01
Tue, Jul
109 New Articles

The contemporary European market witnesses a large number of highly operational business models that target European consumers and are, simultaneously, managed outside the European Union. There are businesses whose central administration or decision-making hubs are not established in any EU member state. Some of them neither control nor process data of their consumers within the EU. At the same time, some of these businesses are also subject to strict and enforceable international regulations in addition to the applicable EU legislation.

An increasing number of law firms have been publicly warning about the misuse of their names in phishing and cyberattacks. PRK Partners Partner Michal Matejka, Musat & Asociatii Partner Stefan Diaconescu, Gugushev & Partners Partner and Head of Data Protection Yoanna Ivanova, and DLA Piper Hungary Partner and Head of Intellectual Property and Technology Zoltan Kozma discuss the growing trend.

As AI increasingly intersects with nearly every dimension of digital security, so too does the consciousness of creating conditions to use it in a secure cyberspace. As Space Hellas Group General Counsel Konstantinos Argyropoulos puts it, “there is an acceleration in the way AI interfaces with cybersecurity,” pointing to an emerging arms race in which malicious actors and defenders alike adopt increasingly automated tactics. Argyropoulos shared his thoughts on this during the CEE Legal Matters GC Summit 2025 in Prague.

IT Labs Group General Counsel and DPO Ana Zakovska discusses her transition from private practice to in-house roles in the ICT sector, the evolving nature of legal work, and how privacy and AI are shaping the industry.

In April 2007, Estonia made global headlines — not for a military conflict or natural disaster, but for one of the first coordinated large-scale cyberattacks against a nation-state. Sparked by the relocation of a Soviet-era war memorial in Tallinn (known as the Bronze Night), the country’s digital infrastructure was flooded with denial-of-service attacks. Government websites, banks, media outlets, and essential services were knocked offline. It was a wake-up call: digital threats could now paralyze a country just as effectively as tanks and missiles. 

In our previous practice, we have assisted clients in the course of implementation of AI systems (“AIS”), i.e., assessment of the impact of risks of AIS, especially in the medical and research sector. While working on these projects, we came to the conclusion that many companies overlook obligations or are not even aware of risks for safety, health and fundamental human rights which are tied to the implementation and use of high-risk AIS and can result in significant compliance risks under the applicable legal framework.

As part of the broader effort to harmonise national legislation with the EU General Data Protection Regulation, the Albanian Data Protection Commissioner issued Instruction No. 2, dated 30 April 2025 (Instruction No. 2), on the protection of personal data in the health sector. This Instruction repeals the previous 2020 framework and establishes a comprehensive set of rules governing the collection, use, and disclosure of health and genetic data.

More Articles ...