%20(A2%20(Landscape))%20(6).png)
EU Level
AI Act moves from text to tooling: The Commission published a first draft Code of Practice for marking and labelling AI-generated content (AI Act Article 50). Feedback is open until 23 January 2026 and the transparency obligations kick in 2 August 2026.
GDPR pressure on ad personalisation increases: Austria’s Supreme Court ruled Meta’s personalised advertising model unlawful, strengthening the direction of travel on consent, sensitive data, and user access rights.
Sweden Level
NIS2 becomes a real start date: The government issued the new cybersecurity law and ordinance. It enters into force 15 January 2026, with clearer supervisory roles and hard requirements on measures and significant incident reporting.
GDPR clarity on camera-based collection: IMY highlights an EU-court clarification tied to SL body cameras: Article 13 applies when personal data is collected directly via observation (like body cams). That implies immediate information, and the exception space is narrow.
%20(A2%20(Landscape))%20(4).png)
%20(A2%20(Landscape))%20(5).png)
%20(A2%20(Landscape))%20(7).png)
