4 Global Regulations and Guidelines to Watch on Disinformation

Things are changing quickly when it comes to how the world responds to false information and misinformation. Governments, international organizations, and regulatory bodies are working on ways to prevent people from spreading false information that could hurt societies and markets, while still letting people say what they think.

Corporate security leaders need to learn more about these frameworks so that they not only follow the rules but also are ready for the way new rules will change how they respond to crises, manage digital risks, and hold organizations accountable in the future.

European Union: Digital Services Act

The Digital Services Act (DSA), enacted in 2022 and effective from 2024, is a groundbreaking regulatory framework designed to increase the accountability and transparency of digital platforms, particularly very large online platforms (VLOPs), with more than 45 million users in the European Union. Under the DSA, platforms like Meta, Google, X (formerly Twitter), and TikTok are legally obligated to assess and mitigate systemic risks, including the dissemination of disinformation.

They must perform annual risk assessments, implement robust content moderation systems, provide access to data for vetted researchers, and offer users transparency about content recommendation algorithms. Failure to comply can result in fines of up to 6 percent of the platform’s global annual revenue.

United States: Cybersecurity and Infrastructure Security Agency

The Cybersecurity and Infrastructure Security Agency (CISA), part of the U.S. Department of Homeland Security, plays a central role in monitoring and countering disinformation that threatens critical infrastructure—including elections, healthcare, energy, and communications. While CISA does not have binding regulatory authority over private companies, it has provided tools, guidance, and situational awareness through  the Countering Foreign Influence Task Force and the Rumor Control site, which have previously particularly active during electoral cycles and national crises. CISA promotes public-private collaboration through the Joint Cyber Defense Collaborative (JCDC) and warns about information operations linked to state-sponsored actors.

Brazil: PL 2630/2020 (Lei das Fake News)

The PL 2630 bill, also known as the Fake News Law, is a legislative proposal introduced in Brazil in response to the growing threat of misinformation on messaging apps and social media platforms. It mandates that platforms verify user identity, store records of message transmission, and enforce accountability mechanisms for content originators. Importantly, it introduces the possibility of criminal penalties for knowingly spreading false content that threatens the democratic order or public safety.

However, critics—including journalists, tech companies, and civil society—argue that it may infringe on freedom of speech and open the door to censorship or abuse by authorities.

UNESCO: Global Guidelines for Platform Regulation

UNESCO (the United Nations Educational, Scientific, and Cultural Organization) is leading a multilateral effort to establish global standards for regulating digital platforms, while preserving freedom of expression and human rights. Its 2023 Guidelines for Regulating Digital Platforms advocate for transparency, due process, and multi-stakeholder governance.

A core component of UNESCO’s work is the promotion of media and digital literacy, equipping citizens—especially youth and vulnerable populations—with the skills to recognize and resist disinformation. The guidelines also encourage regulatory alignment between countries to prevent legal fragmentation and offer a foundation for transnational cooperation against harmful content.

Antonio Rafael Bellorín is the chief security officer at Tecnológico de Monterrey and a global security strategist with extensive experience across Latin America and international corporate environments. His work focuses on integrating intelligence, resilience, and ethical leadership into modern security governance.