Digital Networks Act (DNA) | Updates
What is the Digital Networks Act (DNA)?
According to Thierry Breton, European Commissioner for Internal Market, the Digital Networks Act (DNA) is a bold, future-oriented, game-changing Act that will redefine the DNA of the EU telecoms regulation. He added that getting it right will require vision, boldness and time. The task will not be easy but – as the EU has done on other game-changing proposals – the EU will not shy away from doing what is needed to achieve a paradigm shift in digital regulation.
The Digital Networks Act (DNA), proposed by the European Commission, marks a groundbreaking reform of the European Union’s telecommunications regulations, ensuring they keep pace with the evolving digital landscape, where technological leadership is a critical geopolitical priority.
The DNA emphasizes the development of cutting-edge digital network infrastructures as the foundation for a thriving digital economy and society. This includes ensuring secure and sustainable digital infrastructures, which are pivotal for applications like telemedicine, smart agriculture, and real-time monitoring of goods.
The Act seeks to restore balance in the internet ecosystem by addressing the dominance of large content providers, and ensuring sustainable investments in network infrastructures. This involves creating a level playing field that allows new business models to emerge, and fosters innovation within the European digital market.
January 20, 2026 - Proposal, Regulation Digital Networks Act (DNA)
The European Commission proposed the Digital Networks Act (DNA) to modernise, simplify and harmonise EU rules on connectivity networks.
Next step: The proposal will be presented to the European Parliament and the Council for approval.
January 20, 2026 - Proposal, Regulation Digital Networks Act (DNA)
Article 1, Subject matter.
1. This Regulation establishes rules for the provision of electronic communications networks, electronic communications services, associated facilities and associated services, the strategic planning and management of radio spectrum and certain aspects of terminal equipment.
2. This Regulation also establishes a governance framework for the electronic communications sector composed of the national regulatory and other competent authorities, the Body of European Regulators for Electronic Communications (‘BEREC’), the Radio Spectrum Policy Body (‘RSPB’), and the Office for Digital Networks (‘ODN’), laying down the tasks of BEREC, the RSPB and the ODN as well as those of national regulatory authorities and, where applicable, of other competent authorities, and establishes a set of procedures for the application of the relevant legal framework throughout the Union.
According to Article 2, electronic communications network means transmission systems, whether or not based on a permanent infrastructure or centralised administration capacity, and, where applicable, switching or routing equipment and other resources, including network elements which are not active, which permit the conveyance of signals by wire, radio, optical or other electromagnetic means, including satellite networks, fixed and mobile networks, electricity cable systems, to the extent that they are used for the purpose of transmitting signals, networks used for radio and television broadcasting, and cable television networks, irrespective of the type of information conveyed.
Electronic communications service means a service normally provided for remuneration via electronic communications networks, which encompasses, with the exception of services providing or exercising editorial control over content transmitted using electronic communications networks and services, the following types of services:
(a) internet access service;
(b) interpersonal communications service;
(c) services consisting wholly or mainly in the conveyance of signals such as transmission services used for the provision of machine-to-machine services and for broadcasting.
The Mission Letter for the Digital Networks Act (DNA).
A mission letter from the President of the European Commission is a formal document sent to EU Commissioners upon their appointment. It outlines their key priorities, objectives, and responsibilities for their term, aligning with the Commission’s broader strategic agenda.
In the mission letter given to Henna Virkkunen, Executive Vice-President-designate for Tech Sovereignty, Security and Democracy, we read:
"I want you to take forward the Commission’s work to improve access to secure, fast, and reliable connectivity, as part of a broader strategy for connected collaborative computing. To this end, you should work on a new Digital Networks Act to help boost secure high-speed broadband, both fixed and wireless. You should incentivise and encourage investments in digital infrastructure, taking into account responses to the Commission’s White Paper of February 2024."
The Digital Networks Act (DNA) in the Commission work programme 2025.
The European Commission plans to propose the DNA legislation in the fourth quarter of 2025, as indicated in its annual work program.
21.2.2024 - European Commission, white paper explaining the need for the Digital Networks Act (DNA): "How to master Europe's digital infrastructure needs?"
According to the white paper, a cutting-edge digital network infrastructure is the foundation for a flourishing digital economy and society. Secure and sustainable digital infrastructures are one of the four cardinal points of the EU’s Digital Decade Policy Programme 2030, one of the main priorities of the current Commission. It is also at the heart of citizens’ interest, who made several digital-related proposals in the context of the Conference on the Future of Europe. Without advanced digital network infrastructures, applications will not make our lives easier, and consumers will be deprived of the benefits of advanced technologies.
Only with the highest performance of such infrastructures, for example, will doctors be able to care for patients at a distance rapidly and safely, drones be able to improve harvests and reduce water and pesticide use, while connected temperature and humidity sensors enable real-time monitoring of the conditions in which fresh food is stored and transported to the consumer.
There are also many examples across the economy of how enterprises need advanced connectivity and computing infrastructures for the processing of data closer to their operations and to their customers, to use or provide innovative applications and services. This is especially important for applications that require real-time data processing, such as Internet of Things (IoT) devices, autonomous vehicles, and smart grids, as well as to reduce latency for applications related to predictive maintenance, real-time monitoring, and automation, leading to more efficient and cost-effective operations.
Advanced digital network infrastructures and services will become a key enabler for transformative digital technologies and services such as Artificial Intelligence (AI), Virtual Worlds and the Web 4.0, and for addressing societal challenges such as those in the fields of energy, transport or healthcare and for supporting innovation in creative industries.
Recent geopolitical developments highlighted the importance of security and resilience of infrastructures against both human-made and natural hazards, as well as the complementary role of terrestrial, satellite and submarine connectivity solutions, for uninterrupted availability of service under all circumstances. In a rapidly changing security landscape, a strategic Unionwide approach to security and resilience of critical digital infrastructures is essential for the EU’s economic security, building on the solid existing legislative framework, notably the NIS2 Directive, the Directive on the resilience of critical entities and the Council Recommendation on a Union-wide coordinated approach to strengthen the resilience of critical infrastructure.
Against this background, this White Paper identifies challenges and discusses possible scenarios for public policy actions, such as a possible future Digital Networks Act, that aim to incentivise building the digital networks of the future, master the transition to new technologies and business models, meet future connectivity needs of all end-users, underpin competitiveness of our economy and ensure secure and resilient infrastructures and the Union’s economic security as reflected by the common commitments of the EU Member States in the Digital Decade Policy Programme.
The Cyber Resilience Act (CRA), which is set to enter into force later this year, will contribute significantly to securing EU’s digital infrastructure. It places security-by-design obligations on the manufacturers of hardware and software products, covering the entire life cycle of such products from their design and development to their maintenance.
The CRA not only covers many of the products deployed in digital infrastructures, such as routers, switches or network management systems, but also requires the manufacturers of connectable hardware and software products at large to protect the confidentiality and integrity of data by state-of-the-art means. This could entail, where appropriate, the use of quantum-resistant cryptography.
10 October 2023 - European Commission, results of the exploratory consultation on the future of the electronic communications sector and its infrastructure.
The exploratory consultation on the future of the electronic communications sector and its infrastructure ran from 23 February to 19 May 2023.
The exploratory consultation consisted of 62 questions, both “closed” (multiple choice questions which allowed the respondent to also add other answers, and to explain the choice), and “open” ones (free text) covering 4 areas:
- (i) technological and market developments,
- (ii) fairness to consumers,
- (iii) barriers to the single market, and
- (iv) fair contribution by all digital players.
The European Commission received 437 responses to the consultation and 164 position papers. 108 contributions were submitted by companies, 87 by business associations, 124 by citizens (114 by EU citizens and 10 by non-EU citizens), 47 by non-governmental organisation (“NGOs”), 16 by research / academic institutions, 14 by consumer organisations and 5 by trade unions. In addition, 17 public authorities provided feedback, representing a mix of bodies with different scope, such as European, national, and regional/local authorities.
The aim of the exploratory consultation was to gather data and views on the technological and market developments, measures regarding fairness for consumers, barriers to the Single Market and the question regarding a fair contribution by all digital players benefitting from the digital transformation.
As a global tech race is taking place, Europe has thrown its hat into the ring with the regulatory framework and investments needed to foster innovation and technological leadership in areas such as online platforms, AI, data, cloud, quantum and virtual worlds.
For this technological revolution to succeed, we need to ensure that our networks are up to the task in terms of transmission speed, storage capacity, computing power and interoperability.
This is why we have consulted broadly on the infrastructure and investments required for our digital networks to support this tech revolution.
The answers of the consultation that we publish today provide the perspectives of telecom providers, broadcasters, cloud service providers and platforms, business associations, consumer organisations, citizens, non-governmental organisations, public authorities, trade unions and academics.
There are the three main take aways:
Takeaway 1: We need innovation and efficient investment
The overall feedback from the consultation is clear: network virtualisation, edge cloud, artificial intelligence and open networks are new technologies that will have a significant impact on the electronic communications sector. It is widely recognised that copper networks – originally designed for telephone calls – will have to give way to new infrastructures capable of transmitting not just a few kilobits or megabits of data per second, but gigabits and soon terabits (or even petabits) of data per second. We are talking about new software-based, highly programmable, cloud-native networks. The consultation feedback is clear: this transformation will have a significant impact on business and regulatory models, skills, infrastructures, security of vendors and of course investments.
The majority of respondents to the relevant question anticipate that, up to 50% of their annual revenues (which analysts currently estimate at around €300 billion per year for the EU telecoms sector) will have to be allocated over the next five years to meet the investment needs in connectivity infrastructure and replacement of high-risks vendors. Respondents consider that public funding is crucial to foster investments. Yet, views diverge on whether it will suffice to bridge the gap, and how to attract more private capital.
Several policy and funding initiatives have been put in place in the past years, including the Smart Networks and Services Joint Undertaking and the Alliance for Industrial Data, Edge and Cloud. Yet, to succeed in a fast-evolving landscape we need to ensure coherence and maximise the multiplier effect of EU actions on private investments, as we did for semiconductors under the Chips Act.
Takeaway 2: We need to leverage the Single Market to boost investment and innovation
The majority of respondents are clear: EU-wide regulatory streamlining and simplification can slash administrative costs and speed up infrastructure deployment. Among the examples provided, it is indicated that being able to operate on the basis of a single 5G core network across the EU, would result in benefits in the range of €200-300 million over the next five years. Moreover, most replies among telecom providers, platforms, business and consumer organisations indicate that a more harmonised approach to spectrum management would unlock larger market potential, making it easier to deploy cross-border services and driving investment and innovation.
It is clear from the respondents’ replies that exploiting economies of scale in the EU Single Market, and leveraging full access to 450 million European customers, would be key to overcome investment difficulties. The majority of the respondents agreed that the removal of obstacles, notably burdensome sectoral regulation, can facilitate cross-border consolidation and emergence of true Single Market.
Yet, the full integration of the telecoms Single Market is still hampered by the fragmentation of the sector into national markets. Public authorities’ input to the consultation confirms that achieving a unified regulatory approach that promotes fair competition and innovation remains a challenge.
Takeaway 3: We need to secure our networks
The third main element on which we see convergence of views among respondents is security. In the current interconnected world, with rising geopolitical tensions, we need to ensure full control over our decision-making processes in strategic sectors, such as connectivity, and avoid harmful external interference in our EU connectivity infrastructure.
The EU has come a long way in securing 5G networks, which are critical infrastructures in their own right. But there are important loopholes when it comes to securing our network infrastructure.
For example, on spectrum, respondents underlined that a more coordinated European approach could improve coverage at our national border zones and considerably strengthen the EU in cases of harmful interference from third countries at our external borders.
The results of this exploratory consultation gave us a direction on where to dig deeper and engage in a thorough reflection on how to unleash the Single Market for digital networks and make our connectivity more secure and future-proof.
This website is developed and maintained by Cyber Risk GmbH as part of its professional activities in the fields of risk management and regulatory compliance.
Cyber Risk GmbH specializes in supporting organizations in understanding, navigating, and implementing complex European, U.S., and international risk related regulatory frameworks.
Content is produced and maintained under the professional responsibility of George Lekatis, General Manager of Cyber Risk GmbH, a well known expert in risk management and compliance. He also serves as General Manager of Compliance LLC, a company incorporated in Wilmington, NC, with offices in Washington, DC, providing risk and compliance training in 58 countries.
Cyber Risk GmbH, some of our clients
