EU Space Act: What In-House Counsel Need to Know About the Potential Regulatory Framework for Space Activities in Europe

On June 25, 2025, the European Commission published the long-anticipated draft EU Space Act (“Act”), a potentially landmark regulation that will apply to both EU and non-EU operators providing space services in Europe. The proposed Act excludes many defense and national security space objects and (if passed) will come into effect from January 1, 2030, with a two-year transitional period for certain assets and activities.

The Act’s core objectives are fostering EU competitiveness by harmonizing rules across EU Member States, promoting environmental sustainability, and ensuring the safety and resilience of space infrastructure. The Act in many ways serves to implement State responsibilities under the Outer Space Treaty, such as the requirement for a State to provide “authorization” and “continuing supervision” of private parties operating in outer space.

This article provides a brief overview of the Act’s key requirements, enforcement mechanisms, and practical implications.

Three Key Elements: Safety, Resilience, and Sustainability 

1. Safety: Trackability, Collision Avoidance, And Debris Mitigation 

• The proposed Act introduces mandatory technical requirements for tracking space objects, subscribing to collision avoidance services, and implementing robust debris mitigation plans to ensure synergy with EU safety policies and legislation. Spacecraft must be trackable and capable of performing collision avoidance maneuvers, with special obligations for large constellations.  
• Space operators must ensure safe satellite disposal at end-of-life, with design and operational standards aimed at minimizing the creation of any new space debris.  
• The Act also requires coordination with air traffic authorities for launches and re-entries and mandates the use of standardized procedures for responding to high-interest event alerts (potential collisions). It introduces a “right of way” approach to facilitate the resolution of collisions between multiple maneuverable spacecraft. 

• Resilience: Cybersecurity and Risk Management 

• The Act establishes a comprehensive risk assessment framework tailored to the unique cybersecurity and physical threats facing space infrastructure. This includes requirements for information security management, access controls, incident detection and reporting, cryptography, backup protocols, and business continuity planning. 
• Space operators shall establish a supply chain risk management framework. Their contracts with supplier manufacturers and service providers shall contain supply-chain security-related aspects on information security requirements.
• The Act is designed to complement and, where applicable, supersede (a) the Network and Information Systems Directive 2 (“NIS 2” Directive) (cybersecurity) and (b) the Critical Entities Resilience Directive (“CER Directive”) for all space operators and segments of space infrastructure.
• The EU Space Act will become the ‘lex specialis’ in relation to the cybersecurity measures of EU operators qualifying as essential or important entities in NIS 2. 
• Operators must report “significant incidents” to competent authorities. The European Union Agency for the Space Programme (“EUSPA”) will play a central role in technical assessments, ongoing supervision, and incident monitoring, including the establishment of the Union Space Resilience Network (“EUSRN”) for enhanced cooperation on cybersecurity incidents.

• Sustainability: Environmental Footprint and Life Cycle Assessment 

• In line with the European Green Deal and the EU sustainability objectives, space operators will be required, unless exempt, to calculate and report the environmental footprint of their activities throughout the entire mission lifecycle—from design and manufacturing to operation and end-of-life.  
• The Act mandates the use of a common, space-specific life cycle assessment (“LCA”) methodology, with supporting data submitted to a centralized Environmental Footprint Database managed by the Agency, creating a common method for calculating the environmental impact of space activities.   
• The Act requires the development of space debris mitigation, including both physical structures and light and radio pollution.  
• As part of their authorization application, space operators must submit an environmental footprint declaration, together with supporting environmental footprint studies and data, verified through a certificate which shall be issued by a qualified technical body for space activities. There is also a requirement to contractually obtain all relevant environment footprint data from suppliers. 

Scope and Applicability

• The proposed Act recognizes the principle of State responsibility under international law and aims to apply harmonized EU law to space operators, launch providers, and in-space service providers established in the EU, as well as to non-EU (third-country) operators providing space-based data or services in the EU. Notably, the United Kingdom will be treated as a “third country” for the purposes of the Act. The Act covers both EU-owned and national assets.
• The Act explicitly does not apply to space objects used exclusively for defense or national security purposes, space objects that have been temporarily placed for defence purposes under a military operation and control, and authorization or management of radio spectrum.
• Assets launched before January 1, 2030, are also generally exempt, but transitional provisions apply for assets still in the critical design phase as of the Act’s entry into force.

Enforcement, Inspections, and Penalties 

• Non-EU entities providing space-based data or services in the EU must register with the Union Register of Space Objects and obtain an e-certificate from EUSPA, attesting to conformity with the Act’s requirements.
• The Act grants the European Commission and EUSPA significant new enforcement powers, including the authority to conduct on-site inspections of both EU and third-country operators.  
• Non-compliance can result in administrative fines of up to twice the profits gained or costs avoided from non-compliance, or, where this is not determinable, 2% of the operator’s total worldwide annual turnover, as well as suspension or withdrawal of authorizations and public notices of infringement.  
• The Commission may also impose periodic penalty payments to compel compliance and has the power to order interim measures in urgent cases.  
• Operators have the right to be heard and to appeal enforcement decisions, with a dedicated Board of Appeal established within the EUSPA. The Court of Justice of the EU shall have unlimited jurisdiction to review decisions imposing fines or periodic penalty payments and may annul, reduce or increase the amount of a fine or periodic penalty payment imposed. 
• The EU may seek to conclude mutual recognition agreements with third countries on matters covered by the proposed Act. 

Strategic Considerations for In-House Counsel 

• Increased costs: Though regulatory simplification will yield long-term advantages, costs are expected to increase in the short-term. For example, it is estimated that satellite operators may face an increase of up to 10% in manufacturing costs (depending on mission requirements). Supporting measures will be put in place to help offset part of implementation costs for start-ups, scaleups and SMEs. 
• Compliance Planning: The EU regulation, if passed, will apply to space service providers irrespective of their place of establishment if the space-based data or services are provided in the EU. Begin mapping your organization’s space assets, supply chains, and service offerings against the new requirements. Early engagement with EUSPA and national authorities is recommended to clarify authorization pathways and technical assessment needs.  
• Environmental Reporting: Prepare for the adoption of the new LCA methodology and data submission requirements. Engage with suppliers to ensure access to necessary environmental data.
• Contractual Implications: Review and update contracts for the provision of space-based data and services to ensure inclusion of the required electronic certificates and compliance representations.
• Risk Management: Strengthen cybersecurity and physical resilience programs to meet the Act’s tailored risk assessment and incident reporting standards. Consider leveraging the forthcoming EUSRN for threat intelligence and best practices.
• Third-Country Operations: If your company is based outside the EU (including the UK) or relies on non-EU partners, ensure that you have one or more legal persons in one of the EU Member States to act as your legal representative in the EU.
• Equivalence decisions: If your company is in a third-country jurisdiction that already adheres to high levels of safety, resilience, and environmental sustainability of space activities, and if the European Commission determines that the third-country’s legal and regulatory framework offers protections comparable to those under the proposed EU Space Act, space service providers from that country can operate in the EU on the basis of an “equivalence decision,” without undergoing duplicative compliance checks. 

Next Steps 

The proposed Act will be negotiated under the ordinary legislative procedure by the European Parliament and the Council of the European Union.

Conclusion 

The EU Space Act represents a paradigm shift for the European and global space industry, setting a new, standardized bar for safety, resilience, and sustainability. While the Act introduces new compliance costs and operational challenges, it also promises to streamline market access, foster innovation, and position the EU as a global standard-setter in space governance. In-house counsel should act now to assess the Act’s impact, engage with stakeholders, and develop a roadmap for timely and effective compliance.