digital economy regulation

The French telecom operator failed to obtain users’ consent to display advertising e-mails in its Mail Orange service. Orange further failed to consider the withdrawal of consent for cookies by users of its website. In both cases Orange breached provisions of the e-Privacy Directive as implemented in France.

Members of the Legal Affairs committee disagreed on both the need for EU harmonised rules for non-contractual civil liability (i.e. fault-based liability for damages) and the level of harmonisation (minimum or full).

The European Commission must adopt standard contractual clauses for cloud computing contracts and model contractual terms for data sharing by 12 September 2025, when most provisions of the EU Data Act will begin to apply. The Commission hosted six webinars in November and December 2024 to gather feedback from stakeholders on the draft versions.

This report gathers policy and regulatory developments at EU level covered by Cullen International’s Digital Economy and Media services during last week. It also lists events taking place this week. This is the last EU Digital & Media Weekly Report before 2025, when discussions in Brussels around the different policy and regulatory initiatives will resume after the end-of-year holiday period.

The Cyber Resilience Act entered into force on 10 December 2024. Cullen International published a cheat sheet providing an overview of the main obligations introduced by the new regulation.

Telecoms ministers counselled caution on the upcoming review of the regulatory framework for electronic communications, insisting on additional analysis and thorough impact assessments. EU member states also discussed the review of the 2030 digital decade goals by mid-2026 during the Telecoms Council meeting of 6 December.