Contact
Get notified
Sign In

Activity Tracker
Explore in Detail
Current Threads
Analysis
Support Us
- About Us
- Donate
API Access

Activity tracker
Aggregate Dynamics
Countries
Policy Areas
Economic Activities
Current Threads
Analysis
About Us
Donate
API Access

Contact
Get notified
Sign In

Activity Tracker

The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.

27 events advancing 22 policy or regulatory changes:

Most active jurisdictions Number of policy changes

Graph

Table

Most active policy areas Number of policy changes

Targeted economic activity Number of policy changes

Refine your search

Jurisdiction

Select All

Afghanistan

Albania

Algeria

American Samoa

Andorra

Angola

Anguilla

Antigua & Barbuda

Argentina

Armenia

Aruba

Australia

Austria

Azerbaijan

Bahamas

Bahrain

Bangladesh

Barbados

Belarus

Belgium

Belize

Benin

Bermuda

Bhutan

Bolivia

Bosnia & Herzegovina

Botswana

Brazil

British Virgin Islands

Brunei Darussalam

Bulgaria

Burkina Faso

Burundi

Cambodia

Cameroon

Canada

Cape Verde

Cayman Islands

Central African Republic

Chad

Chile

China

Chinese Taipei

Colombia

Comoros

Congo

Cook Islands

Costa Rica

Croatia

Cuba

Cyprus

Czechia

Denmark

Djibouti

Dominica

Dominican Republic

DPR Korea

DR Congo

Ecuador

Egypt

El Salvador

Equatorial Guinea

Eritrea

Estonia

Eswatini

Ethiopia

Faeroe Islands

Falkland Islands

Fiji

Finland

France

French Guiana

French Polynesia

Gabon

Gambia

Georgia

Germany

Ghana

Greece

Greenland

Grenada

Guadeloupe

Guam

Guatemala

Guinea

Guinea-Bissau

Guyana

Haiti

Honduras

Hong Kong

Hungary

Iceland

India

Indonesia

Iran

Iraq

Ireland

Israel

Italy

Ivory Coast

Jamaica

Japan

Jordan

Kazakhstan

Kenya

Kiribati

Kuwait

Kyrgyzstan

Lao

Latvia

Lebanon

Lesotho

Liberia

Libya

Liechtenstein

Lithuania

Luxembourg

Macao

Macedonia

Madagascar

Malawi

Malaysia

Maldives

Mali

Malta

Marshall Islands

Martinique

Mauritania

Mauritius

Mayotte

Mexico

Micronesia

Monaco

Mongolia

Montenegro

Montserrat

Morocco

Mozambique

Myanmar

Namibia

Nauru

Nepal

Netherlands

Netherlands Antilles

New Caledonia

New Zealand

Nicaragua

Niger

Nigeria

Niue

Norfolk Island

Northern Mariana Islands

Norway

Oman

Pakistan

Palau

Panama

Papua New Guinea

Paraguay

Peru

Philippines

Pitcairn

Poland

Portugal

Puerto Rico

Qatar

Republic of Korea

Republic of Kosovo

Republic of Moldova

Republic of the Sudan

Réunion

Romania

Russia

Rwanda

Saint Helena

Saint Kitts & Nevis

Saint Lucia

Saint Pierre & Miquelon

Saint Vincent & the Grenadines

Saint-Barthélemy

Saint-Martin

Samoa

San Marino

Sao Tome & Principe

Saudi Arabia

Senegal

Serbia

Seychelles

Sierra Leone

Singapore

Slovakia

Slovenia

Solomon Islands

Somalia

South Africa

South Sudan

Spain

Sri Lanka

State of Palestine

Suriname

Svalbard & Jan Mayen Islands

Sweden

Switzerland

Syria

Tajikistan

Tanzania

Thailand

Timor-Leste

Togo

Tokelau

Tonga

Trinidad & Tobago

Tunisia

Turkiye

Turkmenistan

Turks & Caicos Islands

Tuvalu

Uganda

Ukraine

United Arab Emirates

United Kingdom

United States of America

Uruguay

US Virgin Islands

Uzbekistan

Vanuatu

Vatican

Venezuela

Vietnam

Wallis & Futuna Islands

Western Sahara

Yemen

Zambia

Zimbabwe

SACU

MERCOSUR

Latin American Integration Association

Sub-Saharan Africa

East Asia Pacific

Europe and Central Asia

Latin America and the Caribbean

Middle East and North Africa

South Asia

LDCs

G20

Eurasian Economic Union (EEU)

The East African Community (EAC)

North America

Cotton-4

African Union

EBRD

EBRD operating countries

SIECA

ASEAN

European Union

APEC

OECD members

WTO members

ASEAN+3

CPTPP

AfCFTA

BRICS

GCC

Council of Europe

Ibero-American Network of Data Protection (RIPD)

Ibero-American General Secretariat (SEGIB)

UN members

Global Privacy Assembly Members

Forum of Small States Members

BRICS+

Policy Area

Select All

International trade

Competition

Content moderation

Data governance

Subsidies and industrial policy

Instrument unspecified

Other operating conditions

Public procurement

Authorisation, registration and licensing

Taxation

Foreign direct investment

Labour law

Intellectual property

Consumer protection

Design and testing standards

Regulatory Compliance and Transparency

Thread

Select All

Russia & Ukraine: Content regulation and free speech

Russia & Ukraine: Cryptocurrencies and sanction enforcement

Russia & Ukraine: Cybersecurity risk and data transfers

USTR 2022 report content

Competition enforcement in the digital economy

State of trade barriers and internet fragmentation

Protection of user speech rights

US-China tensions under the Holding Foreign Companies Accountable Act

Regulating Artificial Intelligence

The promotion of local online content

China’s new data regime

Enforcing the General Data Protection Regulation

Online content moderation requirements

Empowering enforcement agencies

Upcoming data governance policy developments

Consumer protection in the digital economy

The remuneration of online content

Digital payment policy

Cybersecurity frameworks

E-commerce policy

Employment rules for the digital economy

Regulating digital infrastructure

The non-binding side of digital policy

Registering and licensing the digital economy

The regulation of digital advertisement

Governing cookies

Governing cross-border data transfers

The TikTok crackdown

Data localisation requirements in the digital economy

The OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting

Digital Services Taxes

Privacy and Artificial Intelligence

International collaboration on AI governance

Enforcement of the Digital Services Act (DSA)

The Digital Services Act legal framework

The Digital Markets Act legal framework

Enforcement of the Digital Markets Act (DMA)

Highlights in Digital Policy

Online age verification rules

Investigations and restrictions against DeepSeek

Laws and frameworks on government access to data

Policy or Regulatory Instrument

Select All

Import licensing requirement

Import quota

Import tariff

Import tariff quota

Internal taxation of imports

Import ban

Export licensing requirement

Export quota

Export tariff

Export tariff quota

Export subsidy

Export ban

Border measure, nes

Merger control regulation

Unilateral conduct regulation

Anti-competitive agreements regulation

Competition authority governance

Competition, nes

User speech right

Patent protection regulation

Content moderation regulation

Content remuneration regulation

Investment in local content obligation

Local content requirement

Content moderation, nes

Cybersecurity regulation

Data protection regulation

Data localisation requirement

Data governance, nes

Cross-border data transfer regulation

MNE: Entry and ownership rule

MNE: Financial incentive

MNE: Treatment and operations, nes

Financial grant

In-kind grant

Loan guarantee

Production subsidy

State loan

Tax or social insurance relief

State Aid, nes

Instrument unspecified

Infrastructure compensation regulation

Other operating condition, nes

Local operations requirement

Quality of Service requirement

Mandatory software installation requirement

Interoperability requirement

Public procurement blacklisting

Public procurement regulation, nes

Public procurement access

Public procurement localisation

Public procurement preference margin

Operational license requirement

Authorisation of goods or services

Business registration requirement

Prohibition of goods and services

Authorisation, registration and licensing, nes

Direct taxes including Digital Service Taxes

Indirect taxes

Customs duties on electronic transmissions

Taxation, nes

Capital injection and equity stakes (including bailouts)

State aid control

Data protection authority governance

Worker classification or protection regulation

Technology transfer requirement

Content moderation authority governance

Consumer protection, nes

Intellectual property, nes

Worker monitoring regulation

Artificial Intelligence authority governance

Age verification requirement

Organisational requirement

Testing requirement

Performance monitoring requirement

Fair marketing and advertising practice requirement

User/subject right

User identification requirement

Complaint or feedback mechanism requirement

Compliance mechanism regulation

Design requirement

Documentation requirement

Legal due diligence requirement

Notification requirement

Public disclosure requirement

Regulatory cooperation requirement

Risk management requirement

Consumer protection authority governance

Public procurement, nes

Design and testing standards, nes

Labour law, nes

Non-discrimination requirement

Government access to data

Current Status

Select All

under deliberation

under investigation

under litigation

adopted

in force

rejected

revoked

concluded

in consultation

processing consultation

in grace period

under appeal

to be revoked

Economic Activity Selected 1

Select All

cross-cutting

infrastructure provider: internet and telecom services

online advertising provider

digital payment provider (incl. cryptocurrencies)

platform intermediary: user-generated content

streaming service provider

platform intermediary: e-commerce

ML and AI development

other service provider

unspecified

technological consumer goods

semiconductors

software provider: app stores

DLT development

search service provider

software provider: other software

messaging service provider

platform intermediary: other

infrastructure provider: cloud computing, storage and databases

infrastructure provider: network hardware and equipment

infrastructure provider: other

Government Branch

Select All

legislature

executive

judiciary

Government Body

Select All

parliament

other regulatory body

data protection authority

competition authority

consumer protection authority

central government

central bank

court

supreme court

tax authority

Event Type

Select All

order

outline

inquiry

decision

law

treaty

public lawsuit

investigation

declaration

civil lawsuit

Implementation level

Select All

national

supranational

subnational

bi- or plurilateral agreement

multilateral agreement

other

Event period

Reset filters

Adjust filters

Jurisdiction

Select All

Afghanistan

Albania

Algeria

American Samoa

Andorra

Angola

Anguilla

Antigua & Barbuda

Argentina

Armenia

Aruba

Australia

Austria

Azerbaijan

Bahamas

Bahrain

Bangladesh

Barbados

Belarus

Belgium

Belize

Benin

Bermuda

Bhutan

Bolivia

Bosnia & Herzegovina

Botswana

Brazil

British Virgin Islands

Brunei Darussalam

Bulgaria

Burkina Faso

Burundi

Cambodia

Cameroon

Canada

Cape Verde

Cayman Islands

Central African Republic

Chad

Chile

China

Chinese Taipei

Colombia

Comoros

Congo

Cook Islands

Costa Rica

Croatia

Cuba

Cyprus

Czechia

Denmark

Djibouti

Dominica

Dominican Republic

DPR Korea

DR Congo

Ecuador

Egypt

El Salvador

Equatorial Guinea

Eritrea

Estonia

Eswatini

Ethiopia

Faeroe Islands

Falkland Islands

Fiji

Finland

France

French Guiana

French Polynesia

Gabon

Gambia

Georgia

Germany

Ghana

Greece

Greenland

Grenada

Guadeloupe

Guam

Guatemala

Guinea

Guinea-Bissau

Guyana

Haiti

Honduras

Hong Kong

Hungary

Iceland

India

Indonesia

Iran

Iraq

Ireland

Israel

Italy

Ivory Coast

Jamaica

Japan

Jordan

Kazakhstan

Kenya

Kiribati

Kuwait

Kyrgyzstan

Lao

Latvia

Lebanon

Lesotho

Liberia

Libya

Liechtenstein

Lithuania

Luxembourg

Macao

Macedonia

Madagascar

Malawi

Malaysia

Maldives

Mali

Malta

Marshall Islands

Martinique

Mauritania

Mauritius

Mayotte

Mexico

Micronesia

Monaco

Mongolia

Montenegro

Montserrat

Morocco

Mozambique

Myanmar

Namibia

Nauru

Nepal

Netherlands

Netherlands Antilles

New Caledonia

New Zealand

Nicaragua

Niger

Nigeria

Niue

Norfolk Island

Northern Mariana Islands

Norway

Oman

Pakistan

Palau

Panama

Papua New Guinea

Paraguay

Peru

Philippines

Pitcairn

Poland

Portugal

Puerto Rico

Qatar

Republic of Korea

Republic of Kosovo

Republic of Moldova

Republic of the Sudan

Réunion

Romania

Russia

Rwanda

Saint Helena

Saint Kitts & Nevis

Saint Lucia

Saint Pierre & Miquelon

Saint Vincent & the Grenadines

Saint-Barthélemy

Saint-Martin

Samoa

San Marino

Sao Tome & Principe

Saudi Arabia

Senegal

Serbia

Seychelles

Sierra Leone

Singapore

Slovakia

Slovenia

Solomon Islands

Somalia

South Africa

South Sudan

Spain

Sri Lanka

State of Palestine

Suriname

Svalbard & Jan Mayen Islands

Sweden

Switzerland

Syria

Tajikistan

Tanzania

Thailand

Timor-Leste

Togo

Tokelau

Tonga

Trinidad & Tobago

Tunisia

Turkiye

Turkmenistan

Turks & Caicos Islands

Tuvalu

Uganda

Ukraine

United Arab Emirates

United Kingdom

United States of America

Uruguay

US Virgin Islands

Uzbekistan

Vanuatu

Vatican

Venezuela

Vietnam

Wallis & Futuna Islands

Western Sahara

Yemen

Zambia

Zimbabwe

SACU

MERCOSUR

Latin American Integration Association

Sub-Saharan Africa

East Asia Pacific

Europe and Central Asia

Latin America and the Caribbean

Middle East and North Africa

South Asia

LDCs

G20

Eurasian Economic Union (EEU)

The East African Community (EAC)

North America

Cotton-4

African Union

EBRD

EBRD operating countries

SIECA

ASEAN

European Union

APEC

OECD members

WTO members

ASEAN+3

CPTPP

AfCFTA

BRICS

GCC

Council of Europe

Ibero-American Network of Data Protection (RIPD)

Ibero-American General Secretariat (SEGIB)

UN members

Global Privacy Assembly Members

Forum of Small States Members

BRICS+

Policy Area

Select All

International trade

Competition

Content moderation

Data governance

Subsidies and industrial policy

Instrument unspecified

Other operating conditions

Public procurement

Authorisation, registration and licensing

Taxation

Foreign direct investment

Labour law

Intellectual property

Consumer protection

Design and testing standards

Regulatory Compliance and Transparency

Thread

Select All

Russia & Ukraine: Content regulation and free speech

Russia & Ukraine: Cryptocurrencies and sanction enforcement

Russia & Ukraine: Cybersecurity risk and data transfers

USTR 2022 report content

Competition enforcement in the digital economy

State of trade barriers and internet fragmentation

Protection of user speech rights

US-China tensions under the Holding Foreign Companies Accountable Act

Regulating Artificial Intelligence

The promotion of local online content

China’s new data regime

Enforcing the General Data Protection Regulation

Online content moderation requirements

Empowering enforcement agencies

Upcoming data governance policy developments

Consumer protection in the digital economy

The remuneration of online content

Digital payment policy

Cybersecurity frameworks

E-commerce policy

Employment rules for the digital economy

Regulating digital infrastructure

The non-binding side of digital policy

Registering and licensing the digital economy

The regulation of digital advertisement

Governing cookies

Governing cross-border data transfers

The TikTok crackdown

Data localisation requirements in the digital economy

The OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting

Digital Services Taxes

Privacy and Artificial Intelligence

International collaboration on AI governance

Enforcement of the Digital Services Act (DSA)

The Digital Services Act legal framework

The Digital Markets Act legal framework

Enforcement of the Digital Markets Act (DMA)

Highlights in Digital Policy

Online age verification rules

Investigations and restrictions against DeepSeek

Laws and frameworks on government access to data

Policy or Regulatory Instrument

Select All

Import licensing requirement

Import quota

Import tariff

Import tariff quota

Internal taxation of imports

Import ban

Export licensing requirement

Export quota

Export tariff

Export tariff quota

Export subsidy

Export ban

Border measure, nes

Merger control regulation

Unilateral conduct regulation

Anti-competitive agreements regulation

Competition authority governance

Competition, nes

User speech right

Patent protection regulation

Content moderation regulation

Content remuneration regulation

Investment in local content obligation

Local content requirement

Content moderation, nes

Cybersecurity regulation

Data protection regulation

Data localisation requirement

Data governance, nes

Cross-border data transfer regulation

MNE: Entry and ownership rule

MNE: Financial incentive

MNE: Treatment and operations, nes

Financial grant

In-kind grant

Loan guarantee

Production subsidy

State loan

Tax or social insurance relief

State Aid, nes

Instrument unspecified

Infrastructure compensation regulation

Other operating condition, nes

Local operations requirement

Quality of Service requirement

Mandatory software installation requirement

Interoperability requirement

Public procurement blacklisting

Public procurement regulation, nes

Public procurement access

Public procurement localisation

Public procurement preference margin

Operational license requirement

Authorisation of goods or services

Business registration requirement

Prohibition of goods and services

Authorisation, registration and licensing, nes

Direct taxes including Digital Service Taxes

Indirect taxes

Customs duties on electronic transmissions

Taxation, nes

Capital injection and equity stakes (including bailouts)

State aid control

Data protection authority governance

Worker classification or protection regulation

Technology transfer requirement

Content moderation authority governance

Consumer protection, nes

Intellectual property, nes

Worker monitoring regulation

Artificial Intelligence authority governance

Age verification requirement

Organisational requirement

Testing requirement

Performance monitoring requirement

Fair marketing and advertising practice requirement

User/subject right

User identification requirement

Complaint or feedback mechanism requirement

Compliance mechanism regulation

Design requirement

Documentation requirement

Legal due diligence requirement

Notification requirement

Public disclosure requirement

Regulatory cooperation requirement

Risk management requirement

Consumer protection authority governance

Public procurement, nes

Design and testing standards, nes

Labour law, nes

Non-discrimination requirement

Government access to data

Current Status

Select All

under deliberation

under investigation

under litigation

adopted

in force

rejected

revoked

concluded

in consultation

processing consultation

in grace period

under appeal

to be revoked

Economic Activity Selected 1

Select All

cross-cutting

infrastructure provider: internet and telecom services

online advertising provider

digital payment provider (incl. cryptocurrencies)

platform intermediary: user-generated content

streaming service provider

platform intermediary: e-commerce

ML and AI development

other service provider

unspecified

technological consumer goods

semiconductors

software provider: app stores

DLT development

search service provider

software provider: other software

messaging service provider

platform intermediary: other

infrastructure provider: cloud computing, storage and databases

infrastructure provider: network hardware and equipment

infrastructure provider: other

Government Branch

Select All

legislature

executive

judiciary

Government Body

Select All

parliament

other regulatory body

data protection authority

competition authority

consumer protection authority

central government

central bank

court

supreme court

tax authority

Event Type

Select All

order

outline

inquiry

decision

law

treaty

public lawsuit

investigation

declaration

civil lawsuit

Implementation level

Select All

national

supranational

subnational

bi- or plurilateral agreement

multilateral agreement

other

Event period

27 events advancing 22 policy or regulatory changes:

CSV Excel

adopted

Principles for secure integration of AI in operational technology

Latest event Date: 2025-12-04 declaration adoption

Cyber Security Centre and Cybersecurity alongside international partners issued principles for secure integration of AI in operational technology

On 4 December 2025, the Australian Cyber Security Centre (ACSC) and the Cybersecurity and Infrastructure Security Agency (CISA) adopted principles for the secure integration of artificial intelligence (AI) in operational technology. The principles p…

Implementer

AustraliaGermanyNetherlandsNew ZealandUnited Kingdom Load more

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity infrastructure provider: internet and telecom services, ML and AI development, infrastructure provider: cloud computing, storage and databases, infrastructure provider: network hardware and equipment, infrastructure provider: other

in force

Lawsuit concerning access obligations under Directive (EU) 2018/1972 establishing the European Electronic Communications Code (Telekom Deutschland GmbH v Bundesrepublik Deutschland /Case C-327/24)

Latest event Date: 2025-11-20 public lawsuit ruling

Court of Justice of the European Union issued ruling on access obligations under European Electronic Communications clarifying that such obligations must be necessary, proportionate, and aimed at ensuring competition

On 20 November 2025, the Court of Justice of the European Union issued its ruling in Telekom Deutschland GmbH v Bundesrepublik Deutschland (Case C-327/24). The Court held that, when deciding whether to impose an access obligation for civil engineeri…

Implementer

European Union

Policy area Competition

Policy or regulatory element Unilateral conduct regulation

Economic activity infrastructure provider: internet and telecom services, other service provider, infrastructure provider: other

in force

Cybersecurity (Critical Information Infrastructure) (Amendment) Regulations

Latest event Date: 2025-10-31 order implementation

Cybersecurity (Critical Information Infrastructure) (Amendment) Regulations entered into force

On 31 October 2025, the Cybersecurity (Critical Information Infrastructure) (Amendment) Regulations 2025 entered into force. The Amendment revises definitions to cover owner-controlled interconnected and non-interconnected systems, supplier-controll…

Implementer

Singapore

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity infrastructure provider: internet and telecom services, infrastructure provider: cloud computing, storage and databases, infrastructure provider: network hardware and equipment, infrastructure provider: other

processing consultation

Merger control regulation in National Information Technology Authority Bill, 2025

Latest event Date: 2025-10-31 law consultation closed

Ministry of Communication, Digital Technology and Innovations closes consultation on National Information Technology Authority Bill, 2025 including merger control regulation

On 31 October 2025, the Ministry of Communication, Digital Technology and Innovations closes a consultation on the draft National Information Technology Authority Bill, including merger control regulation. The Bill would establish a National Informa…

Implementer

Ghana

Policy area Competition

Policy or regulatory element Merger control regulation

Economic activity software provider: other software, infrastructure provider: cloud computing, storage and databases, infrastructure provider: network hardware and equipment, infrastructure provider: other

processing consultation

Operational license requirement in National Information Technology Authority Bill, 2025

Latest event Date: 2025-10-31 law consultation closed

Ministry of Communication, Digital Technology and Innovations closes consultation on National Information Technology Authority Bill, 2025 including operational license requirement

On 31 October 2025, the Ministry of Communication, Digital Technology and Innovations closes the consultation on the draft National Information Technology Authority Bill, including operational license requirements. The Act would establish a National…

Implementer

Ghana

Policy area Authorisation, registration and licensing

Policy or regulatory element Operational license requirement

adopted

Cybersecurity (Amendment) Bill

Latest event Date: 2025-10-31 law adoption

Cybersecurity (Amendment) Act provisions expanding regulatory oversight to third-party-owned infrastructure, temporary cybersecurity concern systems and entities of special cybersecurity interest entered into force

On 31 October 2025, sections 2 to 15, 18, 19, 22, 23(b), 24, 25, 28(a) to (g), 29, 31 and 32(1) to (4), (6) and (7) of the Cybersecurity (Amendment) Act 2024 entered into operation pursuant to the Cybersecurity (Amendment) Act 2024 (Commencement) No…

Implementer

Singapore

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity cross-cutting, infrastructure provider: internet and telecom services, infrastructure provider: cloud computing, storage and databases, infrastructure provider: network hardware and equipment, infrastructure provider: other

adopted

United States and Japan memorandum of cooperation regarding Technology Prosperity Deal

Latest event Date: 2025-10-28 declaration adoption

Governments of United States and Japan signed memorandum of cooperation regarding Technology Prosperity Deal

On 28 October 2025, the Governments of the United States and Japan signed a Memorandum of Cooperation (MOC) in Tokyo under the Technology Prosperity Deal. The MOC establishes collaboration in science and technology across several areas, including ar…

Implementer

JapanUnited States of America

Policy area Design and testing standards

Policy or regulatory element Artificial Intelligence authority governance

Economic activity ML and AI development, semiconductors, DLT development, infrastructure provider: other

under deliberation

American AI Exports Program

Latest event Date: 2025-10-21 order drafting

International Trade Administration announced development of American AI Exports Program

On 21 October 2025, the International Trade Administration announced the development of the American AI Exports Program under Executive Order 14320, Promoting the Export of the American AI Technology Stack. The programme aims to support the global d…

Implementer

United States of America

Policy area International trade

Policy or regulatory element Border measure, nes

Economic activity ML and AI development, DLT development, infrastructure provider: cloud computing, storage and databases, infrastructure provider: other

adopted

Signals Directorate's Critifical Infrastructure Fortify guidance for operators

Latest event Date: 2025-10-13 outline adoption

Signals Directorate published Critifical Infrastructure Fortify guidance for operators

On 13 October 2025, the Australian Signals Directorate (ASD) released "Critical Infrastructure (CI) Fortify," a guidance document for CI operators. It applies to large organisations and government entities managing operational technology (OT) and es…

Implementer

Australia

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity infrastructure provider: other

adopted

European Data Protection Board recommendations on calculating audit cycle in EU Large-Scale IT Systems

Latest event Date: 2025-10-03 outline adoption

European Data Protection Board released recommendations on calculating audit cycle in EU Large-Scale IT Systems

On 3 October 2025, the European Data Protection Board (EDPB) adopted the recommendations on calculating the audit cycle in EU Large-Scale IT Systems, which set out guidance for Supervisory Authorities and Schengen evaluation teams on the application…

Implementer

European Union

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity DLT development, infrastructure provider: other

Page