The requirements, which will cover major providers KPN , T-Mobile and Vodafone, are part of a series of moves to strengthen standards after a 2019 assessment of the risks posed by China and other countries identified as having an “offensive cyber strategy”.
In a ministerial decree, junior Economic Affairs Minister Mona Keijzer also specified that telecoms providers must retain network data for at least three months in case it is needed to analyse “advanced threats and attack vectors”.
Britain and France have effectively banned China’s Huawei from helping build their 5G telecoms networks. The Dutch government said last year vendors could be excluded if they have “close ties to foreign governments involved in spying”.
It did not name Huawei specifically, despite pressure from parliament to do so.
Last month, KPN said it would use Sweden’s Ericsson to build core elements of its 5G mobile network.
In May, the upper house of parliament approved a law giving the government power to block “undesirable” takeovers of telecommunications companies.
That includes an obligation for any would-be buyer of a more than 30% stake in a Dutch telecom to ask the government first.