Global AI Newsletter·Issue 10
Table of Contents
I. Domestic Governance Developments
(I) Policy and Legislative Updates
1. The Ministry of Public Security is soliciting public comments on the “Draft Law on the Prevention and Control of Cybercrime.”
2. The General Office of the State Council has issued the “Administrative Measures for the Standardization of Government Mobile Internet Applications.”
3. The National Cybersecurity Standards Committee released the first batch of national cybersecurity standards requirements for 2026.
4. The State Administration of Government Offices issued the “Notice on the 2026 Work Arrangements for Energy and Resource Conservation in Public Institutions.”
5. The Cyberspace Administration of China releases Q&A on data export security management policies and regulations.
6. Jiangsu’s first Artificial Intelligence Development Bureau has been established in Yuhuatai District, Nanjing City.
7. Cross-border medical data channel between Shenzhen and Hong Kong launched
(II) Law Enforcement and Judicial Updates
1. The State Administration for Market Regulation released eight typical cases of unfair competition online.
2. The first-ever nationwide lawsuit over infringement triggered by generative AI “hallucinations” has been concluded with a verdict.
(III) International Cooperation
1. China and the UK will expand joint research and industrial application in fields such as artificial intelligence.
(IV) Research Updates
1. The China Academy of Information and Communications Technology released the “Research Report on the Architecture of the Computing Power Internet (2025).”
2. The China Academy of Information and Communications Technology releases the “Report on the Development of Embodied Intelligence (2025)”
(V) Industry Dynamics
1. The first event of the 2026 Global Digital Economy Conference—the Beijing-Hong Kong Digital Economy Cooperation Forum—was successfully held.
2. Shanghai Hosts the 2026 “Smart Computing Shanghai” High-Level Forum
II. International Governance Developments
(I) Policy and Legislative Updates
1. The European Parliament’s Committee on Legal Affairs adopts a proposal on copyright protection for training data used in generative AI.
2. The New York State Senate passed a bill to strengthen additional protections for sensitive health information.
(II) Law Enforcement and Judicial Updates
1. The EU launches a formal investigation into Grok’s recommendation system.
2. European Commission Launches Procedures to Assist Google in Fulfilling Obligations Under the ‘Digital Markets Act’
3. UK Financial Conduct Authority Launches Review on AI’s Impact on Retail Financial Services
4. UK Competition and Markets Authority Proposes Regulatory Measures for Google’s AI Search
5. France Travail Fined €5 Million for Leaking Job Seekers’ Information
6. Austrian Data Protection Authority Rules Microsoft Illegally Tracked School Students
7. Netherlands Bans Permanent Video Surveillance of Employees at Designated Workstations
8. Japanese Court Rules Unauthorized Adaptation of DVD Content via Generative AI Constitutes Copyright Infringement
9. California Court Launches Consolidated Litigation Proceedings Over Big Social Media Addiction
10. South Korea’s Coupang Interim Chief Undergoes 12-Hour Police Questioning Over Data Breach Allegations
11. Former Google Engineer Convicted of Economic Espionage and Trade Secret Theft for Stealing AI Technology
(III) International Cooperation
1. Brazil and the EU Mutually Recognize the Adequacy of Each Other’s Data Protection Levels
2. Armenia Signs the Council of Europe’s ‘Framework Convention on Artificial Intelligence, Human Rights, Democracy, and the Rule of Law’
3. African Union Commission and the U.S. Establish Strategic Infrastructure and Investment Working Group, Prioritizing Digital Infrastructure and Continental Digital Transformation
(IV) Research Updates
1. NYU Releases Policy Brief ‘Guidance for the New Global Dialogue on AI Governance’
2. International Telecommunication Union Releases the Second Edition of the ‘AI for Good Impact Report’
(V) Industry Dynamics
1. World Economic Forum 2026 Davos Annual Meeting Releases Four Core Takeaways
2. 2026 EU Open Source Policy Summit Held
I. Domestic Governance Developments
(I) Policy and Legislative Updates
On January 31, the Ministry of Public Security publicly solicited comments on the “Draft Law on the Prevention and Control of Cybercrime” (hereinafter referred to as the “Draft”). The Draft consists of 7 chapters and 68 articles, focusing on such key areas as real-name management of network infrastructure resources, governance of the cybercrime black-and-gray industry ecosystem, clarification of prevention and control obligations for network service providers, and strengthening cross-border crime prevention and control. It expands the scope of cybercrime prevention and control to cover critical links such as infrastructure resources, technical tools, accounts, payment channels, and platform operations. The Draft stipulates that no individual or organization may engage in activities that interfere with or undermine the real-name registration system. Moreover, it subjects to legal regulation the black-and-gray industrial chains—such as online payments and traffic generation and promotion—that play a fundamental role in these systems, thereby providing further legal support for combating and addressing the cybercrime ecosystem.
Link: https://www.mps.gov.cn/n2254536/n4904355/c10386242/content.html
On January 28, the General Office of the State Council issued the "Administrative Measures for the Standardization of Government Mobile Internet Applications" (hereinafter referred to as the "Measures"), aimed at standardizing the management of government apps and mini-programs and preventing "formalism at your fingertips."
The Measures clarify that government affairs applications refer to application software—such as mobile clients (apps), mini-programs, and quick apps—that are developed and built by administrative agencies at all levels, mass organizations, and public institutions, or that are hosted on various internet platforms and run on mobile smart devices. These applications provide support services for internal staff in terms of office work, management, and learning. The Measures stipulate that, in principle, units below the county level are not allowed to independently develop or build government affairs applications. Moreover, before an application is launched, it must complete registration and obtain a unique identifier. The organizing entities are required to assume primary responsibility and are prohibited from compelling users to download or use unregistered applications. The Measures further require that government affairs applications shall not include features such as mandatory clock-in, check-in, or liking posts, which would impose additional burdens on grassroots-level personnel. Additionally, these applications must strengthen data security protection and establish robust channels for user feedback. All regions and departments are required to conduct regular self-inspections and make necessary rectifications. All applications already in operation must complete registration within six months. The Cyberspace Administration of China will carry out spot checks; applications found in violation of these regulations and failing to implement effective rectifications will have their registration revoked and will be suspended from receiving related support.
Link: https://www.gov.cn/zhengce/content/202601/content_7056374.htm
On January 30, the National Cybersecurity Standards Committee released the first batch of national cybersecurity standard requirements for 2026. This release includes a total of 48 national standard requirements, covering both cybersecurity technologies and data security technologies, including but not limited to:
Limited to the “Security Requirements for Trusted Open-Source Code in Cybersecurity Technology,” the “General Security Requirements for Application Software in Cybersecurity Technology,” the “Guidelines for Interoperability of Cybersecurity Technology Cybersecurity Testing Platforms,” the “Security Standards for Financial Information Services in Cybersecurity Technology,” the “Security Requirements for Autonomous Driving Vehicle Operation Services in Cybersecurity Technology,” the “Basic Security Requirements for Anthropomorphic Interactive Services in Artificial Intelligence in Cybersecurity Technology,” the “Basic Security Specifications for Intelligent Agents in Cybersecurity Technology,” the “Guidelines for Secure Construction of Artificial Intelligence Corpora in Cybersecurity Technology,” and the “Data Security Requirements for Facial Recognition Data in Data Security Technology.”
Link: https://www.tc260.org.cn/portal/article/2/df9022b9293c465a83a15931b2903175
On January 29, the State Administration of Government Offices issued the "Notice on the Arrangements for Energy and Resource Conservation in Public Institutions in 2026," which, guided by the formulation of the 15th Five-Year Plan and driven by the goal of peaking carbon emissions, identifies eight key tasks. First, align with national strategies, implement comprehensive conservation requirements, and support the green transformation of the economy and society; second, coordinate the preparation of special plans for the 15th Five-Year Plan and improve the legal, regulatory, and standard systems; third, establish a dual-control mechanism for carbon emissions and promote renewable energy and low-carbon technologies; fourth, advance energy-saving renovations of air conditioning systems, data centers, and other facilities, and strengthen full-process project supervision; fifth, deepen measures for intensive resource utilization, such as water conservation, combating food waste, and waste sorting; sixth, promote market-oriented service models such as energy-cost management; seventh, upgrade digital statistical platforms and refine assessment and evaluation mechanisms; eighth, carry out demonstration selection and thematic publicity campaigns to foster green production and lifestyles.
Link: https://www.ggj.gov.cn/tzgg/202601/t20260129_49015.htm
On January 30, the Cyberspace Administration released a Q&A document on data export security management policies and regulations. The Q&A covers two main aspects: First, regarding the alignment with the establishment of standard contracts for cross-border transfer of personal information, as well as the certification and declaration procedures for cross-border data transfers and the associated security assessments, data processors—other than operators of critical information infrastructure—are required to adopt different measures based on the volume of personal information being exported. Specifically, these measures are categorized according to whether the number of personal information items exceeds or falls below 100,000 (excluding sensitive personal information) or whether it exceeds or falls below 10,000 sensitive personal information items, with separate requirements applying to each category. Second, concerning domestic data processors that have already entered into standard contracts for cross-border flows of personal information in the Guangdong-Hong Kong-Macao Greater Bay Area, the Q&A addresses their compliance obligations when circumstances surrounding the export of personal information change. Data processors who have filed their records under the Greater Bay Area standard contracts are restricted to conducting cross-border data transfers exclusively within the Greater Bay Area and may not provide personal information to entities outside the region. If such entities outside the region require personal information, the data processors must fulfill their compliance obligations in accordance with national regulations on data export.
Link: https://www.cac.gov.cn/2026-01/30/c_1771505108953002.htm
On January 27, at the Artificial Intelligence Industry Development Conference held in Yuhuatai District, Nanjing City, the Yuhuatai District Artificial Intelligence Development Bureau was officially established, becoming Jiangsu’s first district-level AI department to be included in the ranks of Party and government institutions and equipped with dedicated administrative staffing.
Link: https://jszwb.jiangsu.gov.cn/art/2026/1/27/art_81695_11722473.html
7. Cross-border medical data channel between Shenzhen and Hong Kong launched
On January 27, the secure and convenient cross-border data channel between Shenzhen and Hong Kong was launched. Starting today, after Hong Kong residents receive medical treatment at the University of Hong Kong-Shenzhen Hospital or the New Horizon United Family Hospital, their imaging studies and report data—upon their personal authorization—can be securely transmitted via this channel to Hong Kong’s “MediConnect” platform. In the future, the capabilities of this channel will continue to expand, with plans to gradually and steadily extend its scope from the healthcare sector to other critical areas such as finance, commerce, education, and scientific research.
Link: http://locpg.gov.cn/20260128/3567ea5e2d2b41e2af644aa193d97cf6/c.html
(II) Law Enforcement and Judicial Updates
On January 31, the State Administration for Market Regulation released eight typical cases of unfair competition in the online sphere. The illegal activities covered include: using technical means to obstruct or disrupt the normal operation of online products or services lawfully provided by other operators; organizing fictitious transactions; illegally scraping data; engaging in commercial defamation; causing commercial confusion; and making false advertising—seven types of violations in total.
Link: https://www.samr.gov.cn:8890/xw/zj/art/2026/art_55e7dd8d2a9e46fa8378cb98b95f31e1.html
According to the People's Court Daily on January 26, the Hangzhou Internet Court concluded the country's first infringement dispute case caused by the "hallucination" of generative artificial intelligence models. The basic facts of the case are as follows: When Liang entered a prompt in a generative artificial intelligence application to ask for relevant information about a university's application, the application generated inaccurate information about a campus of the university. Liang corrected and accused, and the app continued to reply that the university did have this campus, and proposed that if the generated content was wrong, it would provide users with 10 compensation of 10,000 yuan. Therefore, Liang filed a lawsuit with the Hangzhou Internet Court, demanding compensation from the service provider of the application. 9999 yuan.
The court held that artificial intelligence does not have the qualifications of a civil subject and cannot express its intentions, and the "compensation commitment" generated by the artificial intelligence involved in the case cannot be regarded as an expression of intent by the service provider. The application belongs to the category of "service" in the "Interim Measures for the Management of Artificial Intelligence Services", not "product" in the sense of the Product Quality Law, so the principle of general fault liability rather than the principle of no-fault liability should be applied. In terms of damage results, the plaintiff did not provide effective evidence for the damage caused by missing the opportunity to apply for the exam and incurring additional costs due to misleading information, making it difficult to determine the existence of damage. In terms of fault, the court adopted the dynamic system theory and explained that the service provider has fulfilled the three levels of duty of care for strict review of toxic, harmful and illegal information, the obligation of warning labels, and the basic duty of care for functional reliability, and there is no subjective fault.
Link: https://www.rmfyb.com/content/202601/26/article_1011336_1391630520_6467538.html
(III) International Cooperation
On the morning of January 29, Chinese President Xi Jinping met with British Prime Minister Starmer, who was in China for an official visit, at the Great Hall of the People in Beijing. Both sides agreed that China and the UK should develop a long-term, stable, and comprehensive strategic partnership. President Xi emphasized that the essence of China-UK economic and trade cooperation is mutual benefit and win-win outcomes. Both sides should expand mutually beneficial cooperation in education, healthcare, finance, and the service sector, and carry out joint research and industrial transformation in fields such as artificial intelligence, bioscience, new energy, and low-carbon technologies, thereby achieving common development and prosperity.
Link: https://www.fmprc.gov.cn/web/zyxw/202601/t20260129_11847156.shtml
On January 27, the China Academy of Information and Communications Technology officially released the "Research Report on the Architecture of the Computing Power Internet (2025)." The report elaborates on the development background, overview, architectural framework, networking models, business and ecosystem, technological system, construction progress, and development recommendations for the Computing Power Internet. It aims to provide a comprehensive, in-depth, and forward-looking reference framework, fostering a unified industry consensus on the Computing Power Internet and empowering the development of applications such as artificial intelligence, scientific computing, and industrial computing. At the same time, this report will serve as a valuable reference for subsequent efforts including technological innovation, standard setting, testing and verification, and wider adoption, thereby promoting the healthy, rapid, and sustainable development of the Computing Power Internet.
Link: https://www.caict.ac.cn/kx yj/q wfb/b p s/202601/t20260127_711862.htm?se ssionid=
On January 30, the China Academy of Information and Communications Technology and the Department of Electronic Engineering of Tsinghua University jointly officially released the "Embodied Intelligence Development Report (2025)". The report focuses on the new development, new changes and new challenges of the embodied intelligent industry in the past year, summarizes and sorts out the development characteristics of the embodied intelligent industry, technology, application and other aspects at home and abroad, and focuses on the three key links of "data-model-ontology", and researches and analyzes the development path of technology and the problems faced. The report also takes the three categories of products: robots, intelligent delivery equipment and new intelligent products as the starting point to deeply discuss the research and development progress and application limitations of embodied intelligent products. Finally, the report looks forward to the future development of embodied intelligence from three aspects: technical architecture reconstruction, deepening of application scenarios, and safety ethics construction.
Link: https://www.caict.ac.cn/kxyj/qwfb/bps/202601/t20260130_712446.htm?sessionid=
On January 30, the first event of the 2026 Global Digital Economy Conference—the Beijing-Hong Kong Digital Economy Cooperation Forum—was held in Beijing. With the theme “Beijing-Hong Kong Relay: Empowering Global Expansion,” the forum was co-hosted by the Beijing Municipal Bureau of Economy and Information Technology and the Hong Kong Special Administrative Region Government’s Investment Promotion Agency. It brought together representatives from government, business, and academia to discuss topics such as Beijing-Hong Kong collaboration, enterprises’ overseas expansion, and innovation in the digital industry.
During the forum, the “2026 Global Digital Economy Innovation Competition” was simultaneously launched. The competition features a special track called “AI For Future,” which leverages resources from over 100 universities in more than 30 countries worldwide and reaches over 100 million AIGC creators. The competition focuses on six core tracks, including digital preservation of cultural heritage, intelligent applications in digital trade, and technology-driven rural revitalization. It aims to build a global AI industry innovation community and provide a platform for showcasing and collaborating on innovative projects.
Link: https://www.gdec.net.cn/2025/actives/newsdetail?id=1182&lang=zh
2. Shanghai Hosts the 2026 “Smart Computing Shanghai” High-Level Forum
On January 27, the 2026 “Smart Computing Shanghai” High-Level Forum was held in Shanghai. The forum officially launched the “Shanghai Initiative for High-Quality Development of the Smart Computing Industry,” released the “Shanghai Computational Power Economy Empowerment Co-creation System,” and signed the “Scientific Intelligence Open Community Computational Power Support Program.” At the same time, the report titled “2026 Shanghai Report on High-Quality Development of Intelligent Computing Power” was also released. In addition, Shanghai Telecom, China Mobile, and China Unicom each held separate ceremonies to kick off initiatives related to building their respective computational power ecosystems.
Link: http://sh.people.com.cn/n2/2026/0127/c134768-41485020.html
II. International Governance Developments
(I) Policy and Legislative Updates
On January 28, the European Parliament’s Legal Affairs Committee adopted a proposal on copyright protection for training data used in generative AI. The proposal calls for stricter transparency and compensation mechanisms regarding the use of copyrighted works in AI training, ensuring that creators’ rights are effectively protected in the AI era. The key points of the proposal are as follows: First, right holders of protected content should have the option to opt out of AI training and automated data scraping; second, AI providers and deployers must maintain transparency about the copyrighted content used to train their systems; third, right holders must receive fair remuneration, and the EU’s news and creative sectors must also be safeguarded. The proposal will be submitted to the plenary session of the Parliament for a vote this March.
On January 27, the New York State Senate passed a bill amending the Public Health Law to provide enhanced protection for sensitive health information and requiring health information networks, electronic health record systems, and healthcare providers to grant patients the right to limit the disclosure of their health information. The bill focuses on expanding the scope of protection for sensitive health information, clearly stipulating that patients have the right to restrict the disclosure and sharing of their health information. It also mandates that relevant organizations implement patient choice rights and internal data governance obligations in system design and operation. This legislation reflects New York State’s further shift toward a model in digital healthcare scenarios that places equal emphasis on “informed consent” and “substantive patient control combined with mandatory institutional compliance.”
Link: https://www.nysenate.gov/legislation/bills/2025/S1633A
(II) Law Enforcement and Judicial Updates
1. The EU launches a formal investigation into Grok’s recommendation system.
On January 26, the European Commission launched a new formal investigation into Grok under the Digital Services Act (DSA). At the same time, the Commission extended its ongoing investigation—launched in December 2023—into whether Grok has complied with its obligations regarding risk management for recommendation systems. The investigation will assess whether the company has properly evaluated and mitigated the risks associated with deploying Grok’s features on X within the EU, including the risk of illegal content spreading within the EU. In addition, the Commission will further examine whether X has fulfilled its DSA obligations, including its duty to conduct thorough risk assessments and mitigate systemic risks, as well as its obligation to submit to the Commission prior to deployment information about Grok’s functionality within the X service and its impact on X.
The obligation to prepare a provisional risk assessment report that has a critical impact on risk characteristics. The initiation of formal procedures grants the Committee further powers to enforce action. As the next step, the Committee will continue to gather evidence and may impose provisional measures if X Service fails to make substantial adjustments.
Link: https://ec.europa.eu/commission/presscorner/detail/en/ip_26_203
On January 27, the European Commission announced the launch of two regulatory procedures to assist Google in meeting its compliance obligations under the Digital Markets Act (DMA) and establish a regulatory dialogue mechanism with Google. The first procedure, targeting Article 6(7) of the DMA, focuses on Google’s free opening of Android’s hardware and software functions—especially the function interfaces of its own AI services—to third-party developers, ensuring equal competition for third parties in the AI market. The second procedure, related to Article 6(11) of the DMA, requires Google to provide third-party search engines with access to search data on fair terms, focusing on key issues such as data scope to help third parties optimize their services. The European Commission will complete its work within six months of launching the procedures, and within the next three months, it will communicate preliminary findings, publish a draft of compliance measures, and solicit comments. It emphasized that the procedures do not determine compliance and will not affect its subsequent enforcement powers.
Link: https://ec.europa.eu/commission/presscorner/detail/en/ip_26_202
3. UK Financial Conduct Authority Launches Review on AI’s Impact on Retail Financial Services
On January 27, the Financial Conduct Authority (FCA) launched a review to assess the impact of artificial intelligence (AI) on retail financial services. The review is seeking feedback on four interconnected themes: first, the potential future developments of AI, including the development of more autonomous and intelligent systems; second, how these developments may affect markets and firms, including changes in competition and market structure as well as the UK’s competitiveness; third, the impact on consumers, including how consumers will be affected by AI and in turn influence financial markets through new expectations; fourth, how financial regulatory bodies may need to evolve to ensure the proper functioning of retail financial markets. Feedback will form a series of recommendations, which are expected to be reported to the FCA’s Board in the summer of 2026 to guide the navigation and response to AI-driven transformation.
4. UK Competition and Markets Authority Proposes Regulatory Measures for Google’s AI Search
On January 28, the Competition and Markets Authority (CMA) proposed regulatory measures for Google’s artificial intelligence (AI) search services. The package of measures includes the following: first, ‘Publisher Controls’ – ensuring content publishers get a fairer deal by granting them more choice and transparency over how their content is used in Google’s AI Overviews, allowing publishers to opt out of their content being used to power AI features, and requiring proper attribution of publishers’ content in AI results; second, ‘Fair Ranking’ – ensuring Google’s approach to ranking search results is fair and transparent for businesses, with an effective process for raising and investigating issues; third, ‘Choice Screens’ – making it easier for people to switch search services by making default choice screens on Android mobile devices a legal requirement and introducing choice screens on the Chrome browser; fourth, ‘Data Portability’ – making it easier for individuals and businesses to utilize Google search data.
5. France Travail Fined €5 Million for Leaking Job Seekers’ Information
On January 29, the Commission Nationale de l’Informatique et des Libertés (CNIL) announced Decision “SAN–2026-003” and imposed an administrative penalty on France Travail for failing to effectively safeguard the personal data security of job seekers.
According to CNIL’s findings, from February to March 2024, hackers infiltrated France Travail’s information system through social engineering techniques, stole account permissions of CAP EMPLOI (the organization supporting disabled job seekers), and illegally accessed and exfiltrated data for one month. The data breach affected 36.8 million natural persons, with highly sensitive identification information—including names, dates of birth, contact details, and job seeker status—being stolen. CNIL determined that France Travail committed gross negligence in failing to effectively protect the personal data it processes, violating Article 32 of the General Data Protection Regulation (GDPR) on “data processing security.” It therefore decided to impose a €5 million administrative fine and ordered the organization to take corrective measures.
Link: https://www.cnil.fr/fr/violation-de-donnees-sanction-5millions-france-travail
6. Austrian Data Protection Authority Rules Microsoft Illegally Tracked School Students
As reported by U.S. tech news site The Register on January 27, the Austrian Data Protection Authority (DSB) issued a ruling, finding that Microsoft’s act of installing tracking cookies on students’ devices without consent was illegal. According to Microsoft’s own documentation, such cookies are used to analyze user behavior, collect browser data, and serve advertising purposes. The DSB determined that this violated the GDPR’s provisions on data minimization and lawful processing, ordering Microsoft to cease tracking the complainant within four weeks.
Link: https://www.theregister.com/2026/01/27/microsft_illegally_installed_cookies_ruling_austra_school/
7. Netherlands Bans Permanent Video Surveillance of Employees at Designated Workstations
On January 28, the Autoriteit Persoonsgegevens (AP), the Dutch data protection authority, issued clarification on video surveillance of public transport employees at designated workstations, explicitly prohibiting continuous camera monitoring of employees’ work areas. Cameras may only be activated when strictly necessary—such as for safety assurance in accident handling—and must not be used as a means of regular tracking or work performance evaluations of employees. In addition, the AP put forward the following principles for public transport and freight employers: video footage shall not be used to monitor, assess, or track employees.
As reported by the Content Overseas Distribution Association (CODA) on January 28, Japan’s first-instance court recently issued a judgment, confirming that the act of using generative AI technology to conduct unauthorized “automatic colorization” of copyrighted video works and produce DVD products constitutes infringement of the original works’ copyright. The court held that such commercialization of AI-generated content and “secondary creation” based on the original works, although automatically executed by technology, still involves the substantial use of the core expression of the original works and should therefore be deemed an infringement of copyright holders’ rights. The judgment emphasized that merely labeling the content as “AI-generated” does not exempt one from obligations to the original copyright; the act of automatically adapting copyrighted works and producing derivative products without the copyright holder’s authorization is not legitimate merely because of the novelty of the technical means.
Link: https://coda-cj.jp/en/news/832/
9. California Court Launches Consolidated Litigation Proceedings Over Big Social Media Addiction
As reported by U.S. NBC News on January 28, the Los Angeles Superior Court of California launched consolidated litigation proceedings against several major social media platforms on January 27. Approximately 1,600 plaintiffs—including families and school districts—accused companies such as Meta (Facebook, Instagram), Google, and Snap of systematically inducing minors to use their platforms for extended periods and causing mental health harm by incorporating features like infinite scroll and autoplay into their product designs. TikTok reached a preliminary settlement with some plaintiffs before the trial, while Meta and Google chose to proceed with the litigation. The case is regarded as a key test of the justiciability of “platform-designed harm” in the U.S. judicial system.
On January 31, South Korean news reported that Harold Rogers, interim chief of e-commerce giant Coupang, underwent 12 hours of intensive questioning by the Seoul Metropolitan Police Agency over allegations of evidence destruction related to a massive data breach. The case potentially affects nearly 33 million users, while Coupang previously claimed only 3,000 accounts had their data leaked—its internal investigation findings have been questioned by authorities. Rogers also faces charges including perjury related to his parliamentary testimony, and the police have not ruled out the possibility of further questioning in the future.
As reported by Bloomberg News on January 29, Linwei Ding, a former software engineer at Google, was found guilty of economic espionage and trade secret theft by a jury in the US District Court for the Northern District of California. This marks the first conviction in the United States for an AI technology-related economic espionage case. During the trial, prosecutorial evidence showed that between May 2022 and April 2023, Linwei Ding exploited his access to Google’s internal network, AI supercomputing technology, and data center architecture to copy and upload thousands of pages of confidential documents to his personal cloud accounts. The documents covered core technical details including custom AI chip architectures (such as TPUs) and advanced networking technologies. The US Department of Justice stated in a press release that this is the first conviction for AI-related theft of trade secrets under the economic espionage statute in US judicial history, noting that such acts threaten America’s technological leadership and national competitiveness.
(III) International Cooperation
1. Brazil and the EU Mutually Recognize the Adequacy of Each Other’s Data Protection Levels
On January 27, Brazil’s Agência Nacional de Proteção de Dados (ANPD) announced the mutual adequacy recognition of personal data protection levels between Brazil and the European Union (EU). This means Brazil and the EU acknowledge that each other’s laws provide equivalent safeguards for personal data protection, enabling the free and secure flow of data between the two jurisdictions without the need for additional data transfer mechanisms.
The decisions were adopted separately by the European Commission and the ANPD: the European Commission recognized that Brazil offers adequate personal data protection, while Brazil, through a resolution by the ANPD, confirmed that the EU’s protection level is consistent with the provisions of the Lei Geral de Proteção de Dados (LGPD). This arrangement will significantly reduce corporate compliance costs, facilitate Brazilian companies’ access to the EU market of approximately 450 million people, and exert a notable impact particularly on data-intensive industries such as technology, digital services, fintech, medtech, and online platforms. Meanwhile, it will ensure that Brazilian citizens continue to enjoy high-level data protection and remedy mechanisms within the EU.
As reported by Armenpress (Armenian National News Agency) on January 28, Armenian Foreign Minister Ararat Mirzoyan signed the Council of Europe’s Framework Convention on Artificial Intelligence, Human Rights, Democracy, and the Rule of Law. Adopted in 2024, the Convention aims to become the first legally binding international treaty on AI governance, with the goal of ensuring that activities throughout the lifecycle of AI systems are fully consistent with human rights, democracy, and the rule of law, while also promoting technological progress and innovation. In addition to Armenia, 17 countries and regions—including Council of Europe member states, observer states, and the European Union—have signed the Framework Convention to date.
Link: https://armenpress.am/en/article/1240664
On January 29, the African Union Commission (AUC) issued a joint statement stating that on January 28, AUC Chairperson Mahmoud Ali Youssouf and U.S. Deputy Secretary of State Christopher Landau met in Addis Ababa and announced the establishment of the “U.S.-AUC Strategic Infrastructure and Investment Working Group (SIWG)” to strengthen trade and investment ties with Africa.
The working group will serve as a collaboration platform for senior officials and technical experts from both sides, promoting the participation of the U.S. private sector in AU-backed infrastructure projects. It will focus on driving private sector investment and job creation, covering areas such as trade infrastructure, digital transformation, critical minerals, transport corridors, energy networks, and public health security. Meanwhile, the investment agenda includes directions such as enhancing secure digital infrastructure, facilitating two-way trade, and promoting regulatory harmonization.
1. NYU Releases Policy Brief ‘Guidance for the New Global Dialogue on AI Governance’
On January 28, New York University’s Center on International Cooperation (CIC) released a policy brief titled “Guidance for the New Global Dialogue on AI Governance,” proposing an integrated, phased, and United Nations (UN)-anchored roadmap for the new Annual Global Dialogue on AI Governance. Its purpose is to help identify key priorities that the Global Dialogue needs to address, translate them into actionable design by outlining the contours of a Global AI Governance Roadmap, and develop the process required to implement it. In doing so, the brief aims to achieve two goals: first, to build a practical, transparent, and predictable multistakeholder process; second, to support the implementation of the Pact for the Future and the Global Digital Compact.
Link: https://cic.nyu.edu/resources/guidance-for-the-new-global-dialogue-on-ai-governance/
On January 27, the International Telecommunication Union (ITU) and Deloitte jointly released the second edition of the AI for Good Impact Report, noting that AI is shifting from the experimental phase to widespread practical deployment across multiple global sectors. The core trend is “agentization” — AI can independently plan tasks, make decisions, and coordinate actions with reduced human intervention. This shift has already emerged in healthcare, logistics, finance, and other fields, but the design and implementation of human oversight have become critical. The report clarifies AI’s practical value in various sectors: in education, adaptive learning systems tailor content to individual needs, alleviating teacher shortages; in healthcare, it aids early disease detection, accurate diagnosis, and drug discovery, improving healthcare accessibility in remote areas; in climate and agriculture, AI-powered monitoring and prediction tools optimize energy use, issue disaster warnings, and promote precision agriculture to reduce costs and enhance efficiency — all relying on reliable digital infrastructure. Meanwhile, the report warns of AI’s social and environmental risks: 91 million global jobs will change by 2030, with 39% of core skills needing transformation; data center energy consumption is projected to double, making sustainability a key industry focus.
Link: https://www.itu.int/hub/2026/01/ai-has-stopped-waiting-for-instructions-are-we-ready/
1. World Economic Forum 2026 Davos Annual Meeting Releases Four Core Takeaways
On January 29, the World Economic Forum (WEF) 2026 Annual Meeting was held in Davos, Switzerland, with the participation of more than 60 heads of state, over 400 political leaders, and 830 corporate CEOs. Centered around the theme “A Spirit of Dialogue,” the meeting updated and released four core takeaways: first, new deals and dynamics – while there are divisions between the U.S. and Europe, Trump stated he would not use force to acquire Greenland; the EU and India are on the cusp of a free trade agreement; the UK secured over $2 billion in private investment; and Water.org launched a cooperative initiative; second, a reckoning for humanity – the “Global Risks Report 2026” ranks geoeconomic fragmentation as the top risk, AI may impact 40% of global jobs, and issues such as the wealth gap, planetary boundaries, and public debt are prominent; third, dialogue drives progress – China, Canada, NATO, and other parties emphasized the necessity of dialogue; Trump and NATO reached a framework agreement on Greenland; and Ukraine, after consultations with the U.S., plans to launch trilateral talks; fourth, focusing on key questions – discussions were held around five major issues including global cooperation, growth drivers, and investment in people, and while answers remain unclear, a foundation has been laid for addressing challenges.
Link: https://www.weforum.org/stories/2026/01/4-takeaways-from-davos-2026/
2. 2026 EU Open Source Policy Summit Held
On January 30, the EU Open Source Policy Summit 2026 took place in Brussels. Organized by Open Forum Europe, the summit themed “Digital Sovereignty Runs on Open Source” brought together EU institutional officials, members of the European Parliament, representatives from enterprises and open-source organizations to jointly explore the strategic support of open-source technology for Europe’s digital autonomy.
The meeting covered a range of key topics, including the open source collaborative transformation of the automotive sector, open-source security under the Cyber Resilience Act (CRA), cloud service interoperability, infrastructure development for AI and digital identity, enhancing open-source capabilities in the public sector, and promoting the establishment of a European standardization organization to support open source development. The summit aims to provide policymakers with concrete pathways to address digital challenges and explore open source as a governance model and innovation tool to enhance Europe’s digital competitiveness and technological sovereignty.
