Search Legislation

The Electronic Communications and Wireless Telegraphy Regulations 2011

Status:

This is the original version (as it was originally made). This item of legislation is currently only available in its original format.

Communications Act 2003

This section has no associated Explanatory Memorandum

65.  Before the cross-heading immediately before section 106, insert—

Security of public electronic communications networks and services

Requirement to protect security of networks and services

105A.(1) Network providers and service providers must take technical and organisational measures appropriately to manage risks to the security of public electronic communications networks and public electronic communications services.

(2) Measures under subsection (1) must, in particular, include measures to prevent or minimise the impact of security incidents on end-users.

(3) Measures under subsection (1) taken by a network provider must also include measures to prevent or minimise the impact of security incidents on interconnection of public electronic communications networks.

(4) A network provider must also take all appropriate steps to protect, so far as possible, the availability of the provider’s public electronic communications network.

(5) In this section and sections 105B and 105C—

“network provider” means a provider of a public electronic communications network, and

“service provider” means a provider of a public electronic communications service.

Requirement to notify OFCOM of security breach

105B.(1) A network provider must notify OFCOM—

(a)of a breach of security which has a significant impact on the operation of a public electronic communications network, and

(b)of a reduction in the availability of a public electronic communications network which has a significant impact on the network.

(2) A service provider must notify OFCOM of a breach of security which has a significant impact on the operation of a public electronic communications service.

(3) If OFCOM receive a notification under this section, they must, where they think it appropriate, notify—

(a)the regulatory authorities in other member States, and

(b)the European Network and Information Security Agency (“ENISA”).

(4) OFCOM may also inform the public of a notification under this section, or require the network provider or service provider to inform the public, if OFCOM think that it is in the public interest to do so.

(5) OFCOM must prepare an annual report summarising notifications received by them under this section during the year, and any action taken in response to a notification.

(6) A copy of the annual report must be sent to the European Commission and to ENISA.

Requirement to submit to audit

105C.(1) OFCOM may carry out, or arrange for another person to carry out, an audit of the measures taken by a network provider or a service provider under section 105A.

(2) A network provider or a service provider must—

(a)co-operate with an audit under subsection (1), and

(b)pay the costs of the audit.

Enforcement of obligations under sections 105A to 105C

105D.(1) Sections 96A to 96C, 98 to 100, 102 and 103 apply in relation to a contravention of a requirement under sections 105A to 105C as they apply in relation to a contravention of a condition set under section 45, other than an SMP apparatus condition.

(2) The obligation of a person to comply with the requirements of section 105A to 105C is a duty owed to every person who may be affected by a contravention of a requirement, and—

(a)section 104 applies in relation to that duty as it applies in relation to the duty set out in subsection (1) of that section, and

(b)section 104(4) applies in relation to proceedings brought by virtue of this section as it applies in relation to proceedings by virtue of section 104(1)(a).

(3) The amount of a penalty imposed under sections 96A to 96C, as applied by this section, is to be such amount not exceeding £2 million as OFCOM determine to be—

(a)appropriate; and

(b)proportionate to the contravention in respect of which it is imposed.

Back to top

Options/Help

Print Options

Close

Legislation is available in different versions:

Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.

Original (As Enacted or Made):The original version of the legislation as it stood when it was enacted or made. No changes have been applied to the text.

Close

Opening Options

Different options to open legislation in order to view more content on screen at once

Close

Explanatory Memorandum

Explanatory Memorandum sets out a brief statement of the purpose of a Statutory Instrument and provides information about its policy objective and policy implications. They aim to make the Statutory Instrument accessible to readers who are not legally qualified and accompany any Statutory Instrument or Draft Statutory Instrument laid before Parliament from June 2004 onwards.

Close

More Resources

Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:

  • the original print PDF of the as enacted version that was used for the print copy
  • lists of changes made by and/or affecting this legislation item
  • confers power and blanket amendment details
  • all formats of all associated documents
  • correction slips
  • links to related legislation and further information resources
Close

Impact Assessments

Impact Assessments generally accompany all UK Government interventions of a regulatory nature that affect the private sector, civil society organisations and public services. They apply regardless of whether the regulation originates from a domestic or international source and can accompany primary (Acts etc) and secondary legislation (SIs). An Impact Assessment allows those with an interest in the policy area to understand:

  • Why the government is proposing to intervene;
  • The main options the government is considering, and which one is preferred;
  • How and to what extent new policies may impact on them; and,
  • The estimated costs and benefits of proposed measures.
Close

More Resources

Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:

  • the original print PDF of the as made version that was used for the print copy
  • correction slips

Click 'View More' or select 'More Resources' tab for additional information including:

  • lists of changes made by and/or affecting this legislation item
  • confers power and blanket amendment details
  • all formats of all associated documents
  • links to related legislation and further information resources