Home | Newsletters & Shorts | DW Weekly #106 – 10 April 2023

DW Weekly #106 – 10 April 2023

DigWatch Weekly 100th issue 1920x1080px generic

Dear readers,

Making generative AI safe is still the talk of the tech world, while TikTok continues to run into hurdles, and the US-China chips war keeps getting more heated. The UK has revealed details of its cyber operations, and law enforcement won a significant battle in cybercrime when it took down the dark web marketplace Genesis Market. We round off the digital policy updates of this issue with the EU initiative to shape its vision of virtual worlds.

Andrijana and the Digital Watch team


// HIGHLIGHT //

Geneva SDOs chime in: Standards are the answer to safe AI development

The safe development of AI seems to be on everyone’s minds these days. If you’ve been reading any tech-related news, you’re probably aware of Pause giant AI experiments: An open letter. (Sidebar: if you haven’t read it, tech experts, including Elon Musk, Steve Wozniak, and Yuval Harari are asking tech giants for a six-month pause in the training of AI systems more powerful than GPT-4, until we can ensure that their effects will be positive and their risks manageable.). The letter has encountered criticism; for example, Bill Gates believes that pausing AI development won’t solve the challenges and would be difficult to enforce. Ex-Google CEO Eric Schmidt commented that such a pause ‘will simply benefit China’.

So far, the letter hasn’t achieved much in practice as companies clearly continue competing in AI – just in the past week, Meta released an AI model that can identify items within images, Microsoft rolled out an AI image generator in Edge, Alibaba invited businesses to test its chatbot Squirrel AI, and Qualcomm and Nvidia sparred for the top spot in AI chip efficiency tests.

Three key Geneva-based international standards-developing organisations (SDOs) chimed in. In their reply to the open letter, the International Electrotechnical Commission (IEC), the International Organization for Standardization (ISO), and the International Telecommunication Union (ITU) highlight the role that standards can have in safe AI development. Standards underpin regulatory frameworks, provide ‘appropriate guardrails for responsible, safe, and trustworthy AI development’, and ‘can help mitigate the risks associated with AI systems and ensure that they are aligned with societal values and expectations’. The three SDOs invited interested stakeholders to join the work of developing consensus-based international standards and encourage their adoption.

digital standards 0 1

But international standards take time to develop. and their uptake by the industry is very much a voluntary matter (there are some exceptions when regulations may require compliance with specific standards). So some countries have started taking matters into their own hands to at least alleviate data privacy concerns: After Italy’s much-talked-about (temporary) ban of ChatGPT, privacy regulators in France, Ireland, and Switzerland reached out to Italian ones to find out more about the basis of the ban, and Germany is considering a ban as well. 

The company behind ChatGPT, Open AI, has since offered remedies in Italy, having committed to enhancing transparency in using personal data and existing mechanisms to exercise data subject rights and safeguards for children. 

But the company may also have to offer remedial measures in Canada, where the Office of the Privacy Commissioner of Canada will investigate a complaint alleging that OpenAI collected, used and disclosed personal information without consent. 

More countries are keeping a close eye on generative AI (rhyme not intended). The UK’s Information Commissioner’s Office (ICO) has stressed that organisations developing or using generative AI must approach data protection by design and default and outlined eight important questions that developers and users should consider. Switzerland’s Federal Data Protection and Information Commissioner had a similar message, advising users to examine the purposes for which text or images they upload are used  and reminding companies that employ AI to observe data protection legislation.

Will more countries follow with their own warnings? Almost certainly. 


Digital policy roundup (3–10 April)
// TIKTOK //

Bans, lawsuits, fines and investigations

The latest in the slew of bans on TikTok comes from Australia, which opted to ban the app on government devices, similar to its Five Eyes intelligence allies and multiple European countries. Albania is also contemplating such a ban.

TikTok has been blasted for allowing children under 13 to use its app, contradicting its terms of service. In the last week, it has been fined for this reason in the UK and sued in Portugal. The UK fine includes collecting children’s data without parental consent. 

Another lawsuit has been filed in Portugal against TikTok for ‘misleading commercial practices’ and ‘opaque privacy policies’.

Vietnam, TikTok’s sixth biggest market, is also set to open an investigation into the platform because of the harmful content and false information that its algorithm can suggest. If it’s found guilty, strict fines will be imposed.

TikTok seems to be in the direst straits in the USA, where a general ban on the app is being contemplated. A top TikTok lawyer reportedly laughed when an employee asked about the ban. Will he have the last laugh?

Caricature shows workers building a fence around a large monitor with a TikTok logo on the screen.

// CHIPS //

China reacts to Japan’s chip export controls, urges WTO to monitor chip export restrictions

Japan’s recently announced restrictions on exports of 23 types of semiconductor manufacturing equipment caused backlash from China, which described them as ‘essentially harmful acts against China under the coercion of a certain country’.

Japan’s move is far from surprising; rumours that it will join the USA (the ‘certain country’ China seems to be referencing) and the Netherlands to institute chip export rules started swirling in January. The USA was the first country in this triad to implement the rules, in October

China took this fight to the WTO in December when it initiated a trade dispute procedure against US chip export control measures, arguing that these measures ‘threatened the stability of the global industry supply chains’. After the Netherlands and Japan seemingly followed the US move in March, China has now urged the WTO to monitor export chip restrictions, and the trio’s deal, arguing that it violates the fairness and transparency principles of the WTO. China also asked the trio to acknowledge if they have reached a private deal on chip exports.

China has made ‘serious démarches to the Japanese side at various levels to express our strong discontent and grave concerns’’ according to foreign ministry spokeswoman Mao Ning, and has called on Japan to modify the restrictions.


// CYBERSECURITY //

UK reveals details of its cyber operations

The UK National Cyber Force (NCF) disclosed how it conducts ‘responsible cyber operations to counter state threats, support military operations, and disrupt terrorists and serious criminals’. 

The document Responsible cyber power in practice highlights that the NCF’s cyber operations are accountable, precise, and calibrated, i.e. conducted in a legal and ethical manner, timed and targeted with precision, with their intended impact carefully assessed.

The NCF’s approach to adversarial cyber operations is based on the ‘doctrine of cognitive effect’ – using techniques that have the potential to sow distrust, decrease morale, and weaken the targets’ ability to plan and conduct their activities effectively, with the goal of changing their behaviour. 

The NCF highlighted that its operations are covert, and the intent is that adversaries do not realise that the effects they are experiencing are the result of a cyber operation, which is why it was not forthcoming with details. The NCF did state that it has protected military deployments overseas; disrupted terrorist groups; countered sophisticated, stealthy and continuous cyber threats; countered state disinformation campaigns; reduced the threat of external interference in democratic elections; and removed child sexual abuse material from public spaces online.


Operation Cookie Monster seizes criminal marketplace Genesis Market

A joint international law enforcement operation has seized the Genesis Market, a dark web market which offered access to over 80 million account access credentials such as usernames and passwords for email, bank accounts, and social media. The operation, led by the US FBI and the Dutch National Police, involved 17 countries and was codenamed Operation Cookie Monster.

Screenshot of a website with the heading 'This website has been seized' and 'Operation Cookie Monster', noting 'Genesis Market's domains have been seized by the FBI pursuant to a seizure warrant issued by the United States District Court for the Eastern District of Wisconsin. These seizures were possible because of international law enforcement and private sector coordination involving the partners listed below.' Contact details and partners are listed.
Image source: Dutch National Police

// METAVERSE //

The EU seeks feedback on its vision for virtual worlds 

The European Commission is presenting an initiative on virtual worlds – metaverses — entitled ‘An EU initiative on virtual worlds: A head start towards the next technological transition’. Its goal is to develop a vision for virtual worlds based on respect for digital rights and EU laws and values. The European Commission will seek feedback from stakeholders and the public through citizen panels and targeted workshops.

The week ahead (10–16 April)

11–13 April: The Digital Rights and Inclusion Forum will be held in Nairobi, Kenya, under the theme ‘Building the sustainable internet for all’. The forum will highlight Africa’s challenges and provide solutions for a sustainable online future for everyone.

11–21 April: The fifth session of the Ad Hoc Committee on Cybercrime will consider the preamble, provisions on international cooperation, preventive measures, technical assistance, the mechanism of implementation, and the final provisions of the future convention on cybercrime.

12–13 April: The ECOM21 23 will discuss business operations, technology, and regulatory frameworks in Riga, Latvia.

13 April: The Global Digital Compact (GDC) co-facilitators are organising a series of thematic deep dives to prepare for intergovernmental negotiations on the GDC. The 13 April discussion will cover internet governance. As these in-depth discussions unfold, the GIP Digital Watch will examine how the GDC’s focus topics have been tackled in different key policy documents. Visit our dedicated GDC page on the Digital Watch observatory to read more about how issues related to internet governance have been covered in such documents.

16–19 April: The American Registry for Internet Numbers (ARIN) 51 Public Policy and Members Meeting will discuss internet number resources, regional policy development, and the overall advancement of the internet in Tampa, Florida, USA.

Diplo and the Geneva Internet Platform (GIP) are organising an event on 13 April entitled Technology and Diplomacy: The Rise of Multilateralism in the Bay Area in San Francisco, California, where we will officially launch our ‘Tech Diplomacy Practice in the San Francisco Bay Area’ report. If you’re based in San Francisco, register and join us!


#ReadingCorner
Can sharks eat the internet

Can sharks eat the internet?

Well, no, not really. But the headline gets us all thinking about the extreme vulnerability of the undersea infrastructure on which the digital world relies, Diplo’s director Dr Jovan Kurbalija writes.


Anja blog 2560x400px

Can AI beat human intuition?

Check for yourself! What does your intuition tell you: did AI write text A or text B in this blog post


1200 280 max

Latest edition of Digital Watch newsletter

The freshly published April issue of our monthly newsletter on digital policy includes: a look at TikTok coming under fire from several countries due to data privacy and national security concerns, a look at how ChatGPT-4 model is pushing the boundaries of AI development, and a summary of OEWG 2021-2025 continued to discuss cybersecurity at its fourth substantive session.


Andrijana20picture
Andrijana Gavrilovic
Editor, Digital Watch, and Head of Diplomatic and Policy Reporting, DiploFoundation

Was this newsletter forwarded to you, and you’d like to see more?