Skip to content
World Watch/Netherlands/Internet & Online Safety

Internet & Online Safety ยท Netherlands

Online safety in Netherlands: the EU Digital Services Act (2026)

Comprehensive lawEU Digital Services Act (Regulation (EU) 2022/2065) as implemented nationally by the Uitvoeringswet digitaledienstenverordening (DSA Implementation Act, in force 4 Feb 2025); enforced by the Netherlands Authority for Consumers and Markets (ACM) as Digital Services Coordinator, with the Dutch Data Protection Authority (AP) for profiling/data, plus the ATKM authority for CSAM and terrorist content online.Country index 93 ยท A+

Netherlands shaded by its internet & online safety status

Online safety rules in Netherlands: comprehensive law, under EU Digital Services Act (Regulation (EU) 2022/2065) as implemented nationally by the Uitvoeringswet digitaledienstenverordening (DSA Implementation Act, in force 4 Feb 2025); enforced by the Netherlands Authority for Consumers and Markets (ACM) as Digital Services Coordinator, with the Dutch Data Protection Authority (AP) for profiling/data, plus the ATKM authority for CSAM and terrorist content online..

The Netherlands applies the directly-effective EU Digital Services Act as its baseline online-content/online-safety regime, with a national implementation act (in force 4 February 2025) designating ACM as Digital Services Coordinator and the AP as co-supervisor for data/profiling issues. Separate national authorities and EU regulations cover terrorist content and child sexual abuse material online, while age-verification and a statutory social-media age limit remain at the proposal/development stage. Overall the country has a comprehensive, enforced framework rather than partial or restrictive controls.

The Digital Services Act in Netherlands

In Netherlands, online platforms and intermediaries are governed by the EU Digital Services Act (DSA), a directly-applicable regulation covering illegal content, transparency and user protection.

Framework
the EU Digital Services Act (Regulation (EU) 2022/2065)
Approach
notice-and-action on illegal content, transparency reporting, clear terms, and protection of minors
Applies to
online intermediaries, hosting services and platforms offering services to users in Netherlands, wherever established
Very large platforms
platforms and search engines with 45M+ EU users face extra systemic-risk audits, overseen by the European Commission
Maximum fine
up to 6% of global annual turnover
Oversight
the national Digital Services Coordinator, plus the European Commission for very large platforms

The DSA is an EU regulation applied directly in Netherlands; the national Digital Services Coordinator handles day-to-day supervision.

The Digital Services Act in Netherlands: FAQ

Does the Digital Services Act apply in Netherlands?

Yes. As an EU member, Netherlands is covered by the EU Digital Services Act (Regulation (EU) 2022/2065), which applies directly.

What does the DSA require of platforms in Netherlands?

Notice-and-action mechanisms for illegal content, transparency reporting, clear terms of service, and measures to protect minors.

Who enforces the DSA in Netherlands?

The national Digital Services Coordinator, with the European Commission supervising very large online platforms and search engines.

What are the penalties under the DSA in Netherlands?

Up to 6% of a provider's global annual turnover for serious breaches.

Key points

EU DSA + national implementation

The DSA applies directly; the Dutch DSA Implementation Act (Uitvoeringswet digitaledienstenverordening) entered into force on 4 February 2025, designating national supervisory authorities and giving them DSA enforcement powers. Platform liability follows the DSA's conditional-immunity / notice-and-action model.

ACM as Digital Services Coordinator

ACM is the designated Digital Services Coordinator and one-stop shop for complaints, with powers to investigate, inspect premises, requisition information and impose fines up to 6% of global turnover; obligations for VLOPs/VLOSEs remain the European Commission's exclusive competence.

Co-supervisor for data/profiling

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) is the second designated DSA supervisor, responsible for provisions on profiling and the use of personal data (e.g. advertising and recommender-system rules).

CSAM and terrorist content online

The Authority for the prevention of online Terrorist Content and Child Sexual Abuse Material (ATKM), established 2023, enforces the EU Terrorist Content Online Regulation (1-hour removal orders) and a national CSAM law; fines for hosting providers can reach 10% of turnover for repeated violations.

Enforcement priorities (minors focus)

For 2025 ACM prioritised getting platforms' basics in order (contact points, easy illegal-content reporting), scrutiny of the Netherlands' large web-hosting sector, and a study into the protection of minors online.

Age verification (proposed/developing)

Government guidelines recommend a minimum social-media age of 15, and the 2026 minority government has revived proposals for a statutory age limit with 'privacy-friendly' age verification; the Netherlands is exploring the EU age-verification app and its own NL ID-wallet rather than having a binding law yet.

Timeline - major decisions & events

Jan 30, 2026decision
ACM Opens DSA Investigation into Roblox Over Child Safety

The Netherlands Authority for Consumers and Markets launched a year-long investigation into Roblox's compliance with the Digital Services Act, examining whether the platform adequately protects minors from explicit content, predation, and deceptive purchasing mechanics. It follows ACM's โ‚ฌ1.1 million fine against Epic Games in 2024 and is ACM's first formal DSA probe of a gaming platform.

NL Times โ†—
Dec 5, 2025enforcementofficial
European Commission Issues First DSA Fine, โ‚ฌ120 Million on X (Twitter)

The European Commission imposed the first-ever DSA non-compliance fine on X for misleading 'blue checkmark' verification, an opaque advertising repository, and inadequate researcher data access; X launched a legal challenge at the EU's top court in February 2026. The ACM, as Dutch Digital Services Coordinator, published the decision for domestic audiences.

ACM โ†—
Feb 4, 2025lawofficial
Dutch DSA Implementation Act Enters into Force; ACM Designated Digital Services Coordinator

The Uitvoeringswet digitaledienstenverordening (Act 36.531), passed by the Dutch Senate on 28 January 2025, vested ACM with full supervisory powers under the DSA including fines up to 6% of global turnover; ACM had already received approximately 700 complaints since February 2024 regarding account suspensions and failure to handle illegal-content reports.

ACM โ†—
Jan 1, 2025incident
Childlight Report: Netherlands Hosts ~30% of Global CSAM

The Childlight Global Child Safety Institute's 'Into the Light Index 2025' found the Netherlands responsible for roughly 30% of global CSAM hosting and over 60% in Western Europe, with INHOPE-reported cases rising from 238,578 in 2023 to 1,332,792 in 2024; researchers cited the country's role as a global data-centre and internet-exchange hub as a structural driver.

Childlight Global Child Safety Institute โ†—
Feb 17, 2024lawofficial
EU Digital Services Act Fully Applicable to All Online Platforms

From 17 February 2024 the DSA applied to all digital intermediary services operating in the Netherlands, not just very large platforms, requiring transparent content moderation, illegal-content reporting mechanisms, and designated contact points; ACM published DSA guidelines for providers and began supervisory preparations ahead of the national implementation law.

ACM โ†—
Mar 1, 2019lawofficial
Computer Crime Act III, Police Gain Judicial-Authorised Remote Hacking Powers

Wet computercriminaliteit III (Staatsblad 2018, nr. 322) gave designated Dutch law-enforcement officers authority to covertly penetrate suspects' computers remotely, install investigative software, and render data inaccessible under judicial warrant; operational powers are centralised in the Digital Intrusion Team (DIGIT) and apply to offences carrying minimum 4-8 year sentences including CSAM production.

NJB / Staatsblad 2018 nr. 322 โ†—
May 1, 2018lawofficial
Intelligence and Security Services Act 2017 (Wiv 2017) Enters into Force

Despite a citizen-initiated advisory referendum on 21 March 2018 in which 49.4% voted against it, the Wiv 2017 entered into force on 1 May 2018, legalising bulk cable (internet backbone) interception by the AIVD and MIVD; the Act established two independent oversight bodies, the ex-ante TIB (whose rulings are binding) and the ex-post CTIVD, to check intelligence gathering.

AIVD โ†—
Jun 5, 2012law
Amended Telecommunications Act, Europe's First Statutory Net Neutrality Law

Article 7.4a of the amended Telecommunications Act (published 5 June 2012; net neutrality provisions effective 1 January 2013) prohibited ISPs from blocking, throttling, or degrading internet services, making the Netherlands the first country in Europe, and second globally after Chile, to enact statutory net neutrality; the amendment also introduced mandatory data-breach notification and cookie-consent obligations.

Library of Congress / Global Legal Monitor โ†—
May 10, 2012decision
District Court Orders ISPs to Block The Pirate Bay (BREIN v. Ziggo & XS4ALL)

The District Court of The Hague ordered the Netherlands' five largest ISPs to block The Pirate Bay within ten days or face fines of โ‚ฌ10,000/day, at the request of anti-piracy body BREIN; the ruling was a landmark in court-ordered website blocking, though a 2014 appeals court later lifted the order citing disproportionality and net neutrality concerns.

Library of Congress / Global Legal Monitor โ†—
Jan 1, 2006lawofficial
Computer Crime Act II, Budapest Cybercrime Convention Ratification

Wet computercriminaliteit II was enacted to enable the Netherlands to ratify the Council of Europe's Budapest Convention on Cybercrime (2001), adding offences for data interference, misuse of devices, and online child pornography distribution, and expanding procedural tools for cross-border law-enforcement cooperation.

Council of Europe / Octopus Cybercrime Community โ†—
Jan 1, 1995guidance
Meldpunt Kinderporno (CSAM Reporting Hotline) Established

Offlimits launched the Meldpunt Kinderporno hotline in 1995 in cooperation with the Ministry of Justice as the Netherlands' dedicated public-reporting channel for online child sexual abuse material; it became a founding member of the INHOPE global network and later a formal trusted-flagger under the DSA, processing notices-and-takedowns to hosting providers.

Offlimits / Meldpunt Kinderporno โ†—

Netherlands - other topics

Internet & Online Safety in other countries

Last verified 5/23/2026 ยท Orientation, not legal advice - verify against the primary sources linked above. Methodology & how to cite ยท Explore the full world map โ†’