UK law
UK government to consult on child safety measures in March
The UK government has said that it will crack down on illegal content created by AI by requiring AI chatbot providers to comply with the illegal content duties in the Online Safety Act. It emphasises that the distribution of nude images of children is already illegal. However, the government will also consult on how best to ensure tech companies can safeguard children from sending or receiving such images in the first place. The government had already announced a consultation (which will start in March 2026) and the consultation will examine restrictions on children’s use of AI chatbots, as well as options to age restrict or limit children’s VPN use where it undermines safety protections. It will also consider changing the age of digital consent. The government also intends to make sure that data following a child’s death is preserved before it can be deleted, except where online activity is clearly not relevant to the death.
UK government tables amendments to Crime and Policing Bill on intimate images
As well as this, the government has announced that through an amendment to the Crime and Policing Bill, tech companies will be legally required to remove intimate image content no more than 48 hours after it is flagged to them, and platforms that fail to act could face fines of up to 10% of their qualifying worldwide revenue or having their services blocked in the UK. The government wants to make sure that victims will only need to report an image once. This would mean where an image is reported, they are removed across multiple platforms in one go, and from then on, they are automatically deleted at every new upload. As part of that work, plans are currently being considered by Ofcom for these kinds of images to be treated with the same severity as child sexual abuse and terrorism content, digitally marking them so that any time someone tries to repost them, they will be automatically taken down. It will publish guidance for internet providers setting out how they should block access to sites hosting this content, targeting websites that may fall outside the reach of the Online Safety Act 2023. Creating or sharing non-consensual intimate images will also become a “priority offence” under the Online Safety Act.
UK government starts review of radio
The way people listen to radio is rapidly changing. Almost 75% of UK radio listening now takes place on digital or online platforms, rather than FM and AM. To help the industry navigate this shift, the government has said that it will work with key partners, including the BBC and commercial radio, to examine changes in listener behaviour and audio markets in recent years, and make recommendations on the future distribution of radio services. The review will consider whether there should be a managed transition away from FM in the 2030s and, if so, over what timescale; the potential impact of a decision on the future of Digital Terrestrial TV on radio distribution; and the role of emerging technologies, including AI and the benefits and challenges they pose to the industry.
EU law
European Commission launches investigation into Shein under the Digital Services Act
The European Commission has opened formal proceedings against Shein, under the Digital Services Act, to consider its potentially addictive design, the lack of transparency of recommender systems, as well as the sale of illegal products, including child sexual abuse material. The investigation will focus on the following areas: the systems Shein has in place to limit the sale of illegal products in the EU, including content which could constitute child sexual abuse material, such as child-like sex dolls; the risks linked to the addictive design of the service, including giving consumers points or rewards for engagement, as well as the systems Shein has in place to mitigate such risks. Under the DSA, Shein must disclose the main parameters used in its recommender systems and it must provide users with at least one easily accessible option that is not based on profiling for each recommender system. The Commission will now carry out an in-depth investigation as a matter of priority. The opening of formal proceedings does not prejudge the outcome. Coimisiún na Meán, the Digital Services Coordinator for Ireland, will also be involved as it is the national Digital Services Coordinator in the country of establishment of Shein in the EU.
ICT supply chain security: EU adopts a toolbox to mitigate risks
The NIS Cooperation Group has adopted the EU ICT Supply Chain Security Toolbox, developed by Member States with the support of the Commission and the EU Agency for Cybersecurity (ENISA) as well as two risk assessments pertaining to connected and automated vehicles and detection equipment, respectively. The EU ICT Supply Chain Security Toolbox provides a horizontal, common, and non-binding approach on how to identify, assess and mitigate cybersecurity risks of ICT supply chains.
European Data Protection Board issues latest work programme
The EDPB has adopted its work programme for 2026-2027. This is the second work programme to support the implementation of the EDPB strategy 2024-2027. It is based on the priorities set out in the EDPB strategy and the needs identified as most critical for stakeholders. It also takes into account the commitments made in the Helsinki Statement on enhanced clarity, support and engagement aimed at making GDPR compliance easier, strengthening consistency, and boosting cross-regulatory cooperation. The work programme is based on the four pillars of the EDPB strategy and focuses on enhancing harmonisation and promoting compliance; reinforcing a common enforcement culture and effective cooperation; safeguarding data protection in the developing digital and cross-regulatory landscape, and contributing to the global dialogue on data protection.
