AI liability and data sovereignty under scrutiny
by Sypher | Published in News - September 01, 2025
Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.
European parliament study recommends strict liability regime for high-risk AI systems
covingtonblogs.com • 4 min read
🤖 The European Parliament has proposed a strict liability regime for high-risk AI systems. Unlike existing EU rules, it would hold providers and deployers automatically responsible for any harm caused by their AI - no excuses. For privacy and compliance teams, this highlights the EU's growing focus on accountability and risk management, with liability potentially sitting alongside obligations under the AI Act and GDPR… read more
More AI-related news:
- Global AI Regulatory Update - August 2025, by Eversheds Sutherland.
- European Commission launches public consultation and call for feedback on Strategic Roadmap for digitalisation and artificial intelligence in the energy sector.
Microsoft says U.S. law takes precedence over Canadian data sovereignty
digitaljournal.com • 6 min read
🛡️ At a French Senate hearing, Microsoft admitted that it cannot guarantee that data stored in the EU or Canada is safe from access by the U.S. government. Under the CLOUD Act, US authorities can compel US tech firms to hand over data, regardless of where it is stored. This raises significant data protection and privacy concerns, calling into question Canada’s ability to safeguard sensitive information and sovereignty… read more
Romanian DPA publishes annual report for 2024
dataprotection.ro • 3 min+ read
Romania’s National Supervisory Authority for Personal Data Processing (ANSPDCP) has recently published its 2024 activity report, which summarises its work across the following key areas: public consultation and advice; monitoring and enforcement; international cooperation; and internal management.
The Authority received 5,354 complaints and security incident reports, leading to 476 investigations and 83 fines totalling 1.86 million RON (approximately 367,000 EUR). The Authority also managed 173 court cases and reviewed 40 Binding Corporate Rules (BCRs) for international data transfers, reflecting its ongoing role in enforcing data protection and privacy compliance ... read more
NOYB win in Austria: YouTube ordered to honor user’s right of access
🧑⚖️ After more than five years, Austria’s data protection authority has ruled in favor of NOYB, ordering YouTube to fulfill an Article 15 GDPR access request. The platform had previously withheld key details, such as processing purposes, retention periods, data recipients, and tracking cookie use… read more
Data security wake-up call: How modern cyberattacks are redefining privacy and compliance
securityinfowatch.com • 7 min read
💣 Cloud intrusions increased by 136% in 2025. Attackers now use stolen credentials instead of malware, making zero-trust, identity security and real-time data visibility critical for privacy and compliance… read more
--
Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.
Photo by Aidin Geranrekab on Unsplash
