Regulatory Watch – May 2025

Google moves to reassure EU cloud users

Google is upgrading its ‘sovereign cloud’ services in the EU in order to reassure users in Europe that their data will be safeguarded at a time of rising trade tensions with the US. New options will include a ‘data shield’ that provides additional cybersecurity protections to European clients. The company will also work closely with local partners in sensitive industries such as defence to ensure better compliance with tougher data protection requirements. A source said, ‘sovereignty used to be a very niche thing…and suddenly in the current environment everyone is thinking about it’.

Wi-Fi and mobile players compete for release of spectrum band

Internet providers and industry associations are urging the EU to make the upper 6 GHz band available for unlimited Wi-Fi operations. In a letter to digital technology commissioner Henna Virkkunen the advocacy group Dynamic Spectrum Alliance (DSA) said that the spectrum was necessary to allow for the expansion of future Wi-Fi services in which, the group claimed, Europe was already behind the rest of the world. Earlier this month 12 major telecoms companies urged EU regulators to allocate the same spectrum for 5G and 6G networks. But a spokesperson for the DSA said that they were seeking a shared approach, noting that ‘most of the traffic in Europe is indoors, and most of it starts or ends by a Wi-Fi connection’. The EU is expected to unveil a more coordinated approach to spectrum policy in its forthcoming Digital Networks Act.

Facebook introduces ‘friends’ tab as personal interactions decline

Facebook has announced that it will introduce a new tab designed to ‘bring back the magic of friends’. The change is aimed at making it ‘easier for people to find their friends’ content’ on the social media site and was announced in March, ahead of a trial by the Federal Trade Commission alleging that Meta is a social media monopoly. In his testimony, Meta CEO Mark Zuckerberg argued that social media engagement is now less about friends and family connection and more of a vehicle for content discovery. This was supported by a company report shown in court which indicated that the percentage of time spent viewing content posted by friends had, in the last two years, declined from 22 to 17 per cent on Facebook and 11 to 7 per cent on Instagram.

Cyber attack succeeded through ‘social engineering’ via supplier

UK based retailer Marks and Spencer confirmed that, in a major cyber attack, criminals had accessed its systems via a third party supplier. The breach was acknowledged on 22 April and  has blighted the company for weeks, with customers unable to order through its website. The retailer’s e-commerce operations are not expected to be back up until July. Social engineering attacks, in which staff are misled into providing passwords and other personal information, are often described as the ‘Achilles heel’ of cybersecurity as company’s own systems have become harder to penetrate directly.

AI system resorts to blackmail

Artificial intelligence firm Anthropic has revealed that its new model is willing to attempt blackmail in order to preserve itself. The company’s safety team explained that in one test, its new model, Claude Opus 4, was given access to fictional emails implying that it was about to be taken offline. It was then shown an email in which it was claimed the engineer responsible was having an extramarital affair. The researchers said that the system showed a strong preference for ‘ethical solutions’, such as sending emails pleading not to be replaced, but in some scenarios threatened to blackmail the engineer by revealing the affair. The team went on to say extreme responses were ‘rare and difficult to elicit’ but nonetheless ‘more common than in earlier models’.

Sources:  The Financial Times, The Wall Street Journal, Bird and Bird, APNews, Euronews, CNN, The Guardian, The Daily Telegraph, Bloomberg, Economic Times, Ars Technica, Reuters, BBC, Politico, Telecompaper