The European Commission, CNIL, CISA, FTC, and other authorities issued major 2026 guidance and enforcement actions covering high-risk AI classification, AI content marking, critical infrastructure resilience, privacy compliance, and deceptive AI marketing. The updates also include Poland’s hybrid-threat assessment, G7 AI SBOM minimum elements, and Louisiana’s new data privacy bill, signaling tighter rules for AI governance, cybersecurity, and consumer data protections. #EUAIAct #CNIL #CISA #FTC #BSI #ABW #LouisianaDataPrivacyAct #G7
Keypoints
- The European Commission released draft guidance on high-risk AI classification under Article 6 of the EU AI Act.
- New AI content marking studies explore watermarking, metadata, logging, and detection under Article 50 of the AI Act.
- CNIL’s 2025 report shows a sharp rise in complaints, breaches, fines, and a stronger focus on data security enforcement.
- Poland’s ABW report highlights APT28, APT29, UNC1151, sabotage, disinformation, and attacks on critical infrastructure.
- CISA, the G7, Louisiana, and the FTC each advanced new rules or actions on AI SBOMs, critical infrastructure resilience, privacy rights, and deceptive marketing.
Read More: https://keplernewsletter.substack.com/p/privacy-and-cybersecurity-72