EU Digital Sovereignty Legislation

Law name What it covers Status / application date Official links
Digital Services Act (DSA) Rules for online intermediary services, platforms, marketplaces, content moderation, transparency, and systemic risk duties for very large platforms/search engines. In force; fully applicable from 17 Feb 2024. EU page
EUR-Lex
Digital Markets Act (DMA) Competition rules for large “gatekeeper” platforms; fairness, interoperability, and anti-self-preferencing obligations. In force; obligations applied from 2 May 2023 for designated gatekeepers. EU page
EUR-Lex
Data Governance Act (DGA) Data sharing trust framework, data intermediaries, data altruism, and reuse of certain protected public-sector data. In force; applicable from 24 Sept 2023. EU page
EUR-Lex
Data Act Fair access to and use of data from connected products/services, B2B/B2G data access, cloud switching, and unfair contract terms. In force; applicable from 12 Sept 2025. EU page
EUR-Lex
AI Act Risk-based regulation of AI systems, including prohibited practices, high-risk AI, transparency duties, and governance. In force; phased application beginning 2025–2027 depending on obligation. EU page
EUR-Lex
Cyber Resilience Act (CRA) Cybersecurity requirements for products with digital elements, vulnerability handling, secure-by-design obligations. In force; reporting obligations from 11 Sept 2026; main obligations from 11 Dec 2027. EU page
EUR-Lex
NIS2 Directive Cybersecurity and incident reporting obligations for essential and important entities in critical sectors. In force; member-state transposition due 17 Oct 2024. EU page
EUR-Lex
eIDAS Regulation Electronic identification, trust services, signatures, seals, timestamps, and cross-border digital trust framework. In force since 2014. EU page
EUR-Lex
eIDAS 2 / European Digital Identity framework EU Digital Identity Wallet and updated trust-services framework. In force; rollout is phased, tied to delegated acts and member-state deployment. EU page
EUR-Lex
DORA Digital operational resilience for financial entities, ICT risk management, incident reporting, and testing. In force; applicable from 17 Jan 2025. EU page
EUR-Lex
1. Digital Services Act (DSA) 

Official EU page: https://digital-strategy.ec.europa.eu/en/policies/digital-services-act

EU law text: https://eur-lex.europa.eu/eli/reg/2022/2065/oj

2. Digital Markets Act (DMA) 

Official EU page: https://digital-markets-act.ec.europa.eu/index_en

EU law text: https://eur-lex.europa.eu/eli/reg/2022/1925/oj

3. Data Governance Act (DGA)

Official EU page: https://digital-strategy.ec.europa.eu/en/policies/data-governance-act

EU law text: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32022R0868

4. Data Act

Official EU page: https://digital-strategy.ec.europa.eu/en/policies/data-act

EU law text: https://eur-lex.europa.eu/eli/reg/2023/2854/oj

5. AI Act

Official EU page: https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai

EU law text: https://eur-lex.europa.eu/eli/reg/2024/1689/oj

6. Cyber Resilience Act (CRA)

Official EU page: https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act

EU law text: https://eur-lex.europa.eu/eli/reg/2024/2847/oj

7. NIS2 Directive

Official EU page: https://digital-strategy.ec.europa.eu/en/policies/nis2-directive

EU law text: https://eur-lex.europa.eu/eli/dir/2022/2555/oj

8. eIDAS Regulation

Official EU page: https://digital-strategy.ec.europa.eu/en/policies/eidas-regulation

EU law text: https://eur-lex.europa.eu/eli/reg/910/2014/oj

9. eIDAS 2 / European Digital Identity framework

Official EU page: https://digital-strategy.ec.europa.eu/en/policies/eudi-regulation

EU law text: https://eur-lex.europa.eu/eli/reg/2024/1183/oj

10. Digital Operational Resilience Act (DORA)

Official EU page: https://finance.ec.europa.eu/financial-markets/banking-union/digital-operational-resilience-act-dora_en

EU law text: https://eur-lex.europa.eu/eli/reg/2022/2554/oj


Search