digital economy regulation

Get an independent, global perspective on regulation affecting the development of the digital economy with Cullen International. Our intelligence is trusted by global tech companies, regulators and governments to provide them with expert insight on topics relevant to the development of new technologies such as Artificial Intelligence (AI) and Internet of Things (IoT).
Whatever your information needs, you can rely on us for a single, impartial view of national and international regulation in the digital age.

Get a personal demo

general topics covered

Get concise, easy-to-understand updates on the EU's digital policy, as well as the main policy and regulatory developments in the Americas.

A single source of alerts and reports on data protection and privacy rules in the EU and the Americas, and initiatives on international transfers of personal data.

Policy and regulatory initiatives shaping the data economy in Europe.

Track regulators’ responses to cyber risks with updates on the implementation of the EU cybersecurity rules as well as specific cybersecurity strategies in the Americas.

Coverage of regulatory developments impacting technologies such as cloud, AI and IoT.

Follow initiatives specifically targeting digital platforms.

Follow the latest developments in consumer protection around digital content, products and services.

Get an overview of regulation that seeks to foster the development of e-Commerce in Europe and the Americas.

geographical coverage

Americas (Data sheet)

Europe (Data sheet)

Global Trends (Data sheet)

Find out more about the countries, organisations and topics covered by our Digital Economy service in our region-specific datasheets.

latest intelligence

US plots bold new AI policy course with “US AI Action Plan”

19 August 25 Jose Jehuda Garcia

This Global Trends Flash discusses the new US AI Action Plan (AIAP). This plan outlines over 90 federal policy actions aimed at achieving global artificial intelligence (AI) “dominance” for the US. The AIAP amounts to a stark departure from the prior presidential administration’s risk-focused AI policy approach. In many jurisdictions around the world, AI risk management is also at the heart of AI policy.

EU AI Act: Commission issues mandatory template for summary of content used to train general-purpose AI models

30 July 25 Elisar Bashir

The template requires the listing of data sources used to train the model such as public and private datasets as well as measures taken to avoid or remove illegal content under EU law from the training data. It is obligatory for all providers of GPAI models, including those released under free and open-source licenses. Providers of GPAI models already available in Europe before 2 August 2025 will have two years to publish their summaries.

EU AI Act: Commission issues non-binding guidelines for providers of general-purpose AI models

30 July 25 Elisar Bashir

The guidelines give the European Commission’s interpretation of how the AI Act applies to providers of GPAI models. They establish a threshold for all GPAI models covered by the new EU rules and clarify the notification procedure for those models with systemic risks. They also address the effect of signing up to the recently published code of practice. The provisions on GPAI models enter into application on 2 August 2025.

EU AI Act: analysis of code of practice on general-purpose AI models

28 July 25 Elisar Bashir

Providers of general-purpose AI (GPAI) models such as ChatGPT can demonstrate conformity with the relevant obligations under the AI Act by voluntarily signing up to the code. The chapters on transparency and copyright are addressed to all providers, while the commitments on safety and security are relevant only to providers of GPAI models which present systemic risks.

Key takeaways from EU co-legislator’s compromise text on new GDPR procedural rules for cross-border cases

28 July 25 Javier Huerta Bravo

A 15-month deadline for the lead data protection authority to adopt its draft decision on the case is set out. This could speed up the resolution of cross-border cases, which currently may take nearly five years from receiving a complaint to issuing a final decision.

Canada consults on children’s privacy code

24 July 25 Carolina Limbatto

The Canadian data protection authority is consulting until 5 August 2025 on a children’s privacy code that would clarify the obligations of private parties under the data protection framework PIPEDA. The code would apply to the handling of the personal information of those under the age of 18.

Get access to the full reports and find out what our service could do for you with a free trial.

Get a personal demo

upcoming events

See all events

11 September 25 Brussels & Online Digital Networks Act: Between transformation and stability

18 > 20 November 25 Brussels, Belgium The new EU rules on data, cybersecurity and AI

get in touch

For more information about our Digital Economy service, please contact:

Javier Huerta Bravo phone: +34 627 765 427 javier.huerta.bravo@cullen-international.com