EU Digital Legislation Hub

A complete reference for all active and upcoming EU regulations affecting digital businesses. Covering privacy, accessibility, cybersecurity, digital markets, AI, and consumer protection.

Last updated: March 2026. This is an informational resource, not legal advice.

Privacy & Data Protection

• GDPR (Active) — General Data Protection Regulation. Cornerstone EU regulation on personal data protection.
• ePrivacy Directive (Active) — Cookie consent and electronic communications privacy.
• ePrivacy Regulation (Proposed) — Will replace the ePrivacy Directive with harmonized rules.
• Data Act (Active, Sept 2025) — Rules on fair access to data from IoT and connected products.
• Data Governance Act (Active) — Framework for voluntary data sharing across the EU.

Accessibility

• European Accessibility Act (Active, June 2025) — Accessibility requirements for digital services including WCAG 2.1 AA.
• Web Accessibility Directive (Active) — Accessibility requirements for public sector websites.

Cybersecurity

• NIS2 Directive (Transposing) — Updated cybersecurity framework for essential and important entities.
• Cyber Resilience Act (Active, Dec 2027) — Security requirements for products with digital elements.
• Cybersecurity Act (Active) — EU cybersecurity certification framework.

Digital Markets

• Digital Services Act (Active) — Liability and safety rules for digital services, including dark pattern prohibition.
• Digital Markets Act (Active) — Obligations for gatekeeper platforms.

Artificial Intelligence

• AI Act (Active, Aug 2026) — Risk-based framework for AI regulation.
• AI Liability Directive (Proposed) — Civil liability rules for AI systems.

Consumer Protection

• Consumer Rights Directive (Active) — Consumer rights for online transactions.
• Omnibus Directive (Active) — Modernized consumer protection including fake review and dark pattern rules.