- Digital Services Act (In force)
- Protects consumers’ rights online, fosters innovation, and keeps platforms transparent and accountable
- Applies to all intermediary services offered to recipients in the EU
- Fully applicable across the EU by 17 February 2024
- Digital Markets Act (In force)
- Regulates large, systemic online platforms (gatekeepers)
- Ensures a fair business environment and promotes consumer choice
- DMA rules start to apply on 2 May 2023
- Data Governance Act (In force)
- Facilitates data-sharing across sectors and EU countries
- DGA rules start to apply on 24 September 2023
- The Data Act (Pending)
- Focused on data generated by Internet of Things (IoT) devices
- Trilogue negotiations not expected to be completed before spring 2023
- Artificial Intelligence Act (Pending)
- Regulates AI systems in the EU and across the EU’s single market
- Unlikely to become binding law until late 2023
- AI Liability Directive (Pending)
- Harmonises product liability rules for AI
- Proposal adopted by the European Commission on 28 September 2022
- Cyber Resilience Act (Pending)
- Establishes cybersecurity requirements for products with digital elements
- Proposal published on 15 September 2022
- European Health Data Space (Pending)
- Establishes a health-specific ecosystem of rules and standards
- Proposal published on 3 May 2022
The European Union is making significant strides to regulate and shape the technology industry through key legislative acts and proposals. These regulations, already in force or pending approval, aim to protect consumers, foster innovation, ensure transparency, and maintain security in the rapidly evolving digital world. In this article, we provide an overview of the most important legislative acts and proposals that will impact the technology landscape in the EU in 2023 and beyond.
In Force Regulations
- Digital Services Act (DSA)
The Digital Services Act, in force since 16 November 2022, sets new rules to address the challenges posed by digital transformation and new digital business models in the EU. It aims to protect consumers’ rights online, foster innovation, and keep platforms transparent and accountable. The DSA is fully applicable across the EU for all entities in scope by 17 February 2024.
- Digital Markets Act (DMA)
The Digital Markets Act, in force since 1 November 2022, regulates large, systemic online platforms (gatekeepers) such as online search engines, social networking services, messaging services, and app stores. Its main goal is to ensure a fair business environment, promote consumer choice, and enable gatekeepers to innovate while limiting their ability to use unfair practices. DMA rules start to apply on 2 May 2023.
- Data Governance Act (DGA)
The Data Governance Act, in force since 23 June 2022, aims to improve data-sharing across sectors and EU countries, particularly by facilitating wider reuse of data held by public sector bodies. The DGA rules start to apply on 24 September 2023.
- The Data Act
The Data Act, proposed by the European Commission on 23 February 2022, focuses on data generated by Internet of Things (IoT) devices. It aims to create a single data market in which data is more accessible and can be shared without legal obstacles among European businesses and the public sector. The trilogue negotiations over the Data Act are not expected to be completed before spring 2023.
- Artificial Intelligence Act (AI Act)
The Artificial Intelligence Act, proposed by the European Commission, targets the regulation of AI systems in the EU and across the EU’s single market. It aims to maintain trust in the AI systems used in the EU and create an ecosystem of excellence for AI. The act is unlikely to become binding law until late 2023.
- AI Liability Directive
The AI Liability Directive, proposed by the European Commission on 28 September 2022, aims to harmonize product liability rules for AI. The proposal seeks to boost consumer confidence in interacting with emerging technologies by enabling victims of AI-related damage to obtain compensation without burdensome evidentiary hurdles.
- Cyber Resilience Act (CRA)
The Cyber Resilience Act, proposed by the European Commission on 15 September 2022, would establish cybersecurity requirements for products with digital elements. Its focus is on countering cyberthreats and creating conditions for the development of secure digital products.
- European Health Data Space (EHDS)
The European Health Data Space, proposed by the European Commission on 3 May 2022, aims to establish a health-specific ecosystem of rules, common standards and practices, infrastructures, and a governance framework. The EHDS seeks to empower individuals, health professionals, healthcare providers, researchers, and regulators through the freer movement of health data.
As technology continues to evolve, so does the need for effective regulation to protect consumers, ensure fairness, and foster innovation. The EU’s legislative acts and proposals for 2023 and beyond demonstrate the region’s commitment to maintaining a balanced digital landscape that benefits all stakeholders. From the Digital Services Act to the European Health Data Space, these regulations and proposals will define the future of the EU’s technology industry, ensuring that businesses, consumers, and governments can navigate the ever-changing digital world with confidence.
It is essential for organizations operating within the EU to stay up-to-date with these legislative developments to remain compliant and successfully adapt to the evolving regulatory environment. Additionally, individuals and consumers should be aware of their rights and the protections in place to maintain trust in the digital services they use daily.
The European Union’s dedication to shaping the technology industry through key legislative acts and proposals will likely have a global impact, as other countries and regions may adopt similar approaches to regulate their own digital landscapes. As a result, the EU’s efforts in this area could serve as a model for the future of technology regulation worldwide.