EUR-Lex Access to European Union law

Back to EUR-Lex homepage

This document is an excerpt from the EUR-Lex website

Document 52017DC0725

REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL On the implementation, functioning and effectiveness of the .eu Top-Level Domain

COM/2017/0725 final

Brussels, 4.12.2017

COM(2017) 725 final


On the implementation, functioning and effectiveness of the .eu Top-Level Domain


In April 2016, the .eu Top-Level Domain (TLD) celebrated its 10th anniversary. Over the past ten years, the .eu country code Top Level Domain (ccTLD) has continued to market itself as an innovative and modern extension, very much able to both catch up with the legacy TLDs, which have been in the domain environment for three decades, and to compete with the new generic Top-Level Domains (gTLDs) which were introduced in 2014. At the end of Q1 2017, the .eu TLD was the 7th largest country code TLD in the world. 1 With over 3.7 million registrations, the .eu TLD has established itself as a valuable option for any European resident choosing a domain name for their Internet presence.

In line with Article 8 of Regulation (EC) No 733/2002 on the implementation of the .eu TLD, the Commission is required to submit a report to the European Parliament and the Council one year after the adoption of the Regulation, and every two years thereafter. This Report concerns the implementation, functioning, and effectiveness of the .eu TLD over the past two years, in particular during the period from 1st April 2015 to 31st March 2017.

2.The .eu legal framework and basic principles

The .eu TLD was established by the following legal acts:

Regulation (EC) No 733/2002 of the European Parliament and of the Council of 22nd April 2002 on the implementation of the .eu TLD (as amended) 2 ;

Commission Regulation (EC) No 874/2004 of 28th April 2004 laying down public policy rules (PPR), concerning the implementation and functions of the .eu TLD, and the principles governing registration (as amended). 3

EURid is the current Registry operator, responsible for the organisation, administration and management of the .eu TLD and its variants in other scripts. It was re-awarded a second service concession contract on 12th April 2014, following a call for expression of interest and the European Commission Implementing Decision of 11th April 2014. 4

3.Registration and use of .eu domain names

In the period covered by this report, the .eu ccTLD saw a flattening of its growth in line with the other European country code TLDs. During 2016 .eu’s annual growth was negative. The total registrations were 3,862,467 at the end of 2015, and 3,760,695 on 31st December 2016. Such a decrease in the past year can be attributed to several factors in the Domain Name System (DNS) landscape and beyond - such as market saturation, increased competitiveness, fewer promotions by those registrars that became involved in new gTLD registries, and in some cases stagnant economies - that impacted other industry peers as well, but also to the continuous efforts to remove domain names with incorrect data from the Whois database 5 .

The renewal rate of .eu domain names remains at an average of 80%, which is a very healthy rate compared to the industry average of 73%.

The .ею extension (.eu in Cyrillic) was launched on 1st June 2016. At the end of Q1 2017, there were a little over 2,200 domain names registered under the .ею extension.

The domain name landscape has changed significantly over the past two years, due to the introduction of new gTLDs (e.g. .car, .hotel) which followed the opening of the gTLD space by the Internet Corporation for Assigned Names and Numbers (ICANN). At the time of drafting this report, over 1200 new gTLDs have been delegated, and it is estimated that over 1240 will be fully delegated and operational by the end of ICANN fiscal year 2018 (FY18). 6 At present, their registrations account for 25.6 million domain names out of 329.3 million registered domains worldwide (142.7 million being registered under the cc TLDs). 7

Although the new gTLD market has not met expectations, given that user demand has been much lower than expected, its growth has been higher than that of legacy TLDs.

Considering historical trends and the situation in the market, the goal is to maintain a stable, positive growth, and to strengthen actions towards making .eu and its Cyrillic variant quality TLDs.

4.Internationalised Domain Names (IDNs) IDNs

The introduction of IDNs at the top level is a matter that falls within the competence of ICANN. On 16th November 2009, ICANN launched the IDN ccTLD Fast Track Process 8 to facilitate the introduction of Internet Top Level Domain extensions representing country codes (e.g. .gr, .bg, .eu) using non-Latin characters.

Based on submissions to the Commission from Cyprus, Greece, and Bulgaria with regards their preferred versions of the .eu suffix, EURid submitted an application to ICANN for the Cyrillic and Greek versions of the .eu TLD on 5th May 2010. Initially, the Greek .ευ and Cyrillic .ею strings were deemed to be confusingly similar to the existing ASCII ccTLD string (.eu), therefore their introduction entered a lengthy evaluation process.

While the Cyrillic (.ею) string succeeded in passing the IDN Fast Track Process, the Greek (.ευ) string did not pass the technical evaluation step on the grounds that it is ‘either visually identical to or visually confusable with at least three ISO 646-BV strings “.eu”, “.ev”, and “.ey”’.

In October 2014, following a request for re-evaluation, the .ευ string was not found to be confusingly similar to .ev and .ey, but confusingly similar to .EV and .EY.

On 23rd June 2016, a working group established to provide further guidance on the methodology of second string similarity review process, including the interpretation of split recommendations, recommended that in case of confusing similarity with other strings in upper case, but not in lower case, priority should be given to the lower case string.

At the time of writing this report, the option of setting up another working group to introduce the assessment of the measures to mitigate confusing similarity at the registry level is being considered.

5.Functioning of the Registry

5.1.The Registry

EURid is a Europe-wide non-profit organisation with its head office in Diegem (Belgium) and regional offices in Stockholm, Prague, and Pisa. It comprises two founding members - DNS Belgium (the .be registry) and the Istituto di Informatica e Telematica (the .it registry) - as well as eight associate members. These are ARNES (the .si registry), CZ.NIC (the .cz registry), Business Europe (a confederation of 39 industry-related federations from 33 countries), ECTA Internet Committee (European Community Trademark Association), EMOTA (European Multi-channel and Online Trade Association), IAB Europe (Interactive Advertising Bureau), CECUA (Confederation of European Computer Users), and UEAPME (European Association of Craft, Small, and Medium-sized Enterprises). Marie-Emmanuelle Haas, an intellectual property rights lawyer, joined as an independent member in 2016.

The main EURid server sites are located in Amsterdam and in Luxembourg. They both have identical equipment. The EURid self-managed servers are in Amsterdam, Ljubljana, London, and Prague, while the three Anycast providers - DENIC, NETNOD and DYN - have name servers 9 across the world.

In terms of human resources, there were a total of 50.3 full time employees working in EURid’s four offices at the end of Q1 2017. Most of the employees are within the External Relations team (in charge of providing account management and support in all EU languages) and the Technical Department.

5.2.Relations with registrars

According to the current Regulations, the .eu Registry itself does not act as Registrar. The top priority for EURid remains to provide quality service to its 693 accredited registrars. The number of accredited registrars has dropped slightly in the last two years – there were 751 at the end of Q1 2015 – as registrar accounts continued to be consolidated, and many big European and worldwide players purchased several smaller registrars.

In November 2016 the .eu Registry kicked off the Single Euro Payment Area (SEPA) facility and the so-called post-payment system, through which registrars now have the option to have their transaction fees directly debited to their bank accounts. Furthermore, EURid has paid closer attention to registrars with unpaid invoices and, as a consequence, has stopped several accounts.

5.3.International Relations

In the reporting period, the .eu Registry has continued to engage regularly and effectively with the Internet ecosystem. That includes:

·Proactive participation in the Council of European National Top Level Domain Registries (CENTR) meetings and workshops;

·Participation at the ICANN meetings;

·Chairmanship of the Strategy and Operating Plan working group of the ICANN country code Name Supporting Organisation (ccNSO);

·Chairmanship of the ccNSO Extended Process Similarity Review Panel (EPSRP) working group in Q2 2015;

·Involvement in the IANA Stewardship Transition and ICANN Accountability processes as one of the ccNSO-appointed representatives in the Cross Community Working Group;

·Cooperation with UNESCO and Verisign for the yearly IDN World Report 10 ;

·Cooperation with ICANN for sharing EURid best practices among registries and registrars in the Middle East and Adjoining Countries area (MEAC) and the Latin America and Caribbean region 11 ;

·Partnership to hold the Internet Governance Forum at the Scuola S. Anna in Pisa;

·Launch of the ‘.eu Academy’ in June 2015 12 ;

·Hosting the annual European Dialogue on Internet Governance (EuroDIG) meeting in Brussels, on 9th-10th June 2016, in partnership with the European Commission.

5.4.Marketing, awareness, and communication activities

7th April 2016 marked .eu’s tenth anniversary. This milestone was celebrated with the launch of a brand new website, as well as with releasing a special anniversary edition of the online magazine, .eu illustrated. 13  

Over the past two years, EURid has developed multiple marketing, awareness, and communication activities in various ways:

·By further strengthening its partnership with the accredited registrars, in order to promote the .eu TLD via the Co-funded Marketing Programme and the so-called Customised Reduction Schemes. Within the Co-funded Marketing Programme, 52 and 57 proposals of different nature were submitted in 2015 and 2016 respectively. With the Customised Reduction Schemes (CRS), the Registry introduced a way for registrars to benefit from lower registration fees on the basis of their sales volumes, an approach that is typical of many other TLD registries. At the time of writing this report, 98% of registrations in Q1 2017 were made by the 331 registrars who joined the CRS in 2017.

·By refining its direct marketing actions targeted at increasing .eu awareness. 2015 and 2016 initiatives included two yearly online display marketing campaigns, the participation in selected domain-related fairs and events across Europe, and the continuation of the billboard campaign at Brussels airport. Furthermore, the .eu Web Awards became a regular activity in the last two years.

·By designing a structured social media presence 14 , in addition to the publication of the quarterly and annual reports, and the .eu illustrated bi-yearly magazine.

5.5.Financial situation

The Registry is an external organisation whose decisions are autonomous, but the Commission closely scrutinises the financial situation in line with the provisions of the legal framework and the Service Concession Contract. Complete, on-the-spot accounting reviews are performed by an independent financial auditor. The Commission exercises its supervisory role by means of reviews of the auditors’ remarks, bi-yearly and annual financial reports, quarterly progress reports, budget proposals, and strategy and operational plans. Financial matters are regularly discussed with the Registry at bi-yearly meetings and service-level meetings.

To be more competitive in the dynamic TLD market, EURid launched the Customised Reduction Schemes for its registrars, which allow reduced new registration fees according to the registrar’s sales volumes. As of January 2017, the basic fee for a new domain name for those registrars subscribing to the CRS is €1.75.

The key financial aspects of the Registry remained stable in 2015 and 2016. While the revenues of the Registry have been around €13 million for both years, the costs decreased significantly down to a little over €11 million at the end of 2016. Consequently, the net financial result has been less balanced than in previous years, with a surplus to the benefit of the European Union budget of €1,238,723 for accounting year 2015 and €2,748,873 for 2016.

The Commission regularly checked changes in the budgeted and actual costs of the Registry, in particular costs relating to marketing (around €3 million in 2015 and €2.7 million in 2016), and human resources (around €4 million in 2015 and €3.9 million in 2016).

At the end of 2016, the Registry maintained five types of financial reserves: depreciation (€0.8 million), investments (€0.6 million), social liabilities (€2.7 million), legal liabilities (€1.2 million), and working capital (€1 million).

5.6.Business continuity, resilience, and quality

5.6.1.Business continuity

During 2016, with the increased rise of different cyber threats, the yearly Business Continuity Exercise was evaluated. As the traditional data center switch has been integrated into normal business operations and is executed regularly during maintenance windows, EURid focused on a different field of crisis handling.

Therefore, in H2 2016, EURid contracted an external company to execute a so-called Table Top eXercise (TTX). A TTX is a scripted exercise involving a mock incident, during which the entire crisis management process is evaluated. Contrary to the BCP exercises before 2016, the TTX involved the entire crisis management team, including Technical Operations, Legal, Communications, External Relations, and the General Manager. Although this exercise is only on paper and condensed, it did give a good insight into potential shortcomings.

Although fewer than planned, due to conflicting resource planning and priorities, EURid also executed a number of Disaster Recovery & Recovery Tests (DRRT) during 2016.


The .eu TLD is implementing the Domain Name Security Extensions (DNSSEC) protocol. The DNSSEC is a protocol to verify the authenticity of the display name server responses (websites) up to the Internet root zone in what is called a ‘chain of trust’. A so-called DNSSEC reduction (€0.02 discount on the domain name fee per correctly-signed domain name per month), introduced in 2013, continued to be available to registrars to further support the implementation of DNSSEC. At the end of Q1 2017, there were 357,389 DNSSEC signed .eu domain names.

Furthermore, at the company level, in order to provide secure, high-quality services to .eu accredited registrars and the general public, EURid has implemented the requirements of ISO/IEC 27001, an information security standard set by the International Standardisation Organisation. The .eu Registry was granted its ISO/IEC 27001 recertification following an audit by BSI, the British Standards Institution, on 28th June 2016.

5.6.3.Actions to improve the accuracy of registration data, mitigate abuse of domain names and cooperation to fight cybercrime

The Registry has been applying measures to counter malicious online behaviour with the abuse of domain names on a daily basis, including e.g. copyright infringements, phishing and cyberattacks including the distribution of malware. Domain names, in particular, are checked against eligibility criteria, and new registrations are screened for suspicious patterns or other anomalies  15 . Under article 4 of the registrar .eu accreditation agreement, registrars must ensure that each domain name holder meets all requirements set forth in the EU Regulations and their subsequent amendments, the .eu Registration Policy, and the .eu Terms and Conditions, as published on the Registry website. 

Improving the provision of accurate registration data by registrants is an increasingly important tool in preventing and for combatting fraudulent domain name use. With that aim, EURid launched the Whois Quality Plan in Q1 2014. In the reporting period, the procedures to introduce a fast-track method for clear-cut cases were refined. The fast track procedure is enforced in case of obviously inaccurate registration data, detection of patterns in domain name registrations, or suspicion or allegation of abuse. Should this be the case the registrant is requested to provide evidence of the registration data within three days after which the domain name involved is suspended. During 2016, over 18,000 domain names were checked, out of which over 9 000 were suspended and over 1 000 were subsequently withdrawn.

In addition, the Registry continued to provide regular assistance to law enforcement and other relevant authorities. At the national level in Belgium, EURid upheld a regular dialogue with CERT-EU and collaborated actively with authorities such as the Belgian Federal Ministry of Economic Affairs (‘FOD Economie’), Belgian Customs (‘Cybersquad’), and the Public Prosecutor’s Office, in their fight against illegal activities related to .eu domain names. The collaboration mainly focused on the selling of counterfeit products while using .eu domain names. At European level, EURid signed a MoU with EUROPOL in December 2016 to engage in joint efforts related to fighting cybercrime, to exchange statistical data and trends pertaining to cybercrime, and to commit to cooperating on projects designed to combat cybercrime. 16

5.7.Legal proceedings and disputes concerning domain names

5.7.1.Cases before the General Court and the Court of Justice of the European Union

There were no cases before the General Court and the Court of Justice of the European Union (CJEU) in the reporting period.

5.7.2.Alternative Dispute Resolution procedure

Domain name disputes may be submitted to the Alternative Dispute Resolution (ADR) provider – the Prague-based Arbitration Court (‘Czech Arbitration Court’ or ‘CAC’).

During 2015 a total of 65 new ADR complaints were filed, on average 5 complaints per month. In total, 68 ADR disputes were terminated (complaints accepted: 46; complaints denied: 5; complaints withdrawn: 2; complaints defective: 14; settlements: 1)

During 2016 a total of 80 new ADR complaints were filed, a steady average of just over 6 cases per month. In total, 67 ADR disputes were terminated (complaints accepted: 41; complaints rejected: 9; complaints withdrawn: 2; complaints defective: 14; settlements: 1).

As of 1st June 2016, disputes for .eu domain names within the Cyrillic extension (.ею) can be filed. At the end of Q1 2017, no cases were filed with the CAC for .ею.

5.7.3.Court proceedings

In the reporting period, EURid has been a party in the following cases:


On 6th May 2015 EURid introduced IDNA2008 and homoglyph bundling, and announced its legacy policy for domain names that are no longer compliant with these new rules. The policy included a phasing-out period of one year. By 6th May 2016), non-compliant domain names were to have been withdrawn, and could not be re-registered. The expiry date of two no longer compliant domain names (‘fı’ and ‘fı’) extended beyond the phase out date of 6th May 2016 (to 28th February 2025).

The holder of both domain names sued EURid before a court in the Czech Republic regarding one domain name: ‘fı’.

The written judgment was received on 21st November 2016. The official Court decision stipulates: ‘An obligation is being imposed on the Defendant (EURid) to ensure the operation of the domain name “fı” until 28th February 2025, as art. 13 of EURid’s terms and conditions does not allow EURid to unilaterally change the rights and obligations of the holder, but only allows EURid to apply new rules to any subsequent registrations.

Although the Court’s decision only relates to one domain name, ‘fı’, and does not relate to ‘fı’, EURid applied the Court’s decision to both domain names and will keep both active until their expiration date on 28th February 2025 (on which date they will be withdrawn).

As a consequence, this case has been closed.


On 29th February 2016 EURid initiated court proceedings against two domain name holders (Nanogenetics Ltd and Citizen Engineering Services Ltd), both having the same business address (29 Harley Street, Marylebone, London, W1G 9QR). Both holders had registered approximately 1600 domain names via registrar IO Domain UK Ltd, doing business as ‘Universal Domains’, with the same address (29 Harley Street, Marylebone, London, W1G 9QR). It appears that more than 6000 UK companies were registered to that address. It would seem that a Mr. Van Collem claimed to represent both domain name holders, and EURid has reason to believe that Mr. Van Collem is actually the registrar as well.

Since this registrar had an overdue balance of 7,363.50 EUR, EURid terminated its accreditation agreement due to breach of contract (after several reminders).

As a consequence of the termination of the registrar’s contract, all domain holders received an automated email notification to look for another registrar of their choice, and to transfer their domain names to the chosen registrar. Mr. Van Collem indicated that he had selected ‘Lifestyle International BV’ (a Dutch foundation). This company had indeed applied for .eu accreditation, but since it never successfully completed the accreditation procedure, EURid had not accepted its application.

EURid granted Mr. Van Collem more than 166 calendar days to transfer his domain names (compared to the regular 30-40 quarantine days for any other holder in similar circumstances).

Since EURid had ‘reserved’ these domain names for Mr. Van Collem without being paid for them, it decided to initiate court proceedings in order to ask the Court to declare the agreement between EURid and the domain name holder(s) terminated.

The domain name holders (Nanogenetics Ltd and Citizen Engineering Services Ltd)

The (Brussels) court hearing took place on 21st February 2017, and in the meantime both companies have been dissolved.

The judge decided to take more time to double-check the removal of both companies from Companies House (UK), and thus to postpone his decision. EURid expects to receive an interim decision, in which the judge may or may not re-open the debate.

6.EMAS registration and CO2 compensation

On 23rd May 2012, EURid became the first EMAS-certified registry in Europe (registration number BE-VL-000016) 17 . In Q2 2015 EURid completed its re-certification process with the revised Environmental Declaration 2015-2017, which includes six objectives. The EMAS registration covers both the headquarters of EURid in Diegem, Belgium, and its branch in Pisa, Italy (since Q2 2015).

Since 2013, EURid has been validating its CO2 emissions and, afterwards, purchasing certified CO2 credits to compensate for them. 18


The .eu TLD model has been implemented successfully.

Over the last two years, the .eu TLD has been operating in a TLD landscape different to the one that it entered when it was launched in 2006. The new gTLDs have completely changed the domain name industry. More and more registrars have become involved in the management of the new extensions, while the legacy TLD operators have started to look into options to differentiate their offerings and expand into new business areas, which might compensate for the lower income coming from new registrations in the long-term.

In late 2016, the European Commission launched a Regulatory Fitness and Performance Programme (REFIT) review of the .eu Regulations, to ensure that the .eu legal framework still serves its intended purpose. It includes a "back-to-back" evaluation and impact assessment. The evaluation will examine at least the five mandatory evaluation criteria of effectiveness, efficiency, relevance, coherence and EU added value and it will cover the implementation of the .eu legal framework across the EU, the EEA and candidate countries, since the adoption of the first Regulation in 2002. This evaluation will form a basis for the eventual future oriented impact assessment, outlining policy responses to identified challenges, with the possible adoption of concrete initiatives in 2018.

Multilingualism continues to be a primary goal both for the .eu Registry and the European Commission. It is worth noting that, seven years after EURid’s application for the .eu string in Greek, .ευ in Greek has not yet been approved by ICANN on the grounds that it is confusingly similar with other strings. The Commission has repeatedly urged ICANN to complete this process, and has emphasised that ICANN has not followed the same strict policy when clearly confusingly similar new gTLDs have been delegated in the recent past.

The recent proactive Registry support of actions that have the aim to prevent the abuse and improve the security and trustworthiness of the .eu domain are considered important and will be further encouraged in a digital environment where the threat and impact of cybercrime have significantly increased.

The European Commission will continue its regular and constructive communication flow with the Registry, both to maintain the .eu TLD at the highest standards of DNS, and to make it the extension of choice for Europeans. Conclusions on the performance of the .eu TLD will be drawn again in 2018 when the results of the ongoing REFIT evaluation will be available.


·Statistics .eu against CENTR registries end Q1 2017

·.eu registrations by quarter till end Q1 2017

·Total number of domain names by country of registrant end Q1 2017

·Registrar distribution end Q1 2017

·IDN registrations end Q1 2017


(1)      .tk is still excluded from the count due to its special framework and sales model.
(2)    Regulation (EC) No 1137/2008 of the European Parliament and of the Council of 22nd October 2008 adapting a number of instruments subject to the procedure laid down in Article 251 of the Treaty to Council Decision 1999/468/EC with regard to the regulatory procedure with scrutiny — Adaptation to the regulatory procedure with scrutiny — Part One (OJ L 311, 21.11.2008, p. 1).
(3)    Commission Regulation (EC) No 1654/2005 of 10th October 2005 (OJ L 266, 11.10.2005, p. 35), Commission Regulation (EC) No 1255/2007 of 25th October 2007 (OJ L 282 26.10.2007, p. 16), Commission Regulation (EC) No 560/2009 of 26th June (OJ L 166, 27.6.2009, p. 3), Commission Regulation (EU) No 516/2015 of 26th March 2015 (OJ L 82, 27.03.2015, p.14).
(4)      European Commission Implementing Decision of 11th April 2014 on the designation of the .eu Top-Level Domain Registry, published in the Official Journal (L109/41) on 12th April 2014.
(5) See section 5.6.3
(6)      See
(7)    See Verisign Domain Industry Brief, Q4 2016,
(8)      See
(9) Name server is a server on the internet specialized in handling queries regarding the location of a domain name's various services. Name servers are a fundamental part of the DNS. They allow using domains instead of IP addresses.
(10)      The World IDN Report went digital in late 2016 with an official launch at the Internet Governance Forum meeting in Guadalajara, Mexico, on 7th December 2016. For the online IDN World Report, see . For the IGF 2016 workshop, see  
(11)      Both cases included a study on domain marketplaces in the respective regions. For the MEAC Study, see , for the LAC Study, see  
(12) The initiative has, as its main objective, the goal of contributing to the education of industry peers, registrars, and future generations in the basics of the Internet, its history, functioning, and marketing/administrative/security/law-related facets.
(13)      See
(14)      See Facebook (EUregistry), Twitter (@Euregistry), YouTube (Europeanregistry)
(15)    For the eligibility criteria, see Article 4(2(b) of Regulation 733/2002. The Registry has the right to verify the validity of a registration (Article 3 of Regulation 874/2004). The registration policy requires the registrant to keep personal data complete and accurate, and the email address functioning for communication with the Registry, which reserves the right to revoke the domain name of a non-functioning address.
(16)      See
(17)    More information on EURid’s environmental commitment is available at:
(18)      In 2015, EURid assessed its CO2 emissions from 2014 and purchased verified CO2 credits to contribute to the Ecomapuà project, which, among other things, has the goal of conserving the rich biodiversity of the Amazon. In 2016 the CO2 emissions of 2015 were off-set by verified CO2 credits which contributed to the Dak Rung Hydropower project in Vietnam.