ARTICLE
12 September 2025

Two-Minute Recap IT Law Matters Around The Globe

GT
Gen Temizer

Contributor

Gen Temizer is a leading independent Turkish law firm located in Istanbul's financial centre. The Firm has an excellent track record of handling cross-border matters for clients and covers the full bandwidth of most complex transactions and litigation with its cross-departmental, multi-disciplinary and diverse team of over 30 lawyers. The Firm is deeply rooted in the local market with over 80 years of combined experience of the name partners while providing the highest global standards of legal services.
As of 2 August 2025, a new set of provisions under the Artificial Intelligence Act has entered into force. Providers of general-purpose artificial intelligence...
Worldwide Media, Telecoms, IT, Entertainment

AI Act: Obligations Effective as of 2 August 2025

As of 2 August 2025, a new set of provisions under the Artificial Intelligence Act has entered into force. Providers of general-purpose artificial intelligence models are now required to maintain up-to-date technical documentation, share relevant information with downstream providers, implement policies to ensure compliance with European Union copyright law, publish a summary of the training data used, and designate a legal representative in the European Union if established outside the European Union. Additional duties apply to general-purpose artificial intelligence models presenting “systemic risks,” including risk assessments, incident reporting, and enhanced cybersecurity measures. Alongside these obligations, new rules also cover the role of notified bodies, confidentiality undertakings for supervisory authorities to protect intellectual property and trade secrets, as well as the implementation of governance and penalty frameworks. Member States, in turn, were expected to designate their competent authorities and notified bodies by this date and put in place enforcement mechanisms to ensure consistent application of the Artificial Intelligence Act.

Italy Expands Mandatory Cyber Incident Reporting

On 1 August 2025, Italy enacted DPCM No. 111, expanding the list of reportable incidents under the National Cybersecurity Perimeter. Critical infrastructure operators—such as in energy, finance, healthcare, and telecom— must now notify not only direct breaches but also disruptions affecting service continuity. The decree aligns Italy more closely with the EU's NIS2 Directive, strengthening Europe's collective resilience against ransomware, state-sponsored cyberattacks, and supply-chain threats.

India Passes Online Gaming Regulation Act

Between 20–21 August 2025, the Indian Parliament passed the Promotion and Regulation of Online Gaming Act, 2025. The law bans real-money gambling games, introduces strict advertising restrictions, and recognizes e-sports as a legitimate industry. Operators must comply with responsible gaming obligations, including tools to prevent addiction and safeguard minors. Supporters hail it as a major step for consumer protection, while some gaming companies argue it could stifle innovation and investment in India's fastgrowing gaming sector.

Philippines Enact Open Access in Data Transmission Act

On 24 August 2025, the Open Access in Data Transmission Act, also known as the Konektadong Pinoy Act, automatically became law after the President chose not to exercise a veto. The legislation is designed to liberalize the Philippine telecommunications sector by lowering entry barriers for new players and promoting wider access to affordable and reliable internet services across the country. The reform is expected to play a key role in advancing digital inclusion, while also serving as a potential regulatory model for other Southeast Asian nations seeking to modernize their connectivity frameworks.

Russia: New Legislative Proposals on Online Content and Cybercrime

In August 2025, the Russian State Duma introduced draft legislation aimed at imposing stricter rules on offensive and obscene online content. In parallel, the Ministry of Digital Development opened consultations on a proposed law addressing cybercrime and IT-related offenses. According to officials, these initiatives are intended to strengthen the country's digital governance framework. Observers note, however, that the measures could have significant implications for online expression and the regulation of internet activities in Russia.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More