Newsletter #21 - 19 May 2026

Read on website

---

NicFab Newsletter

Issue 21 | May 19, 2026

Privacy, Data Protection, AI, and Cybersecurity

---

Welcome to issue 21 of the weekly newsletter dedicated to privacy, data protection, artificial intelligence, cybersecurity, and ethics. Every Tuesday, you will find a curated selection of the most relevant news from the previous week, with a focus on European regulatory developments, case law, enforcement, and technological innovation.

---

In this issue

---

ITALIAN DATA PROTECTION AUTHORITY

Garlasco: the Garante reprimands the media over the sensationalization of the case

With a statement dated May 15, 2026, the Garante issued a firm rebuke to the media following the broadcast, on an online television platform, of the audio and transcript of conversations between Alberto Stasi and his defense counsel — communications covered by the prohibition on use outlined in the Italian Code of Criminal Procedure and already condemned by the Italian Union of Criminal Chambers.

The Authority acknowledges the removal of the television segment. Still, it does not resolve the matter: it continues to monitor the case in light of the data subjects’ complaints. It reserves the right to take further action within the investigations already opened. The reprimand covers compliance with data protection law, the Journalists’ Code of Ethics of November 29, 2018, and constitutional safeguards, with explicit reference to the principle of essentiality of information — overwhelmed here by media coverage the Garante describes as “continuous and morbid.” Protection extends not only to the victim and her family but also to the suspects and anyone else mentioned in the case.

The operationally relevant point is this: even reproducing, sharing, or further disseminating content unlawfully obtained may constitute a violation of data protection law. The sanctioning perimeter, therefore, extends to downstream users, not just to those who originated the publication.

Source

---

EDPB - EUROPEAN DATA PROTECTION BOARD

Opinion 13/2026: the EDPB on the accreditation criteria for Finnish certification bodies

On May 12, 2026, the European Data Protection Board adopted Opinion 13/2026 on the draft decision of the Finnish Office of the Data Protection Ombudsman regarding the approval of the accreditation requirements for a certification body under Article 43(3) of the GDPR.

This is an opinion under Article 64 GDPR within the usual consistency procedure: the national Authority submits the additional accreditation requirements, and the EDPB verifies alignment with Guidelines 4/2018 on the accreditation of certification bodies and with the combined provisions of Articles 42 and 43 GDPR. The aim is to ensure that the Finnish criteria — which integrate ISO/IEC 17065 as the baseline standard referenced by the GDPR — are consistent with those already approved in other Member States, avoiding fragmentation in the GDPR certification landscape.

The opinion matters for anyone following the certification dossier: the European framework continues to consolidate State by State, and Finland joins the list of jurisdictions whose accreditation requirements have been formally reviewed by the Board.

Source

---

EUROPEAN COMMISSION

On May 13, 2026, the European Commission published the report on the main findings of the review of Directive (EU) 2019/790 on copyright in the Digital Single Market, required by Article 30 of the Directive, no earlier than June 2026. The document, managed by DG CNECT – Unit I.2, accompanies the call for evidence addressed to stakeholders and citizens to gather observations on the problem framing and possible solutions.

The political reference is the European Democracy Shield Communication of November 12, 2025, which calls for this review and highlights challenges for creators in the digital environment. The review moves along two parallel tracks: on the one hand, the Article 30 report; on the other, a legislative targeted initiative with indicative planning for Q1-2027. The thematic perimeter touches the well-known nodes of the CDSM: text and data mining, platform liability under Article 17, publishers’ rights, remuneration of authors and performers.

Source

Alongside the review report, the Commission announced a proposal for a new Directive to strengthen the copyright framework for European creativity and innovation. This initiative, too, is led by DG CNECT – Unit I.2, with indicative planning Q1-2027 and explicit qualification as a legislative proposal within the targeted initiative linked to the CDSM review.

The document is published as a call for evidence: the Commission collects input on problem definition, intervention options, and related impacts. The link to the European Democracy Shield Communication of November 12, 2025, and to the difficulties reported by creators, orients the proposal toward the relationship between authors, platforms, and content exploitation models in the online environment. Anyone working on licensing, collective management, TDM, or training of generative models has a window here to influence the text before it takes shape.

Source

---

CNIL - FRENCH AUTHORITY

Digital euro: a status update on confidentiality

CNIL and Germany’s BfDI return to the digital euro project while the regulation proposal is under discussion in the European Parliament and the Eurosystem prepares for issuance by 2029. The two authorities, which have been assisting the EU institutions since the start of the project, insist on one point: without a high level of data protection, the project does not work, and the digital euro must improve citizens’ position relative to the current payments ecosystem, dominated by non-European private operators.

The timeline: ECB public consultation, late 2020; Eurosystem preparation project, summer 2021; Commission regulation proposal, summer 2023; now in co-decision. Adoption expected no earlier than next year, Eurosystem pilot early 2027, issuance on a 2029 horizon. The stated goal is not to replace cash but to complement it with a more inclusive instrument (no bank account required), free of counterparty risk as a claim on the central bank, with legal tender status and generally mandatory acceptance.

The knot for the regulators remains the infrastructure: a digital equivalent of cash means minimization of transaction data and an architecture that prevents the ECB and intermediaries from reconstructing payment behavior.

Source

Connected glasses: CNIL action plan

CNIL launches an action plan on connected glasses following a survey conducted from January 22 to 29, 2026, on a sample of 2,128 people representative of the adult French population. 67% of respondents consider these devices a threat to privacy.

The technical perimeter: prescription or sunglasses with a microphone and camera in the frame, connected to the smartphone via a dedicated app, often integrated with an AI system that activates the sensors to respond to the wearer’s voice commands (“describe what I’m looking at,” “translate what the person in front of me is saying”). Some manufacturers are developing versions independent of the smartphone, with a display integrated into the lenses and control via neurotechnologies, for example, a bracelet that detects and interprets hand gestures.

The concerns identified relate in particular to the image rights of third parties and their consent — the wearer records, the person opposite often does not know — as well as the derivative uses enabled by AI. On this point, the European Board’s position on the use of personal data for model training and the rules on facial recognition remain the operational references.

Source

Agenda of the plenary session of May 12, 2026

CNIL plenary session of May 12. Opening with the assessment of complaint activity and the exercise of indirect rights for 2025. Following, under the procedure of Article 17 of the internal rules: opinion on a draft decree concerning the obligation of public declaration of interests for members of the committee on crop protection solutions (Article L. 253-8-4 of the code rural); opinion on a draft decree amending the one of July 7, 2017 on the teledeclaration of conflicts of interest (Article R. 1451-3 code de la santé publique); single decision authorizing ICADOM to carry out processing for feasibility studies with access to national PMSI data; renewal of the single decision in favor of Pierre Karam conseil santé for studies on activity indicators of healthcare institutions; authorization of CNIL agents to verification missions.

Source

---

COUNCIL OF THE EUROPEAN UNION

AI Act simplification: the Council writes to the Parliament

The Council has transmitted to the European Parliament a letter on the proposal for a regulation amending Regulation (EU) 2024/1689 (AI Act) and Regulation (EU) 2018/1139, aimed at simplifying the implementation of harmonized rules on artificial intelligence (document ST 9247 2026 INIT, May 12, 2026). The intervention covers two axes: the AI Act itself and civil aviation legislation, an area where high-risk AI systems overlap with already dense sectoral regimes. The direction is the one already emerged with the Omnibus: reduce burdens, align obligations, avoid duplication across parallel regimes. The text of the proposal and the actual perimeter of the “simplification” will be the real test: whether the simplification touches only procedures and timing, or whether it intervenes on the substantive requirements for high-risk systems.

Source

Working Party on Data Protection convened

Convocation of the Council’s Working Party on Data Protection for a morning-only session (CM 2781 2026 INIT, May 12, 2026). No public agenda attached to the convocation document.

Source

Biocides: extended data protection periods in “Omnibus X”

On May 11, 2026, the Council definitively adopted the new biocides regulation, which extends certain data protection periods. The measure is part of the “Omnibus X” package of the EU simplification agenda. Here, “data protection” is not the GDPR kind: it concerns the protection of technical and safety data submitted by companies during the authorization phase, a period during which other operators cannot rely on them to obtain competing authorizations. An institution close, by logic, to pharmaceutical data exclusivity. The extension shifts the balance between the first applicant and the follower, affecting competition and market access.

Source

AI in education: Council conclusions on the role of teachers

On May 11, 2026, the Council approved conclusions on the role of teachers in the AI era, calling for an ethical, safe, and human-centered approach to AI in education. A soft-law act, non-binding, but relevant as a political guideline to the Member States and as an interpretative framework. It should be read in combination with the AI Act, which classifies as high-risk AI systems used to determine access, admission, or assessment of students (Annex III). The political message is that AI in the classroom remains a tool at the service of teachers, not a substitute for the human evaluative function.

Source

---

COURT OF JUSTICE OF THE EU

Meta Platforms Ireland: Member States may recognize publishers’ right to fair remuneration for online use of publications

By judgment of May 12, 2026, in case C-797/23, the Court of Justice ruled that Member States may provide for the right of newspaper publishers to fair remuneration when they authorize online service providers to use their publications. The ruling fits within the approximation of national laws on neighboring rights in digital publishing. It confirms the compatibility of national rules establishing remuneration mechanisms in favor of publishers vis-à-vis platforms with EU law.

The decision consolidates publishers’ contractual position vis-à-vis digital intermediaries and legitimizes the choices of national legislators who have already introduced, or intend to introduce, mandatory remuneration regimes. It remains to be seen how this will translate in practice into negotiations between publishers and platforms, especially in jurisdictions where the balance of power has so far produced opaque or asymmetric agreements.

Source

---

DIGITAL MARKETS & PLATFORM REGULATION

Ofcom: first UK sanction against a suicide forum under the Online Safety Act

Ofcom has fined the operator of an online suicide forum £950,000 for non-compliance with the obligations on illegal content outlined in the Online Safety Act. This is the first sanction adopted by the UK regulator under the legislation and the first against this type of site; the investigation had been opened 13 months earlier and was the first launched after the law entered into force.

Suzanne Cater, Director of Enforcement, declared that the Authority is using “all powers available to us to protect the public.” The Molly Rose Foundation, which had contributed documentary evidence, called the proceeding excessively long: according to CEO Andy Burrows, in the meantime, “further lives were lost.” Seven months ago, the same foundation, together with Families and Survivors to Prevent Online Suicide Harms, had warned that blocking access to the site would amount to “regulatory whack-a-mole” without more incisive legislative intervention.

The case also exposes the structural limits of the Online Safety Act. Search engines are required to “minimize the risk” of exposure to illegal content, not to prevent it: the forum’s address turned out to be indexed on Google and reachable via VPN. Several foreign platforms have refused to pay sanctions; Meta has announced an appeal against Ofcom on fees and fines. The AI front remains open: the Act does not organically cover chatbot behavior, particularly in interactions with minors, and the safeguarding minister Jess Phillips resigned, denouncing inaction on child sexual abuse material. The distance between what is a crime offline and what is tolerated online remains the real knot: assisting suicide is criminally relevant in England and Wales. Still, the enforcement reach against non-EU platforms remains weak.

Source

Guardian

DMA and browser choice: Mozilla claims 6 million additional users

Mozilla claims that the browser choice screens imposed by the Digital Markets Act, which have been in effect since March 2024, have brought 6 million European users to Firefox on mobile. Growth is 113% on iOS, compared with a more modest 12% on Android, a difference attributable to the different implementations: Apple shows the screen at the first launch of Safari to existing users, while Google reserves it for new devices after the DMA entered into force. Mozilla also argues that user retention from users acquired via the choice screen is 5 times higher than in the pre-DMA period.

Similar results have been reported by Aloha, Brave, Opera, and Vivaldi in the days following enforcement, as well as in a recent European Commission review of the effectiveness of the DMA. DuckDuckGo, in the UK government consultation on competition in search engines, indicated a roughly 40% increase in selections of its own browser on Android, thanks to the choice screen, and called for the screen to be re-presented annually and for Google to remove the “Switch back to Google” prompt in Chrome. Mozilla also asked the UK to adopt a model equivalent to the DMA.

Source

Von der Leyen open to raising the minimum age for social media

At a conference in Copenhagen on the protection of minors in the AI era, Ursula von der Leyen stated that the Commission is considering a “social media delay” and that a legislative proposal could arrive as early as summer, pending the conclusions of the expert panel appointed. The reference is to the Australian model, which set 16 as the minimum age to access social media, and to national initiatives — France first — pushing for thresholds at 15 or for a harmonized EU solution.

Von der Leyen specified that any threshold will not relieve platforms of the safety-by-design obligations under the DSA, and tied the effectiveness of the measure to the availability of a “reliable age verification,” citing the recent European age verification app — the same app criticized for security issues, which, according to the President, “ticks all the boxes.”

Source

Apple and Google against DMA measures on AI openness

Apple aligns with Google in contesting the draft measures the European Commission would impose on Mountain View to allow competing AI services access to Android services — email, food ordering, photo sharing — for DMA compliance. Both argue that the opening entails risks for the privacy, protection, and security of European users.

Cupertino, like other companies, has submitted observations to the consultation opened last month by the Commission. In the official note, Apple speaks of “urgent and serious concerns” and of risks “particularly serious in the context of rapidly evolving AI systems, whose capabilities, behaviors, and threat vectors remain unpredictable.” The most direct attack is on the regulator’s technical legitimacy. According to Apple, the Commission “is redesigning an operating system” by replacing the judgment of Google engineers with its own, “based on less than three months of work,” and the only guiding criterion appears to be “open and unlimited access.”

The position aligns with what Apple had already stated in September 2025, when it declared that the DMA forces it to “worrying modifications” in product design for the European market. The legally interesting point is the attempt by the gatekeepers to bring the debate back to the terrain of balancing between interoperability obligations under the DMA and security and data protection obligations under the GDPR and the Cyber Resilience Act — a balance that the Commission, for now, does not seem willing to recognize as a trade-off.

Source

---

INTERNATIONAL DEVELOPMENTS

Community Bank customer data ended up in an unauthorized AI chatbot

Community Bank, operating in Pennsylvania, Ohio, and West Virginia, reported to the SEC in an 8-K filing on May 7 an exposure of customer personal data — names, dates of birth, and Social Security numbers — attributable to the use of “an unauthorized artificial intelligence-based software application.” The wording of the document suggests that an employee uploaded customer data to an online AI chatbot, making it potentially accessible to the service provider. The bank did not indicate the number of customers involved or the name of the application. It stated that it chose disclosure “due to the volume and sensitive nature of the non-public information at issue.” The case confirms a recurring pattern: the risk surface is not governed by corporate AI systems but by shadow AI used by employees in consumer services. From a European perspective, the same scenario would constitute an unauthorized extra-EU transfer and processing without a legal basis and without assessment under Article 35 GDPR, in addition to deployer liability under the AI Act when the model falls within high-risk or GPAI categories.

Source

Texas sues Netflix for surveillance and “addictive” features

Texas Attorney General Ken Paxton sued Netflix on Monday, May 11, for tracking and monetizing data produced by minors and other users without adequate disclosure. The action relies on Texas rules on deceptive business practices and contests Netflix’s self-presentation as a “safe respite” compared to surveillance- and advertising-based big tech platforms, while allegedly engaging in similar data harvesting practices. The lawsuit fits into Paxton’s aggressive line on data and minors — after the disputes against Google and Meta — and shifts the focus of US enforcement from classic advertising consent to the misalignment between brand promise and actual processing, terrain that in the EU falls under transparency (Articles 12-14 GDPR) and, for the “addictive” aspects, under the DSA obligations for VLOPs concerning the protection of minors and the design of recommender systems.

Source

---

ARTIFICIAL INTELLIGENCE

The EU concludes the Council of Europe Framework Convention on AI

By Decision (EU) 2026/1080 of April 21, 2026, published in OJEU L on May 13, 2026, the Council approved the conclusion, on behalf of the Union, of the Council of Europe Framework Convention on artificial intelligence and human rights, democracy and the rule of law. The legal basis is Article 114 TFEU in conjunction with Article 218(6)(a)(v), and the decision was adopted following approval by the European Parliament. The Convention, signed on September 5, 2024, pursuant to Decision (EU) 2024/2218, is the first binding international treaty on AI. For entities already compliant with the AI Act, the main relevance lies in aligning the principles (dignity, non-discrimination, accountability, effective remedies) with a conventional framework that extends beyond the internal market.

Source

UCD study: AI summaries of European Parliament debates show political bias

Research by University College Dublin, coordinated by James Cross of the Connected Politics Lab, analyzed how different LLMs summarize European Parliament plenary debates and found “consistent positional and partisan biases” in their representation of speeches. The study compares real transcripts with model outputs and measures the distribution of political content across groups (EPP, S&D, Renew, Greens, ECR). Cross describes the phenomenon as “systematic distortion, with certain political positions being compressed, omitted or amplified relative to what MEPs actually said.” It is not ideology embedded in the models, but compression effects that penalize some speakers and amplify others. The finding has concrete implications for anyone using LLMs in public affairs, legislative monitoring, and institutional journalism workflows: summarization is already an editorial decision, and entrusting it to a system with measurable biases changes the representation of the democratic process. A theme that directly intersects with the transparency requirements of Article 50 of the AI Act for generated content and the use of AI systems in informational contexts.

Source

Pope Leo XIV establishes a Vatican commission on AI

The Vatican announced on Saturday the creation of a commission on artificial intelligence, intended to coordinate the Catholic Church’s position on the topic. The initiative precedes the Pope’s first encyclical by a few days, which has already been signed and is expected in the coming weeks, and which should frame AI within the social doctrine of the Church, alongside labor, justice, and peace. The official motivation recalls the growing use of AI, its potential effects on human beings, and the concern for the dignity of the person. Leo XIV had already intervened on the subject shortly after his election in May 2025, and in June 2025 had recalled the risks of “misuse for selfish gain” and the impact on the intellectual and neurological development of children and young people. On the regulatory plane, it produces no effects. Still, it nourishes the ethical-anthropological strand that has long dialogued with UNESCO’s work and with the debate on the principles of the AI Act.

Source

---

CYBERSECURITY

NIS2, personal liability of directors: the board can no longer stand by

Paolo Galdieri returns to the implementation of NIS2 in Italy through Legislative Decree 138/2024, and in particular to Article 23, which redesigns the role of the Board of Directors in cyber risk management. Directors can no longer limit themselves to passive oversight: they must formally approve cyber risk management measures and supervise their implementation. Non-delegable obligations.

The operational novelty lies in ACN’s sanctioning power, which can temporarily suspend a director from exercising functions if deficiencies are not remedied within the terms of the warnings. An accessory interdictive sanction that affects the natural person, not just the entity. The combined provisions of Articles 2381 and 2392 of the Italian Civil Code then close the classic escape route: no director can invoke the informational opacity of the Chair or CEO as an excuse, because they have the power-duty to request clarifications from delegated bodies without waiting for the agenda to be set.

Practical consequence: board minutes become the central evidentiary object. They must document both cybersecurity spending and the rationality of the mitigation choices adopted.

Source

Instructure under US Congress investigation after the two Canvas breaches

The House Homeland Security Committee summoned Instructure for a closed-door briefing on the two attacks that hit Canvas, the learning management platform used by approximately 30 million active users. Chair Andrew Garbarino wrote to CEO Steve Daly requesting clarifications on the dynamics of the intrusions, the data exfiltrated, the methods of notification to affected institutions, and the adequacy of coordination with CISA.

The figures claimed by the ShinyHunters group: 3.65 terabytes of data, 275 million records among students, teachers, and other subjects, and around 9,000 institutions involved. The first intrusion occurred on April 29, with services restored by May 3; on May 7, the attackers re-entered, exploiting the same vulnerability in Free-For-Teacher accounts, and defaced the login portals of universities and school districts in 11 states. Instructure stated that it had “reached an agreement” with the attackers, who allegedly provided proof of data deletion. Payment not confirmed.

The legally relevant point is twofold: the same vulnerability exploited twice raises questions about the adequacy of incident response, and ransom payments remain a practice that security experts consider funding for future attacks, even when data often remains in the attackers’ hands despite deletion declarations.

Source

·

SecurityWeek source

Google: first in-the-wild zero-day developed with AI, 2FA bypass

The Google Threat Intelligence Group attributed the exploitation of a zero-day to an unidentified actor to bypass two-factor authentication on a well-known open-source web-based system administration tool. GTIG assesses with high confidence that an LLM generated the exploit code: the Python script presents excessive educational docstrings, a hallucinated CVSS score, textbook formatting, and a “clean” ANSI color class typical of language model training data. No connection with Gemini.

The vulnerability is a high-level semantic logic flaw stemming from a hard-coded trust assumption, a class of bugs in which LLMs are proving effective. The exploit requires valid credentials. The vendor has been notified and has released the patch; Google does not publish its name.

The relevant point is not technical but systemic: it is the first time Google documents in the wild a discovery-weaponization-exploitation chain assisted by AI in a mass exploitation operation. The compression of time between disclosure and abuse, already observed for years, accelerates further.

Source

ICO fines South Staffordshire Water £963,900

The Information Commissioner’s Office fined South Staffordshire Plc and South Staffordshire Water Plc £963,900 (approximately $1.3 million) in relation to the 2022 attack that exposed the data of 663,887 customers and employees, claimed at the time by Cl0p. The ICO investigation established that the initial compromise dates back to September 2020: the malware, installed via phishing, remained undetected for 20 months before escalating to the domain administrator between May and July 2022.

The exfiltrated data included names, addresses, emails, phone numbers, dates of birth, customer account credentials, bank details, and HR data of employees, including National Insurance numbers. The shortcomings contested: insufficient controls against privilege escalation, limited monitoring to 5% of the IT environment, outdated software (Windows Server 2003), poor vulnerability management and missing patches, and a lack of regular internal and external scans. The initial amount was higher: the 40% reduction reflects acknowledgment of liability, cooperation, and waiver of appeal.

The case is instructive on the evidentiary side: 20 months of undetected persistence and 5% monitoring coverage are the kind of data that, in adjudication, turn an incident into a systemic violation of the security principle.

Source

---

TECH & INNOVATION

Deepfake porn: the body as training data, not just the face

MIT Technology Review tells the case of “Jennifer,” a former adult performer who, while running a facial recognition search on her own professional headshot, discovered an old 2013 video in which her body had been paired with another person’s face. The system had identified her by her cheekbones, eyebrows, and chin, still recognizable in the deepfake.

The interesting legal point is the shift in the axis of harm. The NCII debate has so far focused on the superimposed face: celebrity victims, women, and minors. The position of those who provide the body remains uncovered. With the evolution of generative AI and the proliferation of nudify apps, performers’ bodies are no longer reused in identifiable form: they feed training sets that yield synthetic bodies that replicate their movements and performances, including actions the real person would not perform. The result is a double compression: erosion of the labor market for performers and loss of control over one’s bodily image, with a regulatory framework (copyright, image rights, NCII) built on recognizable faces and poorly equipped for the body as a biometric-behavioral data point.

Source

---

SCIENTIFIC RESEARCH

Selection of the most relevant papers of the week from arXiv on AI, Machine Learning, and Privacy

Differential Privacy in LLMs

How Does Differential Privacy Affect Social Bias in LLMs? A Systematic Evaluation

The authors investigate a poorly explored area: how social bias changes when DP is applied to LLM training. The framing is interesting because DP is often adopted as the sole lever for mitigating privacy risks, while ignoring its side effects on fairness. The paper systematizes the relationship between the two axes, useful ground for those framing DPIAs on generative models where privacy and non-discrimination must be balanced.

arXiv

Less Random, More Private: What is the Optimal Subsampling Scheme for DP-SGD?

Criticizes Poisson subsampling, the default in DP-SGD, showing how its unstructured randomness generates high participation variance (each record appears in widely varying numbers of iterations). The paper explores more regular alternative schemes while preserving privacy amplification. Technical work but with direct impact on tuning the utility/ε trade-off in real-world training.

arXiv

LLM agent security

Can a Single Message Paralyze the AI Infrastructure? The Rise of AbO-DDoS Attacks through Targeted Mobius Injection

The authors describe a class of “agent-by-orchestration” DDoS attacks in which a single message targeted at the LLM agent, positioned as a hub in the user-agent-service chain, propagates disruption downstream. The attack surface is not the model itself but the intermediary role. Relevant for assessing systemic risk of agents integrated in critical infrastructure.

arXiv

PAAC: Privacy-Aware Agentic Device-Cloud Collaboration

Reframes the device-cloud split not as computational partitioning but as a trust boundary. Existing sanitizers, they observe, force a choice between policy flexibility and the structural fidelity required by tool calls. PAAC tries to hold both together. Useful reading for hybrid architectures where personal data stays on-device and only authorized abstractions reach the cloud.

arXiv

When Emotion Becomes Trigger: Emotion-style dynamic Backdoor Attack Parasitizing Large Language Models

Backdoor attack that uses emotional style as a dynamic semantic trigger, rather than fixed tokens. Result: greater stealthiness and resistance to clean fine-tuning, which typically weakens static trigger-target associations. Confirms that defenses based on lexical patterns are insufficient for models derived from third-party supply chains.

arXiv

Vertical models

VectraYX-Nano: A 42M-Parameter Spanish Cybersecurity Language Model with Curriculum Learning and Native Tool Use

Decoder-only LLM of 41.95M parameters trained from scratch in Spanish for the cybersecurity domain, with a Latin American focus and native tool invocation via the Model Context Protocol. Example of a small and linguistically situated vertical model, a concrete alternative to general-purpose ones for localized SOC use cases.

arXiv

---

AI ACT IN A NUTSHELL - Part 21

Article 25 - Responsibilities along the value chain

After examining the obligations of distributors under Article 24 in the previous installment, we continue our journey by addressing a crucial provision for understanding how responsibilities are distributed in the AI ecosystem: Article 25, dedicated to the value chain of high-risk artificial intelligence systems.

When you become a “provider” without knowing it

The heart of Article 25 is a provision that may surprise many operators: anyone along the value chain who substantially modifies a high-risk AI system or alters its intended purpose can, to all intents and purposes, become a provider under the Regulation, inheriting all its related obligations.

More precisely, paragraph 1 establishes that distributors, importers, deployers or any other third party are considered providers of a high-risk system — and therefore subject to the obligations of Article 16 — upon the occurrence of one of these three conditions: they affix their name or trademark on a system already placed on the market; they make a substantial modification to a high-risk system already on the market while maintaining that qualification; or they modify the intended purpose of a system (even one not originally classified as high-risk) in such a way as to bring it into the high-risk category under Article 6.

In these cases, the original provider is no longer considered such for that specific system, but must cooperate closely with the new provider, making available the necessary information and the technical access reasonably expected to enable compliance with regulatory obligations.

The case of general-purpose AI systems

Particularly relevant is paragraph 4, which governs the relationships between providers of high-risk AI systems and providers of models or systems (including tools, services, components) integrated into the former. These subjects must specify, by means of a written agreement, the information, capabilities, technical access, and assistance necessary to enable the provider of the high-risk system to comply with the obligations under the AI Act fully.

The AI Office is tasked with developing and recommending voluntary model contractual clauses, thus providing a concrete tool to manage these complex relationships. The provision expressly excludes providers from releasing free and open-source tools, services, or components, except for general-purpose AI models.

Practical implications

The operational implications are significant. Consider a company that purchases a general AI system to manage applications, but customizes it by training it on its own personnel selection criteria: such modification could qualify as “substantial” and trigger upon the organization all the obligations provided for high-risk providers – from conformity assessment to technical documentation, from risk management system to CE marking.

Likewise, an integrator that assembles different AI components into a solution intended, for example, to assess consumer creditworthiness (high-risk use under Annex III) will have to negotiate with each upstream provider the access and information necessary to ensure overall compliance.

For DPOs, lawyers, and compliance officers, the lesson is clear: contractual due diligence becomes a cornerstone of AI Act compliance. Clauses on information flows, technical cooperation, change management, and liability in case of system requalification must be drafted with utmost care, also in light of the sanctions provided by Article 99 (up to 15 million euros or 3% of annual worldwide turnover for violations of provider obligations).

Preview of the next installment

In Part 22, we will analyze Article 26 – Obligations of deployers of high-risk systems, exploring the responsibilities of those who use these systems in their activities: from human oversight to data input management, from information obligations toward workers to cooperation with competent authorities.

---

After addressing, in the previous installment, the choice of AI infrastructure with respect to professional secrecy, it is time to examine the regulatory framework governing the daily use of these tools in the law firm. The AI Act (Regulation EU 2024/1689) is not an abstract text aimed at developers: it directly touches the professional who integrates artificial intelligence systems into their activity.

The first point to address is the role qualification. The lawyer, the DPO, or the compliance officer who uses a generative model for professional activities is generally a deployer within the meaning of Article 3 of the AI Act. This qualification entails specific obligations: using the system in accordance with the provider’s instructions; ensuring human oversight (Article 14); ensuring that input data is relevant and sufficiently representative; and retaining the logs generated when the system allows it.

Particular attention is due to Article 4, in force since February 2, 2025, which imposes an adequate level of AI literacy on personnel who operate these tools. It is not enough to know how to formulate a prompt; it is necessary to understand the system’s limits, risks, and operating modes. For a law firm, this means documented training, internal policies, and identification of a contact person. It is not a formal requirement; it is a prerequisite for human supervision, which remains an ethical obligation before becoming a regulatory one, because language models produce plausible but not necessarily correct outputs.

On the operational side, it should be noted that some systems may fall within the high-risk category under Annex III. Think of tools for predictive assessment of recidivism risk or for automated evidence analysis: their use imposes fundamental rights impact assessments (Article 27) when the deployer is a public body or exercises services of public interest. In ordinary legal practice, the critical point is often Article 50: the obligations of transparency toward the client and, in the proceeding, toward the judge and the counterparty when content is generated or assisted by AI.

To this is added the national framework, with Law 132/2025 reaffirming the centrality of the human decision and traceability, and it intersects with the GDPR on legal basis, minimization, and professional secrecy. It is here that the choice between local and cloud infrastructure becomes decisive again: an on-premise model reduces the flows of personal data and the risks of extra-EU transfer, simplifying overall compliance.

A practical tip: prepare a compliance matrix that maps, for each AI tool in use, the provider’s qualification, risk level, legal basis for processing, transparency obligations, methods of human oversight, and logs retained. It is the document that demonstrates the firm’s accountability.

In the next installment, we will close the journey with a synthesis and prospects of Legal Prompting, recomposing the pieces addressed so far.

🔗

Legal Prompting: the new frontier of AI in the legal field

---

PODCAST

When a lawyer uses an AI system to process information covered by secrecy, the choice of infrastructure is an ethical choice, not just a technical one. No well-written prompt compensates for inadequate infrastructure.

In this episode:

---

Events of the week and upcoming appointments

Events of the week May 11-17, 2026

CNIL plenary session (May 12, 2026 — Paris)

CNIL |

Agenda

Upcoming appointments

HiPEAC Vision 2026 | CONNECT University (May 19, 2026)

European Commission |

Info

High-Level Debate: “From Omnibus to Opportunity: Driving Data Protection and Innovation” (June 8, 2026)

EDPS |

Info

Info session - Call for proposals “Digital solutions for regulatory compliance through data” (June 8, 2026)

European Commission |

Info

Privacy Research Day 2026 — fifth edition (June 24, 2026 — Paris)

CNIL |

Info

G7 2026 — Round Table of Privacy Authorities (June 23-26, 2026 — Paris)

CNIL |

Info

---

Conclusion

The protection of minors has become the lever with which Brussels is rewriting the architecture of the web, and I’m not sure we are noticing it enough. Between the push on age verification, Ofcom’s first sanction against a suicide forum under the Online Safety Act, and the Commission’s pressure to avoid fragmented national bans on social media, a paradigm is consolidating in which the protection of the minor legitimizes structural interventions on user identification that, in other contexts, would have encountered much stronger privacy-based resistance.

The uncomfortable point is this: age verification is not neutral. Every age verification system, however designed with minimization logic, introduces a layer of identification that changes the very nature of anonymous browsing. The European age verification app is being relaunched politically despite technical criticisms that have emerged, because a unified response is needed before Paris and other capitals build their own regimes. I understand the harmonizing logic. I am less convinced by the idea that an infrastructure of mass identification can be imported into European law without an equally serious debate on what happens when that same infrastructure becomes available for other purposes.

On the other hand, the Firefox case shows that the DMA works when it affects concrete architectural choices: six million new users and quintupled retention are numbers that make it difficult to sustain Apple and Google’s narrative that choice screens are cosmetic gestures. And it is precisely for this reason that their battle on AI interoperability, conducted under the banner of privacy by design, must be read for what it is: an attempt to turn data protection into a competitive shield. It is not the first time the gatekeepers have tried this move, and it will not be the last.

In the background, the proposed AI Act simplification sent to the Parliament tells another piece of the same story: Europe is realizing that producing rules is not enough — they must be implementable. The AI commission announced by Pope Leo fits into the ethical legitimacy void that technical institutions struggle to fill on their own.

On the Garante’s reprimand for the Garlasco case, just one thing: well done for overseeing the media, but repeated reprimands without significant consequences risk turning into a ritual. My prediction for the coming months is that the real battleground will be age verification: there, it is decided whether identification becomes the implicit rule of the European web.

---

📧 Edited by Nicola Fabiano

Lawyer - Fabiano Law Firm

🌐 Studio Legale Fabiano:

https://www.fabiano.law

🌐 Blog:

https://www.nicfab.eu

🌐 DAPPREMO:

www.dappremo.eu

---

Supporter

https://lawandtechnology.eu/

https://caffe20.it/

https://privacykit.it/

---

To receive the newsletter directly in your inbox,

subscribe at nicfab.eu

Follow our news on these channels:

Telegram

Telegram →

@nicfabnews

Matrix

Matrix →

#nicfabnews:matrix.org

Mastodon

Mastodon →

@nicfab@fosstodon.org

Bluesky

Bluesky →

@nicfab.eu

---

.newsletter-subscription-box {

max-width: 600px;

margin: 2.5rem auto;

padding: 2.5rem;

background: linear-gradient(135deg, #f8f9fa 0%, #e9ecef 100%);

border-radius: 12px;

border: 2px solid #7f1d1d;

box-shadow: 0 4px 6px rgba(0,0,0,0.1);

}

.newsletter-form-group {

margin-bottom: 1.5rem;

}

.newsletter-form-label {

display: block;

font-size: 1.1rem;

font-weight: 700;

margin-bottom: 0.75rem;

color: #1a1a1a;

}

.newsletter-form-input {

width: 100%;

padding: 1rem;

border: 2px solid #ddd;

border-radius: 8px;

font-size: 1rem;

transition: all 0.3s ease;

box-sizing: border-box;

}

.newsletter-form-input:focus {

outline: none;

border-color: #7f1d1d;

box-shadow: 0 0 0 4px rgba(127, 29, 29, 0.1);

}

.newsletter-captcha-group {

margin-bottom: 1.5rem;

display: flex;

justify-content: center;

}

.newsletter-submit-btn {

width: 100%;

padding: 1.25rem;

background: #7f1d1d;

color: white;

border: none;

border-radius: 8px;

font-size: 1.1rem;

font-weight: 700;

cursor: pointer;

transition: all 0.3s ease;

text-transform: uppercase;

letter-spacing: 0.5px;

}

.newsletter-submit-btn:hover {

background: #991b1b;

transform: translateY(-2px);

box-shadow: 0 4px 12px rgba(127, 29, 29, 0.3);

}

.newsletter-submit-btn:disabled {

background: #9ca3af;

cursor: not-allowed;

transform: none;

box-shadow: none;

}

.newsletter-privacy-notice {

margin-top: 1.5rem;

text-align: center;

font-size: 0.9rem;

color: #666;

line-height: 1.6;

}

.newsletter-privacy-notice a {

color: #7f1d1d;

text-decoration: underline;

font-weight: 600;

}

Email Address *

Name

Subscribe to Newsletter

We respect your privacy. Double opt-in required. Unsubscribe anytime.

Privacy Policy

---

Back to newsletter list

English section

Home

Proxied content from gemini://nicfab.eu/en/newsletteren/2026/2026-05-19-issue-21_en.gmi

Gemini request details:

Original URL
gemini://nicfab.eu/en/newsletteren/2026/2026-05-19-issue-21_en.gmi
Status code
Success
Meta
text/gemini;lang=en-US
Proxied by
kineto

Be advised that no attempt was made to verify the remote SSL certificate.