Brussels IP and Tech Update

Tech and Sourcing

Algorithm to Advantage (A2A) –AI Q&A and insights hub

Discover Algorithm to Advantage, DLA Piper’s new hub designed to help navigate the fast‑evolving AI landscape with clarity and confidence.

The hub explores key AI issues, including competition risks, consumer protection challenges and evolving approaches to AI-related IP protection. It also examines how AI is reshaping cybersecurity and why many generative AI projects fail without the right data, governance and strategy. Drawing on insights from our global technology, IP and regulatory teams, the hub offers practical guidance across the full AI lifecycle – from development and procurement to deployment and compliance – helping organisations turn AI adoption into a competitive advantage. Explore how these developments may impact your organisation’s Al strategy, and our team would be happy to discuss the implications.

Self-generated power and NIS2 compliance – an unexpected cybersecurity trigger

From 1 April 2026, certain buildings in Flanders must install solar panels, but a lesser‑known consequence is that operating grid‑connected PV systems may qualify an organisation as an “electricity producer” under Belgium’s NIS2 law. Even if all electricity is consumed internally, the Centre for Cybersecurity Belgium (CCB) confirms that grid connection alone is sufficient to bring a medium‑sized enterprise within the scope of the Belgian NIS2 law.

Our recent blog post by Heidi Waem, Alec Vaerenbergh and Elisabeth Verburgge explains this unexpected crossover between energy law and cybersecurity regulations. We can help assess NIS2 exposure, optimize PV ownership structures to reduce regulatory risk, implement CyFun®-aligned cybersecurity frameworks, and support you with registration and ongoing compliance requirements. If you have questions or wish to discuss specific needs, please feel free to contact us.

 

Intellectual property and Commercial

International recognition – Brussels IP team shortlisted in key rankings

We are delighted to share that our Belgian IP team has been shortlisted in the Managing IP EMEA Awards 2026 as Copyright & Design Firm of the Year. Congratulations to the wider Brussels team supporting these matters, including Alexis Fierens, Pauline Hellemans, Emma Stockman and Kaat Scheerlinck. In addition, it is a pleasure to announce that DLA Piper’s Intellectual Property team has been recognised as a finalist in 25 distinct categories at the Managing IP EMEA Awards 2026. This achievement reflects the breadth and depth of the team’s expertise and accomplishments. See the full shortlist here.

Individual recognition was also given by the World Trademark Review 2026 to Alexis Fierens and to Pauline Hellemans, a true display of our clients’ trust in our expertise and leadership in trademark matters.

For more information on our IP capability, or to discuss upcoming IP or commercial projects, please contact Alexis Fierens.

Seminar takeaways – Cross‑border enforcement in today’s digital media landscape

Emma Stockman recently attended the Annual Conference of the European Audiovisual Observatory, where the topic of cross‑border enforcement played a central role.

To this day, the Country-of-Origin principle anchors jurisdiction and connects providers to the laws of their home Member State. The principle of a “home” regulator still underpins enforcement under the e-Commerce Directive, DSA and EMFA. However, as derogations such as targeting-based financial contribution rules and new extraterritorial obligations for non-EU services emerge, the once straightforward system is facing increasing complexity. For businesses, this means greater uncertainty about which rules apply, which regulator is responsible, and how compliance can be managed as media markets become truly borderless. A single digital media campaign or service can now trigger obligations in multiple jurisdictions, potentially exposing organisations to conflicting requirements and regulatory actions from abroad.

Feel free to contact Emma Stockman to help you navigate these emerging risks.

 

Data protection

EU revised cybersecurity package – What the new package means for ICT supply chains

The European Commission has proposed a major new cybersecurity package aimed at boosting the EU’s overall resilience against evolving cyber and geopolitical threats. A revised Cybersecurity Act (CSA) introduces a horizontal framework for assessing ICT supply‑chain risks, particularly for NIS2 critical and highly critical sectors. The proposal also empowers the Commission to identify “key ICT assets” and designate certain third‑country linked suppliers as high‑risk based on both technical and non‑technical risk factors. Such high‑risk suppliers may face significant restrictions, including exclusion from procurement procedures and limitations on obtaining EU cybersecurity certification.

Given the broad impact on essential and important entities under NIS2, we encourage clients to explore the full analysis and consider how these changes could affect procurement strategies and compliance obligations. Find our complete assessment of the revised Cybersecurity Act here and reach out here for support in assessing your exposure or preparing for the upcoming regulatory shifts.

EU NIS2 update – Harmonised controls, refined scope and ransomware reporting

The EU has taken another significant step toward harmonising its cybersecurity landscape with a new set of targeted amendments to the NIS2 Directive, unveiled on 20 January 2026. The proposal aims to streamline obligations for organisations by clarifying scope boundaries, reducing administrative friction, a unified approach to ransomware reporting, and aligning NIS2 with the revised Cybersecurity Act. Notably, the EU plans to expand the list of "essential entities" to include operators of submarine data transmission infrastructure and providers of European Digital Identity Wallets, while also introducing a new category for "small mid‑cap" enterprises.

These changes respond to practical challenges seen during early implementation, such as inconsistent supervisory approaches and overlapping legislative requirements, and promise more coherent guidance for businesses navigating compliance. For organisations currently assessing their NIS2 readiness, this update provides both clarity and a timely opportunity to recalibrate compliance programmes. See our full analysis here to understand how these developments may impact your organisation and what steps to consider next.

Cyber Resilience Act – the fine line between SaaS and regulated ‘products’

The EU’s Cyber Resilience Act (CRA) introduces a comprehensive regulatory framework that will significantly affect the development, distribution, and support of products with digital elements. Our latest insight breaks down one of the CRA’s most complex scoping challenges: the distinction between software supplied as a product and software provided as a service (SaaS), a differentiation that directly influences compliance obligations, design choices, and commercial strategy. These compliance obligations are extensive and lifecycle‑wide, ranging from secure‑by‑design development, mandatory risk assessments, technical documentation duties, vulnerability handling and incident reporting to the need for CE conformity marking.

AI Act simplification

The European Commission’s recent proposal to simplify certain aspects of the EU AI Act is gaining both attention and scrutiny, as highlighted in our latest publication. The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) acknowledge that streamlining processes can help businesses adapt, but they emphasize that simplification may not come at the cost of fundamental rights or accountability. A central concern is the proposed easing of rules on using special category data for bias detection and correction, which could weaken long‑standing GDPR safeguards if not tightly circumscribed. The regulators also warn that transparency obligations, such as registration duties for high‑risk AI systems, remain an essential anchor for trustworthy AI governance.

As AI compliance and rules evolve, companies should exercise caution and review how regulatory changes may affect AI deployment and risk management strategies. Contact Muhammed Demircan or Heidi Waem for practical impact assessments on your AI roadmap.

 

We’d like to hear from you

Do you have a question about intellectual property, technology or data protection or a topic you’d like us to address in this IP and Tech Update series? Email us and we’d be more than happy to look into it.

We look forward to receiving your requests and feedback.