Skip to Primary Navigation

Skip to main content

EU Commission proposals on digital sovereignty and high-risk vendors

Playmobil Hacker dressed in dark clothing with torch about to steal information from mobile.
Photo: seewhatmitchsee/Getty Images

James Walsh | Fieldfisher, Michael Butterworth | Fieldfisher

8 min read
 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

Regulation to push European businesses and third-country suppliers to consider potential exposure to government influence when assessing their technology vendor relationships.

In what the EU Commission identifies as an increasingly hostile threat landscape riddled with daily sophisticated state actor threats[1], it has issued a proposal for radical new supply chain requirements in the draft Cybersecurity Act 2 (the CSA2) that would push European enterprises to consider potential exposure to government

Register for free to keep reading

To continue reading this article and unlock full access to GRIP, register now. You’ll enjoy free access to all content until our subscription service launches in early 2026.

  • Unlimited access to industry insights
  • Stay on top of key rules and regulatory changes with our Rules Navigator
  • Ad-free experience with no distractions
  • Regular podcasts from trusted external experts
  • Fresh compliance and regulatory content every day
Register for free
Sign in
, , , , , , , , , , , , , , , , ,