The future of digital infrastructure: what’s next after the European Commission’s White Paper

/in , ,

With the publication of its White Paper on digital infrastructure in 2024, the European Commission has finally launched a long-overdue debate on the future of the telecom regulatory framework. EuroISPA has taken an active role in these discussions, committed to shaping an ambitious vision for the sector. Engaging with policymakers to highlight the essential role of Internet Service Providers (ISPs) in fostering innovation, resilience, and the twin transition, we reaffirm our dedication to keeping telecom networks at the heart of Europe’s economic and technological leadership. 

As we move towards 2030, unlocking the necessary investments to achieve the Digital Decade connectivity targets remains a top priority. To this end, Europe must establish a regulatory framework that incentivises investment, notably through a comprehensive Digital Networks Act, ensuring a robust, sustainable, and competitive telecom ecosystem for the future. 

Achieving true internal market integration will largely depend on harmonising and streamlining regulations across multiple areas, including infrastructure investment, spectrum management, and taxation. This also requires assessing the relevance of existing sectoral rules alongside broader horizontal frameworks. The regulation of our sector must adopt a more coordinated approach and foster investment-friendly conditions while preserving effective national frameworks and ensuring fair competition. 

Prioritising network sustainability is also crucial to supporting the green transition of our economy. The telecom industry plays a key role in driving sustainability gains across sectors and reducing its own environmental footprint by replacing legacy technology with more energy-efficient infrastructure. The inclusion of connectivity networks in the EU Taxonomy for sustainable finance is a positive step toward securing funding for greener networks. Additionally, engaging with equipment suppliers and digital service providers across the entire value chain will be essential to adopting the most efficient technologies, achieving net-zero emissions, and ensuring optimal network efficiency. 

Looking ahead to 2025, we believe the Digital Networks Act must serve as a cornerstone for turning these priorities into concrete action. By simplifying regulation, securing investment, and strengthening network sustainability and security, Europe can build digital infrastructures that are both competitive and future-proof. EuroISPA and its members remain committed to working alongside European stakeholders and institutions to ensure these vital reforms become a reality. 

Romain Bonenfant

EuroISPA Board Member

Managing Director of FFTélécoms – Fédération Française des Télécoms

EuroISPA Letter to the European Commission on e-Evidence

/in ,

In this letter to the European Commission, EuroISPA shares some key concerns, open questions and requests for clarification on the implementation of the e-Evidence Regulation and Directive, in anticipation of the upcoming implementing acts and the operationalisation of the decentralised IT system.

  • Clarify legal scope and applicability: EuroISPA calls for clear guidance on how the Regulation and Directive apply to service providers operating only within one Member State, especially to ensure legal certainty for smaller companies.
  • Ensure technical security and process integrity: Mandatory end-to-end encryption (E2EE), verified authentication of issuing authorities and provider-specific input fields are essential to safeguard data and streamline operations.
  • Define realistic implementation timelines: EuroISPA stresses the need for a clear roadmap, adequate lead times and technical support to avoid delays and operational disruptions during the transition to the decentralised IT system.
  • Provide fair and transparent cost reimbursement: The framework should cover both initial and ongoing compliance costs, with harmonised, accessible mechanisms for service providers to recover expenses and enforce payment.
  • Anticipate and manage request volumes: The Commission should publish request volume forecasts and engage continuously with ISPs to prepare for potential surges in legal data access requests.
  • Uphold fundamental rights: Strong safeguards, data minimisation, procedural clarity and full transparency must be upheld throughout implementation, especially to prevent over-reliance on emergency measures.

Read the full letter to the European Commission here.

EuroISPA Contribution to the Cybersecurity Act Review

/in ,

EuroISPA contributed to the online survey of the European Commission on the Cybersecurity Act, emphasising on the following considerations:

  • Preserve a technical focus in certification: Cybersecurity certification schemes should remain strictly technical, avoiding political or sovereignty-based criteria to maintain neutrality, credibility, and cross-border interoperability.
  • Reinforce ENISA’s role: ENISA should have a stronger mandate to harmonise standards across the EU, promote international standards, and ensure transparency and stakeholder involvement in certification development.
  • Simplify and harmonise regulatory frameworks: The CSA should align with other EU regulations (like NIS2, CRA, GDPR, DORA), introducing unified reporting thresholds and single incident-reporting points to reduce overlapping obligations.
  • Support SMEs with proportionate compliance: SMEs should be allowed to use simplified, self-declared compliance processes to avoid excessive regulatory burdens that could hinder their participation in the digital economy.
  • Exclude internal-use tools from certification: Software and tools developed in-house and not marketed externally should be exempt from certification, unless used in critical infrastructure, to prevent unnecessary regulation.
  • Protect open-source and small-scale developers: The CSA must account for the vital role of open-source and small developers by ensuring certification schemes are affordable, inclusive, and supportive of innovation and diversity.

Read more here.

EuroISPA General Meeting in Paris: a recap

/in , ,

Paris, June 16-17, 2025

Earlier this week, the EuroISPA community travelled to Paris for the second General Meeting of the year, bringing together our members, Board Officers and Secretariat, kindly hosted by our French member Fédération Française des Télécoms (FFT).  

Between committee updates, policy discussions, guest speakers, and strategy sessions, it was truly a pleasure to meet and work together to shape the future of the Internet, discussing on the most pressing issues and priorities and how our unique association can tackle them.  

We were delighted to host a roundtable discussion with experts from the Council of Europe on the Second Additional Protocol to the Budapest Convention, which aims to enhance cooperation on cybercrime and improve the ability of criminal justice authorities to collect electronic evidence. Big thank you to the CoE representatives who joined us for this fruitful exchange:  

Pedro Verdelho, Chair of the Cybercrime Convention Committee (T-CY) 

Jan Kralik, Programme Manager, T-CY 

Jutta Dinca, Programme Manager, CyberSPEX 

We also had the pleasure of welcoming high-level speakers from the Frech regulatory landscape, with whom our members had the opportunity to discuss and debate on relevant matters for the internet industry: 

•  Benoît Loutrel, Board member of the French Regulatory Authority for Audiovisual and Digital Communication (Arcom) on the implementation of the Digital Services Act and regulation of platforms 

•  Sandrine Elmi Hersi, Head of Unit at the French Regulatory Authority for Electronic Communications, Postal Services and Print Media Distribution (Arcep) on the eco-design of digital services, including data centers and AI 

The agenda included as usually exchanges on relevant updates at national level, as well as agreeing and joining forces for the strategic way forward for current topics of attention in our Committees’ work: 

📌 the Online Content Committee, tackling in particular the way forward on the Digital Services Act guidelines on the protection of minors, Piracy, Copyright and the Digital Fairness Act; 

📌 the Data Economy Committee, strategically focusing on the central topic of Data Retention and ProtectEU Strategy, the GDPR simplification and IV omnibus package and the state of play of the AI Act implementation; 

📌 the Cybersecurity & Infrastructure Committee, setting the agenda for relevant initiatives ahead such as the Cyber Blueprint, the energy data centre rules and the Digital Networks Act. The committee also adopted a EuroISPA letter to be sent to the European Commission on e-Evidence, a central topic for our association. 

You can read more about the work of our Committees here

Last but not least, following a strong collaborative effort and thoughtful deliberation, EuroISPA members have adopted the EuroISPA Vision 2024–2029. This document outlines key priorities and forward-looking recommendations for the new mandate and will be published on our website soon. 

In general, EuroISPA’s work on current relevant public consultations and positioning is thriving, therefore stay tuned for more updates and upcoming positions on our website and LinkedIn channel! 

Thank you to all our members who participated actively in the discussions and to our guest speakers for providing valuable insights. 

The next EuroISPA General Meeting will be held in Brussels in November – already looking forward to meeting our members again! 

EuroISPA’s contribution on Data Retention

/in ,

EuroISPA contributed to the Call for Evidence of the European Commission on Data Retention.

Read more here

EuroISPA’s contribution to the Targeted Public Consultation on the Guidelines for the Protection of Minors under the Digital Services Act (DSA, Article 28)

/in ,

EuroISPA contributed to the online survey of the European Commission on the guidelines on protection of minors online under the Digital Services Act.

In addition to the answers provided in the online survey of the European Commission, EuroISPA would like to emphasise on the following keypoints:

  • The non-binding nature of guidelines: The DSA guidelines should remain advisory and not introduce new legal obligations, ensuring flexibility for platforms to implement tailored, technology-neutral solutions.
  • The flexible age assurance methods: Platforms should retain freedom to use a variety of proven age verification tools, including AI and self-declaration, without mandating intrusive or identity-revealing systems.
  • The clear boundaries between DSA Articles 28 and 34: Guidelines should avoid overlapping obligations between general safety measures for minors and the specific risk assessments required of Very Large Online Platforms (VLOPs).
  • The enhanced minors’ rights in parental controls: Platforms should provide minors with safeguards and complaint mechanisms against misuse of guardian tools, and support account-based parental controls for better, remote, and consistent protection.
  • The EU-level parental control framework: A harmonised EU framework for parental control tools is needed to ensure consistency, foster innovation, and avoid market fragmentation across Member States.

Read more here.

Joint industry statement on the Digital Fairness Act: A call for competitiveness-driven policy

/in ,

EuroISPA, together with other industry associations, is urging the European Commission to maintain a targeted, evidence-based approach when considering further regulatory interventions; to undergo a thorough assessment of the potential impact on the economy and businesses before introducing further regulatory measures; and to explore alternative avenues, such as improving enforcement of European consumer protection rules.

Read the joint statement

The e-Evidence Regulation and its fundamental changes for cross border interaction between agencies and service providers

/in , ,

Criminal investigations nowadays rely heavily on digital evidence, which is often stored by service providers in other EU member states. To access such evidence, law enforcement agencies currently need to request legal assistance from the authorities in the service provider’s member state. While this is an established process, it can lead to delays and potential loss of evidence.

Regulation (EU) 2023/1543 (“e-Evidence Regulation”) aims to change this. Once in effect, authorities in EU member states will be able to issue production orders for certain data and preservation orders directly to service providers in other EU member states, without requiring their own national authority to act as an intermediary. Service providers will be legally required to produce or secure the requested data, facing significant administrative penalties if they fail to comply. However, for certain categories of data, the authorities in the service provider’s member state may object to the order, but only based on specific grounds for refusal.

The e-Evidence Regulation applies to a wide range of service providers, including electronic communication services, IP and domain name services, and various other information society services. Since the regulation does not exempt small service providers, all companies, regardless of size, must comply and establish the necessary procedures to receive, process, and respond to orders.

To facilitate secure communication between authorities and service providers, the European Commission is currently developing a decentralised IT system. This system is being designed in close collaboration with industry experts, including EuroISPA, to ensure that service providers’ expertise is considered.

The regulation will take effect on August 8, 2026. Before then, member states must designate their competent authorities, and the European Commission must adopt implementation acts for the decentralised IT system. However, several open questions remain, particularly concerning the regulation’s scope, the specific obligations of service providers, and the interaction between the decentralised IT system and similar national systems. Addressing these issues is essential to ensure the smooth implementation of e-Evidence.

Stefan Ebenberger

Secretary General of ISPA Austria

EuroISPA Contribution to the Recommendation on combating online piracy of sports and other live events

/in ,

EuroISPA contributed to the Call for Evidence aimed at assessing the Recommendation on combating online piracy of sports and other live events.

Key positions for EuroISPA :

  • Expansion of the “Know Your Business Partner” principle
  • Caution against the setting up of removal obligations for intermediaries within timeframes that prevent proper examination of disputed content
  • Measures against over-blocking as a way of tackling online piracy
  • The need to maintain a safe and open Internet
  • Cost reimbursements for service providers in burdensome cases
  • Implementation of DSA in priority

Read more here.

Joint industry call on the European Internal Security Strategy (ProtectEU)

/in ,

EuroISPA, together with other industry associations, is calling the European Commission to address concerns around the impact that the European Internal Security Strategy (Protect EU) would have on end-to-end encryption. 

The Internal Security Strategy’s focus on encryption will harm the use of end-to-end encryption in Europe, leaving all Europeans less safe.

Read the joint statement

Contact details

EuroISPA

38, Rue de la Loi
1000 Brussels

+32 2 789 6618

[email protected]

General contact information | Privacy policy