TELECOMMUNICATIONS: An Introduction

Preiskel & Co’s Views on the European Telecoms Market and Significant Legal Developments

Introduction 

In recent years, connectivity and the data it can generate has become a source of innovation for the telecoms and technology sectors, which has accordingly attracted further regulation. 2023 and into 2024 has been no different with the rise of free access AI, increased deployment of 5G, as well as European Union (EU) actions to regulate content providers. The use of, and access to, digital content and connectivity has been subject to additional regulatory focus, including net neutrality, digital inclusion, and cyber security.

The need for training data for commercial development of AI is being balanced by regulators seeking to control how AI-generated information is gathered and used in the industry. There are exponential fraud-related risks to the telecoms industry from AI, absent sufficiently secure identification processes. Cybersecurity continues to be a major concern for telecoms providers and network services which are being scrutinised for their resilience and standards while noting the strain of the rise in data demands on the networks.

There is also a growing interest in, and focus on, environmental sustainability from regulators. We expect that the extent to which communications providers will need to respond to environmental concerns from regulators will become more significant and challenging for them over the next years.

Regulatory Developments 

In this latest annual update, Preiskel & Co has set out some of the top regulatory updates concerning the industry and the potential impact on the commercial enterprises within the telecoms sector.

Regulatory 

Intervention by national and international regulation of content providers and their knock-on effects on the underlying network suppliers is redefining the rules of engagement within the telecoms ecosystem. The competitive landscape and consumer rights will continue to dominate the conversation, such that communications providers will need to be engaged in addressing and adjusting to this changing landscape.

AI regulation 

National and international bodies have been working on frameworks to promote or inhibit AI regulation with a diverse range of outcomes. The overarching concerns of data privacy, transparency and security pick up on the larger regulatory trends, but with the new unknown of AI influence. International communications providers will need to keep abreast of and comply with differing approaches to AI regulation in the US (including state-by-state variations), the EU and UK.

The EU took a risk-based approach, where obligations are less onerous on less impactful or dangerous practices, and progressively increase until there are some uses, such as social scoring or predictive policing, which have been banned. A voluntary code of conduct was agreed among the G7 Nations in November 2023.

The US has had a more fragmented response, with an executive order focused only on the use of AI within the government agencies. At the state level, the Californian Privacy Protection Agency (CPPA), as the first dedicated privacy regulator, is charged with enforcing the state’s privacy legislation and may be influential on the national approach. Whether other states will follow suit needs to be monitored.

The UK has taken a principle-first approach with a policy paper on regulating AI where existing regulators will be responsible for developments that fall within their existing remits. This has been promoted as providing flexibility for innovation. The AI Safety Summit in November 2023 gathered almost 30 nations in pledging to work together to identify “safety risks of shared concern” and to “build a shared scientific and evidence-based understanding of these risks”.

There are multiple other perspectives that are being published and this race to regulate may result in diverse development opportunities for the telecoms sector, along with their substantial data processing and communication needs.

EU Gigabit Infrastructure Act (GIA) 

As announced in December 2023, the EU Council made a decision to adopt a common position from the Commission’s proposal to replace the 2014 broadband cost-reducing Directive with the Gigabit Infrastructure Act (GIA). The proposal aims at lowering cost for deploying gigabit electronic communications networks as well as speeding rollout with some minimum harmonisation across the EU. The investment gap for the 2030 digital targets and the low returns on equity were of significant concern. The negotiations are to continue through 2024 and will be of interest for all communications providers.

EU Digital Markets Act 

As of November 2022, the DMA came into effect and targeted antitrust concerns for large technology companies within the EU, which are seen as gatekeepers that control a large quantity of online activity and gain access to a major amount of the consumer data. The six companies currently categorised as gatekeepers by the DMA are: Alphabet (parent of Google and Android), Amazon, Apple, Bytedance, Meta and Microsoft. The compliance deadline of 6 March 2024 is fast approaching.

EU Digital Services Act 

The EU’s DSA came into effect on 25 August 2023, with online intermediaries and platforms being held legally responsible for content posted to them. Platforms with more than 45 million users in the EU, are called the Very Large Online Platforms (VLOPs) and Very Large Online Search Engines (VLOSEs). The DSA rules will then expand to apply to all platforms by 17 February 2024, though micro and small companies will have obligations proportionate to their ability and size. Non-compliance with the DSAs could lead to fines of up to 6% of global turnover. The Digital Services Coordinator will have the power to “require immediate actions where necessary to address very serious harms”. A platform refusing to comply could receive a temporary suspension in the EU. 

UK Telecommunications (Security) Act 2021 (TSA) 

The implementation of the TSA in the UK in October 2022 set out the required security practices that telecoms providers will need to adhere to and set out a good practice guide for effective telecoms security. Public telecoms providers have additional compliance requirements and carry increased risk. Tier 1 providers are to implement certain security measures, deemed to be less resource intensive by 31 March 2024. A year later, on 31 March 2025, Tier 2 providers will also be required to be compliant. Tier 3 providers will likely be afforded additional time.

Digital Inclusion 

Incentivising very high-capacity networks: The EECC was intended to make it easier for telecoms providers investing in 5G and very high-capacity fixed infrastructure to fulfil their business plans and investment objectives. 5G deployment has incentivised new networks, giving consumers greater access to faster download and upload speeds, which supports the increasing demands by content providers. Operators may have reduced the pace of their investments in 5G, mainly in reaction to economic circumstances, but nations are seeing the potential in this technology. The regulatory bodies will need to deliberate on issues related to spectrum allocation, MNO consolidation, security standards and privacy concerns associated with 5G infrastructure.

Expanding connectivity in underserved areas, and the emphasis on net neutrality, is due to the growing reliance on, and use of, connectivity. There is more willingness to grant ISPs flexibility over the supply of retail packages in the UK. This differs from the tightening of regulation from the EU and US, where operational efficiencies are not given as much weight. The ECJ has actually held that certain zero-rating products offered by telecommunications service providers breach the net neutrality rules of Regulation 2015/2120.

Industry continues to press for reforms highlighting the need for a capacity to negotiate with content providers. There is a Fair Share campaign underway to lobby the EU to impose rules on the VLOPs to pay a share of the communications providers’ network infrastructure cost. There are also demands from MNOs to allow further MNO consolidation to provide economies of scale in 5G roll-out. At the time of writing, the Vodafone/3UK merger is being scrutinised by the CMA, which, if cleared, will be music to the ears of MNO shareholders across Europe (and their bankers!).

Concluding Remarks 

Going into 2024 there are signs of increased interest in consolidation across the telecoms sphere as the demand for, and expense of providing, more data connectivity and processing grows with the reliance on data globally. There is acknowledgement from the EU, UK and US regulators that there will need to be legislative and regulatory support to improve the economics and speed of deployment of networks and the commercial incentives for providers to invest.

This does not mean a lessening of the regulatory burden, though the attention seems to be shifting towards the content providers who rely on and benefit from the telecoms networks for their services. These regulations, and the speed of development of new AI and data hungry technologies will impact communications providers, who in turn will need to ensure that they are part of and shape the regulatory conversation.