The Technology, Media and Telecommunications Review: Estonia


Estonia is a strong advocate of technological advancement, and the information and communications technology (ICT) sector is of major importance to the government. Estonia has become a model for free and open internet access. It is also the EU frontrunner as regards the digital provision of public services and has one of the highest shares (93 per cent) of e-government users in Europe.2 Estonia continues to implement innovative digital public services, with more than 50 artificial intelligence (AI) use cases launched as of October 2021 as part of the national strategy for the development and implementation of AI.3

Estonia sees ICT as key to sustained economic growth. The Ministry of Economic Affairs and Communications adopted and continues to implement the Digital Agenda 2020,4 which focuses on creating an environment that facilitates the use of ICT and the development of smart solutions in Estonia in general.

An update to the Digital Agenda 2030 is currently being prepared.

The number of internet and mobile telephone users in Estonia has grown rapidly in the past 20 years. There are no significant digital divides in Estonia and, in general, internet connections are affordable. According to Statistics Estonia, 90.2 per cent of households in urban areas had internet connections in 2020, compared to 89.5 per cent of those in rural areas.5 While the availability of mobile broadband is very good, fixed broadband is less widespread, and below the European average, which is mainly because of limited connectivity in sparsely populated rural areas.6 For this reason, a non-profit organisation, the Estonian Broadband Development Foundation (ELA SA), was founded in 2009 by the government and major Estonian communication undertakings to develop Estonia's broadband network and build and operate the EstWin high-speed base network. The project is financed mostly from public sources. In 2018, the Foundation started its 12th and last tender to procure the designing and building of approximately 400km of base network. The Foundation has set the goal of bringing broadband no further than 1.5km from 98 per cent of households.7

Separate from the base network project is the government's last mile project. Until 2018, all local municipalities were responsible for mapping out the white areas in their jurisdiction where there is a need for developing the last mile of a high-speed internet network. This approach did not prove to be successful, and in 2018 the Ministry of Economic Affairs and Communications, along with the Estonian Technical Regulatory Authority, initiated the national last mile project, a public competition to find a suitable network builder to bring high-speed internet access to areas where there is no internet access, or where the connection is of poor quality and where communications companies would not invest in the next five years (the white area).8 Elektrilevi, Estonia's largest electricity network operator, was awarded the subsidy and committed to extend broadband access to the largest possible number of households that still lack high-speed internet. Elektrilevi has initiated plans to connect 200,000 households by the end on 2023.9 Additionally, €15 million of the 2020 state budget was allocated to improve connectivity in rural areas. An estimated €69 million will also be available from the European Union funds from the Recovery and Relief Facility and the European Regional Fund to improve broadband access and speed from 2023 to 2027.

One of Estonia's key challenges is to award pioneer bands for 5G connectivity. The public auction for three bands of 3,410–3,800MHz was announced in March 2019, but was suspended following an appeal by a broadband network operator. Awarding of 5G bands has further been delayed due to ongoing discussions over legislative measures prohibiting high-risk components in 5G and subsequent standard mobile communications networks. As of October 2021, the public auction is yet to be held.

The fast-developing ICT sector presents some challenges for policymakers, but generally the regulatory landscape in the ICT sector is in quite good shape. As previously mentioned, the ICT sector is of major importance to the state. Several political changes have not hindered Estonia's ambitions regarding e-governance or the thriving ICT sector. The government continues with its strategy to market Estonia as an e-state throughout the world.


i The regulators

The electronic communications and media area is supervised by an independent regulatory authority, the Estonian Consumer Protection and Technical Regulatory Authority (ECTRA) (previously the Technical Regulatory Authority), which is sometimes also referred to as the Technical Surveillance Authority.10 The ECTRA supervises the fields of consumer protection, electronic communications, industrial safety and transport. In the field of communications services, the ECTRA is tasked with ensuring a sufficient and timely resource of radio frequencies (RFs) and telephone numbers for the provision of communications services and performing national surveillance of the field of communications.11

Other regulatory bodies that may exercise supervision over electronic communications service (ECS) providers pursuant to their competence include (not exhaustively) the Data Protection Inspectorate, the Competition Authority and the Information System Authority. Sector-specific regulation of the competitive situation on the markets for communications services is carried out mainly by the ECTRA, while the Competition Authority has general authority (e.g., in merger proceedings).

ii Main sources of law

ECSs are regulated by the Electronic Communications Act (ECA),12 in force from 1 January 2005 (as amended), which transposes in Estonia the EU's regulatory framework for electronic communications. On the basis of the ECA, numerous regulations of the government have been adopted to regulate certain more technical or detailed issues of the framework. Under the ECA, an ECS means a service that consists wholly or mainly of the transmission or conveyance of signals over the electronic communications network (ECN) under agreed conditions. Network services are also ECSs.13

The ECA provides requirements for public ECNs and publicly available ECSs regarding the use of electronic contact details for direct marketing, the conduct of radiocommunications, and the management of RFs, numbering and apparatus, as well as state supervision over the compliance with these requirements and liability for the violation of these requirements. A publicly available ECS is defined as a service provided by a communications undertaking on the respective communications services market pursuant to the general procedure to all persons, and the persons need not meet any conditions differentiating them from other similar persons. A service is publicly available particularly if provision of the service is continuous and consistent and it is provided essentially under uniform conditions.14 There appear to be no definite (official) criteria available that would help to determine whether a particular service is considered to be publicly available, as there are no official guidelines or case law. However, under a conservative approach from the viewpoint of notification obligations, it does not matter whether the services are offered either on a wholesale level or on a retail level to end-users to be considered as publicly available, but rather if the service is open to a particular group of (similar) customers. The scope of application of the ECA is expected to change with the transposition of Directive (EU) 2018/1972 into Estonian law. The Act transposing the Directive is currently being prepared and it would expand the scope of application of the ECA to over-the-top (OTT) communications services.15

The ECA is not applicable to information society services to the extent these are regulated by the Information Society Services Act (ISSA),16 which implements Directive 2000/31/EC into Estonian law. Information society services are services provided in the form of economic or professional activities at the direct request of a recipient of the services, without the parties being simultaneously present at the same location, and such services involve the processing, storage or transmission of information by electronic means intended for the digital processing and storage of data. Information society services must be entirely transmitted, conveyed and received by electronic means of communication.17

Media services are regulated by the Media Services Act (MSA),18 in force from 16 January 2011 (as amended). The MSA provides for:

  1. the procedure and principles for the provision of audiovisual media services and radio services and the requirements for providers of media services;
  2. the procedure for the issue of activity licences for the provision of television and radio services to legal persons under private law and the procedure for registration of the provision of on-demand audiovisual media services; and
  3. the principles of protection of a person who has provided information to a person processing information for journalistic purposes.19

The MSA is set to be amended with the transposition of the revised Audiovisual Media Services Directive 2018/1808/EU. The Act is currently being prepared and will feature the new harmonised rules for the promotion and distribution of European works and expand the scope of application of the MSA to video-sharing platforms.20 Estonian public broadcasting is excluded from the scope of the MSA and is regulated by the Estonian Public Broadcasting Act.21

iii Regulated activities

Under the ECA, each person has the right to commence the provision of communications services. The provision of communications services is subject to a one-off notification obligation. A notice of economic activities for the provision of communications services must, among other required information, set out a description of the provided communications service and the geographical area of activity. Such notice must be filed via the state portal22 or via a notary.23 If publicly available communications services are provided by an entity from another EU Member State (cross-border service) on a permanent basis in Estonia, then such entity must also file the notice of economic activities to the ECTRA.

For the provision of certain communications services, it is necessary for service providers to apply for licences. Namely, use of radio spectrum and numbering is subject to an RF authorisation and a numbering authorisation respectively. Activity licences are required for the provision of television and radio services. All licences and authorisations are subject to relevant state fees, the amount of which varies according to the type of the licence or authorisation in question. All the relevant licences and authorisations mentioned above are issued by the ECTRA.

Frequency authorisations for the use of spectrum are allocated according to the Estonian radio frequency allocation plan,24 which determines the manner, regime and purpose of using RFs. To receive an authorisation, a standard format application25 to the ECTRA must be submitted with the relevant information about the applicant (name, residence or seat, date of birth or personal identification code or registry code, contact details) and the frequency itself (which frequency is being applied for, what is its purpose, conditions of use, area of use, etc.). The ECTRA has six weeks from the receipt of a complete application to issue a licence if the use of spectrum does not need international coordination, and eight months if it does. If the use of spectrum is being allocated by way of a public competition or auction, the relevant procedural rules and deadlines are determined by the Minister of Economic Affairs and Infrastructure. The ECTRA has the right to refuse an application on certain grounds, for example if the applicant's activities may be hazardous, there is no free spectrum, the use of spectrum is not in line with the Estonian radio frequency allocation plan or national or international legislation, or if the use of spectrum is ineffective or may cause radio interference.26 The frequency authorisation establishes the conditions and requirements for the use of spectrum. Under certain conditions, the conditions may be amended. If the ECTRA has issued a frequency authorisation, the authorisation can be extended by submitting an application not later than one month before the expiry of the authorisation and by paying the relevant state fee.27

Upon grant of spectrum licences by way of public competition, the Minister of Economic Affairs and Infrastructure may determine a one-off authorisation charge of up to €1.597 million, a deposit for participation in the competition, or both. The one-off authorisation charge shall be determined as a fixed charge or, in the case of an auction, as a starting price. The deposit must be equal to all participants and must not exceed the one-off authorisation charge. The deposit will be returned after the winner is ascertained.28

Authorisations for the use of numbering are allocated according to the Estonian numbering plan,29 which determines the location of numbers, short numbers, identification codes and access codes in the numbering space, the requirements for the length, use and dialling procedure of numbers, the conditions of use and the services for the provision of which they may be used. A numbering authorisation can be obtained by submitting a standard format application30 to the ECTRA containing the information on the applicant (name, residence or seat, date of birth or personal identification code or registry code, contact details), the planned use of the number, etc. The ECTRA will issue a numbering authorisation within 10 working days after receipt of a complete application if there are no grounds for refusal. The numbering authorisation sets out the conditions of use of the allocated number. A numbering authorisation is issued for up to one year and can be extended by up to one year at a time. Numbering authorisations can also be granted by way of an auction on certain conditions.31

Activity licences for television and radio services are provided on the basis of the MSA. All private broadcasters are required to have an activity licence. Estonian Public Broadcasting, which is a legal person in public law, is not required to apply for an activity licence. Different licences are issued for the provision of free access television services, conditional access television services, satellite television services and radio services. Free access television and radio service licences are issued through a public competition. All the other licences are issued on the basis of an application. For the obtaining of licences, the MSA prescribes necessary requirements on programmes, sustainability of a service and the coverage area of the service, among other conditions. A licence for free access television services is issued for up to 10 years, and the rest of the above-mentioned licences for up to five years.32

iv Ownership and market access restrictions

Currently there are no foreign ownership restrictions in the communications sector.

Under the MSA, a television or radio service provider will not be given an activity licence if it holds a dominant influence over the management to the undertaking that has been issued an activity licence for the provision of television and radio services, and the issue of the activity licence may substantially damage competition in the media services market, particularly through the creation or reinforcement of a dominant position in the market.33 Similarly, aggregate holdings of certain types of spectrum may constitute a dominant position, which would trigger the heightened attention of the ECTRA and the Estonian Competition Authority. When it comes to trading spectrum, the ECTRA has a right to refuse the transfer or grant of right to use RFs if this distorts competition, and it may, if necessary, coordinate the transfer or grant of frequencies with the Estonian Competition Authority.34 These rules apply in addition to the general merger control regime under Estonian and European competition law.

In general, Estonian law does not limit market access, except for the limitations specified above.

v Transfers of control and assignments

Mergers and acquisitions are reviewed by the Estonian Competition Authority. The procedure of merger reviews is regulated by Chapter 5 (Control of Concentrations) of the Competition Act.35 Council Regulation (EC) No. 139/2004 on the control of concentrations between undertakings applies in cases of mergers with an EU dimension, but the national merger control is very similar to that of the EU. Estonia has a mandatory filing requirement for qualifying transactions. For a transaction to be qualifying, the relevant turnover thresholds must be exceeded. A merger is notifiable if the total annual turnover in Estonia of all companies concerned is more than €6 million and the total annual turnover in Estonia of each of at least two of the companies concerned is more than €2 million.36 The companies concerned include those directly involved in the merger, any other associated companies within the same control group and joint ventures. There is a two-phase merger review process, and clearance is required before closing. The length of proceedings is 30 days for a simplified procedure, and will last for four additional months when further investigation is needed. Simplified procedures may end with an approval or a decision to conduct further investigation in Phase II. The latter may conclude with a clearance, a refusal or a conditional clearance.37

While the Competition Authority has general authority over merger proceedings, the sector-specific regulation of ECS markets is conducted by the ECTRA. The Competition Authority used to have wider competences in the communications sector, but now only postal services have remained fully under its regulatory authority. The ECTRA and the Competition Authority are under a legal obligation to cooperate in the area of market regulation and exercise supervision in the communications sector, and, if necessary, exchange appropriate information.38 This means that when it comes to mergers in the communications sector, the Competition Authority may involve the ECTRA in the merger proceedings. In practice, merely holding a dominant position through an allocated frequency authorisation can be decisive on the outcome of transactions.

As described in Subsection iv, licence transfers may also be subject to competition law concerns. In general, RFs are transferrable or can be granted for use to another person if the Estonian radio frequency allocation plan allows it, with the RFs for broadcasting being an exception. It is thus necessary to verify the transferability or the permissibility of granting the frequency to the use of another person on a case-by-case basis, based on the radio frequency allocation plan. The transfer or grant of use must be approved by the ECTRA, who may coordinate with the Competition Authority. The ECTRA has the right to refuse the transfer or grant of the right to use RFs if it distorts competition.39

Telecommunications and internet access

i Internet and internet protocol regulation

IP-based services are regulated by the ISSA. ECSs and information society services are mutually exclusive; therefore, information society services are excluded from the scope the ECA. However, state supervision over compliance with the requirements provided for in the ISSA is exercised by the ECTRA.

Contrary to the ECA, the ISSA does not contain any registration, authorisation or notification obligations for service providers. The primary obligation of service providers is to render directly and permanently accessible to recipients of services at least the following information:

  1. the name of the service provider, its registry code and the name of the corresponding register, the service provider's address and other contact details, including the electronic mail address;
  2. its registration number if, for operation in the corresponding field of activity, registration in the register of economic activities is required by law, or its activity licence number; and
  3. if reference is made to the fee charged for the service, information on whether the fee includes taxes and delivery charges.

Information society service providers generally have less obligations compared to communications service providers. An information society service provider is generally not liable for the information transmitted upon mere transmission of information and provision of access to public data communications networks, upon temporary storage of information in cache memory and upon provision of information storage services. There are exceptions to this general rule.40 Additionally, information society service providers are not obligated to monitor information upon the mere transmission thereof or provision of access thereto, temporary storage thereof in cache memory or storage thereof at the request of the recipient of the service; nor is the service provider obligated to actively seek facts or circumstances indicating illegal activity. However, in certain circumstances information society service providers are obliged to provide information about alleged illegal activities undertaken or information provided by recipients of their services, and to communicate to the competent authorities information enabling the identification of recipients of their service.41

ii Universal service

Under the ECA, it is possible to designate universal service providers by way of a public competition, or public procurement if the payable charges exceed the relevant thresholds. When designating universal service providers, it must be taken into account that the end goal is to ensure provision of the service in a cost-effective manner that does not prejudice competition, at an affordable price, and in accordance with the objectives of state organisation in the electronic communications sector, which is to promote competition in the provision of ECSs. A universal service provider may be designated separately for each specified service within a specified territory.42

The following services can be designated as universal services:

  1. connection to a communications network in a fixed location enabling telephone services (which enables the making and receiving of calls, the sending and receiving of faxes and the use of data communication services at data rates sufficient to permit functional internet access, taking into account the hardware and software used by most end-users);
  2. public payphone services or other publicly accessible communications services enabling calls; and
  3. the availability of a universal electronic public number directory and directory enquiry services.43

The universal service obligation (USO) is based on a universal service contract between the communication undertaking and the state, which sets out, inter alia, the obligations, term and charges payable by end-users and the territory.44 The costs related to the performance of the USO are compensated for out of the universal service charge payable by communications undertakings whose turnover for communications services exceeds €383,500 per year. The rate of the universal service charge, established each year by the government, is 0.01 to 1 per cent of the turnover of a communications undertaking with the financing obligation in the preceding financial year. A communications undertaking with the USO is entitled to compensation for unreasonably burdensome costs related to the performance of the obligation.45

Despite the detailed regulation of universal service providers, the competition situation in the markets for communications services is in good shape, all the services that can be designated as universal services are available on the market and no communication undertakings have currently been designated as universal service providers.

iii Restrictions on the provision of service

Obligation to provide access to communications networks and general terms and conditions obligations

The EU directives that require communications undertakings to provide access to their networks have been transposed in national law by the ECA. Generally, communications undertakings are required to enter into a subscription contract with any person who submits an application to this effect. Entry into the contract may only be refused in specified cases, which include:

  1. where there is a technical impossibility in the requested area or manner to connect terminal equipment to the communications network;
  2. where the applicant fails to provide information necessary for his or her identification or for communications with him or her, or the address of the location of the connection to the communications network allowing the provision of the requested communications service;
  3. where incorrect information is provided upon submitting an application or upon entering into a requested subscription contract; and
  4. where an applicant has a debt of collectable arrears for the provided communications services or the applicant is subject to bankruptcy proceedings.

If none of these conditions is fulfilled, the communications service provider is obliged to enter into a subscription agreement with the end-user and to create a possibility for the end-user to commence the use of the ECS within 10 working days after entry into a subscription contract, provided that the end-user has performed the obligations assumed by the subscription contract.46

A communications service contract entered into with the end-user must contain certain mandatory provisions. There is also a formalised process with a one-month prior notice requirement for changes to general terms and conditions. The ECA establishes minimum information and mandatory terms that must be regulated in an ECS contract. These include, among others:

  1. a description of the communications service and possibilities to use other related services;
  2. charges for the services, including charges payable for maintenance, a procedure for settlement of accounts as well as discounts and other price packages;
  3. quality requirements set for the communications service, including service quality parameters;
  4. the procedure and time limit for elimination of faults;
  5. the procedure and time limit for submission of complaints and claims, and the procedure for resolution of disputes;
  6. the term of the contract and conditions for cancellation and extension of the contract;
  7. the measures taken by the communications undertaking to ensure security and integrity of communications networks and services; and
  8. the terms and conditions of a product or communications service intended for end-users with special needs.47

Some of the above contractual information (e.g., information on charges) and any standard terms used by the electronic communications undertaking must be made public on the website of the electronic communications undertaking or, in the absence thereof, in any other reasonable manner.48

Other than the mandatory provisions discussed above, the communications service provider and the end-user are free to agree on contract terms.

Net neutrality

Regulation (EU) 2015/2120 laying down measures concerning open internet access is directly applicable in Estonia. Thus, all communications service providers in Estonia are under the obligation to treat all traffic equally, when providing internet access services, without discrimination, restriction or interference, and irrespective of the sender and receiver, the content accessed or distributed, the applications or services used or provided, or the terminal equipment used.49 Estonia is a strong supporter of net neutrality, despite not having adopted any national legal acts or guidelines on net neutrality. According to the freedom and democracy watchdog Freedom House, internet freedom continues to thrive in Estonia, with very few restrictions on internet content or communications and with robust protections for user rights in place. Estonians have access to a wide range of content online, and very few resources are blocked or filtered by the government. Online content is sometimes removed following a court order, although this is not a widespread issue. Following court rulings on intermediary liability for third-party comments, some Estonian media outlets have modified their policies regarding anonymous commenting on their portals. Freedom House does, however, state concern over the increase of surveillance powers in certain situations, and has raised fears of both content manipulation and self-censorship.50

On 31 October 2019, Estonia and the United States signed a memorandum on 5G security, and Estonia has since then adopted legislative measures to increase government oversight of the hardware and software used in communications networks. In September 2020, the government published a draft regulation prohibiting the use of high-risk hardware and software by providers of vital services and in mobile communications networks implementing 5G and subsequent generation standards. According to the draft regulation, hardware or software is considered to be of high-risk when its manufacturer, maintenance or support service provider is, among other things, located outside EU, NATO or OECD countries, under a foreign government's or security authority's control with no judicial review, or located in a country where no conditions for the protection of intellectual property rights exist.

The ban is set to be implemented in three phases, with high-risk hardware and software with critical functionality being banned with the Regulation entering into force, high-risk non-standalone hardware and software in 5G and next generation mobile networks being prohibited from 1 January 2025, and high-risk hardware and software with no critical functionality and not in use in 5G or next generation mobile networks being prohibited from 1 January 2030.

Furthermore, the Regulation requires electronic communications undertakings to annually notify the ECTRA of the hardware and software in use in its networks and to submit an application for a permit for the use of hardware or software.51

The amended ECA enabling effecting these measures was set to be finalised and adopted by the Parliament in September 2021. However, the Parliament did not have enough time to adopt the amendments to the ECA before the summer recess, and this resulted in a situation where the entry into force dates set forth in the bill were in the past. The Parliament was forced to withdraw the draft law, and the government has resubmitted the bill to the Parliament. The amended ECA is set to enter into force on 15 December 2021.

Unsolicited phone calls, faxes, emails and texts

Estonia has implemented the e-Privacy Directive52 with the ECA. The requirements regarding marketing communications are different for legal and natural persons. Under the ECA, the use of electronic contact details of a natural person for direct marketing is allowed only with the person's prior consent (opt-in), while the use of electronic contact details of a legal person for direct marketing is allowed if, upon use of contact details, a clear and distinct opt-out opportunity is given to refuse such use of contact details free of charge and in an easy manner, and the person is allowed to exercise its opt-out right over an ECN.

Regardless of the above, if a communications service provider obtains the electronic contact details of a buyer, who is a natural or legal person, in connection with selling a product or providing a service, such contact details may still be used for direct marketing of its similar products to the buyer if the buyer is given, upon the initial collection of electronic contact details and each time when the buyer's electronic contact details are used for direct marketing, a clear and distinct opt-out opportunity free of charge and in an easy manner; and the buyer is allowed to exercise its right to refuse over an ECN.

It is important to note that the requirements described above do not apply to multiparty voice calls in real time, which have been excluded from the scope of the implementation of the e-Privacy Directive in Estonia. Multiparty voice calls in real time are instead regulated in the Law of Obligations Act.53 Real-time multiparty calls may be used for communicating an offer only if the consumer has not expressly forbidden the use thereof. Thus, real time multiparty voice calls are subject to an opt-out possibility, while offers made to consumers by automated calling systems without human intervention, fax, telephone answering machine, electronic mail, SMS or other means are lawful only with the prior consent of the consumer.54

iv Privacy and data security

Cybersecurity regulations

Since 2018, one of the main legislative acts imposing cybersecurity obligations is the Cybersecurity Act,55 which transposes into Estonian law the Security of Network and Information Systems Directive.56 The Act provides requirements for the maintenance of network and information systems essential for the functioning of society and state and local authorities' network and information systems, liability and supervision as well as the bases for the prevention and resolution of cyber incidents. The Act is not applied to micro and small enterprises.57 The Act includes obligations, inter alia, for communications undertakings provided for in the ECA that provide cable distribution services consumed by at least 10,000 end-users, and broadcasting network service providers upon providing cable distribution services or broadcasting network services. The Act also applies to Estonian Public Broadcasting and information society service providers within the meaning of the ISSA who offer online marketplaces or search engines or provide cloud computing services.58

The Cybersecurity Act requires the above-mentioned service providers to apply organisational, physical and information technological security measures for preventing and resolving cyber incidents, and preventing and mitigating any impact on the continuity of the service or the security of the system due to a cyber incident, or any possible impact on the continuity of another dependant service or the security of a system. Service providers are required, inter alia, to prepare a risk assessment and ensure its timeliness, and ensure the monitoring of systems for detecting compromising actions and reduce the impact of cyber incidents. The Act also provides for an obligation to notify the Estonian Information System Authority (EISA) of cyber incidents. EISA is also responsible for the state and administrative supervision of compliance with the requirements of the Cybersecurity Act. Similarly, the ECA also includes a requirement to notify EISA immediately of all incidents endangering the security and integrity of the communications network and services that to a significant extent affect the functioning of the communications services or network, and of measures taken to eliminate such incidents.59

Under the ECA, a communications undertaking is required to take appropriate technical and organisational measures to manage the risks related to security and integrity of the communications services and network. The measures must be proportionate to the potential emergency situation, must ensure the minimum impact of incidents endangering the security and integrity of users of communications services and related networks, and must ensure continuity of the provided services.60 A communications undertaking must also guarantee the security of a communications network and prevent third persons from accessing (without legal grounds) the following data: information concerning specific details related to the use of communications services; the content and format of messages transmitted over the communications network; and information concerning the time and manner of transmission of messages.

If a specific hazard exists to a communications service or the security of the communications network, the communications undertaking must immediately inform subscribers of such hazard in a reasonable manner and, unless the hazard can be eliminated by measures taken by the undertaking, also of possible remedies and of any costs related thereto.61

In the summer of 2017, the Emergency Act62 entered into force, which includes a list of emergencies that justify the interruption of vital services. Vital services include, among others, phone services, mobile phone services, data transmission services, and digital identification and digital signing.63 A provider of a vital service is required to, among other things:

  1. prepare a continuity risk assessment and plan of the vital service provided thereby;
  2. implement measures that prevent interruptions of the vital service, including reducing the dependency on other vital services, essential contract partners, suppliers and information systems through duplicating technical systems, contracts, staff and other means important to the provision of the service, using alternative solutions, having and stocking necessary resources and other similar actions; and
  3. ensure the capability to guarantee the continuity and quick restoration of the service provided thereby during an emergency or another similar situation, including in the event of a technical failure or an interruption of the supply or another vital service.64

Privacy and personal data protection

The General Data Protection Regulation (GDPR)65 is directly applicable in Estonia and the general rules set out therein are also applicable in the communications sector. Additionally, the Personal Data Protection Act (PDPA)66 and the Personal Data Protection Act Implementing Act apply,67 which entered into force in 2019, replacing the previous pre-GDPR acts and amended national legislation to establish legal conformity with the GDPR.

In conformity with the GDPR, the PDPA introduces specific grounds for processing of personal data. These include processing of personal data without the consent of the data subject for journalistic purposes, academic, artistic and literary expression, as well as for scientific and historical research and official statistics. More specifically, personal data may be processed and disclosed in the media for journalistic purposes without the consent of the data subject, and in particular disclosed in the media, if there is public interest therefor and this is in accordance with the principles of journalism ethics. Disclosure of personal data must not cause excessive damage to the rights of any data subjects. Furthermore, some data subjects' rights, such as the right of access, right to rectification and right to restriction of processing, inter alia, can be restricted when processing personal data for archiving in the public interest.68 In connection with provision of information society services directly to a child, Estonia has specified that the age at which children can consent is 13 years.69

In addition to the GDPR and the Personal Data Protection Act, some data protection requirements are also set out in the ECA. Under the ECA, a communications undertaking is required to maintain the confidentiality of all information that becomes known thereto in the process of the provision of communications services, and that concerns subscribers as well as other persons who have not entered into a contract for the provision of communications services but who use communications services with the consent of a subscriber. Above all, it must maintain the confidentiality of information concerning specific details related to the use of communications services; the content and format of messages transmitted over the communications network; and information concerning the time and manner of transmission of messages.70

This information may be processed only if the undertaking notifies the subscriber, in a clear and unambiguous manner, of the purposes of processing the information and gives the subscriber an opportunity to opt out. Irrespective of whether the subscriber refuses such processing, the undertaking still has the right to collect and process such personal data without the consent of the subscriber:

  1. when necessary for the purposes of recording transactions made in the course of business and for other business-related exchange of information;
  2. if the sole purpose of the processing is the provision of services over the communications network;
  3. if it is necessary for the provision, upon the direct request of the subscriber, of information society services; or
  4. when necessary for billing the subscriber, including for the determination and calculation of interconnection charges.71

If the processing is done for publishing data on subscribers in number directories or through directory enquiry services, the processor must provide the subscribers with an opportunity to decide on whether and to what extent they wish such data to be published. Subscribers must also have an opportunity to verify and amend the data that concerns them, and to terminate the publication of such data.72

The ECA also prescribes other requirements deriving from the e-Privacy Directive, as discussed in Section III.

Lawful interception and data retention

Under Section 113 of the ECA, a communications undertaking must grant a surveillance agency or security authority access to the communications network for the conduct of surveillance activities or for the restriction of the right to confidentiality of messages, respectively. A communications undertaking is required to preserve the confidentiality of information related to the conduct of surveillance activities, and activities that restrict the right to inviolability of private life or the right to the confidentiality of messages. The electronic communications undertaking may recover the costs it incurs in relation to the provision of access to the communications network under the rules of Section 114 of the ECA.

Under Clause 1111(11)5) and Section 1141 of the ECA, a communications undertaking must provide certain retained data at the request of a court within civil matters.

Obligations to generally and indiscriminately retain data (as per the now-invalid Data Retention Directive73) have been imposed under the ECA and have not been revoked, despite numerous judgments of the Court of Justice of the European Union (CJEU), including the Digital Rights Ireland,74 Tele2 Sverige,75 Privacy International 76 and La Quadrature du Net and Others77 rulings. Communications undertakings must retain for a period of one year an extensive amount of data under the ECA, and have an obligation to provide information to competent state authorities and courts.78 Notably, on 2 March 2021, in its preliminary ruling in H K v. Prokuratuur,79 the CJEU found Estonian law to be non-compliant with EU requirements. The request for the preliminary ruling was brought before the CJEU by the Estonian Supreme Court. Nevertheless, the Estonian legislator has been reluctant to the remove the data retention and lawful interception provisions from the law, arguing that it will remarkably complicate criminal proceedings. Therefore, the latest draft version of the amended ECA still includes these disputable provisions despite public criticism. Additionally, while government surveillance has not been intrusive, Freedom House has expressed concerns over the increase of surveillance powers. Freedom House reports that the government has likely been a client of Circles, a surveillance company that allows customers to monitor calls, texts and mobile phone geolocation by exploiting weaknesses in mobile telecommunications infrastructure.80

Protection of children online

Estonia has adopted various laws that aim at protecting children online. For example, the Child Protection Act81 limits the permissibility of certain content for all children below the age of 18 years. It is prohibited to manufacture, show and disseminate to children content that promotes violence or cruelty, or contains pornographic content.82 The same is provided in the Act to Regulate Dissemination of Works which Contain Pornography or Promote Violence or Cruelty.83 This can be enforced in administrative proceedings by issuing a precept to terminate the violation and to restrict or take down the improper content. In the event of failure to comply with the precept, penalty payments can be imposed repeatedly until the precept is complied with. Parental consent cannot override the requirements set for content providers or limit their legal liability.

Note that under Estonian law, there are liability restrictions for information society service providers in the case of mere transmission, caching and storage. The latter is feasible if the service provider does not have actual knowledge of the contents of the information and, as regards claims for compensation for damage, is not aware of facts or circumstances from which the illegal activity or information is apparent. Additionally, the service provider must, upon obtaining knowledge or awareness of the facts specified above, act expeditiously to remove or to disable access to the information.84

Sexual enticement of children below the age of 14 is criminalised and punishable under the Penal Code.85 Sexual enticement means, among other things, handing over, displaying or otherwise knowingly making available pornographic works or reproductions to a person less than 14 years of age. This is punishable by a pecuniary punishment or up to three years' imprisonment for natural persons and by a pecuniary punishment of €4,000 to €16 million for legal persons. Showing sexual abuse of a person aged less than 14 years, or engaging in sexual intercourse in the presence of such person or knowingly sexually enticing such person in any other way, are punishable by the same sanctions. Handing over, displaying or knowingly making available works or reproductions of works promoting cruelty in another manner to a person of less than 14 years of age, or showing the killing or torturing of an animal in the presence of such person without due cause or knowingly exhibiting of cruelty to him or her in another manner, are punishable by a pecuniary punishment the amount of which is up to €3,200 in the case of legal persons.86

The MSA also includes provisions that are aimed at protecting children. Television and radio service providers may not transmit programmes that may cause substantial physical, mental or moral detriment to minors, in particular such programmes that include pornography or that propagate violence or cruelty for the purposes of the Act to Regulate Dissemination of Works which Contain Pornography or Promote Violence or Cruelty. On-demand audiovisual media services that may cause substantial damage to the physical, mental or moral development of a minor must be made accessible by the on-demand audiovisual media service provider by means of personal identification codes or other relevant technical solutions only in a manner that is not accessible to minors under normal circumstances.87

The Advertising Act88 includes several requirements for advertising directed at persons less than 18 years of age. Advertising that targets groups that are primarily made up of children must take into account their unique physical and mental state resulting from their age. Children may not be a target group of advertising if it is prohibited to sell the advertised goods or provide the advertised services to children. Advertising that targets groups that are primarily made up of children may not:

  1. create the impression that the acquisition of certain goods or the use of certain services will give the child an advantage over other children or that the lack thereof will have the opposite effect;
  2. create feelings of inferiority in children;
  3. incite children to behave or act in a manner that has or may have the effect of bringing children into unsafe conditions;
  4. contain elements that frighten children;
  5. exploit the trust children place in their parents, teachers or other persons;
  6. include a direct or indirect appeal to children to demand the acquisition of the advertised goods or the use of the advertised services from other persons; or
  7. directly incite children to enter into transactions independently.89

These requirements also apply to any online advertising.

Spectrum policy

i Development

Estonia's spectrum policy is changing all the time. The demand for spectrum is increasing rapidly with the development of and increasing demand for new technologies and mobile communications services. Currently, the 5G mobile network is being developed. All this proves to be a challenge in conditions where frequency spectrum is a scarce resource.

To tackle this challenge, the Estonian radio frequency allocation plan is constantly changing to conform to new developments. The use of RFs in Estonia is harmonised with those of the EU, as Estonia takes account of the recommendations of the European Commission to the greatest extent possible.90 The ECA provides that the purpose of regulating the management of RFs is to ensure the purposeful, objective, transparent and proportionate management, and the effective and efficient use, of RFs for the needs of users of RFs, and for the provision of communications services, the creation of possibilities for the development of new technologies and for the fast elimination of radio interference. The RF allocation plan determines, among other things, the RF bands for the introduction of new technologies together with restrictions on new and existing users. The ECTRA reviews the allocation plan at least once a year and submits to the responsible minister proposals for amendments if the development of electronic communications technology requires it.91

ii Flexible spectrum use

As discussed above, the use of spectrum requires its prior allocation by the ECTRA. Spectrum is allocated on the basis of the radio frequency allocation plan, which determines the manner, regime and purpose of using frequency bands. Upon granting a frequency authorisation to a communications undertaking, the ECTRA establishes in the authorisation, among other things, the purpose, manner, conditions and area or location of the use of spectrum, as well as the requirements for the shared use of RFs. Therefore, the authorisation may include in its conditions the possibility to share the use of spectrum, as well as the possibility to trade frequency or grant it for use on the basis of a contract. Accordingly, the use of spectrum is made more flexible by way of allowing such trading and shared use of spectrum.

In addition, the ECTRA carries out spectrum auctions in previously unused frequency ranges and rearranges the use of spectrum, if needs be, as discussed further below.

iii Broadband and next-generation services spectrum use

The ECTRA is also constantly dealing with the need for new uses of mobile spectrum. For example, in 2015 it rearranged the frequency usage of mobile operators in the 900MHz band to enable the introduction of new technologies. In the course of the process, the frequency blocks of each operator were rearranged so that complete frequency ranges were allocated to each operator to create wider bandwidth and conditions for introducing new 4G and 5G technologies.92 Most recently, the 3,600MHz frequency band was rearranged for terrestrial electronic communications networks in compliance with Commission Implementing Decision 2014/276/EU.93

If the ECTRA finds that the number of available spectra is not sufficient for their allocation, it can hold a public competition in the form of a spectrum auction. The latest auction of mobile broadband spectrum ended in May 2017. The auction of frequencies in the ranges of 2,540–2,570MHz, 2,660–2,690MHz and 2,575–2,615MHz ended with the sale of three frequency division duplexes (FDD) and two time division duplexes (TDD) that provide the right to use 100MHz-worth of spectrum in Estonia. Two operators, Elisa Eesti AS and Telia Eesti AS, participated. FDD I and II were bought by Telia, bidding €1,601,234 and €3,605,535 respectively. FDD III, TDD I and II were bought by Elisa, bidding €2,608,789, €1,612,346 and €1,597,001 respectively. Accordingly, around €11 million was earned through the auction.94

After the digital switchover occurred on 1 July 2010, the freed-up frequencies were allocated for 4G mobile communication services. It can therefore be said that more and more spectrum is becoming available for mobile services. More specifically, the latest and upcoming auctions are focused on 5G technologies. During the Estonian presidency of the Council of the EU from July to December 2017, a ministerial declaration was signed to make 5G a success for Europe.95 It was agreed that 5G is the vision for a fully connected European society and a path towards the European gigabit society. The crucial step in implementing this vision is to make more spectrum available in a timely and predictable manner. To realise this goal, it is necessary to release 5G spectrum bands.96 In March 2019, the Ministry of Economic Affairs and Communications published a 5G Roadmap for Estonia, aspiring to achieve 5G coverage in larger cities and their peripheral areas by 2023 and in transport corridors by 2025.97 The plan further envisages international connected automated driving corridors and more leeway for small-cell 5G networks. However, the deployment of 5G networks has currently been delayed due to a legal dispute over the auctioning of radio frequencies and controversy over draft regulations prohibiting the use of high-risk hardware and software in mobile communications networks implementing 5G and subsequent generation standards.

iv Spectrum auctions and fees

The ECTRA carries out auctions if it finds that the number of available spectra is not sufficient for their allocation.

Following a consultation with stakeholders, the ECTRA decided to divide the separable bandwidth of 3,410–3,800MHz into three TDD large enough (3 x 130MHz) to implement large data amounts and facilitate the future development of 5G technologies: 3,410–3,540MHz, 3,540–3,670MHz and 3,670–3,800MHz. Additionally, a fourth, smaller buffer zone was left to ensure undisturbed operation of defence forces equipment.98 This frequency band is considered as the most important 5G frequency range in the European 5G Roadmap, which will allow the use of innovative technologies and devices (internet of things).99 In February 2019, the ECTRA announced the auction for the 3,410–3,800MHz frequency range for the development of 5G technology with a starting price of €1.597 million for each range. The auction was suspended in March 2019 following an appeal by Levikom, a broadband network operator, which argued that dividing the frequency into three large ranges stifled competition and provides an unfair advantage to big operators.100 In its opinion, the Estonian Competition Authority urged the Ministry to consider auctioning the spectrum in smaller 5–10MHz ranges.101 Following this, the Ministry of Economic Affairs and Communications briefly considered dividing the spectrum band into four blocks with hopes to facilitate market entry for new operators.102 However, as of October 2021, the spectrum is still to be auctioned in three larger blocks.103

The use of 3,600-3,800MHz frequency band, once allocated, would still be technically restricted due to border interference with Russia. After the conclusion of a coordination agreement with Russia, a transition will take place and operators will be allocated 90–100MHz frequency blocks.104 However, to move forward with the 5G frequency auction, the amended ECA must be adopted.

In addition to the currently suspended 3,410–3,800MHz auction, preparations for allocating spectrum in the 700MHz and 26GHz frequency bands have started: public consultations for planning the use of 700MHz and 26GHz frequency bands have been concluded, and the results thereof sent to the Ministry of Economic Affairs and Communications for future spectrum planning.105 Furthermore, a study for the use of spectrum in the 40.5–43.5GHz and 66–71GHz frequency range is planned for the future.106


i Regulation of media distribution generally

Media services are subject to the licensing obligations discussed above. In addition, there are restrictions on content that are one of the pre-requirements for obtaining licences.

For example, the MSA requires a television and radio service provider to reserve at least 5 per cent of the daily transmission time of the programme service on at least six days a week for transmitting self-produced new programmes, except on national holidays. At least 10 per cent of the monthly transmission time must be reserved for transmission of own productions, deducting the transmission time allocated for news, sporting events and games programmes as well as for advertising, teletext services and teleshopping. At least 50 per cent of the minimum capacity of own production must be shown during prime time between 7pm and 11pm. At least 51 per cent of the annual capacity of the television programme service must be reserved for transmission of audiovisual works of European origin, deducting the transmission time allocated for news, sporting events and games programmes, as well as for advertising, teleshopping and teletext services, and at least 10 per cent of such audiovisual works must have been created by producers that are independent of this television service provider. These requirements are subject to certain exceptions; for example, local channels are exempted from some of them.107

The MSA also sets out some requirements for commercial communications, TV and radio advertising, sponsorship and product placements. In addition to the MSA, these are regulated by the Advertising Act.

The abovementioned rules are set to change with the transposition of the revised Audiovisual Media Services Directive 2018/1808/EU into Estonian law. The revised Directive was approved in November 2018 and should have been transposed into national legislation by 19 September 2020. As of October 2021, the MSA is yet to be amended to enact the revised EU rules.

ii Internet-delivered video content

Besides television services, on-demand audiovisual media services are becoming increasingly popular. On-demand audiovisual media services do not require a licence, but do require a notification of economic activities to be submitted through the state portal or to a notary, as discussed above.

Most of the biggest ISPs in Estonia have started their own video distribution services. However, this does not limit the accessibility of on-demand services of other service providers. Standalone services are also freely accessible, and even the public broadcaster ERR has recently launched its own on-demand platform, Jupiter. The move by ERR into on-demand services and entertainment content has driven local private media in Estonia to file a complaint with the European Commission. According to private media stakeholders, funding ERR's online news and media services via the state budget harms fair competition and distorts the media market.108 The European Commission has not yet decided on the matter.

Service providers generally measure the use of data without taking into account that part of the data that is used for video on demand (VOD). However, it must be noted that there are examples on the market of ISPs' own on-demand video distribution services that do not use up mobile data if streamed via the service provider's own networks. Thus, one of the strategies used to attract customers to buy video distribution services is that ISPs do not charge for data used on streaming via mobiles on their own VOD services equally with the data used for other VOD services.

The year in review

The most important developments in the legislation concerning the ICT sector in 2020 and 2021 have concerned legislative amendments in light of requirements stemming from EU law, controversies over draft regulations prohibiting the use of high-risk hardware and software in mobile communications networks and the auctioning of 5G spectrum frequency.

In 2019, Estonia announced its national strategy for the development and implementation of AI. The plan includes public–private partnership initiatives, further e-state services and sandboxes for testing and developing public sector solutions, among other things.109 Since the announcement, more than 50 AI and machine-learning use cases have been implemented.110 In August 2020, a legislative initiative was published to regulate the effects of algorithmic systems (known as the AI regulation).111 In October 2021, the digital testbed framework was launched, enabling the government and interested stakeholders to cooperate in IT development without the complex web of procurement rules.112

In February 2020, the Ministry of Economic Affairs and Communications published a draft law that would amend the ECA, and sent it to stakeholders and ministries for their opinions. The draft law is aimed at transposing Directive (EU) 2018/1972 into Estonian law and additionally includes measures enabling the government to prohibit the use of high-risk hardware and software in mobile communications networks and the auctioning of 5G spectrum frequency. The draft law passed two readings in the Parliament, but was subsequently withdrawn, as the Parliament did not have enough time to adopt the amendments to the ECA before the summer recess; this resulted in a situation where the entry into force dates set forth in the bill were missed. The Parliament withdrew the draft law, and the government has resubmitted the bill to the Parliament. The draft law would change the definition of ECSs and bring OTT services under the regulation of the ECA.113

In September 2020, the government published a draft regulation prohibiting the use of high-risk hardware and software in telecom networks implementing 5G and subsequent generation standards. This would bar the Chinese tech giant Huawei, for instance, from constructing Estonia's 5G network. The regulation further seeks to phase out high-risk hardware and software from Estonian communications networks completely by 2030 and imposes new reporting and permit requirements for electronic communications undertakings.114

Significant developments in the telecommunications sector include the opening of a satellite ground station in Estonia by US satellite company Globalstar. The station is one of more than 20 connection points with satellites across the globe, ensuring the functioning of mobile satellite traffic covering all of Europe. It is Globalstar's second land station in Europe, the first one being located in France.115

The M&A market has been very active in Estonia and there have been a number of transactions involving technology start-ups. For example, the Estonia-based unicorn Bolt, a mobility platform valued at more than €4 billion, has carried out multiple significant funding rounds in the past few years, including the biggest funding round in the Baltic region's history. Significant recent transactions in the TMT markets include MM Group's attempt to acquire Forum Cinemas OÜ, the second-largest cinema chain operator in Estonia.116 The acquisition required clearance from the Estonian Competition Authority, and it was eventually concluded that the transaction could significantly harm competition, as the combined market share would have increased to more than 80 per cent in Tallinn and to more than 90 per cent in Tartu. For this reason, the Estonian Competition Authority prohibited the transaction.

There is an increasing demand for spectrum on the market, with Estonia looking to be at the forefront of the development and deployment of mobile communications networks. An auction for spectrum in the 3,600MHz frequency range in three 130MHz time division duplexes was announced in early 2019, but suspended shorty after a local broadband operator appealed the auction claiming it would stifle competition. It is now planned to relaunch the auction once amendments to the ECA have been enacted. Preparations are also underway to auction spectrum in the 700MHz and 26GHz frequency bands.

Conclusions and outlook

Looking ahead, some of the next important developments in the communications, technology and media sector are the following.

The draft law transposing Directive (EU) 2018/1972 into Estonian law has been submitted to the Parliament again and is currently set to enter into force on 15 December 2021. The act would change the scope of application of the ECA and introduce new rules to enhance the deployment of small cell networks. The act would further prohibit high-risk hardware and software in 5G and next generation mobile communications networks and expand the existing data retention obligations to providers of number-based interpersonal communication services such as Skype, WhatsApp and Viber. It has already sparked discussions about data retention obligations and lawful interception of ECSs and its constitutional limits. Estonia has identified 5G use cases with high public impact and seeks to award the first frequency licences in the 3,600MHz band for the development of 5G networks once the ECA is amended.117 It is likely that the 700MHz spectrum auction will follow soon after clarity has been reached regarding the use of high-risk components in communication networks. Going forward, electronic communications undertakings will most likely need to take into account new requirements imposed on network technology as the government seeks to prohibit the use of certain high-risk hardware and software in Estonian communications networks implementing 5G and subsequent generation standards.

Estonia continues to accelerate the development and implementation of artificial technology while at the same time ensuring necessary regulations are in place to safeguard potential threats to fundamental rights. To achieve this, Estonia intends to develop a new legislative act that would include different provisions that set out the obligations to guarantee fundamental rights, levels of transparency, national supervisory measures, sanctions, amendments to the Administrative Procedure Act, impact assessment and specific regulations for high-risk algorithmic systems.118

The Estonian ICT sector is fast-developing and highly important to the legislators. The government's goals include developing and implementing AI technology, bringing ultrafast internet to more and more end-users and promoting Estonia as the world's capital of innovation regarding the communications and information society. However, there are still challenges for policymakers caused by convergence and ultra-fast developments in the sector.

Generally, Estonia follows European policies, and has successfully implemented the various pieces of EU legislation into national law. One shortcoming concerns the rules on data retention by communications service providers, which are based on an invalid directive and have not been revoked from national law, despite a number of CJEU judgments – including a judgment directly discussing the Estonian regulations - that highlight the need to do so.


1 Mihkel Miidla is a partner and Liisa Maria Kuuskmaa and Oliver Kuusk are associates at Sorainen.

13 Clause 2 6) of the ECA.

14 Clause 2 68) of the ECA.

17 Clause 2 1) of the ISSA.

19 Section 1 of the MSA.

23 Sections 3–4 of the ECA.

26 Sections 11–14 of the ECA.

27 Sections 11, 15–16 of the ECA.

28 Section 9(2²)–9(2⁴) of the ECA

31 Sections 33–39 of the ECA.

32 Sections 32–40 of the MSA.

33 Clause 32 3) of the MSA.

34 Section 17(8) of the ECA.

36 Section 21 of the Competition Act.

37 Section 27 of the Competition Act.

38 Sections 40(4) and 144(1) of the ECA.

39 Section 17 of the ECA.

40 Sections 8–10 of the ISSA.

41 Section 11 of the ISSA.

42 Section 73 of the ECA.

43 Section 69–70 of the ECA.

44 Section 72(3)–72(4) of the ECA.

45 Sections 75, 81–84 of the ECA.

46 Sections 93–94 of the ECA.

47 Section 96(1) of the ECA. The full list of mandatory terms can also be found therein.

48 Section 96(3) of the ECA.

49 Articles 3 and 4 of Regulation (EU) 2015/2120.

52 Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).

54 Section 60 of the Law of Obligations Act.

56 EU Directive 2016/1148.

57 Sections 1(1) and 1(3) of the Cybersecurity Act.

58 Clauses 3(1)5), 3(1)10) and Section 4(1) of the Cybersecurity Act.

59 Section 87²(2) of the ECA.

60 Section 87²(1) of the ECA.

61 Section 101 of the ECA.

63 Section 36 of the Emergency Act.

64 Section 38(3) of the Emergency Act.

65 Regulation (EU) 2016/679.

68 Sections 4-7 of the PDPA.

69 Section 8(1) of the PDPA.

70 Section 102(1) of the ECA.

71 Section 102 and 104 of the ECA.

72 Sections 102–107 of the ECA.

73 Directive 2006/24/EC.

74 Judgment of the Court of Justice of the European Union (CJEU) of 8 April 2014 in case C-293/12.

75 Judgment of the CJEU of 21 December 2016 in joined cases C-203/15 and C-698/15.

76 Judgment of the CJEU of 6 October 2020 in case C-623/17.

77 Judgment of the CJEU of 6 October 2020 in joined cases C-511/18, C-512/18 and C-520/18.

78 Section 111¹ of the ECA.

79 Case C-746/18.

82 Section 25 of the Child Protection Act.

84 Sections 8–10 of the ISSA.

86 Sections 179–180 of the Penal Code.

87 Section 19 of the MSA.

89 Section 8 of the Advertising Act.

90 Sections 6(3), 8(3) and 8(4) of the ECA.

91 Section 9(2) and Clause 10(1)1) of the ECA.

93 Amendment to Regulation No. 54 of the Minister of Enterprise and Information Technology of 26 October 2017 'Estonian Radio Frequency Plan':

107 Section 8 of the MSA.

The Law Reviews content