The Bottom Line: European regulation through the EU AI Act and NIS2 Directive shapes digital sovereignty requirements and demands new governance and security structures from CDOs.
Austria’s Internet Industry Association’s ISPA Forum addressed on 28 May the strengthening of European digital sovereignty against the backdrop of growing regulatory requirements and security challenges.
The specialist conference of ISPA (Internet Service Providers Austria) brought together representatives from industry, regulation and security to discuss key questions of European digital strategy. The focus was on the impact of the EU AI Act and the NIS2 Directive on the economic viability and competitiveness of European Internet service providers and technology companies.
For Chief Data Officers, this discussion is directly relevant: The EU AI Act defines new governance requirements for data-driven systems, while NIS2 imposes significant requirements on security organisation and incident reporting processes. Both regulatory frameworks require investments in compliance infrastructure and set new standards for data protection, transparency and risk management.
The forum reflected the tension between the EU’s regulatory aspiration to preserve technological autonomy and the economic pressure created by this regulation on European providers. The discussion showed that CDOs must actively shape the balance between compliance requirements and innovative data stewardship – particularly in the documentation of AI systems and the tracking of security incidents.
Source: itwelt.at · Published 1 June 2026
Lumi AI News — AI-assisted curation in accordance with Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.2.8.