The Italian Data Protection Authority (the Garante) issued a decision that significantly expands the right of access by former employees to their work related emails putting companies at risk of the disclosure of considerable trade secrets and confidential information. While the ruling reinforces the right of access under Article 15 GDPR, it also creates a difficult — and potentially risky — scenario for businesses handling corporate email accounts.
The European Commission has just published for feedback its long-awaited draft guidance to assist companies in applying the Cyber Resilience Act (CRA), a landmark EU regulation aiming to strengthen cybersecurity across the digital product landscape.
AI liability under the Defective Products Directive will fundamentally change the legal framework for software and artificial intelligence in the European Union from 9 December 2026. Directive (EU) 2024/2853 introduces a clear and disruptive principle: software and AI systems are products for the purposes of strict liability.
On 17 September 2025, the Italian Senate approved a landmark law on artificial intelligence (AI), making Italy the first EU country to enact a national law specifically regulating AI while aligning with the EU AI Act.
Creating an AI committee within a company’s governance framework on the usage of artificial intelligence is no longer a luxury, it is a necessity.
It has become increasingly clear that the intersection of artificial intelligence (AI) and governance is pivotal for organizations looking to leverage the power of AI while mitigating associated risks.
NIS 2 information sharing agreements are a central focus of Italy’s cybersecurity compliance landscape this July 2025.
