The future of Ukraine depends on its relations with the EU. What is the law governing accessions? What are the main challenges facing Ukraine on the path towards EU membership? Going through the pre-accession scrutiny in times of war, Ukraine sets a unique precedent, where more experimentation could be possible to mitigate a huge risk that the EU repeats and amplifies the same mistakes it made in the Western Balkan countries – making the region a hostage of its contradictory and lethargic politics for too long. The evolution of EU enlargement law and the legal-political framework surrounding accessions across the different rounds of EU enlargement demonstrates that EU law is flexible while the practice of its application is volatile and deeply political. Enlargement practice shows that applying pre-accession conditionality may cause significant delays, while not delivering the results expected of it. A new approach to regulating accessions to the EU needs to be tested out before it is too late. This approach should build on Article 49 TEU and seek at least some depoliticisation of the enlargement process to guarantee the rule of law without dubious pre-accession techniques. Such an approach would speed-up accessions while making EU enlargement more predictable, serving the interests of Ukraine and other partners.

Cybersecurity is a concern to be tackled not only by individual States but also by the European Union as a whole. Building on the recent adoption of Regulation (EU) 2025/38, the so-called Cyber Solidarity Act, the study intends to analyse the creation of a supranational capacity to prevent and respond to cyber incidents, by answering the following questions: how and to what extent is solidarity concretely declined in the act in question? How do the mechanisms provided for by this act concretely interact with the Member States’ prerogatives in the broader security domain?

Healthcare systems are increasingly exploiting the advantages of Internet of Things technologies: cloud-connected devices with perceptive sensors can gather very accurate health data from people even if they do not get to the hospital or private clinics. For potential innovators of new medical IoT devices, the legal framework applicable was until now limited to the application of the General Data Protection Regulation and the Medical Devices Regulation.

This paper will investigate what will happen when medical IoT-generated data are shared to create new products or services according to the framework now depicted by the Data Act and the European Health Data Space.

Given that the EHDS and the Data Act are both aimed at facilitating the secondary use of (health) data, the contribution will compare the two processes set up to establish a roadmap to solve health-data sharing theoretical and practical queries.

European constitutions differ greatly in the depth to which they deal with emergencies: while many constitutions devote more or less detailed regulation to emergency regimes, others almost completely neglect these issues or dedicate only some very short and vague references to emergency situations and powers. This article aims to carry out a systematic comparison of the emergency-related provisions of forty European constitutions, focusing on (1) the level of detail of the regulation, (2) the emergency regimes addressed, and (3) the restrictions on fundamental rights. As the study points out, only two out of the forty constitutions are completely silent on emergency powers. However, the remaining thirty-eight constitutions show wide variation in the level of detail of the emergency regulation; the vast majority of the emergency regimes are related to war or armed attack (or the danger thereof), to internal crises threatening the constitutional order, and to natural disasters. Concerning fundamental rights, the examination of the constitutional texts confirms that twenty-five out of the forty constitutions encompass some provisions on the restriction of these rights in a state of emergency.

The implementation of the General Data Protection Regulation (GDPR) in the EU, rather than the regulation itself, is holding back technological innovation. The EU’s data protection governance architecture is complex, leading to contradictory interpretations among Member States. This situation is prompting companies of all kinds to halt the deployment of transformative projects in the EU. The case of Meta is paradigmatic: both the UK and the EU broadly have the same regulation (GDPR), but the UK swiftly determined that Meta could train its generative AI model using first-party public data under the legal basis of legitimate interest, while in the EU, the European Data Protection Board (EDPB) took months to issue an Opinion that national authorities must still interpret and implement individually, leading to legal uncertainty. Similarly, the case of Deepseek has demonstrated how some national data protection authorities, such as the Italian Garante, have moved to ban the AI model outright, while others have opted for investigations. This fragmented enforcement landscape exacerbates regulatory uncertainty and hampers EU’s competitiveness, particularly for startups, which lack the resources to navigate an unpredictable compliance framework. For the EU to remain competitive in the global AI race, strengthening the EDPB’s role is essential.

Some fishing vessels breach maritime laws by operating with their mandatory tracking systems (Automatic Identification System (AIS)) switched off. Marine insurers act as enablers of this practice since these vessels cannot operate without insurance. This article explores why insurers in England take on the risk of insuring them and assesses how the insurers are operating against the regulatory framework in doing so. It identifies the solutions that could raise standards in marine insurance and lead to increased legal compliance by the insured vessels. This would consequently enhance maritime safety, while increasing transparency in fisheries across all oceans. Importantly, by discouraging vessels from going dark, any illegal activities underlying the non-transmission of AIS data, such as human, drug or weapon trafficking, illegal fishing or sanctions evasion, would also be curbed.

Emergency law serves the dual purpose of granting public authorities the powers to respond to emergencies whilst simultaneously limiting the use of such powers so as to prevent their abuse. To this end, it is crucial that emergency law clearly outlines its own scope by delimiting the grounds that permit the invocation of emergency powers. This article argues that defining those grounds requires distinguishing emergency from normalcy and disentangling it from the broader notion of crisis. Accordingly, the contribution investigates the extent to which a definition of emergency can be accommodated within EU constitutional law. To do so, it draws on examples from European emergency law, understood as encompassing both EU Member States’ laws and the European Convention on Human Rights (“ECHR”). The article shows that the vague emergency terminology employed in the EU Treaties hinders the identification of a horizontal definition of emergency and risks casting doubt on the constitutional legitimacy of emergency responses by the Union and its Member States.

Since the eighteenth century, animal breeding has significantly evolved, culminating in the use of gene editing (GE) technologies like CRISPR-Cas9. These technologies offer unprecedented capabilities to modify animal genomes, potentially revolutionising breeding practices by achieving desired traits much faster compared to traditional selective breeding (SB). Because breeding programmes focussed on productivity traits have often compromised animal welfare, this article provides an analysis of the ethical issues underpinning the use of GE in animal breeding, and the current laws regulating such practices. In doing so, this article critically examines the European Union (EU)’s regulatory framework for SB and GE in farm animals, highlighting significant gaps and inconsistencies. Specifically, the use of GE animals is currently regulated under the EU’s GMO legislation, while SB is more loosely regulated, posing substantial risks to animal welfare. The authors advocate for a regulatory framework that prioritises animal welfare goals and proposes reforms to enhance animal protection objectives by ensuring a more consistent and humane approach to farm animal breeding.

This article considers the application of the precautionary principle as understood in EU law to EU decision-making on geoengineering, in particular solar geoengineering. It finds that the situation is riddled with more complexities than first appears; (i) the principle is used to argue against research, even though more research is usually itself seen as precautionary response; (ii) the risks of research are claimed to lie in its political impact, whereas the principle is traditionally applied to direct physical risks; (iii) while there are legitimate precautionary arguments against geoengineering, it is itself put forward as a precautionary measure and there are precautionary arguments in favour too. Drawing on case law and scholarship we conclude that the precautionary principle can nevertheless be applied and will lead to a procedural requirement to do comprehensive reviews of relevant scientific knowledge before decision-making. This leaves wide – but not unbounded – discretion but may still be valuable in providing a frame for reasoned public debate. We also apply our findings to the recent expert reports on Solar Radiation Modification and show that they have failed to apply precaution correctly.

The EU AI Act seeks to balance the need for societal protection against the potential risks of AI systems, with the goal of fostering innovation. However, the Act’s ex-ante risk-based approach might lead to regulatory obsolescence (already materialised in 2021 with the spread of LLMs and the consequent reopening of the regulatory process), as well as to over or under-inclusion of AI applications in risks’ categories. The paper deals with the latter outcome by exploring how AI uses in law and rulemaking hide risks not covered by the EU AI Act. It is then analysed as to how the Act lacks flexibility on amending its provisions, and the way forward. The latter is tackled without utopian and not really feasible proposals for a new act and risk-based approach, but focusing on codes of conduct and national interventions on AI uses by public authorities.

The key requirement for GMO authorisation is the submission of analytical methods for the detection, identification and quantification (DIQ), which has proven challenging in the case of New Genomic Techniques (NGTs). Currently available non-analytical approaches, such as blockchain traceability and probabilistic analysis, while potentially useful for monitoring, are insufficient for authorisation purposes. The lack of reliable DIQ methods hinders the authorisation of NGT products and raises concerns for both organic and conventional agriculture, where the presence of NGT products goes undetected. Therefore, the existing GMO regulatory framework requires reevaluation to address the challenges posed by NGTs while ensuring compliance with the broader EU food law framework.

This article conceptualises regulatory sandboxes in the food area, considering them as unique spaces with varying degrees of openness. Through an analysis of closed, semi-open and open spaces, it illustrates the regulatory landscape surrounding regulatory sandboxes of novel foods in the EU, particularly focusing on the concept of “placing on the market.” The article contends that the degree of openness of regulatory sandboxes impacts the application of the precautionary principle within these spaces. It explores scenarios where the sandbox tests various aspects of novel foods under EU soft and hard law. The characteristics of the regulatory sandbox (open, semi-open, closed) changes corresponding to what the regulatory sandbox tests in relation to a novel food, eg, a sensory characteristics or safety or other data points, such as effectiveness of labelling. This article contributes to the ongoing discourse on innovation-friendly laws surrounding regulatory frameworks applicable to novel foods in the EU.

While the European Union was recently affected by four major and multifaceted crises which gave rise to litigation, the response of the European Court of Justice to these events has remained understudied. From a close reading of the procedural features, the legal reasoning and timing of four key judgments concerning measures adopted in the wake of the Eurozone crisis, the migration crisis, Brexit, and the COVID-19 pandemic, this article sketches a broader narrative about the Court’s response to crises which transcends the specificities of the legal issues and the context of each case. The findings suggest that the Court is likely to adjudicate a crisis case by applying the expedited procedure depending on political developments, assign a larger chamber, carefully justify its reasoning with references to settled case-law, conduct a context-sensitive balancing exercise, and deliver a decision at a politically relevant time.

The rapid advancement of quantum computing presents unparalleled opportunities and challenges for the legal field. This article investigates the key legal implications of quantum computing, focusing on intellectual property, data security, regulation, and ethical considerations. The unique characteristics of quantum algorithms and hardware pose significant challenges for the existing patent system, necessitating a clear and consistent framework for protecting quantum innovations while fostering collaboration. The threat of quantum computing to current encryption methods highlights the urgent need for forward-looking data protection policies and the adoption of post-quantum cryptography. As quantum technologies continue to evolve, policymakers must work closely with stakeholders to develop adaptive, principles-based regulations that strike a balance between promoting innovation and mitigating risks. Moreover, the societal and ethical impacts of quantum computing cannot be overlooked; prioritising applications that deliver significant social good and establishing robust ethical guidelines will be crucial. Preparing the legal workforce for the quantum era requires a concerted effort to develop quantum literacy and expertise. By adopting a proactive, interdisciplinary approach, the legal community can play a vital role in shaping the quantum future, ensuring that this transformative technology upholds the rule of law, protects individual rights, and promotes the greater good of society.

The swift proliferation of connected devices in the Internal Market brought attention to their weak cybersecurity standard, reflected by widespread and oftentimes unpatched vulnerabilities and successful cyberattacks. Attacks on cyber-physical systems have a critical impact not only on the Union’s economy but also on consumers’ health, safety, and fundamental rights. Against the background of the failure of the cybersecurity market of connected devices, the 10 December 2024 entered into force Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements (Cyber Resilience Act, CRA). After casting light on the three regulatory foundational choices underpinning this EU legal act in the field of cybersecurity (ie, horizontal approach, risk-based approach, product safety approach), the article investigates the extent to which the CRA enhances the protection of fundamental rights, as claimed in the Explanatory Memorandum of the Commission’s proposal.

The Digital Markets Act (DMA) is a rare bird in competition policy. Indeed, it is a hybrid framework incorporating the institutional setting of a regulatory tool as well as the conduct already targeted by antitrust authorities in proceedings against digital platforms. From a policy perspective, the DMA seeks to prevent some anticompetitive practices. To this end, the EU legislator has construed an intricate set of provisions pursuing different policy goals. After setting out these goals in relation to the proclaimed legal interests protected by the DMA (ie, contestability and fairness), the paper uncovers the policy goals underlying each of the provisions. Relying on the first round of compliance reports issued by gatekeepers in March and October 2024, the analysis aims at providing adequate pathways to measure the DMA’s success, based on the explicit legal interests and implict policy goals fleshed out by the regulation. The paper maps out market scenarios where policymakers can assert that the DMA’s enforcement has been effective.

The European Union’s REACH (Registration, Evaluation, Authorisation and Restriction of Chemicals) Regulation aims to ensure high levels of human health and environmental protection, while also promoting alternatives to animal testing. REACH permits animal testing as a last resort only and imposes the 3Rs principle (Replacement, Reduction, and Refinement of animal testing). Nevertheless, the current regulatory practices still heavily rely on animal-based methods. This study underscores the scientific limitations of animal models and highlights the ethical and methodological burdens associated with their use. It synthesises the challenges and opportunities associated with integrating New Approach Methodologies (NAMs) into regulatory toxicity testing under REACH, as highlighted by various scientific experts. Key challenges identified include contradictory and inadequate legislative frameworks, slow and restrictive validation processes, low acceptance of NAMs by regulatory authorities, and legislative amendments expected to increase animal testing. To create a more flexible regulatory environment and advance the adoption of NAMs, there is a need for legislative reforms and increased collaboration between academia, industry and regulatory bodies. In this context, it is also necessary that more legal scholars begin to show interest in this field to help tackle the multidisciplinary challenges to non-animal testing for regulatory purposes. This article provides an introduction to the field of regulatory toxicology with a focus on the REACH framework from a legal perspective.