Political pressure mounts on Parliament data leak, Apple-ChatGPT deal could draw competition scrutiny

Welcome to Euractiv’s Tech Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here.  

“A general discussion on handling this type of data seems needed, as well as on the responsibilities of the European Parliament in case of damages caused.”  

– the Presidents and Vice Presidents of S&D on the European Parliament data leak

Story of the week: Four political groups have sent letters to the European Parliament President asking for further details, action, and “responsibilities” related to a recent data breach that affected a significant amount of employees’ data, including passports. Three groups, the Greens, The Left, and Renew, asked for the matter to be discussed at the next meeting of the Parliament’s Bureau, scheduled for 24 June, in the letters seen by Euractiv. The Bureau is responsible for administrative issues that lay down the rules. Read more. 

Don’t miss: OpenAI-Apple deal: what’s next for EU competition rules? The integration of ChatGPT into Apple’s iOS could lead to changes in EU antitrust rules, said a Commission spokesperson on Tuesday. Announced on Monday, ChatGPT’s language model will enhance Apple’s Siri and writing tools later this year. Commission spokesperson Lea Zuber noted that while large language models like ChatGPT are not currently core platform services under the Digital Markets Act (DMA), they could be included if integrated into services like search engines or virtual assistants. She added that the DMA is flexible and can be updated as needed to address such developments. Read more. 

Also this week: 

• Facebook and TikTok kill fake news story in Italy
• Commission probes UAE state-owned acquisition of Czech telecoms operator
• Influencer sweeps Cyprus EU elections acts as a bulwark against far-right
• Poland, US launch group against Russian disinformation on Ukraine
• The Brief – A battle against disinformation was won
• French president wants to further restrict minors’ use of smartphones
• Commission demands details from porn platforms on protections for minors and illegal content

Today’s edition is powered by Coalition for Open Digital Ecosystems (CODE) 

Vodafone Joins CODE 

CODE believes that the pursuit of openness will drive a thriving European digital economy, in which consumers have more choice, technological lock-in belongs to the past, and businesses can innovate. 

Find out more >>  

Artificial Intelligence 

Dragos reporting for duty. Outgoing MEP Dragos Tudorache (Renew, Romania) will join the Commission’s AI Office, two people familiar with the matter told Euractiv, confirming an earlier report by Contexte. The former MEP will be leading Unit A3, responsible for AI safety, one source and Context said. Tudorache and the Commission declined to comment on the appointment. The Directorate General for Internal Market is set to effect a restructuring of its A Unit on Monday (16 June). 

Elon backs off. Elon Musk dropped his lawsuit against OpenAI on Tuesday, which claimed that ChatGPT maker OpenAI and its CEO, Sam Altman, abandoned the startup’s original goal of developing AI for the benefit of humanity instead of profit. The dismissal comes one day before a judge would’ve heard OpenAI’s arguments to dismiss the case, the Verge reported, and one day after Musk said he would ban Apple devices from his companies in light of a ChatGPT integration. On Thursday, Musk said Tesla’s board is expected to approve his $56 billion compensation package.   

France’s one-year-old Mistral AI bags €600 million Series B. MistralAI announced a €600 million debt and equity investment round on Wednesday, bringing its valuation to €5.8 billion. The round was led by General Catalyst, backed by Andreessen Horowitz, Nvidia, and IBM, among others, the FT reported. The French startup has raised €1 billion in three funding rounds since its creation. It was at the centre of allegations regarding its close involvement in the negotiations of the EU AI Act, with MEcriticisinging its commercial partnership with Microsoft in February. 

Yet another AI suitor. Argentina’s president Javier Milei is pitching Argentina as a low-regulation jurisdiction, an advisor to the president told the FT. The advisor said that South American nations can act as “a hedge” against regulatory risks in the EU and US. Milei travelled to the US in late May to meet with Apple, Google, Meta, and OpenAI executives.   

Cybersecurity 

French defence group Thalès partners with Google Cloud. Thalès’s cybersecurity incident detection and response capabilities should be deployed on Google Cloud, said a Thursday statement. Thalès is a global leader in cybersecurity, while Google is one of three worldwide dominant US cloud hyperscalers. Thalès partnered in 2021 with French OVHcloud sovereign cloud for hosting encrypted messaging data. 

Data & Privacy 

Noyb complaint against Google. Non-profit Noyb has filed a complaint with the Austrian data protection authority against Google, alleging that the company misled users into enabling its Privacy Sandbox feature. The feature conducts first-party tracking under the guise of an “ad privacy feature,” the organisation said on Thursday. Despite promoting the Privacy Sandbox as an improvement over third-party tracking, Google did not obtain proper informed consent from users, thereby violating GDPR requirements, Noyb said. 

Commission investigates French credit card verification system for consistency with EU law. After France enacted its digital umbrella law SREN in May and following two reasoned opinions by the Commission, the EU executive is still looking into how consistent it is with EU law, particularly the Digital Services Act, a Commission spokesperson told Euractiv. France’s age verification system for accessing pornographic websites, which uses as a temporary measure, identification through credit cards, is under the microscope. Transitional measures “could be acceptable” until an EU solution is in place, but they should “remain in line with Union law,” said the spokesperson.  

Digital Services Act 

Request of information from porn sites. The Commission in a statement formally requested pornography platforms Pornhub, Stripchat, and XVideos for detailed information on their compliance with the Digital Services Act (DSA), Thursday. The Commission seeks detailed information on the measures the porn websites have taken to assess and mitigate risks related to the protection of minors online, as well as to prevent the amplification of illegal content and gender-based violence. The Commission specifically requested information on the platforms’ age verification mechanisms and internal compliance systems, according to the press release. Read more. 

LinkedIn ad targeting disabled. LinkedIn disabled ad targeting based on LinkedIn Group membership in the EU, following a European Commission request to ensure compliance with the Digital Services Act (DSA), which restricts the use of sensitive personal data for targeted ads, the Commission announced last Friday. This action addresses concerns about potential DSA violations related to targeting sensitive personal data. 

EU-Australia partnership. The Commission and Australia’s eSafety Commissioner signed an administrative arrangement to support the enforcement of social media regulations, the Commission announced on Tuesday. This partnership, part of broader EU-Australia digital dialogues, will involve information exchanges, expert dialogues, joint training, and sharing best practices to ensure a secure online environment. 

Atos’s fragmentation. Embattled Atos accepted the offer of Onepoint, Butler Industries, Econocom and Atos’s creditors and turned down the offer of Czech billionaire Daniel Křetínský for its debt restructuring, the firm said on Tuesday. It also said it would sell its business of control software for nuclear power plants to Alten, which represents 15% of this industry globally. On Friday, it said it entered a €700 million non-binding discussion with the French state to acquire its sovereign activities, including military critical systems and cybersecurity products. 

Law enforcement

Light at the end of the tunnel for CSAM. During the Justice and Home Affairs Council meeting, the Belgian EU Council Presidency reported progress in addressing delegations’ concerns about the draft law to combat online child sexual abuse material (CSAM). The focus on cybersecurity and end-to-end encryption includes measures to detect grooming and solicitation through image monitoring. The Belgians hope for an agreement at the Committee of Permanent Representatives (COREPER) level. Commissioner Ylva Johansson anticipates the interinstitutional negotiations, known as trilogues, to start post-summer. 

Platforms 

Killing fake news. A fake news story claiming that Italy might leave the EU if there was a low turnout at this weekend’s elections shared on Italian social media was taken down by big tech platforms this week. The story, reported by Facta News, could be a positive example of big tech platforms’ ability to take down fake news information ahead of the 6-9 June European Parliament elections. (Read more)

Influencer takes votes from far right in Cyprus. Fidas Panayiotou, a Gen Z YouTuber, came third in the Cyprus EU elections, taking 19.4% of the popular vote, according to official data. Centre-right DISY came first at 24.8% followed by The Left’s AKEL at 21.5% and ELAM, a far-right party, with 11.2%. “If it wasn’t for Fidias, we would have probably seen ELAM at 20%,” said one analyst. (Read more)

Macron’s tough stance on children’s phone usage. French President Emmanuel Macron, facing imminent legislative elections, announced plans to ban mobile phone use for children under 11 and restrict social media access until age 15 on Wednesday. These proposals expand existing French regulations on minors’ technology use and reflect growing concerns over children’s online safety. The issue of minors’ access to digital services has also been increasingly discussed at the EU level. Read more. 

No more stalking others’ likes. X updated its website and API (Application Programming Interface), to make likes private, allowing users only to view who liked their own posts, the platform announced on Wednesday. Attempts to view likes on others’ posts now display zero results, though total like counts remain visible. X said this change aims to bolster user privacy. X’s API still permits developers to access likes information, including who liked specific posts, but only under strict authentication and usage limits. These differences highlight varying approaches to privacy in social media platforms’ API functionalities. 

Millions download Ten Ten, worrying the French government. The Cabinets of the digital secretary of State and Minister of the Interior met Ten Ten founders after the talkie-walkie application founded by French entrepreneurs saw a surge of millions of downloads in weeks. The government was preoccupied with privacy, security, and cyber harassment issues because a “friends” audio message can be delivered in real-time even when a user’s mobile device is locked. 

Telecom 

Commission and UAE telecoms subsidies. The Commission opened a new foreign subsidies investigation into a commercial acquisition that would see UAE state-owned Emirates Telecommunications Group Company (e&) be in ‘sole control’ of the European telecom operator PPF Telecom, according to a press release. A preliminary investigation has given “sufficient indications that e& has received foreign subsidies distorting the EU internal market,” reads the Commission press release. (Read more)

Commission to pay interest on fines imposed on Deutsche Telekom. The Court of Justice of the EU (CJEU) ruled on Tuesday that the EU executive should pay interest on the refunded part of a fine it imposed on Deutsche Telekom in 2014 for abuse of its dominant position in Slovakia. Originally fined €31 million, an appeal won by Deutsche Telekom reduced the fine to €19 million, and the EU executive paid the difference back to the operator while refusing to pay interest. Yet the CJEU decided that the Commission should repay the €1.8 million interest to the German operator as well.  

What else we’re reading this week: 

The Titan Submersible Disaster Shocked the World. The Exclusive Inside Story Is More Disturbing Than Anyone Imagined  (Wired) 

China’s AI giants cosy up to virtual companions as loneliness drives chatbot revenue (SCMP) 

How Pope Francis became the AI ethicist for tech titans and world leaders (The Washington Post) 

[Edited by Alice Taylor]

Read more with Euractiv