Weekly AI Governance Brief #7 — February 2026
Commission seeks experts for forum on Frontier AI
On 16 February 2026, the European Commission, through the EU AI Office, published a news article launching a call for expression of interest for participation in an Expert Forum on Frontier AI. The announcement states that Europe’s AI actors are invited to apply via an online application form by 12 March 2026 (18:00 CET). The first meeting of the forum is scheduled to take place online on 23 April 2026.
The publication specifies that discussions will be held under the Chatham House Rule. It also states that the AI Office will publish “key insights” and updates related to the initiative.
The call is framed as part of the AI Office’s structured engagement with stakeholders in the field of frontier AI.
Why this matters
This development constitutes an observable institutional step in the operationalisation of the EU AI Office’s work. The formalisation of an Expert Forum indicates a structured mechanism for stakeholder input into frontier AI-related discussions at EU level.
The explicit reference to publication of “key insights” signals an intention to translate stakeholder discussions into public-facing outputs. For organisations monitoring EU AI governance signals, this provides a defined channel through which policy-relevant themes may emerge.
European AI Innovation Month — Save the date
On 20 February 2026, the European Commission (via DG CONNECT’s “Shaping Europe’s digital future” platform) announced a coordinated series of events under the banner “European AI Innovation Month.” The events are scheduled to take place between mid-October and mid-November 2026.
The announcement describes the initiative as a platform connecting stakeholders including innovators, industry representatives, policymakers, and researchers around AI innovation.
No legislative or regulatory instrument accompanies the announcement; it is presented as an institutional coordination and communication milestone.
Why this matters
Although not a legal act, this announcement reflects Commission-level coordination of AI ecosystem activity. Such institutional event frameworks often structure the cadence of policy communication, stakeholder engagement, and visibility around implementation-related themes.
For governance monitoring purposes, the initiative marks a scheduled focal period during which AI-related institutional messaging may intensify.
EDPB publishes Coordinated Enforcement Action report on the right to erasure
On 18 February 2026, the European Data Protection Board (EDPB) published a report under its Coordinated Enforcement Framework (CEF) focusing on the implementation of the right to erasure (Article 17 GDPR) by controllers.
The publication describes the right to erasure as one of the most frequently exercised GDPR rights and notes that it often generates complaints to supervisory authorities. The coordinated action sought to understand practical implementation by controllers and to identify good practices and key challenges. The same webpage provides downloadable access to the main report and an annex containing national reports.
The report is presented as part of the EDPB’s coordinated enforcement methodology.
Why this matters
For AI governance monitoring, institutional guidance and enforcement signals around data subject rights remain operationally relevant. Where AI systems rely on personal data in development, training, or deployment contexts, the implementation of erasure requests may present practical compliance challenges.
The coordinated enforcement framework provides a cross-border supervisory perspective, offering insight into how data protection authorities are assessing controller practices.
ISO/IEC CD TR 42103 — Committee Draft consultation initiated
On 16 February 2026, the ISO project page for ISO/IEC CD TR 42103 recorded that committee draft consultation had been initiated. The title indicates that the deliverable concerns an “Overview of synthetic data in the context of AI systems.”
The page presents the document as an under-development committee draft technical report within ISO/IEC JTC 1/SC 42.
Why this matters
Synthetic data is frequently discussed in governance and compliance contexts as a data strategy with implications for privacy and data management. The initiation of committee draft consultation signals continued development of international standardisation work in this area.
ISO/IEC TR 42106 moves to “under publication” stage
On 17 February 2026, the ISO catalogue page for ISO/IEC TR 42106 recorded a life-cycle transition indicating that the document had moved to the “International Standard under publication” stage following a close of voting milestone.
The title describes the deliverable as an “Overview of differentiated benchmarking of AI system quality characteristics.”
Why this matters
Benchmarking and quality characteristics are commonly referenced in assurance and evaluation contexts. The movement of this technical report toward publication provides an institutional indicator that benchmarking-related guidance is progressing within ISO/IEC structures.
Irish Data Protection Commission opens inquiry into X (XIUC)
On 17 February 2026, the Irish Data Protection Commission (DPC) announced that it had opened an inquiry into X Internet Unlimited Company under Ireland’s Data Protection Act 2018.
The press release states that the inquiry concerns the apparent creation and publication on the X platform of potentially harmful, non-consensual intimate and/or sexualised images involving EU/EEA data subjects, including children. The DPC refers to generative AI functionality “associated with the Grok large language model” within the platform.
The DPC states that the purpose of the inquiry is to assess compliance with obligations under the General Data Protection Regulation (GDPR), explicitly referencing Articles 5, 6, 25, and 35 in relation to the processing at issue.
Why this matters
This is a regulator-led enforcement development directly linked to generative AI-enabled harms and personal data processing. The reference to Articles 25 (data protection by design and by default) and 35 (data protection impact assessments) is institutionally significant in the context of AI system deployment.
The inquiry illustrates how existing GDPR supervisory mechanisms are being applied to risks associated with generative AI functionality, without reliance on new AI-specific legislation.
Looking ahead
The week under review reflects continued activity across multiple layers of AI governance. At EU level, the AI Office formalised stakeholder engagement on frontier AI and the Commission advanced ecosystem-oriented initiatives. Data protection authorities published enforcement and guidance materials with direct relevance to AI-enabled processing. Internationally, summit-level declarations and multilateral statements were adopted, while ISO/IEC recorded technical standardisation milestones.
Together, these developments illustrate ongoing institutional structuring of AI governance across regulatory, supervisory, diplomatic, and standardisation domains.
Sources
European Commission — Commission seeks experts for forum on Frontier AI (news article, 16 February 2026):
https://digital-strategy.ec.europa.eu/en/news/commission-seeks-experts-forum-frontier-ai
European Commission — European AI Innovation Month — Save the date (news article, 20 February 2026):
https://digital-strategy.ec.europa.eu/en/news/european-ai-innovation-month-save-date
European Data Protection Board — Coordinated Enforcement Action on implementation of the right to erasure (report under Coordinated Enforcement Framework, 18 February 2026):
https://www.edpb.europa.eu/our-work-tools/our-documents/other/coordinated-enforcement-action-implementation-right-erasure_en
ISO — ISO/IEC CD TR 42103, Overview of synthetic data in the context of AI systems (committee draft consultation initiated, 16 February 2026):
https://www.iso.org/standard/86899.html
ISO — ISO/IEC TR 42106, Overview of differentiated benchmarking of AI system quality characteristics (moved to “under publication” stage, 17 February 2026):
https://www.iso.org/standard/86903.html
Data Protection Commission (Ireland) — Data Protection Commission opens investigation into X (XIUC) (press release, 17 February 2026):
https://www.dataprotection.ie/en/news-media/press-releases/data-protection-commission-opens-investigation-x-xiuc