All government bodies must comply with Open Standards Principles for software interoperability data and document formats in government IT, and they must apply for an exemption if they do not comply with these requirements. Additionally, the Government has mandated a preference for using open-source software for future developments and has issued a manual that lays out the standards that must be used for all new digital public services developed across the British central governmental administration. Principle 12 of the Government Digital Service (GDS) Service Standard states: "Make all new source code open and reusable, and publish it under appropriate licences. Or if this is not possible, provide a convincing explanation of why this cannot be done for specific subsets of the source code."

Section 39 of the Small Business, Enterprise and Employment Act 2015 (SBEE) gives the Minister for the Cabinet Office or relevant Secretary of State the power to impose regulations on public procurement in order to meet the goal of increasing government spending with SMEs (the goal moved from 25% in 2015 to 33% in 2020).

In August 2021, the Cabinet Office published the Public Procurement Note 11/20 outlining how and when "in-scope organisations" can reserve contracts based on supplier location and size. In-scope organisations are defined as commercial practitioners at all levels within central government departments, executive agencies and non-departmental public bodies. The thresholds below which these reservations can be made are:
- Supplies and services - GBP 122,976 (approx. USD 137,000);
- Services defined under the "Light Touch Regime" (LTR), which refers to certain service contracts that tend to be of lower interest to cross-border competition - GBP 663,540 (approx. USD 730,000).
If these threshold requirements are met, in-scope organisations can reserve procurements based on supplier location (UK-wide, county, borough) or may limit competition to Small and Medium Enterprises (SMEs) and Voluntary Community and Social Enterprises (VCSEs).

Art. 85 of the Utilities Directive (2014/25/EU) contains provisions allowing contracting public entities to reject foreign goods not covered by any EU international commitments from its tender procedures. In these cases, a tender submitted for the award of a supply contract may be rejected where the proportion of the products originating in third countries exceeds 50% of the total value of the products constituting the tender (Art. 85.2). Additionally, in cases of equivalent offers, the provisions provide for a preference for European tenders and tenders covered by EU's international obligations. In practice, this possibility has rarely been used.
The Utilities Contracts Regulations 2016 implements the EU's Utilities Directive (2014/25/EU) in the United Kingdom. The Directive contains provisions allowing contracting public entities to reject foreign goods not covered by any EU international commitments from its tender procedures.

The United Kingdom is a signatory of the World Trade Organization (WTO) Information Technology Agreement (ITA) of 1996 and its 2015 expansion (ITA II).

Federal Law No. 15/2020 concerning Consumer Protection, its Executive Regulation, and Federal Decree-Law No. 14/2023 on Trading by Modern Technological Means provide a comprehensive framework for consumer protection that also applies to online transactions.

The United Arab Emirates has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

The United Arab Emirates enacted the Federal Law No. 1 of 2006 on Electronic Commerce and Transactions, drawing upon the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce. This legislation was subsequently superseded by the Federal Decree by Law No. 46 of 2021 on Electronic Transactions and Trust Services.

The United Arab Emirates has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

Art. 9 of Federal Decree-Law No. 43 of 2021 prohibits the export of items within its scope without prior authorisation. This provision applies to a range of goods listed in the schedule of controlled commodities adopted under Cabinet Resolution No. 50 of 2020. The latter includes electronics, computers, and telecom and information security.
In addition, the Lists of Prohibited and Restricted Goods in the States of the GCC establish categories of goods subject to trade restrictions. Telecommunications-related equipment, specifically base stations (HS code 8517.61.00) and transmission apparatus incorporating reception apparatus (HS code 8525.60.00), is included in the restricted list. The export of such items may require prior authorisation or the issuance of special licences by the competent authorities.

Under Section 1 of the Telecommunications Equipment Type Approval Regime, the authorisation of telecommunications equipment is determined by its potential impact on safety, electromagnetic compatibility (EMC), and the efficient use of radio spectrum. Section 4.1 introduces a three-tier compliance framework based on risk and technical complexity. Level 1, applicable to low-risk devices such as short-range devices (SRDs), NFC, RFID, bluetooth, and Wi-Fi-only tablets, relies on a supplier’s declaration of conformity (SDoC) in accordance with ISO/IEC 17050-1:2004. Level 2, covering medium-risk equipment such as GPS trackers, SIM-based radios, and modems, requires proof of conformity through International Laboratory Accreditation Cooperation (ILAC)-accredited test reports or certificates from Telecommunications and Digital Government Regulatory Authority (TDRA)-recognised entities. Where such evidence is unavailable, TDRA may mandate additional testing at the applicant’s expense. Level 3, reserved for high-risk equipment such as mobile phones, demands test reports from recognised laboratories and supplementary testing at TDRA’s national laboratory, alongside submission of product samples.
Sections 4.15 and 4.16 outline the acceptance of external conformity evidence. Under Section 4.15, the TDRA recognises technical test reports from laboratories accredited to ISO/IEC 17025 by ILAC members and reports submitted under mutual recognition agreements (MRAs). Section 4.16 extends recognition to type approval certificates issued by certification bodies accredited to ISO/IEC 17065 by International Accreditation Forum (IAF) members or appointed under MRAs.

According to Section 7.11 of the Internet of Things (IoT) Regulatory Policy, IoT service providers are required to use an encryption standard that fulfills requirements of the competent UAE authorities. In instances where an IoT Service Provider uses or intends to use an encryption standard higher than the approved one, the loT Service Provider shall seek an explicit case-by-case approval from the Digital Government Regulatory Authority (TDRA).

According to Art. 5 of the Federal Decree-Law No. 14 of 2023 Concerning Modern Technology-Based Trade, one of the requirements for engaging in “modern technology-based trade”- defined as the sale and purchase of goods, services, and related data through technological platforms or modern technology, including websites, e-platforms, smart applications, electronic or digital commerce, and social media platforms - is the obligation to obtain the necessary approvals, permits, and licences from the competent authority.
As indicated on the UAE Government portal, establishing an online business on the UAE mainland requires an application to the Department of Economic Development (DED) in the relevant emirate. In addition, all eTrade licences must be approved by the Telecommunications and Digital Government Regulatory Authority (TDRA), which regulates the e-commerce framework and transactions at the federal level. The portal also highlights emirate-specific licensing schemes, including the eCommerce licence in Abu Dhabi (introduced in 2017), the eTrader licence in Dubai, and the Eitimad domestic licence in Sharjah.