Dispatch from Brussels: Updates on EU tech policy

19 Jan 2026 01:32 PM

Key regulatory developments to look out for this year: As we start 2026, it is useful to be reminded of some of the key legislative developments we expect to see from the EU institutions:  

• One of the most important legislative developments will be the Digital Omnibus package which seeks to streamline the GDPR, Data Act, and AI Act to reduce administrative friction. You can read more about the package on our website  
• On 20 January, the European Commission will introduce the Digital Networks Act (DNA) in an attempt to overhaul telecoms governance focusing on spectrum harmonisation, net neutrality, and cloud connectivity to stimulate innovation. 
• The Cybersecurity Act revision expected this week will intend to simplify certification schemes alongside potential updates to the NIS2 Directive 
• In Q1 we can expect the Cloud and AI Development Act proposal which will aim to increase the EU’s cloud computing and AI capabilities while seeking to ensure its technological sovereignty.  
• By autumn, we can expect the Digital Fairness Act. This initiative will seek to target addictive digital design, deceptive "dark patterns," and influencer marketing.  

AI  

EU Commission drafting guidelines in case standards miss 2027 deadline: According to an article by Euractiv, The EU Commission is currently drafting “transitional” AI guidelines to step in if the AI standards (currently being developed), necessary for the EU’s AI Act application, are not ready on time. As a reminder, the European Standards bodies CEN-CENELEC (back in October 2025) had cleared the way for smaller expert groups to help finalise the work on several of the most relevant and most delayed Ai standards. This move had been seen as unprecedented and had sparked internal controversy which had led to several officers within CEN-CENELEC to send a letter to express their fears this would undermine the “core principles of consensus” on which standardisation is built.  

Sovereignty 

Commission opens consultation on European Open Digital Ecosystem Strategy: On 6 January 2026, the EU Commission opened a consultation period on its upcoming European Digital Ecosystem Strategy which will aim to set out:  

• “a strategic approach to the open source sector in the EU that addresses the importance of open source as a crucial contribution to EU technological sovereignty, security and competitiveness 
• a strategic and operational framework to strengthen the use, development and reuse of open digital assets within the Commission, building on the results achieved under the 2020-2023 Commission Open Source Software Strategy.” 

It is expected that the consultation will also help inform the EU’s upcoming Cloud and AI Development Act (CAIDA) which is set to be proposed in Q1 2026. The consultation period will close on 3 February 2026.  

Cybersecurity 

Cybersecurity Act Revision expected to be published this week: Back in 2019 the Cybersecurity Act (CSA) was adopted and formalised the role of the European Cybersecurity Agency and established a voluntary EU cybersecurity certification framework for ICT services. The CSA requires an evaluation and review every five years. This has been delayed several times, however the proposed revision is now expected to be published this week. As indicated by the European Parliamentary Research Service, the expected disagreements will likely revolve around the inclusion of sovereignty requirements in certification schemes. According to MLEX, it seems the EU Commission may also be considering the phase out of certain Chinese ICT vendors from critical infrastruc

g these people-to-people ties will help build a more globally competitive tech workforce and support collaboration on education and digital skills initiatives. You can read techUK’s official statement on the website.