ISO 14001:2026 published – raising the bar for environmental performance
The new edition of ISO 14001 has been released, giving organizations a clearer, more effective way to turn environmental ambition into measurable results.
Category / Governance
Governance briefings
Governance briefings on enforcement, standards, court action, regulator opinions, institutional accountability, and policy shifts.
Smart city mobility: Transforming the future of urban transportation
What if cities could move smarter? What if technology could transform how we travel, making urban environments cleaner, more efficient and connected? Across the globe, smart city mobility initiatives are turning these possibilities into…
Why resilient infrastructure can no longer be optional
In my three decades of responding to catastrophic events around the world, I have often observed a curious human tendency to overlook the invisible foundations of our safety. We are meticulous about the visible – the aesthetic finish, co…
Building a net-zero metals future with harmonized standards
The path to a net-zero future depends on every industry doing its part, and few are more pivotal than the steel and aluminium sectors. But they have a cost, particularly when it comes to their carbon footprint. By Noelia García Nebra, He…
International Standards are a common language for a fragmented global economy
This year’s World Economic Forum Annual Meeting took place during a moment of global uncertainty. Conversations often returned to the same underlying tension: We are innovating faster than ever, yet our ability to collaborate and coordin…
CISA links Stryker breach to rising endpoint management system attacks, releases hardening guidance
CISA is aware of malicious cyber activity targeting endpoint management systems following the March 2026 cyberattack against Stryker Corporation. The agency has issued best-practice guidance for securing Microsoft Intune and similar platforms.
FTC negative-option ANPRM reopens the fight over subscription traps and cancellation friction
The FTC is seeking public comment on whether and how it should update its Negative Option Rule, reopening a policy battle over recurring billing, consent, and hard-to-cancel subscription models after years of complaints and contested rulemaking.
FTC refund rollout for Invitation Homes turns junk-fee enforcement into direct consumer redress
The FTC says it is sending more than $47.2 million to renters affected by Invitation Homes’ undisclosed fees and other unlawful charges, showing how housing-related consumer protection cases can end in large-scale financial remediation rather than just settlement headlines.
Digital Omnibus opinion shows EU privacy regulators will tolerate simplification but not weaker definitions
EU privacy regulators say the Digital Omnibus proposal can simplify compliance, but warn that narrowing the definition of personal data would weaken data protection.
EDPB backs global privacy statement on AI-generated imagery and harm to identifiable people
The EDPB has signed a joint Global Privacy Assembly statement warning that AI-generated imagery and video can create serious privacy, dignity, and safety harms when real people are depicted without consent.
EDPB says right to erasure is still being undermined by weak controller practices
A coordinated European enforcement action found recurring problems with how organisations handle GDPR erasure requests, including weak procedures, inconsistent deletion practices, and difficulties around backups and anonymisation.
EDPB work programme puts GDPR compliance templates at the centre of its next phase
The EDPB says its 2026–2027 work programme will focus on making GDPR compliance easier through ready-to-use templates, including materials for legitimate interest assessments, privacy notices, data breach notifications, and DPIAs.
ENISA taking over the EU Cybersecurity Reserve makes cyber solidarity more operational
The European Commission has entrusted ENISA with operating the EU Cybersecurity Reserve, creating a €36 million mechanism to provide incident response support during major cyber incidents.
ENISA NIS2 guidance pushes European cyber compliance toward a more operational model
ENISA has published technical implementation guidance for the NIS2 Implementing Regulation, giving digital infrastructure and managed service providers a more practical map for turning legal obligations into concrete security measures.
ENISA Threat Landscape 2025 says Europe faces converging pressure from hacktivists, ransomware, and state-aligned actors
ENISA’s 2025 threat landscape report says Europe is facing overlapping pressure from hacktivism, ransomware, phishing, vulnerability exploitation, and state-aligned cyber activity across critical sectors.
FTC COPPA age-verification policy signals a more permissive phase for child-safety controls
The FTC says it will not take COPPA enforcement action against certain operators using age-verification tools solely to determine age, provided they meet strict limits on use, retention, disclosure, notice, security, and accuracy.
EDPB blockchain guidance is really about design-stage privacy governance
The EDPB’s blockchain guidance focuses on privacy by design, DPIAs, data minimisation, and the risks of storing personal data in immutable systems.
EDPB links cross-border data-transfer rules with AI skills and governance capacity
An EDPB update on cross-border data requests and AI training signals a more operational European privacy-governance agenda for organisations handling sensitive data.
EDPB LLM privacy report signals a more operational phase of AI governance
A 2025 EDPB-backed report on LLM privacy risks focuses on concrete mitigations and real-world deployment scenarios rather than abstract AI principles.
Last 48 hours watchlist: three signals worth tracking
A security and privacy watchlist covering student cyber safety policy, AI workplace tooling risk, and emerging privacy-governance signals worth monitoring.
Privacy guardrails are becoming an AI competitiveness question
Weak privacy controls can make AI systems harder to deploy, govern, and defend over time, turning privacy into an operational AI risk question.
Student cyber safety is becoming a global policy issue
Student cyber safety is emerging as a global policy issue as schools face AI-enabled fraud, platform abuse, manipulation, and surveillance risk.