Home / News

The Impact of the NIS2 Directive’s Article 28 on the DNS Industry

The European Union’s Network and Information Security Directive (NIS1), introduced in 2016, aimed to strengthen cybersecurity among Member States. However, market fragmentation and growing digital threats led to the enactment of the NIS2 Directive. Effective from January 2023, NIS2 broadens NIS1’s scope, introducing cybersecurity frameworks, national strategies, incident response teams, and risk management protocols. Member States have until October 2024 to incorporate NIS2 into national law.

DNS Industry impacts: Article 28 of NIS2 significantly impacts the domain name ecosystem, involving stakeholders like domain name registrars and DNS service providers. It mandates accurate collection and maintenance of domain name data, public disclosure of non-personal registration data, and strict adherence to EU data protection law. The industry faces challenges, including compliance with swift incident responses and public data disclosure policies and ensuring collaboration to prevent data duplication.

Compliance challenges: The DNS industry is navigating challenges in aligning with Article 28 of NIS2. These include varying verification procedures across EU Member States and adjustments needed for businesses to meet NIS2 guidelines. Uncertainties remain regarding the Directive’s coverage, jurisdiction issues, and requirements for non-EU entities providing services in the EU.

The industry collaboration and response: In anticipation of the ICANN78 meeting, eco—Association of the Internet Industry organized a workshop to address Article 28’s implications for the DNS industry. The event gathered stakeholders, the European Commission, national governments, and the ICANN community to discuss challenges and develop unified responses to NIS2’s regulatory impact. Thomas Rickert of the eco Association emphasized the industry’s collective responsibility in adapting to these changes.

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under


US Needs to Follow the EU's Lead and Enact Legislation to Fix the Dark WHOIS Issue Rick Lane  –  Dec 13, 2023 5:53 AM

It is a shame that after over 5 years of ICANN’s decision to allow WHOIS to go dark, the US Congress and Biden Administration have yet to enact legislation following the EU’s lead to protect US cybersecurity, children, and consumer privacy. Instead, the Dept of Commerce and NTIA are trying to make the .US ccTLD go Dark (https://lnkd.in/eGrp7ED4
). Studies have shown the .US already has the most domain name abuse/cybersecurity risk of any ccTLD, outpacing China (.cn) and Russia (.ru) country codes.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet




Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC


Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API