GRC Report Staff

Swedish authorities have recently delivered a long-awaited attempt at clarity on how health data can be used, shared, and governed. A government assignment launched in June 2025 asked the Swedish eHealth Agency and the Swedish Data Protection Authority to do something healthcare actors have been asking for repeatedly i.e., explain how the law actually works in practice when it comes to health data. That work is now complete, with the authorities submitting their final report this week to the Ministry of Health and Welfare.

After uncovering years of off-channel communications and discovery failures, the Financial Industry Regulatory Authority has fined Benjamin F. Edwards & Co. $750,000 and issued a formal censure, closing a case that traces back to supervisory gaps first exposed more than five years ago. The settlement centers on the firm’s failure to properly supervise, preserve, and review business-related text messages used by its registered representatives. It also addresses the firm’s failure to meet discovery obligations during a contentious FINRA arbitration tied to recruiting disputes.

The Cybersecurity and Infrastructure Security Agency has ordered federal civilian agencies to take a hard look at the devices sitting at the edge of their networks, and to remove any that can no longer be supported, as part of a broader push to reduce exposure to cyberattacks.

The European Commission has decided that Apple’s advertising service Apple Ads and its mapping service Apple Maps will not be brought under the scope of the EU’s Digital Markets Act, concluding that neither service currently plays a central role in connecting businesses with consumers across the bloc.

German competition regulators have taken one of their strongest steps yet against Amazon’s marketplace practices, curbing how the company can influence seller pricing and ordering it to hand back an estimated €59 million in gains tied to the conduct.

Italy’s competition watchdog has handed eDreams a €9 million fine after concluding that the online travel platform used manipulative design tactics to push customers into paid subscriptions and then made it unnecessarily hard for them to get out.

The rapid spread of generative artificial intelligence is testing Europe’s ability to keep innovation aligned with democratic values, according to a new vision published Tuesday by the Dutch Data Protection Authority.