Activity Tracker
The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.
562 events advancing 392 policy or regulatory changes:
Graph
Table
European Commission guidance on Article 73 of AI Act on incident reporting of high-risk AI systems
European Commission closes consultation on draft guidance on Article 73 of AI Act on incident reporting of high-risk AI systems
On 7 November 2025, the European Commission closes the consultation on its draft guidance and reporting template on serious AI incidents under Article 73 of Regulation (EU) 2024/1689 (Artificial Intelligence Act). The consultation aims to gather fee…
Code of Practice on Transparent Generative AI Systems under Article 50 AI Act
European AI Office initiates the drafting of Code of Practice on transparency of AI-generated content
On 5 November 2025, the European AI Office initiated the draft process for the Code of Practice on transparency of AI-generated content with a plenary meeting of independent experts. The Code of Practice aims to detail how providers and deployers of…
Reporting template for serious incidents involving general-purpose AI models with systemic risk
European Commission published reporting template for serious incidents involving general-purpose AI models with systemic risk
On 4 November 2025, the European Commission published a reporting template for serious incidents involving general-purpose AI models with systemic risk. The template is intended to be used as a means for demonstrating compliance with Art. 55(1)(c) o…
European Commission implementing decision on adequate level of protection of personal data by Brazil
European Data Protection Board adopted opinion on Commission draft implementing decision on adequate protection of personal data by Brazil
On 4 November 2025, the European Data Protection Board (EDPB) adopted Opinion 28/2025 regarding the European Commission draft implementing decision on Brazil’s adequacy. The opinion notes that Brazil’s General Data Protection Law (LGPD), related pre…
European Commission inquiry into revision of EU rules on public procurement
European Commission opened consultation on revision of EU rules on public procurement
On 3 November 2025, the European Commission opened a consultation concerning the revision of EU rules on public procurement until 26 January 2026. The proposed reforms aim to address issues identified in a recent evaluation, including legal complexi…
Guidelines 3/2025 on interplay between Digital Services Act and General Data Protection Regulation
European Data Protection Board closes consultation on Guidelines 3/2025 on the interplay between the Digital Services Act and the General Data Protection Regulation
On 31 October 2025, the European Data Protection Board (EDPB) closes the consultation on the guidelines 3/2025 on the interplay between the Digital Services Act (DSA) and the General Data Protection Regulation (GDPR). The guidelines provide technica…
Lawsuit requesting suspension of execution of adequacy decision for EU-US Data Privacy Framework (Latombe v Commission)
Latombe filed appeal against General Court dismissal of challenge to European Union–United States Data Protection Framework adequacy decision in Latombe v Commission
On 31 October 2025, Philippe Latombe filed an appeal (Case C-703/25 P) against a ruling by the General Court that upheld the validity of the EU-US Data Privacy Framework (DPF), seeking review of the General Court’s judgment in Case T-553/23. The app…
Delegated Regulation on Data Access under the Digital Services Act
European Commission Delegated Regulation on data access under Digital Services Act enters into force
On 29 October 2025, the European Commission Delegated Regulation on data access under the Digital Services Act enters into force. The regulation outlines technical requirements and procedures for data sharing by Very Large Online Platforms (VLOPs) a…
Orientations for ensuring data protection compliance when using Generative AI systems (Version 2)
European Data Protection Supervisor published orientations for ensuring data protection compliance when using Generative AI systems (Version 2)
On 28 October 2025, the European Data Protection Supervisor (EDPS) published the revised orientations for ensuring data protection compliance when using Generative AI systems (Version 2). The guidance addresses the use of generative Artificial Intel…
European Commission's adoption of United Nations Convention against Cybercrime
European Commission signed United Nations Convention against Cybercrime
On 25 October 2025, the European Commission signed the United Nations Convention against Cybercrime on behalf of the European Union. The Convention aims to strengthen international cooperation in addressing specific crimes committed through informat…