The United Kingdom is a signatory of the World Trade Organization (WTO) Information Technology Agreement (ITA) of 1996 and its 2015 expansion (ITA II).

The Telecommunications Security Act 2021 gives the UK government the power to remove high-security risk vendors from the UK telecommunications infrastructure. The Act specifically bans new purchases of equipment from Chinese telecommunications company Huawei and mandates the removal of all Huawei equipment from the 5G network by 2027. Moreover, according to the UK's Office of Communications (Ofcom), the Act "allows the government to set out specific security requirements that providers must meet. This will include making sure telecoms providers securely design, construct and maintain network equipment that handles sensitive data; reduce supply chain risks; carefully control access to sensitive parts of the network; and make sure the right processes are in place to understand the risks facing their public networks and services." The Electronic Communications (Security Measures) Regulations 2022 supplements the Act, providing 16 regulations that further detail security measures expected to be put in place by network or service providers, ranging from securely designing and maintaining their public network to helping their third-party suppliers to identify and reduce risks of security compromise.

In March 2023, the United Kingdom’s Cabinet Office banned TikTok from government-issued mobile devices, citing cybersecurity concerns. According to Cabinet Office Minister Oliver Dowden, the measure was a precautionary step aimed at protecting sensitive government data, and it took effect immediately for devices used by ministers and civil servants. The restriction applies strictly to official devices and does not extend to personal phones. These actions align the U.K. with other Western governments implementing similar restrictions on the Chinese-owned platform.

All government bodies must comply with Open Standards Principles for software interoperability data and document formats in government IT, and they must apply for an exemption if they do not comply with these requirements. Additionally, the Government has mandated a preference for using open-source software for future developments and has issued a manual that lays out the standards that must be used for all new digital public services developed across the British central governmental administration. Principle 12 of the Government Digital Service (GDS) Service Standard states: "Make all new source code open and reusable, and publish it under appropriate licences. Or if this is not possible, provide a convincing explanation of why this cannot be done for specific subsets of the source code."

Section 39 of the Small Business, Enterprise and Employment Act 2015 (SBEE) gives the Minister for the Cabinet Office or relevant Secretary of State the power to impose regulations on public procurement in order to meet the goal of increasing government spending with SMEs (the goal moved from 25% in 2015 to 33% in 2020).

In August 2021, the Cabinet Office published the Public Procurement Note 11/20 outlining how and when "in-scope organisations" can reserve contracts based on supplier location and size. In-scope organisations are defined as commercial practitioners at all levels within central government departments, executive agencies and non-departmental public bodies. The thresholds below which these reservations can be made are:
- Supplies and services - GBP 122,976 (approx. USD 137,000);
- Services defined under the "Light Touch Regime" (LTR), which refers to certain service contracts that tend to be of lower interest to cross-border competition - GBP 663,540 (approx. USD 730,000).
If these threshold requirements are met, in-scope organisations can reserve procurements based on supplier location (UK-wide, county, borough) or may limit competition to Small and Medium Enterprises (SMEs) and Voluntary Community and Social Enterprises (VCSEs).

Art. 85 of the Utilities Directive (2014/25/EU) contains provisions allowing contracting public entities to reject foreign goods not covered by any EU international commitments from its tender procedures. In these cases, a tender submitted for the award of a supply contract may be rejected where the proportion of the products originating in third countries exceeds 50% of the total value of the products constituting the tender (Art. 85.2). Additionally, in cases of equivalent offers, the provisions provide for a preference for European tenders and tenders covered by EU's international obligations. In practice, this possibility has rarely been used.
The Utilities Contracts Regulations 2016 implements the EU's Utilities Directive (2014/25/EU) in the United Kingdom. The Directive contains provisions allowing contracting public entities to reject foreign goods not covered by any EU international commitments from its tender procedures.

Federal Law No. 15/2020 concerning Consumer Protection, its Executive Regulation, and Federal Decree-Law No. 14/2023 on Trading by Modern Technological Means provide a comprehensive framework for consumer protection that also applies to online transactions.

The United Arab Emirates has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

The United Arab Emirates enacted the Federal Law No. 1 of 2006 on Electronic Commerce and Transactions, drawing upon the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce. This legislation was subsequently superseded by the Federal Decree by Law No. 46 of 2021 on Electronic Transactions and Trust Services.

The United Arab Emirates has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

Art. 9 of Federal Decree-Law No. 43 of 2021 prohibits the export of items within its scope without prior authorisation. This provision applies to a range of goods listed in the schedule of controlled commodities adopted under Cabinet Resolution No. 50 of 2020. The latter includes electronics, computers, and telecom and information security.
In addition, the Lists of Prohibited and Restricted Goods in the States of the GCC establish categories of goods subject to trade restrictions. Telecommunications-related equipment, specifically base stations (HS code 8517.61.00) and transmission apparatus incorporating reception apparatus (HS code 8525.60.00), is included in the restricted list. The export of such items may require prior authorisation or the issuance of special licences by the competent authorities.

Under Section 1 of the Telecommunications Equipment Type Approval Regime, the authorisation of telecommunications equipment is determined by its potential impact on safety, electromagnetic compatibility (EMC), and the efficient use of radio spectrum. Section 4.1 introduces a three-tier compliance framework based on risk and technical complexity. Level 1, applicable to low-risk devices such as short-range devices (SRDs), NFC, RFID, bluetooth, and Wi-Fi-only tablets, relies on a supplier’s declaration of conformity (SDoC) in accordance with ISO/IEC 17050-1:2004. Level 2, covering medium-risk equipment such as GPS trackers, SIM-based radios, and modems, requires proof of conformity through International Laboratory Accreditation Cooperation (ILAC)-accredited test reports or certificates from Telecommunications and Digital Government Regulatory Authority (TDRA)-recognised entities. Where such evidence is unavailable, TDRA may mandate additional testing at the applicant’s expense. Level 3, reserved for high-risk equipment such as mobile phones, demands test reports from recognised laboratories and supplementary testing at TDRA’s national laboratory, alongside submission of product samples.
Sections 4.15 and 4.16 outline the acceptance of external conformity evidence. Under Section 4.15, the TDRA recognises technical test reports from laboratories accredited to ISO/IEC 17025 by ILAC members and reports submitted under mutual recognition agreements (MRAs). Section 4.16 extends recognition to type approval certificates issued by certification bodies accredited to ISO/IEC 17065 by International Accreditation Forum (IAF) members or appointed under MRAs.