Sign in Subscribe
By Michael Herzog in eu

EU regulations & directives

Several key EU regulations and directives have been shaping the landscape for the public sector and GovTech. These legislative measures are designed to harmonize practices across member states, enhance digital capabilities, ensure data privacy and security, and foster innovation.

Here’s an overview of some of the most pivotal ones:

1. Digital Services Act (DSA) and Digital Markets Act (DMA)

The DSA and DMA are part of the European Digital Strategy aimed at creating a safer digital space where the fundamental rights of users are protected and to establish a level playing field for businesses. The DSA focuses on regulating digital services that act as intermediaries in their role of connecting consumers with goods, services, and content. The DMA targets gatekeeper platforms to ensure they don’t enforce unfair conditions on businesses and users.

2. Data Governance Act (DGA)

The Data Governance Act aims to foster the availability of data for use by increasing trust in data intermediaries and by strengthening data-sharing mechanisms across the EU. For the public sector, this means more efficient data sharing between entities and countries, fostering innovation and improving public services.

3. The European Data Protection Regulation (GDPR)

Although not recent, GDPR continues to be a significant regulation for data protection and privacy, impacting how public sector organizations and GovTech solutions manage personal data. It emphasizes the principles of data minimization, consent, and individuals' rights over their data.

4. The AI Act

The AI Act is a regulatory framework aimed at ensuring AI systems are safe and respect existing laws on fundamental rights and values. For the public sector and GovTech, it introduces strict requirements for high-risk AI applications, including transparency, accountability, and human oversight mechanisms.

5. Cybersecurity Directive (NIS2)

The NIS2 Directive updates and replaces the original NIS Directive to enhance cybersecurity across the EU. It extends the scope to cover more sectors and digital services, including essential public services like water, energy, transport, banking, and digital infrastructure, imposing stricter security and incident reporting requirements.

6. eIDAS Regulation

The eIDAS Regulation provides a common foundation for secure electronic interactions between citizens, businesses, and public authorities. It ensures that people and businesses can use their own national electronic identification schemes (eIDs) to access public services in other EU countries where eIDs are available.

7. The European Health Data Space (EHDS)

Though specific to the healthcare sector, the EHDS aims to promote health-data exchange and support research on new preventive strategies, treatments, medicines, medical devices, and outcomes. For GovTech, this represents a move towards more integrated, digital health services across the EU.

8. Corporate Sustainability Reporting Directive (CSRD)

The Corporate Sustainability Reporting Directive (CSRD) is an evolution of the Non-Financial Reporting Directive (NFRD). It significantly expands the scope of sustainability reporting requirements for companies operating within the EU.

These regulations and directives reflect the EU's commitment to creating a digital single market, enhancing digital sovereignty, and ensuring that technological advancements benefit all citizens equally while safeguarding their fundamental rights. Public sector entities and GovTech companies must navigate these regulations carefully, as they shape the digital landscape in which they operate.

Subscribe to Public Tech Insights: Europe

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe