Archive: July 2025

As organisations continue with their roll-out of AI, the global regulatory landscape is becoming increasingly complex. AI-specific laws like the EU AI Act already applicable and new AI-specific laws are proposed, adding to the range of existing laws and regulations applicable to AI.

On 2 July 2025, there was published in the Official Journal of the EU (OJ), Commission Delegated Regulation (EU) 2025/532 of 24 March 2025 supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to regulatory technical standards specifying the elements that a financial entity has to determine and assess when subcontracting ICT services supporting critical or important functions.

The biggest AI privacy problems no one is talking about: Installment 1: The Agent2Agent (“A2A”) Protocol
In the privacy world, everyone is focused on fairness, bias, and data scraping. These issues, however, are not even among the top 3 AI privacy issues. And it’s not even close.

On June 22, 2025, the Texas Governor signed the Texas Responsible Artificial Intelligence Governance Act (HB 149), which will go into effect on January 1, 2026. Although much of the new law will focus on government agencies, some provisions could have an impact on companies.

Key Takeaways:
• Clear Regulatory Guardrails: The GENIUS Act provides guardrails for payment stablecoins, including strict reserve, disclosure, and anti-money laundering standards.
• Federal and State Regimes: Both the federal government and states, with certain limitations, may regulate stablecoins.
• Securities Exemptions: Payment stablecoins issued by permitted issuers are explicitly excluded from being classified as securities or commodities under federal law.
• Consumer Protections: The Act provides strong consumer protections, including first-priority claims on reserves in insolvency and strict asset segregation requirements.

Key Takeaways:
• SEC formally ends Binance suit: is regulation by enforcement over?
• SEC charges Unicoin with $100 million fraud: a return to SEC fraud enforcement?
• Crypto.com Sues Nevada Gaming Control Board: are states the new battlegrounds for crypto issues?

Most incidents handled by our Norton Rose Fulbright cyber team originate from the customer’s service provider. In many cases it is the service provider’s systems, infrastructure and environment which proves to be the most vulnerable to cyber breaches and security issues.