{"id":107889,"date":"2025-03-12T17:57:53","date_gmt":"2025-03-12T21:57:53","guid":{"rendered":"https:\/\/cdt.org\/?post_type=insight&p=107889"},"modified":"2025-04-03T05:16:50","modified_gmt":"2025-04-03T09:16:50","slug":"eu-tech-policy-brief-march-2025","status":"publish","type":"insight","link":"https:\/\/cdt.org\/insights\/eu-tech-policy-brief-march-2025\/","title":{"rendered":"EU Tech Policy Brief: March 2025"},"content":{"rendered":"\n

Welcome back to the Centre for Democracy & Technology Europe\u2018s Tech Policy Brief! This edition covers the most pressing technology and internet policy issues under debate in Europe and gives CDT\u2019s perspective on the impact to digital rights. To sign up for CDT Europe\u2019s AI newsletter, <\/em>please visit our website<\/em><\/a>. Do not hesitate to contact <\/em>our team<\/em><\/a> in Brussels.<\/em><\/p>\n\n\n\n

\ud83d\udc41\ufe0f Security, Surveillance & Human Rights<\/strong><\/p>\n\n\n\n

CDT Europe at RightsCon 2025<\/strong><\/p>\n\n\n\n

CDT US and CDT Europe took part<\/a> in the 13th edition of RightsCon<\/a>, held in Taipei from 24-27 February. CDT Europe\u2019s Silvia Lorenzo Perez participated in several sessions addressing abuse of commercial spyware in the EU and beyond from several angles, including investor accountability, the complexities of defining spyware, financial tracking (“follow the money” reporting), litigation strategies, global regulatory efforts, and the geopolitical factors shaping policy responses.<\/p>\n\n\n\n

Silvia spoke on two key panels addressing spyware regulation and global accountability. The first, hosted by the Human Rights Center at the University of Minnesota<\/a>, explored the challenges and lessons of spyware regulation, using the European Parliament\u2019s PEGA Committee Report<\/a> as a starting point. It incorporated insights from UN Special Procedures, observations from UNODC and OHCHR, and civil society perspectives on ground-level realities and necessary reforms. The discussion also considered the EU’s leadership role in global spyware regulation, particularly where multilateral efforts have struggled. <\/p>\n\n\n

\n
\"CDT
CDT Europe and CDT US Security and Surveillance teams in front of the official RightsCon sign.<\/figcaption><\/figure><\/div>\n\n\n

The second panel, organised by the Spyware Accountability Initiative<\/a>, convened global experts to assess progress in spyware accountability, covering research, litigation, state regulation, and investor engagement. Silvia reflected on developments over the past year and expectations for the year ahead. <\/p>\n\n\n\n

CDT Europe also took advantage of the presence of key European partners at RightsCon to host a strategic brainstorming session, identifying challenges and opportunities to advance regulatory and litigation efforts in the region.<\/p>\n\n\n\n

Focus on the Pall Mall Process for the Future of Spyware Regulation<\/strong><\/p>\n\n\n\n

Spyware and cyber threats were also a major topic at CyberNext Brussels 2025<\/a> on 5 March, where CDT Europe\u2019s Silvia Lorenzo Perez appeared on a panel to discuss commercial spyware\u2019s growing impact in Europe and its risks to cybersecurity, national security, and human rights. In response to concerns about lacking oversight of States\u2019 spyware uses, Silvia emphasised the need for governments to limit their use of spyware and ensure that national security claims are necessary, proportionate, and clearly defined by law, and respect the essence of fundamental rights. Those claims should also be subject to strong oversight, in line with the standards set by the European Court of Human Rights and the Court of Justice of the European Union.<\/p>\n\n\n\n

Silvia\u2019s panel also discussed the Pall Mall Process<\/a>, a joint initiative by France and the UK to establish guiding principles for development, sale, and use of commercial spyware. While the process offers an important multistakeholder platform for dialogue, robust safeguards are still crucial to prevent spyware misuse and protect fundamental rights. Panelists also emphasised the importance of EU-level action in addressing the proliferation of commercial spyware.                                               <\/strong><\/p>\n\n\n\n

Recommended read: <\/em><\/strong>Council of Europe, Europe Press Freedom Report – 2024: Confronting Political Pressure, Disinformation, and the Erosion of Media Independence <\/a><\/p>\n\n\n\n

 \ud83d\udcac Online Expression & Civic Space<\/strong><\/p>\n\n\n\n

International Women\u2019s Day 2025<\/strong><\/p>\n\n\n\n

To mark International Women\u2019s Day 2025, our Secretary General Asha Allen participated in two important occasions to discuss the state of play for gender equality in Europe.<\/p>\n\n\n\n

During a conversation with Laeticia Thissen<\/a> for the FEPS Talks podcast, Asha reflected on the impact of online gender-based violence on democratic and civic space participation. The two also discussed how harmful content moderation practices result in self-censorship of feminist and LGBTQI+ voices, an effect widely criticised by advocates. <\/p>\n\n\n

\n
\"CDT
CDT Europe Secretary General Asha Allen speaking at a panel for the \u201cEquality in Digital” event at the European Parliament, organised by MEP Elena Sancho Murillo.<\/figcaption><\/figure><\/div>\n\n\n

At the “Equality in Digital” event<\/a> at the European Parliament, organised by Member of the European Parliament Elena Sancho Murillo, Asha joined a panel to exchange on how to implement regulations such as the DSA, Directive on Violence against Women, and AI Act, to effectively address the harms that AI systems can cause for victims.<\/p>\n\n\n\n

Addressing Online Threats Against Journalists and Fact-Checkers<\/strong><\/p>\n\n\n\n

On 11 March, CDT Europe\u2019s David Klotsonis took part in a thematic roundtable on journalistic protections, organised by the OSCE Representative on Freedom of the Media<\/a>. The discussion focused on strengthening Big Tech accountability and engagement to enhance journalists\u2019 safety, with key topics including safety-by-design measures and escalation channels.<\/p>\n\n\n\n

David emphasised the need for safety-by-design approaches to mitigate online risks for journalists. While platforms often rely on ex-post moderation, their engagement-driven models can amplify online violence. The Digital Services Act (DSA) includes critical provisions, such as Article 22 on Trusted Flaggers,<\/a> to help identify harmful content including threats against journalists. However, their effectiveness is undermined by resource constraints, low adoption rates, and public skepticism. Additionally, attacks seeking to delegitimize the media have increasingly targeted fact-checkers and Trusted Flaggers themselves. To ensure these tools fulfill their purpose, national regulators (Digital Services Coordinators) must prioritise adequate resourcing and clear communication to build public trust in mechanisms designed to protect journalists and uphold media integrity.<\/p>\n\n\n\n

Recommended read<\/em><\/strong>: Tech Policy Press, A New Framework for Understanding Algorithmic Feeds and How to Fix Them<\/a><\/p>\n\n\n\n

\u2696\ufe0f Equity and Data<\/strong><\/p>\n\n\n\n

Global AI Action Summit: A Missed Opportunity<\/strong><\/p>\n\n\n\n

CDT Europe\u2019s Laura Lazaro Cabrera attended the French AI Summit, held in Paris on 10 and 11 February, which was largely a missed opportunity<\/a> for EU policymakers to defend and promote the bloc\u2019s Artificial Intelligence Act on a global stage. Instead, representatives promised an innovation-friendly implementation of the AI Act and committed to cutting red tape for companies. Despite the limited spaces created by the French AI Summit to hold frank and meaningful discussions about the risks posed by AI, several Summit side events explored these questions in depth. Many were organised by civil society organisations critically reflecting on the global approach to AI governance and devising strategies to move forward. <\/p>\n\n\n

\n
\"Group
Group picture with Programme Director Laura Lazaro Cabrera, CDT CEO Alexandra Reeve Givens, and civil society representatives at the French AI Summit.<\/figcaption><\/figure><\/div>\n\n\n

One of these events, organised by Renaissance Num\u00e9rique<\/a>, notably explored how to meaningfully leverage civil society participation in global AI governance processes. Civil society representatives took stock of the French AI Summit and brainstormed crucial changes needed to build on lessons learned. At the event, Laura delivered a summary of panelists\u2019 and discussants\u2019 inputs, and set the scene for the concluding remarks. <\/p>\n\n\n\n

Third Draft Code of Practice on General-Purpose AI Released <\/strong><\/p>\n\n\n\n

On 11 March, the European Commission unveiled the third draft of the Code of Practice on general-purpose AI (GPAI)  \u2013 the last draft to be put to final consultation. This latest draft splits the Code of Practice into four parts, dealing with commitments, transparency, copyright, and safety and security respectively. The latter section addresses obligations relative to risk assessment and mitigations, and has been subject to significant changes amounting to a significant regression in terms of fundamental rights protections. The list of mandatory risks to be assessed \u2014 also known as \u201cselected\u201d systemic risks taxonomy \u2014 has been substantially watered down, and now excludes discrimination, which has been relegated to the list of optional risks alongside CSAM\/NCII and risks to privacy. The draft moreover dissuades GPAI model providers from considering these risks, cautioning them to only assess them if they are specific to the high-impact capabilities of GPAI models. Read our initial analysis on our website<\/a>.<\/p>\n\n\n\n

Recommended read<\/em><\/strong>: Reuters, Spain to impose massive fines for not labelling AI-generated content <\/a><\/p>\n\n\n\n

\ud83d\uddde\ufe0f In the Press<\/strong><\/p>\n\n\n\n