THE LEX DIGITALIS
International & Comparative Information Technology (IT) Law
lex digitalis: special rules and regulations which applies to information technology area, also known as it law, cyber law, tech law
One stop shop for all international, regional, national digital legislations, strategies and authorities
Lex specialis derogat legi generali: Specific rules will prevail over more general rules
EUROPEAN UNION
SECTION I – LEGAL AND POLICY FRAMEWORK
ACCESSIBILITY
Accessibility Directive – EU Directive (EU) 2019/882 of the European Parliament and of the Council of 17 April 2019 on the accessibility requirements for products and services – EUR Lex L 151/70 7.6.2019
Web Accessibility Directive – EU Directive (EU) 2016/2102 of the European Parliament and of the Council of 26 October 2016 on the accessibility of the websites and mobile applications of public sector bodies – EUR Lex L 327/1 2.12.2016
ARTIFICIAL INTELLIGENCE
AI Liability Directive (Proposal) – EU Proposal for a Directive of the European Parliament and of the Council on adapting non-contractual civil liability rules to artificial intelligence (AI Liability Directive) – EUR Lex COM(2022) 496 final 28.9.2022
Artificial Intelligence Act (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council Laying Down Harmonised Rules on Artificial Intelligence (Artificial Intelligence Act) and Amending Certain Union Legislative Acts – EUR Lex COM(2021) 206 final 21.4.2021
AI Strategy – EU Communication from the Commission to the European Parliament, the European Council, the Council, the European Economic and Social Committee and the Committee of the Regions Artificial Intelligence for Europe, COM/2018/237 final – EUR Lex COM(2018) 237 final 25.4.2018
AUDIOVISUAL
Audiovisual Media Services Directive – EU Directive 2010/13/EU of the European Parliament and of the Council of 10 March 2010 on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the provision of audiovisual media services (Audiovisual Media Services Directive) – EUR Lex L 95/1 15.4.2010
Audiovisual Media Services Directive 2 (Proposal) – Proposal for a Directive of the European Parliament and of the Council amending Directive 2010/13/EU on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the provision of audiovisual media services in view of changing market realities – EUR Lex COM(2016) 287 final 25.5.2016
BLOCKCHAIN/CRYPTOCURRENCY
MICA Regulation (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council on Markets in Crypto-assets, and amending Directive (EU) 2019/1937 – EUR Lex COM(2020) 593 final 24.9.2020
Distributed Ledger Technology Regulation (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council on a pilot regime for market infrastructures based on distributed ledger technology – EUR Lex COM(2020) 594 final 24.9.2020
CHILDREN PROTECTION
Use of Data For Combatting Online Child Sexual Abuse Regulation – EU Regulation (EU) 2021/1232 of the European Parliament and of the Council of 14 July 2021 on a temporary derogation from certain provisions of Directive 2002/58/EC as regards the use of technologies by providers of number-independent interpersonal communications services for the processing of personal and other data for the purpose of combating online child sexual abuse – EUR Lex L 274/41 30.7.2021
CSAM Regulation (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council laying down rules to prevent and combat child sexual abuse – EUR Lex COM(2022) 209 final 11.5.2022
COMPANY LAW
Digital Company Directive – EU Directive (EU) 2019/1151 of the European Parliament and of the Council of 20 June 2019 amending Directive (EU) 2017/1132 as regards the use of digital tools and processes in company law – EUR Lex L 186/80 11.7.2019
COMPETITION LAW
Digital Markets Act (DMA) – EU Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act) – EUR Lex L 265/1 12.10.2022
DMA Implementing Regulation – Commission Implementing Regulation (EU) of 14.4.2023 on detailed arrangements for the conduct of certain proceedings by the Commission pursuant to Regulation (EU) 2022/1925 of the European Parliament and of the Council – EUR Lex C(2023) 2530 final
CONTENT
Terror Content Regulation – EU Regulation (EU) 2021/784 of the European Parliament and of the Council of 29 April 2021 on addressing the dissemination of terrorist content online – EUR Lex L 172/79 17.5.2021
Digital Content and Services Directive – EU Directive (EU) 2019/770 of the European Parliament and of the Council of 20 May 2019 on certain aspects concerning contracts for the supply of digital content and digital services – EUR Lex L 136/1 22.5.2019
COPYRIGHT
Copyright Directive – EU Directive (EU) 2019/790 of the European Parliament and of the Council of 17 April 2019 on copyright and related rights in the Digital Single Market and amending Directives 96/9/EC and 2001/29/EC – EUR Lex L 130/92 17.5.2019
Computer Programs Directive – Directive 2009/24/EC of the European Parliament and of the Council of 23 April 2009 on the legal protection of computer programs – EUR Lex L 111/16 5.5.2009
Databases Directive – EU Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases – EUR Lex L 77/20 27.3.1996
CYBERSECURITY
Cybersecurity Act – EU Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act), EUR Lex L 151/15 7.6.2019
NIS 1 Directive (Repealed) – EU Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union – EUR Lex L 194/1 19.7.2016
NIS 2 Directive – EU Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) – EUR Lex L 333/80 27.12.2022
Council Cybersecurity Regulation – EU Council Regulation (EU) 2019/796 of 17 May 2019 concerning restrictive measures against cyber-attacks threatening the Union or its Member States – EUR Lex LI 129/1 17.5.2019
Cyber-Attacks Directive – EU Directive 2013/40/EU of the European Parliament and of the Council of 12 August 2013 on attacks against information systems and replacing Council Framework Decision 2005/222/JHA – EUR Lex L 218/8 14.8.2013
European Cybersecurity Competence Centre Regulation – EU Regulation (EU) 2021/887 of the European Parliament and of the Council of 20 May 2021 establishing the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres – EUR Lex L 202/1 8.6.2021
Critical Entities Directive – EU Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities and repealing Council Directive 2008/114/EC – EUR Lex L 333/164 27.12.2022
Digital Operational Resilience Act (DORA) – EU Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 – EUR Lex L 333/1 27.12.2022
DORA Amending Directive – EU Directive (EU) 2022/2556 of the European Parliament and of the Council of 14 December 2022 amending Directives 2009/65/EC, 2009/138/EC, 2011/61/EU, 2013/36/EU, 2014/59/EU, 2014/65/EU, (EU) 2015/2366 and (EU) 2016/2341 as regards digital operational resilience for the financial sector – EUR Lex L 333/1 27.12.2022
Cybersecurity Strategy – EU Joint Communication to the European Parliament and the Council the EU’s Cybersecurity Strategy for the Digital Decade, JOIN(2020) 18 final – EUR Lex JOIN(2020) 18 final 16.12.2020
Cybersecurity Restrictive Measures Implementing Regulation – EU Council Implementing Regulation (EU) 2020/1125 of 30 July 2020 implementing Regulation (EU) 2019/796 concerning restrictive measures against cyber-attacks threatening the Union or its Member States – EUR Lex L 246/4 30.7.2020
EU Institutions Cybersecurity Regulation (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union – EUR Lex COM(2022) 122 final 22.3.2022
Cyber Resilience Act (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council on horizontal cybersecurity requirements for products with digital elements and amending Regulation (EU) 2019/1020 – EUR Lex COM(2022) 454 final 15.9.2022
Cyber Defence Resolution – EU – European Parliament resolution of 13 June 2018 on cyber defence (2018/2004(INI)) – EUR Lex C 28/57 ” 27.1.2020″
Secure Connectivity Act (Proposal) – EU – Proposal for a Regulation of the European Parliament and of the Council establishing the Union Secure Connectivity Programme for the period 2023-2027 – EUR Lex COM(2022) 57 final 15.2.2022
Aviation Security (Cybersecurity Measures) Regulation – EU Commission Implementing Regulation (EU) 2015/1998 of 5 November 2015 laying down detailed measures for the implementation of the common basic standards on aviation security – EUR Lex L 299 14.11.2015
Substantial Impact Incident Implementing Regulation – EU Commission Implementing Regulation (EU) 2018/151 of 30 January 2018 laying down rules for application of Directive (EU) 2016/1148 of the European Parliament and of the Council as regards further specification of the elements to be taken into account by digital service providers for managing the risks posed to the security of network and information systems and of the parameters for determining whether an incident has a substantial impact – EUR Lex L 26/48 31.1.2018
EU Cyber Solidarity Act (Proposal) – Proposal for a Regulation of the European Parliament and of the Council laying down measures to strengthen solidarity and capacities in the Union to detect, prepare for and respond to cybersecurity threats and incidents – EUR Lex COM(2023) 209 final
EU Cyber Diplomacy Toolbox – Council of the European Union – Draft Council Conclusions on a Framework for a Joint EU Diplomatic Response to Malicious Cyber Activities (“Cyber Diplomacy Toolbox”) – Adoption – 9916/17
EU Cyber Defence Policy Framework – Council of the European Union – EU Cyber Defence Policy Framework (2018 update) – 14413/18
EU A Strategic Compass For Security and Defence – A Strategic Compass For Security and Defence – For A European Union that protects its citizens, values and interests and contributes to international peace and security – 21.03.2022
Radio Equipment Directive Delegated Regulation – Commission Delegated Regulation (EU) 2022/30 of 29 October 2021 supplementing Directive 2014/53/EU of the European Parliament and of the Council with regard to the application of the essential requirements referred to in Article 3(3), points (d), (e) and (f), of that Directive – EUR Lex L 7/6 12.01.2022
Cybersecurity of 5G networks – EU Toolbox of risk mitigating measures – 29.01.2020
DATA
Non-Personal Data Regulation – EU Regulation (EU) 2018/1807 of the European Parliament and of the Council of 14 November 2018 on a framework for the free flow of non-personal data in the European Union – EUR Lex L 303/59 28.11.2018
Open Data Directive – EU Directive (EU) 2019/1024 of the European Parliament and of the Council of 20 June 2019 on open data and the re-use of public sector information – EUR Lex L 172/56 26.6.2019
Data Governance Act – EU Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act) – EUR Lex L 152/1 3.6.2022
Data Strategy – EU Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions – A European Strategy For Data, COM/2020/66 final – EUR Lex COM(2020) 66 final 19.2.2020
Data Act (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council on harmonised rules on fair access to and use of data (Data Act) – EUR Lex COM(2022) 68 final 23.2.2022
Health Data Space Regulation (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council on the European Health Data Space – EUR Lex COM(2022) 197 final 3.5.2022
DATA PROTECTION
GDPR – EU Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement Of Such Data, And Repealing Directive 95/46/EC (General Data Protection Regulation) – EUR Lex L 119 4.5.2016
EU Law Enforcement Directive (LED) – Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the Protection of Natural Persons with Regard to the Processing of Personal Data by Competent Authorities for the Purposes of the Prevention, Investigation, Detection or Prosecution of Criminal Offences or the Execution of Criminal Penalties, and on the Free Movement of Such Data, and Repealing Council Framework Decision 2008/977/JHA – EUR Lex L 119/89 4.5.2016
Directive 95/46 (Repealed) – EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data – EUR Lex L 281 23.11.1995
Data Retention Directive (Repealed) – EU Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC – EUR Lex L 105/54 13.4.2006
ePrivacy Directive Directive (Cookies Directive) – EU Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) – EUR Lex L 337/11 18.12.2009
EU Institutions Data Protection Regulation – EU Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC – EUR Lex L 295/39 21.11.2018
E-Privacy Directive (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications) – EUR Lex COM(2017) 10 final 10.1.2017
Shor-Term Accommodation Data Regulation (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council on data collection and sharing relating to short-term accommodation rental services and amending Regulation (EU) 2018/1724 – EUR Lex COM(2022) 571 final 7.11.2022
DIGITALISATION
Digital Decade Policy Decision – EU Decision (EU) 2022/2481 of the European Parliament and of the Council of 14 December 2022 establishing the Digital Decade Policy Programme 2030 – EUR Lex L 323/4 19.12.2022
Connecting Europe Regulation – EU – Regulation (EU) 2021/1153 of the European Parliament and of the Council of 7 July 2021 establishing the Connecting Europe Facility and repealing Regulations (EU) No 1316/2013 and (EU) No 283/2014 – EUR Lex L 249/38 14.7.2021
Digital Rights Declaration – EU European Declaration on Digital Rights and Principles for the Digital Decade – EUR Lex C 23 23.1.2023
2030 Digital Compass – EU Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: 2030 Digital Compass: the European way for the Digital Decade – EUR Lex 9.3.2021
DISINFORMATION
Disinformation Communication – EU Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: Tackling online disinformation: a European Approach – EUR Lex COM(2018) 236 final 26.4.2018
The Code of Practice on Disinformation – EU Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions European Commission Guidance on Strengthening the Code of Practice on Disinformation – EUR Lex COM(2021) 262 final 26.5.2021
ELECTRONIC COMMUNICATION
Electronic Communications Code – EU Directive (EU) 2018/1972 of the European Parliament and of the Council of 11 December 2018 establishing the European Electronic Communications Code – EUR Lex L 321/36 17.12.2018
BEREC Regulation – EU Regulation (EU) 2018/1971 of the European Parliament and of the Council of 11 December 2018 establishing the Body of European Regulators for Electronic Communications (BEREC) and the Agency for Support for BEREC (BEREC Office), amending Regulation (EU) 2015/2120 and repealing Regulation (EC) No 1211/2009 – EUR Lex L 321 17.12.2018
EVIDENCE
Electronic Evidence Regulation (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters – EUR Lex COM(2018) 225 final 17.4.2018
Legal Representative for Evidences Directive (Proposal) – EU Proposal for a Directive of the European Parliament and of the Council laying down harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings – EUR Lex COM(2018) 226 final 17.4.2018
FINANCE
PSD 2 Directive – EU Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC – EUR Lex L 337/35 23.12.2015
E-Invoncing in Public Procurement Directive – EU Directive 2014/55/EU of the European Parliament and of the Council of 16 April 2014 on electronic invoicing in public procurement – EUR Lex L 133/1 6.5.2014
INFORMATION SOCIETY & E-COMMERCE
E-Commerce Directive – EU Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market – EUR Lex L 178 17.7.2000
Information Society Technical Directive – EU Directive (EU) 2015/1535 of the European Parliament and of the Council of 9 September 2015 laying down a procedure for the provision of information in the field of technical regulations and of rules on Information Society services – EUR Lex L 241/1 17.9.2015
INTERNAL MARKET
Geo-Blocking Regulation – EU Regulation (EU) 2018/302 of the European Parliament and of the Council of 28 February 2018 on addressing unjustified geo-blocking and other forms of discrimination based on customers’ nationality, place of residence or place of establishment within the internal market and amending Regulations (EC) No 2006/2004 and (EU) 2017/2394 and Directive 2009/22/EC – EUR Lex L 60I 2.3.2018
Portability Regulation – EU Regulation (EU) 2017/1128 of the European Parliament and of the Council of 14 June 2017 on cross-border portability of online content services in the internal market – EUR Lex L 168/1 30.6.2017
Single Digital Gateway Regulation – EU Regulation (EU) 2018/1724 of the European Parliament and of the Council of 2 October 2018 establishing a single digital gateway to provide access to information, to procedures and to assistance and problem-solving services and amending Regulation (EU) No 1024/2012 – EUR Lex L 295 21.11.2018
Interoperability Framework Regulation – EU – Regulation (EU) 2019/817 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of borders and visa and amending Regulations (EC) No 767/2008, (EU) 2016/399, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1726 and (EU) 2018/1861 of the European Parliament and of the Council and Council Decisions 2004/512/EC and 2008/633/JHA – EUR Lex L 135 22.5.2019
Digital Single Market Strategy – EU Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions a Digital Single Market Strategy For Europe – EUR Lex COM(2015) 192 final 6.5.2015
INTERNET LAW
EU TLD Regulation – EU Regulation (EU) 2019/517 of the European Parliament and of the Council of 19 March 2019 on the implementation and functioning of the .eu top-level domain name and amending and repealing Regulation (EC) No 733/2002 and repealing Commission Regulation (EC) No 874/2004 – EUR Lex L 91/25 29.3.2019
Open Internet Access Regulation – EU Regulation (EU) 2015/2120 of the European Parliament and of the Council of 25 November 2015 laying down measures concerning open internet access and retail charges for regulated intra-EU communications and amending Directive 2002/22/EC and Regulation (EU) No 531/2012 – EUR Lex L 310 26.11.2015
IT RESEARCH
EUROHPC Council Regulation – EU Council Regulation (EU) 2021/1173 of 13 July 2021 on establishing the European High Performance Computing Joint Undertaking and repealing Regulation (EU) 2018/1488 – EUR Lex L 256 19.7.2021
PLATFORM
Digital Services Act (DSA) – EU Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market For Digital Services and amending Directive 2000/31/EC (Digital Services Act) – EUR Lex L 277/1 27.10.2022
P2B Regulation – EU Regulation (EU) 2019/1150 of the European Parliament and of the Council of 20 June 2019 on promoting fairness and transparency for business users of online intermediation services – EUR Lex L 186/57 11.7.2019
P2B Search Ranking Guide – EU Commission Notice Guidelines on ranking transparency pursuant to Regulation (EU) 2019/1150 of the European Parliament and of the Council 2020/C 424/01 – EUR Lex C 424/1 8.12.2020
Platform Work Directive (GIG Workers Directive) (Proposal) – EU Proposal for a Directive of the European Parliament and of the Council on improving working conditions in platform work – EUR Lex COM(2021) 762 final 9.12.2021
SATELLITE
Satellite and Cable II Directive – EU Directive (EU) 2019/789 of the European Parliament and of the Council of 17 April 2019 laying down rules on the exercise of copyright and related rights applicable to certain online transmissions of broadcasting organisations and retransmissions of television and radio programmes, and amending Council Directive 93/83/EEC – EUR Lex L 130/82 17.5.2019
TECHNOLOGY
Machinery Products Regulation (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council on machinery products – EUR Lex COM(2021) 202 final 21.4.2021
Chips Act (Proposal) – EU Proposal for a Regulation of The European Parliament and of the Council establishing a framework of measures for strengthening Europe’s semiconductor ecosystem (Chips Act) – EUR Lex COM(2022) 46 final 8.2.2022
Product Safety Regulation (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council on general product safety, amending Regulation (EU) No 1025/2012 of the European Parliament and of the Council, and repealing Council Directive 87/357/EEC and Directive 2001/95/EC of the European Parliament and of the Council – EUR Lex COM(2021) 346 final 30.6.2021
TRANSPORTATION
Intelligent Transport Directive – EU Directive 2010/40/EU of the European Parliament and of the Council of 7 July 2010 on the framework for the deployment of Intelligent Transport Systems in the field of road transport and for interfaces with other modes of transport – EUR Lex L 207/1 6.8.2010
TRUST SERVICES
EIDAS – EU Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC – EUR Lex L 257/73 28.8.2014
EIDAS 2 (Proposal) – EU Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity – EUR Lex COM(2021) 281 final 3.6.2021
SECTION II – INSTITUTIONAL FRAMEWORK
ENISA – The European Union Agency for Cybersecurity (ENISA)
BEREC – The Body of European Regulators for Electronic Communications
EDPB – European Data Protection Board
EDPS – European Data Protection Supervisor
Ireland – Data Protection Commission
United Kingdom – The Information Commissioner’s Office (ICO)
Datatilsynet – Norwegian Data Protection Authority
CNIL – Commission nationale de l’informatique et des libertés
Italy – The Italian Data Protection Authority (Garante per la protezione dei dati personali)
Netherlands – the Dutch Data Protection Authority (Dutch DPA)
Romania – The National Supervisory Authority For Personal Data Processing
Greece – The Hellenic Data Protection Authority
Canada – Office of the Privacy Commissioner of Canada
COUNCIL OF EUROPE (CoE)
COE CONVENTION ON CYBERCRIME – Convention on Cybercrime (ETS No. 185)
COE CYBERCRIME CONVENTION ADDITIONAL PROTOCOL – Additional Protocol to the Convention on Cybercrime, concerning the criminalisation of acts of a racist and xenophobic nature committed through computer systems (ETS No. 189)
AI Convention – The Council of Europe Zero Draft Convention on Artificial Intelligence (Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law (AI Convention))
UNITED NATIONS
The draft U.N. Cybercrime Treaty
UNITED STATES OF AMERICA (USA)
US CDA – The Communications Decency Act
US CFAA – The Computer Fraud and Abuse Act
US DMCA – The Online Copyright Infringement Liability Limitation Act of the Digital Millennium Copyright Act of 1998
US CAN-SPAM ACT – The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003
US CLOUD ACT – The Clarifying Lawful Overseas Use of Data Act
US HIPAA – The Health Insurance Portability and Accountability Act of 1996
US CCPA – California Consumer Privacy Act of 2018
FTCA – The Federal Trade Commission Act of 1914 (FTCA)
COPPA – The Children’s Online Privacy Protection Act (COPPA)
HIPAA – Health Insurance Portability and Accountability Act (HIPAA)
Electronic Communications Privacy Act
Computer Fraud and Abuse Act
ROSCA – Restore Online Shopper’s Confidence Act (ROSCA)
Communications Decency Act of 1996
ACPA – Anti-Cybersquatting Consumer Protection Act of 1999 (ACPA)
UIGEA – Unlawful Internet Gambling Enforcement Act of 2006 (UIGEA)
Keeping the Internet Devoid of Sexual Predators Act of 2008
BDIA – Broadband Data Improvement Act of 2008 (BDIA)
UCC – Uniform Commercial Code (UCC)
FCC Open Internet Rules
Prioritizing Resources and Organization for Intellectual Property Act of 2008
Jumpstart Our Business Startups Act (Title III – Crowdfunding)
Electronic Signatures in Global and National Commerce Act
California Electronic Communications Privacy Act
CIPA – California Invasion of Privacy Act (CIPA)
California Financial Information Privacy Act
CAADCA – California Age-Appropriate Design Code Act
Anticybersquatting Consumer Protection Act
Illinois Biometric Information Privacy Act
Video Privacy Protection Act of 1988 (18 U.S.C. § 2710) (‘VPPA’)
Virginia Consumer Data Protection Act (CDPA)
HITECH Act – Health Information Technology for Economic and Clinical Health (HITECH) Act
GLBA – Gramm-Leach-Bliley Act (GLBA)
Massachusetts Data Security Regulations (201 CMR 17.00: Standards for the protection of personal information of residents of the Commonwealth)
UTAH S.B. 287 Online Pornography Viewing Age Requirements Bill
INFORM Consumers Act (Act will go into effect nationwide on June 27, 2023)
U.S. Government Section 508 accessibility standards
New York – NYC Local Law 144
DRAFT – The Kids Online Safety Act
DRAFT – COPPA 2.0
US the Fair Credit Reporting Act
CANADA
PIPEDA – The Personal Information Protection and Electronic Documents Act
CHINA
CHINA – Personal Information Protection Law of the People’s Republic of China
CHINA – Data Security Law of the People’s Republic of China
TURKISH LAW
TURKEY – The Turkish Internet Law: Full Translation of the Law no. 5651
TURKEY – The Turkish Data Protection Law
TURKEY – Turkish Electronic Signature Law
TURKEY – Presidential Circular – Information and Communication Security
INDIA
India, Digital Personal Data Protection Act, 2023
UNITED KINGDOM
UK – UK Data Protection Act 2018
UK Digital Economy Act 2010
The UK Cyber Security Council
Electronic Trade Documents Acts
ISO STANDARDS
ISO/IEC 27001:2022 – Information security, cybersecurity and privacy protection – Information security management systems – Requirements
ISO/IEC 27701:2019 – Security techniques – Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management – Requirements and guidelines
ISO/IEC 29184:2020 – Information technology – Online privacy notices and consent
ISO/IEC 27037:2012 – Information technology – Security techniques – Guidelines for identification, collection, acquisition and preservation of digital evidence
ISO/IEC 27041:2015 – Information technology – Security techniques – Guidance on assuring suitability and adequacy of incident investigative method
ISO/IEC 27042:2015 – Information technology – Security techniques – Guidelines for the analysis and interpretation of digital evidence
ISO/IEC 27043:2015 – Information technology – Security techniques – Incident investigation principles and processes
ISO/IEC 27050-4:2021 – Information technology – Electronic discovery – Part 4: Technical readiness
ISO/SAE 21434:2021 – Road vehicles – Cybersecurity engineering
ISO/IEC 29100:2011 Information technology – Security techniques – Privacy framework
ISO/DIS 31700 Consumer protection – Privacy by design for consumer goods and services
ISO/IEC 38500:2015 – Information technology — Governance of IT for the organization
REGULATORY BODIES
Data Protection
PDPC – Singapore Personal Data Protection Commission
Canada – Office of the Privacy Commissioner of Canada
SDAIA Saudi Authority for Data and Artificial Intelligence
The UK Cyber Security Council
The Spanish Agency for the Supervision of Artificial Intelligence (#AESIA)