digital economy regulation

A risk assessment by the expert group identifies certain third countries, notably China and the US, that may have an impact on the security and resilience of EU submarine cable infrastructure. The expert group calls for considering supply-related measures to mitigate the EU’s dependence on US actors.

At a conference in Brussels, Christian D’Cunha, head of unit at European Commission DG Connect, said that while the regulation will become fully applicable in 2027, entities within scope “should be trying to implement it right now”. Stakeholders also discussed the upcoming review of the Cybersecurity Act, the interplay between cybersecurity rules, and the security of submarine cables.

This report gathers policy and regulatory developments at EU level covered by Cullen International’s Digital Economy and Media services over the past week. It also lists events taking place this week.

The government adopted draft amendments to the Cybersecurity Act. The amendments would introduce procedures to ban equipment from high-risk vendors. The procedures would apply to any sector covered by the directive on measures for a high common level of cybersecurity across the EU (NIS2), such as telecoms networks and cloud.

This report gathers policy and regulatory developments at EU level covered by Cullen International’s Digital Economy and Media services over the past week. It also lists events taking place this week.

The government will allow data centre operators to pay lower taxes on equipment purchases over a period of five years, subject to localisation and sustainability obligations. However, Congress must approve the provisional measure by 16 January 2026 for it to remain in force.