OrganisationGB

Hogan Lovells

Global law firm with one of Europe's largest EU regulatory practices; advises on Brussels digital law.

Last refreshed: 17 May 2026 · Appears in 1 active topic

Key Question

What do Hogan Lovells' clients need to do to comply with the EU's Cyber Resilience Act?

Timeline for Hogan Lovells

#53 Mar

CRA draft pins open-source liability on publishers

European Tech Sovereignty

View full timeline →

Follow European Tech Sovereignty →

Common Questions

What does Hogan Lovells do in Brussels?: Hogan Lovells operates one of Europe's largest EU regulatory practices from Brussels, advising multinationals on compliance with EU digital legislation including the AI Act, GDPR, DSA, and the Cyber Resilience Act.Source: hoganlovells.com
Which law firms advise on EU AI Act compliance?: Several large international firms advise on EU AI Act compliance, including Hogan Lovells, Linklaters, and Bird & Bird. Hogan Lovells is particularly active on Brussels digital regulation and published analysis on the CRA open-source liability consultation.Source: event
Is Hogan Lovells a US or European law firm?: Hogan Lovells was formed by the 2010 merger of Washington DC-based Hogan & Hartson and London-based Lovells. It is a transatlantic firm with roughly equal strength in the US and Europe, operating around 50 offices worldwide.Source: hoganlovells.com

Background

Hogan Lovells is an international law firm formed by the 2010 merger of Hogan & Hartson (Washington DC) and Lovells (London). It operates approximately 50 offices across Europe, the Americas, Asia, and the Middle East with over 2,700 lawyers. Its Brussels office runs one of the largest EU regulatory practices in the city, advising multinational corporations on competition law, data protection, digital regulation, and EU institutional affairs. In 2026, Hogan Lovells provided legal analysis of the Cyber Resilience Act's open-source liability provisions and was engaged by software industry clients navigating the CRA's guidance on publisher liability .

The firm's EU regulatory practice spans DMA compliance (gatekeeper obligations, interoperability requirements), AI Act conformity preparation, GDPR enforcement response, and data-governance strategies for financial institutions subject to DORA. Hogan Lovells lawyers have served as external counsel in major DMA and GDPR enforcement proceedings and regularly appear in European Commission advisory groups as industry representatives.

Hogan Lovells' significance in the European tech sovereignty context is as a transmission mechanism between regulatory intent and commercial implementation: when the Commission publishes guidance on open-source liability, AI Act conformity, or CAIDA procurement requirements, it is law firms like Hogan Lovells that translate those rules into actionable compliance programmes for the European enterprise market. The firm's public briefings on CRA and AI Act provisions are widely circulated among Brussels policy professionals as practical interpretations of legislation still being developed.

Source Material

Hogan Lovells — Wikipedia Hogan Lovells Brussels office

How the World Sees Them

European Commission

Engages with Hogan Lovells lawyers in formal advisory consultations; the firm is simultaneously a regulatory interlocutor and a commercial advocate for clients subject to Commission enforcement.

Open-source community

Concerned that Hogan Lovells' CRA guidance frames open-source liability risks in ways that favour commercial software vendors and large foundation models over volunteer maintainers.

Tech industry clients

Relies on Hogan Lovells for CRA and AI Act compliance roadmaps; firms value its dual Washington-Brussels presence for navigating US-EU regulatory tensions simultaneously.

Financial institutions

Major users of Hogan Lovells for DORA and GDPR compliance, particularly cross-border financial groups that need a single firm across EU member states and the UK post-Brexit.