Ofcom consultation on mobile spectrum licence fees

Posted on August 1st, 2014 by

Ofcom has recently conducted research which shows that UK consumers now believe that the ability to obtain emergency assistance, contact friends and family, access information, education and entertainment make the provision of mobile telecommunications essential services. This demonstrates how access to voice services and mobile internet has become central to the way we live and work in the 21st Century.

Today, Ofcom has published its latest consultation document in relation to the revision of the annual licence fees for the use by mobile network operators (“MNOs“) of the 900MHz and 1900MHz bands of the electromagnetic spectrum. The bands are currently used for the delivery of 2G, 3G, and 4G mobile services. This review arises out of Ofcom’s mandate, imposed by the Government, to ensure that the annual licence fees reflect full market value following completion of the 4G auction.

MNOs currently pay a total of £24.8m per year for spectrum in the 900MHz band, and £39.7m for spectrum in the 1800MHz band. The revised figures currently proposed are £109.3m per year for spectrum in the 900MHz band, and £137.5m for spectrum in the 1800MHz band – an average increase of around 394%.

This is, however, around 29% lower than Ofcom’s previous proposal in October 2013, and reflects its updated analysis of the market value of the 800MHz and 2.6GHz spectra; international benchmark evidence; and calculations to convert lump-sum values into annual licence fees. The calculation also takes into account the anticipated co-existence costs in relation to avoiding unwanted interference with digital terrestrial television broadcast signals. The reduction from the last proposal is partly as a result of proposals made by certain of the MNOs (such as EE and H3G) as to calculation methods.

As part of the consultation, Ofcom has calculated what it believes to be the market values of the 800MHz and 2.6GHz spectra, and has valued spectrum within those bands at £32.63m/MHz and £5.5m/MHz (although it acknowledged that the latter figure may undervalue the spectrum band by up to £900k/Mhz).

The closing date for response to the consultation is 26th September 2014.


In other news, Ofcom has also invited applications for new local television channels in a further seven locations: Aberdeen; Ayr; Carlisle; Dundee; Forth Valley; Inverness; and Stoke-on-Trent. Local television is currently broadcast in the same spectrum bands as the national channels, typically in the range between 470MHz and 790MHz (albeit with the upcoming clearance exercise channels at the top end of this range are intended to be moved to frequencies below 694MHz). These will join the other locations for which licences have been granted, being: Basingstoke; Belfast; Birmingham; Brighton & Hove; Bristol; Cambridge; Cardiff; Edinburgh; Glasgow; Grimsby; Guildford; London; Leeds; Liverpool; Manchester; Maidstone; Middlesbrough; Mold; Newcastle; Norwich; Nottingham; Oxford; Preston; Reading; Salisbury; Scarborough; Sheffield; Southampton; Swansea; and York.


Queen’s Speech 2014: Legislative change imminent

Posted on July 14th, 2014 by

The Queen’s Speech, setting out the government’s legislative plans for the forthcoming year, was given on 4 June 2014.


This year the Serious Crime Bill (the “Bill”) will be the measure that is of particular interest to the technology and IT industries. The Bill sets out proposed amendments to the Computer Misuse Act 1990 (“CMA) which aim to ensure sentences for attacks on computer systems fully reflect the damage they cause.


The amendments to the CMA will:

  1. Create a new offence of unauthorised acts in relation to a computer causing, or creating risk of, serious damage (of various sorts).
  • Where such cyber-attacks result in (or give rise to a significant risk of): loss of life; serious illness or injury; or serious damage to national security, the maximum sentence for the new offence will be life imprisonment.
  •  Where a cyber-attack causes or creates a significant risk of severe economic, social or environmental damage, the maximum sentence will be 14 years’ imprisonment.
  1. Implement Directive 2013/40/EU on attacks against information systems. European member states are required to implement this directive by 4 September 1015. Key changes to the CMA include:
  • criminalising the making, distribution or use of tools that are primarily designed to be used in hacking offences; and
  • providing a legal basis to prosecute a UK national who commits a CMA offence outside the UK. This will be true even where the offence has no link to the UK, provided it was also an offence in the country in which it took place

The Bill had its second reading in the House of Lords on 16 June 2014 and is currently in the committee stage which will continue on 15 July 2014. Subject to its progress in parliament, the Serious Crime Bill is likely to come into force some time in 2015.


Ruled by Secrecy

Posted on July 9th, 2014 by

In 2010, the European Commission adopted a strategy for smart, sustainable and inclusive growth (Europe 2020) which requires strengthening knowledge and innovation as drivers of the Union’s economic growth.  In this context, in November 2013, the EU Commission submitted to the Council and the Parliament a draft directive on the protection of trade secrets.  Whilst it has yet to be discussed by the European Parliament the Council has recently given an opinion on the draft.

Recent studies by the Commission have highlighted the fragmented and diversified nature of the existing protection for trade secrets across the European Union and concluded that:

  • differences in trade secret protection can hinder cross-border research and development, and may place companies within the EU at a competitive disadvantage; and
  • harmonisation of the law in this area would improve conditions for businesses to develop, exchange and use information and know how.

The harmonisation process is intended make it easier for national courts to deal with the misappropriation of confidential business information, to remove infringing products from the market, and make it easier for victims to receive compensation for illegal actions.  All patents, designs and trade marks begin life as commercially sensitive information which is, until an intellectual property right is obtained, vulnerable to theft.  As the rate of innovation tends to be greatest in small and medium sized businesses, start-ups, and those in the technology industry, these tend to be the organisations most at threat and therefore could be the ones to benefit most from an update to the law.

To facilitate harmonisation the draft directive introduces a common definition of trade secret; that is, information that:

  • is secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question;
  • has commercial value because it is secret; and
  • has been subject to reasonable steps by the person lawfully in control of the information to keep it secret.

This is useful as it gives a common understanding across the European Union as to what should, as a minimum, be protected.  As the definition of trade secret holder is fairly wide, being any person that lawfully controls a trade secret, this could arguably give licensees (as well as the ultimate ‘owners’ of the trade secret) a right to prevent and obtain redress for the unlawful us or disclosure of a trade secret.  This is not generally the case with other intellectual property rights.

However, there are a number of issues with the directive which lead commentators to believe that it may not give the full protection to trade secrets which is enjoyed in relation to other intellectual property rights, for example, the lack of availability of measures for collecting evidence of illegal disclosure, acquisition, or use.

It seems that whilst this may be a step in the right direction the best advice is, in the wise words of Gandalf the Grey – “Keep it secret, keep it safe”.



Update: New Consumer Rights Regime in Europe – now in force

Posted on June 13th, 2014 by

Who needs to read this update?

The EU’s Consumer Rights Directive (CRD) applies to all businesses selling products, services and digital content to European consumers.

The CRD represents a major change in Europe’s consumer regulatory landscape, bringing changes that carry a significant compliance impact, especially for online businesses.

As of 13th June 2014, the new rules have been implemented into national law across all key European markets. In the UK, the rules have been implemented by the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 and the Consumer Rights (Payment Surcharges) Regulations 2012.

This briefing note gives an overview of the key changes and addresses some of the common challenges digital businesses face when assessing how to balance user experience with robust compliance under the new framework.


What are the top 10 changes I need to know about?

1. 14 day cooling off period: Customers can cancel an order without charge within 14 days of purchase (for services) or receipt of goods (for goods)

2. Special cancellation rules for digital content: The 14 day period won’t apply to digital content purchases, provided the seller fully complies with sometimes complicated information requirements

3. Ban on pre-ticked boxes: Additional services must not be pre-selected in the transaction process and extra costs must be transparent

4. Payment buttons: If clicking a button will oblige the customer to pay, the button must clearly indicate this (e.g. “Pay Now” but not “Order and Proceed”)

5. No excess payment surcharges: Charges for using credit cards and other payment methods must reflect real cost to seller

6. Pre- and post-contract information obligations: The rules include a new list of information to be provided on a “durable medium”, which now has new definition

7. Information obligations now implied terms of contract: This means the contract may not bind the customer at all if you fail to fully comply (but business will still be obliged to perform)

8. Model cancellation form: Must be made available, but will not restrict customers’ options for communicating their cancellation

9. Ban on premium rate customer service numbers: If you have a customer service phone line, it must charge no more than the basic call rate

10. Delivery restrictions & accepted payment methods must be indicated upfront: This information must be clear before the consumer is obliged to pay


What compliance challenges does the CRD present for digital businesses?

Experience so far shows that digital businesses are facing challenges when deciding how to comply with the new distance selling rules under the CRD, especially with regard to cancellation rights and refunds. Available guidance from national regulators has often not addressed the kinds of practical compliance measures online businesses must now implement.

As a “maximum harmonisation” Directive, in order to avoid country specific variances, the EU Commission was itself keen to publish unifying guidance applicable across the EU.  In background briefings during 2013 members of this firm were promised practical high level guidance would be made available.

Yet, at the 11th hour, it seems this is still yet to materialise.  A flurry of thoughts in February this year socialised some suggestions for a transparency model for digital sales which suggested the use of icons to inform consumers during internet and mobile sales. Perhaps the proposed use of iconography was too much for industry to bear? We can at least borrow some ideas for what “good” would look like from Germany (whose current rules the CRD is based upon).  What is clear is that online merchants face extremely convoluted new rules and scant examples of how to proceed.

For example, businesses selling digital items generally want to rely on the exception from the 14 day cooling off period for digital content. This ensures that they are not obliged to refund customers who may have used and enjoyed fully functioning digital products. However, in order for this exception to apply, the business must:

- obtain the customer’s express consent to the content being provided right away and acknowledgement that they will lose their right to cancel; and

- confirm that consent and acknowledgment, plus other mandatory information, in a durable medium within a reasonable time.

Implementing this in practice may be straightforward, or more complex, depending on factors affecting your customers’ user journey, such as whether your business controls the full transaction flow, whether you are using a bespoke or multi-vendor platform (such as a social media network) and how payments are made (e.g. cash, credit, virtual currency).


What happens if we don’t comply?

National regulators will be keen to set examples during 2014 and 2015, and businesses that fail to comply with the new requirements run the risk of:

- civil or sometimes criminal action, for serious breaches;

- negative PR and customer backlash;

- customers not having to pay for your products and services, whilst the business remains obliged to provide them; and

- questions around revenue recognition where non-compliance with the CRD potentially renders online sales voidable by customers for extended periods.


What should I do now?

Since the new rules are in force as of 13th June 2014, you should act fast to assess the impact on your business and update your compliance programme as necessary. For more guidance, please contact David Lewis or Sonal Patel.


Androids live among us…

Posted on June 11th, 2014 by

…ok, so perhaps not, but according to the BBC (http://goo.gl/ldMrLP) there has been a significant step forwards in the development of an artificial intelligence.

The Turing Test was proposed by Alan Turing in his 1950 paper, “Computing Machinery and Intelligence”, and is widely considered to be an excellent test of whether a machine is able to ‘think’. Essentially it is a text-based game of imitation, testing a machine’s ability to display behaviour which cannot be distinguished from that of a human being whilst holding a text-based conversation.

The test doesn’t directly deal with the question of whether the computer has so-called ‘artificial intelligence’, only whether it accurately simulates human behaviour (which can be decidedly unintelligent on occasion). That said, if a machine has genuinely passed the test as the BBC article suggests, then it can be considered a significant milestone in the quest for ‘AI’ and we should perhaps be on the lookout for cyborg assassins from the future. There is significant doubt however, and the results have been criticised on a number of grounds.

The development of AI – for example cybernetics and reasoning functions wider than pure logic – are likely to contribute significantly to the way we live and work in the coming decades in the same way that they have already done in the last two. The development of Google’s search engine for example, beginning in around 1997, is an important example of this and in 2012 Google’s official blog referred to the development of artificial intelligence and machine learning using large-scale brain simulation. Even without the benefit of a crystal ball (or a cyborg from the future) it is a relatively safe bet that significant value will be generated out of the processing of big data using machines capable of self-taught learning.

This area has particular resonance with me, as part of my Masters’ thesis was on the subject of autonomous navigation systems for planetary exploration. The developments made over the last eight years have really moved us forward in terms of what is achievable and the rate of progress, to my mind, seems to be increasing. As new concepts are developed and moved from the laboratory to our homes and workplaces, I have no doubt that it will be exciting to watch the information age unfold.



Ofcom publishes consultation on 700 MHz band re-purposing

Posted on June 3rd, 2014 by

Last Wednesday, Ofcom published its consultation on the future use of the 700MHz band in the UHF part of the electromagnetic spectrum. It is currently used, along with other parts of the spectrum, to broadcast digital terrestrial television (“DTT“) and for telecommunications functions (including wireless microphones, in ear monitors, and intercom systems) at special events such as concerts, music festivals, film and television production, and sports events (“PMSE“). The proposal is to make some of the 700MHz band available from 2020 for use in delivering mobile broadband, and sets out a cost/benefit analysis of the proposed change. Responses must be submitted by 29 August 2014.

Last month I wrote about the announcement of Ofcom’s strategic direction (http://goo.gl/cbau4K), including the re-purposing of the 700 MHz band, and referred to investigations into reducing and avoiding disruption to the digital terrestrial television platform. This clearance exercise will be absolutely vital and will likely require the involvement of Ofcom, infrastructure providers, multiplexers, and mobile network operators (“MNOs“) in order to validate the change of use. This consultation sets out how Ofcom believes it will be possible to re-purpose parts of the 700 MHz band to mobile broadband without compromising the benefits which are currently enjoyed by consumers as a result of DTT and PMSE.

Why 700 MHz?

This part of the spectrum is being considered for re-purposing for a number of reasons. The 700 MHz band is ideal for mobile broadband as the signals are not as significantly attenuated by the atmosphere and other barriers, and so will travel further and pass through walls more easily than higher frequencies. It is also already used internationally, meaning that standards for equipment already exist or are in development – this leads to equipment being more easily available and economies of scale.

The repurposing of the 700 MHz band for mobile broadband will help MNOs to meet the constantly increasing demand for greater mobile broadband speed and capacity, and would likely result in a more competitive market and lower prices for consumers. The change might also benefit emergency services providers by improving mobile coverage.

Potential drawbacks?

Giving parts of the spectrum over to mobile broadband means taking them away from DTT and PMSE. DTT continues to play a central role in this country and provides widespread access to a wide array of programming, including the high-quality programming aired by the public service broadcasters. PMSE delivers benefits to UK culture, and fulfils the audio requirements of theatres, concerts, festivals, and sporting events. Ofcom proposes to reconfigure the DTT network to operate between 470 and 690 MHz, and that this would accommodate most (if not all) of the current services carried, but this would require a further switchover as occurred for the switch to digital from analogue. It further proposes to make other parts of the spectrum available for PMSE.

In order to re-purpose the 700 MHz band, there will be significant infrastructure costs. Modifications will be required to the DTT transmission infrastructure, and it would also require PMSE users to replace or modify their existing equipment. However, Ofcom is of the opinion that the overall benefits would outweigh these costs by a ‘significant margin’.

It is likely to take several years to complete the changes and Ofcom estimates that retuning of television sets would need to take place in 2019, although strategies may be formulated to accelerate the programme.


This is not a fait accompli, and Ofcom expects to publish its final decision later this year or in early 2015. It plans to engage with other European Member States (including Finland, France, and Sweden) which are already moving mobile services onto the 700 MHz band, and will take into account the experience of those countries. The transition is also dependent upon the outcome of the consultation; securing appropriate funding; undertaking more detailed analysis into co-existence of services; and reaching spectrum planning agreements following participation in international frequency planning processes.

Any allocation of the 700 MHz band to MNOs should the programme be approved will take place via spectrum auctions, although there may be scope for mobile and DTT multiplex licensees to co-operate to increase the pace of the change of use and improve network deployment planning.





Google search: ECJ decision on “right to be forgotten”

Posted on May 20th, 2014 by

The recent European Court of Justice decision in Google Spain v the Spanish Data Protection Authority on the “right to be forgotten” affects not only search engines, but potentially all online businesses.

Our sister blog on Privacy and Information Law has an excellent analysis  of the ruling and its practical impact, written by Phil Lee.




Ofcom announces strategic direction for spectrum management

Posted on May 1st, 2014 by

Ofcom, which has responsibility for management of the radio spectrum in the United Kingdom, yesterday announced its strategic direction and priorities for the spectrum over the next 10 years.  The use of the spectrum is critical for both business and consumers, and is fundamental to television and radio broadcasting, mobile communications (voice data and mobile internet), emergency services, smart-meters etc.  Demand for spectrum and its use continues to grow, and therefore innovation is needed to make the most efficient use possible of the parts of the spectrum available for existing and likely new  applications. In particular, Ofcom intends to explore new opportunities for spectrum sharing (facilitated by “white space” technology), and to manage the co-existence of different services and minimise interference.

Ofcom has identified three key areas where spectrum sharing can play an important role:

- providing high speed wireless connectivity indoors to allow consumers to benefit from superfast broadband;

- increasing the availability of spectrum outdoors for mobile data usage on smartphones and tablets; and for

- supplying spectrum to enable use by the Internet of Things (IoT) in anticipation of an explosion in the number of interconnected wireless devices providing benefits in, for example, energy distribution, healthcare, and transport sectors.

Where spectrum demand cannot currently be met from unused spectrum, it may be that Ofcom will recycle spectrum that has already been allocated, repurposing spectrum currently allocated for low value applications to applications of higher value.  The clearance programme for the 800MHz band is a clear example of where this has been done in the past.

The strategy identifies the following six priorities:

1.              Addressing future mobile data demands, recognising the importance of improving mobile coverage, and the availability of new mobile services.

Ofcom is already assessing the potential for licence exempt approaches, and monitoring the performance of mobile networks.  It also plans to look at further geographical coverage for mobile voice and data services and, in the longer term, monitor developments towards the availability of 5G technology.

2.              Implementing Ofcom’s strategy for the 700MHz band and considering the evolution of free-to-view television.

An initial cost benefit analysis is already being undertaken on re-purposing the 700MHz spectrum, with a view to making more of this prime spectrum available for mobile broadband use after 2018.  Investigations are ongoing into reducing and avoiding disruption of digital terrestrial television (DTT) resulting from such re-purposing.  Ofcom will also monitor developments involving DTT distribution technologies and the implications for the long term role of the DTT platform.  For example, the use of the newer DVB-T2 or MPEG-4 standards may allow a greater density of information to be carried within the same amount of spectrum.  The likelihood of growth in internet protocol (IP) delivery (as opposed to broadcast) is being considered, but is currently seen as likely to remain a complement to, rather than a replacement for, more traditional broadcast services.

3.              Supporting the government’s public sector spectrum release programme.

An auction of the 2.3GHz and 3.4GHz spectrum slots which were previously allocated to the Ministry of Defence is currently being considered, and the next few years will see Ofcom leveraging its experience to secure further efficiencies in the use of the spectrum by public bodies.

4.              Addressing challenges around future Programme Making and Special Events (PMSE) spectrum use.

Ofcom is working with stakeholders to understand spectrum requirements for equipment such as wireless cameras and recording equipment.  Ofcom will continue to assess the impact of any anticipated spectrum changes on use for PMSE, and take steps to mitigate adverse effects.

5.              Enabling growth and innovation in machine-to-machine (M2M) applications and the internet of things (IoT).

Understanding the implications of growth in M2M and IoT will be vital, and Ofcom will seek to understand how the emergence of new technical standards may influence the development of a platform for M2M and IoT.  Ofcom is also currently considering the case for a licence-exempt regime for spectrum access for M2M/IoT devices.

6.              Supporting the government in its consideration of the future wireless communication needs of the emergency services.

Ofcom will assist the government in assessing an optimal delivery approach to satisfy the long term communications requirements of the emergency services.


In summary, over the next few years, Ofcom expects to see “a continuing emphasis on repurposing of some spectrum bands”, together with “an increase in shared access to spectrum amongst different uses”.  Ofcom’s Chief Executive, Ed Richards, stated that “as we move to an increasingly digital infrastructure across our economy it is wireless services which offer some of the most exciting opportunities for growth and innovation. Our spectrum management strategy is aimed at ensuring the regulatory approach helps the UK take as many of these opportunities as possible”.

The full strategy document is available here.




Bleeding Hearts for Open Source Advocates

Posted on April 22nd, 2014 by

Few technology practitioners will have missed the recent news that more than 60% of websites could be affected by a cryptographic library flaw known as “Heartbleed”, exploitable by criminal elements to steal information (including username and password data).  The flaw exists in any version of OpenSSL released between 14 March 2012 and 7 April 2014, and which has not been patched to OpenSSL 1.0.1g.

To date, it is not absolutely clear to what extent the bug has been used by hackers, but the potential is widespread due in no small part to the use of OpenSSL by Apache and other webservers, which service more than two-thirds of active websites on the internet.  The vulnerability also affects many e-mail servers.

To close this vulnerability, it is advisable to update to OpenSSL 1.0.1g immediately.  If this is not possible, developers are advised to recompile OpenSSL with the compile time option OPENSSL_NO_HEARTBEATS.  Operating system vendors and distribution, appliance vendors, independent software vendors should adopt the fix and notify their users.  Service providers and users will need to install the fix as it becomes available for the operating systems, networked appliances and software they use.

One of the key benefits of open source software, according to its advocates, is that because it is open to scrutiny, errors and bugs will be spotted much more rapidly than with proprietary software.  Some commentators may suggest that the fact that Heartbleed has been around for at least two years without detection weakens that argument, although of course we cannot say how long it would’ve taken to discover if the same flaw had existed in proprietary software, and so this is probably not a supportable argument.  In fact, the developer that inadvertently introduced the bug told The Guardian newspaper that the bug’s discovery demonstrates the value of publicly available source code.

The question now arises, as to what the open-source industry should be thinking in terms of ways to reduce the likelihood of similar occurrences in future.  Many corporate and governmental organizations use open source very widely, and perhaps these users are the ones who can now assist?  It has been suggested that as CIOs want to rely more and more on free open source software, they should be considering ways in which they can contribute back to the community that developed it.  On the basis that the more scrutiny the open source code is under, the more likely it is that bugs will be found, perhaps it is time for large organizations and the open source community to work ever more closely to everyone’s benefit.

Oh, and if you hadn’t considered it yet, after the bug has been fixed would be a good time to change your passwords!


Interception of communications data – overuse by the UK?

Posted on April 10th, 2014 by

A report published on 8th April by Sir Anthony May, the UK Interception of Communications Commissioner, has initiated an investigation into whether there is “significant institutional overuse” of the government’s powers to intercept communications data.   The commissioner has the statutory responsibility for ensuring that the interception of communications by public authorities is legal and to report his findings to the Prime Minister each year.
The power to intercept communications arises under Part I of the Regulation of Investigatory Powers Act (RIPA) 2000 and covers the interception of communications content (Chapter I) and the interception of communications data, such as the date and time of transmission (Chapter II).  While the report found that the interception of communications content, which requires a warrant issued by a Secretary of State, is almost always compliant and of a high quality, the number of authorisations and notices for the interception of communications data raised concerns.  
Authorisation for the interception of communications data is given by a senior designated person within the relevant public authority and, in total, the report found 514,608 such authorisations were granted in 2013.  This in the view of the commissioner had “the feel of being too many” and prompted him to ask his inspectors to critically examine these authorisations to ensure they fall within the powers granted.