IT & Telecommunications

Regulations for the IT and Telecommunications Sector

IT and telecommunications companies are at the centre of digital regulation. As operators of digital infrastructure and providers of ICT services, they are affected by virtually all current EU regulations.

Why Is the IT Sector Especially Affected?

  • Digital infrastructure: Telecommunications providers, data centres, and cloud services are classified as essential entities under NIS2
  • Data processing: IT companies process large volumes of personal data and are subject to strict GDPR requirements
  • AI development: Providers of AI systems fall directly under the AI Act
  • ICT third-party providers: As critical service providers for the financial sector, DORA requirements apply

Key Challenges

  • High cybersecurity requirements under NIS2 for DNS, cloud, and managed service providers
  • AI regulation affects developers and providers of AI systems at all risk levels
  • Cross-border data processing requires particular GDPR compliance efforts
  • Rapid innovation cycles meet long-term regulatory requirements
Check now: Which regulations affect your company?

Stay informed

Get information on new and updated EU regulations for your industry.

Relevant Regulations

AI Act The EU AI Act regulates the use of AI systems in the EU. Learn about the risk categories and what your company needs to consider. CRA The Cyber Resilience Act mandates cybersecurity across the product lifecycle. Find out what requirements apply to your organisation. Data Act The Data Act governs fair access to data from connected products. Find out what rights and obligations apply to your organisation. DMA The Digital Markets Act regulates digital gatekeepers in the EU. Find out how it affects platform users and competition. DORA DORA strengthens digital resilience in the financial sector. Find out what requirements apply to your organisation. DSA The Digital Services Act governs the responsibilities of digital services in the EU. Find out what obligations apply to online platforms. EHDS The EHDS creates a European framework for accessing and using health data. Find out what it means for the healthcare sector. eIDAS 2.0 eIDAS 2.0 establishes the framework for the EU Digital Identity Wallet. Find out how it impacts regulated industries. ePrivacy The ePrivacy Directive governs cookie consent, electronic communications, and direct marketing. Find out what obligations apply to your organisation. GDPR The GDPR governs the handling of personal data in the EU. Learn about your company's obligations and what you need to comply with. MiCA MiCA creates a unified regulatory framework for crypto-assets in the EU. Find out what obligations apply to issuers and service providers. NIS2 The NIS2 Directive tightens cybersecurity requirements for companies in the EU. Find out if your organisation is affected and what steps to take. PSD3 PSD3 modernises EU payment services regulation with stronger consumer protection and enhanced open banking rules. Find out what is planned.