Author: Bohdana

EDPB approves Europrivacy certification criteria for use in international data transfers

The European Data Protection Board (EDPB) has approved the Europrivacy certification criteria for use as a European Data Protection Seal in the context of international data transfers under Articles 42 and 46 GDPR. In principle, certifications issued under the scheme may be relied upon as an Article 46(2)(f) transfer mechanism for certified data importers outside […]

EU launches ICT Supply Chain Security Toolbox to address cybersecurity risks

On 30 January 2026, the NIS Cooperation Group, comprising representatives of EU Member States, the European Commission and the EU Agency for Cybersecurity (ENISA), adopted the EU ICT Supply Chain Security Toolbox, establishing a common EU approach to identifying, assessing and mitigating cybersecurity risks across ICT supply chains. The toolbox provides a structured, non-binding framework […]

IMY Annual Report 2025: Complaint and Supervision Statistics

On 20 February 2026, the Swedish Authority for Privacy Protection (IMY) published its Annual Report 2025, outlining a year marked by a sharp increase in complaints and data breach notifications, and a proposal to review the GDPR. Complaints, supervision and sanctions IMY received 7,434 complaints in 2025, a 102% increase compared to 2024. In parallel, […]

EDPB–EDPS Joint Opinion on the Digital Omnibus proposal

On 19 November 2025, the European Commission issued a Digital Omnibus proposal with the aim to simplify compliance with the digital rulebook, hereby amending several EU digital legislation, such as GDPR, Data Act and ePrivacy Directive. The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a Joint Opinion on the proposed […]

NIS2 Entities Registration in Sweden – Guidance

The EU’s NIS2 Directive, implemented in Sweden via the Cybersecurity Act (Sv. Cybersäkerhetslag (2025:1506), introduces a mandatory obligation for covered organisations to register with the supervisory authority. In this context, the Swedish Civil Defence and Resilience Agency (Sv. Myndigheten för civilt försvar) has issued guidance and launched a registration platform to facilitate compliance. From 2 […]

EU Digital Networks Act: The Commission’s Proposal

On 21 January 2026, the European Commission published its proposal for a Digital Networks Act (DNA), which would repeal and replace the European Electronic Communications Code (EECC) in its entirety. The EECC currently forms the core of EU regulation for electronic communications, governing the provision of electronic communications networks and services, including fixed and mobile […]

New EU Regulation on Cross-Border GDPR Enforcement Procedures

On 12 December 2025, a new EU Regulation was published, setting harmonised procedural rules for the handling of cross-border GDPR enforcement cases by data protection authorities. The Regulation standardises the procedural framework for complaint-based investigations and investigations initiated by data protection authorities on their own motion, involving cross-border processing. It structures the full enforcement lifecycle, […]

Cyber Resilience Act: Technical Descriptions for Important and Critical Products Are Published

The European Commission has adopted Implementing Regulation (EU) 2025/2392, providing the technical descriptions for the categories of important and critical products with digital elements under the Cyber Resilience Act (Regulation (EU) 2024/2847). The CRA establishes a tiered regulatory framework, whereby the required level of assurance depends on a product’s core functionality and the associated cybersecurity […]

Read More About AI
AI News
Read More About Consumer & E-commerce
Consumer & E-commerce News
Read More About Cybersecurity
Cybersecurity News
Read More About Data
Data News
Read More About Digital Privacy
Digital Privacy News
Read More About Digital Services
Digital Services News