This article is related to:

Requirements for telecom providers

This information is provided by

Netherlands Enterprise Agency, RVO

In the Netherlands, providers of public telecommunications networks or telecommunications services, such as landline or mobile telephony, internet access, email or internet telephony, must meet a number of continuity and safety requirements.

Registering with the ACM

Do you provide telecom services in the Netherlands? You must register with the Authority for Consumers and Markets (ACM, in Dutch). If you only engage in activities on behalf of a registered telecom provider you do not need to register.

Solving and reporting interruptions or failures

You must make sure your services and networks are always functional and do not break down (continuity responsibility). If there is a technical failure or an electricity network outage, you need to do everything in your power to restore your services. You describe the measures you take if this happens in a continuity plan (continuïteitsplan, in Dutch). You must appoint an officer responsible for execution of the measures. If a part of your network or service fails nonetheless, you must report the failure (continuity reporting duty) to the Radiocommunications Agency (Agentschap Telecom, in Dutch). You must make sure the emergency number 112 can be reached at all times.

Compensation in case of interruptions

If there is a technical failure you must compensate you customers. Compensation is mandatory (in Dutch) for interruptions that last longer than 12 hours. This compensation is related to the monthly subscription fees. You can choose the type of compensation yourself. You can choose for instance to give extra call credit or refund a part of the subscription costs. Your customer must however have agreed to this. You include the compensation arrangement in your general terms and conditions.

Security of communication data

You must protect telecommunications data. You should record the way you protect the data in a safety plan (in Dutch). There are minimum requirements you have to fulfil. You record for instance which staff members have access to these data, how you have secured your building and give information on the access security of the systems. Employees who have access to sensitive data must have a certificate of good conduct (VOG). You as the owner/manager also need a VOG.

Protecting privacy

You have to delete or anonymise traffic and location data as soon as these are no longer needed for the conveyance of a communication. These are privacy sensitive data. You are allowed to use these data for business purpose. You must however let your subscriber or user know for how long and which data you process. Do you want to use privacy sensitive data for for instance market research? You must have you subscriber’s or user’s consent before you start processing the data. Subscribers and users must be able to revoke their consent easily.

Data leak

Did you experience a security breach where personal data has been leaked? You must report this to the Dutch Privacy Authority (DPA, in Ducth)

Submitting client details

Judicial authorities and intelligence and security services may request information about one of your clients. You may also receive a request for the wiretapping and handing over of telephone communications for criminal investigations. This request is made by the public prosecutor or head of the General Intelligence and Security Service (AIVD).

Net neutrality

Providers of public telecommunications networks or telecommunications services in the Netherlands may not delay or block competitive telephone or internet services and applications, such as Skype, WhatsApp or Viber. They are not allowed to charge extra money for these services and applications either. This is called net neutrality.

They may however use internet traffic management systems to ensure that their networks operate efficiently. This means for instance they can restrict or ration traffic on their networks or give priority to some types of traffic over others during peak periods or generally, as long as these measures are transparant, proportionally, non-discriminatory and not based on commercial interests.

Reporting takeovers

You are not allowed to sell you telecommunications company to an unreliable, untrustworthy or criminal company. Such a party also cannot have power of control in your company. To secure continuity and reliability of service and to safeguard public interests the government can prohibit or reverse such a takeover. This concerns takeovers of:

  • suppliers of telephone and internet services with more thah 100,000 Dutch users
  • hosting services with more than 400,000 domain names
  • internet hubs with more than 300 autonomous connected systems
  • data centres with an electric capacity of over 40 megawatts (MW)
  • certification services

Any party wanting to purchase Dutch telecom facilities, should report first to the Ministry of Economic Affairs and Climate Policy (Ministerie van Economische Zaken en Klimaat, EZK)

Dispute resolution

If you as a telecom provider think another telecom provider does not meet the legal requirements, you can ask the Authority for Consumers & Markets (in Dutch) to decide on the issue. This is called dispute resolution (geschilbeslechting).

This article is related to:

This information is provided by

Netherlands Enterprise Agency, RVO