Brussel's European quarter has become noticeably quieter in recent weeks. This is due, in part, to May's generous quota of bank holidays and European Parliament being officially closed for business as the electoral campaign ramps up ahead of June. So what are we keeping on our radar then? Well, a few things, in fact.

There is no stopping when it comes to enforcement of the Digital Markets Act and Digital Services Act. It has become a weekly expectation to hear what new designation happened or investigation started under either of the instruments.

This week has been no different with a fresh designation of Booking.com as a gatekeeper under the DMA and the opening of a market investigation into X. The latter action stems from the company's 1 March 2023 rebuttal, where X claims that while it meets the thresholds, it cannot be seen as an important gateway between businesses and consumers.

The European Commission also opened formal proceedings to assess whether Meta may have breached the DSA in areas linked to the protection of minors. In their sight are systems of both Facebook and Instagram, including algorithms, that might feed behavioral addictions in children, as well as create so-called "rabbit-hole effects."

The EU Artificial Intelligence Act is still the talk of the (digital) town as we expect member states to grant final approval 21 May. The text is expected to be published in the EU's Official Journal two weeks later, which will start the clock for its entry into force, estimated to come the first week of June — during the IAPP AI Governance Global 2024.

As the compliance clock starts ticking, the IAPP released two resources that should prove to be useful tools in navigating this new legislation: the EU AI Act Compliance Matrix and EU AI Act: Stakeholder Map.

Meanwhile, the clock is also frantically ticking for the European Commission, which has a lot of deliverables to produce, including setting up a fully functioning AI office and staffing it with a mix of legal and technical profiles.

The 32nd European Conference of Data Protection Authorities took place from 14-16 May in Riga, Latvia. The first conference was organized in 1991 with just a few countries' representatives and it has now grown into a yearly event with participants covering the European Economic Area and beyond.

During the first two days, representatives of European data protection authorities gathered to discuss emerging challenges and topics of common interest in the area of data protection. They also exchanged experiences and best practices and addressed further collaboration possibilities.

The last day of the conference, which was open to the wider public, focused on the EU General Data Protection Regulation and legislation to fight against money laundering and terrorist financing, their intersection and compliance.

Digitalization in Europe is a work in progress. The EU set two main goals for the digital transformation of businesses by 2030: more than 90% of small and medium-sized enterprises should reach at least a basic level of digital intensity, and 75% of EU companies should use cloud computing services, perform big data analysis or use AI.

According to Eurostat data, nearly 60% of EU SMEs reached a basic level of digital intensity in 2023, but with vast disparity, ranging from 27% in Romania and 28% in Bulgaria, to 80% in Sweden and 86% in Finland. Forty-four percent of EU citizens lack basic digital skills, according to the data, with only 56% having basic or above basic digital skills. However, in 2023, over 90% of people in the EU used the internet at least once a week.