EU Policy

Not one ccTLD is like another. In Europe, registry operators vary considerably in business model, ownership, size and, correspondingly, relations with their governments. By nature, ccTLDs have strong links with their local internet communities, often reflected in their terms and conditions. ccTLDs are mainly governed by national law. Yet, a number of European policies impact their daily operations, in particular: cybersecurity, liability, and data protection.


CENTR and its members are committed to an open, reliable, robust internet infrastructure embedded in a sound and balanced internet ecosystem.


CENTR strives to be the voice of the domain name system (DNS) community in at EU-level, the centre of intelligence and reliable partner on all things related to the DNS.

Policy Objectives

In their dealings with EU policy-makers, CENTR and its members pursue the following policy objectives.

  1. Sustain the diversity of the DNS ecosystem
  2. Maintain a level playing field among all the actors in the domain name system (DNS)
  3. Adherence of policy-makers to the principles of subsidiarity and proportionality


CENTR provides members with a platform to exchange information, experiences and good practices. Members meet two to three times a year in different working group (WG) constellations. In-between meetings, WGs keep discussing issues and sharing information related to security, administration, legal and technical issues as well as marketing and R&D. At its two general assemblies per year, members update each other on recent developments of technical, strategic and policy nature.

What policies are important to ccTLDs?

ccTLD registry operators are mainly governed by national law. Yet, a number of European policies impact their daily operations, in particular security, data protection & privacy, and consumer protection. However, other (non)legislative and standardisation initiatives, both at European and international levels, also play a role.

CENTR and its members are committed to an open, reliable, robust internet infrastructure embedded in a sound and balanced internet ecosystem. In order for Europe’s society and economy to benefit from and thrive on the internet’s power to connect people, facilitate exchange of goods and services, and enable innovation, CENTR’s membership is convinced that the following policy objectives need to be met:

  1. Sustain the diversity of the DNS ecosystem
  2. Maintain a level playing field among all the actors in the DNS
  3. Have policy-makers adhere to the principles of subsidiarity and proportionality

More concretely…

1. The DNS ecosystem consists of many actors at different levels of the internet. What the users “see” is only a small part of it, and usually it is the content. However, only a few of these actors are actually involved in the production, dissemination or making available of content. Their day-to-day business is to operate the underlying infrastructure and processes that pave the way for content to become accessible. In terms of policy-making, it is important to keep in mind that these actors vary considerably in size and function. Vaguely defined policy objectives, an unclear scope or heavy and burdensome requirements bear the risk of overreach, collateral damage, or unwanted market consolidation. In some cases, they can infringe on fundamental rights of both users and businesses.

2. Open competition is one of the cornerstones of the EU’s success as an economic zone. In order to ensure that competition remains fair, it is important to make sure that all actors that operate within the EU, provide services within the EU or handle EU data are subject to the same rules and conditions. Organisations that are established within the EU should not be subject to rules that do not apply to organisations that are based outside but do business within the EU. Conversely, EU-based organisations should not be subject to burdensome regulation that prevents them from competing on the international market. In this respect, it is also crucial that European policy or standardisation efforts do not duplicate or contradict efforts at international or global level.

3. It is in the nature of some organisations, such as ccTLD registry operators, to have strong local ties and a local focus. In some cases, this is for historical reasons, in others it is strongly related to language. ccTLDs are largely governed by national law or not subject to a particular regulation, as it is their local internet community that guides their operations. Shifting regulation to a level that does not take into account the organisation’s local roots threatens to break these ties. Most ccTLD registries have successfully managed and operated their TLD for decades. This is due to their constant efforts to keep their systems and networks secure and reliable, as well as their policies and actions transparent. Well-meant requirements to improve security are likely to result in administrative burden without actually reducing risk. 


The security of networks and information systems is at the core of every registry and essential to the functioning of the domain name system. The commitment of CENTR members to a resilient, stable and secure internet is the key of their success. As a major building block of the internet’s infrastructure, ccTLD registries are a trust partner to all other actors in the internet ecosystem. CENTR members share information on security risks and good practices to solve or avoid incidents. Registries collaborate closely with their national CERT, some of them being part of or hosting the CERT.



A ccTLD registry administers and operates the registration of internet domain names under a specific top-level domain. As a technical operator, it is not related to the content on a website that operates under a specific domain. Blocking access to content at ISP-level is often seen as an effective, low-cost means, yet its technical, indiscriminate impact on the underlying DNS and the access to services it provides are often underestimated (CENTR paper).

Freedom of expression

In principle, any domain name is available for registration unless it contradicts national law. Consequently, cases where the domain name itself is illegal (e.g. a racist domain name) are rare. The same is true for domain names that contain misleading advertisement.


Registered trademarks are also protected online, i.e. also in the domain name sphere. Therefore, even where a trademark owner has not registered a related domain, the trademark is still protected. Trademark infringements are normally settled using alternative dispute resolution (ADR) mechanisms. Where such trademarks are registered in bad faith (so-called cyber-squatting), these cases are referred to courts or case law.

Data protection

The DNS associates various types of information (records) with a domain name. They are needed to translate domain names into IP addresses. When someone types a URL into the browser, this “query” is matched against and “answered” by its database using the WHOIS protocol. The more easily memorisable domain name is then translated into a numerical IP address. A DNS database therefore holds a lot of technical data, however, also some personal data, which is needed to identify the holder of the domain and determine its availability for registration.