EU’s End-2025 Digital Agenda: Cybersecurity Act, Digital Networks Act, Data Strategy + NIS2 France Update

Bonjour ☕

By the end of 2025, the European Commission plans to land three system-shaping texts: a revised Cybersecurity Act, the new Digital Networks Act, and an updated European Data Strategy — with concrete implications for ENISA’s role, certification, spectrum, copper switch-off, data sharing, and AI. We also track the current status of France’s NIS2 transposition.

This is a preview of our premium analysis.

Key takeaways

• Cybersecurity Act revision: Commission eyes a stronger operational role for ENISA, addresses certification issues (including “non‑technical risks”), and fewer overlapping incident/reporting duties across NIS2/CRA/Cybersecurity Act.

• Digital Networks Act: tempered stance on consolidation, a hard push on spectrum harmonisation, copper decommissioning targets, and a debate on “fair share.”

• Data Strategy refresh: towards a second Data Union Strategy to boost high‑quality data access for AI, streamline existing rules (DGA, Data Act), and align sectoral data spaces (e.g., EHDS timelines into 2029/2031).

• NIS2 in France: Committee work ran from 9–11 September 2025; plenary still required. Autumn legislative jam and the 2026 municipal elections will further tighten the window.

Coming up for 💎members:

• 22/09: Guide on the Cybersecurity Act consultation.

• October: Guide on the Digital Networks Act consultation.

• November: Guide on the new Data Strategy.

Not yet a premium 💎 subscriber? Fret not; click the button below and join other entrepreneurs and decision-makers who stay ahead in the ever-changing EU legal landscape thanks to La tech est politique.