When AI Automates Hacking – Mythos, EU Cybersecurity Laws and Dangerous AI Models

Modern AI models like “Mythos” – powerful generative systems effective at hacking – pose new cybersecurity challenges. Putting aside the rumours that dramatic announcements may be just a PR stunt, it seems that these…

Regulating the AI Boom: Is the EU Getting It Right?

The 2026 AI Index Report opens with a stark observation: artificial intelligence is advancing faster than the systems designed to govern it. This widening gap—between capability and control frames the global regulatory debate. Nowhere is that…

From Cyber Power to Regulatory Minimalism: The Consolidation of “America First” in AI and Cyberspace: An EU perspective on the second phase of the Trump administration’s digital strategy

The release of the National Policy Framework for Artificial Intelligence: Legislative Recommendations marks a…

America First in Cyberspace: An EU Perspective on Trump’s 2026 Cyber Strategy

The publication of Trump’s Cyber Strategy for America (March 2026) marks a decisive return to a muscular, sovereignty-driven conception of cybersecurity and technological power. The document is rhetorically forceful,…

No. Thanks for sharing!

The EU’s Digital Omnibus and the Promise of Compliance Synergies

The European Commission’s Digital Omnibus package, published on 19 November 2025, has been described alternately as simplification, deregulation, and strategic recalibration. A recent European Parliament study, A Digital Omnibus:…

Digital Networks Act: Misconceptions about Net Neutrality Explained

The newly proposed Digital Networks Act (DNA), which I briefly covered in this blog post, has raised concerns that it negatively impacts net neutrality. It does not. I will briefly try to explain why in some fairly simple steps.…

The Digital Networks Act: Is Europe’s Reset Ambitious Enough?

On 21 January 2026, the European Commission tabled its proposal for a Digital Networks Act (DNA)—a sweeping reform of EU electronic communications law intended to complete the single market for connectivity, accelerate the transition to…

Cybersecurity Act 2: Towards a Systemic, Geopolitical, and Supply-chain–oriented Understanding of Cyber Risk in the EU’s Next Cybersecurity Framework

In January 2026, the European Commission presented its proposal for a revised Cybersecurity Act—commonly referred to as Cybersecurity Act 2 (CSA2).…

Understood. But from the legal perspective this seems very indicative. I correct my comment to 'potentially'...

Interesting. If I understand correctly, this is proof that - cobtrary to what is claimed - training does memorize ans therefore break copyright.

Understanding ChatGPT Health: GDPR Compliance and AI Implications

Intro On January 7 ChatGPT announced its ChatGPT Health Service - “a dedicated experience in ChatGPT designed for health and wellness.” The service, which is not yet available in the EU, is meant to: securely connect medical records…

The EU’s Digital Omnibus: A Reversal of EU Data Protections

Europe’s digital regulatory environment is undergoing its most ambitious streamlining effort to date. We have already written in this blog about the first leaked draft of the data reform and the AI part of the Omnibus (see here and here).…

The EU’s Digital Omnibus on AI: A New Phase of Simplification for the AI Act

On November 19, 2025, the European Commission published a substantial proposal to adjust and streamline the implementation of the EU Artificial Intelligence Act (AI Act). Known as the Digital Omnibus on AI, this new…

EU’s Digital Omnibus: Major Data Protection Changes Explained

The European Commission’s leaked “Digital Omnibus” proposal — an internal draft of amendments to the GDPR and ePrivacy Directive — signals the most significant shake-up of Europe’s data protection framework since 2018. While framed as a…

The Data-Driven Home: How the EU Is Rethinking Privacy in Smart Homes

Note: This is a very brief summary of some of the findings of the research project funded by Independent Research Fund Denmark entitled "The Data Driven Home: A Study of the Socio-Material and Legal Construction of the 21st…

🚨New Edition! EU Internet Law: Fourth Edition by @andrejsavin.bsky.social

New insights on Internet regulation, AI, GDPR, platform law & more.

🔗Read free chapter: doi.org/10.4337/9781...

🛒Shop print version:
www.e-elgar.com/shop/isbn/97...

#InternetLaw #EULaw

Beyond the AI-copyright wars: towards European dataset law? The advent of generative AI raises profound questions about the ownership not only of data but also of data sets. European law has, in the main, sough…

Stina Teilmann and I have just published an article where we explore the idea that something we tentatively call "data set law" is a better option for fighting AI copyright infringements at scale than regular copyright tools. Full article here:
www.sciencedirect.com/science/arti...

EU Internet Law ‘Already after reading the Preface it is apparent how profound the insights of Savin are in the area of internet law. The richness is continued in the remainder of the book that covers all main areas ...

The fourth edition of my EU Internet Law is out now. Available at Elgar: www.e-elgar.com/shop/gbp/eu-...

Data Protection Commission The Irish Data Protection Commission has today announced its final decision following an Inquiry into TikTok Technology Limited (“TikTok”).

Irish Data Protection Commission fines TikTok €530 million and orders corrective measures following Inquiry into transfers of EEA User Data to China.

I wrote a compact article for International In-House Counsel Journal aimed to help companies identify whether the AI Act applies to them. I find both EU and foreign companies generally confused about whether the Act applies to them. This is meant to help.

EU fines Apple €500M and Meta €200M for breaking Europe’s digital rules The highly anticipated penalties are the first to be issued under the bloc’s Digital Markets Act.

www.politico.eu/article/eu-f...

Google ad antitrust ruling

The US Department of Justice wins its antitrust case against Google. www.documentcloud.org/documents/25...

Commission sends preliminary findings to Alphabet under the Digital Markets Act Today, the European Commission sent two sets of preliminary findings to Alphabet for failing to comply with the Digital Markets Act (DMA), regarding two services for which it has been designated as a

Google in breach of #DMA: European Commission sends preliminary findings to Alphabet under the Digital Markets Act:
- Google Search treat Alphabet's own services more favourably to rivals
- App developers are prevented from freely steering consumers to other channels
ec.europa.eu/commission/p...

Why the internet still needs Section 230 Sen. Ron Wyden on the birth of a foundational speech law.

Senator Ron Wyden explaining how Section 230 came to be. Important reading in light of bipartisan calls to change it.
www.theverge.com/policy/62632...

A refusal by an undertaking in a dominant position to ensure that its platform is interoperable with an app of another undertaking, which thereby becomes more attractive, can be abusive, says #CJEU, killing Bronner line of cases. curia.europa.eu/jcms/upload/...

Thomson Reuters Wins First Major AI Copyright Case in the US The Thomson Reuters decision has big implications for the battle between generative AI companies and rights holders.

www.wired.com/story/thomso...

papers.ssrn.com/sol3/papers....

US VP Vance challenges Europe's 'excessive regulation' of AI Trump's VP on Tuesday warned global leaders and tech industry executives that too much control could cripple the rapidly growing artificial intelligence industry in a rebuke to European efforts to cur...

Actually, no. Lack of venture capital, fragmented markets and arcane bankruptcy laws kills the AI. Regulation has almost no effect.

Apple ordered to open encrypted user accounts globally to UK spying The secret order would give the UK access to encrypted backups belonging to any user — not just Brits.

Do we even need to discuss how idiotic the UK request is?