News and Insights

Practical updates on AI governance, workforce strategy, and digital resilience for EU organisations
US court ruling shakes EU-US data deal AI Literacy: Lighter Rule, Higher Stakes Digital Omnibus: the AI Act Delay That Makes 2026 Busier, Not Quieter DMA: AWS and Azure face gatekeeper test The Junior Talent Pipeline: What AI Saves Now and Costs Later AI Act: retailers fight deepfake rule Face-scan buses: KC yes, EU mostly no AI Act: later duties, nudifier ban now AI Act: only eight Member States ready

Stay ahead of AI change. Get practical updates from Future Prep direct to your inbox.

By subscribing you agree to receive Future Prep news. Unsubscribe any time.

Latest Insights

From the Future Prep blog

AI generated image - a stonemason setting the foundation stones of a building already rising above, illustrating AI literacy as the groundwork under the AI Act.

AI Literacy: Lighter Rule, Higher Stakes

Brussels softened the AI literacy duty in the Digital Omnibus, from ensuring a sufficient level to supporting its development. But it was not delayed, it has applied since February 2025, enforcement begins this August, and the EU's skills agenda is turning literacy from a compliance checkbox into a competitiveness lever.
AI generated image - stepping-stone path to a distant gate, illustrating the Digital Omnibus AI Act deadlines that fall in 2026 before the 2027 high-risk dates.

Digital Omnibus: the AI Act Delay That Makes 2026 Busier, Not Quieter

The Council adopted the Digital Omnibus on 29 June, pushing high-risk AI Act obligations to 2027 and 2028. But the transparency and literacy duties that bite in 2026 did not move, and two new bans arrive sooner than the relief.
Abandoned apprentice bench and empty master bench with a broken path, showing a thinning junior talent pipeline.

The Junior Talent Pipeline: What AI Saves Now and Costs Later

A Swiss study shows entry-level office postings down a third since the pre-AI years. AI Is Not a Technology Project warns why that matters: automating junior tasks removes the apprenticeship that turns juniors into seniors, so the junior talent pipeline thins on a delay most business cases never model.
AI cyber risk shown as a high-tech security door undone by one unfastened basic bolt.

AI Cyber Risk: Why the Newest Threat Demands the Oldest Discipline

A joint Five Eyes statement reframes AI cyber risk as an immediate leadership responsibility on a months-not-years horizon. The defence is unglamorous basic hygiene plus AI-aware threat modelling. We translate it into the EU frame of NIS2, DORA and the AI Act, and the questions a board should ask now.
A vast machine line governed by a single small control desk, illustrating the governance debt of scaling AI.

Scaling AI Is The Easy Part

British AI use just hit a tipping point, and the same week a survey found one in five organisations had already had an AI incident. Adoption tipped; control did not. This is the governance debt that builds when AI moves from pilot to production, and how to stay ahead of
Two near-identical bound volumes set slightly out of alignment, illustrating Canada's privacy reform diverging from the GDPR.

Canada’s Privacy Reform: Familiar on the Surface, Divergent Underneath

Canada has tabled Bill C-36, a GDPR-style privacy overhaul. For organisations already under European rules it reads as convergence but works as divergence: a second regulator, second thresholds and a second set of rights to map across adequacy, automated decisions and transfers.

Latest News

Short updates

US court ruling shakes EU-US data deal

A US Supreme Court ruling on 29 June, about the president’s power to sack officials, has knocked away a pillar the EU-US data deal rests on: the independence of the FTC, the body meant to police it. The adequacy decision formally still holds and certified firms can keep relying on it, but Max Schrems is preparing a fresh challenge at the EU’s top court. The question for EU organisations is how much of their data architecture sits on a US framework whose legal foundation is now openly contested.

DMA: AWS and Azure face gatekeeper test

EU regulators have taken a preliminary view that AWS and Microsoft Azure should be designated gatekeepers under the Digital Markets Act, the first time the DMA reaches cloud infrastructure. If confirmed, the two face curbs on self-preferencing, new portability and interoperability duties and fines up to 10% of turnover. For EU-regulated firms this is leverage against cloud lock-in, deepened by AI on top. Worth watching: whether designation turns into real portability, or years of appeals.

AI Act: retailers fight deepfake rule

EuroCommerce, the body behind Amazon, H&M, Inditex and Ikea, wants the Commission to spare non-misleading AI-generated adverts from the AI Act’s deepfake labelling duty that starts on 2 August. Its argument: an AI-rendered room around a real sofa is not a deep fake. For any EU-facing brand using generative AI in marketing, the safer read is that labelling applies by default and a carve-out is a lobbying ask, not law. Worth watching: how the Commission defines a deep fake in advertising.

Face-scan buses: KC yes, EU mostly no

Kansas City plans to scale facial recognition on its public buses, from a nine-bus pilot to as many as thirty, scanning riders against watch lists in real time. The project was paused over privacy and funding, then chosen for expansion. In the EU, real-time biometric identification in public spaces is largely off-limits under the AI Act. So the same deployment reads as routine in one market and high-risk or prohibited in another. The question worth watching: which way does the line move next?

AI Act: later duties, nudifier ban now

On 16 June Parliament gave the AI Act omnibus its final green light, 423 votes to 57. The headline reads as relief: high-risk duties under Annex III slip to December 2027, embedded systems to August 2028. The same vote draws a fresh hard line, an EU-wide ban on AI that generates child sexual abuse material and non-consensual intimate imagery, due by December 2026. So the timeline loosens and tightens at once. For your organisation, the question is which of your own deadlines just moved.

AI Act: only eight Member States ready

Compliance teams are being asked to operationalise AI Act obligations against an enforcement infrastructure that is visibly incomplete. The Digital Omnibus adds a second layer of uncertainty: the rules themselves may still shift before August. The actionable question for practitioners is not whether to act but how to build governance structures that can flex if deadlines or obligations move.

Scroll to Top