A STEP TOWARDS AN UNFIED EUROPEAN CAPITAL MARKET ?
Last Thursday in Berlin, the finance ministers of the EU’s six largest economies Germany, France, Italy, Spain, the Netherlands, and Poland reached an agreement to move forward on a unified European capital markets framework the Market and Integration Surveillance Package (MISP). Says Pascal Canfin, EU Parliament member :“Under this deal, the supervision of significant market infrastructure will be progressively transferred to the European Securities and Markets Authority (ESMA) in Paris. This represents an opportunity to move beyond regulatory fragmentation and increase Europe’s attractiveness. This is exactly the kind of ambition the EU needs. At a time when our continent must mobilise private savings to fund innovation, deepen its industrial base, and strengthen its strategic autonomy, the integration of capital markets is a geopolitical necessity.”
HAS MICROSOFT HANDED OVER DUTCH OFFICIAL CUSTOMERS’ DATA TO US SERVICES ?
According to a report by NL TIMES, In the Netherlands, Microsoft is suspected of handing personal data of civil servants to the US House of Representatives, including emails, meeting minutes, and invitations, apparently without redacting their names.
The people affected hold positions at two regulators, the competition authority ACM and the data protection authority AP. That means the exact people working to implement the EU’s Digital Services Act, the law that forces big platforms to act against illegal content, online child abuse, and disinformation.
If this is confirmed, has Microsoft got a choice? The US CLOUD Act compels American tech companies to hand data to US authorities, even when that data sits on servers outside the United States. So the reassuring promise, “don’t worry, your data stays on EU servers,” turns out to be worth nothing the moment it matters.
Another case to expose what dependency on Big Tech can mean, and the risk that comes with it.
AI G7 SUMMIT
On the occasion of this Summit hold on May 29, the members have launched a process to ensure risk assessment methods will converge across the different developed countries and have encouraged developers of advanced models to communicate publicly about their governance and risk mitigation measures. The French presidency has also secured the launch of new work aimed at bringing together the different methods for assessing AI-related risks. The goal is to improve the comparability of approaches developed by States, researchers, and companies in order to facilitate international cooperation.
A NEW EU PLAN TO REDUCE DIGITAL DEPENDENCIES
Upset by the huge dominance of US actors in domains such as Cloud or chips, the EU prepares a new plan to reduce such dependencies.
The plan revolves around several major axes aimed at structuring a true “made in Europe” alternative. Among the measures:
The imposition of risk assessments regarding sovereignty for cloud and artificial intelligence infrastructures.
A regulation on electronic chips allowing the Commission to intervene in production chains in case of a crisis and to force manufacturers to prioritize critical components. Moreover, the Commission wants to shore up its Chips plan which, so far, falls short of achieving its objectives (the target was to reach 20% of the European needs provided by European sources as of 2030, the EU does not seem on track to match the deal).
The establishment of a joint semiconductor purchasing system for member states experiencing severe shortages.
Provisions promoting increased use of open-source software within administrations and public services.
Regarding AI, the Commission wants to boost its adoption by local actors, while deploying a specific plan to resort to AI to better master energy distribution and transition to non-fossil sources. A new RFP for AI GIga factories should be issued in July.
ECA Remark : at the same time, the Commission has adopted a proposal: Cloud and AI Development Act. This document classifies cloud services with four levels, out of which only the two uppers include serious provisions against foreign data capture. It obviously results from a compromise between those who want to continue with US hyperscalers, and those who would prefer to introduce more sovereignty in data processing. Unfortunately, it seems likely that the message will lean onto the first side. Keeping strict control of data should not be reserved to highly sensitive ones only, it’s a matter of making sure European customers’ data is not used by third parties to build the next generation of competitors !
USA: OBLIGATION TO LET THE ADMINISTRATION AND PUBLIC LABS TEST NEW AI MODELS BEFORE THEY ARE ISSUED
Such an obligation existed already de facto, it’s now official. And it will be even more compellent for “covered frontier models”. The presidential act also pushes specific advanced cooperation with some firms, which will be allowed to test the new models in anticipatio this sounds like the GLASSWING initiative for AI based vulnerability discovery systems.
FRANCE: POLYTECHNIQUE FORCED TO STOP ITS ALL MICROSOFT PROJECT
This Newsletter had given preliminary notice, it is now confirmed: after months of a legal trench war, the management of the École Polytechnique officially capitulated by suspending its project to migrate to Microsoft 365. The case coul come as a severe warning for all administrations tempted by the comfort of American giants. By wanting to switch its ecosystem to Microsoft tools, Polytechnique ran into a legal and political wall, between the espionage threats linked to the American Cloud Act and the blatant non-compliance with the French Education Code which requires prioritizing open-source software.
