Scrutiny of European Union's dependence on non-European cloud services is intensifying amid geopolitical tensions and rising cyber risk. U.S. hyperscalers control more than 70% of the EU cloud market, while European...more
1/21/2026
/ Cloud Computing ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Digital Operational Resilience Act (DORA) ,
EU ,
General Data Protection Regulation (GDPR) ,
Geopolitical Risks ,
Information Technology ,
International Data Transfers ,
Popular ,
Regulatory Requirements ,
Risk Management
The German Data Protection Conference (DSK) issued guidance on transfers of personal data to countries outside of the European Economic Area — so-called “third countries” — in the context of medical research. The guidance...more
Advocate General Medina issued a well‑reasoned opinion in Joined Cases C‑258/23 to C‑260/23 before the Court of Justice of the EU (CJEU) that may allow national competition authorities to seize business emails during dawn...more
11/12/2025
/ Antitrust Investigations ,
Bring Your Own Device (BYOD) ,
Competition Authorities ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Protection ,
Dawn Raids ,
Email ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Governance ,
Privileged Communication
On May 8, 2025, the Federal Labor Court Bundesarbeitsgericht (“BAG”) issued a significant ruling concerning an employee’s claims for damages due to unlawful data transfers within a corporate group. The BAG ruled that works...more
Country Status Legislation* Commentary Austria Available here Austria has submitted the “Network and Information Security Act” for Parliament’s consideration. It is anticipated that the “Network and Information Security Act”...more
The European Network and Information Security 2 Directive aims to mitigate threats to network and information systems and ensure the continuity of services in the event of cybersecurity incidents. Member States must pass...more