IT Security & Privacy

Picture this, it’s 2024, and the EU has just dropped a new bombshell in the world of cybersecurity. It’s called the NIS2 Directive, and while its name might not scream "party," it’s definitely something organizations need to pay attention to. For all the tech nerds and cybersecurity folks out there, this is more than just a new set of rules—it's a whole new way of doing business when it comes to securing networks, reporting incidents, and managing risk. But don’t worry, this article isn’t going to sound like it was written by a robot (unless, of course, that robot had an excellent sense of humor and personality). We’re diving into what NIS2 means, how it impacts AI, and what exactly you should be doing to stay ahead of the game. And spoilers, AI is going to be your best friend in this one.

The European Data Protection Board (EDPB) is stepping into the blockchain arena with new guidance aimed at helping organizations navigate the thorny intersection of distributed ledger technology and EU privacy law. In its April plenary, the Board officially adopted guidelines on the processing of personal data via blockchain, and signaled it’s ready to collaborate with the newly established EU AI Office on upcoming guidance around the AI Act.

The Commission Nationale de l'Informatique et des Libertés (CNIL) has just rolled out an ambitious strategy aimed at tackling the increasingly complex world of personal data protection. As digital spaces grow, data flows faster, and technology advances at a breakneck pace, the CNIL’s new plan for 2025-2028 aims to take the lead—not just in France or Europe, but globally—in safeguarding personal data.

Italy’s Personal Data Protection Authority (Garante) has launched an investigation into Lusha Systems, a US-based company that’s no stranger to controversy in the world of online data. Known for selling “enriched” contact details, including email addresses and phone numbers, Lusha’s services are accessible to users in Italy, though it seems some of the data within its platform might not be as straightforward as one would hope.

In March 2025, Oracle faced two major breaches, with its Cloud system exposing millions of records and its Health platform compromising patient data due to unpatched legacy servers exploited since January. The company’s delayed notifications and lack of transparency, despite allegedly knowing about the issues by February, have drawn sharp criticism and fueled distrust. The breaches have sparked widespread concern, prompting heightened oversight and discussions among key regulatory bodies.

X, the social media platform formerly known as Twitter, has always been a breeding ground for debates, discussions, and, lately, a fair amount of drama. Elon Musk, ever the spokesperson for the platform, recently warned about hackers trying to infiltrate the site. But it’s one thing to worry about abstract threats and quite another to find out that your personal data might be at risk because of a real and massive breach.

The Autorité de la concurrence, France’s competition watchdog, has slapped Apple with a hefty €150 million fine. The reason? Apple’s handling of its App Tracking Transparency (ATT) framework, which the French authority argues unfairly tipped the scales in favor of Apple, harming smaller players in the digital ecosystem.