Posts

AI Act regulatory sandbox tra obbligo normativo e vuoto attuativo

AI Act: i regulatory sandbox tra obbligo normativo e vuoto attuativo

Ad agosto 2025, solo uno Stato membro su ventisette disponeva di un AI regulatory sandbox operativo. Analisi critica delle sfide strutturali — design, frammentazione, timing — e del rischio di sandbox shopping, con le fonti del documento EPRS PE 785.673 e il collegamento al modello ibrido di enforcement dell’AI Act.

AI Act enforcement ibrido tra norme e realtà

AI Act: il modello di enforcement ibrido tra norme e realtà

A marzo 2026, solo 8 Stati membri su 27 hanno designato i propri punti di contatto unici ai sensi dell’art. 70 dell’AI Act. Un’analisi critica del modello ibrido di enforcement, del confronto strutturale con il GDPR e delle implicazioni del Digital Omnibus su AI.

EU Council sanctions three entities and two individuals for cyber-attacks against Member States

On 16 March 2026 the EU Council adopted restrictive measures against Integrity Technology Group, Anxun Information Technology and Emennet Pasargad. A legal and systemic analysis of the EU cyber sanctions regime.

Copyright and generative artificial intelligence

Copyright and Generative AI: The European Parliament's Resolution Between Principles and Operational Gaps

The European Parliament adopted Resolution P10_TA(2026)0066 on copyright and generative AI on 10 March 2026. A critical analysis of its commendable principles and the operational gaps the Commission is now called upon to fill.

ePrivacy 2022–2026: From the Withdrawal of the Proposal to the CSAM Derogation Extension and the CSAR Trilogues

From the withdrawal of the ePrivacy Regulation proposal to the second extension of the CSAM derogation approved by the European Parliament on 11 March 2026, through to the ongoing CSAR trilogues: a systematic update four years after the 2022 article.

Digital Omnibus on AI - European Parliament Draft Report

Digital Omnibus on AI: the European Parliament Rewrites the Commission's Rules

Comparative analysis of the IMCO-LIBE Draft Report PE782.530 (rapporteurs Kokalari and McNamara) against the Commission’s proposal COM(2025) 836: fixed deadlines replacing discretionary mechanisms, AI literacy obligation maintained on providers and deployers, strict necessity standard for sensitive data processing, presumption of conformity with the Cyber Resilience Act, and data protection authorities’ involvement in regulatory sandboxes.

From paper to artificial intelligence: the invisible weight of our choices

The hidden cost of digital

While shredding old paper documents, I began reflecting on the real impact of our technological choices. From paper to digital, from data centers to artificial intelligence: we have replaced a visible impact with an invisible one. This is not an alarmist article, but an honest reflection on awareness, responsibility, and illusions.

Data Protection Day 2026: 45 Years of Convention 108 and the Challenge of Staying Vigilant

On 28 January 2026, we celebrate Data Protection Day, the anniversary of Convention 108. Between GDPR revision proposals, simplification measures, and new technologies, personal data protection requires constant vigilance. An analysis of current challenges supported by empirical data and institutional sources.

Gemini Protocol - A minimalist alternative to the web

Gemini Protocol: A Human-Centric Alternative to the AI-Driven Web

An in-depth analysis of the Gemini protocol: its origins in 2019, the reasons behind its creation, technical overview, advantages and disadvantages, and why having a Gemini capsule might be worthwhile for privacy advocates.

Visual representation of deepfake and digital identity concept

The Danish Approach to Deepfakes: Can Copyright Protect Digital Identity?

Denmark has proposed amending its copyright law to introduce new personality rights against AI-generated deepfakes. An analysis of the opportunities and risks of this innovative regulatory approach, with a look at the implications for the European debate.