Real-time EU regulatory monitoring with AI-powered impact analysis
The Dutch Data Protection Authority (AP) has approved a protocol allowing freight carriers, storage companies, and forwarders to refuse drivers previously involved in cargo theft. Organizations adhering to the protocol's conditions will receive permission from the AP to share data about these individuals.
The Federal Commissioner for Data Protection and Freedom of Information (BfDI), Prof. Dr. Louisa Specht-Riemenschneider, has renewed her call for a fundamental advancement of freedom of information laws during her 8th Symposium on Information Freedom. This push aims to enhance transparency and access to information within the federal government.
The European Commission has proposed the Cloud and AI Development Act (CADA) to enhance the EU's cloud and AI infrastructure. This initiative aims to boost energy-efficient data center capacity and support the broader adoption of AI and cloud technologies across Europe. The act focuses on research, development, and innovation to strengthen the EU's digital ecosystem.
The European Commission has unveiled a comprehensive tech sovereignty package comprising legislative proposals (Chips Act 2.0 and Cloud and AI Development Act), an open source strategy, and a digitalisation roadmap for energy, aimed at strengthening Europe's technological independence in semiconductors, AI, cloud infrastructure, and open source software. This initiative directly impacts organizations subject to the AI Act and those relying on cloud and semiconductor technologies, requiring strategic alignment with emerging European technological standards and potential new compliance obligations. Organizations should anticipate new regulatory requirements around AI development, cloud services, and supply chain resilience as these legislative proposals advance through the EU legislative process.
The European Commission has proposed the Chips Act 2.0 to enhance the semiconductor industry within the EU. This update aims to reduce dependencies on third countries, support advanced chip production, and ensure the security and resilience of critical infrastructures.
The European Commission has introduced the European Technological Sovereignty Package, which includes a comprehensive strategy to enhance technological sovereignty across various tech sectors. This package comprises four key initiatives, including the Chips Act 2.0 and the EU Open Source Strategy, aimed at strengthening the semiconductor ecosystem, supply chain resilience, and domestic demand.
The European Commission has launched a survey to gather insights on the use of AI in healthcare and pharmaceuticals, focusing on benefits, enabling factors, and barriers to adoption. The survey is open from June 2 to June 26, 2026, and follows the publication of the 'Apply AI Strategy'. This initiative aims to understand the current landscape and challenges of AI implementation in these sectors.
The European Data Protection Board (EDPB) has issued Opinion 17/2026 on the draft decision by the Dutch Supervisory Authority regarding the Processor Binding Corporate Rules (BCRs) of the Infor Group. This opinion provides guidance on the compliance of Infor Group's BCRs with GDPR requirements, particularly focusing on data processing activities. Organizations using Infor Group's services should review this opinion to ensure their data processing activities align with GDPR standards.
The European Data Protection Board (EDPB) has issued Opinion 16/2026 on the draft decision by the Dutch Supervisory Authority regarding the Controller Binding Corporate Rules (BCRs) of the Infor Group. This opinion provides guidance on the compliance of Infor Group's BCRs with GDPR standards, focusing on data transfer mechanisms and corporate data protection policies.
The EU AI Office is hosting a webinar on June 24, 2026, to discuss how AI can drive innovation and safeguard cultural diversity in Europe's cultural, creative, and media sectors. This event will feature EU experts and align with the Apply AI Strategy, focusing on the transformative potential of AI in these industries.
The Swedish Authority for Privacy Protection (IMY) held a roundtable discussion on the current Swedish regulations regarding the processing of data related to criminal offenses. The discussion aimed to evaluate and potentially revise the existing framework for handling such sensitive information.
The German Federal Commissioner for Data Protection and Freedom of Information (BfDI) has published the first nationwide representative survey on freedom of information. This survey aims to assess public perception and trust in information freedom, emphasizing its role as a guarantee of trust rather than a security risk.
This week's newsletter from CERT-SE provides a selection of news, analyses, and reports in the field of cybersecurity from the past week. It serves as an informative update on recent developments and trends in cybersecurity. No immediate actions or compliance changes are indicated.
Starting May 30, 2026, the German Federal Commissioner for Data Protection and Freedom of Information (BfDI) will assume a new responsibility. They will oversee the application of the Data Act (Regulation (EU) 2023/2854) for both the economy and federal public bodies, specifically concerning personal data.
The EU Commission is launching a targeted consultation on draft guidelines for trusted flaggers under the Digital Services Act (DSA), with feedback accepted from May 29 to June 26, 2026. Trusted flaggers are organizations that report illegal content and systemic risks to online platforms, and these guidelines will clarify their role, rights, and obligations. Organizations involved in content moderation, platform governance, or digital services compliance should engage with this consultation to shape how trusted flagger mechanisms will operate across the EU.
The French data protection authority, CNIL, has issued guidance to help cloud computing actors identify their roles and responsibilities when processing personal data. The guidance includes practical examples to clarify these roles, ensuring better compliance with data protection regulations.
The French data protection authority, CNIL, held a plenary session on May 28, 2026, to discuss various agenda items related to data protection and privacy. The specific topics discussed are not detailed in the summary, but such sessions typically involve updates on regulatory guidance, enforcement actions, and emerging privacy issues.
On May 26, 2026, IQVIA OPERATIONS FRANCE was fined 5 million euros for failing to comply with guarantees aimed at limiting risks to individuals in the management of health data warehouses. This enforcement action by CNIL highlights the importance of adhering to data protection regulations, particularly when handling sensitive health information.
The European Commission has fined Temu €200 million for failing to comply with the Digital Services Act (DSA). The company did not adequately assess the risks of illegal products being sold on its platform, leading to potential harm for EU consumers. This enforcement action highlights the importance of thorough risk assessments and compliance with the DSA.
The French data protection authority (CNIL) and its South Korean counterpart (PIPC) have jointly created a poster to educate users on protecting their personal data when using generative AI services. This initiative aims to raise awareness about data privacy risks associated with AI tools.
The CNIL has published guidance on data breaches involving subcontractors, highlighting common risks and preventive measures. This update emphasizes the importance of securing data accessed by third-party vendors and provides insights based on real incidents reported to the CNIL.
The Swedish Privacy Protection Authority (IMY) has completed a review of Svensk Bakgrundsanalys AB, focusing on how the company complies with certain conditions for processing personal data related to criminal offenses. This supervision highlights the importance of adhering to regulatory requirements when handling sensitive personal data.
The European Data Protection Board (EDPB) has issued new guidelines on the use of personal data in scientific research and is inviting public feedback. These guidelines aim to clarify how personal data should be handled in research contexts. Organizations involved in scientific research should review these guidelines and consider providing feedback.
The EU AI Office has launched a call for tenders to develop a data altruism consent management system. This system will enable individuals to manage their consent for data altruism in a legally compliant manner. The call is open from May 27, 2026, to June 30, 2026.
Euregas analyzes regulatory updates and provides personalized action recommendations, deadlines, and compliance scores specific to your organization.