Global AI Newsletter·Issue 11
Table of Contents
I. Domestic Governance Developments
(I) Policy and Legislative Updates
(II) Law Enforcement and Judicial Updates
4.The cyberspace administration imposed a lawful penalty on the Kuaishou platform.
(III) International Cooperation
II. International Governance Developments
(I) Policy and Legislative Updates
2. Interactive Advertising Bureau Releases Draft “AI Accountability for Publishers Act”
3. European Commission Launches Public Consultation on the Revision of the Cybersecurity Act
6. Republic of Korea to Promote Construction of a National Agricultural AX Platform
(II) Law Enforcement and Judicial Updates
1.U.S. Federal District Judge Rules on Discovery Issue in OpenAI Copyright Class Action
2.UK Information Commissioner’s Office Formally Launches Investigation into Grok
4.Republic of Korea Launches AI System to Detect Unfair Practices in E-Commerce
5.Republic of Korea Investigates Personal Data Breach at Coupang
6.Singapore to Cease Use of NRIC Numbers for Authentication
(III) International Cooperation Updates
1.EU–Singapore Digital Trade Agreement Enters into Force
4.Thirty-Five Countries Sign 20 Commitments on the Military Use of Artificial Intelligence
5.Kuwait Hosts Fifth General Assembly of the Digital Cooperation Organization
1.OECD Releases Report “Exploring Possible AI Trajectories through 2030”
3.UK Government Publishes “International AI Safety Report 2026”
4.African Think Tank Publishes Report on AI Governance and Digital Trade
5.EIOPA Releases Report “Generative AI Market Survey: Outlook, Use Cases and Risk Management”
1.Google, Amazon, Meta, and Microsoft Project Combined Capital Expenditures of $650 Billion in 2026
I. Domestic Governance Developments
(I) Policy and Legislative Updates
According to a report by Xinhua Net on February 3, the first Central Document No. 1 of the 15th Five-Year Plan—the "Opinions of the CPC Central Committee and the State Council on Anchoring Agricultural and Rural Modernization and Solidly Promoting All-round Rural Revitalization"—has been officially released. The document emphasizes, while maintaining stable supplies of grain and other important agricultural products, the need to drive industrial upgrading through scientific and technological innovation. It explicitly calls for "developing new forms of agricultural productivity" and "promoting the integration of artificial intelligence with agricultural development," and specifically points to expanding application scenarios for drones, the Internet of Things, robots, and other technologies.
Link: https://www.news.cn/politics/zywj/20260203/724188820db8404ebc739feacc64a2d3/c.html
2. The National Data Administration and other departments have issued the “Opinions on Cultivating Data Circulation Service Institutions and Accelerating the Marketization and Value Realization of Data Elements.”
On February 7, the National Data Administration, the Ministry of Industry and Information Technology, the Ministry of Public Security, and the China Securities Regulatory Commission jointly issued the "Opinions on Cultivating Data Circulation Service Institutions and Accelerating the Marketization and Value Realization of Data Elements" (hereinafter referred to as the "Opinions"). The "Opinions" propose sixteen measures across three key areas: First, clarifying functional positioning—this includes guiding data exchanges (centers) to strengthen their comprehensive service capabilities, promoting the specialized development of enterprises providing data circulation service platforms, and supporting data traders in intensifying their efforts to develop data products and services; second, enhancing service capabilities—this involves exploring diversified circulation and trading models, innovating the forms of data products and services, expanding high-quality dataset circulation and trading methods that are adaptable to the development of artificial intelligence, accelerating the improvement of the efficiency of data circulation and trading services, strengthening the development of rules and standards for data circulation and trading, elevating the level of coordinated support for data infrastructure, enhancing cross-border data service capabilities, and reinforcing the support provided by third-party professional service institutions; third, strengthening implementation guarantees—including strengthening organizational leadership, enhancing supervision and management, bolstering self-regulatory management, reinforcing data security safeguards, and promoting best practices.
Link: https://www.nda.gov.cn/sjj/zwgk/zcfb/0205/20260205185635251370340_pc.html
On February 5, the Cyberspace Administration of China, together with 11 other departments including the National Development and Reform Commission and the Ministry of Industry and Information Technology, jointly issued the "Implementation Opinions on Enhancing the Convenience of Digital Services for Foreigners Entering China" (hereinafter referred to as the "Implementation").
The “Opinions” aim to remove bottlenecks in digital services for inbound foreign nationals, build a interconnected and inclusive service system that benefits all, and further expand high-level opening-up to the outside world.
The Implementation Opinions set forth two-stage goals: By 2027, the internationalization and convenience of digital services for inbound travelers will be significantly enhanced, and bottlenecks in areas such as residence, healthcare, and payments will be largely resolved. By 2030, service standards will reach internationally leading levels, with full-scenario integration deeply aligned with globally accepted practices. Meanwhile, the Implementation Opinions outline 14 measures across five key areas, including strengthening foundational support such as telecommunications and foreign-language services, improving digital payment and consumption services, optimizing tourism services in culture, travel, transportation, and accommodation, enriching public services in healthcare, education, and government administration, and reinforcing cybersecurity and data protection to comprehensively enhance the digital service experience for overseas visitors entering the country.
Link: https://www.cac.gov.cn/2026-02/05/c_1772021797534591.htm
4.The Ministry of Industry and Information Technology and seven other departments have issued the “Guidelines for the Security of Automotive Data Export (2026 Edition).”
On February 3, the Ministry of Industry and Information Technology, together with eight other departments—including the Cyberspace Administration of China and the National Development and Reform Commission—jointly issued the "Guidelines for the Security of Automotive Data Export (2026 Edition)" (hereinafter referred to as the "Guidelines"). The Guidelines aim to implement relevant laws and regulations, enhance the facilitation of automotive data export, and foster a virtuous cycle of high-quality development and high-level sec
The Guidelines clearly define their scope of application to cover all stages of the automotive industry—automotive data processors involved in vehicle design, manufacturing, sales, use, and operation and maintenance. They specify three categories of data export management measures: security assessments for data exports, conclusion of standard contractual clauses for personal information exports, and certification for personal information exports. At the same time, the Guidelines identify nine specific scenarios exempting data from export restrictions, including cross-border vehicle purchases and remedying security vulnerabilities. They also refine the rules for identifying critical data in five key scenarios—R&D and design, production and manufacturing, and driving automation—and clarify the procedures for data identification, assessment, and contract filing related to data exports. The Guidelines set forth security requirements from four aspects: management systems, technical safeguards, log management, and emergency response. Subsequently, implementation will be promoted through awareness-raising training, data identification efforts, and international cooperation, thereby ensuring both data security and efficient cross-border data flows.
Link:https://www.miit.gov.cn/zwgk/zcwj/wjfb/tz/art/2026/art_bf7894e87df640c5be83ffe3ce0a2c40.html
On February 3, the Cyberspace Administration of China held a meeting in Beijing to promote and deploy the "Negative List for Algorithms on Life-Service Platforms (Trial)" (hereinafter referred to as the "Negative List"). The meeting emphasized that the "Negative List" will effectively and precisely address issues such as algorithmic black boxes, algorithmic discrimination, and algorithmic collusion. At the meeting, the Cyberspace Administration of China released information about the "Negative List for Algorithms on Life-Service Platforms (Trial)."
Link: https://www.cac.gov.cn/2026-02/03/c_1771849991761501.htm
On February 6, the General Office of the Ministry of Industry and Information Technology issued the "Notice on Organizing the Construction of National Computing Power Interconnection Nodes," aiming to establish a national computing power interconnection node system characterized by the "1+M+N" framework—consisting of "1" national computing power internet service node, "M" regional nodes, and "N" industry-specific nodes. This initiative seeks to promote standardized interconnection and efficient flow of computing resources across different regions, entities, and architectures, thereby enhancing the overall level of computing power. In terms of construction, regional nodes will establish unified service platforms that provide comprehensive support services such as identity registration, interconnection scheduling, and data monitoring. Industry-specific nodes, on the other hand, will build market-oriented service platforms responsible for aggregating and connecting computing resources and integrating with regional nodes. The operation of these nodes will follow a mechanism based on "unified identification, unified standards, and unified rules." Each node will obtain a unique identification code through the national node and achieve interconnection and computing power scheduling in compliance with unified interfaces and rules.
Link: https://wap.miit.gov.cn/jgsj/xgj/yjtxyhlht/art/2026/art_9005d2a4f273477497b42ac760cf9e54.html
On February 4, the Tianjin Municipal Health Commission announced the issuance and implementation of the “Tianjin Measures for the Supervision of Internet-Based Medical Services (Trial)” (hereinafter referred to as the “Measures”). The “Measures” stipulate that medical institutions conducting internet-based medical services must strictly comply with regulations such as the “Administrative Measures for Prescriptions.” Prescriptions must be issued by the attending physician themselves. Online prescriptions must bear the physician’s electronic signature and become effective only after being reviewed and approved by a pharmacist. The use of AI (artificial intelligence) or other automated systems to generate prescriptions is strictly prohibited.
Link: https://wsjk.tj.gov.cn/ZWGK3158/ZCFG6243_1/wjwwj/202602/t20260204_7239525.html
On February 4, the General Office of the People's Government of Guangdong Province issued the "Implementation Opinions on Accelerating the High-Quality Development of a Digital Society in Guangdong Province" (hereinafter referred to as the "Opinions"), which aims to build a high-quality digital society with distinctive Guangdong characteristics.
The "Opinions" propose that by 2027, the digital foundation of society will be more robust, digital governance rules will be further improved, and the adoption rate of next-generation smart terminals and intelligent agents in social services, daily life, and governance will significantly increase, fully unleashing consumption potential. By 2030, digital and intelligent technologies will be closely integrated with social development, giving rise to a new paradigm for Guangdong’s digital society—one that is inclusive and accessible, smart and convenient, rich in Lingnan characteristics and deeply rooted in Chinese cultural heritage, while also leading global trends in societal development. The "Opinions" outline five key measures aimed at providing comprehensive and high-quality digital lifestyle services. First, innovate scenario applications to establish new modes of operation for the digital society; second, connect organizational units across sectors to shape a new structure for the digital society; third, strengthen the digital and intelligent foundation to create new driving forces for digital societal development; fourth, enhance digital literacy to stimulate fresh vitality in digital societal development; and fifth, optimize the digital environment to foster the flourishing of the digital society.
Link: https://cagd.gov.cn/v/2026/02/8594.html
(II) Law Enforcement and Judicial Updates
On February 3, the National Computer Virus Emergency Response Center released a list of 72 mobile apps found to be illegally collecting and using personal information in violation of regulations. The illegal and non-compliant practices in collecting and using personal information by these mobile apps include the following: failing to clearly prompt users—via pop-up windows or other conspicuous means—to read privacy policies and other rules governing data collection and usage when the app is first launched; failing to list individually in the privacy policy the purposes, methods, and scope of personal information collection and usage by the app (including those involving third parties it has commissioned or third-party code and plugins embedded within it); providing personal information to third parties via the app’s client without obtaining user consent and without anonymizing such data; using facial recognition technology as the sole authentication method when other non-facial recognition technologies could serve the same purpose or meet equivalent business requirements, and failing to offer any alternative, reasonable, and convenient authentication methods if a user explicitly objects to identity verification via facial information; failing to conspicuously indicate and obtain user consent before using collected personal information—such as users’ search history—for targeted push notifications or precision advertising, and also failing to provide an option to disable this feature.
Link: https://www.cverc.org.cn/zxdt/report20260203.htm
On February 6, the State Administration for Market Regulation announced five typical cases of unfair competition in the field of artificial intelligence. These cases primarily involved illegal activities such as commercial confusion, false advertising, infringement on trade secrets, and trademark infringement. The market regulatory authorities imposed penalties in accordance with the Anti-Unfair Competition Law and the Interim Provisions on Combating Unfair Competition via the Internet. The State Administration for Market Regulation pointed out that, on the one hand, it is essential to actively investigate and handle various cases involving imitation and confusion, as well as infringement on trade secrets, thereby providing strong safeguards for the healthy development of the AI industry. On the other hand, it is crucial to strictly enforce the law against unfair competitive practices carried out using AI technologies, guiding technological advancement toward positive outcomes.
Link: https://www.samr.gov.cn/xw/zj/art/2026/art_0bea53d4e3904015a340b4e83241a8ec.html
On February 3, the Office of the Privacy Commissioner for Personal Data in Hong Kong released its 2025 Annual Report. The report showed that in 2025, the Office received a total of 4,228 complaints about personal data, an increase of approximately 23% compared to 2024, and processed nearly
There were 17,700 public inquiries, of which approximately 28% involved the collection and use of personal data such as ID numbers. Meanwhile, a total of 246 data breach incidents were reported, representing an increase of about 21% over the previous year. In terms of combating “doxxing” activities, the Office handled 308 relevant cases throughout the year, initiated criminal investigations into 147 cases and arrested 18 individuals. Nearly thirty cease-and-desist notices were issued, and overall compliance rates remained high. The report also disclosed three security incidents involving employers’ improper handling of employees’ personal data. Enforcement notices or warning letters were issued to the non-compliant organizations, and employers were urged to develop clear employee data protection policies and provide adequate training to strengthen personal data security.
Link: https://www.pcpd.org.hk/sc_chi/news_events/media_statements/press_20260203.html
4.The cyberspace administration imposed a lawful penalty on the Kuaishou platform.
On February 6, in response to the recent surge in live-streaming of pornographic and vulgar content on the Kuaishou platform, under the guidance of the Cyberspace Administration of China, the Beijing Internet Information Office imposed a warning and a fine of RMB 119.1 million on Beijing Kuaishou Technology Co., Ltd., in accordance with laws and regulations including the Cybersecurity Law of the People’s Republic of China and the Administrative Penalty Law of the People’s Republic of China. The company was also ordered to make rectifications within a specified time limit, handle accounts in strict compliance with laws and contractual agreements, and severely punish those responsible. Investigation revealed that the Kuaishou platform had failed to fulfill its cybersecurity protection obligations, had not promptly addressed system vulnerabilities and other security risks, and had not immediately taken measures such as halting transmission or removing illegal information posted by users. The violations were serious and had a highly adverse impact.
Link: https://mp.weixin.qq.com/s/DpT1l5RSN-CBCIYbRnONxA
(III) International Cooperation
On February 3, during Uruguayan President Luis Lacalle Pou’s state visit to China, the Chinese and Uruguayan sides jointly issued the “Joint Statement on Deepening the Comprehensive Strategic Partnership between China and Uruguay.”
The statement noted that China and Ukraine are willing to advance cooperation projects in the field of artificial intelligence and strengthen dialogue and collaboration. The Ukrainian side commends China’s “Global AI Governance Initiative” and expresses its willingness to work together with China to implement the UN General Assembly resolution on “Strengthening International Cooperation in AI Capacity Building” and the “Inclusive AI Capacity-Building Initiative.”
Link: https://www.fmprc.gov.cn/z y xw/202602/t20260203_11850269.shtml
On February 4, the Institute of Policy and Economics at China Academy of Information and Communications Technology and the Internet Law Research Center jointly released the “Data Governance Research Report (2025)—A Study on Key Legal Issues in Data Governance for Edge-side Large Models” (hereinafter referred to as the “Report”). The Report consists of four main parts: First, an overview of the development and technical characteristics of edge-side large models; second, an analysis of key legal issues in data governance for edge-side large models; third, a comparative study of global legal frameworks for data governance of edge-side large models; and fourth, a forward-looking assessment and recommendations for data governance of edge-side large models in China.
Link: https://www.caict.ac.cn/kxyj/qwfb/ztbg/202602/t20260204_712871.htm
On February 4, the China Academy of Information and Communications Technology released the “Report on the Digital Transformation and Development of Cities Across the Board (2025)” (hereinafter referred to as the “Report”). The Report outlines six key insights: First, the “triadic collaboration” management framework for city-wide digital transformation is accelerating its establishment; second, an integrated technical architecture of “foundation + scenarios” is becoming the dominant model for city-wide digital transformation; third, city-wide digital transformation is unlocking value along the path of “technology—data—reform—industry”; fourth, four major scenario spaces are emerging as high-value hubs in the process of urban digital transformation; fifth, the urban digital foundation is set to become the centerpiece of investment and construction in the next phase; and sixth, systematically advancing city-wide digital transformation requires strengthening three key management capabilities.
Link: https://www.caict.ac.cn/kxyj/qwfb/ztbg/202602/t20260204_712871.htm
On February 2, the China Academy of Information and Communications Technology released the "Research Report on the Development of the Artificial Intelligence Industry." The report comprehensively explores developments including the evolution of foundational models, breakthroughs in embodied intelligence, upgrades to intelligent computing infrastructure, the emergence of AI-native applications, best practices in AI safety governance, and progress in global cooperation. It also offers a forward-looking perspective on the path toward artificial general intelligence (AGI). The report’s key insights are as follows: First, the core industry is experiencing steady growth, and its ecosystem is becoming increasingly mature; second, foundational models have achieved breakthroughs in capabilities, with general-purpose agents developing faster than specialized ones; third, innovations in embodied intelligence have entered a practical training phase, and the synergy between software and hardware is evolving toward physical intelligence; fourth, lean and open approaches have become the dominant theme in intelligent computing, and dataset development is shifting toward producing appropriate quantities of high-quality data; fifth, embedding large models into high-value-added segments is driving an upgrade toward “intelligent transformation,” while AI-native approaches are reshaping product services and organizational models; sixth, AI safety governance is establishing a full-lifecycle technological closed-loop, and its nature as an international public good is fostering inclusive and win-win outcomes.
Link: https://www.caict.ac.cn/kx yj/q wfb/b p s/202602/P020260202487301304903.pdf
On February 5, the Policy and International Cooperation Department of the China Internet Network Information Center released the 57th “Statistical Report on the Development of China’s Internet.” The report shows that China’s internet user base continues to expand, internet penetration has significantly increased, and the benefits of digital development are reaching an ever-growing number of people. This marks a successful conclusion to the 14th Five-Year Plan period and lays a solid foundation for future development.
During the 14th Five-Year Plan period, China has achieved remarkable results in the construction of new infrastructure. 5G networks now provide extensive coverage in both urban and rural areas; the upgrade of fixed networks to gigabit speeds is accelerating; and China’s computing power facilities rank among the world’s top, providing solid support for the development of the digital economy. The user base for generative artificial intelligence is steadily expanding, with its application scenarios deeply integrated into both daily life and production sectors. The share of core digital economy industries in the national economy continues to rise steadily, and the digital transformation of public services—including government administration, healthcare, and education—is deepening continuously, significantly improving service efficiency and enhancing people’s quality of life. Moreover, China boasts a large number of small and medium-sized enterprises, among which specialized, refined, distinctive, and innovative firms play a crucial supporting role in industrial chains. Artificial intelligence has become a key enabler for the transformation and empowerment of SMEs. At the same time, AI technologies are breaking down language and cultural barriers, helping cultural products such as online literature and micro-short dramas rapidly gain global reach and driving the cultural industry’s evolution from mere product export to value dissemination.
Link: https://news.cctv.cn/2026/02/05/ARTIUjTno9mB6xlqeTJiw5kB260205.shtml
On February 4, the Hunan Province Data Element Industry Innovation and Development Conference and the Provincial Data Element Association Annual Meeting were held in Changsha, marking the official launch of Hunan’s “Year of Unleashing the Value of Data Elements.”
At the meeting, the Hunan Provincial Data Element Association released its seven key tasks for 2026, focusing on critical areas such as data asset valuation, construction of industry-specific data spaces, authorized operation of public data, cultivation of specialized talent, and cross-sectoral circulation and cooperation. The conference also saw a series of strategic agreements being signed, with the Association partnering with several financial institutions to jointly explore innovative financial products based on data assets, thereby driving the "data element × financial services" collaboration into a more institutionalized phase. During the case-sharing session, the provincial-level financial data service platform “Xiang Xindai” presented its practice of leveraging government data to facilitate financing for small, medium, and micro enterprises, totaling over 10 billion yuan, offering a “Hunan Solution” for empowering the real economy through data.
Link: https://searchs.hunan.gov.cn/topic/hnsz/szmtbd/202602/t20260204_33910581.html
II. International Governance Developments
(I) Policy and Legislative Updates
On February 1, the U.S. state of Colorado’s Bill for an Act Concerning Consumer Protections in Interactions with Artificial Intelligence Systems (SB 24-205) officially entered into force. The Act establishes measures applicable to developers and deployers of high-risk artificial intelligence systems. High-risk AI systems are defined as systems developed or substantially modified to make consequential decisions affecting consumers’ access to, availability of, cost of, or other significant aspects of their lives, including decisions relating to criminal justice remedies, education, employment, essential goods or services, financial or lending services, government services, healthcare, housing, insurance, or legal services.
In particular, developers are required to provide deployers with relevant information concerning high-risk systems, including conducting impact assessments and issuing public statements that identify the types of high-risk systems developed or modified, as well as detailed information on known or reasonably foreseeable risks of algorithmic discrimination and corresponding mitigation measures.
Link: https://leg.colorado.gov/bills/sb24-205
2. Interactive Advertising Bureau Releases Draft “AI Accountability for Publishers Act”
On February 2, the Interactive Advertising Bureau (IAB) released draft legislation entitled the AI Accountability for Publishers Act. The core objective of the draft is to equip publishers with legal tools to counter the unauthorized, large-scale scraping of their content by AI companies for model training and content generation.
The draft proposes the creation of a new federal cause of action to address copyright and data use disputes arising in AI development. A key feature is the strict definition of “express prior consent” as the sole prerequisite for lawful use of covered content. This means that AI companies using bots to scrape copyrighted “covered content” to train or operate generative AI systems, or to generate summaries or substitutes of such content, must obtain clear and affirmative authorization in advance.
The draft further specifies that general website terms of service or broad, blanket licenses do not constitute valid consent. Consent must be specific to the particular data scraping and usage activities, or be demonstrated through compliance with explicitly stated automated access protocols established by the website.
3. European Commission Launches Public Consultation on the Revision of the Cybersecurity Act
On February 5, the European Commission launched a public consultation on the revision of the Cybersecurity Act. The feedback period runs for eight weeks, from that date until April 2.
The proposed revision aims to clarify the mandate of the European Union Agency for Cybersecurity (ENISA), improve the European cybersecurity certification framework, and enhance the effectiveness and user-friendliness of the EU cybersecurity framework by streamlining and simplifying related legislation. It also seeks to support the development of secure and resilient supply chains and a robust cybersecurity industrial base.
The European Commission stated that the feedback received will be compiled and submitted to the European Parliament and the Council as a reference for subsequent legislative discussions.
On February 4, the Office of the Australian Information Commissioner (OAIC) released the Consumer Data Right (CDR) Regulatory Strategy, setting out privacy regulatory priorities under the CDR framework. These include promoting compliance with privacy obligations through monitoring, compliance guidance, and enforcement.
The strategy also extends regulatory attention to data-sharing practices beyond the CDR framework, explicitly highlighting methods that may pose privacy risks, such as screen scraping.
Link:https://www.oaic.gov.au/consumer-data-right/consumer-data-right-regulatory-strategy
On February 4, the Australian eSafety Commissioner updated its transparency reporting under the Basic Online Safety Expectations (BOSE) framework. Pursuant to the Online Safety Act 2021, the Commissioner issued formal information-gathering notices to several major online service providers, including Meta, TikTok, and Google, and disclosed detailed information regarding platform practices in child protection.
The publicly released information focuses on three core governance measures:
First, age assurance mechanisms, explaining how platforms verify users’ actual ages through technological and procedural means;
Second, children’s data handling practices, disclosing internal rules and control measures governing the collection, use, and sharing of minors’ personal information;
Third, algorithmic recommendation governance, describing how platforms mitigate the risk of recommending self-harm, violent, or other harmful content to minors.
Through this disclosure round, the eSafety Commissioner provides verifiable factual information to the public and policymakers, and supplies data support for the development of a forthcoming mandatory Children’s Online Privacy Code.
Link:https://www.esafety.gov.au/industry/basic-online-safety-expectations/children-and-social-media
6. Republic of Korea to Promote Construction of a National Agricultural AX Platform
On February 3, Deputy Prime Minister Koo Yun-cheol discussed the National Agricultural AX Platform Promotion Plan at a meeting of ministers on economic affairs, jointly setting policy directions to enhance agricultural productivity and competitiveness.
The government of the Republic of Korea will establish a “National Agricultural Strategic Platform” integrating advanced technologies such as artificial intelligence and robotics, with the aim of transforming agriculture into a leading AI-based industry.
The National Agricultural AX Platform is designed to combine artificial intelligence and data-driven agricultural solutions with next-generation smart farm models, seeking to overcome the existing hardware-centered approach to smart agriculture. Its objective is to create an intelligent agricultural environment that is accessible to elderly farmers and beginners, thereby enhancing productivity and reducing the need for farmers to directly interpret and control temperature, humidity, and crop growth data.
Link:https://www.korea.kr/news/policyNewsView.do?newsId=148959073&pWise=sub&pWiseSub=I1
(II) Law Enforcement and Judicial Updates
1.U.S. Federal District Judge Rules on Discovery Issue in OpenAI Copyright Class Action
On February 6, a U.S. federal district judge vacated a prior ruling issued by a magistrate judge in the OpenAI copyright multidistrict litigation (25-md-3143), holding that OpenAI is not required to disclose internal communications with its attorneys concerning the deletion of AI training datasets.
The underlying case involves a class action brought by a group of authors and publishers, alleging that OpenAI employees downloaded large quantities of their copyrighted books from the piracy website Library Genesis and used them to train GPT-3 and GPT-3.5, thereby committing copyright infringement. OpenAI had used those e-books to create two datasets, Books1 and Books2, which were deleted in 2022. The present dispute centers on the purpose behind OpenAI’s deletion of these two datasets. The plaintiffs argue that the reasons for deletion may reveal whether OpenAI knew its conduct was unlawful.
Accordingly, the plaintiffs sought discovery before the magistrate judge, requesting that the court compel OpenAI to disclose its internal communications with counsel regarding “why Books1 and Books2 were deleted.” In an earlier ruling, the magistrate judge found that OpenAI had waived the attorney–client privilege and ordered disclosure. However, Federal Judge Stein reversed that decision, concluding that the privilege remains intact and that the requested communications need not be disclosed.
The federal judge reasoned that there is a fundamental distinction between merely denying plaintiffs’ allegations of willfulness and affirmatively asserting a “good faith” belief in the legality of one’s conduct. OpenAI did not assert a good-faith defense merely by denying willfulness, and it expressly stated that it would not introduce evidence of its subjective belief in the legality of its conduct at trial to rebut the plaintiffs’ willfulness claims. Therefore, this case differs from those relied upon by the plaintiffs and does not constitute a waiver of attorney–client privilege.
2.UK Information Commissioner’s Office Formally Launches Investigation into Grok
On February 3, the UK Information Commissioner’s Office (ICO) announced that it had formally launched an investigation into X Internet Unlimited Company (XIUC) and X.AI LLC (X.AI), focusing on the processing of personal data in the Grok artificial intelligence system and the generation of sexually suggestive harmful images and videos.
The ICO stated that it initiated the investigation following reports that Grok had been used to generate non-consensual pornographic images, including images of minors. The generation and dissemination of such content raise serious concerns under UK data protection law and may cause significant harm.
The investigation will focus on two principal issues: first, whether Grok processes personal data in a lawful, fair, and transparent manner; and second, whether appropriate safeguards were embedded in the design and deployment of Grok to prevent the use of personal data to generate harmful images. The ICO noted that if such safeguards fail, individuals may lose control over their personal data and face serious risks of harm.
On February 4, the Australian Administrative Review Tribunal (ART) issued its decision in the facial recognition technology case involving Bunnings Group Limited, upholding the earlier findings of the Australian Information Commissioner.
The ruling determined that Bunnings’ deployment of facial recognition technology in its stores violated the requirements under the Australian Privacy Principles (APPs) concerning open and transparent management of personal information and notification of collection. The Tribunal further clarified that even if the processing of personal information through such technology is “momentary,” it still constitutes “collection” of personal information under the Privacy Act.
Additionally, the decision emphasized that businesses may not rely solely on generalized justifications such as “crime prevention” to claim exemption from consent obligations. The use of such technologies must comply with the principles of proportionality and necessity and must be subject to strict assessment based on specific risk contexts.
4.Republic of Korea Launches AI System to Detect Unfair Practices in E-Commerce
On February 4, in response to unfair trade practices such as stock price manipulation and other misconduct, the Republic of Korea announced the launch of an AI-based monitoring system for online e-commerce.
The system comprises four main components: first, monitoring of spam messages, YouTube, and other online channels; second, AI-based scoring grounded in objective assessment indicators; third, automated detection of high-risk e-commerce items; and fourth, follow-up investigations based on projects identified through AI analysis.
Link:https://www.korea.kr/multi/visualNewsView.do?newsId=148959047&pWise=sub&pWiseSub=I1
5.Republic of Korea Investigates Personal Data Breach at Coupang
On February 6, the Personal Information Protection Commission (PIPC) of the Republic of Korea issued a statement announcing a thorough investigation into a recent personal data breach at the e-commerce platform Coupang.
On February 5, Coupang reported to the Commission that, in addition to the previously disclosed breach affecting 33.7 million member accounts, an additional 165,455 member accounts had been compromised. The leaked information included users’ names, phone numbers, and delivery address details.
The Commission had previously recommended that Coupang immediately notify affected data subjects upon discovering the breach. It will now rigorously verify the newly identified breach and comprehensively investigate the precise scope and circumstances of the incident, covering both Coupang members and non-members.
Link:https://www.pipc.go.kr/np/cop/bbs/selectBoardArticle.do?bbsId=BS074&mCode=C020010000&nttId=11803
6. Singapore to Cease Use of NRIC Numbers for Authentication
On February 2, the Personal Data Protection Commission (PDPC) of Singapore announced that all private sector organizations must cease using National Registration Identity Card (NRIC) numbers as a means of authentication by December 31, 2026, in order to reduce the risk of unauthorized access to personal data.
From January 1, 2027, if organizations continue to use NRIC numbers for authentication, the PDPC will strengthen enforcement under the Personal Data Protection Act (PDPA), including the possible issuance of directions for rectification or the imposition of financial penalties.
Relevant government agencies, such as the Infocomm Media Development Authority, the Monetary Authority of Singapore, and the Ministry of Health, have also issued sector-specific guidance requiring the discontinuation of NRIC-based authentication.
On February 6, the European Commission determined that Apple’s online advertising service Apple Ads and mapping service Apple Maps should not be designated under the Digital Markets Act (DMA).
The Commission concluded that Apple does not meet the criteria for “gatekeeper” status in these areas, as the services do not constitute an important gateway between business users and end users. The decision was based on multiple considerations, including the relatively low usage rate of Apple Maps within the European Union and the limited scale of Apple Ads in the EU online advertising market.
(III) International Cooperation Updates
1.EU–Singapore Digital Trade Agreement Enters into Force
On February 2, the EU–Singapore Digital Trade Agreement (DTA) officially entered into force. As the European Union’s first standalone bilateral digital trade agreement, it marks a significant milestone in the EU’s digital trade cooperation framework.
Building on the 2019 EU–Singapore Free Trade Agreement, the DTA establishes rules tailored to the needs of bilateral digital trade. In 2024, total EU–Singapore trade reached €131 billion, with a majority of services delivered digitally. Key features of the agreement include: safeguarding consumers’ online rights and data privacy while ensuring a secure cyberspace; promoting paperless trade, recognizing the legal validity of electronic signatures and contracts, and prohibiting customs duties on electronic transmissions; and banning unjustified data localization requirements and forced transfer of source code to maintain a fair trading environment.
Link: https://ec.europa.eu/commission/presscorner/detail/en/mex_26_301
According to a February 5 report by The Guardian (Nigeria), the Nigeria Data Protection Commission (NDPC) and the Nigerian Communications Commission (NCC) signed a Memorandum of Understanding (MoU) in Abuja to establish a cooperative framework for personal data governance in the telecommunications sector.
The two authorities will jointly conduct data breach monitoring, security audits, and compliance supervision, with the aim of harmonizing personal data governance processes in telecommunications network environments and enhancing the telecom sector’s compliance with the Nigeria Data Protection Act.
Link: https://guardian.ng/news/ncc-ndpc-partner-to-strengthen-data-integrity/
On February 4, the United Nations released a list of 40 candidates for membership in the Independent International Scientific Panel on Artificial Intelligence. The panel will be the first fully independent global scientific body dedicated to bridging the knowledge gap on AI and assessing its real-world economic and societal impacts.
The panel is expected to conduct in-depth research in areas such as health, energy, and education, and to share cutting-edge scientific findings. The candidate list includes two Chinese scientists: Song Haitao, President of the Shanghai Artificial Intelligence Research Institute and Shanghai Jiao Tong University, and Wang Jian, a member of the Chinese Academy of Engineering and a cloud computing expert. The list will be submitted to the United Nations General Assembly for consideration, with a final decision on membership anticipated on February 12.
Link: https://www.ungeneva.org/zh/news-media/news/2026/02/115547
4.Thirty-Five Countries Sign 20 Commitments on the Military Use of Artificial Intelligence
According to a February 5 report by Reuters, 35 countries signed a set of 20 commitments on artificial intelligence at the Responsible AI in the Military Domain Summit held in A Coruña, Spain. A total of 85 countries participated in the meeting. Major signatories include Canada, Germany, France, the United Kingdom, the Netherlands, the Republic of Korea, and Ukraine. Neither China nor the United States joined the commitments.
The commitments regulate the deployment of AI in warfare, affirm human responsibility for AI-enabled weapons, encourage clear chains of command and control, and promote the sharing of information on national oversight arrangements where consistent with national security. They also emphasize the importance of risk assessment, rigorous testing, training, and education for personnel involved in military AI capabilities.
5.Kuwait Hosts Fifth General Assembly of the Digital Cooperation Organization
From February 4 to 5, the fifth General Assembly of the Digital Cooperation Organization (DCO) was held in Kuwait, with the participation of ministers and representatives of DCO member states, as well as observers and partners.
During the meeting, member states reaffirmed their commitment to strengthening trusted digital infrastructure and advancing support for startups, investment, and AI readiness through initiatives such as the STRIDE ecosystem, the Digital FDI Initiative, AI readiness and ethical governance tools, and the WE-Elevate initiative.
The Assembly adopted the Kuwait Declaration on Responsible AI for Global Digital Prosperity, which recognizes the potential of artificial intelligence to enhance productivity, competitiveness, and public service delivery, while underscoring the necessity of ethical governance to address risks related to inequality, bias, privacy, and security. The Declaration also reaffirms the DCO’s mission, under its four-year agenda, to achieve digital prosperity for all.
1.OECD Releases Report “Exploring Possible AI Trajectories through 2030”
On February 3, the Organisation for Economic Co-operation and Development (OECD) released the report Exploring Possible AI Trajectories through 2030. Drawing on its beta AI Capability Indicators—covering nine categories of capabilities such as language, social interaction, and problem-solving—combined with expert insights and empirical analysis, the report outlines potential development pathways for artificial intelligence through 2030, providing reference points for national AI policymaking.
The report identifies four core potential scenarios: First, “Stalled Progress,” in which AI capabilities remain close to 2025 levels, with continued application of existing capacities; Second, “Slowed Progress,” characterized by incremental improvements at a reduced pace, enabling assistance with tasks ranging from several hours to several days; Third, “Continued Progress,” maintaining the rapid advancements of recent years, allowing AI systems to autonomously complete month-long professional digital tasks; Fourth, “Accelerated Progress,” in which AI capabilities approach or surpass human cognitive abilities and can autonomously pursue strategic objectives.
On February 5, U.S.-based cybersecurity company Cyberhaven Labs released the 2026 AI Adoption & Risk Report. Based on monitoring and analysis of billions of real-world data flows within enterprise environments, the report assesses data security and governance risks amid the widespread adoption of generative AI.
The report finds that a significant volume of data flowing into AI tools includes sensitive information such as source code and business strategies. Employees frequently interact with generative AI tools through personal accounts, making it difficult for organizations to effectively monitor data flows. The study also systematically evaluates the risk profiles of mainstream generative AI applications and concludes that most tools fall within medium-to-high risk levels. This reflects a notable gap between enterprises’ governance capabilities and the rapid pace of technological diffusion, particularly in addressing the phenomenon of “Shadow AI.”
Link:https://www.cyberhaven.com/press-releases/cyberhaven-2026-ai-adoption-risk-report
3.UK Government Publishes “International AI Safety Report 2026”
On February 3, the UK Government released the International AI Safety Report 2026. The report was led by Yoshua Bengio and co-authored by more than 100 experts from over 30 countries and international organizations. It focuses on emerging risks associated with general-purpose artificial intelligence.
The report is structured around three core questions: First, what general-purpose AI can do and how its capabilities are evolving, including what constitutes general-purpose AI, its current capabilities, and expected advancements in the coming years; Second, the novel risks posed by general-purpose AI, including risks of malicious use, malfunction risks, and systemic risks; Third, risk management approaches and their effectiveness, including the unique challenges presented by general-purpose AI, practical and technical safeguards for mitigating risks, and the specific challenges associated with open-weight models.
4.African Think Tank Publishes Report on AI Governance and Digital Trade
On February 4, the Collaboration on International ICT Policy for East and Southern Africa (CIPESA) released the report Why Data and AI Governance Are Central to Africa’s Digital Trade Ambitions.
The report analyzes the risk that, in the absence of harmonized AI governance frameworks across Africa, AI resources may be exploited without adequate compensation. It proposes advancing cross-border data governance interoperability through the digital trade protocol of the African Continental Free Trade Area (AfCFTA). The report further recommends strengthening localized AI governance systems and enhancing the capacity of independent regulatory authorities to bolster Africa’s voice within the global AI value chain.
5. EIOPA Releases Report “Generative AI Market Survey: Outlook, Use Cases and Risk Management”
On February 2, the European Insurance and Occupational Pensions Authority (EIOPA) published the report Generative AI Market Survey: Outlook, Use Cases and Risk Management.
According to feedback from 347 insurance undertakings across 25 EU Member States, 65% of European insurers are actively using generative AI systems. However, most projects remain at the proof-of-concept stage and rely heavily on third-party service providers. Among these initiatives, 49% have adopted dedicated AI policies.
Efficiency is identified as the primary driver of adoption, while privacy, regulatory compliance, and talent shortages constitute key obstacles. Hallucination risks are cited as the most prominent concern. Applications are concentrated primarily in back-office operations, with 64% of use cases being internal and 36% customer-facing. Across the value chain, the most active areas include customer service, claims management, and sales and distribution, while fraud detection is projected to see the highest future adoption rate. Human oversight remains predominant in current deployments.
1. Google, Amazon, Meta, and Microsoft Project Combined Capital Expenditures of $650 Billion in 2026
According to a February 7 report by Bloomberg, four major U.S. technology companies—Alphabet Inc., Amazon, Meta Platforms, and Microsoft—have disclosed capital expenditure plans for 2026 totaling approximately $650 billion, representing a 60% year-on-year increase and marking the largest investment scale of the century to date. The majority of the funds will be allocated to the construction of data centers and the procurement of AI chips and related infrastructure.
The substantial investment has triggered market volatility, with the combined market capitalization of the four companies reportedly declining by more than $950 billion, as investors expressed concerns about cash flow pressures and the length of return cycles. At the same time, the industry faces bottlenecks in securing key resources such as skilled electricians and semiconductor chips, while constraints in energy supply and the potential distortion of macroeconomic data have also drawn attention.
