%20(A2%20(Landscape))%20(2).png)
EU Level
EDPB and EDPS push back on AI Act shortcuts: In a joint opinion on the DigitalOmnibus proposal, EU privacy regulators warned that simplification must notweaken accountability. They opposed removing high-risk AI registration andcalled for DPA oversight in sandboxes.
GDPR cross-border enforcement: €3.5M fine over loyalty data targeting: CNILfined a company €3.5M for sharing loyalty program data with a social networkfor ad targeting without valid consent. The sanction was coordinated across 16EU data protection authorities.
Read More
Consent under GDPR gets new scrutiny: CNIL launched a consultation to definepractical standards for proving consent in marketing. It aims to closecompliance gaps around cookie banners, opt-ins, and ambiguous UIs.
Read More
DMA tensions rise: Apple accused the EU of delaying approval of its DMAcompliance plan. Meanwhile, a third-party app store shut down, citing Apple’srestrictive terms. The Commission is investigating.
Read More
NIS2 update: On Jan 20, 2026, the European Commission proposed targeted changesto the NIS2 Directive to improve legal clarity and ease compliance. Key updatesinclude simplified jurisdiction rules, streamlined cyber incident reporting,and a stronger coordination role for ENISA. The proposal aligns with a newsingle-entry-point reporting mechanism and will now move to Parliament andCouncil for adoption.
Read More
Sweden Level
IMY backs EU stance on AI Act safeguards: Sweden’s data protection authority(IMY) publicly supported the EDPB/EDPS joint opinion, stressing that AI Actsimplifications must not weaken fundamental rights or accountability.
%20(A2%20(Landscape))%20(4).png)
%20(A2%20(Landscape))%20(5).png)
%20(A2%20(Landscape))%20(6).png)
%20(A2%20(Landscape))%20(7).png)
