AI Agents, Encryption Battles & Data Wars

In a pivotal week for global tech, the EU prepares to enforce the Data Act, reshaping data sharing and cloud access. The UK retreats from encryption back door demands after U.S. pressure, easing tensions with Apple. Meanwhile, Google unveils an AI-powered Security Operations Center, combining automation and human expertise to modernize cyber threat response.

EU Rolls Out Data Act to Unlock Industrial Data Value

Source: Isabelle Roccia, IAPP

The EU is activating its long-anticipated Data Act on September 12, introducing legal and technical frameworks to reshape how industrial data is accessed and shared across the continent. The legislation, aimed at tapping into the estimated 80% of underused industrial data, seeks to generate up to €270 billion in GDP by 2028.

The law targets connected product data, cloud service portability, and even international data transfer restrictions, placing a particular emphasis on protecting trade secrets and non-personal data from foreign government access. Contractual guidance, in the form of model clauses, was issued to support compliance, but implementation challenges loom large, especially in squaring obligations under the Data Act with GDPR.

Cloud portability and “vendor lock-in” are also in focus, with strict timelines for switching cloud providers. Enforcement will vary by country, but the EU is calling for “effective, proportionate and dissuasive” penalties for noncompliance.

UK Retreats from Encryption Back Door Battle with Apple

Source: Bill Goodwin, Computer Weekly

After months of diplomatic back-and-forth, the UK has agreed to drop demands for Apple to provide a back door to its Advanced Data Protection (ADP) service (a decision welcomed by U.S. lawmakers and digital rights groups). The move follows pressure from U.S. intelligence officials, President Trump, and Vice President JD Vance, who argued that the UK’s order violated the privacy rights of American citizens.

Apple had pulled ADP services from UK customers earlier this year in response to a secretive Technical Capability Notice issued under the Investigatory Powers Act 2016, also dubbed the “Snoopers’ Charter.” Though this recent climbdown eases international tensions, it leaves UK users in limbo, ADP is still unavailable, and the UK government hasn’t ruled out future demands.

Civil liberties advocates warn that the legal architecture allowing such secret orders remains intact, posing ongoing risks. Meanwhile, the Investigatory Powers Tribunal will hear Apple’s formal complaint in early 2026.

Google Debuts AI-Powered SOC to Transform Cybersecurity Response

Source: Alex Scroxton, Computer Weekly

At its recent Security Summit, Google unveiled its ambitious vision of an AI-powered agentic Security Operations Center (SOC) - a move poised to redefine cybersecurity incident response. This next-gen SOC uses AI agents to automate and coordinate detection, triage, and response workflows, with human analysts still in the loop via Mandiant-driven recommendations.

The centerpiece is a new alert investigation agent, now in preview, which can build process trees and analyze command-line behavior autonomously. Google is also introducing risk detection tools for AI agents, stronger protections against prompt injection and jailbreaking, and has enhanced its Unified Security (GUS) platform with better dashboards and threat visualization.

New offerings from Mandiant Consulting provide governance frameworks and threat modeling tailored to AI, answering rising demand for secure AI deployments. This initiative marks a major pivot in how cloud security will evolve in tandem with AI adoption.