The Consumer Rights Directive 2011/83/EU provides an updated framework aimed at encouraging online sales. The Directive has been implemented by the Act on Marketing Practices.

Denmark has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

Art. 17 of Directive 2019/790 on Copyright in the Digital Single Market (DSM Directive) mandates that providers of content-sharing services seek authorisation from rights holders and implement technical solutions to remove and prevent unauthorised uploads by their users (so-called upload filters) under penalty of losing their liability safe harbour. Further arrangements are envisaged for complaints and dispute resolution mechanisms. Such upload filters are reported to be a significant cost for online platforms. Graduated exemptions are expected to be put in place for new providers active in the EU for less than three years with a turnover under EUR 10 million and with fewer than five million users. The provision is subject to a challenge in the Court of Justice by Poland (C-401/19).
To implement Arts. 15-17 of the Directive 2019/790, Denmark has adopted the Law amending the Copyright Act (L 205), therefore making online content-sharing service providers partially liable for copyright violations on their platforms.

The EU Directive on Audiovisual Media Services (AVMS) covers traditional broadcasting services as well as audiovisual media services provided on-demand, including via the Internet. Art. 13.1 provides for Member States to secure a minimum 30% share of European works in the catalogues as well as "ensuring prominence" of those works. "Prominence" involves promoting European works by facilitating access to such works using any appropriate means to ensure their prominence. The Directive has been implemented by Member States in different ways, ranging from very extensive and detailed measures to a mere reference to the general obligation to promote European works.
In Denmark, the EU Directive was transposed into domestic law through Order No. 1159 on Program Activities Based on Registration, issued in June 2020. According to Art. 14 of the Order, providers of on-demand audiovisual media services must ensure that European programmes, as outlined in Annex 1, comprise at least 30% of their catalogues. Although Denmark has not yet implemented financial contribution obligations for VOD service providers, a bill (Bill for an Act on Cultural Contribution) is currently in progress and is expected to be approved to address these requirements.

The EU directive on Audiovisual Media Services was adopted into Danish Law through the Act amending the Radio and Television Act and the Film Act. It came into force on 1 July 2020. The main points from the legislative proposal are implemented in 12 ministerial orders that are drafted subject to the Danish Radio and Television Broadcasting Act and the legislative proposal and entered into force by 15 September. Broadcasters shall endeavour to ensure that more than half of their transmission time (excluding the time allotted to news, sports events, competitions and Teletext services) is reserved for European works. Video on Demand services shall promote, where practicable and by appropriate means, the production of and access to European works.

It is reported that the Danish Business Authority (DBA), the executive authority for the supervision and administration of services in the telecommunications sector, is independent from the government in the decision-making process.

Section 3(9) of the Danish Data Protection Act mandates the Minister of Justice to lay down rules requiring that personal data processed in specific IT systems, which are held for public administration, must be kept in whole or in part in Denmark. In 2020, the Danish Minister of Justice issued Danish Executive Order No. 1104 of 30 June 2020, which states that the following IT systems shall be maintained in Denmark:
- DeMars: the Defence Management and Resource Control System;
- Digital Post: the system to digitally provide all posts from Danish authorities to citizens;
- MitID: Denmark’s digital ID;
- NemLog-in3: online public self-service solutions;
- Statens Lønløsning: the systems to manage salary and pension payments to all government employees.

The European Union General Data Protection Regulation (GDPR) provides a comprehensive framework for data protection that applies to all EU Member States. Denmark implemented the GDPR through Act No. 502 of 23 May 2018, on Supplementary Provisions to the Regulation on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data.

Under the EU Directive on Data Retention, operators were required to retain certain categories of traffic and location data (excluding the content of those communications) for a period between six months and two years and to make them available, on request, to law enforcement authorities for the purposes of investigating, detecting and prosecuting serious crime and terrorism. On 8 April 2014, the Court of Justice of the European Union declared the Directive invalid. However, not all national laws that implemented the Directive have been overturned.
Sections 5.1 and 5.2 of the Data Retention order require network operators or service providers to retain the following data about a user's access to the internet for one year:
- the assigned user identity;
- the telephone number assigned to communications as part of the public electronic communications network;
- the name and address of the subscriber or registered user to whom an IP address, user identity or telephone number was assigned at the time of communication; and
- the time of the beginning and the end of a communication.
Providers of electronic communications networks or service providers that offer wireless access to the Internet shall also record information on the precise geographical or physical location of the local network and the identity of the communications equipment used (Section 5.2).
This is reiterated in Section 786, paragraph 4, of the Administration of Justice Act, which states that providers of telecommunications networks or services shall be obliged to record and retain for one-year information on telecommunications traffic for the purpose of investigating and prosecuting criminal offences.

The Center for Cybersecurity may initiate lawful interception without a court order under Act No. 713 of 26 June 2014 on the Center of Cybersecurity. According to Chapter 4 of the Act, the Cybersecurity Centre's network security service may process traffic data, packet data and stationary data originating from authorities and enterprises that are connected to the Network Security Service without a court order, with a view to supporting a high level of information security in society. This includes the processing of personal data.
The Centre for Cybersecurity may only process, without a warrant, stationary data from an authority or undertaking that is connected to the Network Security Service when (1) the authority or undertaking has requested the assistance of the Cyber Security Centre, made the stationary data available to the network security service and given its written consent to the processing; and (2) the processing is deemed to contribute to supporting a high level of information security in society.
It is reported that a large number of public and private bodies can be requested to become part of the Network Security Service. The highest state bodies and state authorities may be connected to the network security service upon request. Additionally, the Centre for Cyber Security may require enterprises of a particularly public nature and regions and municipalities to be connected to the network security service for the purpose of monitoring network communications. The order may only cover those parts of the company, region or municipality that are of significant importance to Denmark's critical infrastructure. At least every six months, the Centre for Cyber Security must assess whether an injunction should be maintained.
The Center for Cybersecurity is exempted from the Danish Data Protection Act and Regulation 2016/679/EU on the protection of personal data, as well as parts of the Administrative Procedure Act and the Openness of Government Act.

The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbour. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
The Danish E-Commerce Act implemented the E-Commerce Directive's specific rules on liability for intermediaries. Internet intermediaries generally do not need to monitor the content of a website they host, according to the Danish E-commerce Act. However, an internet intermediary must remove illicit information as soon as it becomes aware of it (section 16).

The Directive 2000/31/EC (E-Commerce Directive) is the legal basis governing the liability of Internet Services Providers (ISPs) in the EU Member States and includes a conditional safe harbour. Not all Member States have transposed the relevant articles consistently, leading to divergent national case law that could cause legal insecurity on an EU level.
The Danish E-Commerce Act implemented the E-Commerce Directive's specific rules on liability for intermediaries. Internet intermediaries generally do not need to monitor the content of a website they host, according to the Danish E-commerce Act. However, an internet intermediary must remove illicit information as soon as it becomes aware of it (section 16).

The European Union and Denmark have adopted the World Intellectual Property Organization (WIPO) Performances and Phonograms Treaty. The treaty was ratified on 14 December 2009 and came into effect on 14 March 2010.

The Directive 2016/943 on the protection of undisclosed know-how and business information (trade secrets) is key in harmonising national laws concerning trade secrets. In 2018, Denmark updated its Trade Secret Legislation. Trade secrets were previously protected in the Marketing Act, and in other laws, but as a consequence of the EU Trade Secrets Directive, the rules have largely been compiled into one law, the Trade Secrets Act. The new Act introduces a definition of trade secrets, legal remedies and compensation.

It is reported that passive sharing is mandated in Denmark, and it is practised in the mobile and fixed sectors based on commercial agreements. In addition, Directive 2014/61/EU (Art. 3.2) establishes that Member States shall ensure that, upon written request of an undertaking providing or authorised to provide public communications networks, any network operator must meet all reasonable requests for access to its physical infrastructure under fair and reasonable terms and conditions, including price, with a view to deploying elements of high-speed electronic communications networks. Such written request shall specify the elements of the project for which the access is requested, including a specific time frame.

It is reported Denmark does not mandate functional separation for operators with significant market power (SMP) in the telecom market. However, accounting separation can be mandated in relation to certain price control mechanisms – only on SMP operators.