When Abuse Meets Evidence: Preparing DNS Providers for the EU’s New Reality

DNS Abuse, E-Evidence, and the Compliance Squeeze

What happens when DNS abuse response collides with cross-border evidence requests? This workshop brings together domain registries, registrars, and hosting providers for a practical look at what the E-Evidence Regulation will mean on the ground. In force since August 2023 and applicable from 18 August 2026, it introduces new obligations for service providers to respond to European Production Orders and European Preservation Orders. We will discuss the operational realities of abuse handling and connect legal change with day-to-day practice.

Through expert input, realistic case studies, and discussion of concrete workflows, participants will explore how to assess requests, manage timelines, verify authenticity, preserve data, and build internal systems that can withstand both regulatory scrutiny and operational pressure. The workshop also looks beyond e-Evidence alone, placing it in the wider context of NIS2, cybersecurity obligations, outsourcing, supply chain risk, and growing enforcement exposure.

Designed for technical and legal audiences across the DNS and hosting ecosystem, this is a session for anyone who needs to respond quickly, comply confidently, and stay ahead as the regulatory landscape keeps moving.

13:30pm CEST
Welcome & Introduction

Michael B. Halvorsen
CEO, iQ Global

Thomas Rickert
Director Names & Numbers, eco – Association of the Internet Industry

Ulrich Plate
Head of KRITIS working group, eco – Association of the Internet Industry

13:45pm CEST
Introduction to the EU E-Evidence Framework

What will the EU E-Evidence framework mean in practice for domain registries, registrars, and hosting providers? This session provides a clear and practical introduction to the new rules, from Production Orders and Preservation Orders to the move toward direct cross-border cooperation with service providers. It will also explore the main operational and compliance questions providers need to address, including contact points, workflows, data handling, safeguards, and fundamental rights. A useful starting point for anyone preparing for the framework to become operational in 2026.

Ulrich Plate
Head of KRITIS working group, eco – Association of the Internet Industry

14:15pm CEST
DNS Abuse & E-Evidence: Where They Intersect

Phishing, malware, and botnet activity often cross borders, bringing DNS abuse response into direct contact with the growing framework for cross-border electronic evidence. This session looks at where operational mitigation and legal compliance meet in practice for domain registries, registrars, and hosting providers. It will explore how abuse cases can trigger preservation and disclosure requests, what this means for different actors across the domain name and hosting ecosystem, and how internal processes may need to adapt. At the same time, the session will consider how effective abuse mitigation can be balanced with due process, data protection, and the rights of users. It offers a practical look at the challenges at this intersection and the approaches needed to respond in an effective and proportionate way.

Thomas Rickert
Director Names & Numbers, eco – Association of the Internet Industry

14:30pm CEST
Interactive Session: Real-Life Scenarios for Domain Registries, Registrars, and Hosting Providers

What does the E-Evidence Regulation look like in practice? This interactive session uses realistic case studies to explore how domain registries, registrars, and hosting providers may need to respond in concrete situations. Participants will work through key questions around request assessment, verification, response timelines, and escalation paths, while examining the legal and operational choices involved. The session will also highlight common risks, grey areas, and recurring implementation challenges. By comparing approaches and sharing perspectives, it aims to identify practical best practices for timely, compliant, and proportionate responses.

Thomas Rickert
Director Names & Numbers, eco – Association of the Internet Industry

Ulrich Plate
Head of KRITIS working group, eco – Association of the Internet Industry

15:00pm CEST
Swedish Fika

15:30pm CEST
Technical Readiness for E-Evidence: What Systems Domain Registries, Registrars, and Hosting Providers Need

When E-Evidence requests arrive, legal knowledge alone will not be enough. Domain registries, registrars, and hosting providers need systems and workflows that work under pressure: secure request intake, reliable verification, data preservation, clear escalation paths, and strong logging for accountability. This short session takes a practical look at what technical readiness really means and how providers can build the internal processes needed to respond quickly, compliantly, and with confidence.

Ulrich Plate
Head of KRITIS working group, eco – Association of the Internet Industry

16:00pm CEST
Attention DNS Service Providers: Join the Regulatory Rollercoaster

For domain registries, registrars, and hosting providers, compliance is becoming more complex by the day. E-Evidence, NIS2, cybersecurity requirements, outsourcing, supply chain oversight, and enforcement risks are creating a regulatory landscape that is increasingly difficult to navigate. This session will explore how these developments interact, what they mean for different types and sizes of providers, and where the main compliance and operational pressure points are likely to emerge. A closing session for anyone trying to stay on track while the rules keep moving.

Ulrich Plate
Head of KRITIS working group, eco – Association of the Internet Industry

Thomas Rickert
Director Names & Numbers, eco – Association of the Internet Industry

17:00pm CEST
End of workshop - After work @ Living Room Bar