Posts

Markdown is not just a formatting syntax. It represents a philosophy of digital independence, data portability, and long-term accessibility that aligns with the core principles of privacy and user empowerment.

In the final months of 2025 and early 2026, two independent studies highlighted significant vulnerabilities in WhatsApp’s metadata management. The University of Vienna and SBA Research demonstrated the ability to enumerate 3.5 billion accounts through the contact discovery mechanism, while Tal Be’ery (Zengo) showed how cryptographic key IDs allow inference of operating system, device type, and approximate session age. Meta has begun implementing fixes, but the privacy implications remain significant. This article analyzes the nature of metadata, WhatsApp-specific risks, and presents open source alternatives based on federated protocols such as XMPP and Matrix.

2025 closes with two publications that, read together, provide a comprehensive picture of the ongoing transformations in the online search sector. EPRS analyzes the macro-systemic impact on the open web, while Gartner focuses on the security risks of agentic browsers. The convergence of these perspectives reveals a transformation affecting online search as critical infrastructure, with implications for the digital market, data protection, cybersecurity, and the European regulatory framework.

On December 17, 2025, the European Commission publishes the first draft of the Code of Practice on the AI Act for marking and labelling AI-generated content. The document, structured in two sections dedicated to providers and deployers, establishes concrete rules to ensure transparency of deepfakes and synthetic content. Consultation open until January 23, 2026, with finalization expected by June 2026 and entry into force on August 2, 2026.

On December 9, 2025, the Council of the European Union agreed on an amendment to the EuroHPC regulation to create up to 5 AI Gigafactories. Complete analysis of the Cloud and AI Development Act and its three strategic pillars: research and innovation, data center investments, and European digital sovereignty.

On December 3, 2025, the European Commission announced the opening of Safer Internet Forum 2025, highlighting three fundamental pillars: DSA guidelines on protection of minors (July 14, 2025), age verification blueprint (July and October 2025), and first enforcement actions against platforms including Snapchat, YouTube, Apple App Store, and Google Play (October 2025). A comprehensive analysis of the European framework for child online safety.

DigComp 3.0 introduces substantial updates to address AI competence, cybersecurity, digital wellbeing, and misinformation challenges. With over 500 new learning outcomes, the framework guides digital skill development across the EU for citizens, workers, and students.

The Digital Omnibus Package introduces profound changes to GDPR and cookie rules: new consent exceptions, automated signals, and legitimate interest for AI training. Critical analysis of implications for privacy and fundamental rights.

On November 19, 2025, the European Commission published the Digital Omnibus on AI, a proposal to amend the AI Act introducing significant simplifications: flexible timelines, centralized governance at the AI Office, extension of privileges to mid-caps, and new rules on sensitive data processing for bias mitigation.

Guide to Legal Prompting techniques for legal professionals: from the anatomy of an effective prompt to advanced techniques (Chain-of-Thought, RAG), with a focus on GDPR compliance, hallucination risks, open source vs. cloud models, and best practices for law firms. Includes in-depth analysis of the limitations of RAG (Stanford Study 2025) and operational guidelines for the safe use of LLMs in the legal field.