GDPR General Data Protection Regulation — the EU's privacy law that controls how personal data is collected and used. The grandparent of all EU digital regulation.
CSRD Corporate Sustainability Reporting Directive — requires large companies to publicly report their environmental and social impact, like a nutrition label for a company's ESG performance.
CSDDD Corporate Sustainability Due Diligence Directive — requires companies to continuously check their supply chain for human rights and environmental violations, not just file an annual report.
NIS2 Network and Information Security Directive 2 — the EU's cybersecurity law requiring critical infrastructure and digital service providers to protect their networks and report incidents.
CBAM Carbon Border Adjustment Mechanism — the EU's carbon import tax that charges importers for the carbon emissions embedded in goods like steel, cement, and aluminum.