The regulatory and ESG (Environmental, Social, and Governance) landscape confronting Apple Inc. has entered a period of unprecedented complexity and structural tension. Across European, American, and Asia-Pacific jurisdictions, a dense web of overlapping frameworks—from the European Union's Digital Markets Act (DMA), Digital Services Act (DSA), and Corporate Sustainability Reporting Directive (CSRD), to California's privacy and AI safety laws, to Australia's emerging sustainability reporting standards—is fundamentally reshaping the operational terrain for large technology platforms.
What emerges from a careful analysis of the current claims is not merely a catalogue of compliance obligations, but evidence of a deeper structural transformation: the transition from voluntary, aspirational ESG engagement to mandatory, auditable, and legally enforceable sustainability and data governance regimes. For Apple, a company whose brand identity is deeply intertwined with privacy, environmental stewardship, and supply chain integrity, these developments carry material implications for competitive positioning, capital allocation, legal exposure, and investor sentiment.
Part I: The European Regulatory Wave — Coercive Convergence
The Digital Markets Act and Digital Services Act
The European Union stands as the most aggressive architect of this new regulatory order. The Digital Markets Act (Regulation (EU) 2022/1925) entered into force in November 2022 and became fully effective on March 6, 2024 5,6,9,10, designating gatekeeper platforms and imposing prescriptive obligations on their core operations. The European Commission is expected to publish preliminary findings on new DMA designations by October 2026 10, and EU industry commissioner Thierry Breton has already signaled the expansion of DMA designations to additional platforms 10. The stated objective is to achieve "fairer competition in the European market" 55, with the EU acting ahead of comparable legislative efforts in the United States and Asia 10.
Alongside the DMA, the Digital Services Act imposes comprehensive obligations on very large online platforms regarding systemic risks, including the protection of minors 23. Enforcement action has already commenced: the European Commission launched a formal investigation into Snapchat on March 26 under the DSA 25, and DSA enforcement has prioritized platform risk management, age verification requirements, and protections for minors 25. Critically, the DSA applies concurrently alongside the GDPR, the AI Act, the Unfair Commercial Practices Directive, and the Consumer Rights Directive in operating jurisdictions 40, creating a multi-layered compliance environment for any platform serving European users.
These are not static obligations. Claims indicate that regulatory uncertainty under the DSA introduces earnings instability, threatening dividend sustainability for platform companies with meaningful European revenue exposure 25. Further, regulatory event risk under the DSA creates negative expected value for long equity positions in targeted platform companies 25. For Apple, whose services revenue—including the App Store, Apple Music, iCloud, and Apple TV+—carries significant European exposure, these risks are directly material to the investment thesis.
The Sustainability Reporting Revolution: From Voluntary to Mandatory
Perhaps the most sweeping transformation visible in the claims is the shift in sustainability reporting from a discretionary activity to a legally binding obligation. The Corporate Sustainability Reporting Directive entered its final implementation phase across European markets in spring 2026 50, and the European Sustainability Reporting Standards (ESRS) became fully applicable as of January 2026 50. The CSRD, which defines common standards for sustainability reporting 1,2,4,31, will expand its scope to cover more entities in 2025 36, creating a cascading compliance burden that reaches deep into corporate supply chains. EFRAG (the European Financial Reporting Advisory Group) serves as the key standard-setting body for ESRS under the CSRD 36 and has released its 2025 Sustainability Report 36.
However, implementation has generated significant friction. A cluster of claims from late April 2026 paints a concerning picture: voluntary ESG disclosures in Europe declined 34% in Q1 2026 compared to Q1 2025 50, signaling that the period from 2020 to 2024 represented the peak of voluntary ESG reporting 50. The European Securities and Markets Authority (ESMA) issued three data quality warnings in Q1 2026 alone 50, citing the deterioration of decision-useful sustainability information in public filings. Claims describe the technical complexity and liability exposure of the ESRS framework as creating "structural weaknesses in the European regulatory approach" 50, and note that regulatory pressure from ESRS is driving "correlated behavior through reduced disclosure across European corporate sectors" 50. The deterioration of decision-useful sustainability information represents a systemic risk to ESG-integrated capital markets 50.
This dynamic has triggered observable defensive corporate behavior. Companies are adopting "greenhushing"—strategic silence rather than transparency in sustainability communications 50—as a defensive posture adopted in response to regulatory and legal pressures 50. Companies are retreating from voluntary sustainability communications as regulatory pressure intensifies 50. Sustainability reporting has transformed from a marketing opportunity into a liability exposure, driven by legal caution and litigation risk 50. In February 2026, three major fashion retailers were fined a total of €50 million for misleading carbon neutrality claims 50, and major industrial groups now face litigation risk from consumers alleging greenwashing and from investors claiming material misstatements 50.
Supply chain relationships are fracturing under the weight of these requirements. Italian mid-cap companies are opting to sever relationships with larger partners rather than invest in costly CSRD reporting infrastructure 50, and small and medium-sized enterprises face "existential pressure" from cascading reporting obligations flowing down through supply chains 50. Confindustria, the Italian industry federation, has petitioned for regulatory relief on behalf of its members 50. For Apple, which operates one of the most complex global supply chains in the technology sector, these dynamics are directly relevant to supplier relationships, procurement costs, and reputational risk.
Part II: The Data Privacy & Cybersecurity Nexus
Data privacy has become an increasingly material ESG consideration 45, with companies that maintain robust privacy programs potentially holding a competitive advantage in ESG scoring 45. Data privacy is now identified as a core social and governance concern within ESG frameworks 15,24. Customer data protection is recognized as a key social responsibility metric in ESG analysis 22, and cybersecurity oversight is categorized as a critical corporate governance issue 21,22. Data breaches can indicate potential weaknesses in board-level risk management 22.
On the regulatory enforcement front, the European Data Protection Board (EDPB) adopted its first-ever standardized Data Protection Impact Assessment (DPIA) template on March 10, 2026 16,17, applying to organizations conducting processing activities that require DPIAs under the GDPR 17. Claims note that marketers and Data Protection Officers are specifically called out as groups needing to be aware of the new template 16,17. The EDPB has also issued new guidance clarifying permissible uses of personal data for scientific research under the GDPR 18.
In the United States, the California Consumer Privacy Act (CCPA) remains a key framework affecting companies operating in or serving California residents 3,15, and the California Privacy Protection Agency's 2025 Regulations now govern automated decision-making technologies, mandatory cybersecurity audits for businesses meeting specific thresholds, and vendor accountability 41. At the federal level, the proposed SECURE Data Act (H.R. 8413) was released on April 22 42, providing consumer rights to confirm, access, correct, and delete personal data 42. A proposed federal privacy standard under the SECURE/GUARD Act would reduce compliance complexity by replacing 22 separate state regulatory frameworks with a single federal standard 48.
A structural governance issue emerges from claims about CISO reporting structures. The most common reporting structure for CISOs is to report to the CIO 46, which creates a scenario where "one C-level executive reports to another" 46. CISOs reporting to General Counsel or Legal is also a common structure 46, and pressure from regulators is cited as a driver for companies needing dedicated cybersecurity leadership visibility at executive levels 46.
Part III: Emerging Frontiers — AI Governance, Quantum Risk, and Data Sovereignty
Emerging regulatory domains are beginning to intersect with ESG frameworks in ways that bear directly on Apple's operations. California's Senate Bill 53 (SB 53) has been signed into law, requiring annual AI safety frameworks and 15-day incident reporting 44. The New York RAISE Act, requiring safety protocols and 72-hour incident reporting, was also signed into law 44. Safety is identified as a governance factor relevant to the ESG evaluation of AI companies 54, and companies engaging in mass surveillance and the development of autonomous weapons may face increased ESG screening and investor scrutiny 11.
Quantum readiness may become a governance metric as ESG frameworks increasingly consider cybersecurity preparedness 20, and corporate governance quality will be tested by how proactively companies address the transition to quantum-resistant technological risks 20.
The European Union is pursuing data sovereignty with increasing determination. Claims indicate the EU aims to ensure that data remains strictly within its borders and is operated by local European actors 12,13, with emerging compliance standards requiring that data be operated by local residents 13. However, the European data framework is also described as "a major roadblock for both small and large companies operating within the region" 43 and as a barrier to industrial investment 43. The European Chips Act 2022 serves as an industrial policy response to global competition 43, and European sustainability and sovereignty goals are currently in tension with immediate technological needs 43.
Proposed EU M&A Innovation Guidelines
A development with direct relevance to Apple's acquisition strategy is the proposed EU regulatory framework for M&A innovation claims. The proposed guidelines would create a limited exception allowing startups and small innovative companies to claim innovation benefits during M&A reviews 14, introduce structured governance featuring clear criteria, burden of proof, and European Commission oversight 14, and mandate that consumer benefits must be passed to consumers within a verifiable timeframe 14. The European Commission retains authority to block transactions where innovation claims are deemed speculative or insufficient to offset competitive harms 14. Anti-circumvention provisions include restrictions on shell company structures 14. The implementation timeline is set for January 2027, following a four-month consultation period 14. The proposed changes were introduced during a period of declining investment flows into the European deeptech venture capital sector 14.
Part IV: The US and Asia-Pacific Regulatory Context
In the United States, the Federal Reserve announced in December 2025 modifications to the enhanced Supplementary Leverage Ratio (eSLR) standards that released approximately $2 trillion in bank capacity 53. The April 1 rule change was described by market participants as functioning similarly to a rate cut without an actual rate cut 53, releasing a "massive wall of credit" that functions as an indirect monetary stimulus 53. SEC Release No. 34-105108 allows broker-dealers to hold high-quality equities instead of cash and/or Treasuries on their balance sheets to meet collateral requirements 52.
At the state level, Connecticut's Senate Bill 5 includes child safety provisions and suicide risk protections relevant to ESG social-factor evaluations 19. Hong Kong's regulation requiring shareholder approval for auditor changes aims to increase transparency and accountability 39.
Part V: The Verification Gap and the Greenwashing Enforcement Environment
A recurring and deeply concerning theme across the claims is the gap between sustainability claims and verifiable evidence. Most companies cannot verify their sustainability claims, creating significant legal liability exposure for greenwashing 51. ESG scores are running untracked, creating reputational and regulatory risk 51. Traditional supply-chain verification approaches rely on self-reporting, which "lacks the objectivity required for regulatory scrutiny" 7.
This verification gap is driving capital allocation toward environmental monitoring infrastructure. Companies are increasingly investing in satellite technology to comply with credible ESG reporting standards 7. Many companies with deforestation-related supply chain exposure are shifting from self-reported disclosures to satellite-verified data 7, and stakeholders' dissatisfaction with self-reported disclosures is driving growing demand for satellite-based monitoring that provides measurable, auditable ESG performance 7. Sentinel-2 imagery from the European Space Agency's Copernicus program is cited as the enabling technology 7. For Apple, which has made significant climate commitments and faces sustained scrutiny over its supply chain—including rare earth minerals and battery materials—this verification trend has direct and urgent implications.
Enforcement is accelerating. Claims describe ESG scrutiny as an increasing area of enforcement focus in white-collar litigation, particularly around disclosures and corporate practices 33. The EU is implementing regulations requiring wine producers to back sustainability claims with certified, third-party verified evidence, with standards taking effect in 2026 37. Wine producers face legal liability risks for continued greenwashing after the 2026 standards take effect 37. The European Commission has proposed a 90-day cap on community consultations for environmental assessments 47. Under EU consumer law, traders who fail to deliver goods or services must restore the position by either delivering or refunding 40.
Part VI: Industry Activity and the Contradictions Within
The claims document extensive ESG reporting activity across sectors. Radisson Hotel Group has demonstrated particularly comprehensive engagement: it is the first to align its reporting with the European VSME regulatory framework 49, employs a double materiality approach 49, reported a 23% decrease in emission intensity per square meter versus its 2019 baseline 49, achieved a 6% reduction in total scope 1 and 2 emissions despite 20% portfolio growth 49, obtained an EcoVadis Silver Medal rating 49, and has a carbon neutrality target year of 2050 49. Other notable disclosures include Fedrus International's completion of a group-wide Double Materiality Assessment 31, HitGen Inc.'s 2025 Sustainability Report 27,28, Hikvision's eighth consecutive year of ESG reporting identifying technological innovation and cybersecurity as double materiality topics 32, J&T Express's published formal ESG Report 34,35, and OceanaGold Corporation's 2025 Sustainability Report 26. Maybank appointed its first-ever Chief Sustainability Officer 29,30, with the officer noting that Islamic finance and sustainable finance are both "values-based systems that emphasize social justice, welfare, and the avoidance of harm" 30.
Several important contradictions emerge from the claims and merit careful consideration. First, while ESG adoption at the corporate level continues to expand—with 620 major corporations adopting nature-risk disclosures under the TNFD framework, driven by investor demand 38—there is a simultaneous retreat from voluntary disclosures in Europe 50. This suggests a bifurcation: regulatory pressure is forcing disclosure in some areas while chilling it in others due to litigation fear. Second, the tension between sustainability goals and immediate technological needs in Europe 43 highlights a structural challenge for companies like Apple that must balance ambitious climate commitments with operational requirements. Third, while institutional investors previously ranked climate change as the first or second most important ESG issue for three consecutive years, Berenberg Bank's April report found it slipped to fifth place 8, suggesting shifting investor priorities that could recalibrate the pressure on companies.
Part VII: Analysis and Significance for Apple Inc.
For Apple, the synthesis of these claims reveals a regulatory environment that is simultaneously more demanding and more unpredictable than at any point in recent history. Several investment-relevant implications emerge.
Revenue at Risk from Platform Regulation. The DMA and DSA pose direct revenue risk to Apple's services segment, particularly the App Store. With DMA enforcement expanding and the European Commission proceeding with formal investigations into platforms 25, Apple faces the prospect of mandatory changes to its commission structure, payment processing requirements, and app distribution model in the European Union—its third-largest market by revenue. Claims noting that regulatory uncertainty under the DSA threatens dividend sustainability and creates negative expected value for long positions 25 are directly applicable to Apple's investment case.
Compliance Cost Escalation and Supply Chain Strain. As the CSRD and ESRS frameworks reach full applicability 50, Apple's supply chain—spanning hundreds of suppliers across dozens of countries—faces cascading reporting requirements. The claims describing small and medium-sized enterprises severing relationships with larger partners rather than investing in reporting infrastructure 50 are a red flag for any company relying on a deep supplier base. Apple may need to absorb compliance costs, provide reporting infrastructure to its suppliers, or face supply chain disruption. The "greenhushing" phenomenon 50 also raises the risk that suppliers provide less, not more, transparency, thereby complicating Apple's own ESG reporting obligations.
Litigation Exposure from Greenwashing Claims. Apple has made aggressive climate commitments, including its 2030 carbon neutrality goal across its entire supply chain. The claims documenting €50 million in fines for misleading carbon neutrality claims 50 and the broader shift of sustainability reporting from "marketing opportunity to liability exposure" 50 underscore the litigation risk Apple faces if its climate claims cannot withstand regulatory scrutiny. The EU's insistence on third-party verified evidence 37 and the verification gap noted across most companies 51 highlight a material vulnerability that demands attention.
The Privacy Advantage Under Pressure. Apple has differentiated itself on privacy, positioning it as a core brand value and a competitive advantage against peers such as Google and Meta. The claims confirming privacy as an increasingly material ESG consideration 45 and a source of competitive advantage in ESG scoring 45 validate Apple's strategic posture. However, the sheer complexity of the regulatory landscape—spanning GDPR, the CCPA, proposed federal US privacy standards 48, and state-level AI safety laws 44—means that maintaining this advantage requires continuous, escalating investment in compliance infrastructure.
M&A Strategy Constraints. The proposed EU M&A innovation guidelines 14 with a January 2027 implementation date 14 could constrain Apple's acquisition strategy in Europe. If Apple seeks to acquire European AI, semiconductor, or services startups, it may need to demonstrate that innovation benefits will be passed to consumers within verifiable timeframes 14, and the European Commission retains authority to block transactions where innovation claims are deemed speculative 14. The noted decline in European deeptech venture capital investment flows 14 may create acquisition opportunities even as regulatory hurdles rise, presenting a strategic calculus Apple must navigate carefully.
Data Sovereignty and Operational Complexity. The EU's push for data to remain within its borders and to be operated by local actors 12,13 has direct implications for Apple's data center strategy, iCloud operations, and AI and machine learning service delivery in Europe. The European data framework, described as a "major roadblock" 43 and a barrier to industrial investment 43, suggests Apple may face rising costs and operational friction in delivering cloud and AI services to European customers.
Cybersecurity Governance Scrutiny. The structural governance concerns around CISO reporting structures 46 and the characterization of cybersecurity oversight as a critical governance issue 21,22 could draw attention to Apple's own security governance arrangements. As regulators and ESG rating agencies increasingly evaluate cybersecurity preparedness 20, Apple's approach to security governance becomes an ESG factor in its own right.
Key Takeaways
-
The European regulatory wave represents the most material near-term risk to Apple's services revenue and supply chain structure. The DMA and DSA enforcement trajectory, combined with the CSRD and ESRS cascading compliance burden on suppliers, creates a dual pressure on both the revenue side—through App Store economics—and the cost side—through supplier compliance costs and potential supply chain disruption. Investors should monitor the October 2026 DMA designation expansion 10 and the January 2027 M&A guideline implementation 14 as key catalysts.
-
The transition from voluntary to mandatory ESG reporting has created a "greenhushing" dynamic that paradoxically reduces available information even as regulatory requirements increase. Apple's carbon neutrality claims face elevated litigation risk in this environment, and the company's reliance on supplier-reported data is increasingly inadequate given the shift toward satellite-verified and third-party-certified disclosures. Apple should be expected to invest significantly in audit-ready sustainability data infrastructure.
-
Data privacy and cybersecurity are converging with ESG as material governance factors, creating both an opportunity and an obligation for Apple. Apple's existing privacy positioning provides a competitive advantage in ESG scoring 45, but the rapid evolution of AI-specific regulations—including California's SB 53 and New York's RAISE Act—and the emergence of quantum readiness as a governance metric 20 mean that maintaining this advantage requires continuous, proactive investment.
-
The January 2027 implementation of the EU's M&A innovation defense framework creates a defined window of regulatory clarity—or uncertainty—for Apple's acquisition strategy in Europe. With declining deeptech venture capital investment 14 potentially creating attractive acquisition targets, but with the European Commission retaining authority to block deals where innovation claims are deemed speculative 14, Apple faces a strategic calculus: accelerate European acquisitions before the new framework takes effect, or adapt deal structures to meet the new evidentiary standards for innovation benefits.
Sources
1. È ACCADUTO IERI: Sostenibilità, da carbon footprint a comitato Esg: report di Gruppo Serenissima Ris... - 2026-02-17
2. Sostenibilità, da carbon footprint a comitato Esg: report di Gruppo Serenissima Ristorazione ... LEG... - 2026-02-16
3. Healthcare and financial companies face lawsuits for sharing sensitive patient and financial data wi... - 2026-03-03
4. 22% of BRSR filers skip mandatory Scope 1 & 2. Only 18% report Scope 3. Now CBAM, CSRD, and banking ... - 2026-03-03
5. Meta to allow AI rivals on WhatsApp in bid to stave off EU action - 2026-03-05
6. Meta to allow AI bot rivals on WhatsApp in bid to stave off EU action - 2026-03-06
7. Tracking Deforestation and Land Use Change with Satellite Imagery: Implications for ESG Compliance -... - 2026-04-21
8. ESG flux: Do-gooder investors may be shifting to health but mustn't let climate action trail off ->M... - 2026-04-20
9. European regulators crack down on Big Tech with sweeping DMA enforcement actions - 2026-04-29
10. EU rules reining in big tech will now target cloud services, AI, regulators say - 2026-04-28
11. Google expands Pentagon’s access to its AI after Anthropic’s refusal After Anthropic refused to all... - 2026-04-29
12. Europe is actively building its own secure digital infrastructure. Through pioneering projects... - 2026-04-25
13. Europe is actively building its own secure digital infrastructure. Through standard-setting projects... - 2026-04-25
14. EU may let startups claim innovation benefits in M&A if big tech not involved - 2026-04-22
15. We're Finally Seeing Big Tech Pushback... but it's not enough #News #TechNews #BigTech #CCPA #GDPR ... - 2026-04-28
16. FYI: EDPB's first-ever DPIA template finally lands - but experts want more #DPIA #DataProtection #ED... - 2026-04-28
17. FYI: EDPB's first-ever DPIA template finally lands - but experts want more #DPIA #DataProtection #ED... - 2026-04-28
18. New guidance from the European Data Protection Board (EDPB) is clarifying how personal data can be u... - 2026-04-22
19. Connecticut's Senate just passed a groundbreaking AI and online safety bill that could redefine how ... - 2026-04-22
20. Leading quantum experts warn fault-tolerant quantum computers capable of breaking current cryptograp... - 2026-04-29
21. 🚨 ShinyHunters ransomware group claims attacks on 40+ companies, including Carnival Corp & Zara's pa... - 2026-04-29
22. The ShinyHunters group claims to have stolen data from 1.4 million Udemy users. Affected users are a... - 2026-04-29
23. The EU finds Meta failing to keep under-13s off Facebook and Instagram. The EU said on Wednesday th... - 2026-04-29
24. Big Tech hoards our data like a dragon, then calls it “personalization.” Courts are finally sharpeni... - 2026-04-27
25. Europe’s DSA era is here: regulators are zeroing in on platform risks, age checks and failures to pr... - 2026-04-23
26. OceanaGold Unveils 2025 Sustainability Report Highlighting Progress in Various Areas #Sustainability... - 2026-04-29
27. HitGen Unveils Its Comprehensive 2025 Sustainability Report Focused on ESG Principles #China #Chengd... - 2026-04-29
28. HitGen Unveils Its 2025 Sustainability Report Highlighting ESG Initiatives #China #Chengdu #ESG #Sus... - 2026-04-29
29. Islamic finance's principles 'align naturally with ESG and sustainability,' says Maybank's first-eve... - 2026-04-29
30. Islamic finance aligns naturally with ESG, says Maybank's first-ever chief sustainability officer ->... - 2026-04-29
31. Fedrus International Advances ESG Reporting with the Terra ESG Platform Built on Microsoft Cloud for... - 2026-04-29
32. Hikvision releases 2025 ESG Report, advancing sustainability through 'Tech for Good' ->Morningstar |... - 2026-04-28
33. Key Trends and Developments in White Collar Litigation and Investigations Apr 27 2026 14:50 UTC Whit... - 2026-04-27
34. J&T Express Releases 2025 ESG Report: From Smart Logistics to Social Responsibility ... ->Morningsta... - 2026-04-27
35. J&T Express Unveils 2025 ESG Report, Revolutionizing Sustainable Logistics Practices #Hong_Kong #ESG... - 2026-04-27
36. EFRAG releases its first Sustainability Report for 2025 www.efrag.org/en/news-and-... #EFRAG #sustai... - 2026-04-29
37. EU rules target wine greenwashing #WineRegulations #Sustainability #EcoFriendly #Greenwashing #WineI... - 2026-04-24
38. 620 major corporations have adopted nature-risk disclosures, not because governments forced them, bu... - 2026-04-24
39. ⚡ BREAKING: Hong Kong mandates shareholder approval for auditor changes in $7.5T market to boost gov... - 2026-04-20
40. Bolt's ChatBot Runs Amok — That Privacy Guy! - 2026-04-27
41. More Parties, More Risks, More Opportunity? Evolving Governance to Support Cyber Resilience Amidst Evolving Policy and Technological Change - 2026-04-24
42. Contextualizing the Proposed SECURE Data Act in the State Privacy Landscape - 2026-04-23
43. Can Europe keep its industrial champions in the AI era? - 2026-04-25
44. Connecticut Passes AI Bill 32-4 - Employment and Chatbots - 2026-04-24
45. U.S. companies hit with record fines for privacy in 2025 - 2026-04-28
46. Infra + security: why more & more CISOs are starting to own infrastructure - 2026-04-28
47. Licensed to Loot: Big Tech and Finance Behind the AI Data Centre Boom — Balanced Economy Project - 2026-04-28
48. Lawmakers seek to override state data privacy laws with new bill - 2026-04-22
49. CSR | Radisson Hotel Group publishes its 2025 Responsible Business Report and rolls out its first Verified Net Zero hotels - 2026-04-29
50. ESG, Crisis and Silence: When Transparency Becomes Optional - 2026-04-27
51. Environment+Energy Leader on Instagram: "News you may have missed this week 👇 ⚡ Investors are pricing grid risk — most ESG disclosures can't answer their questions 🔋 Battery monitoring is getting s... - 2026-04-24
52. March 30th SEC Rule - 2026-04-19
53. Red Monday ahead, thoughts/plans? - 2026-04-19
54. If courts can price in addiction harms, AI builders should expect liability for engagement-maximizin... - 2026-04-24
55. We are monitoring the new EU plans: 1) Stricter rules for Big Tech, now also for cloud services a... - 2026-04-28
