The EU, Germany, Portugal, Austria, Canada, Colorado, and Iowa all advanced major AI-related legal and regulatory measures in May 2026, ranging from revised AI Act timelines and data retention rules to new obligations for AI literacy, disclosure, and safety. At the same time, the World Economic Forum reported that AI is now an operational backbone of cyber defence, while Canada’s investigation into ChatGPT highlighted serious privacy and accountability gaps in OpenAI’s practices. #EUAIAct #ANACOM #OpenAI #ChatGPT #ColoradoSB26189 #IowaSF2417 #WorldEconomicForum
Keypoints
- The EU AI Act will delay high-risk obligations and tighten transparency, database registration, and safety rules.
- Germany plans three-month IP address retention and expanded investigatory powers for law enforcement.
- Portugal is consulting on AI literacy guidelines under Article 4 of the AI Act.
- Canada’s joint investigation found OpenAI’s ChatGPT practices inconsistent with privacy laws and imposed remedial obligations.
- Colorado and Iowa introduced new AI laws focused on notice, disclosure, consumer rights, and protections for minors.
Read More: https://keplernewsletter.substack.com/p/privacy-and-cybersecurity-70