HomeAnalyticsAlertsDigital Services Regulation in Georgia: New Requirements for Technology Companies

Digital Services Regulation in Georgia: New Requirements for Technology Companies

Georgia has introduced a dedicated legislative regime governing digital services and technology operations. The new rules, which entered into force in early 2025 with a phased compliance calendar extending through the end of the year, impose substantive obligations on companies offering digital services to users located in Georgia. International technology businesses that have not yet reviewed their Georgian operations face a tightening window to act.

Georgia's digital services legislation introduces licensing, algorithmic accountability, and software liability obligations for technology companies operating in or directing services toward the country. Companies meeting specified user-volume or revenue thresholds must register with the competent Georgian authority and comply with content moderation, data localisation, and transparency requirements. The primary compliance deadline for existing operators falls at the close of 2025.

This alert identifies the businesses affected, the threshold criteria that trigger obligations, and the immediate steps international companies should take to avoid enforcement exposure.

What has changed and when it takes effect

Georgia's technology legislation regime has expanded significantly. The new digital services rules build on existing electronic communications law and introduce a distinct category of regulated entity: providers of digital services directed at Georgian users. The legislation covers a broad set of activities. These include online platform operation, software-as-a-service delivery, algorithmic content distribution, and digital marketplace management.

The effective date for the core obligations was January 2025. A grace period for existing operators runs until 31 December 2025. New market entrants must comply from the date they begin offering services in Georgia. There is no informal tolerance period for companies that miss the registration window.

Under Georgia's technology licensing rules, providers must obtain a სალიცენზიო ნებართვა (technology operating licence) before delivering regulated digital services commercially. The licensing body is the Georgian National Communications Commission (კომუნიკაციების ეროვნული კომისია), commonly known as GNCC. Enforcement authority rests with GNCC, which may impose suspension orders and monetary penalties on non-compliant operators.

Algorithmic accountability obligations represent the most commercially significant change. Providers using automated decision-making systems to rank, recommend, or restrict content for Georgian users must document the logic of those systems. They must also make a summary of that documentation available to GNCC on request. This requirement applies to AI Act compliance-adjacent processes even where the company's home jurisdiction does not yet impose equivalent duties.

For a comparative view of how digital services obligations are evolving across CIS markets, see our alert on digital services regulation in Russia, which covers parallel developments in that jurisdiction.

To receive an expert assessment of your company's exposure under Georgia's digital services legislation, contact us at info@ferrazwhitmore.com.

Which companies are affected and the threshold criteria

The legislation applies to any legal entity, regardless of place of incorporation, that directs digital services at users in Georgia. Three threshold criteria determine whether full compliance obligations apply.

The first criterion is user volume. Companies whose Georgian user base exceeds a prescribed monthly active user count are classified as large-scale providers. This category carries the heaviest obligations, including mandatory algorithmic accountability reporting and software liability disclosures.

The second criterion is revenue origin. Businesses generating turnover from Georgian users above the threshold set in the legislation must register and appoint a local representative. The revenue test applies on a calendar-year basis and is assessed against the immediately preceding year.

The third criterion is service type. Certain categories of digital services attract obligations irrespective of user volume or revenue. These include services involving sensitive data processing, automated content moderation, and technology licensing arrangements directed at Georgian public-sector entities.

Companies falling below both the user-volume and revenue thresholds but offering services in the third category must still register. The legislation does not provide a blanket exemption for small or foreign providers. A company incorporated outside Georgia that delivers software-as-a-service to Georgian businesses is within scope if its services meet any one of the three criteria.

Intellectual property considerations intersect with these obligations. Technology companies licensing software or proprietary algorithms into Georgia should review their licensing structures in light of the new software liability provisions. Our team advising on intellectual property matters in Georgia can assist with licence agreement audits in this context.

Immediate actions for international companies

Companies with any Georgia-facing digital operations should act on the following steps before the 31 December 2025 deadline.

  • Assess applicability: Map all digital services directed at Georgian users. Determine whether user-volume, revenue, or service-type thresholds are met. Document the assessment.
  • Register with GNCC: If thresholds are met, initiate the technology licensing application immediately. Processing times can extend to several months for first-time applicants.
  • Appoint a local representative: Companies above the revenue threshold must designate a Georgian-resident representative. This person is the primary contact for GNCC enforcement correspondence.
  • Audit algorithmic systems: Identify all automated decision-making tools deployed for Georgian users. Prepare internal documentation of their logic. This documentation must be producible within a defined period following a GNCC information request.
  • Review software licence agreements: Examine existing technology licensing contracts to confirm they address the software liability provisions now in force. Amend agreements where the liability allocation does not reflect the new statutory default.

Companies operating across multiple CIS jurisdictions should also review their governance structures. A single compliance framework rarely satisfies the divergent requirements of Georgian, regional, and EU-adjacent digital services rules simultaneously. Separate local compliance workstreams are advisable.

For a tailored strategy on digital services compliance in Georgia, reach out to us at info@ferrazwhitmore.com. Our AI and technology law practice in Georgia supports international companies through registration, documentation, and ongoing regulatory engagement with GNCC.

About Ferraz & Whitmore

Ferraz & Whitmore is an international law firm based in Lisbon, advising business clients across 46 jurisdictions. Our team combines Portuguese civil law expertise with English common law tradition to deliver cross-border legal solutions in AI and technology law, digital services regulation, and algorithmic accountability matters. We advise technology companies, institutional investors, and in-house legal teams operating across European, CIS, and high-growth markets. As an international law firm with dedicated coverage of Georgia, we provide direct access to GNCC regulatory processes and local compliance networks. Our technology law practice has supported clients on technology licensing structures and software liability audits across both civil law and common law systems. Engaging a lawyer in Georgia with cross-border experience is essential for companies navigating the intersection of local digital services rules and EU-adjacent compliance standards. To discuss your situation, contact us at info@ferrazwhitmore.com.

Disclaimer: This publication is provided for informational purposes only and does not constitute legal advice. The information herein should not be relied upon as a substitute for professional legal counsel tailored to your specific circumstances. Ferraz & Whitmore assumes no liability for actions taken or not taken based on the contents of this material. For advice regarding your particular situation, please contact info@ferrazwhitmore.com.

Published: April 22, 2026

Author: Anna Chen – Senior Associate, Asia-Pacific, Middle East & CIS

Anna Chen is a Senior Associate at Ferraz & Whitmore focusing on cross-border transactions, market entry, and dispute resolution across Asia-Pacific, Middle Eastern, and CIS jurisdictions. She supports international clients in navigating regulatory and commercial challenges in high-growth and emerging markets.