Conceptually, you think of IoT devices, but the CRA has a far broader scope of application. In this article we examine one of the tricky nuances – distinguishing between a digital product and SaaS under the CRA.
The EU’s Cyber Resilience Act (CRA) looks to reshape product cybersecurity
Continue Reading Cyber Resilience Act: the fine line between SaaS and digital products
Any cloud service provider seeking to offer cloud services to the German public sector will inevitably have to deal with the Supplementary Contractual Conditions for the Procurement of IT Services (Ergänzende Vertragsbedingungen für die Beschaffung von IT-Leistungen – “EVB-IT”). The EVB-IT were developed by the Federal/State/Local Cooperation
Continue Reading EVB-IT Cloud – Standard Contract with Leeway for Cloud Providers
The European Commission has just unveiled its proposal for the Digital Networks Act (DNA). The DNA marks a fundamental shift from regulating traditional “electronic communications” to a broader, cloud-integrated ecosystem of “digital networks”.
In a nutshell: The DNA replaces the fragmented framework of the 2018 Electronic Communications Code (EECC)
Continue Reading From Telecoms to “Digital Networks”: Navigating the EU’s New Digital Networks Act (DNA)
The ICO has, this week, published extensive guidance on its expectations on Agentic AI, ICO tech futures: Agentic AI | ICO. The UK data protection regulator’s core message is clear: the future of the success of this technology is rooted in accountability.
Investor expectations on the realisation of commercial
Continue Reading Why Investors should lean into privacy-centric AI: key takeaways from the ICO’s Agentic AI Guidance
Discussions surrounding the German Distance Learning Protection Act (FernUSG), which has been in effect since 1976, have gained momentum again in recent years in Germany. The reason is the growing popularity of online coaching. While remote coaching has already existed in some forms for over 30 years, the range of
Continue Reading Regulatory wake-up call: The increasing relevance of the German Distance Learning Protection Act (FernUSG) for digital coaching models
The Higher Regional Court of Hamburg has issued a ruling that contains important guidelines for the admissibility of AI training and data mining.
In its ruling dated 10 December 2025, the court dismissed the appeal brought by the photographer Robert Kneschke against the first-instance judgment of the Regional Court of
Continue Reading Robert Kneschke v. LAION: Judgment of 10 December 2025 (Ref.: 5 U 104/24)
The European Space Agency launched the James Webb Space Telescope on Christmas Day 2021 from its facility in French Guiana. A collaboration between NASA, CSA and ESA, the JWST’s launch could not have gone better – a perfect ballet of rocketry, automation and cutting -edge science. The James Webb continues
Continue Reading Digital Autofocus – Will Europe’s Digital Omnibus bring clarity to Regulation?
In a significant stride toward strengthening digital stability in Europe’s financial sector, the European Supervisory Authorities (EBA, EIOPA, and ESMA) have, today, published the list of critical ICT third‑party service providers under the Digital Operational Resilience Act (DORA). This move gives the ESAs direct oversight of some of the
Continue Reading DORA’s Critical ICT Provider List Published – A New Milestone for Digital Resilience
The dream of directly effective supra-national legislation, applying in exactly the same way in each EU Member State: an EU Regulation should (in theory) provide the same protections in the same way at the same time to all EU citizens. As is ever the case, theory and reality rarely align
Continue Reading State of the Act: EU AI Act implementation in key Member States
Earlier this week the European Policy Centre (with its partner the Vodafone Institute) published a new discussion paper looking at the strategic issues around European submarine cables and making some recommendations. Since it’s an area of work close to my heart I have reviewed and set out below – in
Continue Reading The Proposed European Strategy for Submarine Infrastructure
A recent decision from a Finnish district court has cast light on the legal and operational challenges surrounding damage to submarine infrastructure, particularly in contested or sensitive maritime zones. The case concerned the Eagle S, a Cook Islands-flagged oil tanker, whose crew faced criminal charges following an incident in
Continue Reading The difficulty of bringing criminal cases for submarine cable damage – the Eagle S case
