US Data Transfers in the Trump Era – What’s Not Said Can Be Just as Important
Here we go again… Over the past few weeks, changes introduced by the new U.S. administration have had a significant impact—too many to cover in a short post, but I’m sure most of you are aware. One of the effects of these changes is a shift in EU-U.S. relations, and unfortunately, not in a positive […]
AI Liability Directive Proposal Withdrawn
On February 12, 2025, the European Commission announced that it would no longer proceed with the proposed Artificial Intelligence Liability Directive (AILD). Originally introduced in 2022, the AILD aimed to establish uniform rules across the EU for compensating individuals harmed by AI systems. The directive sought to address gaps in existing laws and legal systems […]
EU Commission Withdraws e-Privacy Regulation Proposal
On 12 February 2025, the European Commission officially withdrew its proposal for a new E-Privacy Regulation, concluding years of debate over new rules on electronic communications privacy. Originally introduced in 2017, the regulation aimed to complement the General Data Protection Regulation (GDPR) and replace the E-Privacy Directive (2002/58/EC). However, persistent disagreements and shifted focus have […]
Guidelines on GDPR and the use of generative AI
New Privacy Guidelines on Generative AI from European Data Protection Authorities In recent weeks, several European data protection authorities have published new guidance outlining key data protection considerations for the use of generative AI. These guidelines address compliance challenges related to both the training of AI models and their deployment in various applications. Two significant […]
Commission publishes Guidelines on prohibited AI practices under the EU AI Act
At last—only two days after the prohibitions under the AI Act came into force—the European Commission has published and approved its much-anticipated first guidance. While the document still awaits formal adoption, we do not foresee any obstacles and will keep you informed if the situation changes. The guidance spans 140 pages, and you can find […]
Re-Launch of the new and improved tracker
Snellman is excited to (re)launch our Digital Compliance Tracker! The new and improved Snellman Digital Compliance Tracker is re-launched today! The tracker provides an overview of key EU regulations and directives governing digital products and services. It covers AI, Consumer & E-commerce, Cybersecurity, Data, Digital Privacy, and Digital Services. It is designed to simplify the […]
Cyber Solidarity Act enters into force
The Cyber Solidarity Act will enter into force on 4 February 2025. The aim of the regulation is to improve the preparedness, detection and response to cybersecurity incidents across the EU and creates a “European Cybersecurity Shield”. You can find the full regulation in our compliance tracker here.
Cyber Resilience Act enters into force
On 10 December 2024 the Cyber Resilience Act entered into force. The regulation aims to: You can find the full regulation in our compliance tracker here.
EDPB publishes reports on bias and data subjects’ rights in the AI context
The EDPB has today published two reports on how to understand and assess bias and implementation of data subjects’ right in the AI context by clarifying methods and tools usable. The reports were developed as part of the AI: Complex Algorithms and Effective Data Protection Supervision project, initiated under the Support Pool of Experts programme. […]
Council adopts new regulation establishing the European Health Data Space
The Council has adopted a new regulation, establishing the European Health Data Space (EHDS), for the exchange and access to health data at EU level. The aim is to improve natural persons’ access to and control over their personal electronic health data in the context of healthcare. In addition the regulation aims to better achieve […]