2025: A Turning Point for Space Activity Regulation

New Legal Frameworks in Italy and EU

The year 2025 marks a significant turning point for the regulation and governance of space activities. In this year, Italy adopts its first comprehensive space law, while the European Union introduces a proposed regulation aimed at harmonising the sector’s regulatory framework at a continental level.

Italian Space Law No. 89/2025

Law no. 89/2025, published in the Official Gazette on 24 June and entering into force on 25 June 2025 (the “Space Law”), introduces the first comprehensive regulatory framework for space activities in Italy. The legislation aims to regulate access to outer space by public and private entities, promoting safety, competitiveness, and technological innovation.

a) Scope and Definitions

The Space Law applies to:

• space activities conducted by operators of any nationality within Italian territory;
• activities conducted abroad by Italian operators (Art. 3).

Exemptions are provided for the Italian Ministry of Defense and security organizations (Art. 28).

b) Authorizations and Requirements

Space activities are subject to authorization by the competent Authority (the President of the Council of Ministers or the political Authority delegated to space and aerospace policies), following the opinion from the Italian Space Agency (Artt. 4 and 7). The authorisation requires:

• technical suitability and environmental sustainability (Art. 5);
• professional and financial requirements, with simplified procedures for SMEs and start-ups (Art. 6);
• mandatory insurance coverage or equivalent guarantee (Art. 21).

Grounds for suspension, modification, or revocation of the authorisation are provided in cases of violations or significant changes.

c) Liability and Insurance

The space operator is liable for damages caused to third parties by space activities (Art. 18).
Insurance coverage is mandatory, with a maximum limit of up to €100 million (which can be reduced to €50 million or €20 million for low-risk activities or those conducted by start-ups) (Art. 21).
Direct action by the injured party against the insurer is also provided for.

d) Development of the Space Economy

The Space Law introduces mechanisms to support the measures to support the sector:

• a National Plan for the Space Economy, updated every two years and with a duration of at least five years (Art. 22);
• a €35 million fund for 2025, aimed at financing innovative projects and public-private partnerships (Art. 23).
• As highlighted in the Explanatory Report of 28 February 2025 accompanying the Space Law, conducting missions in the outer space environment allows access to an operational context that cannot be replicated on Earth, characterised by microgravity conditions. This environment offers unique opportunities for the collection of scientific and experimental data, with significant impact, by way of example and not limitation, on the following areas:
• Data governance;
• Management of systems and technologies used (e.g., Artificial Intelligence);
• Data retention and information utilization.

e) Sanctions

• Administrative sanctions up to 500,000 euros for obstructing supervision activities (Art. 12);
• Criminal sanctions up to 6 years of imprisonment for unauthorized activities (Art. 12(3)).

EU Space Act: The First Step Towards a European Regulatory Framework for Space Activities

On 25 June 2025, the European Commission presented the proposal for Regulation COM(2025) 335 (“EU Space Act”), concerning space activities within the European Union. The objective is to create a coherent European regulatory framework capable of ensuring the safety, sustainability, and resilience of space activities while fostering the competitiveness of the European space industry in the global context.

a) Purpose and Scope

The EU Space Act defines the scope of the European Union’s intervention from the outset: it regulates the authorisation, registration, and supervision of space activities within the EU, promotes the free movement of space services and data, and introduces common definitions, such as that of a “space operator.” The EU Space Act will apply to:

• operators established in the EU or active in the European market (Art. 2(1));
• space objects in orbit, including infrastructure, services, and debris (Art. 2(2)).

It is also clarified that the proposal does not prejudice national competences in matters of security (Art. 4).

b) Authorisation System

A cornerstone of the proposed regulation is the introduction of an authorisation system for space activities conducted within the European Union. Chapter I of Title II (Artt. 6-10) sets out the general conditions for obtaining authorisation, which is granted by national competent authorities for private operators and by the European Union Agency for the Space Programme (EUSPA) for activities involving Union assets (Artt. 11-13).

Once authorisation is obtained, the operator is registered in the Union Registry of Space Objects (URSO) (Art. 12) and receives an electronic certificate (e-certificate) attesting to compliance (Recital 46), thereby facilitating the free provision of space services across the Union.

c) Safety, Resilience, Sustainability

The regulatory dispositions are based on three pillars:

• Safety: obligations for tracking and notifications regarding manoeuvres and launches (Artt. 58-64, 102-103) and measures to reduce debris and ensure the safe re-entry of satellites at the end of their lifecycle (Artt. 60, 62, 64).
• Resilience: cybersecurity and risk management requirements applicable throughout the lifecycle of space infrastructure (Artt. 75-95), including obligations on incident response, encryption, and business continuity.
• Sustainability: mandatory calculation of the environmental footprint (Artt. 96-100) and the requirement for a mandatory certificate (Art. 98) to obtain the aforementioned authorisations.

c1) Focus: Space and Cybersecurity

One of the most innovative aspects of the EU Space Act is the introduction of specific rules for the cybersecurity of space infrastructure, complementing and integrating the framework established by NIS2. The regulation requires space operators to adopt risk management measures for both cyber and physical threats, proportionate to the mission, orbit, and type of technology employed.

Operators are required to implement:

• cybersecurity policies covering the entire mission lifecycle (Art. 79);
• incident response plans (Art. 83);
• cryptographic protection measures (Art. 85);
• backup systems (Art. 86).

The creation of the EUSRN – EU Space Resilience Network (Art. 94) is also envisaged to strengthen cooperation between national authorities and EUSPA in managing significant cyber incidents. The aim is to ensure the resilience of space services, which are now considered essential for the economic, environmental, and digital security of the Union.

d) Sanctions

Although the EU Space Act does not directly regulate sanctions, it requires Member States to establish effective, proportionate, and dissuasive sanctioning measures (Art. 31). National competent authorities, designated under Artt. 28-29, will have powers of supervision, inspection, and corrective intervention.

e) Legislative Process

The proposal is now under review by the European Parliament and the Council under the ordinary legislative procedure (Art. 294 TFEU). Once adopted, the EU Space Act will be directly applicable in all Member States, marking a significant step towards coordinated and uniform European space governance.