Hungary plans to emphasise competition as the primary driver for investment in telecom infrastructure in its upcoming draft of the Council conclusions. This shift reflects a growing reluctance among the EU member states to adopt the European Commission’s deregulation proposals, highlighting the complexities within the telecom sector as member states consider the potential impacts on market dynamics and investment.
Prompted by the Commission’s February white paper advocating for consolidation, Hungary initially aimed to reconcile diverse stakeholder views in its draft. However, it faced criticism for being overly prescriptive, leading to revision plans. Moreover, Hungary is expected to clarify that the review of the EU’s telecom law, particularly the European Electronic Communications Code (EECC), must precede any consideration of transitioning from ex-ante regulation, designed to prevent monopolistic practices, to ex-post regulation, which addresses violations only after they occur.
That clarification highlights the critical need to uphold regulatory safeguards within the telecom sector. Additionally, Hungary is under pressure from fellow member states to ensure that the Commission publishes a new telecom strategy before allocating the EU funds to enhance submarine cable infrastructure’s security and resilience. Such an approach aligns with the broader objective of ensuring that funding mechanisms support robust and secure telecom networks throughout the EU.
Finally, Hungary has set a timeline for revisions, with member states given until 30 September to respond. A revised text is expected on 9 October, before the working group meeting on 15 October. That underscores the urgency of these discussions for the EU telecom policy.
Meta, Facebook’s owner, has been fined €91 million ($101.5 million) by the EU’s privacy regulator for mishandling user passwords. The issue, which surfaced five years ago, involved Meta storing certain users’ passwords in plaintext, a format lacking encryption or security protection. Ireland’s Data Protection Commission (DPC), which oversees GDPR compliance for many US tech firms operating in the EU, launched an investigation after Meta reported the incident.
Meta admitted the error, emphasising that third parties had not accessed the exposed passwords. However, storing passwords in an unprotected format is considered a major security flaw, as it exposes users to significant risks if unauthorised individuals access the data. Deputy Commissioner Graham Doyle underscored that storing passwords without encryption is widely unacceptable due to potential abuse.
This fine adds to Meta’s growing list of penalties under the EU’s General Data Protection Regulation (GDPR). To date, Meta has been fined a total of 2.5 billion euros for various data breaches, including a record €1.2 billion fine in 2023, which Meta is currently appealing. These repeated infractions highlight ongoing concerns about how the company handles sensitive user data.
Meta Platforms has announced it will not immediately join the European Union‘s voluntary AI Pact, which is a temporary initiative ahead of the AI Act coming into force. The company is currently focusing on compliance with the forthcoming regulations set out in the act, but may sign the pact at a later stage.
The EU’s AI Act, agreed in May and adopted by the European Council, will introduce strict rules governing the development and use of artificial intelligence. Under these regulations, companies must provide detailed summaries of the data used to train their AI models. The majority of the law’s provisions will take effect from August 2026.
In the interim, the AI Pact encourages companies to voluntarily adopt some of the key requirements of the forthcoming act. Meta has expressed its support for harmonised EU regulations but is prioritising work on meeting the obligations of the AI Act.
Google has filed a formal complaint with the European Commission over Microsoft’s cloud business practices. The tech giant argues that Microsoft uses its dominant position with Windows Server to stifle competition and lock customers into its Azure platform. Specifically, Google claims Microsoft enforces heavy mark-ups on users of rival cloud services and restricts access to essential security updates.
The dispute follows a recent settlement where Microsoft paid €20 million to resolve concerns raised by European cloud providers. However, the agreement excluded key rivals like Google and Amazon Web Services (AWS), fuelling further criticism. Google insists only regulatory action will halt what it sees as Microsoft’s monopolistic approach, urging the EU to step in and ensure fair competition.
Microsoft denies the accusations, stating they have settled similar issues amicably with other European providers. A Microsoft spokesperson expressed confidence that Google would fail to persuade the European Commission, as it had failed with EU businesses.
Google believes immediate intervention is necessary to prevent the cloud market from becoming increasingly restrictive. They warn that Microsoft’s influence over the European cloud sector, which is growing rapidly, could limit options for customers and hurt competitors.
The European Commission has tasked the EU Agency for Cybersecurity (ENISA) with developing a cybersecurity certification scheme for the EU Digital Identity (EUDI) wallets. That move aims to standardise and comprehensively secure digital identity wallets across EU member states.
ENISA will create harmonised requirements to support national certification schemes, involving the establishment of reference standards, procedures, and specifications crucial for security and privacy protection. The certification process will align with the Cybersecurity Act and ensure that EUDI Wallets are secure, protecting users’ privacy and personal data while allowing cross-border usability throughout the EU.
The European Digital Identity Framework, effective since May, requires EU member states to start providing EUDI Wallets within two years of adopting their implementing acts. The EC concluded its collection of input on the cybersecurity certification scheme earlier this month, with feedback highlighting the importance of preventing excessive consumer data sharing. ENISA will consider existing certification schemes, such as the European Cybersecurity Certification Scheme on Common Criteria while developing the new framework.
Why does it matter?
ENISA’s ongoing collaboration with the eIDAS Expert Group and the Certification Subgroup, alongside recommendations from its Digital Identity Standards report and current EUDI Wallet pilot projects, will significantly influence the development of the certification scheme, ensuring a robust and trustworthy digital identification system across Europe.
Demetris Skourides, the Chief Scientist, spoke at the Learning Innovation Summit 2024, stressing the significance of ethical AI development. He emphasised the EU AI Act’s role in establishing trustworthy AI systems that focus on ethics, transparency, and accountability. Skourides advocated for AI’s application in education, pointing out its ability to personalise learning, automate tasks, and enhance teaching environments.
He praised rapid AI advancements in Cyprus, with more than 50 companies leveraging the technology across key industries like healthcare and finance. Skourides highlighted the country’s commitment to upholding the EU AI Act, ensuring that AI systems meet the highest standards of accountability and ethics. The Chief Scientist also noted how Cyprus could generate new job opportunities through this AI revolution.
The potential for AI to transform education was a central theme. Skourides discussed the benefits of adaptive learning platforms, which can tailor lessons to individual students’ strengths, enabling each learner to reach their full potential. He urged educators to embrace AI, foreseeing a shift from rote memorisation to fostering creativity, critical thinking, and collaboration in the classroom.
Finally, Skourides called for a balanced approach to AI development. By equipping future generations with digital skills and ensuring that ethics remain central, AI’s power can be harnessed to drive both economic growth and innovation. He reaffirmed his commitment to advancing AI in education and collaborating with industry leaders to create an empowering learning environment.
The European Commission is taking significant steps to ensure Apple aligns its practices with the Digital Markets Act (DMA). That initiative involves specifying the actions Apple must undertake to enhance interoperability with other products, marking a pivotal moment as it represents the first formal use of this DMA tool to engage with the tech giant.
The move reflects the Commission’s commitment to fostering a competitive digital market within the EU, particularly in light of ongoing discussions regarding Apple’s role in this landscape. To this end, the Commission has initiated two key proceedings focused on interoperability issues concerning Apple’s iOS operating system.
The first aims to simplify the connection process for non-Apple devices, such as smartwatches and headphones, enabling them to work seamlessly with iPhones and iPads. That includes enhancing features like Bluetooth pairing and notifications. The second proceeding examines how Apple interacts with developers seeking interoperability, aiming to establish a fair and efficient process that encourages innovation while addressing potential privacy and security concerns.
The European Commission has established a clear timeline for these proceedings, setting a six-month deadline for investigations into Apple’s compliance with the DMA. Should Apple fail to meet the specified requirements, the Commission may impose fines or restrictions on the company’s operations in certain regions or technology sectors. Moreover, it follows a previous mandate requiring Apple to address competition concerns related to access to near-field communication (NFC) technology for contactless payments, highlighting the company’s ongoing scrutiny.
Several tech companies, including Meta and Spotify, have criticised the European Union for what they describe as inconsistent decision-making on data privacy and AI. A collective letter from firms, researchers, and industry bodies warned that Europe risks losing competitiveness due to fragmented regulations. They urged data privacy regulators to deliver clear, harmonised decisions, allowing European data to be utilised in AI training for the benefit of the region.
The companies voiced concerns about the unpredictability of recent decisions made under the General Data Protection Regulation (GDPR). Meta, known for owning Facebook and Instagram, recently paused plans to collect European user data for AI development, following pressure from EU privacy authorities. Uncertainty surrounding which data can be used for AI models has become a major issue for businesses.
Tech firms have delayed product releases in Europe, seeking legal clarity. Meta postponed its Twitter-like app Threads, while Google has also delayed the launch of AI tools in the EU market. The introduction of Europe’s AI Act earlier this year added further regulatory requirements, which firms argue complicates innovation.
The European Commission insists that all companies must comply with data privacy rules, and Meta has already faced significant penalties for breaches. The letter stresses the need for swift regulatory decisions to ensure Europe can remain competitive in the AI sector.
European antitrust regulators will not take action against Microsoft’s acquisition of staff from AI startup Inflection, including its co-founders, following the withdrawal of requests from seven European Union countries. These countries dropped their requests for the European Commission to investigate, due to a recent court ruling that limits the regulator’s ability to examine mergers below the EU’s revenue threshold.
The court ruling has been viewed by some as a correction against regulatory overreach. The European Commission, in response, stated it would not pursue the case further. Despite this, the Commission acknowledged the Microsoft-Inflection deal as a merger due to its restructuring of Inflection’s business focus towards AI development.
The agreement between Microsoft and Inflection represents a significant market shift. Under the EU’s merger rules, it is considered a concentration, reflecting the ongoing transformations in the AI industry.
The Dutch competition regulator, the Netherlands Authority of Consumers and Markets (ACM), has called for more authority to investigate corporate deals independently. This comes after the European Union’s antitrust regulators decided not to take action against Microsoft’s acquisition of AI startup Inflection’s staff.
The EU’s decision to not investigate further comes after the initial 7 Member states who complained about Microsoft sweeping up of Inflection’s staff, decided to drop their complaints, leaving the Commission with no decision in this matter.
ACM expressed concerns over potential negative impacts of such deals on Dutch consumers and businesses but lacks the power to fully assess or prevent market dominance in these cases. The regulator’s chairman, Martijn Snoep, emphasised the need for new investigative powers to better assess acquisitions and their effects.
ACM is pushing for the ability to refer acquisitions with broader European implications to the European Commission, enabling better oversight of deals that might otherwise go unexamined.
