market isolation. Google Cloud said trusted global partners should be able to continue supporting Europe’s security and scaling goals under an open framework.

The company said its vision of technological sovereignty is based on verifiable technical controls, customer choice and continued investment in European digital infrastructure. It pointed to its sovereign cloud services, including standard public cloud configurations with European data boundaries, independently operated regional cloud services, and air-gapped solutions for sensitive public-sector operations.

Google Cloud also highlighted partnerships with European companies, including S3NS in France; Thales, Schwarz Group, and T-Systems in Germany; PSN in Italy; Clarence in Luxembourg; and Telefónica in Spain. It said these partnerships support operational resilience and jurisdictional controls under existing national tech sovereignty frameworks.

The company said the S3NS offering in France has been qualified under SecNumCloud 3.2. It also said Clarence and S3NS, together with Mistral, offer services approved by the EU Directorate-General for Digital Services for use by EU institutions with sovereign cloud needs.

Google Cloud also raised concerns about the proposed Union Assurance Levels within the Cloud and AI Development Act. It said harmonising sovereignty criteria across Member States is useful, but argued that the proposed criteria could limit or exclude global providers regardless of the security safeguards they offer.

The company said EU rules should allow technical approaches to sovereign control rather than relying too heavily on geographic criteria. The company cited its Cloud External Key Manager as an example of a technical sovereignty mechanism that allows customers to retain control of encryption keys outside Google’s infrastructure.

Google Cloud also called for the Cloud and AI Development Act to follow a more balanced approach similar to the proposed Industrial Accelerator Act. The company said trusted non-EU partners should be able to operate as EU-origin under clear conditions, backed by trade rules and safeguards.

The company also backed the package’s goal of promoting interoperability and reducing vendor lock-in. It said tech sovereignty should increase user choice and argued for reforms allowing users to move software licences freely, ensuring fair pricing for legacy software, and guaranteeing that software runs equally well on any cloud platform.

Google Cloud said physical compute infrastructure is central to digital tech sovereignty. It welcomed the ambitions of Chips Act 2.0 and the proposed 30 billion investment in European semiconductor research and development, but said Europe also needs regulatory conditions that attract large-scale compute infrastructure investment.

The company said it operates 13 European cloud regions and has recently invested in Germany, Belgium, and Sweden. It welcomed proposed special project status for data infrastructure projects to streamline permitting, grid access, and power purchase agreements.

Google Cloud said fast-track permitting should prioritise highly sustainable infrastructure projects. It also called for national sustainability criteria to align with the upcoming EU-wide rating scheme and said acceleration zones should not artificially restrict where new data centres can be built.

The company said Europe has an opportunity to build a resilient, competitive and open digital future. It said global innovation and European values can be advanced together through open source software, sovereign cloud partnerships and collaboration with European policymakers and regional partners.

Why does it matter?

The debate highlights a central challenge in Europe’s digital policy agenda: how to strengthen technological sovereignty without undermining openness, competition and access to global innovation. As the EU seeks greater control over critical digital infrastructure, cloud services and AI capabilities, policymakers must decide whether sovereignty should be defined primarily by ownership and geography or by technical safeguards and operational control.

The outcome could have significant implications for the future European cloud and AI market. Rules governing sovereign cloud services, data infrastructure and assurance standards will influence investment decisions, public-sector procurement, competition among providers and Europe’s ability to develop advanced AI capabilities. The discussion also reflects broader tensions between strategic autonomy and international technology partnerships that are increasingly shaping digital policy worldwide.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Weekly #267 Who gets to pull the plug on frontier AI?

 Logo, Text

12 June – 19 June 2026


HIGHLIGHT OF THE WEEK

Who gets to pull the plug on frontier AI?

Access to powerful AI systems is no longer just a product feature, a subscription tier, or a matter of corporate safety policy. It is becoming a governance decision. When an AI model is capable enough to support software engineering, scientific research, cybersecurity work, critical infrastructure protection, and potentially harmful misuse, the question is no longer only how well the model performs. The question becomes who should be allowed to use it, under what conditions, and who has the authority to switch it off.

That question moved from theory to practice over the past week, after Anthropic disabled access to Claude Fable 5 and Claude Mythos 5 in response to a US government export-control directive. The timing made the case especially striking. Only days earlier, Anthropic had launched Fable 5 as its most capable generally available model to date, alongside Mythos 5, a more powerful version reserved for selected cyber defence and critical infrastructure partners.

At first, the launch looked like a model governance experiment. Fable 5 was made broadly available, but with additional safety classifiers designed to detect potential misuse, including attempts to bypass safeguards. Anthropic also introduced a fallback system that routed some high-risk sessions to a less capable model. Mythos 5, meanwhile, used the same underlying model, but with some safeguards lifted for trusted users working in cyber defence and critical software infrastructure.

In other words, Anthropic was trying to answer one of the hardest questions in frontier AI deployment: how can companies give users access to more capable systems while reducing the risk that the same systems are misused in sensitive domains? Its answer was tiered access, safety filters, model routing, testing, and trusted partnerships.

Then came the cutoff.

What followed was more than a technical compliance problem. According to Anthropic, the US directive required the company to suspend access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees. The company said the practical result was that it had to remove access to both models for all customers to ensure compliance, while other Anthropic models remained available.

 Person, Electronics, Hardware, Face, Head, Computer Hardware, Computer

Why is this happening? The immediate reason centres on concerns that Fable 5 could be jailbroken. Anthropic said it understood that the government had become aware of a method for bypassing the model’s safeguards, but also said the directive did not provide specific details of the national security concern. The company argued that the technique it reviewed appeared to identify a small number of previously known minor vulnerabilities, which could also be found using other publicly available models.

That disagreement matters because it points to a much larger governance problem. Governments clearly have a legitimate interest in preventing the misuse of powerful AI systems, especially when they may affect cybersecurity, biological research, defence, or critical infrastructure. But companies, users, researchers, allies, and civil society also have an interest in knowing when a deployed model can be recalled, what evidence is required, and what transparency or due-process safeguards apply.

If the standard for suspending access is too weak, frontier AI deployment becomes unpredictable. If the standard is too high, genuinely dangerous systems may remain available for too long. The difficult part is building a system that can respond quickly in real emergencies without allowing access to advanced AI to become an unclear political decision.

The episode also gives new force to the debate on AI sovereignty. Governments outside the United States have spent the past year asking whether they can rely on AI systems controlled by a small number of foreign companies. The Fable 5 and Mythos 5 restrictions made that question less abstract. If foreign users, trusted partners, and even allied institutions can lose access overnight due to a US national security decision, then reliance on frontier AI providers becomes a strategic vulnerability.

That does not mean every country can build its own frontier models. AI sovereignty is easier to demand than to deliver. Training and deploying advanced systems requires chips, data centres, energy, skilled researchers, secure cloud infrastructure, capital, and access to global supply chains. For many governments, the real choice may not be between full dependence and full sovereignty, but between managed dependence, trusted access, regional capacity, and strategic resilience.

For the United States, there is also a trade-off. Broad restrictions may reduce certain security risks, but they can also erode trust with allies, disrupt research cooperation, and encourage other countries to accelerate the development of domestic alternatives. AI leadership is not only about having the most capable models. It also depends on whether partners believe that access to those systems is predictable, lawful, and governed by clear rules.

The Fable 5 saga shows that frontier AI is becoming more like strategic infrastructure than ordinary software. Access decisions can affect cybersecurity teams, research institutions, public agencies, private companies, and international partnerships. Safety cannot rely solely on company policy, but government intervention also cannot rest on vague national security claims.

The bigger question is whether societies can design rules for frontier AI access that are fast enough to address real risks, transparent enough to build public trust, and stable enough to support international cooperation. If powerful models can be launched one week and pulled back the next, the politics of AI will increasingly revolve not only around what these systems can do, but around who gets to decide who can use them.

IN OTHER NEWS LAST WEEK
 Rope, Adult, Male, Man, Person, Face, Head

AI governance and digital security

G7. Leaders of the G7 nations gathered in Évian-les-Bains, France, for the 2026 summit, with critical mineral supply chains, online child safety and international solidarity among the key issues on the agenda. France placed balanced economic growth and international cooperation at the centre of this year’s discussions, while leaders also addressed geopolitical tensions, support for Ukraine, regional security and the Middle East. The digital policy dimension was visible through debates on resources needed for semiconductors and digital infrastructure, as well as the growing connection between economic security, technology governance and geopolitical stability.

The EU. The European Commission welcomed the new G7 Cybersecurity Working Group Declaration, adopted under France’s G7 Presidency. The declaration calls for stronger international cooperation on cybersecurity challenges linked to quantum computing, AI, telecommunications infrastructure and the protection of small and medium-sized enterprises. It treats the transition to post-quantum cryptography as an urgent priority, while also recognising that AI can both strengthen and threaten cybersecurity through AI-enabled attacks, model manipulation, data breaches and software vulnerabilities.

G7. Digital and technology ministers adopted the group’s first shared set of principles for protecting children and young people online. The agreement addresses risks linked to harmful content, exploitation and AI chatbots, while calling for stronger digital literacy, safety measures built into digital services from the start, and effective age assurance. Ministers also called for better access to data and research on how digital services affect children’s well-being, alongside closer cooperation among platforms, researchers, families and governments.

The EU. The European Commission also welcomed the G7’s adoption of online child protection principles, noting that they reflect approaches already present in EU initiatives such as the Digital Services Act, the Better Internet for Kids Strategy and the AI Act. The framework promotes safety-by-design measures, privacy-conscious age assurance tools, stronger protections against harmful and illegal content, parental controls and digital literacy. It also links child protection with privacy, fundamental rights and access to digital opportunities, showing how online safety policy is moving beyond content removal alone.


UNIDIR launches AI peace and security platform in Geneva

The UN Institute for Disarmament Research, together with Switzerland and Pakistan, hosted a pre-launch briefing for its Centre of Excellence on AI, Peace and Security at the Palais des Nations in Geneva. UNIDIR said the centre is being established at a critical moment for global AI governance, as AI increasingly reshapes international peace and security dynamics. The centre is intended to serve as a permanent platform for consolidating knowledge, connecting stakeholders and maintaining continuity between multilateral processes and global discussions on AI and international security.

The platform will support more coherent international AI governance while promoting inclusive global engagement. It will provide practical, evidence-based policy guidance, resources and capacity-building support for actors working on AI in peace and security contexts. The initiative also points to Geneva’s growing role as a hub where AI governance, security policy, disarmament debates and multistakeholder dialogue increasingly overlap.


Children’s online safety under UK scrutiny

The UK Government Office for Science highlighted the need for evidence-led policy on children’s online lives, warning that digital technologies bring both benefits and risks while long-term evidence remains limited. The article noted that 97% of UK teenagers aged 13 to 15 now own a mobile phone, while almost one-fifth of children aged three to five also own one. Children use digital platforms to maintain friendships, access communities, and find support, while AI tools are increasingly used for learning, schoolwork and, in some cases, well-being and emotional regulation.

However, the government adviser warned that children face risks including harmful content, cyberbullying, privacy breaches, false or misleading information, unlimited scrolling, personalised algorithms and other engagement-maximising design features. The article also cautioned that the use of AI should not prevent children from developing skills such as written expression and critical thinking. The debate shows why child online safety is increasingly being framed not only as a platform moderation problem, but as a question of design, evidence, education and long-term development.


IWF warns of AI-generated child sexual abuse risks

The Internet Watch Foundation welcomed Pope Leo XIV’s reflections on AI, arguing that AI systems must be developed with stronger safeguards to protect children from abuse. The organisation warned that AI is being used to generate highly realistic child sexual abuse images and videos at scale, saying the number of AI-generated child sexual abuse videos it identified in 2025 increased by more than 260%, with nearly two-thirds falling into the most severe category of abuse.

The IWF also raised concerns about AI-nudification tools, which can generate realistic sexualised images of children and other individuals. Following the Child Dignity in the Artificial Intelligence Era conference in Rome, the organisation joined more than 100 organisations and individuals in supporting calls for a global ban on such tools. It also called for stronger regulation, global alignment and enforceable safety-by-design standards to prevent the creation and spread of AI-generated child sexual abuse images and videos.


The EU extends cyber crisis support to Ukraine

Ukraine can now activate emergency EU cyber support during significant or large-scale cybersecurity incidents after the Council of the EU approved its inclusion in the EU Cybersecurity Reserve. The reserve, managed by the European Union Agency for Cybersecurity, provides incident response services from trusted private-sector providers to help contain and mitigate major cyber incidents.

The European Commission said the decision reflects closer EU-Ukraine cooperation and forms part of wider efforts to strengthen preparedness, rapid response and shared expertise against evolving cyber threats. The move also aligns with the EU’s strategic digital partnership agenda and follows Moldova’s inclusion in the Cybersecurity Reserve in 2024 under the Cyber Solidarity Act. Ukraine’s inclusion shows how the EU is using cyber crisis mechanisms not only for internal resilience but also for strategic partnerships in a conflict-affected digital environment.


Latin America looks to Europe’s AI rulebook

Countries across Latin America are increasingly drawing on the EU’s risk-based approach as they develop AI governance frameworks, according to an International Bar Association analysis. Chile, Peru, Brazil and El Salvador have introduced or advanced AI-related legislation in recent years, with several initiatives focusing on risk classification, fundamental rights and accountability. Peru implemented an AI law in 2023 and updated it in 2025, while Brazil has considered similar draft legislation, and El Salvador enacted an AI law in 2025.

Chile has become one of the region’s most active AI policy actors, helping launch Latam-GPT, an open-source language model trained on Latin American data, while considering an AI bill that would classify systems according to risk. The proposal includes stricter obligations for high-risk uses, regulatory sandboxes and measures intended to support innovation and smaller businesses. However, legal experts warned that EU-style requirements on risk governance, technical documentation, testing and incident reporting could strain regulators and smaller companies with limited resources.


Swiss parliament weighs AI apps in media copyright bill

Swiss lawmakers want the government to examine whether AI applications should be covered by a media copyright bill that requires online services to compensate publishers for displaying extracts of newspaper articles. The Swiss Senate unanimously referred the bill back to the federal government, while the House of Representatives had already approved the request in March by 157 votes to 29, with two abstentions.

Why does it matter? The debate shows how AI-powered search tools, chatbots and assistants are being pulled into older disputes over platform power, copyright and publisher compensation. As AI services become gateways to information, governments are asking whether existing media copyright rules remain fit for a digital environment shaped not only by search engines and social platforms but also by AI applications.


MIT researchers target AI data centre cooling

A startup founded by MIT researchers has developed a nuclear-inspired cooling system to improve data centre energy efficiency while reducing water consumption. The technology targets one of the fastest-growing sources of electricity demand, as the rapid expansion of AI infrastructure drives increased computing requirements.

Ferveret’s system uses a specialised liquid to immerse servers, replacing traditional air-based cooling methods that account for a significant share of data centre energy consumption. Its Adaptive Phase Cooling approach improves heat transfer through controlled bubble formation, increasing efficiency while reducing reliance on water-intensive cooling systems. The company reports computational efficiency gains of up to 15% compared with existing liquid cooling technologies and says its modular design could help data centres operate more effectively in regions with limited water resources.



LAST WEEK IN GENEVA
 machine, Wheel, Spoke, City, Art, Bulldozer, Fun, Drawing

Geneva placed AI, security and ethics at the centre of international security diplomacy this week. From 15 to 17 June, UNODA convened informal exchanges on AI in the military domain and its implications for international peace and security, following the UN General Assembly’s request for states and stakeholders to discuss observations from the Secretary-General’s report, opportunities and challenges, emerging normative proposals and possible next steps.

The exchanges brought together states, observer states, international and regional organisations, the ICRC, academia, civil society, the scientific and technical community and industry. Discussions and side events addressed the responsible development and use of AI in military decision-making, trustworthy AI in the military domain, human rights across the life cycle of military AI, assurance and accountability, the role of private actors, weaponisation of data-intensive technologies, and the nuclear dimension of AI.

The Geneva week then continued with UNIDIR’s Global Conference on AI, Security and Ethics 2026, held on 18 and 19 June in Geneva and online. The conference brought diplomats, policymakers, military representatives, researchers, industry, civil society and international organisations together to examine how AI is reshaping national, regional and global security environments. The programme focused on themes ranging from algorithmic bias, dual-use technologies, agentic AI, testing and assurance, and AI in cyber defence to counter-AI capabilities, infrastructure dependencies, public-private responsibility chains and human-centred approaches to defence AI.

Together, the UNODA exchanges and UNIDIR conference showed how Geneva’s AI diplomacy is moving beyond broad concern about emerging technologies. The agenda is increasingly about how to translate international law, responsible AI principles, military practice, technical testing and multistakeholder expertise into workable governance for high-stakes systems. As AI becomes embedded in defence, cybersecurity and strategic infrastructure, Geneva is becoming one of the key spaces where the security implications of AI are debated not only as future risks, but as present governance challenges.


LOOKING AHEAD

The Developments in Africa cyber diplomacy: Continental, regional, and national initiatives webinar will take place online on 24 June, organised by Diplo. The event will examine the evolving landscape of cyber diplomacy across Africa, focusing on continental, regional and national initiatives. Discussions will cover key players, stakeholders and frameworks shaping cyber diplomacy on the continent, including African Union initiatives and the African Digital Compact, as well as national strategies for addressing cyber threats and strengthening digital cooperation. The webinar aims to bring together policymakers, cybersecurity experts, researchers, civil society and private sector stakeholders to exchange lessons, identify best practices and support secure and inclusive digital transformation across the continent.

UN Open Source Week 2026 will take place from 22 to 26 June at UN Headquarters in New York, co-hosted by the UN Office for Digital and Emerging Technologies and the UN Office of Information and Communications Technology. The event is framed as a global convening on open-source technologies and digital cooperation, with a programme covering a Community Hackathon, open source and AI, Digital Public Infrastructure Day, Open Source Programme Offices for public-interest objectives and community-led events. The week will explore how open source can support the SDGs, the Global Digital Compact, digital public infrastructure, responsible AI development and practical collaboration among UN entities, member states, technical communities, civil society and the private sector.



READING CORNER
united kingdom flag wrinkled dark background 3d render

Agentic AI systems that can plan, decide and act autonomously across platforms simultaneously trigger obligations under data protection, competition, financial services and online safety law, exposing gaps that sector-based regulation…

Fable 5 dark

Anthropic’s Claude Fable 5 went public, then vanished 72 hours later. Inside the sudden U.S. government shutdown and what it means for the future of AI power.


DON’T MISS
 Light, Outdoors, Nature, Sky, Scenery, Art, Night

Follow the road to the 2027 Geneva AI Summit, a global journey shaping AI’s future. Bookmark the page and register for updates to stay informed and involved every step of the way to Geneva 2027.

Eurostat report highlights online hate speech exposure in the EU

More than half of young internet users in the EU encountered hostile or degrading online content in 2025, according to Eurostat data published to mark the International Day for Countering Hate Speech.

Eurostat said 54.0% of internet users aged 25 to 34 and 53.7% of those aged 16 to 24 had encountered hostile or degrading messages during the previous three months. Exposure declined with age, falling to 46.4% among people aged 35 to 44, 38.9% among those aged 45 to 54, 32.8% among those aged 55 to 64, and 28.1% among people aged 65 to 74.

Among internet users aged 16 to 24, young women reported higher exposure than young men, at 57.2% compared with 50.4%. Eurostat said the pattern was observed across all types of hostile or degrading messages.

For both young women and young men, the most commonly reported hostile messages related to political or social views and racial or ethnic origin. The largest gender gaps were recorded for messages concerning sexual orientation, sex and disability.

Eurostat said hostile or degrading content may be directed at respondents or at other people, and can include messages, comments, photos, memes, videos and other online material.

The findings underline the scale of online hostility facing younger internet users in the EU and the continuing challenge for policymakers, platforms and civil society organisations working on digital safety and content governance.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!