The European Union has taken a significant step forward in its cybersecurity framework with the adoption of the Cyber Solidarity Act[1] on 2 December 2024. This landmark regulation – which entered into force on 4 February 2025 – represents a comprehensive…
Social Media Credit Scoring: A Double-Edged Sword
The emergence of social media as a tool for credit scoring is changing how financial institutions assess creditworthiness. While traditional credit scores have largely relied on an individual’s financial history—such as payment records and debt profile—social media is increasingly being used…
Data Protection and AI Models – EDPB Opinion, OpenAI Fine and DeepSeek Scrutiny
The European Data Protection Board (EDPB) adopted Opinion 28/2024 on 17 December 2024,[1] addressing key data protection issues that arise from the processing of personal data in the context of artificial intelligence (AI) models. Issued at the request of the Irish…
Transatlantic Data Privacy: A Critical Review of the EU-US Data Privacy Framework
The EU-US Data Privacy Framework (EU-US DPF) was developed to support transatlantic trade by offering US organizations a reliable mechanism for personal data transfers from the European Union to the United States that are consistent with EU law.[1] The EU-US bilateral…
A New Era of Cybersecurity Compliance for Digital Products: the EU Cyber Resilience Act
by Luca Farkas On 10 October 2024, the Council adopted the European Cyber Resilience Act (CRA)[1] to address growing cybersecurity risks associated with products containing digital components, particularly in an increasingly connected world. As more and more devices become internet-enabled, they pose…
Country report from Kyrgyzstan – The Digital Contracting in the Kyrgyz Republic. What can we learn from EU Law?
by Dzhusupov Akylbek Embracing digital contracts can streamline business processes, reduce transaction costs, and attract foreign investment, thereby contributing to economic prosperity. Therefore, it is vital to choose the model law which will facilitate the Kyrgyz Republic’s economic integration into the global…
‘Track or treat?’ – is Meta’s ‘consent or pay’ model an appropriate way to be compatible with legislation?
by Judit Szalatkay Shall I choose to pay a fee for Meta or shall I continue to use it for “free” and give my consent to personalized advertising? All of us have met this question if we are Facebook or Instagram…
Quick Law Review: EU Data Act
The final text of the Data Act was adopted on 27 November 2023.[1] The Data Act applies to a narrow set of data, data generated by and access to Internet-connected devices (IoT). Examples of such products include vehicles, household appliances and consumer…
Way-out from the cookie fatigue? – Cookie pledge principles to help consumers to understand tracking and to manage cookies requests through effective choices
by Judit Szalatkay The European Data Privacy Board (EDPB) established a taskforce to set an overview on practices of existing cookie banners. The taskforce published its report[1] in the beginning of the year 2023 in which it identified several deceptive and manipulative…
Take it or leave it – twisted
by Izabella Szoboszlai It is no exaggeration to say that 2023 was a particularly busy year for digital platforms. It seems that the hard work of various legal fields has finally come to fruition, even though we may experience interruptions from…