ACM becomes first government agency that can order SIDN to take down domain names

We welcome the change

Nothing is changing for some time yet, but from 17 January 2020 the ACM (and thus also the AFM) will have the power to order SIDN or a registrar to 'take down' a domain name. It will be the first government agency ever to have that authority. The change is a consequence of a European regulation, which comes into effect on that date. Implementing legislation is being prepared to set out how the system will work in practice, and a draft has recently been published for consultation. We have submitted our response, which you can read using the link provided here.

Regulation on Consumer Protection Cooperation

Dutch law is being changed in line with the EU's Regulation on Consumer Protection Cooperation, which requires consumer protection authorities in all member states to cooperate with requests from their counterparts to act against breaches of consumer rights. In practical terms, if an Italian consumer complains to their local consumer protection authority about a fraudulent webshop run from the Netherlands by someone Dutch and using a .nl domain name, the Italian authority can ask its Dutch counterpart to do something about the situation.

As well as laying down rules about cooperation amongst consumer protection authorities, the regulation specifies the minimum powers that such authorities should have to intervene. Those powers relate mainly to taking action in the first instance against the wrongdoer. However, such authorities must also be able to intervene with hosting service providers, registrars and registries.

We welcome the change

For the Netherlands, the new rules represent a significant change. Until now, no government agency (not even the police or the public prosecutor's office) has had the authority to issue orders concerning domain names. On the one hand, that's never really been a problem. After all, domain name-focused action is not a very effective way to tackle consumer rights issues and does not lend itself to careful targeting. It is at best a last-resort strategy for situations where all other approaches have failed. We nevertheless welcome the creation of this new power, because situations do arise where taking down a domain name is a reasonable course of action. At the moment, only we or the managing registrar can intervene on that level. However, it is often the case that neither we nor the registrar can adequately judge whether such action is justified.

Last resort only

However, it is important the ACM's new power is exercised only in the last resort. Furthermore, the intervention procedure must include adequate safeguards. In relation to the first of those points, we believe that the draft legislation leaves something to be desired. On the other hand, we do regard the proposed intervention procedure as providing appropriate safeguards: intervention will require approval by a judge, to whom the relevant registrar or SIDN will have the opportunity to present its case.

We therefore support the draft legislation in principle, but wish to see certain points revised. For details, see

our consultation response

. It is now a question of waiting to see how the legislative process unfolds.




Maarten Simon

Legal & Policy Advisor

+31 26 352 55 00

  • Monday 12 November 2018

    Internet security

    How to spot a fake URL


    Tips to spot a fake URL

    Read more
  • Tuesday 20 November 2018


    Plenty of scope for improving the government's on-line activities


    Government services less popular with smartphone users

    Read more
  • Wednesday 22 January 2020

    SIDN Labs

    SIDN Labs' experimental DoH server


    New system helps us keep abreast of how the DoH standard is developing. Give it a try!

    Read more


Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.