Acm.nl uses cookies to analyze how the website is used, and to improve the user experience. Read more about cookies

Dutch regulators urge faster action on digital autonomy

Summary

  • ACM, AFM, AP, DNB, and RDI present recommendations to the Dutch government, the corporate sector and IT service providers to strengthen digital autonomy.
  • The regulators note that reliance on a select group of IT service providers poses risks.
  • They invite businesses and organisations to get in touch if they have any questions about the recommendations. 

Businesses procuring IT services should join forces more often, as this is key to strengthening their digital autonomy. Public authorities and businesses should make digital autonomy a core consideration in their procurement decisions, helping to drive the development of European digital services.

These are the key recommendations made by the Netherlands Authority for Consumers and Markets (ACM), the Dutch Authority for the Financial Markets (AFM), the Dutch Data Protection Authority (AP), De Nederlandsche Bank (DNB) and the Dutch Authority for Digital Infrastructure (RDI) in their report ‘Towards digital autonomy’. In it, they call on businesses and public authorities to accelerate the transition towards greater digital autonomy. The report was presented today to Willemijn Aerdts, Minister for the Digital Economy and Sovereignty.

The regulators note that reliance on a select group of IT service providers poses risks to the continuity of digital services for citizens and businesses. Disruptions, cyber incidents and geopolitical developments can have major consequences for the businesses, governments and society at large. Heavy reliance on a small number of non-European service providers also restricts freedom of choice and makes switching providers costly and complex.

Greater digital autonomy means giving organisations that use IT services more freedom of choice and control, with the aim of increasing their resilience. Rather than full technological independence, this requires a more open IT architecture and decision-making that support collaboration between different IT service providers, facilitate switching and promote competition.

To strengthen digital autonomy, the regulators have presented a number of recommendations to the Dutch government, the corporate sector and IT service providers:

  • The government can act as a driving force by pooling demand for European digital services and acting as a launch customer.
  • Public authorities and businesses should make digital autonomy a key consideration when procuring IT services. This can be achieved, for example, by requiring the use of open standards, interoperability and support for switching providers.
  • Businesses could collaborate within their sectors and act as launch customers for sector-specific IT services. Competition rules provide ample scope for such collaboration.
  • IT service providers could collaborate more closely to develop robust European alternatives that contribute to greater freedom of choice and increased digital resilience.

The regulators’ call is in line with the wider trend towards stronger management of digital risks. DORA and the new Cyber Security Act transposing the NIS2 Directive into Dutch law, which will enter into force on 15 August, also emphasise the need to manage supply chain risks and bolstering the resilience of essential and important entities. Reducing unwanted dependencies and increasing options for switching providers can make a significant contribution in this regard.

With their shared vision, ACM, the AFM, the AP, DNB and the RDI aim to contribute to a digital infrastructure in which businesses and public authorities have greater control over their IT systems and in which resilience, continuity and security are paramount. They invite businesses and organisations to get in touch if they have any questions about the recommendations. 

See also

Back to top