On 25 June 2025, the Commission unveiled its much-awaited proposal for an EU Space Act, the first attempt to regulate the space economy at the supranational level. The press release accompanying its launch describes the proposed EU Space Act as ‘a new set of ambitious measures to make Europe’s space sector cleaner, safer and more competitive in Europe and its export markets’. The Commission’s initiative builds on the 2024 Draghi Report, which emphasised that space is critical to provide essential services to citizens and to ensure the Union’s security, and called for action to tackle the issues undermining the EU’s competitiveness in the space industry: low levels of funding, market fragmentation, foreign dependencies and inefficient governance arrangements.
At first glance, the draft looks rather ambitious: together with the Commission’s explanatory memorandum, the 119 articles and 140 recitals occupy a 150-page document, without considering the annexes. The proposal is intended to regulate a broad range of ‘space services’, such as, for instance, the launch and operation of satellites, but also the provision of space-based data for electronic communication. It lays down harmonised technical rules on selected aspects of space activities, namely safety, including the tracking of space objects, cybersecurity, and environmental sustainability. Other aspects of the space economy, such as the liability of space operators or the use of space resources, are not covered.
This blog post argues that the Commission’s regulatory design draws heavily from the experience of the General Data Protection Regulation (GDPR) and other pieces of legislation on the digital economy. It suggests that the blueprint of the digital single market is particularly evident on three issues. First, the proposal marks a shift in the EU’s approach to space: it brings space services squarely within the framework of the single market, as shown by the choice of Article 114 TFEU as its the sole legal basis, and fits a trend towards the ‘actification’ of EU legislation that has been common in the regulation of digital technologies. Second, the broad personal scope of the proposed regulation, which covers non-EU operators providing space services in the Union, is indicative the ambition to exercise global influence, as the EU legislature attempted to do, for instance, on data protection and artificial intelligence. Finally, the proposal includes a robust enforcement framework, including the power to impose hefty sanctions, that may reflect lessons learnt from the application of the GDPR.
From space policy to the single market
The EU Space Act proposal is based on Article 114 TFEU, rather than on Article 189(1) TFEU, which endows the EU with a self-standing competence on space. While this choice might at first sight appear surprising, it reflects the limits of the EU space policy competence. European space policy is primarily geared towards the establishment and management of a Union Space Programme, which was set up by Regulation (EU) 2021/696, bringing under one helm satellite constellations providing for Earth observation (Copernicus), navigation (EGNOS, Galileo) and governmental communication services (GOVSATCOM). The most recent addition to EU space initiatives is IRIS2, an ambitious public-private partnership to boost connectivity within the newly established Union Secure Connectivity Programme. Under its space policy competence the EU may also ‘promote joint initiatives, support research and technological development and coordinate the efforts needed for the exploration and exploitation of space’ (Article 189(1) TFEU), but Article 189(2) TFEU expressly excludes the harmonisation of national laws.
However, there is a strong case for harmonisation in the space economy. With the sector booming, the need for regulation is increasingly urgent. Launching and operating satellites are inherently risky activities that require to be regulated, especially as orbits have become congested, exacerbating issues of space traffic management and pollution from debris. At present, about half of the EU Member States have enacted laws to regulate the space sector. Most recently, the Italian law on the space economy was published on 24 June 2025, just one day before the Commission presented the EU Space Act proposal. National laws diverge significantly in terms of scope, regulatory design and substantive rules. For instance, Sweden’s Act on Space Activities, dating back to 1982, requires a licence to carry out space activities, but does not lay down any criteria for its granting nor any technical requirements space operators must comply with. In contrast, the French or the Italian legislation are more detailed and comprehensive. On the one hand, divergences between national laws hinder cross-border cooperation, which is the rule in the space industry, increase costs for businesses, and may stifle the growth of the space economy, as the Commission emphasised in its impact assessment (p. 10 ff.). On the other hand, the lack of common standards on safety and environmental sustainability could trigger regulatory competition between the Member States and lead to a race to the bottom.
The choice of the legal basis for the EU Space Act has implications on the regulatory technique and on the content of the proposed legislation. The proposal fits a trend towards the ‘actification’ of EU law that took off under the Commission’s Priorities Programme 2019-2024 and has featured prominently in the context of the digital single market, which includes the Data Governance Act, the Digital Services Act (DSA), the Digital Markets Act (DMA), the Data Act and the Artificial Intelligence Act (AI Act). Their precursor is usually identified in the General Data Protection Regulation (GDPR). Actification does not merely refer to giving pieces of EU legislation an eponymous short title in order to enhance public awareness. It also stands for harmonisation through regulations, as opposed to directives. The main advantage is that regulations are directly applicable, without need for implementation in national laws: this saves time and allows for greater uniformity. However, EU ‘acts’ often do not lay down a fully exhaustive regulatory framework and may necessitate some degree of implementation by way of domestic legislation, partially resembling directives. Due to the stronger compression on the autonomy of the Member States compared to directives, the choice of a regulation to partially harmonise rules for the space economy requires some justification. In the explanatory memorandum, the Commission points to the benefits a regulation would bring in terms of consistency and uniform protection of the rights of space services operators, in addition to the usual arguments on subsidiarity and proportionality.
The single market logic underlying the proposal is also evident in its content, as some of its key provisions incorporate concepts and principles that are common to EU legislative instruments for market harmonisation. Article 3 contains a free movement clause, preventing Member States from restricting the provision of space-based data and space services by imposing stricter standards on safety, resilience and environmental sustainability, except in duly motivated cases of objective necessity. Another familiar tool for market integration is the principle of mutual recognition, which applies to national authorisations for carrying out space activities: Article 6(2) requires the Member States to recognise authorisations issued by another Member State insofar as they relate to harmonised technical requirements.
Launching the Brussels effect into orbit
A point of commonality with several pieces of digital single market legislation is the broad definition of the personal scope of the EU Space Act. The proposed regulation is intended to apply not only to space services providers established in the Union, but also to providers established in third countries when they provide space-based data or space services in the Union (Article 1(2)(a)). Hence, the application of the regulation may rest, alternatively, on a territorial connection (the establishment) or on the provision of services within the EU single market (marketplace approach).
Similar criteria exist in the GDPR and in other instruments for the regulation of digital services. Pursuant to its Article 3, the GDPR applies to data processing carried out in the context of the activities of a data controller or processor in the Union (connection, albeit loose, to the place of establishment), but also to the processing of personal data of data subjects in the Union by controllers or processors established in third countries, where the processing relates to the offering of goods of services in the Union of to the monitoring of behaviour that takes place in the Union (marketplace criterion). The DSA and the DMA even rely exclusively on the marketplace approach: they apply, respectively, to intermediary services offered to recipients established or located in the Union (Article 2(1) DSA) and to core platform services provided or offered by gatekeepers to users established or located in the Union (Article 1(2) DMA). The place of establishment of intermediary service providers and gatekeepers is irrelevant for determining the scope of either regulation. Finally, the AI Act again combines the establishment and the marketplace criteria: it applies both to deployers of AI systems established or located within the Union and to providers placing AI systems or models on the EU market, irrespective of their place of establishment (Article 2(1)(a) and (b) AI Act).
As with the regulation of digital technologies, resort to a marketplace criterion to delimit the scope of the envisaged Space Act may pursue a dual function. On the one hand, it aims to ensure a level-playing field and to prevent operators established in third countries from taking advantage of potentially laxer legal regimes on safety, cybersecurity, or environmental sustainability. On the other hand, this approach also suggests that the EU aspires to set global standards, pushing space operators to conform to its rules unless they want to forgo their ability to provide services in the European market. This global projection of regulatory power, which Anu Bradford famously termed the ‘Brussels effect’, may operate de facto, triggering spontaneous compliance by businesses where the cost of decoupling products and services intended for the EU single market and those destined to foreign markets is higher than the cost of conforming to EU standards globally, or de jure, where third States follow the lead and draw inspiration from EU law in designing their domestic legal regimes. EU institutions have consciously pursued the Brussels effect, notably, in the fields of data protection and AI regulation. By arguing that the proposed harmonisation would ‘establish the Union as a global standard setter’ and would provide ‘an opportunity for the Union to take the lead in setting global standards’, the explanatory memorandum suggests a similar pattern for the EU Space Act proposal.
The EU regulation of the digital economy resulted in frictions with third countries, especially the United States, on data protection rules and on the obligations of tech giants. To mitigate the risk of regulatory clashes, the Space Act proposal combines the requirement that non-EU operators be subject to the EU rules with a system of recognition of the laws of third countries. Under Article 105 of the proposal, the Commission would have the power to adopt decisions recognising the legal and supervisory framework of a third country as equivalent to the rules laid down in the EU Space Act. This scheme is clearly inspired by the GDPR, where equivalence decisions provide a basis for the transfer of personal data to third countries, but its scope is apparently broader, since under the GDPR the equivalence scheme only covers the transfer and the subsequent processing, not data processing activities that occur in the Union. In addition, it is unclear whether the concept of equivalence should be interpreted in the same way as in the GDPR or could be construed more flexibly under the Space Act, which lacks the GDPR’s strong focus on fundamental rights protection.
A robust enforcement framework
Under the EU Space Act proposal, space operators would require an authorisation to carry out space activities and would need to register in a Union Register of Space Objects (URSO), but operators established in the EU and those established in third countries would be subject to partially distinct legal regimes. It would be for the Member States to authorise and supervise space operators established in the EU. For that purpose, each Member State would have to designate a competent national authority (Article 28). These resemble national supervisory authorities under the GDPR. Like the GDPR, the EU Space Act proposal lays down in detail the tasks and powers of national supervisors (Articles 29-30). If the proposal is adopted in its current form, national authorities will enjoy a wide array of investigatory, corrective and sanctioning powers. In respect of sanctions, the proposal leaves it to the Member States to introduce ‘effective, proportionate and dissuasive’ penalties for infringement of the harmonised standards, but it provides criteria for their determination and requires that national authorities have the power to bring space operators to court (Article 31).
Perhaps mindful of the shortcomings of the GDPR enforcement system, where the competence of national authorities on cross-border cases often resulted in delays and disagreements between supervisors, in drafting the Space Act proposal the Commission attempted to centralise supervision over third country operators at the supranational level, similarly to what the EU legislature did in the DSA and the DMA. Monitoring compliance by non-EU operators with the requirements laid down in the proposed regulation would be a task for the Commission itself, with the support of the European Union Agency for the Space Programme (EUSPA) (Article 48). The Commission and EUSPA would share wide investigative powers (Articles 49-52), including the power to conduct on-site inspections. Investigations could then lead to a finding of an infringement and to the imposition of corrective measures by the Commission, including the suspension or withdrawal of authorisation (Articles 54-55). The Commission would also be entitled, on a proposal by EUSPA, to impose penalties up to twice the profits the operator gained from the infringement or, if that amount cannot be established, up to 2% of the total annual turnover of the company (Article 56).
In addition to the Commission, which would be granted significant supervision and enforcement powers, EUSPA is projected to gain significantly from the adoption of the EU Space Act. At present, EUSPA’s core tasks are limited to the management of certain aspects of the Union Space Programme, most notably as regards security accreditation, operational security, communication, promotion and market development. Under the EU Space Act proposal, it would gain additional competences. Not only would EUSPA provide technical expertise to the Commission in the supervision of third country space operators and share investigative powers, it would also be entrusted with the management of URSO and the issuance of e-certificates attesting the conformity of space objects with the requirements laid down in the regulation. Furthermore, when granting authorisations to Union space operators the Member States could choose to entrust EUSPA with carrying out the necessary technical assessment of compliance with the harmonised standards.
Conclusion
The experience of regulating digital technologies was clearly a source of inspiration to the Commission when it designed the EU Space Act proposal. Its enforcement machinery, in particular, presents numerous similarities with the GDPR, while the scope of the proposal and the system of supervision over third country operators suggest the ambition to exercise global regulatory influence. Analogies with the regulation of the digital single market may also suggest what could go wrong with the Commission’s plan to make the space industry ‘cleaner, safer and more competitive’. Businesses are going to face compliance costs, which could heavily affect the many small and medium-sized enterprises active in the space sector in Europe. In addition, the Brussels effect could misfire if the main space-faring States and the largest private operators in the global space economy do not converge towards the EU standards, undermining the competitiveness of the European industry.
These concerns will play a role in a legislative process that promises to be long and complex. Even if it is adopted relatively quickly, the EU Space Act proposal will not produce change overnight, because the Commission did not envisage its entry into force before 2030, to give the industry time to adapt to the new technical rules. However, if its fundamental scheme survives the intense lobbying and the political compromises that lie ahead, the EU is poised to become a major regulator of the space economy as it is for digital technologies.
Alberto Miglio is associate professor of EU law at the University of Turin.