EU

European Parliament set to push for faster Digital Markets Act compliance proceedings

Ahead of the review of the Digital Markets Act, the European Parliament is set to call for faster compliance proceedings and closer scrutiny of AI-driven search tools and cloud services.

In a draft resolution, MEPs are expected to urge the Commission to enforce the Digital Markets Act quickly and consistently, while adapting to technological change without reopening the law’s core objectives.

The text highlights the growing strategic importance of cloud computing services and the rising use of AI-driven search tools, arguing that both require closer scrutiny under the Digital Markets Act framework.

MEPs also warn against external political pressure aimed at weakening the law. They are expected to call on the Commission to make full use of its enforcement tools, including periodic penalty payments, to stop companies from bypassing it, regardless of where they are based.

The Digital Markets Act sets obligations for the largest digital companies providing key platform services in the EU, with the aim of supporting fair competition in digital markets. The draft resolution comes after the Commission’s first non-compliance decisions and fines under the law, including action against Meta over its ‘pay or consent’ advertising model and against Apple over anti-steering obligations.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

European Commission urges fast rollout of EU age verification app

The European Commission has adopted a recommendation urging member states to accelerate the rollout of the EU age verification app and make it available by the end of the year. The recommendation says the app can be deployed either as a standalone solution or integrated into a European Digital Identity Wallet.

According to the Commission, the app is intended to let users prove they meet a required age threshold without disclosing their exact age, identity, or other personal details. The Commission has also published a blueprint for the system, leaving it to member states to customise and produce the app for their citizens.

The recommendation sets out actions for member states to support rapid availability and interoperability, including implementation plans and coordination to ensure the swift rollout of the solution across the EU.

The measure forms part of the EU’s wider approach to protecting minors online under the Digital Services Act, which requires online platforms to ensure a high level of privacy, safety, and security for minors.

Executive Vice-President Henna Virkkunen said: ‘Effective and privacy-preserving age verification is the next piece of the puzzle that we are getting closer to completing, as we work towards an online space where our children are safe and empowered to use positively and responsibly without restricting the rights of adults.’

Why does it matter?

The move takes age verification in the EU from a general policy objective to a more concrete implementation phase. Rather than leaving platforms and member states to develop separate solutions, the Commission is trying to steer the bloc towards a common privacy-preserving model that can work across borders.

That matters for both child protection and regulatory coherence, because if countries adopt incompatible systems or move at very different speeds, enforcement under the Digital Services Act could become uneven in practice.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Croatia faces additional European Commission action over Digital Services Act enforcement

The European Commission has stepped up its enforcement action against Croatia by issuing an additional letter of formal notice over shortcomings in the national implementation of the Digital Services Act. The move reflects continued concern about whether Croatia’s enforcement structure is fully equipped to apply the regulation in practice.

Although Croatia adopted implementing legislation in 2025, the Commission considers that important obligations remain unmet. In particular, the national authority designated to oversee the regulation has not been given sufficient powers to enforce the Digital Services Act effectively.

Further concerns relate to the penalty regime. According to the Commission, Croatian law does not yet fully meet EU requirements on maximum penalties, proportionality, and deterrence. It also lacks certain provisions needed to sanction individuals for non-cooperation or for providing inaccurate information.

Croatia has been given two months to respond and address the issues raised. If the response is not satisfactory, the Commission may move to the next stage of the infringement process by issuing a reasoned opinion.

Why does it matter?

The case matters because the Digital Services Act depends not only on EU-level rules, but on whether member states give their national authorities the powers needed to enforce them. Croatia’s case shows that even after implementing legislation is adopted, gaps in enforcement design, penalties, and institutional authority can still weaken how the DSA works in practice across the EU.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

Cyprus defence minister highlights role of AI and advanced technologies in defence

The Cyprus Defence Minister Vasilis Palmas has said that AI and advanced technologies are transforming defence, requiring stronger domestic capabilities. His remarks were recently reported by the Cyprus Mail.

He highlighted the growing roles of AI, autonomous systems, cyberdefence and space technology, stressing the need to secure supply chains and meet the National Guard’s requirements.

Palmas said participation in the European defence innovation programmes is a strategic priority, supporting local technological development and integration into wider industry networks.

The country is advancing several funded projects, strengthening research infrastructure, and preparing a national defence industry plan. The comments were made at an event in Cyprus.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

European Commission review finds Digital Markets Act strengthening competition and user choice

The European Commission has concluded that the Digital Markets Act remains effective in shaping fairer and more competitive digital markets across Europe. Its first formal review highlights measurable progress in empowering users and opening digital ecosystems to greater competition.

DMA has strengthened user choice by enabling data portability, alternative browser and search engine selection, and clearer consent over how personal data is used. At the same time, it has facilitated increased interoperability, allowing new entrants such as alternative app stores and messaging services to emerge.

The review also notes that businesses are benefiting from improved access to previously restricted ecosystems, particularly in areas such as connected devices and platform integration. These changes are contributing to a more dynamic and innovative digital environment.

Looking ahead, the Commission identifies AI and cloud computing as key areas for further regulatory focus. Continued enforcement, improved transparency and adaptation to emerging technological trends will be essential to fully realise the DMA’s objectives.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Cybersecurity reform in the EU advances through Spain consultation

Spain has launched a public consultation on the proposed EU Cybersecurity Act 2, inviting input from operators, citizens, and other interested parties on the need for, objectives of, and possible alternatives to the planned reform.

The consultation covers the European Commission’s proposal COM(2026) 11 final, which would repeal and replace Regulation (EU) 2019/881. The proposal is presented as a response to changes in the cyber threat landscape and to new strategic and regulatory challenges that have emerged since the current framework entered into force in 2019.

According to the consultation text, the reform is intended to address four main structural problems: a mismatch between the EU cybersecurity framework and current operational needs, limited practical use of the European Cybersecurity Certification Framework, fragmentation across the wider EU cybersecurity acquis, and growing cybersecurity risks in ICT supply chains.

Regarding ENISA, the proposal argues that the agency’s current functions and resources are insufficient to meet the needs of member states, the EU institutions, and market actors, particularly in policy implementation, operational cooperation, and crisis response. It also says the certification framework created under the current regulation has proved too slow and too complex in practice, with limited market uptake and governance mechanisms that have not delivered at the required speed.

The text also links the proposal to the growing complexity of compliance created by instruments such as NIS2, the Cyber Resilience Act, DORA, and the CER Directive. It says the new regulation would seek greater coherence and interoperability across those frameworks while reducing administrative burdens for companies and competent authorities.

A further objective is to create, for the first time, a horizontal EU-level framework for managing ICT supply-chain cybersecurity risks, including the identification of critical ICT assets, the possible designation of high-risk suppliers, and the adoption of proportionate measures to reduce strategic dependencies.

The proposal would also strengthen ENISA’s mandate and resources, reform and expand the certification framework, and support a more centralised incident-notification model linked to the wider Digital Omnibus simplification agenda.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU advances GPAI framework with focus on forecasting systemic risks

At the third meeting of the Signatory Taskforce, the European Commission advanced discussions on how to strengthen oversight of advanced AI systems through the General-Purpose AI Code of Practice, with a particular focus on risk forecasting and harmful manipulation.

The latest GPAI taskforce meeting focused on improving how providers assess and anticipate systemic risks linked to high-impact AI models. A central proposal would require providers to estimate when future systems may exceed the highest systemic risk tier already reached by any of their existing models, using structured forecasting methods.

The Commission is also considering using aggregate forecasts across the industry to provide a broader view of technological trends, including compute capacity, algorithmic efficiency, and data availability. The aim is to improve visibility into how capabilities may evolve across the sector rather than only at the level of individual providers.

Attention was also directed towards harmful manipulation, which the Code treats as a recognised systemic risk. Discussions focused on how providers should develop realistic scenarios for testing and evaluating model behaviour, including in deployment settings such as chatbot interfaces, third-party applications, and agentic systems.

The initiative reflects a wider EU regulatory approach centred on transparency, accountability, and proactive governance in AI development. Rather than waiting for harms to materialise, the Code of Practice is being used to push providers to identify risks earlier and to adopt more structured safety planning for general-purpose AI models with systemic risk.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!  

EU Global Green Bond Initiative Fund unlocks €20 billion for sustainable infrastructure

The European Union and its financial partners have launched the Global Green Bond Initiative Fund to mobilise up to €20 billion for sustainable infrastructure in developing economies.

The initiative reflects a broader shift towards using private capital alongside public investment to accelerate climate and environmental goals.

Moreover, the fund will prioritise green bonds issued by governments, local authorities, and businesses, with a focus on first-time issuers and least developed countries. By supporting both euro and local-currency bonds, the initiative also aims to strengthen domestic capital markets while expanding the international role of the euro.

Backed by major European financial institutions and supported through the EU guarantees, the GGBI Fund is designed to reduce investment risk and attract private investors at scale.

Alongside financing, the initiative includes technical assistance and subsidy mechanisms intended to improve access to green finance and lower borrowing costs.

The programme forms part of the EU’s Global Gateway strategy, linking economic development with sustainability goals while promoting high environmental standards and long-term resilience across partner regions.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

EU cybersecurity certification framework gains momentum after Cyprus event

The European Commission and the European Union Agency for Cybersecurity (ENISA) have stepped up efforts to strengthen cybersecurity certification across the EU during the European Cybersecurity Certification Week held in Cyprus. The event brought together policymakers, industry representatives, and national authorities to support the implementation of a more unified certification framework.

Discussions focused on advancing the EU Cybersecurity Certification Framework under the Cybersecurity Act, as well as its interactions with related legislation, including the Cyber Resilience Act, the NIS2 Directive, and the Cyber Solidarity Act. The initiative reflects a broader effort to harmonise standards and strengthen trust in digital products and services across member states.

Progress was also reported on two certification schemes currently under development. One concerns European Digital Identity Wallets, aiming to set high security requirements to protect citizens’ credentials, while the other focuses on Managed Security Services, particularly incident response capabilities under the Cyber Solidarity Act.

Participants also reviewed the peer assessment mechanism intended to support consistent implementation across member states. That process, already underway, is designed to promote equivalent cybersecurity standards throughout the EU and reduce the risk of fragmented national approaches.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Ukraine highlights AI strategic shifts

The National Security and Defense Council of Ukraine has published an overview of global AI developments for March 2026, highlighting a shift towards infrastructure and strategic realignment. The report is part of its ‘AI Frontiers’ analytical series.

According to the Council, growing investment and expansion of data centres to fuel AI demands are increasing pressure on energy resources. This is creating new competition not only for computing power but also for energy stability.

The analysis also points to intensifying competition between the US, China and the European Union, extending beyond AI models to supply chains, semiconductors and infrastructure. At the same time, AI is becoming more integrated into defence, cyberspace and information operations.

The Council highlights rising risks linked to disinformation, synthetic content and legal challenges, alongside growing demand for clearer regulation and content labelling as AI adoption expands in Ukraine.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Diplo chatbot can make mistakes. Consider checking important information.