EU Commission

Subscribe to EU Commission via RSS

On 20 January 2026, the European Commission proposed a new cybersecurity package, aimed at strengthening the EU’s cybersecurity resilience and capabilities. The package includes a revised Cybersecurity Act (“CSA“) and targeted amendments to the NIS2 Directive (see our blog post for further information on the amendments to the NIS2 Directive). The revised

Continue Reading EU Commission looks to strengthen EU Cybersecurity Resilience and Capabilities

The NIS2 Directive continues to evolve – and organisations must keep pace. On 20 January 2026, the Commission unveiled a set of targeted amendments to the NIS2 Directive (“the Proposal“), signalling the next phase of its push to modernise and streamline the EU’s cybersecurity legal framework.

Positioned within a broader legislative package, also

Continue Reading EU: NIS2 Update – EU Moves to Harmonise Cyber Controls, Refine Scope, and Add New In-Scope Entities

Over the last decade, the EU has launched an unprecedented constellation of laws: GDPR, the AI Act, the Data Act, NIS2, the Cyber Resilience Act, DORA, DSA, DMA, eIDAS 2.0 and more. Together – under the ‘Digital Decade’ banner – they aim to form a powerful framework to protect fundamental rights, promote trustworthy technology and

Continue Reading EU: Digital Autofocus – Will Europe’s Digital Omnibus bring clarity to Regulation? 

The European Commission has published its proposal for a new regulation simplifying the EU General Data Protection Regulation (“GDPR”) requirements for small mid-cap enterprises (“the Proposal“). The Proposal forms part of the European Commission’s Omnibus IV Simplification Package and comes after the European Data Protection Board (“EDPB”) and the

Continue Reading Europe: European Commission publishes proposal for simplification of the GDPR

The EU Data Act is one of the cornerstones of the EU’s Data Strategy and introduces a new and horizontal set of rules on data access and use to boost the EU’s data economy. Most of the provisions of the Data Act will become applicable as of 12 September 2025. To assist stakeholders in the

Continue Reading EU: Data Act Frequently Asked Questions answered by the EU Commission

Disclaimer: This article first appeared in the June 2024 issue of PLC Magazine, and is available at http://uk.practicallaw.com/resources/uk-publications/plc-magazine.

In order to capture the benefits of data-driven innovation, the EU and the UK are taking action to facilitate data sharing across various industries.

In the EU, the European Commission is investing €2

Continue Reading EU/UK: Data-Sharing Frameworks – A State of Play in the EU and the UK

On 11 March 2024, following an investigation, the European Data Protection Supervisor (EDPS) announced that the European Commission’s (Commission) use of a major software company infringes the data protection law for EU institutions, bodies, offices and agencies (Regulation (EU) 2018/1725). In particular, the EDPS found that the Commission had

Continue Reading Europe: EDPS finds that the European Commission has infringed data protection rules