In less than one month a new legislative term is going to start, so it is time to look into what tech policy will look like in this new era.

The focus on implementation

First of all, the general approach will change.  After a quite substantive amount of digital legislation in this term,  with the adoption of the Data Act, Data Governance Act, Digital Services Act, Digital Markets Act, Cyber Resilience Act, Chips Act, NIS2, and of course the AI Act, the focus will now move on implementation.

Since many of these files overlap, one challenge of the implementation process will be to avoid inconsistencies in how all these sets of rules are applied. 

The focus on implementation doesn’t mean we are going to get bored, quite the contrary.  Let’s take the AI Act as an example. 

Starting from the recently-established AI Office activity, that with the AI Pact will be in charge of supporting companies to start complying with the AI Act measures in the next 2 years before it applies.

Moreover, implementation obviously means secondary legislation, and for the AI Act we are expecting around 20 between delegated and implementing acts that will go into the details of the regulation. The Commission is also set to publish guidelines on the implementation of the file. 

Another key aspect is the work on standardisation, carried out by CEN and CENELEC, which will have a massive impact in how the AI Act will be applied in practice.  

To complete the framework, the work the AI liability directive, a complementary file that deals with the liability side of things and was put on hold in the previous term, is likely to resume.

Other new initiatives on the radar

The next term is not just going to be about implementation. After the new institutional setting will be in place, we will see some new proposals in the pipeline.

The Digital Networks Act is the one new big initiative expected for the next term, which will address not only the concerns of the telecom sector of the past years such as market concentration, spectrum management and investments in networks:  it will also be a key pillar of a new competitiveness strategy as a reinforced digital single market to boost will mean a more digitalised – and therefore competitive – digital industry.

While the Commission and strategic documents like the Letta report seem to go into that direction, a resistance at the Member States’ level, reinforced by the results of the elections, may slow down this process and push towards the opposite direction. 

GDPR Review – the second report on the application of the GDPR is expected soon.  While in the first the report the regulation was considered fit for purpose, several issues related to its application have emerged in the past years. This and the fact that the legislative framework has dramatically changed make a review a lot more likely in the new term. Whether it is going to be about a complete review (aka opening Pandora’s box) or a set of targeted amendments, like the ongoing proposal on GDPR enforcement in cross border cases, we will find out in the next months. 

Last but not least – keep an eye out for Virtual worlds: The institutions have shown great interest in regulating the metaverse and considering its potential benefits. The Commission published a strategy on virtual worlds in 2023 . The Parliament adopted two own-initiative reports dealing with consumer/data protection and civil/commercial law aspects of the metaverses. While a legislative initiative has not been announced yet, it is one the of the few things that haven’t been regulated yet and – also in light of the results of the elections – one of the areas that are likely to be supported across the different political groups.