Dear reader,

Welcome to Publyon’s Digital Policy Update. We are happy to provide you with insights on the latest EU policy trends and developments every month. This month, we are smurfing you through the exciting news that kicks off 2024 in the EU bubble. And yes, you’ve got it right: January is a special Belgian edition, to celebrate the start of the Belgian Presidency of the Council of the EU (more about this in the spotlight).  

Our favourite Belgian reporter, Tintin, will take you through the latest adventures of the AI Act and quite a bit of cyber-policy news. Starting this month, we will be rotating the policy subjects to focus on the most relevant news. At the end of this newsletter, you’ll also find the usual blogpost recommendation and some hints on the events you’ll meet our digital and tech colleagues at.  


Did we spark your interest?

If you have an appetite for interesting content, visit us online for more insightful reading and helpful tips on upcoming relevant events.


Before you move on… 

Undoubtedly, 2024 is a time of political shift. The upcoming European and Belgian elections taking place in June, are a unique moment for businesses as they provide an exceptional chance to proactively shape the political dialogues and decisions that will influence the forthcoming term in Belgium and the broader EU.

Publyon is proud to introduce you to our Beyond the Ballot series of webinars and reports that will help your organisation to be well-informed about the political developments in Brussels and provide you with guidance on how to effectively take advantage of opportunities stemming from the elections.

Sign up to our free webinars here below! 

For more information, visit our dedicated page

The spotlight

The spotlight

This is not a pipe: it’s a Presidency!  

“Life is like a box of chocolates”, the famous quote reads, “you never know what you’re going to get”. Well, in Belgium, you get pralines and an ambitious policy programme. For those of you who have been following us for some time now, you might be filled in on the ritual. For those of you who are new to the Digital Policy Update, we happily introduce you to a bi-annual change of great importance in the EU bubble: the Presidency of the Council of the EU. 

Twice a year, once on 1 January and once on 1 July, a Member State receives the opportunity to chair the meetings of the Council of the EU. For the next six months, this task lies with Belgium. In our last edition, we had pointed out Belgium’s ambition to work towards a more human-centred and sustainable digital sphere. Some of the most important Belgian priorities include algorithmic transparency and virtual identity protection, as well as sealing the deal on the Gigabit Infrastructure Act, the Cybersecurity Act, and the Cyber Solidarity Act. At international level, it seems the Belgians have been moving behind the scenes to suggest some structural changes within the Council that could reinforce European digital diplomacy abroad. Read more below on the Belgians’ latest progress regarding the AI Act and Cyber Resilience Act, which they are trying to close.  

Why do we give special attention to the Belgian Presidency? Well, our newsletter curator is Belgian, but most importantly this Presidency represents a special opportunity for your business – as a matter of fact, more than other presidencies. On the one hand, the Belgian Presidency has less time than other presidencies to conclude pressing files such as the AI Act or the cyber-related files. With the European elections looming, from 6-9 June, the last parliamentary plenary session will take place end of April, leaving only three to four months for the co-legislators to adopt common positions on the key digital files mentioned above. Sounds surrealistic? Don’t worry, that’s a Belgian thing.  

On the other hand, the Belgian Presidency oversees a crucial task for your business: it will start drafting the European Commission’s Strategic Agenda for 2024-2029. This is a once in five-year opportunity for your business to stir the European Union’s upcoming legislative thinking towards a direction that best serves your interests 

Want to know what will happen if legislation is not adopted by the end of the Belgian Presidency or how to seize this opportunity for your business to advance its long-term interests at the European level? You have your business strategy ready and realise it’s important to integrate an EU strategy in it but don’t know how? Reach out to our Director Cathy Kremer at 


Policy update

Policy update

Alors on danse to celebrate the AI Act? Not quite yet, it seems…

The seemingly impossible happened: a political deal on the Artificial Intelligence Act (AI Act) was reached on 9 December, making the EU the first regulator for the development, deployment and use of AI worldwide.

Tintin reported that in late December, the Spanish Council Presidency had told EU Member States that the AI Act’s political text had finally been agreed upon. However, some countries including France, Germany, and Italy, are pushing back, as they haven’t seen the final text and are concerned about aspects such as facial recognition and general-purpose AI. Germany approached Italy and France to form a united front on the aspect of foundation models, unclear whether they would form a blocking majority or ask for concessions. EU countries must green light the final text first before publication.

However, the Act still needs to be fleshed out at the technical level, which means the Belgian Presidency will have its hands full. The first technical meeting of 2024 with the Belgian Council Presidency, held on 9 January, reportedly went smoothly, discussing less controversial topics such as governance. The remaining contentious questions surrounding foundation models will be addressed in future technical meetings. Snowy snuffed around a little, but found no initiatives from Germany, France, or Italy to alter the current text were shared. Yet with the looming deadline on 22 January, amendments must be introduced as soon as possible. It seems that the worst-case scenario from Germany is abstention, which eliminates the trio’s chance of forming a blocking minority.


Time is ticking?

All we can say is that the AI Act’s waltz à mille temps, is far from over. The finalised text needs to be ready by 22 January, so that Member States can approve it during their Council meeting on 2 February. If all goes well, we can expect a published AI Act in spring. Meanwhile, the European Commission launched a call for contributions on competition in virtual worlds and generative AI on 9 January – make sure to check it out! The deadline for input is 11 March.



A case for Thompson and Thomson: the Cyber Resilience Act

In November last year, the EU institutions came to a political agreement (similar process to the AI Act) on the Cyber Resilience Act (CRA), setting new cybersecurity requirements for hardware and software in the EU. The formal adoption is underway – Thomson and Thompson will keep you in the loop as soon as dates are announced.

In other cyber news, the European Commission plans to allocate €84 million available for funding through the European Cybersecurity Competence Center (ECCC) under the Digital Europe Programme. Good news for your SME! The funding programme targets cybersecurity innovations in artificial intelligence and quantum tech in the EU. Among other things, the money is meant to aid SMEs with CRA compliance, including testing and documentation.


What now?

The European Parliamentary Committee for Industry (ITRE) is set to vote on the CRA in January or February, with a plenary vote in the European Parliament on 11 March. And don’t miss out: funding calls for CRA compliance will kick off on 16 January and run until 26 March – get your money’s worth!



Belgian speciality on the menu: a compromise on the Cyber Solidarity Act

Just in the nick of time, EU Member States reached a consensus on the Cyber Solidary Act (CSA), on 20 December. The Act aims to boost the EU’s resilience to cyber threats by enhancing detection and awareness of significant and large-scale cyber threats. However, the Belgian Presidency now has to secure a compromise text. You might know Belgium as a land of chocolate and fries, but it is above all a land of compromise! Ever heard of a compromis à la belge? That’s one of their specialties.

The Council maintained most of the Commission’s initial proposal. They acknowledged the crucial role of private companies in detecting and responding to large-scale cybersecurity incidents, proposing a voluntary pro-bono cooperation at the EU level for service providers during such crises. but finetuned the terminology and scope to suit country-specific needs. Definitions were aligned with existing legislation, such as the revised network and information systems directive (NIS 2). Member States underscored the voluntary nature of their participation in proposed mechanisms. Additionally, they strengthened and clarified the role of the EU Agency for Cybersecurity (ENISA), and tweaked provisions on procurement, funding, information sharing and the incident review mechanism.


What’s next?

Interinstitutional negotiations (Trilogues) can now start, although the date has been held as secret as the Secret of the Unicorn. However, the Belgian Presidency aims to wrap up these negotiations within their term, as outlined in their Work Programme.



Implementing the Cybersecurity Regulation

Remember the  Cybersecurity Regulation? It was proposed by the Commission to enhance cybersecurity within the EU institutions. After a political deal was reached in June 2023, the Regulation officially took effect on 7 January.


What does this mean?

According to the text, EU institutions are tasked with developing robust internal risk-management procedures and refining their cybersecurity governance. The Cyber Response Team is now rebranded as the Cybersecurity Service for the Union institutions, bodies, offices, and agencies, also abbreviated as CERT-EU. Additionally, a new Interinstitutional Cybersecurity Board (IICB) is in the works. The IICB will play a crucial role in directing the activities of CERT-EU. While the direct impact on businesses might not be profound, it’s always reassuring to learn that the EU is reinforcing its cybersecurity framework at the start of this new year!



Enact the Data Act

And to conclude the pentalogy, we have some news on the Data Act. The Commission proposed to set new rules on the use and access of data generated in the EU across economic sectors. A political agreement was reached on 28 June 2023. It has finally entered into force on 11 January.


How does this impact my businesses?

For starters, the Data Act protects European businesses against unfair contractual terms in data-sharing contracts, ensuring that smaller businesses can actively participate in the data market. Additionally, the prices for aftermarket services and repair of smart devices are expected to decrease, as customers can now request manufacturers to access the data. There is also increased access to data collected or produced by devices for all parties, eliminating the previous practice of data being locked by manufacturers. Lastly, it empowers the public sector to access and utilise data held by the private sector in responding to public emergencies. Make sure to mark your compliance agenda, as the Data Act will start applying in 20 months from now, on 11 September 2025.



While you might have taken the month of December to look back at 2023, we invite you to look into 2024 with the digital and tech team’s latest blogpost on the top EU digital trends that promise to shape the future.


Where to find us? 

New year, good resolutions! We’re well-rested and back at the networking game – with a touch of Belgianness of course. Who knows, we might even gather around a good beer to discuss digital matters or Belgian politics – because at Publyon, we also help your business to understand the consequences of the Belgian elections in June.

In the upcoming weeks, you’ll find our colleagues Sarah Hautier and Emmanuelle Ledure on 1 February at ISPA’s New Year event, and colleagues Cathy Kremer and Guillaume Baudour at the Masters of Digital 2024 event on 21 February. Finally, you’ll find Cathy Kremer as well at ‘2024 European elections: What does the future hold?’ on 29 January at The Merode and ‘A Collaborative Approach to AI Implementation and Regulation’ on 30 January at the Sofitel Brussels Europe.

Emmanuelle Ledure

Emmanuelle Ledure

Hi, my name is Emmanuelle and I am curating this monthly update to bring Brussels’ main digitalisation and technology insights to your inbox. I hope you enjoyed this edition of our update. We are always looking to provide our community with the most valuable content possible, and that starts with you. If you have any suggestions for topics you would like to see covered in our next edition, do not hesitate to reach out to me.