The March 2025 edition has been edited by Valerian Jenny with contributions from the Regulatory & Public Affairs team.
This feature explores key regulatory updates and industry insights, including the EU's 2025 agenda, AI liability directive withdrawal, scam regulation in Spain, cybersecurity regulations and telecom liberalisation in China.
SIGN-UP TO RECEIVE THIS MONTHLY NEWSLETTER BY CLICKING HERE
The European Commission published earlier this month its 2025 Work Programme, which aims to streamline regulatory frameworks and improve competitiveness within the EU. Accompanied by a Communication on Implementation and Simplification, the Programme includes five Annexes detailing new, pending, withdrawn and repealed proposals, as well as the Commission's annual plan for evaluations and fitness checks. This follows the release of the Competitiveness Compass on 29 January 2025, which outlines actions to boost economic competitiveness in Europe.
For more information, please contact Paula Alexe.
With the EU AI Act finalised, attention had recently turned to the adoption of the proposal adapting non-contractual civil liability rules to AI (AI Liability Directive or AILD), first tabled by the Commission in September 2022. This proposal was meant to complete Europe’s AI regulatory framework. However, the European Commission decided to withdraw the proposal in February 2025 due to a lack of agreement among stakeholders and calls for regulatory simplification in the digital sector.
For more information, please contact Paolo Sasdelli.
On 12 February 2025, the Spanish Government passed a new regulation to tackle scam calls and messages — the Order TDF/149/2025, of 12 February, establishing measures to tackle scam through telephone calls and messages and to ensure the identification of the numbering used for the provision of customer services and marketing calls (Order on scam).
For more information, please contact Alejandro Sola.
The Cyber Resilience Act (CRA) introduces mandatory cybersecurity requirements for products that contain a digital element, obligating manufacturers and retailers to ensure these products meet security standards. The European Commission has just recently published a draft defining which digital products will be subject to the stricter requirements under the CRA.
For more information, please contact Dr. Natallia Karniyevich.
As the landscape of cybersecurity continues to evolve rapidly, the European Union (EU) has enacted several legislative acts designed to strengthen resilience and security across various sectors. This article provides a snapshot of three key developments shaping the cybersecurity landscape: the NIS2 Directive, the Critical Entities Resilience (CER) Directive, and the Cyber Resilience Act (CRA), each playing a pivotal role in fortifying cybersecurity within the EU.
For more information, please contact Mona Saadi (Business Development Manager, LLB) and Dr. Natallia Karniyevich..
The telecommunications market in China has always been a challenging one for foreign service providers and operators. Not only do they face restrictions in the amount of equity interest they can hold in a local China service provider, the current policy also provides that certain telecom services can only be provided by domestic Chinese companies. For certain basic telecom services/carrier services, such as mobile services, they are strictly reserved for state owned enterprises.
For more information, please contact Michelle Chan.
Australians may soon need to start preparing new excuses for avoiding SMSs other than ‘I was out of service’, as more partnerships between Australian mobile network operators and direct-to-device service providers are revealed.