The digital regulatory journey in 2024 is going to be a bumpy ride - from online safety, to cybersecurity, to AI and data, it can feel overwhelming to keep up with the numerous implementation and compliance deadlines coming up. To avoid the chaos, we have compiled a handy timeline of some of the most important regulatory events scheduled for this year. Stay tuned for updates as we progress through 2024.

Authors: Elle Todd Tom Gates Francesca Paull Alicja Lysik

Online Safety Act - UK - Q1/Q2 2024

Back in November 2023, the European Parliament and the European Council reached a political agreement on the EU Cyber Resilience Act. The agreement is pending formal approval which is expected to happen in early 2024. Once CRA enters into force, organisations will be given a period of 36 months to adjust to the new provisions, except for a shorter grace period of 21 months applicable to reporting obligations for incidents and vulnerabilities.

Data Act - UK - 10 January 2024

The Online Safety Act 2023 (Commencement No. 2) Regulations 2023 brought into force majority of provisions. Although most substantive obligations will come into force via secondary legislation and Ofcom’s codes of practice, some provisions already apply, including section 72, which requires all services to include in their terms of service information about users’ right to bring a claim for breach of contract if their content is taken down or they are suspended/banned from the service, in breach of the terms of service. Most duties will come into effect on the day the relevant code of practice comes into force.