EU
AI Act
The Commission published the Code of Practice on marking and labelling of AI-generated content. The code is a voluntary tool to guide providers and deployers of generative AI systems in complying with the AI Act's transparency obligations, including marking AI-generated content and disclosing the artificial nature of images, audio (including deepfakes) and text under Article 50.
GDPR
At its plenary on 10 June, the EDPB adopted a common data breach notification template to harmonise incident reporting across all EU data protection authorities, aimed particularly at reducing time and costs for smaller organisations without dedicated DPOs. The template is open for public consultation until 5 August 2026. The Board also met with Commissioner McGrath, where the Digital Omnibus was among the key topics discussed.
NIS2 / Cybersecurity
ENISA ran the 8th edition of the Cyber Europe exercise on 10–11 June, focused on cyber preparedness and continuity of essential services in the European rail and maritime sectors — both NIS2 subsectors of high criticality.
DMA
Apple announced that its Siri AI will be delayed in the EU due to the Digital Markets Act, a move that has visibly irritated the European Commission. Not an official EU action, but the most significant DMA development of the week, feeding the broader debate on gatekeepers withholding features in the EU.
Sweden
AI
IMY published a report examining companies' responsibility for personal data when working with AI applications. The report establishes that the controller/processor role depends on the degree of influence the company has over the processing of the data when fine-tuning AI applications.
%20(A2%20(Landscape))%20(11).png)