Connected - October 2025
Contacts
Partner
France
I am a tech-friendly lawyer based in Paris, specialising in data protection, communications and satellites, with a commitment to providing business-oriented, sustainable advice.
Related
Practices
Sectors
Trending Topics
The October 2025 edition has been edited by Willy Mikalef with contributions from the Regulatory & Public Affairs team.
This month we cover a diverse set of developments shaping the tech regulatory landscape. We begin with the upcoming Digital Networks Act proposal, and the EU e-Evidence Regulation. Attention then turns to quantum technologies, as the EU prepares its future Quantum Act to support Europe's ambitions in this area.
We continue with updates on Italy's new regulatory framework for Content Delivery Networks (CDNs), and Spain's progress on the Sender ID Registry to combat scam messaging. Our focus then shifts to Japan, where the AI Act is driving strategic government actions, and to Spain, with insights from Spain's Data Protection Authority on the European Digital Identity Wallet under eIDAS2.
In the space sector, we explore the role of regulatory sandboxes and France's consultation on Mobile Satellite Services. Finally, we highlight Poland's ongoing NIS2 implementation, including the new framework for high-risk vendors.
SIGN-UP TO RECEIVE THIS MONTHLY NEWSLETTER BY CLICKING HERE
EU – Digital Network Act proposal
The Digital Network Act: what (not) to expect
There is a lot a speculation in the market about the Digital Networks Act (DNA) the European Commission will be presenting before Christmas this year. Reportedly, the Commission is still weighing the options. Next to what we’ve read, here’s what we heard from the Commission during conferences and one-to-one conversations.
For more information, please contact Feyo Sickinghe.
EU – Future quantum regulation
Turning science into entrepreneurship to create Europe’s ‘Quantum Valley’
Quantum technologies use the rules of quantum mechanics to build new and powerful tools like quantum computers and sensors that go beyond the limits of classical computers and existing supercomputers. In the wake of AI, Big Data, Internet of Things and blockchain, quantum is widely seen as the next frontier technology which will lead to groundbreaking innovations across many industries.
For more information, please contact Francine Cunningham.
Italy – Telecom and CDNs regulation
Content Delivery Network and Resolution No. 207/25/CONS: the applicability of the authorisation regime in Italy
Content Delivery Networks (CDN) are a set of geographically distributed servers, aimed at speeding up and optimising the online delivery of content to final users. These servers, also known as caches, are installed, for instance, within the networks of electronic communications operators or in Internet Exchange Points (IXP), and allow them to benefit from transmission capacity and space to replicate and archive the contents present on the original servers. In this way, the request for a particular content is fulfilled by the server closest to the user and faster than if it had to be handled by the content provider head quarter.
READ THE FULL STORY
For more information, please contact Federico Marini Balestra and Jacopo Orsi.
Spain – Messaging regulation updates
First steps for the CNMC Sender ID Registry
Spain’s communications regulator, the CNMC, has concluded its preliminary public consultation on the design and operation of the Sender ID (Alias) Registry. This initiative, the first of its kind in Spain, will be implemented under Order TDF/149/2025, of 12 February, establishing measures to tackle scam through telephone calls and messages and to ensure the identification of the numbering used for the provision of customer services and marketing calls. The consultation, open until 30 September 2025, sought industry input on operational, technical, and governance aspects to ensure a framework that is both regulatorily robust and operationally effective.
READ THE FULL STORY
For more information, please contact Alejandro Sola.
Japan – AI governance updates
Japan's AI Governance: Major Government Steps Since the AI Act
In May of this year, Japan enacted the AI Act (Act on Promotion of Research and Development, and Utilisation of AI-related Technology), which came into full effect on 1 September 2025. Unlike the EU AI Act, Japan's AI Act is a principle-based framework that does not impose specific obligations or penalties in relation to the use of AI. Instead, the Act aims to establish that the research, development and use of AI is a national priority. You can read more about Japan's AI Act and its comparison to the EU AI Act here.
READ THE FULL STORY
For more information, please contact Aya Saito and Masahiro Tanabe.
EU/Spain – Digital Identity Wallet insights
The European Digital Identity Wallet: Insights from Spain's Data Protection Authority
The Spanish Data Protection Authority (AEPD) has published a series of articles on its blog examining the European Digital Identity Regulation (Regulation (EU) 2024/1183), commonly known as the eIDAS2 Regulation. These publications explore the critical data protection and privacy considerations surrounding the EU Digital Identity Wallet, a new framework designed to give European citizens secure control over their digital identities whilst safeguarding their fundamental rights.
For more information, please contact Paula Garralon.
EU – e-Evidence Regulation overview
e-Evidence Regulation: Key compliance takeaways for service providers by 2026
On 18 August 2026, the EU’s new framework for cross-border access to electronic evidence will enter into application across all EU Member States (except Denmark). It consist of two legislative acts: Regulation (EU) 2023/1543, which applies directly, and the accompanying Directive (EU) 2023/1544, which EU Member States must transpose by 18 February 2026.
For more information, please contact Anthony Rosen and Lewin Rexin.
UK/EU – Space regulatory sandbox
Satellites and sandboxes: why controlled testing environments could be key to regulating tomorrow's space technologies
Regulatory sandboxes can be a valuable tool in modern regulation. Depending on how sandboxes are structured, they can create structured spaces where regulators, industry, and other stakeholders can work together to develop policy in complex and fast-moving sectors. This approach can be particularly helpful where traditional regulatory frameworks struggle to keep pace with technological change, and where innovation, safety, and commercial interests all need to be balanced carefully.
For more information, please contact Hayley Blyth or Raoul Grifoni Waterman.
France – Consultation on Mobile Satellite Services
A new public consultation by ARCEP on Mobile Satellite Services
The French Regulatory Authority for Electronic Communications (“ARCEP”) has recently launched a public consultation to gather stakeholders’ views on frequency requirements in the L-band for the operation of mobile satellite services. This initiative aims to prepare the framework and conditions for the future reassignment of these frequencies.
For more information, please contact Willy Mikalef and Maximilien Schilton.
Poland – NIS2 implementation
How Poland is shaping its NIS2 implementation and what is so special about high-risk vendor?
Poland is still implementing the NIS2 Directive.
The current ninth draft of the Draft Act on the National Cybersecurity System (PL: Projekt ustawy o krajowym systemie cyberbezpieczeństwa oraz niektórych innych ustaw, the “Act”), is still under governmental review and has yet to be submitted to the Polish Parliament. No official schedule for its adoption has been announced.
For more information, please contact Izabela Kowalczuk-Pakula and Aleksandra Mizerska.
