SypherPrivacyTalks - March 2025 - Week 12

Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.

EU abandons ePrivacy, AI liability reforms as bloc shifts focus to AI competitiveness

techcrunch.com • 8 min read 

❌ The European Commission has withdrawn its 2017 proposal for an ePrivacy Regulation, citing "no foreseeable agreement" between lawmakers. The proposal, which would have modernised online tracking rules and aligned penalties with GDPR, faced intense lobbying from tech giants and telecoms companies. 
While the original ePrivacy Directive remains enforceable (as evidenced by recent fines against Google and Meta), the Commission now points to the Digital Services Act as providing some overlapping protections. The EU's 2025 work programme shifts the focus to economic growth through AI innovation, rather than expanding privacy regulation… read more

Latest GPAI Code of Practice draft kicks off lobbying fight

euractiv.com 3 min read

📃The third and final draft of the EU General-Purpose AI Code of Practice has been published, entering its last consultation phase. This updated version features refined commitments and implementation measures, emphasizing transparency, copyright compliance, and enhanced risk assessment protocols for providers of AI models deemed to pose systemic risks… read more

AI & the workplace: Navigating prohibited AI practices in the EU

twobirds.com • 7 min read

👷‍♀️Article 5 of the EU's AI Act (February 2025) prohibits eight high-risk AI practices. The Commission's new Guidelines, though not yet formally adopted, provide crucial interpretation of these prohibitions and their exceptions. Employers must audit systems, vet vendors, implement safeguards, and ensure broader regulatory compliance. Violations face penalties up to €35 million or 7% of global turnover… read more

Podcast: Compliance considerations for consumer tech

inquisitiveminds.bristows.com • 14 min listen

🛍️ On this episode of The Roadmap, experts explore recent consumer technology regulations from both the EU's Product Liability Directive and the UK's Digital Markets, Competition and Consumers Act. They break down the key provisions, implementation timelines, and offer practical advice on compliance measures businesses should begin preparing now. 
The EU's Product Liability Directive and the UK's Digital Markets, Competition and Consumers Act both have implications that overlap with data protection... listen to the podcast

NIS2: A game-changer for senior management and boards

williamfry.com • 5 min read

🚨 The EU's NIS2 Directive shifts responsibility and oversight of cybersecurity from IT departments to boardrooms, making directors and senior management directly responsible for security measures in critical sectors. Non-compliance risks substantial penalties including personal liability for directors, and potential management bans. To comply, boards must implement formal training, proper delegation, regular security reviews, and foster organization-wide security awareness.… read more

--

Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.

Photo by Steve Johnson on Unsplash