In 2022, the regulatory spotlight will be shining on telco OTTs in the EU (and everywhere)
In September 2021, the EU Commission escalated its legal action against 18 EU countries for their failure to enact the EU’s new telecommunications law – the European Electronic Communications Code (EECC or the Code). Member States are required to pass national legislation enacting the provisions of the Code, which challenges the traditional notion of telecommunications and expands the regulatory burden to internet-based communications services or telco over-the-top providers (telco OTTs).
One of the key questions baked into this new European telecom framework is the issue of interoperability between internet communications applications. In the coming year, we will likely see further pressure from national telecom authorities as they begin regulating telco OTTs.
The EECC redefines electronic communications services to include – number-independent interpersonal communications services (NIICS) – communication services that do not use numbers to route communications. Under the Code, NIICS must ensure the security and privacy of the end user’s communications. NIICS must also comply with certain consumer protection obligations on transparency, including providing their users with an easy-to-read contract summary. These are essential obligations that NIICS must be aware of, though they will be relatively easy to comply with. Indeed, NIICS are exempt from most of the onerous obligations in the Code.
It’s all about sharing
The regulatory door opened by the Code in the matter of “interoperability” – which could be a potential game-changer – is even more significant. There is a clear user trend away from PSTN communications (traditional number-based routing of communications) into telco OTT applications, such as WhatsApp, Zoom, Skype, Teams, Telegram, and many others. Under current telecom frameworks, both end-to-end connectivity and access to emergency services rely on end-users using number-based interpersonal communications services. Interoperability is currently only a requirement for number-based interpersonal communications services (ICS). However, should NIICS usage replace number-based communications to a degree that would threaten end-to-end connectivity or effective access to emergency services, the Code would trigger the EU Commission to introduce measures that would ensure interoperability between NIICS.
Fragmentation remains
The push for tighter regulation may not only come from an EU level but from national regulators in Member States. In the past year, the Member States have been working on transposing the provisions of the Code into national law. The intention of some regulators to interpret the Code as expecting stricter regulations around NIICS is already clear in two of Europe’s biggest markets:
- In Spain, a new bill sent to Congress by the Executive authorities raised eyebrows as it would subject NIICS to a more onerous regulatory regime than that found in the Code, including the requirement to register with the regulator prior to providing services.
- Last October, the French regulator published a Decree implementing the Code, which would enable French regulator ARCEP to impose interoperability on NIICS if the regulator considers the interoperability of end-users to be compromised.
Even outside Europe, we have seen tighter regulations of cloud communication services emerge. Last October, the Malaysian regulator – the MCMC – announced the implementation of cloud service regulations. MCMC defines cloud services as “any service made available to end-users on demand via the Internet from a cloud computing provider’s server”. The regulator stated that “there is a concern on data safety and trust considering high adoption by consumers on cloud services in their daily activities more so with public data in the cloud”. From 2022 onwards, clouds services in the country will need to obtain an “Applications Service Providers” class license.
Going forward
Most people still have a phone number, and many argue that numbers will remain a foundational part of telecommunications for many years to come. While it may be that providers of internet-based communications services should not expect to be subject to interoperability already in 2022, and the road towards mandated interoperability would still face extensive reviewing processes, the Code has made European regulations more sensitive to the clear user trend away from number-based communications. As we are beginning to see, some regulators have already displayed an appetite to go beyond the requirements of the Code. This regulatory trend will accelerate in 2022.
Member States were given a few extra months to reply to the Commission’s legal action, after which the case may be referred to the EU’s Court of Justice. The implemented draft laws are making their way through the legislative processes across the Union, and internet-based communications services will soon be a regulated telecommunications activity throughout Europe.
Predictions
- NIICS providers are now subject to information requirements for contracts, so providers should review the terms of their end-user contracts and ensure contract summaries are readily available to end-users.
- The security of networks is a high priority. While the regulatory burden under the Code is relatively light, regulators will use national legislation to strengthen these requirements. Regulators see the security of services and end-user privacy as essential for users of internet communications applications. Providers of such applications must ensure that they at the bare minimum meet their cyber security obligations under the Code.
- The inclusion of NIICS in the Code will serve as a launchpad for the regulation of internet-based communications services. The year 2022 provides an opportunity for the industry to make strategic engagements with national authorities across Europe to take part in shaping the regulatory environment they are now entering.
Subscribe to our news alerts here.