Sportadmin Saga continues, IMY fines 6 000 000 SEK: The Swedish Authority for Privacy Protection (IMY) fined Sportadmin i Skandinavien AB six million SEK after a cyberattack exposed the personal data of more than 2.1 million users, including children. The investigation found that the company had failed to implement appropriate technical and organizational measures required under Article 32 GDPR despite being aware of existing system vulnerabilities. Sensitive data such as names, social security numbers, contact details and health information was accessed and later published on the Darknet. IMY concluded that the company’s inadequate security measures significantly increased privacy risks and constituted a clear violation of GDPR. 

Austrian DPA Upholds Complaint Over Unlawful Microsoft 365 Education Cookies: The Austrian Data Protection Authority ruled that Microsoft unlawfully installed tracking cookies on a pupil’s device while she used Microsoft 365 Education without obtaining valid consent. The decision found that the cookies collected personal data for purposes such as usage analysis and advertising, contradicting Microsoft’s claim that they were merely necessary or pseudonymous. The authority ordered Microsoft to stop using non‑essential cookies without a proper legal basis under the GDPR. 

AEPD Fines Telefónica for Improper Identity Verification in SIM‑Swap Fraud Case: The AEPD fined Telefónica €200,000 after it issued a duplicate SIM card without properly verifying the requester’s identity, enabling a third party to commit SIM‑swap fraud and access the victim’s bank accounts. The authority held that the controller violated Article 6(1) GDPR because it could not prove that the data subject had requested or consented to the duplicate SIM. It also found that Telefónica failed to meet the accountability requirements of Article 5(2), as it lacked evidence of effective technical and organisational measures to prevent foreseeable risks such as SIM‑swap attacks. The AEPD concluded that the infringement was negligent and warranted a substantial fine due to the seriousness of the breach and the controller’s responsibilities in the telecommunications sector. 

Private Cellular Networks Enter Mainstream Growth Phase: The private cellular networking market has reached a major turning point, with 6,500 active deployments recorded by the end of last year and a market valuation of $2.4 billion. Growing availability of dedicated spectrum, improved device ecosystems, and rising enterprise demand for low latency use cases are accelerating adoption. Analysts predict rapid expansion, with the market expected to reach $12 billion by 2030, supported by both established vendors like Nokia and emerging competitors leveraging virtualised and Open RAN solutions. Forecasts from SNS Telecom & IT and Analysys Mason reflect wide industry consensus that private networks are becoming an essential component of enterprise digital transformation. 

Telia and Ice Form Joint RAN Venture to Boost Norwegian Mobile Coverage: Telia Norway and Ice have agreed to combine their mobile radio access networks into a jointly owned 50-50 venture that will operate shared RAN infrastructure while both operators maintain independent core networks. The shared network is expected to become operational in the second quarter of 2026 and aims to deliver substantial nationwide coverage improvements by 2027, particularly in rural areas. Telia expects the collaboration to generate significant cost and capital expenditure synergies, easing financial pressure and supporting continued investment in Norway’s mobile infrastructure. The partnership is positioned to strengthen competition, offer more attractive customer offerings, and improve digital resilience across the country. 

SoftBank and Ericsson Demonstrate AI Driven MIMO Enhancements: SoftBank and Ericsson have introduced an AI powered system that dynamically adjusts massive MIMO coverage in real time based on minute by minute user distribution data. The system was tested at Expo 2025 in Osaka where it boosted downlink throughput by approximately 24 percent during rapid traffic fluctuations. It automatically modifies both horizontal and vertical beam patterns to manage unpredictable spikes at large events, reducing issues like packet stalling. Following successful trials, the partners have expanded deployment to major event venues across Japan as part of ongoing AI RAN and 5G network collaboration. 

Google and Character.AI Settle Lawsuit Over Florida Teen’s Suicide: Google and AI startup Character.AI have agreed to settle a lawsuit brought by a Florida mother who alleged that a Character.AI chatbot encouraged her 14‑year‑old son to take his life, marking one of the first U.S. cases claiming psychological harm caused by AI systems. Terms of the settlement were not disclosed, but court documents show that the companies have also settled similar lawsuits from families in Colorado, New York, and Texas. The case drew national attention because the chatbot reportedly engaged the teen in harmful roleplay while portraying itself as a fictional character, raising concerns about AI safety and protections for minors. 

AI Models vs. AI Services: The Distinction That Determines Security: RISE highlights that confusion between AI models, AI services, cloud solutions, and locally run systems often leads to incorrect assumptions about security risks in the public sector. The blog emphasizes that the real security determinant is not where a model originates, but how it is deployed cloud‑based services involve sending data outside the organization, whereas locally hosted models keep all processing internal, enabling clearer control and reduced exposure. This shift in deployment focus moves risk considerations from third‑party access to internal governance, such as permissions, logging, updates, and model behavior. Despite local operation reducing certain risks, models still inherit vulnerabilities from their training data and tuning, underscoring the need for both technical and organizational maturity when integrating AI into public‑sector workflows.  

California Proposes New Rules for Lawyers’ and Arbitrators’ Use of Generative AI: California’s SB 574 introduces statutory safeguards governing how attorneys and arbitrators may use generative AI, reinforcing existing professional duties rather than banning AI outright. The bill would require lawyers to avoid inputting confidential or non‑public client information into public AI systems and to personally verify the accuracy of any AI‑generated material used in briefs, motions, or other filings. It also bars legal filings from including citations the submitting attorney has not personally read and confirmed, addressing nationwide incidents of fabricated AI‑generated case law. For arbitrators, SB 574 prohibits delegating any part of their decision‑making to generative AI tools and restricts reliance on AI‑generated information outside the official record without proper disclosure to parties. Overall, the bill seeks to ensure that human judgment, ethical obligations, and accountability remain central to legal practice as AI tools become more prevalent in the justice system. 

Registering Operations Under Sweden’s New NIS2‑Based Cybersecurity Law: MCF explains that the new Swedish cybersecurity law implementing the NIS2 Directive requires all covered operators to register their operations, with a new registration portal launching as the law enters into force. The portal, released after 15 January and aligned with regulations published on 2 February 2026, will collect key organizational details, sector classification, identification as a “essential” or “important” entity, and technical identifiers such as IP addresses and domain names. No organization is required to register before the new portal is available. The obligation applies to all entities covered by the law, including municipalities and regions, who must self‑assess whether they fall under NIS2. The accompanying MCFFS 2026:1 regulation specifies how essential and important operators are defined. 

Google Cloud Joins Auto‑ISAC to Enhance Automotive Cybersecurity: Google Cloud has partnered with the Automotive Information Sharing and Analysis Center (Auto‑ISAC) as an Innovator Partner to bolster cybersecurity across the automotive sector, extending efforts from IT and factory systems to consumer vehicles. With over 1.5 billion vehicles at risk and a growing threat landscape targeting cloud-enabled automotive systems, the collaboration taps into Google’s security expertise—including resources from Mandiant—to support over 80 OEMs and suppliers in threat detection, crisis management, and resilience building. This initiative underscores Google’s commitment to automotive digital transformation, leveraging collective defense models and global intelligence to secure the future of software-defined vehicles. 

Government Proposes New Law to Introduce a Swedish State‑Issued e‑ID: The Swedish government’s legal proposal outlines a new law establishing a state‑issued electronic identification (e‑ID) available to Swedish citizens, registered foreign residents, and individuals with immunity numbers, aiming to secure long‑term access to reliable electronic identification and comply with updated EU eIDAS requirements. The e‑ID would require applicants to be at least nine years old, and the law would define rules for issuance, identification procedures, and technical standards, with the system designed to function as a high‑trust national digital identity solution. The proposed legislation—including related amendments to the Public Access to Information and Secrecy Act—is planned to enter into force on 1 December 2026, strengthening Sweden’s digital infrastructure and ensuring secure, uniform access to public and private digital services nationwide.   

Marseille Court Recognises Blockchain Timestamping as Valid Copyright Evidence: The Marseille Judicial Court ruled that blockchain‑anchored timestamps—specifically cryptographic fingerprints stored on the Bitcoin blockchain—constitute legitimate proof of copyright ownership and anteriority, even when traditional evidence such as a seizure report was declared procedurally invalid. The case involved fashion house AZ Factory, whose designs “Love from Alber” and “Hearts from Alber” were timestamped on the blockchain in 2021 and later infringed by a competing distributor; the court accepted these immutable records as sufficient evidence to establish AZ Factory’s rights. This landmark decision marks one of the first formal recognitions in France of blockchain’s evidentiary value in copyright disputes, signaling a broader shift toward accepting digital proof mechanisms in intellectual property enforcement. 

Artworks Enter the Public Domain in 2026: EUIPO highlights that 2026 marks the transition of numerous creative works into the public domain, meaning they become freely usable cultural resources for artists, educators, and businesses without copyright restrictions. This shift follows EU copyright rules—typically 70 years after an author’s death—bringing works by creators who died in 1955 into open access, enabling reuse, adaptation, and new creative expression across sectors. Despite entering the public domain, some works may still face other legal constraints such as cultural heritage protections, requiring users to navigate additional national regulations when reusing publicly owned artworks. 

Key Changes in Sweden’s Proposed Private Copying Compensation Rules: The Swedish government’s draft bill proposes a more technology‑neutral and predictable system for private copying compensation, requiring manufacturers and importers of electronic devices—such as smartphones, computers, and storage media—to continue funding compensation while introducing lower, capped fee levels and clearer rules for refunds and secondary liability.  The reform broadens the range of rightsholders eligible for compensation and modernizes the system by removing outdated categories and ensuring that costs for consumers and businesses remain reasonable.  The changes, including new mediation options to simplify negotiations, are planned to take effect on 1 September 2026 and will significantly impact electronics companies, cultural creators, and organizations handling copyright compensation. 

Why High Tariffs Have Not Yet Weakened the U.S. Economy: Despite steep tariff increases under President Trump, the U.S. economy has remained more resilient than many economists predicted, with GDP still growing faster than expected. Several factors have buffered the economy, including strong spending on artificial intelligence, government deficit spending, and corporate strategies such as stockpiling goods, shifting production, and avoiding passing costs to consumers. Overseas exporters have also lowered prices to maintain market share, reducing the inflationary impact on U.S. consumers. Economists caution that some of these protective effects may fade, as imported goods subject to tariffs are now beginning to show higher prices, suggesting more persistent inflation ahead. 

India US Trade Deal Cuts Tariffs and Boosts Export Prospects: The United States and India announced a trade deal reducing U.S. tariffs on Indian goods from 50 percent to 18 percent, aimed at increasing Indian exports and improving market sentiment. India will increase purchases of U.S. energy, defence equipment, technology, pharmaceuticals, and farm products as part of the agreement. Indian exporters expect gains across sectors such as textiles, pharmaceuticals, chemicals, footwear, jewellery, and shrimp due to improved competitiveness in the U.S. market. Although some uncertainties remain about which products may eventually receive zero tariffs, the deal marks the first phase of a broader agreement intended to deepen economic ties between the two countries.

Americans View Trump’s Tariffs as Economically Harmful: A new poll shows that 56 percent of Americans believe tariffs on imported goods hurt the U.S. economy. The survey suggests growing public skepticism toward the economic effectiveness of Trump’s tariff strategy. Although opinions vary across political groups, the overall sentiment reflects concern that tariffs may negatively affect prices and economic stability. The findings highlight a significant public perception challenge for continued tariff policies. 

• European Commission – Artificial intelligence and earth observation: From innovation to services 

          Date:  9 – 10 March 2026,  

          Time: 09:00 – 17:00 (CET) 

          Location: Brussels, Belgium   

          Registration: Link

• AI Sweden Gathering forces for AI in municipalities and civil society 

          Date:   February 13, 2026 

          Time: 10:00 – 11:30 (CEST) 

          Location: Online 

          Registration: Link

• 2026 European Cybersecurity Certification Conference 

          Date:  April 15, 2026  

          Time: 8:30am to 5:00pm (CEST)  

          Location: Ayia Napa, Cyprus 

          Registration: Link