• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

Wim Nauwelaerts

Spanish DPA Releases Agentic AI Guidance

February 23, 2026 By Alice Portnoy and Wim Nauwelaerts

On 18 February 2026, the Spanish Data Protection Authority (Agencia Española de Protección de Datos or ‘AEPD’) published an 81‑page guidance document on the privacy aspects of AI systems operating as agents – commonly referred to as ‘agentic AI’. The guidance is aimed at companies that process personal data under the EU General Data Protection […]

Filed Under: AI Cybersecurity & Privacy, Artificial Intelligence (AI), European Privacy & Cybersecurity Tagged With: Artificial Intelligence, Data Protection, EU Data Protection, EU Privacy, GDPR Implementation

European Commission Publishes Guidance For Companies Implementing the EU Cyber Resilience Act

January 29, 2026 By Paul Greaves, Kelly Hagedorn and Wim Nauwelaerts

On December 3, 2025, the European Commission published its first set of technical FAQs on the EU Cyber Resilience Act (‘CRA’). The CRA is an EU-wide law which lays down cybersecurity requirements for ‘products with digital elements’ (‘PDEs’), including IoT devices, hardware components, and certain software.  It becomes fully applicable on December 11, 2027, with […]

Filed Under: Board Governance & Cyber Risk Management, European Privacy & Cybersecurity, Privacy & Cyber Regulatory Enforcement Tagged With: Cybersecurity, EU Privacy, EU Regulation

Spanish DPA Highlights Privacy Risks in GenAI Content Creation

January 19, 2026 By Alice Portnoy and Wim Nauwelaerts

Earlier this month, the Spanish Data Protection Authority (Agencia Española de Protección de Datos, or AEPD) issued new guidance on the privacy and data protection risks associated with uploading images or photos – whether directly or indirectly identifying individuals – into generative AI tools. The guidance is particularly focused on situations where those images are […]

Filed Under: AI Cybersecurity & Privacy, Artificial Intelligence (AI)

How to Comply with the EU AI Act: Guidance from the Spanish AI Regulator

December 15, 2025 By Alice Portnoy and Wim Nauwelaerts

On December 10, the Spanish supervisory authority for the EU AI Act (Agencia Española de Supervisión de Inteligencia Artificial, or AESIA) published a set of 16 detailed guidelines and non-binding checklists (available online here in Spanish) designed to help companies navigate their obligations under the AI Act, which entered into force in August 2024. The […]

Filed Under: Artificial Intelligence (AI) Tagged With: Artificial Intelligence, European Union (EU), Spain

New EU Regulation Clarifies Cybersecurity Rules for IoT Devices and Other ‘Products with Digital Elements’

December 10, 2025 By Paul Greaves, Wim Nauwelaerts and Kelly Hagedorn

On November 28 2025, the European Commission adopted a regulation implementing the Cyber Resilience Act (‘CRA’) – an EU-wide law which lays down cybersecurity requirements for companies that design and sell ‘products with digital elements’. PDEs can take many forms including IoT devices, hardware components, and certain software. The CRA imposes cybersecurity obligations in connection […]

Filed Under: Privacy & Cyber Regulatory Enforcement Tagged With: Cybersecurity, EU Regulation, European Union (EU)

  • « Go to Previous Page
  • Page 1
  • Page 2
  • Page 3
  • Page 4
  • Interim pages omitted …
  • Page 13
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


RANSOMWARE FUSION CENTER
Click here to request access

THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up


Secondary Sidebar

Categories

Recent Posts

  • DROP Is Coming Due: What California’s Delete Act Means for Data Brokers in August
  • GSA Seeks Input on Revised AI Data Safeguarding Clause for Government Contracts
  • No Second Bite at the Apple for Accellion Plaintiffs: Judge Denies Motion to Modify Class Certification Order
  • Connected Vehicles Under the Spotlight: French DPA Issues Landmark Guidance on Vehicle Data Privacy
  • Five Eyes Issues Urgent Call to Action on AI-Driven Cyber Threats
Copyright © 2026 · Alston & Bird · All Rights Reserved. Privacy.