In December last year, we fetched our crystal ball and made some predictions on the legal trends that would impact the games industry in 2025.

As others start to take the first steps into 2026, we look back and see where we have been right (+) and where we have been wrong (-). Actually, it seems our predictions for 2025 were more accurate than in previous years – 2025 did not bring many surprises. Still, it was certainly not a boring year. We’ll also look into what 2026 will bring.

1. Artificial intelligence

What we predicted

We predicted more developments in copyright/AI litigation as well as more guidance from courts on how exactly companies must reserve their rights, such as whether this must be in the form of a robots.txt or another internet protocol, or whether plain text is sufficient. Our recommendation was not to rely on plain text only.

We also hoped to see more guidance from the EU’s AI Office on IP, along with guidance on AI and data protection.

Accuracy of prediction: (+++)

What happened

Maybe that’s not a modest start for this article, but these predictions were spot-on (okay, you might say that AI predictions were an easy win):

IP against AI: 1:1

In a case against OpenAI, the Regional Court of Munich ruled in favour of GEMA, Germany’s collective society for music. The Court held that ChatGPT’s model contained copies of the original works of GEMA’s members, which were reproduced and made available in response to simple prompts by users. Such reproductions amount to infringements of remunerable copyright, for which OpenAI must obtain a licence that provides the copyright holders with appropriate remuneration. There is no reason to assume that games-related IP should be treated differently.

As to AI training, the Higher Regional Court of Hamburg has confirmed it can be permissible under the so-called Text and Data Mining exception of EU copyright law. It also stated that an opt-out in plain text form was not a sufficient reservation of rights, as this is not considered ‘machine-readable’ (the technical term for opt-out is “rights reservation”). This ruling confirms: if games companies don’t want their IP being used for AI training, they should take care that they properly “opt out”.

On a more general level, the EU’s AI Office published its General Purpose AI Code of Practice to help businesses to comply with the AI Act legal obligations on safety, transparency and copyright of general-purpose AI models.

Behind the scenes, games companies struggled with reproductions of their most famous IP on image generators. The GEMA vs. OpenAI case should help this cause.

Data Protection against AI: 0:1

Training AI with publicly available data has also been held admissible under data protection law: the Higher Regional Court of Cologne ruled that how Meta used data on Facebook to train its AI complies was permissible. The court thereby rejected an application for an injunction filed by the Consumer Protection Association of North Rhine-Westphalia. The court held that Meta has a “legitimate interest” in developing its AI products that, in this specific context, outweighs user interests, provided users are transparently informed and given the opportunity to object (opt-out).

Internationally, however, different regulators worldwide evaluated the exact same practice, and did not come to the same conclusion as the Cologne court. In Brazil, the national data protection authority (ANPD) took strict action in July 2024, ordering an immediate halt to AI training using Brazilian user data. The authority rejected “legitimate interest” as a valid legal basis in this context, citing excessive risks to users’ fundamental rights. Similarly, there was significant regulatory pushback in Europe prior to the Cologne ruling: In June 2024, Meta was forced to pause its AI training plans in the EU and the United Kingdom following pressure from the Irish Data Protection Commission (DPC) and the UK’s ICO, both of which raised concerns regarding legality.

AI use in the games industry

While struggling with the use of their IP for the training of third-party AI, games companies were exploring how to best leverage GenAI for the creation of their own games. This often includes using AI coding assistants and image or asset generators.

On the subject of rights ownership, it is now widely known that AI generated content generally does not qualify for copyright protection. This means that at least key visuals should be human creations, not machine creations. Coding assistants seem to be used often, even though this might put a question mark on the protectability of the code. In case a company relying heavily on AI to create game assets or code is up for sale, this can cause issues: IP traditionally has been a key value driver for games M&A transactions – what if the ownership of IP is in question?

For testing new AI solutions, it is very convenient that some are now available via “AI marketplaces” under Open Source licenses and can be easily integrated into local clients and their user interfaces. The question to which extent the company integrating third-party AI into their own user interfaces is responsible under the AI Act is less simple.

Still, the impact of the AI Act on the games industry is limited so far. Transparency obligations are tricky to meet only in some circumstances (namely NPCs and in particular NPC bots filling up lobbies of competitive games). However, the European Commission vaguely mentions that AI integrated in games can even be prohibited in some cases. Amongst examples mentioned are games that are designed to be highly addictive, or exploiting the vulnerabilities inherent to children.

What will happen in 2026

Major studios will work on their own AI, and investigate how they can legally train it.

It will also be interesting to see what Meta and X will do: will they come up with a game built on this training? Elon Musk recently announced a ‘great’ AI-generated game by the end of 2026 on X. Let’s wait and see when it comes, how great it is, and how much it is “inspired” by older, great games. And then: let the legal battle begin.

Beyond that, new use cases for AI will continue to be explored. AI for better matchmaking, to fight toxicity, to assist age verification, to analyse gameplay and optimize the game experience, maybe even for personalised and dynamic pricing. For all of that, the AI Act (and other laws, such as the DSA and consumer laws) need to be observed. “AI-related regulation will accelerate, with new laws on deepfakes, in particular, meaning that studios will need more rigorous governance for AI-assisted content creation and player-facing features,“ says Dan D. Nabel, Vice President Legal at Riot Games.

2. Online platform regulation

What we predicted

It was clear to us that the DSA and its compliance would become increasingly important. While we did not expect any early rulings on the role of any particular online game under the DSA, we expected the authorities to take a closer look at popular games and ask game companies for more information.

For online platforms, the EU Commission intended to publish guidelines in 2025 which dealt with the protection of minors. We predicted that the protection of minors would be a key point of concern under the Digital Services Act.

Accuracy of prediction: (+)

What happened

In July 2025, the European Commission published its guidelines on the protection of minors. The guidelines cover aspects which are especially relevant such as the implementation of in-game purchases, virtual currencies and communication features. These positions overlap to some extent with recent claims for a better protection of consumers and minors and manipulative designs which we will discuss in a moment.

In late 2025, the European Commission issued its first ever DSA fine, to X (formerly Twitter) for breaching its transparency obligations. Further proceedings are still ongoing and other stakeholders, like TikTok, have accepted commitments for compliance.

What will happen in 2026

We expect enforcement of the DSA against gaming companies to become increasingly likely in 2026. We don’t want to alarm anyone, and we acknowledge that this may sound vague, but here’s why: In 2024, the EU Commission laid down a harmonized template for transparency reports in an Implementing Regulation. The first reporting period, for which this template must be used, ends on 31 December 2025. These reports must be published by the end of February 2026. Therefore, it will probably be easy to see who has done their homework and who hasn’t. To be more specific, we expect more investigations by the Digital Services Coordinators and potentially by consumer organizations in 2026.

3. Terms of Use / EULAs and Consumer Protection

What we predicted

We predicted that the renaissance of consumer law enforcement against games companies will continue. Many of these cases will be settled behind closed doors, but consumer organizations are prepared to go to court if necessary.

We also said that while this may sound like bad news, it might still be preferable to more and more legislation from EU lawmakers: The European Commission, however, seems to be determined to propose a new Digital Fairness Act.

Accuracy of prediction: (+)

What happened

All that we had predicted, just worse. The Consumer Protection Network (CPC) and the European Commission published their (in)famous Key Principles which, while being a far-reaching but non-binding interpretation of the law, are phrased as if they were law. The opening of proceedings against “Star Stable Online“ (a game which was not on the radar of many observers before) on the same day added to this impression. It all felt like the BEUC report, but on steroids.

In the Key Principles, the CPC and the European Commission take the position that far-reaching obligations apply when premium in-game virtual currency is sold, and also when it is spent. The European Commission does not stop there: they are also determined to add another layer of consumer protection, the Digital Fairness Act. The Digital Fairness Act is yet another consumer protection law aimed at tackling dark patterns and addictive design, as if we didn’t already have the Unfair Commercial Practices Directive, which contains broad prohibitions.

What will happen in 2026

From 19 June 2026 onwards, apps and websites that enable consumers to enter into distance contracts (including games) must display a clearly visible button for withdrawing from the contract. Based on our experience in Germany with a national cancellation button whose requirements are very similar, we assume that consumer organizations will monitor the implementation rights from the start and send warning letters.

But… the one legal topic which the industry will be concerned about, is the Digital Fairness Act. “The Digital Fairness Act could fundamentally reshape game design for many free-to-play games,” says Riot’s Nabel, “with new EU rules on dark patterns, retention mechanics, virtual currencies, and pay-to-win systems.“

A European General Counsel told us: “In the wake of the discussions around the EU’s Digital Fairness Act, there is the risk that existing successful self-regulatory approaches are hampered and that legitimate business models are micro-managed by regulation to a point they become factually impossible, thus decreasing consumer choice. There is also the opportunity, though, for co- and self-regulatory approaches to be improved and strengthened to a point that perceived concerns can be addressed in an effective and flexible manner – and faster than any regulation could.”

4. Loot Boxes

What we predicted

We don’t think the discussion on loot boxes will stop, but it might be overshadowed by the wider digital fairness discussion we mentioned in the consumer protection section above.

Accuracy of prediction: (+)

What happened

Just as we foretold. The United States saw a landmark settlement between the FTC and the distributor of Genshin Impact, which lead the latter to disclose win probabilities and real-world costs directly on the purchase screen, and avoid multi-step currency conversions that could confuse younger players.

Brazil took a hardline stance by passing a law that will ban loot boxes for minors starting in 2026. Given Brazil’s market size, this move is expected to force significant design changes rather than market exits.

In Australia and Europe, the focus has shifted to age ratings and price transparency. Australia now requires a minimum “15+” rating for games with chance-based purchases. The upcoming Digital Fairness Act may impose even stricter, potentially mandating that minors be shielded from loot box exposure entirely under the Digital Services Act.

In Belgium, the legal landscape remains tense as the long-standing “ban” continues to be rarely enforced by authorities. However, private litigation is stepping in: a recent case against Apple explored whether storefronts are liable for hosting illegal loot boxes. The case was ultimately settled.

Turkey has signalled its own crackdown by targeting physical mystery boxes for lacking transparency and using manipulative countdown timers, a move that establishes a legal basis for similar scrutiny of digital loot boxes under general consumer protection laws.

Specific enforcement actions in the Netherlands and the UK have targeted misleading advertising. Regulators have ruled that the presence of loot boxes must be clearly disclosed in app stores and that visual representations—such as “prize wheels”—must accurately reflect the actual weighted odds. Meanwhile, in South Korea, strict mandatory disclosure laws are now in effect, though international compliance remains inconsistent.

Finally, in late 2025, the German Federal Council (Bundesrat) adopted a resolution calling for significantly stricter regulation of loot boxes to improve youth protection. The initiative urges the Federal Government to examine whether loot boxes, due to their “gambling-like mechanisms,” should legally be treated as gambling. If implemented, this would likely result in a mandatory 18+ age rating for video games containing such purchase options. Furthermore, the Council demands full transparency regarding winning odds and pricing, while also pushing for a unified European regulatory framework within the “Digital Fairness Act.”

What will happen in 2026

Our predictions for 2026 are exactly the same as for 2025: The discussion on loot boxes won’t stop, but it will be widely part of the broader discussion on digital fairness we mentioned in the consumer protection section above. “Regulatory pressure on loot boxes will continue to increase in 2026,” says Nabel, “with more countries moving toward age restrictions (such as 18+) or even outright bans.“ Game developers will try to design around the bans and strict regulations, but as long as consumers are willing to spend money on randomized objects, it is unlikely they will go away.

5. Unfinished products, product description, onscreen texts, and right of withdrawal

What we predicted

The right of withdrawal in particular will be one aspect of the wider consumer protection topic discussed above.

Accuracy of prediction: (+)

What happened

Oh yeah – just look at the CPC’s Key Principle number 5: Consumers’ right of withdrawal should be respected.

The discussion largely focused on the right of withdrawal when premium in-game virtual currency is spent. The CPC says that, among other things, the following practises should be avoided:

• Denying consumers’ right to withdraw from a contract for the purchase of in-game virtual currency within 14 days for any in-game virtual currency that remains unused
• Denying consumer’s right to withdraw from contracts for the purchase of in-game digital content or services, regardless of whether the player pays with real-world money, in-game virtual currencies, or provides personal data to the trader

The devil is in the detail here. In particular: a right of withdrawal for unused virtual currency, and that the right of withdrawal is also meant to apply whether the player pays with in-game virtual currencies, or just provides personal data to the trader.

What will happen in 2026

The right of withdrawal will be revisited in ongoing discussions about the CPC Key Principles and Digital Fairness. Unfinished products will continue to create flamewars, although the legal importance of this issue will remain low. Instead, discussions on game sunsetting will be on the rise.

6. Clones and other IP disputes

What we predicted

For clones, we hoped that Google and Apple would at least come closer to DSA compliance – having valid contact data from clone publishers could be a game-changer in the app space. On the other hand, for high value productions, there still is a lack of reliable case law, and we did not expect a landmark case to be decided by the courts in 2025.

But IP disputes go well beyond clones, we said, and we anticipated litigation against cheat bots to remain important. Also, as Nintendo reached a favourable agreement against another Switch emulator, we expected other emulators to be under scrutiny as well.

Finally, we predicted that not all games companies would tolerate their IP showing up in AI output, and someone would test the waters unless AI system providers proved helpful.

Accuracy of prediction: (+/-)

What happened

The predictions regarding clones and the Digital Services Act (DSA) proved accurate. The most significant shift occurred on February 17, 2025, when Apple began strictly enforcing the “Trader Status” requirement in the EU App Store, removing developers who failed to provide verifiable contact details. Google followed suit with similar enforcement deadlines for the Play Store in November. This regulatory pressure was further reinforced in October when the EU Commission opened formal proceedings to scrutinize whether these platforms were doing enough to combat illegal content, confirming that valid data has indeed become the new game-changer for app visibility.

On IP disputes, the landscape remains active but legally complex. Epic Games highlighted the continuing importance of anti-bot litigation in October by suing developers of “fake engagement” bots used to manipulate payouts in Fortnite Creative, expanding the battleground from gameplay fairness to economic fraud.

In the Sony vs. Datel proceedings on cheats, the German Federal Supreme Court handed down its final judgment on the case (following a 2024 ECJ decision) and held that mere RAM modifications might not constitute copyright infringements. However, the ruling does not overly affect the fight against cheats in multiplayer games: while it limits specific copyright claims on RAM manipulation, it leaves powerful enforcement tools like unfair competition law and EULA breaches fully intact.

Finally, as anticipated, the tension between IP holders and AI providers escalated throughout 2025, with significant legal actions taken by rights holders. While we are still waiting for a definitive “AAA Game vs. GenAI” landmark ruling, the waters are being tested in adjacent industries, which serves as a warning for the games sector. The German collecting society GEMA sued Suno AI in January and targeted OpenAI (see above), while the New York Times launched litigation against Perplexity AI in December. These cases further signal that rights holders are not willing to tolerate the uncompensated use of their content for training data, a trend that the games industry is now poised to follow.

What will happen in 2026

IP disputes remain a key legal topic in the games industry, but not the one which causes sleepless nights. That is, and will remain, the question on how to best leverage your IP – for merch, to fight against cheaters, and increasingly in the context of AI.

7. Market dominance and platforms

What we predicted

We’ll simply quote it verbatim: “One general counsel told us that he expects ‘fights over DMA implementation in Europe with far reaching consequences to the industry and revisiting regulation over advertising in interactive entertainment’ to be the hot topics for 2025.”

What happened

The prediction of “fights over DMA implementation” was an understatement: 2025 turned into a year of open regulatory warfare. The conflict escalated significantly on April 23, 2025, when the European Commission imposed its first major non-compliance fine under the Digital Markets Act, penalizing Apple EUR 500 million for its anti-steering practices.

As 2025 drew to a close, the Coalition for App Fairness published another open letter in December, accusing Apple of “persistent non-compliance,” arguing that the new “Core Technology Fee” and revised commission structures still violate the spirit of the law by making alternative stores economically unviable.

The U.S. Circuit Court of Appeals delivered a mixed ruling in the ongoing battle between Epic Games and Apple. While the court conceded that Apple is entitled to charge a ‘reasonable fee’ for external transactions to recoup security costs, it explicitly ruled that the company’s imposed 27% commission violated the existing injunction. Furthermore, the court struck down Apple’s strict formatting restrictions on external payment links, mandating that alternative payment methods must be displayed with equal visibility to Apple’s own system. Pretty much every phrase of that decision shows the judge’s rage over Apple’s behaviour. The case has been remanded to the district court to determine a compliant fee structure, a development Epic CEO Tim Sweeney hailed as the beginning of “large-scale change”.

What will happen in 2026

The battle will continue, and most small and medium-sized companies will be watching it from the sideline. To take up the fight, you need deep pockets and guts. Those who don’t can continue to follow Epic’s epic battle, which likely is not over.

8. Youth protection beyond blood and violence

What we predicted

A European General Counsel told us: “Calls on video game companies to employ age verification methods will likely continue in 2025. However, age verification is not a universal remedy and needs to work on an international level as well as without interfering with users’ privacy. Instead of setting up new requirements that may be disproportionate, voluntary approaches that have proven to be effective and that respect both the parental autonomy and the children’s right to participate should be strengthened. The majority of video games are suitable for minors and parental controls are widely available free of charge.”

We said that addictive design will also become a major topic for digital games and apps in 2025. The European Commission had expressed its legal opinion that digital interfaces which can cause mental harm fall under the General Product Safety Regulation, which became applicable in late 2025.

Accuracy of prediction: (+)

What happened

Interaction risks (such as chats and monetisation) are increasingly taken into account for age ratings. In Germany, the age rating authority USK estimates that about one third of all rated games contain such risks, and for one third of them (11% in total) it led to a higher age rating than the game would have received without these mechanics.

France’s regulator for media and internet (Arcom) introduced requirements for age verification like the so-called “double anonymity”. This standard creates a technical firewall between the user’s real identity and the digital service: the third-party verification provider checks the user’s government ID but is technically blocked from knowing which specific website or game the user is accessing. Conversely, the platform itself receives a cryptographic token confirming the user is over 18, but never sees, processes, or stores the user’s real name or passport data. For the video games industry, it offers a pathway to regulatory compliance with age regulation without becoming a data honeypot.

In Germany, the Interstate Treaty on the Protection of Minors in the Media was updated, granting the Commission for the Protection of Minors in the Media (KJM) decisive new enforcement tools. The amendment specifically aims to close loopholes previously exploited by foreign providers to bypass German age verification laws. Key measures include the authority to order payment service providers to block transactions to non-compliant platforms (“payment blocking”) and, as a last resort, to implement network blocking.

The reform tries to transform the KJM’s ability to act against offshore violators, shifting from administrative warnings to cutting off revenue streams. However, this legislation faces significant criticism regarding the risk of “over blocking”, as broad technical mandates could lead to the inadvertent censorship of legitimate content, if automated filters would be introduced which may lack the nuance to distinguish between harmful and harmless context.

Roblox introduced mandatory facial age estimation for accessing voice chat and certain social features in November 2025 for Australia, New Zealand, and the Netherlands to limit the interactions between minors and adults and the potential risk such interactions might cause. Shortly before, Meta overhauled Instagram’s teen accounts in October 2025 by aligning content moderation directly with the “PG-13” movie rating standard. As reported by the New York Times, this shift goes beyond simple age-gating, it actively filters out content deemed inappropriate for a 13-year-old audience from algorithmic feeds (Reels, Explore) for all teen accounts.

From what we hear, numerous lawsuits have been filed in the US against major video game companies. The lawsuits allege that these companies intentionally designed addictive games that target children. However, we are not aware of any further investigations by the European Commission into this specific issue. In 2025, the DSA covered addictive design more extensively.

What will happen in 2026

The Australian legislation banning social media for under-16s (passed late 2024) will act as a blueprint for European policymakers in 2026. The critical risk for the games industry is the blurring of definitions. As regulators struggle to clearly distinguish between “Social Media” and “Games with Social Features” (Roblox, Fortnite, MMOs), there is a risk of the Australian approach spilling over.

In 2026, we will see the first EU member states proposing amendments to expand social media bans to include social gaming platforms, arguing that chat functions and UGC pose the same psychological risks. The distinction between a “game” and a “network” will be the primary legal battleground.

Furthermore, the rollout of the EU Digital Identity Wallet (EUDI) is expected to expand the “double anonymity” principle (explained above) to the rest of the EU. For publishers, the EUDI offers a “tokenized age check” where the state verifies age, keeping sensitive player data off company servers. However, this centralization introduces a single point of failure. As highlighted in debates, a compromised wallet exposes the user’s entire identity (such as ID and drivers license). Consequently, while the EUDI might solve technical hurdles, the industry must prepare for user pushback regarding the potential for abuse and surveillance.

The controversial Kids Online Safety Act (KOSA) is expected to cross the legislative finish line in 2026. The bill aims to impose a strict “duty of care” on online platforms, holding them legally liable for design features that contribute to mental health harms in minors. Specifically, the legislation targets compulsive usage patterns by mandating that “addictive” elements – such as infinite scrolling and auto-play videos – be disabled by default for young users. However, the legislation faces fierce opposition from civil rights groups like the ACLU. Critics warn that the bill’s broad definition of “harm” could be weaponized for political censorship—particularly targeting LGBTQ+ content—and that enforcement would paradoxically require invasive age verification. As the bill advances, the industry is already reacting; even before enactment, major platforms are adopting stricter moderation standards.

9. Data protection

What we predicted

“We still think that Mr Schrems will be back, but as no decisions are to be expected in the short-term, the trust and safety aspect might be more pressing.“

Accuracy of prediction: (+/-)

What happened

Mr Schrems was back, but not in the way we expected – the EU-US Data Privacy Framework is still in place. Instead, Mr. Schrems’ organisation None of Your Business (noyb) filed a complaint with Austria’s Data Protection Authority against Ubisoft in May 2025, claiming that the single-player game “Far Cry Primal” collects data about player’s usage behaviour, without obtaining players’ consent. noyb admits that Ubisoft may have legitimate interests in areas such as “analytics and ad serving”, “product improvement” and “security”, but holds that these are overruled by gamers’ privacy rights in the case of single-player games. It will be interesting to see how this one plays out, given that collecting telemetry data for analytics purposes (to develop updates, for example) is common practice among gaming companies.

Apart from that, no big data protection events for games companies in 2025, but a surprisingly liberal decision on the use of personal data for AI training, as discussed in the initial paragraph of this article.

What will happen in 2026

While data protection remains important, the discussion will focus on harmonising existing data protection provisions and concepts with other digital regulations. Hopefully, the EU Commission’s proposal for a Digital Omnibus Regulation, which introduces long-awaited (but not entirely convincing) changes to cookie rules, is just the start of the move towards simpler rules.

Next year, we expect to receive further guidance on aligning the GDPR with legal concepts set out in the Data Act and the AI Act, and possibly even the Cyber Resilience Act (although this may not be ready until 2027).

10. Esports

What we predicted

Following the announcement of the Olympic Esports Games in 2025, we said that “something about integrity” would be a no-brainer, potentially in the form of legislation on doping in esports. We also said that match-fixing and cheating would be relevant – again – and that cybersecurity might play a more important role.

Accuracy of prediction: (+/-)

What happened

In April 2025, Riot Games launched an independent dispute resolution mechanism for professional and semiprofessional teams. It also appears that, after much debate, esports in Germany is finally being recognized as a charitable activity.

Valve has tightened the licensing conditions for “Limited Game Tournaments” in titles such as CS2, Dota 2, and TF2. Effective immediately, tournament organizers are prohibited from integrating case opening or skin trading sites into their events. Furthermore, sponsorships that generate revenue from such activities are banned. These new rules apply to all ranked and community tournaments, extending to the display of teams, jersey branding, and any visible content during broadcasts. Tournament organizers and clubs must now review and, if necessary, amend their existing sponsorship contracts, while affected third-party platforms face the challenge of determining their legal response to these restrictions.

A few days before that, Valve had made significant changes to the item economy in CS2. Since then, it has been possible to obtain a random knife or pair of gloves (the rarest item category) via an upgrade contract. Previously, such items could only be obtained in a case, and the odds were low. This update caused many players to panic-sell their in-game items, leading to a massive market crash on Valve’s Steam marketplace.

What will happen in 2026

We fear that some stakeholders in the esports ecosystem will continue to struggle to remain profitable. At the same time, we anticipate a debate about Valve’s power to change the rules.

New trend: Cybersecurity

Also in 2025, there were major exploits which concerned players, including remote execution commands that could abuse players’ systems. However, this phenomenon is not limited to esports only but is relevant for the whole industry.

What will happen?

Cybersecurity is becoming increasingly important, so it is one of our new (separate) top picks for 2026.

Game companies will have to prepare for compliance with the Cyber Resilience Act. The first step will be to see which games are “in scope”. The scope might be wider than what many think – as even single player games often are connected to a network (at least to download patches). The Cyber Resilience Act will also have a massive impact on early access games which must also, at least to some extent, meet the requirements set out before being placed on the EU market. The obligations will also be relevant for the providers of hardware and its components. With notification obligations coming into effect 2026, developers, publishers, and other stakeholders must prepare for a new set of compliance obligations and technical requirements, even though most of these will not take effect until the end of 2027.

Additionally, games companies that make use of cloud computing or other technology which falls under the NIS-2 Directive, compliance with NIS-2 must be urgently reviewed and implemented.

New trend: Ingame economics – Second Life reloaded

Roblox, Fortnite and CS all made changes to their game economics. While ultimately, companies aim to promote engagement in a good way, such changes have huge economic impacts. And where there is an economic impact, legal questions are never far away. In our case, we expect new discussions on consumer protection, platform dominance and the question of whether Richard Bartle’s word is still true, and Developers are Gods.

The top 10 trends for 2026:

So what are the top 10 legal trends for 2026 and how will their importance develop compared to 2025? Here’s our personal top 10 list.

1. AI (=)
2. Consumer protection (up)
3. Product and cyber security (up)
4. Youth protection beyond blood and violence (=)
5. Online platform regulation (down)
6. Clones and other IP disputes (=)
7. Lootboxes (down)
8. Data protection (=)
9. Market dominance (down)
10. Esports (=)

Dr. Andreas Lober is a partner in the Frankfurt office at the law firm ADVANT Beiten. He has been advising video game companies for many years. This article contains input from ADVANT Beiten’s Lennart Kriebel, Daniel Trunk and Fabian Eckstein. The views expressed in this article are personal predictions.