Skip to Content

Cybersecurity & Standards, European Policy, Open Internet

Telecoms regulators Lay Down Strong Guidelines for Implementing EU Net Neutrality Rules

The Body of European Regulators for Electronic Communications (BEREC) – the regulatory agency in the EU for telecommunications – has published its final guidelines for implementation of the Telecoms Single Market (TSM) Regulation on Open Internet access. The guidelines firmly cement the principle non-discrimination of internet traffic while at the same time granting flexibility for effective network management, and innovation in business models and technology.  

BEREC’s guidelines are designed to provide a consistent framework for national regulatory authorities (NRA’s) in all EU Member States. They provide the necessary detail to ensure that the principles set out in the TSM regulation can be implemented in practice. A broad range of industry and civil society groups, including CDT, have been working to make sure the details of the guidelines reflects the spirit of the legislation.

CDT made a number of suggestions for improvements to the draft guidelines that BEREC put out for consultation in June. Overall, we thought that the draft provided a very strong framework, but we recommended clarifying rules around data bundling, content monitoring, and NRA assessment of commercial practices.

It is clear that BEREC listened carefully to stakeholder feedback in producing its final set of guidelines. There have been a number of changes to the final version that, taken in their entirety, make the guidelines a strong tool for effective enforcement of the TSM Regulation. Some of the more significant changes are highlighted below.

Data Bundling

CDT called on BEREC to clarify that while the Regulation permits offering free (or subsidised) access to an application for a user, it does not does not permit offering free (or differently priced) data for that application. That is to say, a bundled offer may subsidise an application’s subscription price, but not the data usage associated with that application. We are pleased that BEREC has amended paragraph 36 of the final guidelines to make this clear.

User Choice

BEREC rejected calls from ISPs to remove a section in the draft guidelines which makes it clear that users have the freedom to determine which ‘terminal equipment’ they use to connect to an internet access service. CDT strongly supported this user choice enhancing provision and we welcome its continued inclusion in the final guidelines.


BEREC reaffirmed that discrimination based on whether or not traffic is encrypted is not consistent with the Regulation: despite arguments from ISP’s that the provisions preventing them from treating encrypted traffic differently should be removed or amended.

Content Monitoring

In our submission we argued that the exemptions from content monitoring restrictions required more stringent safeguards. In particular, we thought that the security exemption was too weak and could be used to continuously monitor traffic, circumventing the regulation.

In response, BEREC has amended the guidelines to clarify that; “when security measures have to be active on a continuous basis in order to achieve their purpose (such as filtering of spoofed IP addresses), such measures should be deemed to be justified.”  They also clarified that security measures could “be applied only when ‘concrete’ security threats are detected.”.

Commercial Practices

In our submission we noted that the draft did not provide sufficient clarity for NRAs to determine whether user rights had been infringed by commercial practices such as zero-rating. Our concern was that this could make it more difficult for NRA’s to take action against practices that are harmful to users.

BEREC reviewed the criteria it uses in the guidelines and updated them to clarify that the regulation foresees intervention by NRAs if it appears users’ choice could be being materially reduced, but also “in other cases that could qualify as a limitation of the exercise of the end-users’ rights”.

Overall, CDT believe that BEREC’s guidelines give NRAs a strong set of  tools to safeguard the internet as an open platform for innovation, entrepreneurship, and free expression throughout the European Union. These rules should serve as inspiration for policy making in other parts of the world.