@nicfab profile picture
Nicola Fabiano @nicfab

Lawyer | Adj. Professor | Former Pres. San Marino Data Protection Authority | AI Researcher | IEEE | INNS | FHCA | @dappremo | #GDPR #IoT #Blockchain #XMPP

Joined November 2008
  • Tweets 15,608
  • Following 2,838
  • Followers 2,250
368 Photos and videos
The EDPB has adopted a common template for GDPR data breach notifications. 7 sections. 126 fields. Business logic for conditional visibility and validation. nicfab.eu/en/posts/edpb-data… #GDPR #DataBreach #EDPB

The EDPB Common Template for Data Breach Notification: Towards Harmonising Article 33 GDPR

The EDPB adopts a common template for data breach notifications under Article 33 GDPR: analysis of the model's 7 sections and 126 fields, public consultation until 5 August 2026, and harmonisation...

nicfab.eu
62
The European Commission publishes the final Code of Practice on Transparency of AI-Generated Content — Article 50 AI Act, EU icons, adequacy assessment. Voluntary de iure, benchmark de facto. nicfab.eu/en/posts/code-of-p… #AIAct #AI

The Code Before the Guidelines: Article 50 AI Act Transparency Between Voluntary Adherence and a...

The European Commission publishes the final Code of Practice on marking and labelling of AI-generated content: structure, EU icons, adequacy assessment, and the deadlines leading to 2 August 2026.

nicfab.eu
2
55
Italy moves on #AIAct implementation: two draft decrees got preliminary approval — governance, policing, liability, AI literacy. My analysis: the parameters to watch, from Art. 74(8) to training as condition of effectiveness. nicfab.eu/en/posts/italy-ai-…

Implementing decrees of Law 132/2025: the Council of Ministers' preliminary examination between AI...

On 10 June 2026, the Italian Council of Ministers gave preliminary approval to two draft legislative decrees implementing Law no. 132/2025 on artificial intelligence. Analysis of the delegation...

nicfab.eu
14
New post: the European Commission's Draft Guidelines on high-risk AI classification — Annex III. Second part of the analysis, after Annex I. Consultation open until 23 June 2026. nicfab.eu/en/posts/annex-iii… #AIAct #AI

The Draft Guidelines on High-Risk AI Classification: Annex III and the Commission's Interpretation

Analysis of the Annex III section of the Draft Commission Guidelines of 19 May 2026 on the classification of high-risk AI systems: horizontal issues, the Article 6(3) filter, education, employment,...

nicfab.eu
19
NicFab Newsletter #24 is out. This week: European tech sovereignty (Commission Open Source Strategy, Parliament → Qwant), the Garante on AI in schools, the EU General Court on the DMA perimeter, AI Act Art. 28. Read → nicfab.eu/en/newsletter-issu…

Newsletter #24 - 9 June 2026

NicFab Newsletter #24 — 9 June 2026. Weekly review on privacy, data protection, AI regulation, cybersecurity and digital rights.

nicfab.eu
36
The EU’s 3 June 2026 package on technological sovereignty links cloud, AI, semiconductors, and open source to strategic autonomy. My analysis of COM(2026) 503, CADA, sovereignty levels, and GDPR implications: nicfab.eu/en/posts/eu-techno…

European technological sovereignty: the 3 June 2026 Communication and the EU Open Source Strategy

Analysis of Communication COM(2026) 503 on European technological sovereignty and the EU Open Source Strategy: soft law, the proposed Cloud and AI Development Act, sovereignty levels and their...

nicfab.eu
24
Yesterday, I anticipated a reflection on the U.S. Executive Order of June 2, 2026, on advanced AI. The article is now online. The real contrast is not “U.S. innovation vs EU regulation”, but strategic-security governance vs legal-compliance governance. nicfab.eu/en/posts/frontier-…

Frontier AI: The U.S. Model and the European AI Act Compared

U.S. Executive Order of June 2, 2026 on advanced AI: five axes, a classified threshold, no licensing. The structural contrast with the AI Act (Reg. (EU) 2024/1689).

nicfab.eu
16
NicFab Newsletter #22 → Garante fines Ambrosetti €85k for late breach notification → Verizon DBIR: vuln exploitation overtakes credential theft → AI Act art. 112(1) review report → Colorado CADMA replaces the 2024 AI Act nicfab.eu/en/newsletter-issu… #Privacy #AIAct #AI #GDPR

Newsletter #22 - 26 May 2026

NicFab Newsletter #22 — 26 May 2026. Weekly review on privacy, data protection, AI regulation, cybersecurity and digital rights.

nicfab.eu
39
The EU AI Act does not stand alone. It is the architrave of a regulatory ecosystem resting on seven pillars of EU law. Original diagram of this systemic reading, now live: → nicfab.eu/hub/ai/ai-resources.eu #AIAct #EUAIAct #AILaw @brandobenifei

Hub AI — Orientamento normativo e operativo

AI Act: trova il tuo ruolo, classifica il tuo sistema AI, vedi i tuoi obblighi, agisci in tempo.

nicfab.eu
52
The difficulty with the AI Act is not reading it but turning it into an operational map. Three new bilingual IT/EN resources on nicfab.eu: → AI Act Timeline → AI Act – Annex I → AI Act in Pills 👉 nicfab.eu/ #AIAct #AI #Compliance #GDPR

NicFab Blog — Privacy, GDPR & Artificial Intelligence

NicFab Blog - Privacy, Data Protection, GDPR, AI Act, Artificial Intelligence, Cybersecurity and Digital Rights. Legal and technical insights by Nicola Fabiano.

nicfab.eu
30
Annex I of the AI Act: the less-scrutinized frontier of high-risk classification. Not a minor variant of Annex III, where the AI Act grafts onto EU product safety, conformity assessment, and CE marking. Article 6(3) derogation does not apply here. nicfab.eu/en/posts/annex-i-h… #AIAct

Annex I of the AI Act: The Less Scrutinised Frontier of High-Risk Classification

The Draft Commission Guidelines of 19 May 2026 and the Omnibus agreement of 7 May 2026 bring renewed attention to an under-examined zone of the AI Act: AI systems embedded as safety components of...

nicfab.eu
32
NicFab Newsletter #21 is out. This week: CJEU C-797/23 on publishers' fair remuneration, AI Act simplification proposal, EU concludes the CoE Framework Convention on AI, Ofcom's first Online Safety Act sanction. → nicfab.eu/en/newsletter-issu…

Newsletter #21 - 19 May 2026

NicFab Newsletter #21 — 19 May 2026. Weekly review on privacy, data protection, AI regulation, cybersecurity and digital rights.

nicfab.eu
38
Digital Omnibus on AI: provisional deal today. Dates confirmed (Dec 2027 / Aug 2028 / Dec 2026), machinery to sectoral rules equivalence clause, new Art. 5 ban on nudifiers/CSAM. @brandobenifei nicfab.eu/en/posts/digital-o… #AIAct #DigitalOmnibus #AI

Digital Omnibus on AI: the Provisional Agreement of 7 May 2026

Legal analysis of the provisional agreement of 7 May 2026 on the Digital Omnibus on AI. Application dates, conformity assessment for Annex I, narrowing of the safety component concept, bias detecti...

nicfab.eu
52
NicFab Newsletter #19 is out. → 10 years of GDPR → AI Act trilogue stalls → EU Age Verification App vulnerabilities → First EU standard on trusted data transactions → CopyFail Linux kernel nicfab.eu/en/newsletter-issu… #Privacy #AIAct

Newsletter #19 - 5 May 2026

NicFab Newsletter #19 — 5 May 2026. Weekly review on privacy, data protection, AI regulation, cybersecurity and digital rights.

nicfab.eu
50
ai-resources.eu — open, bilingual (IT/EN) reference for the EU digital regulatory ecosystem. 9 acts in full, inter-act cross-references, technical standards, and today an 80-entry AI-centric glossary. ai-resources.eu/en/ #AIAct #GDPR #EUlaw #AI

AI Resources

Hub di riferimento bilingue su AI Act, AI governance e compliance. Curato da Nicola Fabiano.

ai-resources.eu
1
52
NicFab Newsletter #18 📬 → Poste/Postepay fined €12.5M → Tracking pixel guidelines → AI Digital Omnibus: possible AI Act postponement → EDPB/EDPS joint opinions → Breaches: ANTS, ADT, UK Biobank nicfab.eu/en/newsletter-issu… #Privacy #AIAct #AI

Newsletter #18 - 28 April 2026

NicFab Newsletter #18 — 28 April 2026. Weekly review on privacy, data protection, AI regulation, cybersecurity and digital rights.

nicfab.eu
78
For anyone following EU digital regulation, data protection, AI governance, cybersecurity & digital policy: a daily curated digest of institutional sources. Updated daily. Free. nicfab.eu/daily-digest/ #AIAct #GDPR #Cybersecurity #AI

Daily Digest | NicFab Blog

Daily curated news on Privacy, Data Protection, AI, Cybersecurity and Tech Law

nicfab.eu
29
Tracking Pixels in Email: the Italian DPA Guidelines and the consent puzzle. A commentary on Decision No. 284/2026 — privacy by design (Art. 25 GDPR) & consent granularity (EDPB Guidelines 05/2020). 🔗 nicfab.eu/en/posts/tracking-… #GDPR #ePrivacy #pixels

Tracking Pixels in Email: The Italian DPA Guidelines and the Consent Puzzle

Analysis of the Italian DPA Guidelines of April 17, 2026, on tracking pixels in email communications: regulatory framework under Article 122 of the Italian Privacy Code, obligations, exceptions, and...

nicfab.eu
65
AI Literacy: What Businesses Must Do Today Art. 4 AI Act in force since Feb 2025. Enforcement from Aug 2026. New post: 30-day plan, role-competence matrix, evidence package, 5 questions for your AI provider. nicfab.eu/en/posts/ai-litera… #AIAct #AILiteracy #AI

AI Literacy: What Businesses Must Do Today

AI literacy under the AI Act: what businesses must do today. 30-day plan, role-competence matrix and compliance checklist.

nicfab.eu
32
NicFab Newsletter #16 is out — EDPB 2025 Annual Report, eIDAS 2.0 digital wallet onboarding rules, Adobe Reader zero-day (CVE-2026-34621), AI Act Art. 20 on corrective actions. Read & subscribe free: nicfab.eu/en/newsletter-issu… #Privacy #AI #Cybersecurity #DataProtection #eIDAS

Newsletter #16 - 14 April 2026

NicFab Newsletter #16 — 14 April 2026. Weekly review on privacy, data protection, AI regulation, cybersecurity and digital rights.

nicfab.eu
1
106
Load more