Countries

Digital snapshot – key policies and laws

The country’s broader digital agenda is anchored in the Digital Croatia Strategy 2032, which focuses on a digital economy, digitalised public administration, very-high-capacity networks and digital skills. Croatia’s Digital Decade roadmap contains 31 measures worth about EUR 634.73 million, while the European Commission’s 2025 assessment notes strong progress in digital infrastructure and cybersecurity.

Digital public services are centred on e-Citizens, Croatia’s main portal for public-sector information and e-services, open to all EU citizens and foreign residents. Its identity layer, NIAS (National Identification and Authentication System), manages electronic identities for secure access to public e-services, supporting a more integrated e-government model. Croatia is also linking its services to the EU cross-border frameworks, including the Single Digital Gateway and evidence-exchange mechanisms.

Regarding infrastructure, HAKOM (Croatian Regulatory Authority for Network Industries)’s 2024 report says 5G coverage reached 94% of the population, while almost half of rural households had access to gigabit networks, and that clearly places Croatia among the stronger regional performers on mobile coverage, though rural fibre and mid-band 5G remain policy priorities. Connectivity policy is guided by the National Broadband Development Plan 2021–2027, Digital Croatia 2032 and the EU recovery funding, while future Adriatic routes such as GreenMed could increase international cable diversity.

On rights and regulation, Croatia follows the EU model. HAKOM acts as the Digital Services Coordinator under the Digital Services Act, while AZOP (Croatian Personal Data Protection Agency) enforces GDPR (General Data Protection Regulation) and imposed a notable EUR 4.5 million fine on a telecom operator in 2025. Croatia also notified AI Act authorities for fundamental-rights oversight, including ombudsperson bodies, AZOP, the electoral authority and the media regulator, while preparing a National AI Development Plan 2032 and an action plan for 2026–2028.

Relating to data governance, the 2025 Open Data Policy frames public-sector data as a basis for digital transformation, innovation, economic growth, transparency and accountability, while Croatia’s open-data portal provides public-sector datasets for free use and re-use. Together with AI, cybersecurity, DSA (Digital Services Act), GDPR (General Data Protection Regulation) and broadband reforms show a country moving toward a more regulated digital governance model, with implementation instruments, capacity development and integration in businesses and public institutions.

Croatia’s NIS2 turn

Croatia’s Cybersecurity Act, in force since 15 February 2024, marks a shift from a narrow critical-infrastructure approach to a broader model of national cyber resilience. By transposing the EU NIS2 Directive, the law expands cybersecurity obligations to a wider circle of essential entities, including sectors such as health, transport, energy, finance, digital infrastructure and public administration. It strengthens the role of the National Cyber Security Centre (NCSC-HR) as a central actor for coordination, prevention and response, while introducing clearer duties on risk management, incident reporting and supervision. The new framework is complemented by a National Cyber Crisis Management Programme, which defines responsibilities across technical, operational and strategic levels. Its relevance became tangible in 2024, when cyberattacks on KBC Zagreb, Croatia’s largest hospital, and Split Airport exposed how digital disruption can affect public safety, mobility and economic confidence.

Related news on dig.watch

• Croatia faces additional European Commission action over Digital Services Act enforcement
• Croatia urged to embed human rights into AI law
• Croatia turns bus stops into AI-powered health stations
• EIB highlights AI as key driver of Croatia’s economic growth
• Croatian hospital suffers network outage in ransomware attack

Croatia’s Permanent Mission to the UN in Geneva:

Croatia’s Permanent Mission in Geneva represents the country at the UN Office at Geneva and other international organisations based in the city. The UN Geneva Blue Book lists the mission under the formal name Permanent Mission of the Republic of Croatia to the UN Office and other international organisations in Geneva, with Croatia’s National Day recorded as 30 May.

Official UNOG website: https://www.ungeneva.org/en/blue-book/missions/member-states/croatia

EMBASSY AND PERMANENT MISSION TO THE UN – GENEVA

Twitter/X: https://x.com/MFA_Croatia

Facebook page

Consult Croatia’s digital strategies and regulations

Here you can explore the country’s main digital strategies, laws, and regulations by simply asking the chatbot, which is designed to help you quickly find relevant documents and understand the country’s digital policy landscape.

Main digital policies and regulations in the country:

• Croatia’s Digital Strategy
• Croatia’s National Cyber Security Strategy
• National Plan for the Development of Broadband Access in the Republic of Croatia
• Croatian strategy for education, science and technology

Follow Croatia’s digital submarine cables

Czechia’s digital profile is anchored by dense interconnection and steady last-mile upgrades, Prague’s NIX.CZ ranks among Europe’s larger neutral IXPs (209 members; 2023 peak >2.8 Tb/s), keeping a large share of national traffic local and low-latency. The National Plan for Very High-Capacity Networks (VHCN) guides gigabit build-outs through 31 December 2027, while the Czech Telecommunication Office (ČTÚ) serves as the country’s Digital Services Coordinator for the EU DSA.

On services and computing, the state rolled out eDoklady, a mobile digital-ID app, starting 20 January 2024 to streamline high-assurance login and in-person checks. For cloud, most workloads combine domestic colocation with nearby hyperscale regions, strengthened by the Azure ‘Austria East’ launch (three availability zones in Vienna, Aug 2025). Research and AI training lean on IT4Innovations’ Karolina EuroHPC supercomputer in Ostrava.

2Governance is comparatively mature and still tightening. The National AI Strategy 2030 (NAIS) was approved in 2024, and a new Cybersecurity Act transposing NIS2 is slated to take effect on 1 November 2025, expanding obligations for essential and important entities. Together with the DSA setup and the VHCN plan, these measures place Czechia near the regional frontier on practical enablers: interconnection density, close-by cloud regions, national digital ID, and an up-to-date cyber/legal framework.

Consult Czechia’s AI and digital strategies and regulations

Follow Czechia’s digital infrastructure

Germany’s digital profile is anchored by core internet infrastructure that is among Europe’s strongest. Frankfurt’s DE-CIX, one of the world’s leading internet exchanges, set a new global peering record of 25 Tb/s in April 2025, underscoring Germany’s role as a continental traffic hub. Frankfurt’s data-centre market also crossed a structural milestone in Q2 2025, exceeding 1 GW of operational colocation supply, only the second European city to do so, reflecting deep interconnection and cloud capacity.

On connectivity, Germany is close to universal 5G household coverage. The European Commission’s 2024 Digital Decade country report cites 98.1% 5G coverage of households, placing Germany near the top of the EU on this metric (while acknowledging remaining FTTP gaps).

In high-performance computing, Germany operates JUPITER, Europe’s first exascale supercomputer, inaugurated on 5 September 2025 at Jülich. This positions the country at the forefront of European computing for AI training and large-scale simulation.

Commercially, Germany is one of Europe’s largest e-commerce markets by revenue. After two weak years, online retail grew 1.1% to €80.6 bn in 2024, with the national trade association forecasting about €92.4 bn in 2025, indicating a return to steady expansion at scale.

Consult Germany’s AI and digital strategies and regulations

Follow Germany’s digital submarine cables

Digital Snapshot – Key Policies and Laws

Brunei’s digital profile combines very high connectivity with a relatively centralised policy model. The UN’s 2024 E-Government Development Index ranks Brunei 75th out of 193, with a strong Telecommunication Infrastructure Index (0.9868). Public datasets also suggest near-universal connectivity with 99% internet penetration in early 2025.

At the strategy level, national digital transformation is framed by the Digital Economy Masterplan 2025, which sets the direction and enablers for ‘Smart Nation through Digital Transformation.’ For the public sector, Brunei’s Digital Government Strategy outlines a programme-based approach to modernising government processes and services, including cross-agency coordination aims. Delivery is supported by government-wide infrastructure, such as EGNC’s One Government Network (OGN), which connects agencies through a secure WAN.

Connectivity policy and rollout have been relatively explicit. Brunei adopted a National Broadband Policy as an overarching framework for broadband development. On mobile, Brunei announced nationwide 5G availability from 22 June 2023 via a joint release involving AITI, UNN and operators. AITI’s published sector statistics also track indicators of high mobile/broadband penetration and network coverage.

On ‘trust’ governance, the major recent shift is privacy law: the Personal Data Protection Order (PDPO) 2025 establishes private-sector data protection obligations, including cross-border transfer conditions.

PDPO: Brunei’s privacy pivot

Brunei’s Personal Data Protection Order (PDPO) 2025 marks a clear shift from fragmented privacy expectations to a single, enforceable framework for how private-sector organisations handle personal data, covering collection, use, disclosure, security, retention and cross-border transfers. A Government Gazette commencement notice appointed 1 January 2026 for key operative parts of the law, effectively turning ‘privacy readiness’ into a near-term governance test for companies, platforms, and service providers. In practice, the PDPO pushes organisations to formalise accountability, including a designated compliance contact, document their data practices, and treat data incidents as operational risks rather than PR noise. For consumers, it strengthens expectations of transparency and control over personal data in everyday services, especially in e-commerce, finance, telecoms, and digital government adjacencies, while also raising questions about how cross-border data flows will be managed in a small, highly connected economy.

Cybersecurity governance is anchored in the Cybersecurity Act Chapter 272, which formalises national oversight and CII-related requirements, alongside the Brunei National Cyber Security Framework, which serves as a referenced set of standards/guidelines.

For emerging tech, Brunei is using targeted, lighter-weight instruments: AITI has issued a Guide on AI Governance and Ethics, voluntary guidance for organisations developing/using AI. Cloud and infrastructure policy signals include government workstreams such as ‘Developing Sovereign Cloud Policy’ in the Digital Brunei transformation materials, while UNN markets locally hosted cloud as compliant with data-residency requirements. International connectivity is supported by subsea diversity. UNN states it is the consortium owner of SEA-ME-WE 3, AAG, and SJC, and that interconnection is via Borneo-IX, powered by DE-CIX.

Consult Brunei’s digital strategies and regulations

Ask the Diplo chatbot everything you want about digital strategies and regulations in the country ⬇️

Brunei’s permanent mission to the UN:

Brunei’s Permanent Mission in Geneva represents the country to the UN Office at Geneva (UNOG) and other international organisations based there, and is listed in UNOG’s official Blue Book directory. The UN listing identifies the Mission’s National Day as 23 February and names H.E. Ms Dk Mazlizah Pg Hj Mahalee as Permanent Representative, while the mission’s official UN page provides its Geneva contact details and location at the International Centre Cointrin (ICC).

Official UN website: https://www.ungeneva.org/en/blue-book/missions/member-states/brunei-darussalam

Follow Brunei’s digital submarine cables

Digital Snapshot – Key Policies and Laws

In Bulgaria, digital governance is often discussed through the lens of trust and resilience, shaped mainly by the 2019 National Revenue Agency (NRA) data breach, when unauthorised access led to the online spread of extracted taxpayer data affecting millions (NRA stated ~5.1 million people), a defining stress test for state data stewardship and incident response.

Institutionally, Bulgaria has sought to reduce fragmentation by creating a dedicated Ministry of e-Government and consolidating responsibilities previously split across bodies and ministries. Such centralisation is reflected in the EU’s Digital Public Administration factsheet 2022, a key governance reform intended to strengthen coordination and delivery.

Concerning cybersecurity, Bulgaria’s most recent headline shift is legislative: Parliament adopted major Cybersecurity Act amendments on 5 February 2026 to align with NIS2, expanding regulated sectors and strengthening obligations and supervisory powers, an important compliance and enforcement upgrade for both public and private operators.

On AI governance, Bulgaria’s main national policy anchor is the Concept for the Development of AI in Bulgaria until 2030, approved in December 2020, complemented by EU-wide rules (AI Act) and domestic oversight via existing regulators and governance bodies. The EU AI Watch summarises Bulgaria’s strategy, which focuses on infrastructure and data, skills, adoption, and trust.

Bulgaria’s AI Act watchdogs step in

Rights on the algorithm: On 18 June 2025, Bulgaria’s Council of Ministers adopted a decision, reported as Decision No. 398, designating seven national bodies to help safeguard fundamental rights under the EU AI Act, including the right to non-discrimination. Under Article 77, these bodies can request and access relevant documentation about high-risk AI systems when needed to carry out their mandates, an important bridge between ‘AI compliance’ on paper and real-world oversight. The move matters because it signals that AI governance is not only about innovation policy, but also about protecting people who may be disproportionately affected by automated decision-making (for example, in services, employment, education, or policing). At the same time, broader effectiveness will depend on how clearly responsibilities are divided, how well these bodies are resourced, and whether their findings inform enforcement and remedies as AI systems scale across the economy.

Digital infrastructure is a regional strength: the EU’s Digital Decade 2025 profile notes that Bulgaria has a well-developed connectivity infrastructure, while flagging challenges in skills, SME uptake, and cybersecurity. Interconnection is concentrated in Sofia. BIX.BG reports operations across 10+ data centres and publishes traffic stats, while internationally, the Kardesa Black Sea submarine cable plan would add route diversity with a first landing in Bulgaria planned for 2027.

On the ‘rules + platforms’ layer, Bulgaria’s data protection regime is GDPR-based with enforcement by the Commission for Personal Data Protection (CPDP) under the national Personal Data Protection Act; open data is delivered via data.egov.bg and tracked in the EU Open Data Maturity reporting; and the Electronic Commerce Act provides the domestic legal frame for online services, alongside the EU consumer and platform rules, where the Commission issued a reasoned opinion citing gaps in Bulgaria’s DSA enforcement setup.

Related news on dig.watch

• New UK–Bulgaria partnership boosts semiconductor innovation
• EU moves forward with Bulgaria payment review
• Bulgaria eyes AI gigafactory partnership with IBM
• Bulgaria to replace tickets with biometric access system ‘Rock’
• Evrotrust’s eID program becomes Bulgaria’s official digital identity system and plans to expand
• Advocate General of the EU Court of Justice provides opinion on case of data breach by Bulgaria’s NAP

Bulgaria’s permanent mission to the UN:

Bulgaria’s Permanent Mission in Geneva represents the country at the UN Office at Geneva and other international organizations based there, supporting Bulgaria’s positions in multilateral diplomacy across areas such as human rights, humanitarian affairs, health, migration, trade-related work, and international standard-setting. The mission is listed in UN Geneva’s official ‘Blue Book,’ including its Geneva address and contact details, and is headed by a Permanent Representative accredited to UN Geneva.

Official UNOG website: https://www.ungeneva.org/en/blue-book/missions/member-states/bulgaria

Official website (MFA page): https://www.mfa.bg/en/embassies/switzerlandpr

Facebook page

Consult Bulgaria’s AI and digital strategies and regulations

Follow Bulgaria’s digital submarine cables

Digital Snapshot – Key Policies and Laws

Japan’s digital governance is anchored in a relatively strong public-sector digital baseline: it ranks 13th of 193 in the UN E-Government Development Index and 2nd in the E-Participation Index, suggesting comparatively mature online public services and citizen-facing digital channels. A central instrument is the Cabinet-approved Priority Plan for the Advancement of a Digital Society, which sets cross-government implementation priorities under Japan’s digital-society framework.

On the economic side, Japan’s e-commerce market is large and regularly measured: METI estimates B2C e-commerce at ¥26.1 trillion and B2B e-commerce at ¥514.4 trillion, with an estimated C2C market of ~¥2.53 trillion. Platform governance is partly handled through a designated ‘co-regulation’ approach under the Act on Improving Transparency and Fairness of Specified Digital Platforms (in force since 2021), requiring disclosures and self-assessment for designated large platforms.

Cybersecurity and emerging tech governance combine national strategy with a newer ‘proactive’ posture and business guidance: Japan’s official Cybersecurity Strategy emphasises a whole-of-nation approach and public–private collaboration, while reporting in 2025 described an Active Cyberdefence Law that expanded the government’s operational posture. 

Japan goes from ‘passive’ to ‘Active Cyber Defence Law‘

In 2025, Japan switched to ’active’ cyber defence, moving from passive security to proactive threat neutralisation. Anchored in the new Active Cyber Defence Law and coordinated through the National Cybersecurity Office, this strategy reflects a decisive break from Japan’s traditionally restrained posture. Escalating cyberattack campaigns and state-backed espionage drive it, and it includes measures such as hardening critical infrastructure, expanding real-time intelligence sharing between government and industry, and cultivating international alliances. At the same time, Japan is tackling severe workforce shortages by investing in specialised training programs and cyber talent pipelines, recognising that skilled human capital is as vital as technology in sustaining resilience.

For connectivity and critical infrastructure, MIC has published the Digital Infrastructure Development Plan 2030, which explicitly groups fibre, 5G, data centres, and submarine cables and sets targets, such as raising 5G population coverage from 98.1% (FY2023) to 99% by FY2030. Subsea connectivity is a strategic dependency for Japan as a regional hub, and the Submarine Cable Map is a standard reference for systems and landing stations.

Consult Japan’s AI and digital strategies and regulations

Ask the Diplo chatbot everything you want about digital strategies and regulations in the country ⬇️

Data protection is centred on the Act on the Protection of Personal Information and is supervised by the Personal Information Protection Commission (PPC), which publishes the consolidated APPI text and related legal instruments. In parallel, Japan’s data policy direction is guided by the National Data Strategy, hosted by the Digital Agency, which references the Comprehensive Data Strategy (June 2021).

Cloud adoption in government is structured around the Digital Agency’s Government Cloud initiative and the ISMAP assurance scheme for cloud procurement, and AI governance is increasingly formalised through the AI Act, effective Sept 2025, plus AI Guidelines for Business.

The IGF 2023 in Kyoto

The Government of Japan hosted the 18th annual Internet Governance Forum (IGF) in Kyoto from 8 to 12 October under the overarching theme, ‘The Internet We Want – Empowering All People’. The programme was developed under the following sub-themes: Sustainability and environment; AI and emerging technologies; Avoiding internet fragmentation; Cybersecurity, cybercrime and online safety; Data governance and trust; Digital divides and inclusion; Global digital governance and cooperation; Human rights and freedoms.

Japan’s permanent mission to the UN:

The Permanent Mission of Japan in Geneva represents Japan’s positions across roughly 30 Geneva-based international organisations, including UN bodies and other institutions. It serves as Japan’s platform for multilateral diplomacy in Geneva, covering portfolios such as human rights, humanitarian affairs, trade-related issues, and other thematic work conducted in that ecosystem.

Official UN website: https://www.ungeneva.org/en/blue-book/missions/member-states/japan

Related news on dig.watch

• Japan and the UK expand cybersecurity cooperation
• Japan arrests suspect over AI deepfake pornography
• ChatGPT achieves perfect scores in Japanese university exams
• Japan and ASEAN agree to boost AI collaboration
• Japan to boost spending on semiconductors and AI

Follow Japan’s digital submarine cables

São Tomé and Príncipe, an archipelago in the Gulf of Guinea, has been actively advancing its digital landscape to foster economic growth and improve public services. As of January 2024, the country reported an internet penetration rate of 57%, with approximately 133,400 users, and about 63,100 social media users, accounting for 26.9% of the population.

The government has initiated the ‘Digital São Tomé and Príncipe Project,’ supported by the World Bank, aiming to enhance telecommunications services and strengthen data governance. Additionally, the ‘National Strategy for Digital Governance’ seeks to align public policies across sectors to improve digital public services. Furthermore, the government is formulating a National Cybersecurity Strategy and Action Plan to safeguard its digital infrastructure and data.

In education, partnerships with organisations like UNICEF have led to the development of digital learning platforms, such as the ‘Learning Passport,’ integrating technology into classrooms and promoting digital literacy among students.

To bolster connectivity, the country connected to the Africa Coast to Europe (ACE) submarine cable in 2012, significantly enhancing internet access and reducing costs.

Consult Sao Tome and Principe’s digital strategies and regulations

Follow Sao Tome and Principe’s digital submarine cables

Egypt’s digital profile reflects rapid transformation driven by infrastructure investment, regulatory modernisation, and strategic regional positioning. The country hosts over 10 submarine cable landing stations and carries nearly 30% of global internet traffic through its Mediterranean-Red Sea corridor, making it one of the most critical internet transit hubs worldwide. With 5G rollout underway and broadband speed improvements, the ICT sector grew by 14.4% in 2023–24, contributing over 5% to GDP—placing Egypt among the fastest-growing digital economies in Africa and the Arab world.

Digital transformation is anchored in the ‘Digital Egypt’ initiative and ICT 2030 strategy, which have connected more than 33,000 public institutions and digitised essential services through a national e‑government platform. The country has enacted comprehensive legislation, including the Personal Data Protection Law (2020) and the Cybercrime Law (2018), aligning with global norms. Notably, Egypt has become a leader in fintech growth in emerging markets, with services like InstaPay and Meeza accelerating financial inclusion and mobile wallet adoption across socioeconomic segments.

Emerging technologies are gaining traction through national AI and blockchain strategies, deep‑tech venture studios, and talent pipelines like the Digital Egypt Builders program. Egypt ranks among global leaders in AI workforce reskilling, with 85% of employers upskilling in generative AI and automation. With rising tech startup activity, expanding digital infrastructure, and a strong regional role in data transit, Egypt is positioning itself as a digital innovation hub for Africa and the Middle East.

Consult Egypt’s AI and digital strategies and regulations

Follow Egypt’s digital submarine cables

Ecuador’s digital landscape is marked by steady growth, regional leadership in ethics-driven innovation, and ongoing efforts to close structural gaps in connectivity and capacity. The country has made significant strides in expanding its digital infrastructure, with major investments in submarine cable systems such as the Mistral, PCCS, and the upcoming CSN-1, enhancing international bandwidth and regional integration. Domestically, initiatives under the National Broadband Plan aim to improve fixed and mobile access, especially in underserved rural areas, while the presence of IXPs and data centers continues to strengthen Ecuador’s internet resilience. Despite logistical and postal delivery challenges, the e-commerce sector has grown rapidly, projected to reach nearly US $3.9 billion by 2025, with a strong mobile-first consumer base and increasing diversification of product categories.

On the regulatory front, Ecuador has demonstrated leadership in digital governance. The 2021 Organic Law on the Protection of Personal Data (LOPDP) established a GDPR-inspired framework for data privacy, giving individuals clear rights and imposing strong compliance obligations on organisations. Although enforcement mechanisms and the Data Protection Authority are still being operationalised, international collaboration with entities like the Council of Europe and UNESCO is helping to shape implementation and alignment with global standards.

Ecuador’s position in the Latin American AI landscape is especially notable for its ethics-first approach. It was the first country in the region to adopt a public-sector AI Code of Ethics and among the first to pilot UNESCO’s Readiness Assessment Methodology. While actual AI adoption remains low across most businesses—primarily limited to basic marketing tasks—national efforts are focusing on capacity-building, talent development, and safe AI ecosystem design, supported by academic institutions and international organisations.

Consult Ecuador’s AI and digital strategies and regulations

Follow Ecuador’s digital submarine cables