EU Digital
Regulations

The foundational regulation governing personal data processing in the EU. Establishes principles for lawful processing, data subject rights, and accountability requirements.

The "cookie law" governing electronic communications privacy, including consent requirements for tracking technologies and confidentiality of communications.

Creates framework for data sharing, data intermediaries, and data altruism organizations to increase data availability for the common good.

Grants users control over data generated by connected devices. Requires manufacturers to enable data access and portability.

Comprehensive framework for platform accountability, content moderation, algorithmic transparency, and user protection online.

Establishes ex-ante rules for designated "gatekeeper" platforms to ensure fair competition and market contestability.

Protects gig economy workers through employment status presumptions, algorithmic management transparency, and data protection requirements.

Enhanced cybersecurity requirements for essential and important entities, including incident reporting and risk management obligations.

Mandatory cybersecurity requirements for hardware and software products throughout their lifecycle, including vulnerability handling.

ICT risk management and operational resilience requirements for financial entities and their critical technology service providers.

World's first comprehensive AI law. Establishes risk-based framework with prohibited practices, high-risk requirements, and GPAI obligations.

Mandates accessibility for digital products and services, ensuring people with disabilities can access websites, apps, and digital interfaces.