Governance

Tracking Europe’s progress on AI: Insights from the implementation of the EU Coordinated Plan on Artificial Intelligence

(Gosia Nikowska, Karine Perset – OECD.AI) Since its launch in 2018, the European Union’s Coordinated Plan on Artificial Intelligence has represented a shared vision between the European Commission and EU Member States to develop, deploy and use artificial intelligence (AI) responsibly and strategically across Europe. Revised in 2021, the plan aims to mobilise at least EUR 20 billion in combined annual investments by 2030, strengthen Europe’s global position in trustworthy AI, and ensure that AI contributes to sustainable, inclusive growth. A new OECD report, in cooperation with and funded by the European Commission, Progress in Implementing the European Union Coordinated Plan on Artificial Intelligence (Volume 1): Member States’ Actions, takes stock of national strategies, investments and governance arrangements shaping AI policy across the EU. Drawing on survey responses and interviews with national authorities across the EU Member States, it offers a comprehensive overview of policy initiatives in key areas, including AI policy, data, compute, skills, and support for AI adoption and innovative AI ventures. – https://oecd.ai/en/wonk/tracking-europes-progress-on-ai-insights-from-the-implementation-of-the-eu-coordinated-plan-on-artificial-intelligence

AI, data centers, and water

(Joseph W. Kane – Brookings) Across the country, from Virginia to Michigan to Arizona, tech companies are pouring billions of dollars into new data center projects needed to store and manage digital information amid the rise of artificial intelligence (AI). Meanwhile, state and local governments are enticed by projected increases in economic output, job creation, property tax revenue, and more that may accompany such projects. In some communities, leaders are practically tripping over themselves to lure more tech investment as part of the country’s expanding AI boom, whether by offering tax incentives or scrambling to approve permits. But amid this AI-fueled gold rush, more leaders are beginning to pay attention to the short- and long-term natural resource concerns, especially around all the water needed to keep data centers running. And even beyond the water needed to support data centers, public and private leaders increasingly need to view data centers in light of larger regional plans and priorities around water infrastructure investment and economic development. –  https://www.brookings.edu/articles/ai-data-centers-and-water/

AI is accelerating the transition to clean energy

(DigWatch) AI is playing an increasingly vital role in supporting the transition to clean energy. AI helps optimise power grid operations, plan infrastructure investments, and accelerate the discovery of novel materials for energy generation, storage, and conversion. While energy-hungry data centres can increase electricity demand, AI applications are helping reduce energy consumption across buildings, transport, and industry. – https://dig.watch/updates/ai-is-accelerating-the-transition-to-clean-energy

The Global Retreat from Content Moderation Is Endangering Free Expression: Kenya Shows Why

(Julie Owono – Just Security) Across the world, major social media platforms are undergoing a profound and troubling shift: a structured retreat from proactive content moderation. Platforms are framing this move as a principled defense of “free speech,” but in practice, it is a deliberate choice to expose users to unprecedented levels of harm, making genuine freedom of expression more fragile. This post-moderation philosophy creates the perfect conditions for State repression and digital authoritarian drift. Kenya, where Internet Sans Frontieres (I serve as Executive Director of the organization) conducted a seven-month investigation with the KenSafeSpace coalition — created to safeguard a democratic and safe digital space in Kenya — offers a revealing and deeply concerning case study of this global trend. – https://www.justsecurity.org/125691/retreat-content-moderation-kenya/

UAE strengthens digital transformation with Sharjah’s new integration committee

(DigWatch) Sharjah is advancing its digital transformation efforts following the issuance of a new decree that established the Higher Committee for Digital Integration. The Crown Prince formed the body to strengthen oversight and guide government entities as the emirate seeks more coordinated progress. The committee will report directly to the Executive Council and will be led by Sheikh Saud bin Sultan Al Qasimi from the Sharjah Digital Department. – https://dig.watch/updates/uae-strengthens-digital-transformation-with-sharjahs-new-integration-committee

Civil rights groups warn of UK data protection enforcement gaps

(DigWatch) A coalition of more than 70 rights organisations, academics and legal experts has warned of a sharp decline in enforcement by the UK Information Commissioner’s Office (ICO). In an open letter to the House of Commons Science, Innovation and Technology Committee, they argue that strong data protection enforcement is essential to prevent abuse and discrimination across public and private sectors. – https://dig.watch/updates/civil-rights-groups-warn-of-uk-data-protection-enforcement-gaps

Up to 3 million UK jobs at risk from automation by 2035

(DigWatch) A new report from NFER warns that up to 3 million low-skilled jobs in the UK could disappear by 2035 due to the growing adoption of automation and AI. Sectors most at risk include trades, machine operations and administrative work, where routine and repetitive tasks dominate. – https://dig.watch/updates/up-to-3-million-uk-jobs-at-risk-from-automation-by-2035

Courts and Litigation

OpenAI clarifies position in sensitive lawsuit

(DigWatch) A legal case is underway involving OpenAI and the family of a teenager who had extensive interactions with ChatGPT before his death. OpenAI has filed a response in court that refers to its terms of use and provides additional material for review. The filing also states that more complete records were submitted under seal so the court can assess the situation in full. – https://dig.watch/updates/openai-clarifies-position-in-sensitive-lawsuit

AI use by US immigration agents sparks concern

(DigWatch) A US federal judge has condemned immigration agents in Chicago for using AI to draft use-of-force reports, warning that the practice undermines credibility. Judge Sara Ellis noted that one agent fed a short description and images into ChatGPT before submitting the report. – https://dig.watch/updates/ai-use-by-us-immigration-agents-sparks-concern

Legislation

Passwords, MFA and AD Accounts: Hardening Your Environment for NIS2 Compliance

(Marcus White – Infosecurity Magazine) The EU’s Network and Information Security Directive 2 (NIS2) significantly expanded the number of sectors covered by the cybersecurity legislation and placed stricter cyber risk management protocols on organizations. The Directive places emphasis on identity and access management (IAM) as a cornerstone of effective cybersecurity and implores organizations to be proactive in their cyber resilience. One challenge for CISOs in achieving NIS2 compliance lies in hardening Active Directory (AD), the backbone of IAM for most organizations. – https://www.infosecurity-magazine.com/blogs/hardening-your-environment-for/

Key Provisions of the UK Cyber Resilience Bill Revealed

(Kevin Poireault – Infosecurity Magazine) As the UK’s Cyber Security and Resilience Bill (CSR Bill) is being discussed in the British Parliament, key changes the law will introduce in a bid to strengthen national security have been revealed. This legislation comes at a critical time for the UK, with the National Cyber Security Centre (NCSC) reporting a 130% increase of “nationally significant” cyber incidents in 2025 compared to 2024 data. Shona Lester, head of CSR Bill Team at the UK Department for Science, Industry and Trade (DSIT), recently spoke in detail about the proposed law at the Cybersecurity Business Network’s inaugural Parliament & Cyber Conference, held in Westminster, in London on November 24. She said the bill will address some of the insufficiencies in “the UK’s only cross-sector cyber security regulation,” the NIS directive. – https://www.infosecurity-magazine.com/news/key-provisions-uk-cyber-resilience/

Security and Surveillance

FCC Warns of Hackers Hijacking Radio Equipment For False Alerts

(Alessandro Mascellino – Infosecurity Magazine) Hackers have been hijacking US radio transmission equipment to air bogus emergency tones and offensive material, according to a notice issued Wednesday by the US Federal Communications Commission (FCC). The wave of intrusions triggered unauthorized uses of the Emergency Alert System’s distinctive Attention Signal, which is normally reserved for tornadoes, hurricanes, earthquakes and other urgent threats. In particular, threat actors appeared to target Barix network audio devices and reconfigure them to capture attacker-controlled streams instead of regular programming. – https://www.infosecurity-magazine.com/news/fcc-hackers-hijacking-radio/

Bloody Wolf Threat Actor Expands Activity Across Central Asia

(Alessandro Mascellino – Infosecurity Magazine) A widening cyber campaign using legitimate remote-access software to infiltrate government targets has been identified by cybersecurity researchers. The operation, discovered by Group-IB and UKUK and carried out by the Bloody Wolf advanced persistent threat (APT) group, shows a shift from traditional malware to a streamlined Java-based delivery method that deploys the NetSupport remote administration tool (RAT). The firms noted that, since it became active late in 2023, the Bloody Wolf group has continued to refine its techniques. – https://www.infosecurity-magazine.com/news/bloody-wolf-expands-central-asia/

Asahi Confirms 1.5 Million Customers Affected in Major Cyber-Attack

(Kevin Poireault – Infosecurity Magazine) Brewing giant Asahi said that almost two million people could have seen their personal data exposed after it suffered a major cyber-attack in September 2025. In a new advisory, published on November 27, Asahi shared the early results of the investigation into the cyber-attack that led to temporary operation suspensions in September and October. – https://www.infosecurity-magazine.com/news/asahi-15-million-customers/

OpenAI Warns of Mixpanel Data Breach Impacting API Users

(Kevin Poireault – Infosecurity Magazine) OpenAI has informed its application programming interface (API) users that some of their data may have been exposed in a breach impacting Mixpanel, a data analytics supplier. In a November 26 blog post, the generative AI company said an attacker gained unauthorized access to part of Mixpanel’s systems and exported a dataset containing limited customer identifiable information and analytics information. – https://www.infosecurity-magazine.com/news/openai-warns-mixpanel-data-breach/

Fraud Fears But No Breach Spike Expected This Festive Season

(Phil Muncaster – Infosecurity Magazine) Security experts have dismissed fears that threat actors could step up cyber-attacks on distracted retailers this Black Friday and in the run up to Christmas, although concerns persist. Huntsman Security analyzed data security incidents reported to the UK’s Information Commissioner’s Office (ICO) between Q3 2024 and Q2 2025. It found that the 1381 incidents reported by the retail and manufacturing sector had only minor seasonal peaks, with none outside a margin of error. Some 355 incidents were reported to the regulator in the busiest time of the year for retailers (Q4), versus 323 in Q3 2024, 317 in Q2 2025 and 386 in Q2 2025. The latter period included the massive ransomware breaches at M&S and the Co-Op Group. – https://www.infosecurity-magazine.com/news/fraud-fears-no-breach-spike/

Scattered Lapsus$ Hunters Take Aim At Zendesk Users

(Phil Muncaster – Infosecurity Magazine) The Scattered Lapsus$ Hunters group may be targeting Zendesk users in a new campaign, after a fresh batch of phishing domains and malicious helpdesk tickets were discovered, according to ReliaQuest. The threat intelligence firm said it found over 40 typosquatted Zendesk domains and URLs featuring different organizations’ names or brands (i.e., organization-zendesk.com) that were created over the past six months. – https://www.infosecurity-magazine.com/news/scattered-lapsus-hunters-zendesk/

Frontiers and Markets

AI scribes help reduce physician paperwork and burnout

(DigWatch) A new UCLA Health study finds that AI-powered scribe tools can reduce physicians’ documentation time and may improve work satisfaction. Conducted across 14 specialities and 72,000 patient visits, the trial tested Microsoft DAX and Nabla in real-world clinical settings. – https://dig.watch/updates/ai-scribes-help-reduce-physician-paperwork-and-burnout