Spain – New requirements on communication providers to share customer information for emergency services

The Spanish National Commission for Markets and Competition (CNMC) has adopted new requirements governing the provision of subscriber data for emergency services, telephone directories and enquiry services by communications providers — Circular 4/2025, of 3 June (Circular 4/2025), available here.

Circular 4/2025 repeals the previous Circular 1/2013, approved in 2013, and harmonises the provision and receipt of subscriber data, while optimising the exchange of data and improving the synchronisation and accuracy of the information.

The requirement to provide subscriber data through a central platform managed by the CNMC called SGDA (Sistema de Gestión de Datos de Abonado) is a key telecoms regulatory obligation, particularly for the proper functioning of emergency calls, to ensure that the emergency services have accurate caller location information.

The obligation to provide subscriber data to CNMC applies to all communications providers that provide telephony services and assign telephone numbers to their customers.

There are significant changes and new obligations placed on communication providers. Key highlights, include:

• Clarification on the scope of the obligation to provide subscriber data to the SGDA, expressly including resellers of telephony services that assign numbers to their customers.
• A new requirement on communication providers to upload a file with the data of all subscribers every 12 months, which aims to ensure that emergency organisations have accurate and up-to-date caller location information.
• Modification of the format and structure of the files to be uploaded to the SGDA with parameters for the standardisation of subscriber address data using “INE codes” to provide greater data reliability for emergency services.
• A new online cybersecurity course will also be compulsory for all providers.

There is a staggered implementation timeframe:

• The changes on the procedure for the upload of subscriber data will be applicable from September 2026.
• For those providers who were already submitting subscriber data to the SGDA, CNMC will notify the schedule for submitting a file with the data of all subscribers under the new procedure.
• A period of 1 month is established to complete the online course on cybersecurity, with access to be provided by CNMC.

Providers should take steps to comply with the rules, which will require the standardisation of the databases, as well as the data to be collected from customers.

We anticipate effective monitoring and enforcement by CNMC to achieve its strategic priority of ensuring access to emergency services. In June 2025, CNMC imposed a fine of EUR 1.19 million on a provider (reduced to EUR 714,000) for failing to provide subscriber data to the SGDA.

For more information, please contact Alejandro Sola.