EU laws

Germany's NIS2 Implementation Act expected to enter into force, extending cybersecurity obligations to approximately 29,500 companies.

The European Data Protection Board (EDPB) will focus on enforcing the right to erasure in 2025 (Article 17 GDPR) through coordinated actions across 30 Data Protection Authorities and the European […]

Provisions on the governance system become applicable, including AI Board and codes of practice.

Rules for general-purpose AI models and high-risk AI systems become applicable.

The second phase of EU Data Act provisions become effective today, completing the staggered implementation.

Deadline for compliance with DORA's requirements related to ICT third-party risk management and oversight framework for critical ICT third-party service providers.