Welcome to the second edition of CUSEC News. Each week, we'll provide an overview of the key regulations, upcoming laws, court decisions, courses, and research that are shaping the rapidly changing fields of cybersecurity, privacy, and cybercrime.
Regulators and individual representatives of various industries around the world are trying to secure a digital space where advances in artificial intelligence, data protection and cyber resilience must go hand in hand.
Last week's news:
· The European Commission presented new strategies to speed up the implementation of artificial intelligence across Europe with an emphasis on innovation, ethics and competitiveness. (EK) · Daily attacks on critical infrastructure in Switzerland. (SRF)
· Starting in 2026, manufacturers of fully automated vehicles will be liable for traffic violations in Florida. (CBS News)
· The London police force arrested two 17-year-old boys in connection with the recent cyber attack at London-based childcare chain Kido. (ComputerWeekly)
· Australia's Qantas Airways announced the leak of customer data after a cyber attack. (Reuters)
· The Italian Data Protection Authority has imposed a temporary restriction on the processing of user data of the Clothoff Deepfake application as of October 3. (GPDP) · Czech cyber agency NÚKIB reports DDoS attacks on local entities. (NÚKIB) · Microsoft 365 Education illegally tracked users. (NOYB)
· The University of Oxford has supported the debate on the ethical use of AI through the Harness of AI for Justice initiative, exploring the potential of AI to improve justice in the justice system. (Oxford)
1️ Regulation
California: AI Safety Legislation
California passed a package of 18 new laws aimed at AI security, including in the areas of deepfake, data protection and AI liability. It is the first US state to directly regulate AI safety. The legislation is also based on the recommendations of the Joint Policy Working Group on AI Frontier Models. (Jones Walker)
EU: Guidelines on DSA and DMA
The European Commission and the European Data Protection Board (EDPB) have issued a new joint proposal
guidance clarifying the relationship between the Digital Services Act (DSA) and the GDPR. The aim is to promote compliance in all Member States. Guideline 3/2025 focuses on the application of data protection under DSA, in particular with regard to transparency, data processing and accountability. (EDPB)
2️ Prepared legal regulations
Germany: Draft Federal Law on Information Security
The new draft federal law on information security implements the NIS-2 Directive [Entwurf eines Gesetzes zur Utszeug der NIS-2-Richtlinie und zur Regelung wesentlicher Grundzüge des Informationssicherheits-managements in der Bundesverwaltung] and establishes a clear framework for strengthening cybersecurity. The management is obliged to complete training on relevant cyber risks and information security practices according to §38 par. 3 of the bill. The NIS-2 training [NIS-2-Geschäftsleistungsschulung] provides preliminary recommendations especially for institutions obliged to fulfill the new tasks resulting from the proposal.
3️ Courses and events
Embodied AI: Invisible Cues 📅 October 23, 2025
📍 Online 🔗 Registration
Automated vehicles communicate not only through data and sensors, but also through behavior. Don't miss the opportunity to learn how artificial intelligence can contribute to increasing mobility safety.
EdTech Conference 2025 📅 October 30, 2025
📍 Brusel 🔗 Detaily podujatia
Explore the latest trends in digital learning and AI tools for future classrooms. The event will bring together industry leaders, startups, politicians, universities and schools.
AI in Science Summit 2025 📅 3–4. november 2025
📍 Copenhagen 🔗 Event details
The summit will bring together scientists, industry leaders, investors and policy makers to discuss the transformation of AI research and the future of Europe.
4️ Literature
The Future of Privacy Forum tracked 210 bills in 42 states and identified key trends in AI development in the private sector. (FPF)
The European Commission has launched the Apply AI strategy, which accelerates the adoption of AI and strengthens technological sovereignty. (Communique)
AI in science is pushing the boundaries of research, with research and innovation at the center. AI is an extremely useful tool for scientists and accelerates scientific discoveries. (Communique)
The European Commission has introduced a framework to categorize modified general AI models (GPAIs) as "new models" based on behavioral changes. The revised model should be considered a new system under the AI Act. The report outlines two ways to measure behavior change: by directly comparing skills or outputs, or by using proxy metrics, calculations and data usage. (Publication Office of the European Union)
A new European Commission report focuses on how digital technologies and AI are changing the world of work in Europe. According to the AIM-WORK survey 2024-2025, more than 90% of workers use digital devices and one in three employees already use AI tools. (JRC Publications Repository)
💬 Your opinions?
Share them in the comments and share this newsletter with colleagues interested in the future of cybersecurity law, privacy protection, and cybercrime prevention.
🔔 Subscribe to be always informed!