Welcome to Euractiv’s Tech Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here.

“We suspect that the suggested solutions put forward by the three companies do not fully comply with the DMA [the EU’s Digital Markets Act].”

– Margrethe Vestager, the European Commission’s executive vice president in charge of competition policy, told a press briefing on Monday.

Story of the week: The European Commission is opening non-compliance investigations into Alphabet, Google’s parent company, Apple, and Meta under the Digital Markets Act (DMA), the institution announced on Monday. The investigations focus on steering rules in Google Play and Google Search, Apple’s App Store policies and choice screen, and Meta’s “pay or consent” model. The Commission is also in a preliminary investigation into Amazon’s ranking practices and Apple’s new fee structure for alternative app stores. Read more.

Don’t miss: The European Union is looking to ban foreign wind turbines on the grounds of cybersecurity concerns, echoing similar recommendations that saw EU countries bar China’s Huawei from 5G networks. Wind turbine sensors gather terabytes of data daily, and Europe would not be the first region to express concerns about where this data could be sent. On 23 April, the EU’s new industrial policy law, the Net Zero Industry Act (NZIA), will be adopted by EU lawmakers and rubber-stamped by EU countries shortly after. Once it enters into force, the crackdown could begin: From 2026, public auctions offering support for renewable energy will have to include requirements concerning cybersecurity. This will be optional for public procurement of renewable energy. (Read more)

Also this week:

• Unreleased document: DSA, identity wallets take spotlight on protection of minors online
• Deal on major digital bill: French lawmakers give in to EU Commission demands
• EU Commission to sign partnership with Australia on critical raw materials
• New Council compromise highlights risk assessment, detection, reporting in anti-child sexual abuse law
• Belgian EU presidency presents new risk assessment methodology for child sexual abuse law

Before we start: If you want more tech analysis, tune in to our weekly podcast.

Artificial Intelligence

UN AI adoption. The United Nations General Assembly unanimously passed the inaugural global resolution on artificial intelligence (AI), Reuters reported last Friday. The resolution, proposed by the United States and supported by China and more than 120 other nations, emphasises the importance of protecting human rights, safeguarding personal data, and monitoring AI for potential risks. While non-binding, it encourages countries to enhance privacy policies.

Good news for the AI European ecosystem. “What do you think about [Mistral AI] giving up on open source and the announcement of a partnership with Microsoft?” French MP Mireille Clapot (Renaissance, Renew) wrote in a question to Digital Secretary of State Marina Ferrari. Ferrari answered that ”Mistral […] manages to compete with American rivals”, which is a reason to rejoice for the French tech industry. “Mistral stated its intention to develop various distribution channels, which will establish Europe in the field of large-scale artificial intelligence models and thus reduce the risk of economic concentration,” she stated.

Cybersecurity

Dutch PM confronts Xi Jinping on cyberespionage. During a meeting in Beijing, Dutch Prime Minister Mark Rutte raised the issue of cyber espionage with his Chinese counterpart. Chinese state-backed spies gained access to a Dutch military network last year, the Netherlands intelligence agency said last month. Semiconductors were also on the table, particularly licensing for tools made by Dutch chip equipment major ASML.

UK vs. China. On Monday, the UK government accused China-affiliated cyber actors of engaging in malicious cyber activities targeting UK institutions and individuals with key roles in democracy. The National Cyber Security Centre, part of the Government Communications Headquarters, which is an intelligence and security organisation, attributed this activity to the Chinese hacking group APT31, stating that they conducted online reconnaissance against email accounts of UK parliamentarians, many of whom have criticised China’s actions.

US vs. China. Also on Monday, the US Department of Justice released an indictment alleging that Chinese hackers associated with the national spy agency, the Ministry of State Security, targeted all members of the Inter-Parliamentary Alliance on China, which consists of European Union lawmakers critical of Beijing.

“A test like we have never experienced in our collective cybersecurity,” Vincent Strubel, president of French cybersecurity agency ANSSI, said when evoking this summer’s Paris Olympic and Paralympic Games during the annual Forum InCyber in Lille on Wednesday. Strubel said he was confident in the ANSSI’s capacity to face the cyberattack surge, yet warned that in the long run, one should not forget the need to scale cybersecurity, including attracting more people in the industry.

Data & Privacy

France takes aim at foreign interference. On Wednesday, French MPs backed a bill to expand intelligence services competencies to monitor networks, re-opening a debate on democratic control of these agencies. At the moment, intelligence services are only allowed to detect suspicious behaviour related to terrorism. Wednesday’s vote aims to expand the scope of the Intelligence Law to foreign influence. The bill is expected to be discussed in the Senate in April. Read more.

EDPS investigation. The European Data Protection Supervisor (EDPS) has investigated the Commission’s use of Microsoft 365 services. In an investigation document dated 8 March, the agency expressed concerns about the insufficient contractual safeguards in place between the European Commission and Microsoft, especially regarding data protection obligations and responsibilities. In March, Euractiv reported about the Commission violating data protection rules in its use of Microsoft 365, leading to the imposition of corrective measures by the EDPS.

eID approved. On Tuesday, the European Council approved a new framework for a European digital identity (eID) to guarantee a reliable and secure digital identity for Europeans. The regulation marks a change in Europe’s approach to digital identity, striving to provide universal access to secure electronic identification and authentication for individuals and businesses across the continent.

French liberals look to end online anonymity. French MP Paul Midy (Renaissance, Renew), led an op-ed, signed by 125 French lawmakers and politicians, suggesting putting an end to online anonymity at the EU level. Midy, who was a rapporteur on the SREN law, an all-encompassing digital law, first suggested ending online anonymity during debates at the National Assembly at the end of 2023. Observing that the “level of violence, racism, sexism, and harassment is much higher on social media than it is in physical life”, Midy said he wishes to prohibit online anonymity towards police services while preserving pseudonymity between users. The MP called for solving the problem at the EU level, calling it the best place to face Big Tech.

Digital Markets Act

“Very happy about the Commission’s DMA investigations,” Benoît Cœuré, president of the French antitrust watchdog Autorité de la Concurrence, said at the Tech For Future event on Thursday in Paris, which Euractiv attended. He continued that ultimately it would be for the Commission to come up with a decision, saying his services were ready to support the investigation.

Digital Services Act

How to protect minors on the internet. The Digital Services Act (DSA) and European Digital Identity Wallets (EDIW) take the spotlight in the EU’s work to protect minors online, according to an unreleased document seen by Euractiv. A declaration to be presented at the informal meeting of Europe’s telecom ministers on 11-12 April, calls for the rigorous and effective enforcement of the DSA and EDIW to protect children and young adults online, according to the document. Read more.

Amazon loses bid to conceal ads. The European Court of Justice ruled against Amazon in its attempt to conceal an advertisement repository. Under the DSA, Amazon is a Very Large Online Platform and as such, it is obliged to make publicly available a repository containing detailed information on its online advertising. The online retail platform argued that the obligation unlawfully limits its fundamental rights to respect private life and its freedom to conduct business. However, the court concluded that if Amazon is relieved of its obligation, the DSA’s goals would be severely delayed, perhaps for years.

Industrial strategy

Critical raw materials: The Commission will sign a strategic partnership with Australia on critical raw materials, a source familiar with the matter told Euractiv, as the EU continues its drive to secure access to these materials from sources other than China. Separately, the Commission’s Director-General for Internal Market, Industry, Entrepreneurship and SMEs, Kerstin Jorna, told Euractiv that four partnerships are “in the negotiation [stage] or ready for signature”. Read more.

The US is ploughing ahead on chips. While the EU is fighting to reduce its dependence on China for critical raw materials, the US strategy to bring semiconductor manufacturing home is paying off. Intel, a major yet left-behind chip maker, is building or expanding four factories on US soil, the White House said. Across the Pacific, China is blocking the use of Intel and AMD chips for government services.

Cheaper cat qubits. The French startup Alice&Bob received a €16.5 million grant from a consortium, including the universities ENS Lyon and Mines-Paris. The startup aims to make the cost of quantum informatics 10 times cheaper. The “Cats Factory” project aims to bring a quantum computer ready to the market. In March 2023, Alice&Bob announced it could compete with Google’s quantum computer, making it 60 times more efficient in terms of qubits. At the moment, quantum computers are still less efficient than traditional computers, yet deep tech companies, and States, are eagerly competing to develop them.

Quantum development pillars. The Commission presented last Friday five pillars that will form the basis to boost Europe’s competitiveness in quantum computing. The pillars will be the bedrock of an action plan with concrete steps, as mentioned in the EU Quantum Declaration. At the time of publication, the Commission did not respond to Euractiv’s question on the budget for the plan or an expected timeline. Separately, on 21 March, Belgium, Bulgaria, and Poland announced plans to sign the EU Quantum Declaration. Read more.

Law enforcement

Belgians give details on risk assessment for child abuse content. A new document written by the Belgian EU Council presidency and seen by Euractiv outlines key details for the risk assessment that will form the backbone of a draft law to detect and remove online child sexual abuse material (CSAM). The document follows the latest approach by the Belgian presidency to the draft law on CSAM, which put the focus on the Coordinating Authority’s roles, such as risk categorisation or detection orders. Based on the member states’ suggestions and the LEWP meetings on 1 and 19 March, the presidency drafted the new document, which provides details about possible criteria and categorisation methodologies to be used in the practical part of the CSAM legislation. Read more.

New CSAM compromise text. A new compromise text of the draft legislation to detect and remove online child sexual abuse material (CSAM) by the Belgian Presidency of the European Council, seen by Euractiv, focuses on risk assessment, detection orders, and reporting. Moreover, the document includes new parts on reporting, the EU Centre and Europol, mitigation measures, end-to-end encryption, and age verification. Some of the details on risk categorisation and detection orders, given by the other document were also included in the compromise text. Read more.

Media

EMFA Council adoption. On Tuesday, the Council approved the European Media Freedom Act (EMFA), a new law designed to uphold media freedom, pluralism, and editorial independence within the EU. The regulation is set to be signed, published in the EU’s Official Journal, and enforced 20 days thereafter.

Journalists supporting journalists. On Wednesday morning, a group of journalists, diplomats, EU officials and other supporters gathered in Parc du Cinquantenaire in Brussels to show their support for Wall Street Journal journalist Evan Gershkovich, who has been detained in Russia for nearly a year.

Platforms

French digital bill deal. Seven French MPs and seven senators reached a compromise on Tuesday on a hard-fought all-encompassing digital bill, agreeing to water down provisions that would otherwise conflict with EU legislation, while putting sovereign cloud requirements into law. France’s digital bill (Sécuriser et réguler l’espace numérique, SREN) received two reasoned opinions from the European Commission, on 25 October 2023 and 17 January, both regarding its Senate and National Assembly versions. The legislative process was hence blocked until mid-March. The agreed text is scheduled to be presented at the Senate on 2 April and at the National Assembly on 10 April. Read more.

FTC investigates TikTok. The Federal Trade Commission (FTC) is conducting an investigation into TikTok regarding concerns about its privacy and data security practices, Politico reported on Tuesday. Allegations include claims that TikTok and its parent company, ByteDance, misled users by denying access to their data by individuals in China and violated children’s privacy laws. The FTC, along with the Justice Department, can now file a lawsuit or negotiate a settlement.

Telegram’s suspension was postponed in Spain. On Monday, the High Court in Spain suspended its order to block the Telegram messaging app, which was to come into effect on Monday. The court instead commissioned a report by the police on Telegram, as well as the impact a ban would have on users. The court previously decided to order internet service providers to temporarily block access to Telegram over complaints that copyrighted content was illegally shared there. The suspension was lifted over criticisms from consumer rights groups.

X loses lawsuit against hate speech NGO in the US. Elon Musk lost a lawsuit in the US on Monday, against the Center for Countering Digital Hate (CCDH). Musk sued the CCDH because he did not like the criticisms made by the Center that he had allowed a rise in hate speech on X. The decision is a blow for Musk as the judge ruled that it was “evident” that X’s owner sued the CCDH because he did not like the criticism.

Lawsuit against Spotify. On Tuesday, Contexte revealed that the Scam, a society which collects and distributes royalties for authors in France, filed a complaint against Spotify. It argues that Spotify should have signed a licensing agreement in order to distribute podcasts. The Scam is preparing to file a similar complaint against French streaming company Deezer.

Standards

Vote French. The Commission is urging member states to support a French candidate for the leadership position in the standardisation body European Telecommunications Standards Institute during the upcoming vote, Euronews reported on Tuesday. This comes amid concerns about potential ties between two other contenders and foreign businesses. The Commission emphasised the increasing politicisation of standardisation bodies and advocated for Gilles Brégant, the director of the French spectrum agency ANFR. The other contenders include Luis Jorge Romero, the current director-general of ETSI and former Telefonica official from Spain, and Jan Ellsberger, a former vice president of Ericsson with former employment at Huawei, who is now an advisor to a consultancy firm from Sweden.

Telecoms

A push for cloud take-up. French Digital Secretary of State Marina Ferrari presented France’s Digital Decades roadmap to the Commission’s director Roberto Viola on Monday. Lagging behind the EU’s average of company digitalisation, France decided to push for cloud take-up of its SMEs thanks to its France Num initiative. France furthermore wishes to push SMEs to adopt AI and strengthen their cybersecurity.

Transatlantic ties

Coming up next week; TTC. Belgium, the current president of the Council of the European Union, will host the sixth ministerial meeting of the EU-US Trade and Technology Council (TTC) on 4-5 April in Leuven. The meeting will be co-chaired by EU Executive Vice Presidents Margrethe Vestager and Valdis Dombrovskis, along with other high-level representatives from the EU and the US. Belgian stakeholders, including Prime Minister Alexander De Croo and Foreign Affairs Minister Hadja Lahbib, will participate, emphasising Belgium’s role in trade, technology, and culture.

What else we’re reading this week:

Does ChatGPT violate New York Times copyrights? (Harvard Law Today)

The End of Foreign-Language Education (The Atlantic)

The changing face of protest (Rest of World)

*Júlia Tar and Théophane Hartmann contributed to the reporting.

Read more with Euractiv