Introduction
As the space domain becomes increasingly congested, contested, and commercially significant, the European Union has recognised the urgent need to establish coherent regulatory mechanisms. The newly proposed EU Space Act seeks to harmonise fragmented national regimes, address emerging threats to space security and sustainability, and support technological innovation within a competitive, rules-based framework. While space law has traditionally relied on the Outer Space Treaty of 1967 and related multilateral agreements, the evolving challenges posed by space traffic management, orbital debris, and the increasing militarization and commercial use of space demand new legal and diplomatic tools. In this context, the European Union’s (EU) ongoing efforts to regulate outer space through a transboundary framework that transcends national jurisdictions represent a watershed moment in the evolution of space governance. This initiative matches the EU’s pioneering work in cyberspace governance, particularly through its Cyber Diplomacy Toolbox, which since 2017 has been instrumental in applying international law and coordinated policy action in the digital domain. By examining the successes and structure of the Cyber Diplomacy Toolbox, valuable lessons emerge for shaping effective space diplomacy frameworks that uphold international law while fostering digital sovereignty and resilience.
The European Cybersecurity Policy and the Cyber Diplomacy Toolbox
European cybersecurity policy has, over the past decade, evolved into a comprehensive, multi-layered framework aimed at ensuring the security, stability, and resilience of digital infrastructures and the broader cyberspace environment. The EU’s approach culminated in the introduction of the Cyber Diplomacy Toolbox in 2017, formally adopted by the Council of the European Union through conclusions in June 2017 and further updated in 2022. This toolbox serves as a diplomatic instrument designed to coordinate an EU response to malicious cyber activities attributed to foreign actors.
Derived from the EU Global Strategy of 2016, the toolbox operationalizes the EU’s commitment to safeguarding its digital domain, projecting norms of responsible state behaviour in cyberspace, and promoting the application of international law. It encompasses diplomatic, political, and economic measures, including sanctions, that the EU can deploy in response to cyberattacks or cyber-enabled threats against its member states or critical infrastructure.
The Cyber Diplomacy Toolbox is both a policy instrument and a framework embodying the EU’s understanding of cyberspace as a domain where sovereignty and cooperation intersect. It reflects the recognition that cybersecurity challenges cannot be effectively addressed by unilateral action but require coordinated international responses anchored in respect for international law. It builds on earlier strategic documents, such as the 2013 EU Cybersecurity Strategy, the Network and Information Security Directive (NIS Directive) of 2016, and the establishment of the European Union Agency for Cybersecurity (ENISA).
Importantly, the toolbox underpins the EU’s broader cybersecurity architecture, which includes, among numerous other instruments, the European Cybersecurity Act (2019) and the EU Cybersecurity Strategy for the Digital Decade (2020), strengthening operational readiness, incident response, and cross-border cooperation. The EU’s cyber diplomacy efforts have effectively created a platform for dialogue, coordination, and policy coherence among member states and with international partners, enabling the bloc to assert its digital sovereignty and technological autonomy in an increasingly contested digital environment.
The Cyber Diplomacy Toolbox as a Model for Space Diplomacy
The Cyber Diplomacy Toolbox stands out as a practical example of how international law and diplomacy can be harnessed to address emerging technological challenges while preserving security and stability. Its success lies in its comprehensive nature, combining diplomatic engagement, normative leadership, and targeted sanctions as tools of statecraft in cyberspace. This approach balances deterrence and dialogue, reflecting an understanding that complex global challenges require multifaceted, multilateral solutions.
Given the parallels between the challenges faced in cyberspace and those emerging in outer space—both domains being critical infrastructures that transcend national boundaries—the Cyber Diplomacy Toolbox offers valuable insights for the development of a space diplomacy framework. The EU’s emphasis on technological sovereignty, operational resilience, and legal normativity can be adapted to space governance to foster safer, more sustainable space activities.
The ongoing proliferation of satellites and space traffic intensifies the risk of collisions and the generation of orbital debris, threatening the long-term sustainability of space as a global commons. Unlike cyberspace, where governance frameworks and enforcement mechanisms have begun to take shape, outer space governance remains fragmented and underdeveloped, lacking robust space traffic management systems or universally binding rules to regulate satellite operations and debris mitigation.
In this context, the EU’s move to codify space governance through the European Space Act signals a strategic step toward filling this governance gap, much as its cyber diplomacy framework filled a void in digital governance. By drawing from the toolbox’s diplomatic methods and normative principles, space diplomacy can evolve to address issues of state responsibility, transparency, and the application of international law, particularly the Outer Space Treaty’s principles on due regard and the prevention of harmful contamination.
The European Space Act: A Timely Legislative Initiative
The European Space Act was formally proposed on June 25th, 2025. This legislation is vital not only for establishing a legal framework governing space activities within the EU but also for reinforcing the Union’s digital and technological sovereignty. In her letter of intent dated 13 September 2023 to the European Parliament and the Council Presidency, Commission President Ursula von der Leyen identified the Space Act as a key initiative for 2024. The Commission Work Programme 2024, published in October 2023, originally anticipated adoption in early 2024 and led to a successful conclusion in late June 2025. The EU Space Act represents the culmination of these sustained efforts. It establishes a harmonised legal framework for space activities across the Union, addressing safety, cybersecurity resilience, and environmental sustainability while fostering competitiveness. Applicable to EU and non-EU operators, it reduces regulatory fragmentation and supports innovation, particularly for start-ups, SMEs, and emerging technologies.
This legislative effort initiative aims to set comprehensive rules on space traffic management, ensuring the safety, security, and sustainability of critical space infrastructure across the EU. Since 2019, the Commission has underscored the need for such legislation, notably in its Joint Communications on Space Traffic Management (2022) and on the EU Space Strategy for Security and Defence (2023). These documents emphasize the importance of imposing obligations on satellite operators to mitigate space debris and enhance resilience.
Most recently, at the Transport, Telecommunications, and Energy Council meeting on 6 June 2025, EU ministers adopted the EU Blueprint for Cyber Crisis Management, a complementary, critical step toward advancing Europe’s cybersecurity resilience. Ministers also endorsed conclusions on reliable and resilient connectivity, highlighting satellite infrastructure as vital for strategic autonomy and communication security. This convergence of initiatives reflects the EU’s broader commitment to digital sovereignty. The European Space Act, much like the EU’s cybersecurity policies such as NIS2 and the 24/7 network, will be instrumental in ensuring coherent governance and sustainable development of space activities within the Union and by individual EU states.
By institutionalizing norms for space traffic management and resilience, the European Space Act represents a significant step toward digital sovereignty analogous to the EU’s cyber efforts. Just as the cybersecurity policy framework, including the Network and Information Security Directive (NIS2) and the establishment of a 24/7 cybersecurity network, which enabled greater autonomy and protection for digital infrastructure, the Space Act is likely to further advance EU’s capacity to conduct space activities coherently and sustainably.
Cyber Sovereignty and Sustainability in Digital and Space Domains
The intersection of cyber sovereignty and sustainability in both the digital and space domains constitutes a critical theme for contemporary governance. Cyber sovereignty refers to a state’s assertion of authority over cyberspace within its territorial jurisdiction, extending traditional notions of sovereignty to the digital environment. This concept has evolved in response to the growing centrality of the internet and digital infrastructure to governmental functions, critical infrastructure, and societal well-being.
Initially concerned with regulation of digital trade, data protection, and intellectual property, cyber sovereignty has expanded to include technical and operational controls over telecommunications networks, exemplified by the tightly regulated 5G rollout in Europe and beyond. The assertion of cyber sovereignty entails not only legal measures but also technical controls to secure digital infrastructure from external interference or dependency risks.
Similarly, space infrastructure—including satellite constellations such as SpaceX’s Starlink—has become strategically vital for communications, navigation, and defense. Space-faring nations now compete to deploy and control these assets to secure their digital sovereignty, which in turn depends on the sustainability of orbital environments. The projected increase from approximately 6,000 satellites in 2024 to an estimated 60,000 by 2030 poses unprecedented challenges to space traffic management, situational awareness, and orbital debris mitigation.
The legal framework for outer space, notably the Outer Space Treaty (OST) of 1967, includes principles such as due regard for other states’ activities and the obligation to prevent harmful contamination of space. These principles, reinforced by non-binding guidelines like the Long-Term Sustainability (LTS) guidelines and space debris mitigation guidelines, provide a normative foundation but lack enforcement mechanisms. The International Telecommunication Union (ITU) plays a critical role in coordinating frequency allocations and orbital slots, yet effective compliance depends on national authorities, particularly the most active space actors.
Consequently, the interplay between cyber sovereignty and orbital sustainability underscores the necessity for a comprehensive legal and diplomatic framework. The EU’s approach to cyber governance, grounded in respect for international law, coordinated diplomacy, and technological autonomy, offers a useful template. The emerging space diplomacy toolbox can similarly promote norms, transparency, and cooperation, mitigating risks of fragmentation and conflict in orbit.
Conclusion
Europe has been a global leader in setting rules for cyberspace, and now it has a chance to do the same for outer space. Its experience in cyber diplomacy, especially with the Cyber Diplomacy Toolbox, shows how countries can work together through shared laws and strategies. The new European Space Act offers a way to bring that same approach to space, ensuring cooperation, legal clarity, and control over new technologies.
The multifaceted challenges associated with space traffic management, the mitigation of orbital debris, and the intensifying strategic competition in space necessitate innovative and forward-looking legal instruments. These instruments must strike a careful balance between the assertion of state sovereignty and the imperative of collective responsibility for the sustainable use of outer space. The timeliness of this legislative initiative, as highlighted by recent declarations from European Commission leadership and ongoing preparatory work, positions the EU to assume a leadership role in shaping a comprehensive, coherent, and sustainable governance regime for outer space.
By drawing upon its experience in cyber diplomacy, the EU can effectively bridge the gap between existing international legal frameworks and emergent technological realities, promoting peace, security, and sustainability in this critical global domain.
