GRC Report Staff

In a notice circulated to trade associations, the Italian Data Protection Authority has said that hotels, bed and breakfasts, and guesthouses must not retain photocopies or digital images of guests’ identity documents beyond the time needed to transmit required information to public security authorities. The clarification comes as the regulator reports a rise in complaints and personal data breaches in recent months.

The question has been circling European policy circles for years, but at BRIDGE 2026, it was brought into sharper focus. Are the very regulations designed to safeguard rights and build trust also making it harder for Europe to innovate?

The U.S. Department of the Treasury is cautioning financial institutions about growing sanctions exposure linked to China’s independent “teapot” oil refineries, underscoring their continued role in importing and refining Iranian crude.

The European Commission and the European Data Protection Board (EDPB) recently confirmed that they will begin joint work to develop guidance on how competition laws and data protection interact. The effort is aimed at clarifying how each body of law applies in situations where their boundaries blur, an increasingly common reality in a data-driven economy.

Italy’s antitrust regulator has handed down more than €23 million in fines to three of the country’s leading snack manufacturers, concluding that they coordinated their behavior in a market-sharing arrangement that limited competition in the private label sector.

The European Commission is turning to how artificial intelligence operates on mobile devices, unveiling preliminary measures that could force Google to open up key parts of its Android ecosystem to rival AI services.

The Financial Conduct Authority is asking ESG rating providers to help shape the future of regulation in the sector, launching a voluntary reporting pilot aimed at testing how forthcoming disclosure requirements might work in practice.