The European Commission has confirmed that the Data Act will take effect on 12 September, rejecting industry calls for a two-year delay. The law regulates data sharing from connected devices and is seen as a key part of Europe’s digital strategy, though some companies warn it could slow AI innovation.
On 3 September 2025, cybersecurity agencies from the United States, Europe, Asia, and Oceania released joint guidance promoting Software Bills of Materials (SBOM) as a tool for improving transparency in software supply chains. The document highlights how SBOMs can help organizations manage vulnerabilities, strengthen risk management, and support secure-by-design practices across critical sectors.
After the General Court dismissed a challenge to the EU-US data transfer deal, Max Schrems and his group NOYB warned that the agreement is little more than a repeat of past unlawful frameworks.
The Court rejected arguments that US safeguards are insufficient, ruling that the newly established Data Protection Review Court is independent and that American intelligence agencies’ data collection practices meet EU standards when subject to judicial review.
The FTC and Utah have taken action against Pornhub’s operator, Aylo, for failing to stop child sexual abuse and nonconsensual content on its sites. Under a proposed settlement, Aylo must overhaul its content safety systems, verify user consent, and pay $5 million in penalties.
France’s CNIL fined Google €325 million for showing Gmail ads without consent and setting cookies improperly during account creation. The ruling affects tens of millions of French users and requires Google to change its practices or face further penalties.
Disney will pay $10 million settlement for allegedly mislabelling children’s videos on YouTube, allowing data collection without parental consent. The FTC settlement requires stricter compliance and improved video labelling or age verification.
The SCO Tianjin Declaration emphasised cyber sovereignty, inclusive AI development, global cybersecurity norms, and stronger cooperation in the digital economy.
Senator Josh Hawley launched an investigation into Meta’s AI practices.
Oversight, transparency, and penalties for non-compliance form the backbone of Pakistan's AI cybersecurity strategy.
Civil Society Alliances for Digital Empowerment (CADE) is a project co-funded by the European Union.
