EU
GDPR
EDPB launched a dedicated form for stakeholders to report inconsistencies in GDPR interpretation across national DPAs or between a DPA and the EDPB. Submissions feed into Board-level discussions but receive no individual response. Part of the Helsinki Statement commitments on enhanced consistency.
EDPB published an updated One-Stop-Shop case digest on the right to object and right to erasure, covering hundreds of new OSS decisions since the original publication. It maps the most frequent infringements and corrective measures, covering cases such as objections to direct marketing and account/profile deletion requests.
NIS2
The European Commission awarded €5.8 million to establish two Regional Cable Hubs — one in the Baltic Sea (coordinated by Finland, including Sweden) and one in the Mediterranean — and launched a separate €40 million CEF Digital call for submarine cable repair capacity. The move operationalises the EU Cable Security Action Plan under the NIS2 infrastructure resilience framework. Proposals accepted until 8 October 2026.
Sweden
NIS2
FRA/NCSC published new security-measure regulations under the Swedish Cybersecurity Act (NIS2 transposition), effective 1 October 2026. The prescriptions define concrete requirements for: management training, incident and continuity handling, security in development and outsourcing, personnel and physical security, and systematic governance. From 1 July 2026, all NIS2 regulatory responsibilities transfer from MCF to NCSC at FRA.
%20(A2%20(Landscape))%20(11).png)