EDPB Issues GDPR Blockchain Processing Guidelines and Plans AI Act Collaboration: On 14 April 2025, the European Data Protection Board adopted draft guidelines to help organizations process personal data through blockchain technologies in compliance with the GDPR. The guidelines explain blockchain architectures and emphasize embedding technical and organizational safeguards at the design stage, clarifying the roles and responsibilities of all participants and recommending Data Protection Impact Assessments for high-risk processing. They also caution against storing personal data directly on chains, provide practical techniques for data minimization and handling, and reinforce individuals’ rights to transparency, rectification and erasure. Open for public consultation until 9 June 2025, the draft was adopted alongside a commitment by the EDPB to cooperate with the EU AI Office on forthcoming guidance integrating the AI Act with EU data protection law. 
 
EDPB’s 2024 Annual Report: Strengthening Data Protection in a Changing Digital Landscape: On 23 April 2025, the European Data Protection Board published its 2024 Annual Report detailing its key achievements and milestones from the past year. It adopted a new 2024–2027 strategy to enhance harmonization, consistent GDPR enforcement and cross-regulatory cooperation, while issuing eight Article 64(2) consistency opinions on subjects such as Consent-or-Pay models, facial recognition at airports and AI training data, and releasing four new guidelines on legitimate interest and third-country data transfers to support compliance. The report highlights extensive stakeholder engagement through public consultations, focused events and broader outreach to non-expert audiences, including the launch of a multilingual Data Protection Guide for Small Business available in 18 languages. Finally, it underscores the EDPB’s proactive role in aligning GDPR enforcement with emerging digital legislation, such as the Digital Markets Act, Digital Services Act, AI Act, Data Governance Act and Data Act, to safeguard personal data in a rapidly evolving digital environment 
 
EU Regulator Fines TikTok €530 Million for Unauthorized Data Transfers to China: On May 2, 2025, Ireland’s Data Protection Commission imposed a €530 million fine (approximately $570 million) on TikTok for unlawfully transferring European users’ personal data to China without ensuring GDPR-equivalent safeguards. The DPC found that TikTok failed to demonstrate that data accessed remotely by China-based staff was protected to the high standard required under EU law and ordered all such transfers suspended within six months unless full compliance is achieved. TikTok strongly contested the decision, arguing it relied on standard contractual clauses, has since invested €12 billion in its “Project Clover” data-localization program, has never provided EU user data to Chinese authorities, and intends to appeal. This marks the company’s second major GDPR penalty by the Irish regulator, following a €345 million fine in 2023 over children’s data breaches, underscoring intensifying EU scrutiny of global tech firms’ cross-border data practices. 

Sweden Proposes Unified Framework to Bolster Commercial Radio Sustainability: On 30 April 2025, the Swedish government submitted Proposition 2024/25:164 to amend the Radio and TV Act, aiming to secure the long-term viability of commercial radio by bringing analog and digital services under a single legal framework. The bill replaces the current tender process with a selection procedure, introduces a new fee model for analog broadcasting licenses, and aligns most technical and content requirements across both platforms. It also clarifies broadcasters’ obligations to promote diverse programming and maintain stable market conditions. These measures are slated to take effect on 15 November 2025, ensuring listeners enjoy a broad and sustainable range of radio offerings.

Nokia and Bittium Unveil Hybrid 4G/5G Battlefield Communications Network: Finnish Defense Forces participated in a demonstration by Nokia and Bittium showcasing a hybrid tactical communications network that integrates Bittium’s software-defined radio systems with Nokia’s military-grade 4G/5G Banshee Mobile Radio and Tactical Radio equipment to form secure 4G/5G bubbles for mission-critical environments. The exercise highlighted seamless interoperability between legacy radio platforms and next-generation mobile networks, delivering real-time data and high-definition video alongside voice via the Bittium Tough VoIP Service. Demonstrated use cases included cross-terminal voice delivery and situational awareness applications on Bittium Tough Mobile2 smartphones as well as vehicle-to-command communication over the Bittium TAC WIN waveform. Set against rising defense tensions in Europe, this collaboration underscores Nokia’s strategic expansion into the defense sector and marks a milestone in delivering secure, resilient battlefield connectivity. 

Amazon and ULA Launch First 27 Satellites for Project Kuiper Broadband Constellation: On April 28, 2025, a United Launch Alliance Atlas V rocket successfully deployed the first 27 low-Earth orbit broadband satellites for Amazon’s Project Kuiper, marking the start of its full-scale constellation rollout. This launch from Cape Canaveral initiates a launch cadence in which ULA will deliver over half of the roughly 3,200 satellites using Atlas V and upcoming Vulcan rockets under what is billed as the world’s largest commercial launch agreement. Amazon has already established contact with all 27 satellites and plans further launches with Arianespace, Blue Origin and SpaceX before offering broadband service later this year. The collaboration underscores Amazon’s strategic push into the space communications sector and its ambition to extend fast, reliable internet to underserved communities globally. 

Enhancing AI Reliability with Vertex AI Prediction Dedicated Endpoints: Google Cloud has introduced Vertex AI Prediction Dedicated Endpoints to provide a reliable foundation for AI applications, especially those involving large-scale generative models. These endpoints offer dedicated resources to ensure consistent performance, support for streaming inference, gRPC protocol, and customizable request timeouts. Designed to address the unique challenges of large model deployments, these features help developers build robust AI solutions with improved resource isolation and efficiency.  

AI Sweden and Almi Launch Knowledge-Sharing Initiative on AI Act: AI Sweden and Almi have launched a joint initiative to help Swedish organizations understand and prepare for the EU’s AI Act, which came into effect in August 2024. This initiative includes six video sessions that provide crucial information and practical insights into the AI Act, covering topics such as AI law, risk classification, and the roles and responsibilities of various actors. The collaboration, supported by experts from PwC Sweden, Scania, and the Swedish Authority for Privacy Protection (IMY), aims to enhance understanding of the AI regulatory framework across Sweden.  

EU Call for Tenders: Technical Assistance for AI Act Compliance and Safety: The European Commission has issued a call for tenders to provide technical assistance for the AI Act, focusing on monitoring compliance and assessing risks posed by GPAI models. The tender is divided into six lots, addressing specific systemic risks such as CBRN risks, cyber offense risks, loss of control risks, harmful manipulation risks, and sociotechnical risks. This initiative aims to support the AI Office in ensuring AI safety and regulatory adherence across the Union.

ENISA Addresses Disinformation on Recent Power Outage and Alleged Cyberattacks: The EU Agency for Cybersecurity (ENISA) has identified disinformation circulating on social media and messaging apps, falsely linking ENISA to a power outage in Southern Europe and an alleged cyberattack on European banks. National authorities are still investigating the causes of the power outage, and disinformation campaigns will be scrutinized in due course. ENISA urges the public to remain vigilant and to verify information through official sources. 

Proactive Hardening Recommendations Against UNC3944 Threats: UNC3944, a financially motivated threat actor known for social engineering and ransomware attacks, has targeted various industries including telecommunications, financial services, and retail. Google Threat Intelligence Group (GTIG) provides proactive hardening recommendations to protect against UNC3944’s tactics, focusing on identity, endpoints, applications, network infrastructure, and monitoring. Organizations are advised to implement these measures to enhance security and mitigate risks associated with UNC3944’s evolving strategies.  

Airborne: Critical Vulnerabilities in Apple AirPlay Protocol: Oligo Security has identified a set of vulnerabilities in Apple’s AirPlay protocol and SDK, termed ”Airborne,” which includes zero-click and one-click remote code execution (RCE) exploits. These vulnerabilities allow attackers to bypass access controls, read arbitrary files, and execute man-in-the-middle (MITM) attacks, potentially compromising billions of Apple and third-party devices. Apple and Oligo have collaborated to address these issues, releasing updates to mitigate the risks and protect users.  

2025 EUIPO Examination Guidelines for Designs Reform: The latest edition of the EUIPO Examination Guidelines for registered European Union designs entered into force on May 1, 2025. This update reflects the first phase of legislative reform introduced by Regulation (EU) 2024/2822, including changes in terminology, elimination of certain filing options, and modifications to entitlement proceedings. The reform aims to modernize design protection, improve accessibility, and enhance legal certainty for creators and businesses across Europe. 

Apple Ordered to Pay $502 Million to Optis in UK Patent Dispute: A UK court has ruled that Apple must pay Optis $502 million as a lump sum in a patent dispute. The case revolves around Apple’s infringement of Optis’ patents related to wireless technology. This decision marks a significant financial and legal outcome for Apple in its ongoing patent battles. 

Louis Vuitton Wins $30 Million Over Online Knock-Off Products: A Florida federal court has awarded Louis Vuitton $30.7 million after finding that dozens of websites were selling counterfeit versions of the luxury brand’s products. The court’s decision includes a default final judgment against at least 51 websites, blocking them from selling infringing products and transferring their domain names to Louis Vuitton’s control. This ruling marks a significant victory for Louis Vuitton in its efforts to combat online counterfeiting. 

Trump’s Escalating Tariff Timeline Sparks Global Retaliation: Since taking office, President Trump has repeatedly leveraged tariffs, from threatening 25% duties on Canada, Mexico and China on his first day to imposing sweeping “reciprocal” levies on nearly all trading partners, to plunge the United States into on-again, off-again global trade wars. He reignited hostilities by hiking steel and aluminum tariffs and targeting China with new 10–20% taxes, while using the threat of duties to renegotiate USMCA provisions, prompting retaliatory levies from Ottawa, Mexico City and Beijing. Despite temporary pauses and sector-specific exemptions such as for U.S. automakers, Trump expanded his tariff arsenal in March and April, announcing baseline 10% duties on almost all imports alongside steep, surplus-based surcharges for China, the EU, South Korea, Japan and Taiwan. 
 
Trump Proposes 100% Tariff on Foreign Films to ‘Save’ Hollywood: On May 5, 2025, President Donald Trump announced a 100% tariff on all foreign-made films entering the U.S., declaring that overseas tax incentives have driven the American movie industry to “a very fast death” and pose a national security threat. He directed the Commerce Department and U.S. Trade Representative to begin implementing the levy immediately, although neither he nor officials have specified how it would apply to streaming services or how duties would be calculated. The surprise move rattled media markets, dragging down shares of Disney, Paramount and other studios and provoked backlash from key production hubs in Australia, New Zealand and the UK, which vowed to defend their film industries. Industry experts warned the tariff could backfire by reducing global film output instead of repatriating productions and cautioned that retaliatory measures could further damage the U.S. movie business. 
 
EU Seeks €50 Billion US Purchases to Unlock Trade Deal, Urges Tariff Rollback: European Trade Commissioner Maroš Šefčovič told the Financial Times that the EU is making “certain progress” toward a trade agreement with the United States that would see the bloc purchase an additional €50 billion of American goods to address their persistent trade imbalance. He indicated that any deal would require the Biden administration to eliminate the 10 percent across-the-board tariffs on European imports imposed by former President Trump. Šefčovič said he has discussed options such as increased LNG and soybean imports with U.S. counterparts to bridge the deficit quickly, while cautioning that securing approval from all EU member states and the European Parliament would be challenging. The announcement comes after a series of volatile tariff actions, including a brief 20 percent reciprocal levy and its subsequent 90-day suspension, has left markets, governments and consumers alike confused and apprehensive about the path forward. 

• 8th E.DSO/EE-ISAC/ENCS/ENISA Cybersecurity Forum 

Date: Oct 30,2025 

Time: 12:00 am – 11:59 pm 

Location: Stanhope Hotel, Brussels, Belgium 

Registration: Link 

• Annual Privacy Forum (APF) 2025 

Date:  Oct 22 – 23, 2025  

Time: 9:30 am – 4:30 pm 

Location: ExCeL London, UK 

Registration: Link 

• IMY Webinar on Regulatory Sandbox and Generative AI Guidelines 

Date: May 16, 2025 

Time: 9:00 am – 10:00 am 

Location: Online

Registration: Link