Europe draws new lines: Digital sovereignty steps up

Welcome to #SypherPrivacyTalks - your data protection, governance and compliance weekly roundup. Bringing you the top stories of the week.

Netherlands blocks U.S. acquisition of cloud provider, signaling heightened focus on EU digital sovereignty

jonesday.com • 3 min read

🛡️ The Dutch government blocked US Kyndryl’s bid for Dutch cloud services provider Solvinity, signalling that deals involving cloud infrastructure will now be subject to far stricter sovereignty‑driven scrutiny. Compliance teams should treat this development as an increasing governance and data protection risk in EU transactions… read more

When is AI “High-Risk” under the EU AI Act? Key takeaways from the Commission’s Draft Guidelines

eversheds-sutherland.com • 5 min read

🏛️ The Commission’s draft guidelines clarify that the classification of AI systems as ‘high‑risk’ under the EU AI Act depends less on their technical capabilities and more on their intended and realistic expected use, a shift that forces organisations to align the design, documentation and deployment of these systems more closely… read more

Experts from eight European countries debated the impact of the GDPR on access to the archives of communism

mediafax.ro • 2 min read

📜 A cross‑European panel in Bucharest has met to examine how GDPR constraints shape access to communist‑era secret‑police archives, highlighting the ongoing tension between privacy protection and historical transparency… read more (article in Romanian)

Bots, borders and Brussels: the EU AI Act and Gibraltar

gibraltarlawyers.com • 3 min read

☝️ Gibraltar warns that the EU AI Act’s extraterritorial reach mirrors GDPR, meaning even non‑EU businesses using or supplying AI into Europe may face full compliance duties, with recent cases showing how careless use of tools like ChatGPT can even waive legal privilege… read more

Unicredit Romania fined €12,000 after disclosing clients’ mortgage property details

startupcafe.ro • 3 min read

💶 Romania’s data‑protection authority has fined Unicredit €12,000 after erroneous notifications exposed clients’ names, addresses, purchase value and other details of mortgaged properties. A reminder that basic processing errors can still lead to costly GDPR breaches… read more (article in Romanian)

--

Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.