On June 20th, 2025, the European Commission quietly released a draft regulation that is one of the most geopolitically consequential documents of the year. Titled the EU Space Act, it mandates new cybersecurity, resilience, and environmental standards for all space systems operating within the Union. On the surface, it appears to be another Brussels regulation, dense, technical, and bureaucratic. However, underneath, it marks something more profound: a declaration of European orbital sovereignty.

At a time when China is testing satellite inspection vehicles with dual-use capability, Russia has reportedly targeted commercial systems during wartime operations, and the United States is hardening its commercial space architecture with military support, the EU has chosen a different route. Its battlefield isn’t kinetic. It is normative. The Space Act focuses on deterrence through resilience and regulatory reach.

This shift is not merely technocratic. The regulation explicitly ties space infrastructure to the EU’s strategic autonomy, elevating what was once industrial policy into the realm of geopolitical posture. The EU is asserting that it will not be a passive consumer of allied space systems; it will be a sovereign arbiter of what safe, sustainable, and secure space operations look like.

Unlike the United States, where commercial innovation often outpaces federal regulation, the EU is reversing this trend. It is declaring that participation in the European space economy must conform to its standards, whether a satellite is built in Bremen or California. This puts pressure not only on European operators but also on foreign companies, such as SpaceX or Amazon Kuiper, and even on European-owned operators like Eutelsat OneWeb, which, despite being a French/UK company, must still demonstrate compliance to access the EU market.

It raises new points of friction across NATO’s transatlantic security architecture. If American military operations increasingly rely on commercial constellations that do not meet European cybersecurity requirements, how interoperable are they in a crisis? If dual-use platforms are governed by conflicting doctrines of resilience and retaliation, where does alliance strategy converge, or diverge?

In this article, I explore how the EU Space Act signals a broader evolution in European strategic thinking. It is not a move toward military dominance in orbit. It is something potentially more influential: the codification of resilience as a posture. Just as the EU used GDPR to become a global data regulator without owning a single cloud hyperscaler, it now seeks to shape the future of orbital governance without launching a single military satellite.

The question isn’t whether the EU can set the rules; the question is whether it can enforce them, and whether its allies are prepared to follow them.

Europe’s Space Strategy by Other Means

While the EU’s methods may seem conventional, their implications are profoundly strategic. By embedding principles of resilience, cyber integrity, and debris mitigation into enforceable law, the EU is crafting a uniquely civilian-led model of space deterrence. While the U.S. prioritises threat-driven defence acquisitions and dual-use partnerships with commercial providers, the EU is positioning regulatory compliance as the foundation of security in orbit.

At its core, the Space Act is not just about what satellites and other space assets can do, but about how they are built, deployed, and maintained over time. Operators must now demonstrate not only mission effectiveness but also environmental sustainability, cybersecurity assurance, and post-mission disposal plans. These requirements apply across the board, regardless of ownership, nationality, or use case. As a result, the regulation creates a normative border in orbit, where compliance becomes a de facto passport to the European market.

This shift reframes Europe’s strategic position. The EU may never field its own constellation of missile warning satellites or offensive jamming platforms. But by setting the standards for what constitutes acceptable behaviour in space, it gains leverage over a domain previously dominated by hardware and velocity. Power in orbit, under this model, accrues not only to those who launch but to those who license.

The NATO Implications of Orbital Regulation

For NATO, the emergence of a European-led regulatory paradigm presents both operational and philosophical challenges. NATO’s own Space Policy, formalised in 2019 and further refined in its 2022 Strategic Concept, acknowledges space as an operational domain and affirms the alliance’s commitment to deterrence and defence. But it remains largely dependent on national assets, particularly those of the United States, and on commercial capabilities that are governed outside NATO’s direct authority.

If the EU Space Act begins to influence or constrain which satellites can operate in European airspace or contribute to NATO missions, a fault line could emerge. Diverging compliance regimes may mean that a satellite deemed “mission critical” by a U.S. combatant command is considered non-compliant by EU cybersecurity standards. In a high-pressure crisis, such as a cyberattack on a satellite node or a kinetic strike on ground stations, this friction could slow down allied coordination or introduce legal ambiguity around command authority and liability.

Moreover, the EU’s normative assertiveness could challenge NATO’s consensus-based governance model. While all NATO members agree on the value of resilience, they may not agree on who gets to define it. Smaller European states may welcome the Space Act as a security guarantee; others, especially those with close industrial ties to U.S. firms, may view it as regulatory overreach.

This is not an argument against European ambition. In fact, NATO has long advocated for burden-sharing and capability development among its members. However, it does raise a crucial question: Can the alliance maintain cohesion in orbit when its regulatory baselines begin to diverge?

That question is no longer theoretical. It is emerging in policy briefs, commercial compliance reviews, and closed-door summits. As the EU codifies resilience and the U.S. prioritises responsiveness, NATO must find a way to translate these two logics into a shared strategic grammar.

Commercial Constellations in the Crosshairs

The EU’s regulatory turn not only affects allies. It also creates a new gravitational centre in the global commercial space market. While the most immediate impact is on operators of large LEO constellations, the Space Act presents a critical decision point for all current and future satellite providers: comply and adapt, or risk exclusion from Europe’s orbit.

For example, where the U.S. maintains voluntary security frameworks for commercial satellite operators, the EU Space Act mandates the use of encrypted uplink channels, complete lifecycle risk assessments, and verified end-of-life deorbiting protocols. In contrast, China’s approach remains centrally coordinated through state-linked commercial providers with opaque security governance.

This carries second-order effects. Dual-use systems that serve both commercial and military clients may be caught between compliance regimes, facing technical bifurcation or increased regulatory burden. A satellite constellation designed for U.S. Department of Defense integration may not be interoperable or even legally operable within the EU’s jurisdiction.

The result is the potential for a splintering of the global orbital marketplace. One track, led by the U.S., prioritising scale, responsiveness, and battlefield utility. Another, defined by Europe, centred on compliance, sustainability, and resilience. For firms caught in the middle, the question isn’t just where to launch, it’s whose rules to orbit by.

Imagine a scenario in which a NATO exercise in Eastern Europe relies on a commercial LEO constellation for real-time command and control. If one provider’s satellites are certified under U.S. DoD protocols but not EU resilience standards, could France or Germany block their use within EU airspace during peacetime? Could liability disputes arise if services are interrupted?

What remains unclear is how China and other non-aligned space powers will respond. Beijing’s rapidly growing commercial space sector, already entwined with military and state priorities, may view EU regulation as both a barrier and an opportunity. On the one hand, strict European standards could exclude Chinese firms from sensitive markets. Conversely, they could motivate China to promote an alternative regulatory ecosystem, partnering with states across Africa, Latin America, and Southeast Asia that favour looser compliance in exchange for investment.

This opens the door to a new form of orbital competition, not just in coverage or throughput, but in the very norms that define acceptable space behaviour. The EU Space Act may be Europe’s bet that it can lead that conversation, not with rockets, but with rules.

Norms as Deterrence, Regulation as Power

The EU Space Act is more than a regulatory framework. It is a strategic intervention, a normative doctrine encoded in law. In asserting orbital sovereignty through compliance, Europe is reframing deterrence away from confrontation and toward constraint. Rather than outspending or out-launching its rivals, the EU is opting to out-regulate them.

This approach carries risks, including fragmentation, duplication, and tension within alliances. But it also brings clarity. In a domain where ambiguity is often exploited by dual-use actors, grey-zone operations, and asymmetric threats, regulatory clarity can serve as a form of deterrence in its own right.

If successful, the Space Act may do for orbit what GDPR did for data: redraw the map of what is acceptable, who sets the terms, and how power is wielded. In doing so, it could make Europe not just a player in space, but a rulemaker.

That would be a profound shift, not just for satellite operators, but for how alliances think about security in the twenty-first century. In the long run, sovereignty in space may belong not to those who dominate the skies, but to those who define the standards of operation within them.

Key Takeaways

1. The EU Space Act asserts European orbital sovereignty through binding regulatory standards.
2. It introduces a model of deterrence based on compliance and resilience, not military dominance.
3. The regulation challenges transatlantic interoperability and exposes normative gaps within the NATO alliance.
4. Commercial operators may face a fragmented orbital marketplace, forced to navigate divergent compliance regimes.
5. China and other non-aligned powers may respond by building alternative regulatory ecosystems.
6. The future of space governance may hinge not on who builds the most satellites, but on who defines the rules governing them.