New phase for EU tech regulation
Dr John Cahir SC of ALG
16 Mar 2026 technology Print

EU tech regulation enters expansionary phase

The regulation of technology in Europe is entering a new phase. 

A growing body of EU legislation, combined with rapid advances in artificial intelligence, is reshaping how companies and lawyers approach compliance, a recent conference has heard.

A&L Goodbody’s (ALG) fourth annual 'Future of Tech Regulation' event (February 25) in Dublin focused on three themes: 

  • Reform of General Data Protection Regulation,
  • Growing use of artificial intelligence within legal teams, and
  • Wider expansion of EU technology regulation.

Alongside the General Data Protection Regulation, the EU has introduced major legislative frameworks including the Digital Services Act, with additional measures such as the EU Data Act and further cybersecurity legislation coming into force in the coming years.

Speakers at the event included representatives from the Data Protection Commission, its British counterpart the Information Commissioner’s Office and the European Data Protection Supervisor (EDPS) as well as senior legal leaders from Google Ireland, TikTok Ireland and Allied Irish Banks.

Speaking about the event, Dr John Cahir SC, partner and head of A&L Goodbody's technology group, outlined the discussion around the EU’s proposed “Digital Omnibus” package, which aims to simplify aspects of existing digital legislation. 

“GDPR has been around for eight years,” the lawyer said.

“As part of the EU’s competitiveness agenda they want to look again at some of the rules to see if they’re too complicated or adding too much burden for business."

One proposal would extend the reporting deadline from 72 to 96 hours and simplify how companies report data breaches under articles 33 and 34 of the GDPR

“At present, if there’s a data breach there are loads of different reporting obligations that companies are under,” Dr Cahir explained.

Single notification

“A streamlined reporting system where you can just do a single notification which then gets sent to the relevant regulators would be a very welcome reform.”

A more controversial area under discussion concerns the definition of personal data. 

“Personal data is obviously a very broad concept,” the lawyer said, “and as a result of a recent EU court ruling (EDPS v SRB) there's a suggestion that pseudonymised data may not necessarily have to be subject to the same types of protections.”

This would “narrow the definition of personal data” however, at the conference, Brendan Van Astleroy of the European Data Protection Supervisor expressed concerns about the proposal.

Create problems

“The EDPS are not in favour of it,” Dr Cahir explained.

“They think that goes too far and could create problems.”

Dr John Cahir SC also highlighted upcoming changes to the GDPR’s One Stop Shop enforcement system.

Under this framework, the data protection authority in the EU member state where a company is based acts as the lead regulator across the bloc.

For Ireland, this means the Data Protection Commission leads investigations involving many large technology companies with EU headquarters in the country. 

A new EU procedural regulation, due to take effect in April 2027, will introduce common rules for how such investigations are conducted.

According to Dr John Cahir, the reform has “a two-fold intention: one is to try to speed things up, and the other is to make sure that there’s a common set of procedures followed by data protection authorities in each member state.”

Overall, however, the proposed reforms are relatively limited in scope.

Not a fundamental rewriting 

As the ALG lawyer put it, “these proposals are not a fundamental rewriting of the GDPR … they are more modifications to make the rules operate in a more efficient manner.”

The panel featuring senior in-house legal leaders drew particular interest from the audience. 

Ruth Murphy, Google Ireland head of legal, Elaine Fox, TikTok Ireland head of legal, and Miriam Nagle, Allied Irish Banks head of legal, discussed how their departments are beginning to adopt artificial intelligence tools internally.

Dr John Cahir noted that AI is not entirely new to the legal profession. 

“Machine learning technologies have been used for many years,” particularly in document review and discovery, he said.

What has changed is the arrival of generative AI systems capable of analysing large datasets and producing written output.

These technologies offer potential efficiency gains, but they also raise professional and ethical considerations.

“Law firms have to be very mindful of their confidentiality obligations,” he noted, meaning adoption may be more complex than in other industries.

Standard tool

Despite these challenges, AI is likely to become a standard tool across the profession. 

“It’ll eventually become expected that every law firm uses AI to bring efficiencies for their clients,” the technology lead said.

“It’s not really an optional thing.”

For lawyers working in technology law, the key message is that the regulatory environment will continue to evolve.

As Dr John Cahir SC concluded, “increased regulation and compliance for technology is an ongoing process, and therefore, for people practising in the area, there’s a constant need to be apprised of all these developments that are occurring.”

Gazette Desk
Gazette.ie is the daily legal news site of the Law Society of Ireland

Related to technology

technology
Bad robot

The legal options for restricting access to 'nudification' tools
technology
AI ‘game-changer’ in disclosure and discovery

But a threat to traditional law-firm model

technology
'Focus on platforms, not sweeping bans'

CoE rights chief warns on social-media age measures
law society
Real-world AI challenges for lawyers

Stanford academic David Kerrigan at Law Society
Copyright © 2026 Law Society Gazette. The Law Society is not responsible for the content of external sites – see our Privacy Policy.