International Ecommerce Regulations

Explore top LinkedIn content from expert professionals.

  • View profile for Su Butcher

    Leading on digitisation and communications in construction and the built environment.

    5,029 followers

    What is a Digital Product Passport in Construction?>> A Digital Product Passport (DPP) is a structured digital record that provides key information about a product. It enables stakeholders across the product’s lifecycle, including manufacturers, consumers, regulators and recyclers, to access data related to its key attributes, including those related to sustainability, safety and compliance. The Digital Product Passport is a core feature of the new Construction Product Regulation which was published on 18th December 2024. Amongst other elements, the DPP will include a Declaration of Performance and Conformity (DoPC; a digital equivalent to the Declaration of Performance), other information about the product, a unique identifier and a data carrier to connect that identification (and the information) to the product itself. If you sell construction products into the EU and they are currently covered by the old Construction Product Regulations, it is likely that the DDP system will apply to these products. Read more about DPPs and what you should (and should not) be doing now: https://lnkd.in/eG7NVuqP

  • View profile for Tomislav Vazdar

    Principal Consultant | Cybersecurity & AI (Governance, Risk & Compliance) | CEO @ Riskoria | Media Commentator on Cybercrime & Digital Fraud | Creator of HeartOSINT

    10,101 followers

    I had the chance to speak with Tea Johman Nitraj on Nova TV about one of the most controversial proposals coming out of Brussels right now - the so-called “Chat Control” regulation. ✅ This law is officially about preventing child abuse online. And that’s a goal everyone supports. 👎 But here’s the issue: To get there, it would force platforms like WhatsApp, Signal, and iMessage to scan all private messages, even if they’re encrypted. Not just messages flagged for suspicion - everything, by default. That includes photos, videos, and the words you write to friends, partners, doctors, lawyers - anyone. It’s being presented as child protection. But in reality, it opens the door to mass surveillance, weakened encryption, and a shift in how we treat digital privacy in Europe. 🔒 End-to-end encryption protects journalists, whistleblowers, abuse survivors, political dissidents - and everyday people. If we break that, we lose more than we gain. And frankly, instead of building surveillance into everyone’s messages, we should be asking harder questions - like why children even have unsupervised access to social media environments designed for adult attention economies. Tech can help with safety, but parenting, design choices, and digital literacy matter more than breaking encryption for all. This is why there’s such backlash - from security experts, privacy regulators, and even some governments. The European Parliament already rejected these scanning obligations. Still, under Denmark’s current EU presidency, there’s pressure to push it through this autumn. 🎯 My view? We can fight child abuse - and we must - but we can’t do it by creating a system that treats everyone as a suspect. The risk isn’t just technical. It’s cultural, legal, psychological. That’s also why I created Heart OSINT: to help people recognize manipulation, regain agency, and stay safe in systems that are becoming harder and harder to trust. #ChatControl #Encryption #Privacy #Cybersecurity #DigitalRights #HeartOSINT

  • I am thrilled to share that the Council has finally given its official nod to the ecodesign regulation, a topic I have been passionately discussing for years. This landmark regulation sets rigorous requirements for sustainable products, expanding its scope beyond energy products to include virtually all goods placed in the EU market. It is a significant stride towards a sustainable future and marks the culmination of a long and rigorous decision-making process. For those of you who have been following my journey, you know how ardently I have advocated for these changes. Many industries, like the apparel industry, has already been preparing for this shift, implementing local legislation like the AGEC law in France, which is paving the way for broader adoption of sustainable practices. The regulation now covers almost all products, with a few exceptions like cars and defense-related products. New requirements include standards for product durability, reusability, upgradability, reparability, and rules on substances that inhibit circularity. It also mandates energy and resource efficiency, recycled content, and measures to reduce carbon and environmental footprints. The Digital Product Passport introduces comprehensive information requirements to enhance traceability and transparency. There is also a direct ban on the destruction of unsold textiles and footwear, with temporary exclusions for SMEs and potential future bans for other products. The industry will have 18 months to comply with these new standards, which will also apply to public procurement to promote the purchase of green products. This regulation aligns with the Digital Services Act, especially for products sold online, ensuring a seamless integration of digital and physical goods sustainability. After standard signing processes, it will be published in the Official Journal of the European Union and will come into force 20 days after publication, with application beginning 24 months thereafter. In our ongoing dialogue about the Digital Product Passport (DPP), the emphasis on traceability remains paramount. The DPP system and data streams are tools designed to enhance this core value, ensuring every product's journey from creation to end-of-life is transparent and secure. For years, I have highlighted the importance of #traceability in achieving sustainability and compliance. The DPP should not just meet immediate compliance needs but also anticipate future challenges, embedding integrity and authenticity into every product. As we shape the future of the DPP system, let us remember that our primary focus should be on developing a traceable path that supports sustainability, compliance, and consumer trust. This journey of traceability is crucial for embedding greater transparency and authenticity into the products we use daily. #EcodesignRegulation #SustainableProducts #DPP #Traceability #CircularEconomy #GreenInnovation #EURegulations #ProductTransparency #Sustainability

  • View profile for Miguel Amador

    Helping healthcare innovation to scale from tech to impact #DigitalHealth #AI #SaMD

    11,927 followers

    Finally! The EU MDCG has delivered the regulatory clarity we've been waiting for Digital Health and Apps Stores in the EU. The new MDCG 2025-4 Guidance on Medical Device Software Apps officially confirms what many of us have been advocating: Apple and Google are now explicitly classified as Medical Device Software Distributors under EU MDR & IVDR Article 14 because of their Apps Stores. This means both tech giants bear legal liability for medical device software apps distributed through their platforms. No more regulatory grey zone. 𝐖𝐡𝐚𝐭 𝐓𝐡𝐢𝐬 𝐂𝐡𝐚𝐧𝐠𝐞𝐬: For Platform Operators: - Legal responsibility to ensure proper MDR/IVDR compliance before allowing medical device apps on their stores - Obligation to verify manufacturer compliance documentation - Potential liability for non-compliant medical device software distribution For SaMD Developers: - Clearer regulatory pathway with defined distributor responsibilities - no loss of connection to their patients - Reduced compliance uncertainty when launching digital therapeutics - should they use app stores or not? - Platform operators now share accountability in the medical device supply chain - closing the gap on traceability to better protect people from harmful and faulty Digital Health apps. The guidance specifically addresses section 3.2, establishing that major app stores cannot simply act as neutral platforms when distributing medical device software. They're now active participants in the regulatory framework. This development fundamentally shifts how digital health solutions reach patients. Every digital therapeutics company, SaMD developer, and health app creator now operates under a framework where Apple and Google must actively ensure medical device compliance. 𝐓𝐡𝐞 𝐑𝐞𝐚𝐥𝐢𝐭𝐲 𝐂𝐡𝐞𝐜𝐤: While this provides much-needed clarity, implementation will be complex. How will these platforms verify compliance? What review processes will they establish? The next 12 months will be critical as both sides adapt to these new obligations. Would we see the same interpretation in the EU, UK, or AUS? At Complear, we've been preparing for this regulatory evolution. We're developing digital tools to help both platforms and manufacturers navigate these new distributor obligations efficiently. We are witnessing a new era of software accountability, with even Big Tech platforms having to comply with everyone else's rules, and assume their critical role in medical device distribution of Digital Health. #MDCG #MedicalDevices #SaMD #DigitalHealth #MDR #IVDR #RegulatoryCompliance

  • View profile for Ali K.

    Product cybersecurity compliance. @ Red Alert Labs. CRA, EUCC, RED DA

    4,174 followers

    🇪🇺 CBOM: The New Compliance Imperative by 2026 While most organizations manage a Software Bill of Materials (SBOM), a Cryptographic Bill of Materials (CBOM) remains largely overlooked. Yet, EU regulations are rapidly converging to make cryptographic inventory a mandatory requirement. ||| WHY THIS MATTERS NOW The EU's Cyber Resilience Act (CRA) and NIS2 Directive, alongside the EU PQC Roadmap, are creating a clear mandate for cryptographic transparency. By the end of 2026, understanding and managing your cryptographic assets will no longer be optional, shifting from a niche concern to a core compliance pillar. || WHY SHOULD YOU CARE ↳ Avoid significant non-compliance penalties and market access restrictions under new EU regulations. ↳ Mitigate critical vulnerabilities arising from unmanaged or outdated cryptographic implementations, especially with the advent of post-quantum cryptography. ↳ Prepare for operational overhauls in product development, supply chain management, and incident response requiring new tools and expertise. || ACTIONABLE STEPS ↳ Conduct a comprehensive audit of all cryptographic components within your products and systems. ↳ Develop a robust CBOM generation and management strategy, integrating it into your existing compliance frameworks. ↳ Invest in training and tools to ensure your teams can effectively identify, track, and update cryptographic assets. | RELEVANT STANDARDS AND REGULATIONS This shift is directly driven by the Cyber Resilience Act (CRA), NIS2 Directive, and the EU PQC Roadmap, making cryptographic inventory a critical component of cybersecurity compliance. If you build, certify, or sell connected products in Europe, cryptographic inventory is your new baseline for security and compliance. ♻️ Share this with your product development, security, and compliance teams. P.S. What are the biggest challenges you foresee in implementing a comprehensive CBOM strategy?

  • View profile for Gianluca Managò

    Digital Product Passport (DPP), ESPR & LCA specialist | Turning sustainability data into circular products | Consumer electronics, packaging, textile, healthcare, furniture, automotive

    20,168 followers

    🚨Retail eCommerce is about to get disrupted, again. And no, it’s not AI, not Web3. It’s something far less flashy but 10x more powerful: Digital Product Passports (DPPs) You’re likely not ready for what’s coming. That wool sweater in your cart? Soon, your customers will demand to know: ⚪Where the wool came from ⚪Who made it ⚪How much CO₂ it emitted ⚪Whether it can be recycled or repaired This isn't a trend. It's legislation. Under the EU’s Ecodesign for Sustainable Products Regulation, Digital Product Passports will become mandatory for many product categories (and fast) If you're in eCommerce, here's what you need to know: 💡Products without a DPP will not be allowed on the EU market by 2030. This means: ▶️Full supply chain traceability ▶️Real-time sustainability data ▶️Ethical sourcing verification ▶️Circular design strategies And it all must be machine-readable, interoperable and auditable. Yes, it's a challenge. But also your biggest competitive advantage. Forward-thinking brands are already using Digital Product Passports to: 🟢Build customer trust 🟢Eliminate greenwashing risks 🟢Unlock resale, repair and recycling business models 🟢Stay ahead of compliance Tell stronger, data-backed product stories In the near future, the passport will be the new product page. Want to future-proof your brand? Let’s talk DPP strategy, tooling and how to embed it into your product and tech stack. 📩Reach out. Or don’t and let your competitors get there first. #circularfashion

  • View profile for Steven Brennan

    Co-founder @ Foresight | Regulatory intelligence software for chemicals, product safety, HSE & sustainability teams

    4,363 followers

    The EU just quietly released a document that will change how supply chains track chemicals forever. The new JRC methodology for identifying and tracking substances of concern under the Ecodesign for Sustainable Products Regulation (ESPR) is not getting headlines, but it should be. It sets out, in very practical terms, how the EU expects companies to understand, document and control the chemicals flowing through their entire value chain. From my aerospace days, I remember how time consuming it was to track a relatively narrow set of substances across multiple tiers of suppliers. Even then, it required endless emails, declarations, testing data and long turnaround times. What ESPR may require is on a completely different scale. The scope of substances is far broader and includes non intentionally added substances and anything that can hinder reuse or recycling. For many companies, this will feel like moving from a puddle to the open sea. For anyone working with complex products, this is a major shift. The method explains how organisations will need to: 🔹 map all intentionally and non-intentionally added substances across every life cycle stage 🔹 build a Base Case chemical inventory for each product group 🔹 identify which substances qualify as SoCs under Article 2(27), including SVHCs, POPs, CLP hazards and those that hinder reuse or recycling 🔹 define thresholds and exemptions for Digital Product Passport reporting 🔹 evaluate alternatives to avoid regrettable substitution when a substance is restricted This is a fundamental change in how supply chains will manage chemical information. It pushes companies to look deeper into their materials, processes and recycled content, and it forces greater transparency all the way from raw materials to end of life. Suppliers who cannot provide substance-level data will become bottlenecks. Recyclers will gain a more central role. Compliance, procurement and sustainability teams will have to work together in ways they have not before. If your organisation has not started preparing, now is the time. The expectations are clear and they are no longer theoretical. Happy to speak with anyone trying to interpret what these 300 plus pages mean for day to day operations in real supply chains. https://lnkd.in/ePruHEXm

  • View profile for Itxaso Domínguez de Olazábal, PhD.

    Policy Advisor at EDRi, Digital Rights and Global Politics

    5,321 followers

    𝗣LEASE 𝘀𝘁𝗼𝗽 𝘀𝗮𝘆𝗶𝗻𝗴 𝘁𝗵𝗲 𝗗𝗶𝗴𝗶𝘁𝗮𝗹 𝗢𝗺𝗻𝗶𝗯𝘂𝘀 is 𝗮𝗯𝗼𝘂𝘁 𝗰𝗼𝗼𝗸𝗶𝗲 𝗯𝗮𝗻𝗻𝗲𝗿𝘀 These proposals would change how the EU protects what happens inside your phone, computer, and connected devices 𝗪𝗵𝗮𝘁’𝘀 𝗿𝗲𝗮𝗹𝗹𝘆 𝗮𝘁 𝘀𝘁𝗮𝗸𝗲 • ePrivacy rules stop anyone (companies AND governments) from reading or storing information on your device without your consent, unless it’s strictly necessary for a service you use • They protect the secrecy of your calls, messages, and device activity, including metadata, GPS, microphones, smart TVs, and cars • What we have seen is that the Digital Omnibus would merge ePrivacy into the GDPR. That means access to your device could rely on legitimate interest or broad exemptions like 'security,' 'fraud detection,' or 'audience measurement' 𝗪𝗵𝘆 𝘁𝗵𝗮𝘁’𝘀 𝗿𝗶𝘀𝗸𝘆 • ‘Legitimate interest’ would let companies argue they can track you because it serves business goals. GDPR requires a balancing test, but in practice, enforcement is uneven and resource-strapped, and companies often succeed in presenting these claims as compliant • The other exemptions could make sense only if they’re narrow and used by the service provider itself - for example, a bank checking for fraud • But written as they are, they’d also let adtech, data brokers, and even public authorities access your device data under vague reasons 𝗪𝗵𝘆 𝗺𝗲𝗿𝗴𝗶𝗻𝗴 𝘁𝗵𝗲 𝗹𝗮𝘄𝘀 𝗶𝘀 𝗻𝗼𝘁 𝘀𝗶𝗺𝗽𝗹𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻 • ePrivacy and GDPR protect different things - GDPR governs what happens after data is collected and identifies someone. - ePrivacy prevents the access itself: it protects the confidentiality of communications, even when data isn’t yet personal • Merging them would remove the barrier that stops intrusive access in the first place. By the time the GDPR applies, the privacy breach has already happened 𝗧𝗵𝗲 𝗽𝗮𝗿𝘁𝗶𝗮𝗹 𝗴𝗼𝗼𝗱 𝗻𝗲𝘄𝘀 • The proposal includes Privacy Signals: browser or device settings that could tell websites your consent choices automatically • However, the draft delays their binding effect until new standards exist and exempts some sectors, like media. This means users might not be able to rely on them to say 'no' and be done 𝗔𝗻𝗱 𝘆𝗲𝘀, 𝗰𝗼𝗼𝗸𝗶𝗲 𝗯𝗮𝗻𝗻𝗲𝗿𝘀 𝗮𝗿𝗲 𝗮𝗻𝗻𝗼𝘆𝗶𝗻𝗴.. But that’s not because of the law. It’s because greed for data. The fix isn’t to weaken rights but to regulate adtech, ban deceptive design, and -surprise!- focus on robust enforcement 𝗪𝗵𝗮𝘁 𝘀𝗵𝗼𝘂𝗹𝗱 𝗰𝗵𝗮𝗻𝗴𝗲 • Keep ePrivacy separate from GDPR • Exclude 'legitimate interest' for purposes of tracking, profiling, or adtech • Allow narrow technical exemptions only when strictly necessary and never for third-party advertising, analytics, or surveillance • Make Privacy Signals binding and interoperable from day one This is not only about cookies. It’s about whether platforms, data brokers, and governments get legal permission to look inside your device and your communications

  • View profile for David Lewis

    Director, Privacy Advisory EMEA @Google; ex Snap regional GC, ex-Warner Bros.

    3,915 followers

    Competition shouldn’t cost you your privacy. People use Search in their most private moments, seeking help for everything from their relationships to finances to health. Under recent preliminary findings under the EU Digital Markets Act, the European Commission argues Google should roll back technical protections so that a handful of competitors can see your personal search history in minute detail: what you searched for, when you searched, where you searched from, what you clicked on, every day, on an ongoing basis. Under this extraordinary proposal, the private searches of every Google user in Europe would be handed over to third-party companies on a daily basis, without user consent, meaningful transparency or appropriate security measures for how data will be handled. Our users didn’t choose these competitors, and these services have not explained why they need this data to compete. Google and privacy experts have already shown the Commission how this could result in malicious actors being able to trace individual queries back to individual people. Citizens deserve to know when their fundamental rights are at stake, and we intend to make that case in detail in the weeks ahead. A link to the proposal is here: https://lnkd.in/eJgxCJ_8 #privacy #anonymisation #GDPR #DMA

  • View profile for Carlos Eduardo Torres Giraldez

    I help companies turn complex digital regulations into practical, business-ready compliance solutions — GDPR & EU AI Act | LL.M. Digital & AI Law

    13,646 followers

    Exploring the Relationship Between GDPR and New Digital Regulations: Following the release of the Second Report on the application of the General Data Protection Regulation (GDPR) by the European Commission, I want to share some insights into how the GDPR intersects with new digital regulations. The EU has introduced several initiatives that either complement the GDPR or clarify its application in specific areas to achieve distinct objectives. Here’s a look at how these new digital policies interact with the GDPR, particularly with the Digital Services Act, the Digital Markets Act, and the AI Act: 1. Digital Services Act (DSA): The DSA is designed to create a safer online environment for both individuals and businesses. It aligns with the GDPR by prohibiting online platforms from displaying advertisements based on profiling that uses "special categories of personal data". This reinforces data protection, ensuring that user privacy is maintained in the digital advertising space. 2. Digital Markets Act (DMA): To promote fairer and more competitive digital markets, the DMA restricts 'gatekeeper' platforms from combining and cross-using personal data across their core services and other services without explicit user consent, as mandated by the GDPR. This measure ensures that users have control over how their data is used and prevents monopolistic practices in digital markets. 3. AI Act: The AI Act delineates specific EU data protection rules for areas where artificial intelligence is employed. For instance, it sets guidelines for the use of AI in remote biometric identification systems, addresses the processing of sensitive data to detect biases, and regulates the further processing of personal data in regulatory sandboxes. These provisions ensure that AI technologies adhere to GDPR principles, promoting responsible and ethical AI development. These initiatives highlight the EU's commitment to integrating GDPR principles into various digital policies, ensuring that technological advancements do not come at the cost of personal data protection.

Explore categories