On 27 November 2025, the outgoing government approved a bill on the digital economy and amendments to certain related laws[1], which represents an adaptation of the directly applicable Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market For Digital Services (Digital Services Act, hereinafter the “DSA”)[2] and, in part, to Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance (Data Governance Act, hereinafter the “DGA”)[3] (hereinafter the “Digital Economy Bill“). On 12 December 2025, the bill was submitted by the government to the Chamber of Deputies of the Parliament of the Czech Republic for discussion.
The Digital Economy Bill is a comprehensive adaptation regulation that responds to the DSA and DGA and also follows up on Regulation (EU) 2019/1150 of the European Parliament and of the Council of 20 June 2019 on promoting fairness and transparency for business users of online intermediation services[4]. Its aim is to create a comprehensive legal framework, particularly for digital services and selected aspects of data management in the Czech Republic, and to ensure safe, trustworthy and predictable conditions for doing business in the digital environment and for user protection. The Digital Economy Bill also aims to repeal and replace Act No. 480/2004 Coll., on certain Information Society Services, as amended (hereinafter the “Act on Certain Information Society Services“). The Digital Economy Bill therefore regulates, in particular, the legal relationships arising from the provision of information society services, the dissemination of commercial communications and the functioning of recognised organisations for data altruism. It also defines the powers of public authorities in the field of the digital economy, sets out their supervisory and regulatory powers, and regulates procedural steps in the application of directly applicable EU regulations. It also includes provisions on liability for offences consisting in the violation of EU regulations and the Act itself.
Definition of basic terms according to the Digital Economy Bill
The Digital Economy Bill defines basic terms and the scope of its application in order to provide a clear framework for the regulation of the digital economy. In particular, it provides a uniform definition of terms such as information society service, user, commercial communication, electronic mail and trading platform. These terms form the basis for further legal regulation, in particular with regard to the determination of information obligations of providers, rules for the dissemination of commercial communications, supervision and the imposition of sanctions.
Although many of these terms have been regulated in various legal regulations to date[5], the Digital Economy Bill systematically brings them together and unifies them into a single regulation, with the aim of creating a clear and centralised conceptual framework for the digital economy.
Information society services
A significant part of the Digital Economy Bill regulates the information obligations of information society service providers, with the aim of enhancing the transparency of the digital environment and legal certainty for users. Providers will be required to make clear and easily accessible information available to enable fast and effective communication, including identification and contact details. At the same time, if their activities are subject to authorisation or supervision, they must provide information on the relevant supervisory or control authority, tax identification details and, in the case of regulated professions, information on the professional chamber and relevant professional rules. The Digital Economy Bill also explicitly emphasises the requirement for price transparency; users must have access to comprehensible information on prices, including all taxes, fees and other costs that may be associated with the provision of the service.
The country-of-origin principle and the procedure for its derogation
The Digital Economy Bill also addresses the application of the country-of-origin principle, which is one of the cornerstones of the regulation of information society services within the EU internal market. This principle is based on the idea that information society service providers are primarily subject to the legislation and supervision of the Member State in which they are established, and that other Member States cannot arbitrarily restrict their activities.
The Digital Economy Bill also regulates the procedure for cases where it is necessary to override the country-of-origin principle. If a Czech public authority concludes that it is necessary to take measures against an information society service provider established in another Member State, it is first obliged to call on the country of establishment to take appropriate measures. Only if the country of establishment fails to take sufficient or effective measures may the Czech authority intervene itself, subject to certain legal conditions; at the same time, it shall inform the European Commission and the Member State concerned of its action. Exceptions are cases of imminent danger, where immediate action may be taken. The possibility of such intervention applies in particular to the protection of public order and safety, public health, the prevention and combating of crime, national defence and consumer protection. The regulation thus balances the freedom to provide services in the internal market with the protection of fundamental public interests.
Regulation of commercial communications under the Digital Economy Bill
One of the key areas on which the bill focuses is the regulation of commercial communications[6]. This issue is of fundamental importance both for business practice, particularly in the area of email marketing and online advertising, and for the protection of users from unsolicited or non-transparent communications. The Digital Economy Bill provides a systematic and precise definition of the rules for the dissemination of commercial communications in the digital environment, explicitly distinguishing between two basic regimes according to the method of obtaining the addressee’s contact details and linking the permissibility of sending commercial communications to the fulfilment of precisely defined legal conditions. In addition, it introduces a separate regime for commercial communications from professional chambers and persons practising regulated professions.
Two basic regimes: customer contact vs. consent
The first regime applies to situations where an entrepreneur or a person performing a regulated activity obtains a customer’s electronic contact in connection with the sale of a product or the provision of services – the so-called “customer exception“, which is currently regulated in Section 7(3) of the Act on Certain Information Society Services. In such a case, it is possible to use this contact to send commercial communications relating to one’s own similar products or services even without the prior express consent of the addressee.
However, the customer exception within the meaning of the Digital Economy Bill is now subject to the cumulative fulfilment of several requirements. When providing their contact details, customers must have the option to object to their use (opt-out) free of charge, in a simple and understandable manner. They must have the same option at any time later, including with each individual commercial communication sent. At the same time, no more than two years may have elapsed since the last commercial communication was sent. The introduction of this two-year time limit represents an explicit restriction on the period during which customer contact may be used for marketing purposes without consent.
The second regime applies to all cases where electronic contact was not obtained in connection with the sale of a product or service. In such cases, the law allows the dissemination of commercial communications by electronic means exclusively on the basis of the prior consent of the addressee within the meaning of the General Data Protection Regulation (GDPR)[7]. The Digital Economy Bill thus allows the dissemination of commercial communications outside of customer contact exclusively on the basis of consent within the meaning of Article 4(11) of the GDPR.
Mandatory requirements for commercial communications
Beyond the definition of individual regimes, the bill establishes an absolute ban on sending commercial communications by e-mail unless basic formal requirements are met. Each commercial communication must be clearly and unambiguously identified as such, must allow for the unambiguous identification of the person on whose behalf or on whose account it is distributed, and must contain information about the possibility for the addressee to directly and effectively object to the use of their contact details or to withdraw their consent.
Failure to comply with any of these requirements means that the sending of the commercial communication is unlawful, regardless of whether the other conditions for its admissibility are met.
Special regime for commercial communications for professional chambers
Separate provisions apply to commercial communications disseminated by members of professional chambers with compulsory membership or by persons performing regulated activities who are members of professional chambers based in another EU Member State. These entities may distribute commercial communications by electronic means only in the context of activities falling within the scope of a regulated profession, under the conditions generally laid down for commercial communications and in accordance with the professional rules issued by the relevant chambers. The Digital Economy Bill expressly requires that these specific commercial communications include the name of the professional chamber, a reference to the professional rules and a reference to information about the chamber available by means of remote access. This enhances the transparency of marketing communications by regulated professions and increases the level of information available to recipients.
Clarification compared to the current regulation of commercial communications
Compared to the current legal regulation, in particular the Act on Certain Information Society Services, the Digital Economy Bill brings significant clarification and tightening of the rules. A two-year limit for the use of customer contact without consent is now explicitly enshrined, the obligation to provide a functional opt-out for each individual communication is elaborated in detail, and there is a clear separation between the customer and consent regimes, leaving no room for extensive interpretation.
The Digital Economy Bill also expressly stipulates that consent to the sending of commercial communications must comply with the requirements of the GDPR, i.e. it must be given freely, specifically, in an informed manner and by an unambiguous expression of will, and the addressee must be able to revoke it at any time. Both the customer exception regime and the consent regime remain in place, but their conditions have been reformulated more precisely, and the application of both regimes is subject to stricter rules.
Procedures under the Digital Services Act (DSA)
The Digital Economy Bill establishes a national procedural framework for the application of the DSA. In particular, it regulates the procedures for the certification of out-of-court dispute resolution entities, the granting of trusted flagger and verified researcher status, including the requirements for applications and the rules for their assessment. The aim is to ensure a transparent and predictable mechanism for these entities to obtain authorisation to operate within the digital services oversight system.
The adaptation also includes the creation of a procedural framework for the functioning of mechanisms to defend users against decisions by online platforms, such as content removal or account restrictions. The bill regulates the certification procedures for out-of-court dispute resolution entities, thus building on the internal complaint handling and out-of-court review system under the DSA, thereby strengthening the procedural protection of digital service users.
Supervision, control and measures under the DSA
In the area of supervision, the Digital Economy Bill defines in detail the powers of supervisory authorities and the obligations of supervised persons, in particular the obligation to provide the necessary cooperation and information. Supervisory authorities are authorised to carry out inspections under a changed identity, to use cover documents and, if the legal conditions are met, to enter premises with the prior consent of a court. The Digital Economy Bill also regulates the tools for remedying identified violations, including the obligation to draw up and implement an action plan, the possibility of temporarily restricting access to a service, the maintenance of a list of services with restricted access, and the conditions for extending such a measure. This creates a procedural and enforcement framework for the effective enforcement of obligations under the DSA and the resolution of serious violations of digital market rules.
Procedures under the DGA
In relation to the DGA, the Digital Economy Bill regulates in particular the institutional and procedural framework for the functioning of so-called data altruism in the Czech Republic. Data altruism is the voluntary provision of data by natural or legal persons for use in the public interest, for example for scientific research, improving public services or developing innovation, under conditions that ensure transparency and the protection of data subjects’ rights.
The bill on the digital economy therefore introduces a “Register of Recognised Organisations for Data Altruism“ and sets out rules for the registration of these organisations, the conditions for their entry and the procedure for removal from the register. The amendment also includes an obligation to publish decisions on deletion, thereby enhancing the transparency of the entire system. The proposed legislation thus creates a clear framework for entities wishing to collect and mediate data in the public interest, while ensuring oversight of their activities in accordance with European regulations.
In addition to data altruism, the DGA also regulates the regime of data intermediation service providers, whose activity consists in securely and neutrally connecting entities that want to share data with those who intend to use it. The Digital Economy Bill thus creates a procedural framework for supervision in this area as well, thereby contributing to the development of a trustworthy data ecosystem.
Supervision and sanctions under the Digital Economy Bill
The Digital Economy Bill defines the institutional framework for supervision and sanction mechanisms in line with European regulation. The Czech Telecommunications Office (hereinafter the “ČTÚ“) is to be the coordinator of digital services, while the Office for Personal Data Protection (hereinafter the “ÚOOÚ“) will supervise personal data protection. Under the DSA, the ÚOOÚ is responsible in particular for supervising the obligations under Articles 26 and 28(2) of the DSA, i.e. the rules on advertising in online interfaces and restrictions on targeted advertising to minors.
At the same time, the proposal defines in detail the elements of offences and sets upper limits for fines for breaches of obligations arising from both this Act and directly applicable European Union regulations. In the event of a breach of obligations under the DSA, the penalties are based on the limits set by the regulation itself, which allows fines of up to a percentage of the global annual turnover of the entity concerned.
For example, in relation to commercial communications, the Digital Economy Bill distinguishes between several types of offences. A legal entity or self-employed natural person commits an offence if it sends commercial communications en masse or repeatedly without legal grounds, without providing a functional opt-out option for each message, or after the expiry of a two-year period from the last sending of a commercial communication to the customer. Such conduct may be punishable by a fine of up to EUR 20,000,000 or up to 4% of the undertaking’s global annual turnover, whichever is higher.
For less serious violations, such as a natural person sending commercial communications en masse without consent, a fine of up to CZK 100,000 may be imposed. For breaches of specific obligations of members of professional chambers, the penalty may reach up to CZK 1,000,000. The penalty framework thus represents a significant tool for enforcing the rules and emphasises that the new regulation is not merely formal but has real enforceability.
Conclusion
The Digital Economy Bill represents a significant step towards the systematic anchoring of European regulation of the digital space in the Czech legal system. It responds primarily to the requirements arising from the DSA and DGA regulations and creates a procedural, institutional and sanctioning framework for their effective application at the national level. Although it is an adaptation regulation to directly applicable European Union regulations, the bill brings a number of practically significant clarifications, particularly in the area of the dissemination of commercial communications, the definition of the powers of supervisory authorities and procedural procedures under the DSA and DGA. In some parts, the existing legislation can be said to have been clarified or tightened, which will have a direct impact on entrepreneurs operating in the digital environment.
At this stage, however, it is still a bill that will be debated in the Chamber of Deputies and may be subject to amendments. The final form of the legislation may therefore still change during the legislative process. It will therefore be important for digital service providers, online platform operators and other affected entities to closely monitor further developments and prepare in good time for the new regulatory requirements, which are set to have a fundamental impact on the functioning of the digital economy in the Czech Republic.
If you have any questions regarding the regulation of the digital space, e-commerce and EU law, we at PEYTON legal are at your disposal.
[1] The text of the bill can be found here: Parliamentary Print 69/0.
[2] Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market For Digital Services and amending Directive 2000/31/EC (Digital Services Act).
[3] Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act).
[4] Regulation (EU) 2019/1150 of the European Parliament and of the Council of 20 June 2019 on promoting fairness and transparency for business users of online intermediation services.
[5] In particular, Act No. 480/2004 Coll., on certain Information Society Services, as amended, or directly applicable European Union regulations.
[6] The issue of commercial communications is now addressed by Section 7 of Act No. 480/2004 Coll., on certain Information Society Services, as amended.
[7] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
JUDr. Miloš Kulda, Ph.D., attorney –kulda@plegal.cz
JUDr. Tereza Pechová, trainee solicitor – pechova@plegal.cz
12. 2. 2026