Briefing Report: Social Media Ban for Under 16s, Anthropic Suspends Foreign Access to Advanced AI Models
UK social media ban for under 16s, Anthropic’s model suspension, Canadian deepfake enforcement, Ring biometric litigation, digital trade rules, and Google advertising trademark liability.
This briefing report examines a growing willingness among governments, regulators, and courts to control access to digital services, artificial intelligence systems, biometric technologies, and online advertising. The central concern is increasingly difficult to ignore. Tech companies have been permitted to introduce systems with significant social consequences before legal responsibility was clearly established. Recent developments expose serious tensions around age verification, national security, privacy, platform monitoring, and institutional accountability. Readers will find a critical account of how law is responding to technologies that have already become deeply embedded in everyday life, often before the public has been given a meaningful opportunity to understand or challenge their operation.
Newsletter Edition 100
🔥 This edition includes important updates and news in technology law from the United States, India, Canada and the European Union. Access the latest opportunities, including remote jobs in technology law, grants, and call for papers.
The Latest in Technology Law:
1. Social media to be banned for under-16s in the UK: The United Kingdom plans to prevent social media platforms from serving children under 16, supported by safer age checks mechanisms and limits on livestreaming and contact with strangers. The regulations are expected on or before December 2026, with implementation planned for spring 2027 across covered services.
2. US directive suspends Anthropic’s Fable 5 and Mythos 5: Anthropic says a United States export control directive requires suspension of Fable 5 and Mythos 5 access for foreign nationals, including employees. The company disputes the stated security basis, has disabled the models globally, and says other models remain available.
3. X in breach of Personal Information Protection and Electronic Documents Act: Canada’s Privacy Commissioner found X Corp. and xAI breached PIPEDA after Grok generated sexualised deepfakes of identifiable people. The findings treat synthetic depictions as personal information and require consent, risk controls, independent audits, monitoring, and evidence that safeguards actually work.
4. Case Note [Drs Logistics (P) Ltd v. Google India Pvt Ltd]: The Delhi High Court dismissed DRS Logistics’ contempt application against Google, finding that earlier judgments required complaint based investigation of advertisements and did not impose proactive monitoring. Google must examine uses of the claimant’s trademarks under its advertising policy promptly.
Lead Story
United Kingdom announces social media ban for children under 16
The United Kingdom government has announced plans to prevent social media platforms from offering their services to children under 16. The proposal covers user to user platforms whose main purpose is social interaction and which combine user posts with recommendation systems.
The government has identified services such as Instagram, YouTube, TikTok, Snapchat, Facebook, and X as examples that may fall within the regime. Messaging services such as WhatsApp and Signal are not intended to be included.
The announcement goes beyond account access. Livestreaming and communication from strangers would be restricted for children under 16 across a wider group of online services, including gaming services.
Those functions would also be disabled as a default setting for users aged 16 and 17.
AI services offering romantic companion functions would face a minimum age of 18. Similar intimate functions on general AI chatbots would be restricted for children.
The legal framework will depend heavily on age assurance.
Ofcom has been asked to examine methods capable of establishing whether a person is over 16 in a manner that is accurate, reliable, fair, and difficult to evade.
The government also plans research on the use of virtual private networks and other methods children may use to bypass access controls.
Adults may not always need a new check where an account already contains reliable age indicators. This part of the policy will require careful privacy scrutiny.
The first set of regulations are expected before the end of 2026, with implementation planned for spring 2027. The government intends to use powers under the Children’s Wellbeing and Schools Act and other secondary legislation.
Important details remain open, including the final list of covered services, exemptions for education and other activities, acceptable age assurance tools, data retention rules, and Ofcom’s enforcement approach.
Providers will need to understand which users can enter a service, which functions they can access, and what evidence demonstrates compliance. Families should expect clearer access rules.
The effectiveness of the regulation will depend on implementation, privacy protections, and consistent enforcement.
The proposal places age based access controls and feature restrictions at the centre of online safety law, creating direct duties for platform eligibility, age assurance, service design, documentation, and regulatory enforcement across social media, gaming services, and certain AI functions.
Technology Law: Updates and Developments
United States directive suspends foreign national access to Fable 5 and Mythos 5
Anthropic announced recently that it had received a United States government export control directive requiring the suspension of access to Fable 5 and Mythos 5 for every foreign national, whether located inside or outside the United States.
The restriction also applies to foreign national employees of Anthropic.
The company stated that it disabled the affected models across all customer accounts to secure compliance. Access to its other models remained available.
According to Anthropic, the government linked the directive to a possible method of bypassing Fable 5 safeguards. Anthropic said the government did not provide specific details in the directive and that the company had only received verbal evidence concerning a narrow technique.
The use of export control powers to regulate access to AI models according to nationality, including access within the United States, is quite significant and to some extent, unprecedented.
Customers using advanced models in multinational teams may now face service interruption even where the customer organisation itself is domestic.
This emerging development also raises important standards for transparency, technical assessment, procedural review, and the treatment of foreign national researchers and employees when advanced AI models are restricted on national security grounds.
X and xAI in breach of privacy law over sexualised deepfakes
Canada’s Office of the Privacy Commissioner found that X Corp. and xAI breached the Personal Information Protection and Electronic Documents Act after Grok was used to generate and publish sexualised deepfakes of identifiable people, including children.
The investigation began on 15 January 2026 after reports of widespread generation during late December 2025 and early January 2026.
The finding shows that the Privacy Commissioner treated a synthetic depiction of an identifiable person as that person’s personal information, even where the image was false. X Corp. and xAI failed to obtain valid consent under Principle 4.3.
The Privacy Commissioner also found that a reasonable person would not consider the relevant collection, use, and disclosure appropriate under subsection 5(3).
Recommended measures included suspending Grok Imagine until effective safeguards could be demonstrated, establishing a formal privacy risk process within six months, providing annual independent audits, and documenting proactive monitoring.
The companies disputed the conclusions. They committed to several measures. The matter remained well founded and unresolved when the report was issued.
The decision provides a practical lesson for every generative AI provider. A policy prohibiting abuse is not enough. Product testing, access controls, detection systems, incident response, measurement, and evidence of effectiveness are very important when a feature can cause harm at scale.
The European Union and four African states conclude enhanced economic partnership negotiations
The European Union, Comoros, Madagascar, Mauritius, and Seychelles concluded negotiations on an enhanced Economic Partnership Agreement on 10 June 2026.
The agreement builds on the interim arrangement applied since 2012 and adds rules on services, investment, public procurement, intellectual property, sustainability, and digital trade.
The digital trade chapter would prohibit customs duties on electronic transmissions, strengthen online consumer protection, and reduce administrative requirements for electronic transactions.
These provisions can support digital services, electronic contracting, and cross border commercial activity.
Their practical value will depend on the final legal text, domestic implementation, regulatory capacity, and accessible remedies for consumers and businesses.
The agreement is not yet in force.
The European Commission must complete internal procedures and submit proposals to the Council for signature and conclusion.
Also, the European Parliament must give consent, the Council must adopt a conclusion decision, and the four African states must complete ratification.
Provisional application may be possible if the parties agree.
The negotiated text had not been published with the announcement. Close review will therefore be needed once it becomes available, especially on data governance, exceptions, authentication, electronic signatures, cybersecurity cooperation, consumer redress, and dispute settlement.
Businesses should treat the announcement as the completion of negotiations, not as an immediate change to applicable trading rules.
Amazon Ring faces privacy lawsuit over Familiar Faces technology
A Virginia resident has filed a proposed class action against Amazon in federal court in Seattle, alleging that Ring’s optional Familiar Faces feature collected and retained facial images without proper consent.
The claimant, Charles Sigwalt, says Ring cameras at the homes of friends and relatives captured his face even though he was not the account holder and had not agreed to biometric processing.
The civil claim seeks at least five million US dollars in damages.
Familiar Faces uses facial recognition to identify people who regularly appear before a camera and can attach names to future notifications.
The legal concern centres on people who enter a camera’s field of view without any direct relationship with Ring.
Visitors, neighbours, delivery workers, and passers by may become biometric data subjects without seeing a notice or receiving a meaningful choice.
Case Note
Case: DRS Logistics Private Limited and another v Google India Private Limited and others
Citation: CS(COMM) 1/2017, I.A. 2646/2020, I.A. 2173/2022, I.A. 18605/2025 and I.A. 25645/2025
Facts in Issue
DRS Logistics and another claimant brought trade mark proceedings concerning the marks Agarwal, Aggarwal Packers And Movers, Drs Logistics, and related variations.
Earlier orders required Google entities to investigate complaints alleging that the claimants’ marks had been used as advertising keywords to divert traffic.
Google was also required to review the overall effect of a notified advertisement and block it where the use infringed the marks or amounted to passing off.
A Division Bench court declined to interfere with those directions in August 2023. During searches conducted in June 2025, the claimants found sponsored links appearing after searches using their marks.
They sent Google a notice supported by screenshots and later applied for contempt, alleging deliberate disobedience of the earlier judgments.
The complaint extended beyond keyword selection. It concerned the appearance of the marks in advertisement text, advertisement titles, and web addresses.
Google maintained that the earlier judgments required action after a specific complaint and did not create a general obligation to inspect every advertisement in advance.
Brief explanation of the dispute
The parties disagreed about the scope of the earlier court directions. DRS Logistics argued that Google had committed to prevent third parties from using the trademarks in advertisement text, titles, and web addresses, and that continued appearances demonstrated disobedience.
Google argued that the operative directions concerned complaints about keyword use and the overall effect of identified advertisements.
Its advertising policy allowed trade mark complaints to be investigated after notice. Google said the judgments did not require permanent surveillance of all advertisements before publication.
Legal issue
The central issue was whether the earlier judgments applied only to the claimants’ trademarks as advertising keywords or also imposed duties concerning their appearance in advertisement text, advertisement titles, and web addresses.
A connected issue concerned the timing of Google’s responsibility. The court had to determine whether Google was required to identify prohibited uses on its own or whether its duty arose after the claimants submitted a complaint identifying a disputed advertisement.
Legal question considered by the court
The court considered whether Google’s failure to prevent third party advertisements containing the claimants’ marks amounted to wilful disobedience of the 2021 and 2023 judgments, and whether those judgments imposed a proactive monitoring duty without prior notice from the trade mark owner.
Decision
The High Court of Delhi dismissed the contempt application. Justice Tejas Karia held that the operative directions in the earlier judgments were confined to the investigation of complaints alleging use of the marks and their variations as keywords.
Those directions required Google to examine the overall effect of an identified advertisement and take action where infringement or passing off was established.
The court found no direction requiring Google to inspect all advertisements in advance for uses of the marks in advertisement text, titles, or web addresses.
References to Google’s policy in the earlier proceedings did not convert the policy into a general court ordered monitoring duty.
Google remained bound by its recorded statement that the marks would not be permitted in advertisement text, titles, or web addresses under its policy. That obligation operates through the complaint process.
A future disputed advertisement may be notified to Google, which must investigate and act under its policy as quickly as reasonably possible.
The court also noted that the web addresses identified in the contempt application had already been taken down after notice.
No wilful disobedience was established. The judgment therefore preserves a notice based enforcement model for these particular directions and confirms that contempt jurisdiction cannot be used to expand the plain terms of an earlier order.
Latest Opportunities
Remote jobs for lawyers
1. Director of Case Law AI-Driven Content (Remote, USA), LexisNexis: Responsible for defining and leading the editorial and subject matter expert teams responsible for delivering AI-enabled case law content initiatives that support LexisNexis’s evolving research and AI product strategy (find out more).
2. Legal Specialist (Remote, Australia), Scissero: You will work directly on live private equity, M&A, and financing transactions for leading global investment firms, asset managers, and corporates using an AI-enabled platform (find out more).
3. Senior Legal Consultant (Remote, Italy), Innodata: Innodata is seeking an experienced Senior Consultant in the legal research domain to support the Italy L&R Prime 2.0 rollout and vendor transition initiative (find out more).
4. Legal Consultant - Legal Tech Project Manager (Remote, USA), NetDocuments: Seeking a Legal Consultant to work with law firms and legal department clients to support their adoption of NetDocuments' platform and AI capabilities (find out more).
5. AI Governance Advisor (Remote, USA), Credo AI: Provide a transformative experience for current and aspiring AI governance leaders by providing them with in-depth knowledge and hands-on engagement in AI risk management, governance, and compliance (find out more).
Conferences, fellowships, events and calls for papers
6. Fellowship Grant: Institute for Humane Studies, up to $20,000. Agentic AI and the Future of News and Information (find out more).
7. Call for Papers: Computational Legal Studies (Cambridge Forum on AI: Law and Governance). It publishes content focused on the governance of artificial intelligence (AI) from law, rules, and regulation through to ethical behaviour, accountability and responsible practice (find out more).
Final Summary
This edition shows regulators and courts paying closer attention to how technology systems operate in practice.
Age checks, AI safeguards, biometric features and advertising complaints, all depend on documented processes that can be tested after deployment.
Written policies carry limited weight when implementation cannot be demonstrated.
Public authorities are also demanding clearer responsibility across providers, developers, platforms, and customers.
The next stage of technology law will be judged through evidence of control, accountability, and effective remedies.