In December 2025, the Spanish Agency for the Supervision of Artificial Intelligence (AESIA) published a set of detailed guidance documents and templates aimed at helping providers and deployers of high-risk AI systems under the EU AI Act comply with the relevant requirements of the law. The materials are also available in English.
Continue Reading Spain Issues Guidance Under the EU AI Act
CJEU Clarifies Responsibilities Of Online Marketplace Operators
On December 2, 2025, the Court of Justice of the European Union (“CJEU”) issued a decision clarifying the obligations of online marketplace operators with regard to content posted on their platform, where such content includes personal data. This blogpost provides an overview of the decision and its key takeaways.
Continue Reading CJEU Clarifies Responsibilities Of Online Marketplace OperatorsEuropean Commission Announces 2030 Consumer Policy Strategy
On November 19, 2025, the European Commission unveiled its 2030 Consumer Agenda, setting out priorities for EU consumer policy over the next five years. Below is an overview of the six key measures most relevant to industry.
Continue Reading European Commission Announces 2030 Consumer Policy StrategyGlobal Privacy Regulators Launch Enforcement Sweep Focused on Children’s Data Protection
Last week, the Global Privacy Enforcement Network (“GPEN”)—a global network of over 30 national data protection authorities—announced the launch of its annual privacy sweep. The purpose of the sweep is to examine how websites and mobile applications commonly used by children handle minors’ personal information. Members of GPEN include regulators who have long prioritized protections for children and teens, such as the Federal Trade Commission (“FTC”), the California Attorney General, the California Privacy Protection Agency, the UK Information Commissioner’s Office, the French Commission Nationale de l’Informatique et des Libertés (“CNIL”), and the Irish Data Protection Commission.
Continue Reading Global Privacy Regulators Launch Enforcement Sweep Focused on Children’s Data ProtectionRoundup of Cross-Border Data Transfer Developments
Over the past few months, there have been several notable developments in the cross-border data frameworks of the U.S., EU, UK, Brazil, and several Asia Pacific (“APAC”) countries. These developments reflect evolving regulatory approaches to international data flows, trade agreements, and national security priorities—each with certain nuances and particularities that multinational companies need to understand and be prepared to navigate.
This blog post provides a brief summary of these developments and key takeaways for companies transferring personal data to or from these jurisdictions.
Continue Reading Roundup of Cross-Border Data Transfer DevelopmentsEDPB to Focus on Transparency in 2026 Enforcement
On October 14, 2025, the European Data Protection Board (“EDPB”) announced that its 2026 coordinated enforcement action (“CEA”) will focus on transparency and information obligations — the rules that require organizations to clearly explain how they collect, use, and share personal data — under Articles 12-14 of the General Data Protection Regulation (“GDPR”).
Continue Reading EDPB to Focus on Transparency in 2026 EnforcementEuropean Commission Publishes Apply AI Strategy to Accelerate Sectoral AI Adoption Across the EU
On 8 October 2025, the European Commission published its Apply AI Strategy (the “Strategy”), a comprehensive policy framework aimed at accelerating the adoption and integration of artificial intelligence (“AI”) across strategic industrial sectors and the public sector in the EU.
The Strategy is structured around three pillars: (1) introducing sectoral flagships to boost AI use in key industrial sectors; (2) addressing cross-cutting challenges; and (3) establishing a single governance mechanism to provide sectoral stakeholders a way to participate in AI policymaking.
The Apply AI Strategy is accompanied by the AI in Science Strategy, and it will be complemented by the Data Union Strategy (which is anticipated later this year).
Continue Reading European Commission Publishes Apply AI Strategy to Accelerate Sectoral AI Adoption Across the EUEU Member States Begin Rolling Out New Product Liability Rules
By December 9, 2026, all EU Member States must update their product liability laws to align with the (new) Product Liability Directive (EU) 2024/2853 (“PLD”). The PLD imposes liability on manufacturers of products (and other relevant parties) for harm caused by defective products, regardless of fault. The PLD modernizes the current EU product liability framework and renders the framework more claimant-friendly (see our previous blog post). It is expected to lead to an increase in claims, primarily as a result of the following changes:
Continue Reading EU Member States Begin Rolling Out New Product Liability RulesItaly Adopts Artificial Intelligence Law
On September 23, 2025, the Italian law on artificial intelligence (hereinafter, “Italian AI Law”) was signed into law, after receiving final approval by the Italian Senate on September 17, 2025.
The law consists of varied provisions, including general principles and targeted sectoral rules in certain areas not covered by the EU AI Act. The Italian AI Law will enter into force on October 10, 2025. We provide below an overview of key aspects of the final text of the Italian AI Law. For full detail, please see our previous blogpost here.
Continue Reading Italy Adopts Artificial Intelligence LawBrazil Adopts Law Protecting Minors Online
On September 17, 2025, Brazil enacted the Digital Statute of the Child and Adolescent (“Digital ECA”), establishing a pioneering regulatory framework for protecting children (under 12 years of age) and adolescents (between the ages of 12 and 18) online. Brazil’s Congress approved the new law in a matter of just a few days in response to parents’ pressure, after a well-known Brazilian digital influencer published a series of online videos on the “adultization” of children on the internet.
Continue Reading Brazil Adopts Law Protecting Minors Online