Art. 85 of the Utilities Directive (2014/25/EU) contains provisions allowing contracting public entities to reject foreign goods not covered by any EU international commitments from its tender procedures. In these cases, a tender submitted for the award of a supply contract may be rejected where the proportion of the products originating in third countries exceeds 50% of the total value of the products constituting the tender (Art. 85.2). Additionally, in cases of equivalent offers, the provisions provide for a preference for European tenders and tenders covered by EU's international obligations. In practice, this possibility has rarely been used.
In Finland, the Directive has been transposed with the "Act on Public Contracts and Concessions of Entities Operating in the Water, Energy, Transport and Postal Services Sectors (1398/2016)".

According to the Act on Supervision of Acquisitions of Foreign Companies, there are no prohibitions or restrictions on foreign ownership in the country.

The Limited Liabilities Company Act states that at least one of the members of the Board of Directors must be a resident of the European Economic Area (EEA) unless an exemption is granted by the regulatory authority. Furthermore, the managing director must also be a resident of the EEA.

The Act on the Screening of Foreign Corporate Acquisitions grants the Finnish Ministry of Economic Affairs and Employment (TEM) the authority to screen foreign investments. According to Art. 3 of the Act, if the TEM believes that an FDI might conflict with a key national interest, the Ministry may refer the matter of confirmation or denial to a government plenary session for consideration. As defined in Art. 2, as amended in 2020, key national interest includes securing military, and national defence, functions vital to society, national security and foreign and security policy objectives, and safeguarding public order and security in accordance with Arts. 52 and 65 of the Treaty on the Functioning of the European Union, if there is a genuine and sufficiently serious threat to a fundamental interest of society.

Estonia has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

Estonia has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

The Consumer Rights Directive 2011/83/EU provides an updated framework aimed at encouraging online sales. The Directive has been implemented by the Consumer Protection Act. The Act includes provisions on the right to information, safety and quality of goods or services, and unfair commercial practices. The Act also safeguards 'distance contracts'. E-commerce is regulated by the Estonian Consumer Protection and Technical Regulatory Authority.

Estonia has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

The Estonian government issued sanctions on the Russian app Yandex. The reason provided is that individuals using the application Yandex must provide access to a considerable amount of personal data, which is processed by the company on servers located in Russia. To prevent the collection and use of Estonian data by the Russian authorities, the government is banning the application, requiring app stores to restrict downloads of the Yandex application.

The EU Directive on Audiovisual Media Services (AVMS) covers traditional broadcasting services as well as audiovisual media services provided on-demand, including via the Internet. Art. 13.1 provides for Member States to secure a minimum 30% share of European works in the catalogues as well as "ensuring prominence" of those works. "Prominence" involves promoting European works by facilitating access to such works using any appropriate means to ensure their prominence. The Directive has been implemented by Member States in different ways, ranging from very extensive and detailed measures to a mere reference to the general obligation to promote European works.
In Estonia, the EU Directive was transposed into domestic law through the amendment of the Media Services Act of February 2022 (RT I, 27.02.2022). According to Art. 24 of the Act, on-demand audiovisual media service providers are required to ensure that at least 30% of the programmes in their catalogue consist of European works. Additionally, these providers must report their compliance with this requirement to the Consumer Protection and Technical Regulatory Authority by 15 February each year. Estonia has not implemented financial contribution obligations to VOD service providers.

According to the ".ee" Domain Regulation, it is required to appoint an administrative contact for the application for the ".ee" domain name. The administrative contact has to be a citizen of Estonia with an Estonian personal identification code or a European Economic Area (EEA) citizen.

It is reported that there is no requirement for functional separation for operators with significant market power (SMP) in the telecom sector. However, accounting separation is required in certain cases.

It is reported that the Consumer Protection and Technical Regulatory Authority (ETRA), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.

The European Union General Data Protection Regulation (GDPR) provides a comprehensive framework for data protection that applies to all EU Member States. Estonia implemented the GDPR in 2018 through the Personal Data Protection Act.