The network information systems directive (EU) 2016/1148: internet service providers and registraties

Main Article Content

Article Sidebar

Published Jul 15, 2020
Domenica Bagnato


The NIS Directive [1] defines critical infrastructures and operators of essential services. It also calls for organizational measures to ensure these infrastructures are protected from cybercrime and terrorism. This also includes the establishment of a national framework for emergency response. The list of essential services in Annex II does contain certain elements of Internet infrastructures, such as Domain Name Servers and Internet Exchange Points. However, in a truly remarkable omission, the Directive does not include Internet Service Providers (ISP) [2]. Since operators of essential services are subject to stringent security requirements, it would be helpful to include them as operators of essential services. This seems even more appropriate as many other Annex II infrastructures, such as banking, health and transport, heavily rely on a working Internet infrastructure, which is largely dependent on ISPs.

This paper discusses the omission in the NIS Directive of the ISPs and the incomplete list and codependent registries namely, the IP address space registry and the Autonomous System registry and their necessity in supporting the root Domain Name System.

How to Cite

Bagnato, Domenica. 2020. “The Network Information Systems Directive (EU) 2016/1148: Internet Service Providers and Registraties”. Central and Eastern European EDem and EGov Days 338 (July):111-22.


Download data is not yet available.
Abstract 184 | PDF Downloads 156

Article Details