The 2006 Review of the EU Framework for Electronic Communications

July 19, 2006

On 29 June 2006 the European Commission published its proposals for changes to the European regulatory framework for electronic communications. These proposals are the result of the ‘2006 Review’, under which the Commission has examined the workings of the current set of five industry Directives from 2002.[1] If implemented, they will represent the largest change to the regulation of the industry since that date.

There are a number of interesting proposals, some of which are likely to be controversial because they appear to go directly against the established policy of existing national regulators. Also, in the case of the proposed introduction of notification requirements for security breaches, the proposals suggest a very far-reaching and significant change to the data protection rules in the EU.

In summary the major proposals (though there are many others) are as follows:

  • requiring ISPs and network operators to notify the regulator and their customers if they suffer a security breach
  • phasing-out of ex-ante regulation in 6 of the 18 market segments in which it currently applies
  • taking a clear stance against the concept of ‘regulatory holidays’, under which incumbent operators are given a period of time, free from regulation, in which to exploit new technologies or to offer new services
  • moving towards a more consistent, market-based approach to spectrum allocation, with the emphasis being on allowing unrestricted access, where possible, and tradable licences where not
  • explicitly including SMS services within the scope of the regulation of the wholesale mobile termination market
  • strengthening the Commission’s role and powers to achieve greater consistency.

The remainder of this article explains the 2006 Review in more detail.

The 2006 Review

The 2006 Review consists of four documents:

  1. the Commission Communication COM(2006) 334 giving a retrospective presentation of the effectiveness of the current rules governing eCommunications in Europe[2] (the ‘Communication’);
  2. an ‘Impact Assessment’ SEC(2006) 816 of various policy options for the future, analysing the advantages and disadvantages of each of these;[3]
  3. a ‘Working Document’ on proposed changes SEC(2006) 817 presenting the proposed changes to the directives, as currently formulated by the Commission as a starting point for the public consultation – this is the most important document since it sets out all of the proposals,[4] and
  4. a draft ‘revision of the Recommendation on Relevant Markets’ together with an explanatory memorandum SEC(2006) 837[5] (the ‘Recommendation’).

The consultation period for all of these expires on 27 October 2006. The Commissions aim is then to propose amendments to European legislation before the end of 2006, for implementation in 2009 or 2010. Amendments to the Recommendation on Relevant Markets, which do not need a legislative change, will come into effect in early 2007.

Notification of Security Breaches

In the ‘Staff Working Document’,[6] the Commission states (without giving its source) that ‘the market has so far failed to address security problems to the satisfaction of users’. To remedy this problem it proposes to require providers of electronic communications networks and services to:

  • notify the relevant national regulator of any breach of security that led to the loss of personal data and/or to interruptions in the continuity of service supply. The regulator would then be able to inform the general public of the breach if they considered that it was in the public interest to do so; and
  • notify their customers of any breach of security leading to the loss, modification or destruction of, or unauthorised access to, personal customer data.

This would, of course, be a radical change to the current law, which is contained in the 2002 e-Privacy Directive.[7] This states that providers of electronic communications services (not network providers) must inform customers only, not the regulator, of particular security risks. There is no requirement to notify security breaches.

A similar law was passed in California in 2003 (and has since been copied in 33 other States), though in that case the notification obligation is wider – it usually applies to government agencies as well as companies and non-profit organisations, regardless of geographic location, who have Californian customers. Under this law[8] Citigroup, for example, was forced to disclose, in June 2005, that it had lost personal data including names, social security details and account history, on 3.9 million customers while back-up tapes were in transit with UPS.[9]

The introduction of a similar law throughout the EU, albeit one with a more limited scope, would clearly have very significant consequences for ISPs and for telecoms operators. It seems surprising that the Commission has made such a radical proposal without trailing it in advance with the relevant industry groups, and that it is tucked away in just a couple of pages of a large and significantly more esoteric consultation.

Phasing-out of Ex-ante Regulation in Certain Markets;

The Recommendation explains that, when deciding whether or not a market should be subject to ex-ante regulation, there are three criteria to be applied. These are: (i) the market is subject to high and non-transitory entry barriers; (ii) the market has characteristics such that it will not tend towards effective competition over time; and (iii) competition law by itself is insufficient to deal with the market failure. It is important to recognise that inclusion on the Commission list of markets suitable for ex-ante regulation creates a presumption for the national regulator (the NRA) that the three criteria are met, but it will always be open to the NRA to assess each market and to make a determination that a market is, in their country, effectively competitive. Likewise, if a market is removed from this list, the NRA can still make a determination that the three criteria are met and, subject to the Commissions’ proposals on ensuring consistency across markets, apply ex-ante regulation.

Applying these three criteria, the Commission considers the current list of 18 specific electronic communications markets that are deemed suitable for ex-ante regulation. It states that in most Member States intense competition to supply national and international call services (both to residential and non‑residential customers) has emerged in the past years as a result of the existing ex-ante regulation. In these four markets, the Recommendation suggests, regulation can therefore, now, be phased out.

In addition, the Commission requests stakeholder input on whether two further markets could be removed from the list of markets suitable for regulation: the wholesale markets for access and call origination on public mobile telephone networks and the market for broadcasting transmission services.

However, the Recommendation states that the overall health of competition in other markets, such as broadband, is still too precarious to justify abandoning sector-specific regulation. Incumbents continue to control bottleneck infrastructure and new entrants are still dependent on access to such infrastructure to be able to compete. Here, the Commission makes some proposals to make regulation speedier and more efficient and to simplify procedures.

Regulatory ‘Holidays’

Some Member States, such as Germany, have tried to encourage their incumbents to invest in upgrading networks to broadband by offering to exempt them from regulation for a period of time. The Commission has already (in November 2005) written to Germany‘s telecoms regulator saying it has ‘serious doubts’ about whether the decision is justified – and it has now taken a clear stance against this concept.

The Commission points out that the existing telecoms rules already explicitly provide for a ‘light touch’ regulatory approach to emerging markets in order to encourage investment. Regulated access for competitors to the infrastructure of an incumbent therefore needs to ensure, under the present rules, that a ‘reasonable return’ on investment is guaranteed for the incumbent. The EU regulatory framework, though, does not allow a specific operator or a specific technology to be exempt from regulation as long as there is a structural competition problem.

Moreover, the Commission points out, the fact that investment in a ‘next generation network’ represents a large capital outlay is not in itself justification for regulatory forbearance. The operational savings to the incumbent from the use of modern technology are also considerable. BT, for example, has announced that its investment in its ‘21st Century Network’ will amount to £10bn by 2010, but also claims that this will lead to savings of more than £1bn per year. Indeed, the evidence suggests that investment is encouraged by competition, rather than by special privileges being granted to the incumbent. Investment in the electronic communications sector is high in countries such as the UK (0.42% of GDP), Denmark (0.72 % of GDP) and the Netherlands (0.79% of GDP) where there has been a very effective application of EU rules. By contrast, investment made in the German market is only 0.27%.

The correlation between investment and competition in infrastructure in the EU is particularly visible in the broadband markets. Countries with strong competition between incumbents and cable operators tend to have the highest broadband penetration. Thus, broadband penetration levels in Denmark, Finland, Sweden and the Netherlands are all above 20%, well ahead of the broadband penetration level achieved in the US.

Spectrum Allocation

Radio spectrum is critical for any application that relies on wireless communication, from mobile telephony and broadcasting, to guidance systems for planes, ships, satellites and defence. This makes it a public resource – and an economic asset – that is in ever-increasing demand. Though radio spectrum usage is still tightly regulated in most EU Member States, radio transmissions cannot be confined within national boundaries, and many types of radio devices are highly portable, with citizens having a natural expectation for them to work throughout the EU.

For these reasons the Commission asks for comments on the suggestion that a European Spectrum Agency should be created, along the lines of the Federal Communications Commission in the USA, to manage and co-ordinate spectrum allocation across the EU.

The Commission also proposes a new system for spectrum management. This would, where possible, strengthen the use of general authorisations (allowing service providers and individuals to use spectrum without obtaining a specific licence). When such general authorisations are not possible due to concerns about interference, it suggests, individual licences for spectrum may be issued but, under these, the owners of spectrum should not be unduly constrained. Subject to certain safeguards they should have the freedom to provide any type of electronic communications service (‘service neutrality’) using any technology or standard (‘technological neutrality’). Any such licences should also, wherever possible, be tradable.

Using criteria based on economic efficiency, selected bands of spectrum agreed at EU level via a committee procedure would become available for use under general authorisations, or subject to secondary trading across the EU. The administrative model, whereby the NRAs regulate in detail the characteristics of radio emitters and the use of spectrum, will remain important only where, on balance, legal certainty and interference management issues are priorities and where public interest objectives are at stake.

SMS Services

One of the markets identified as suitable for ex-ante regulation in the 2003 Recommendation on Relevant Markets was the ‘mobile call termination market’. Telephone texting (SMS) is implicitly already covered by this. Under the draft of the new Recommendation, wholesale SMS termination would be explicitly included in the wholesale market for mobile call termination.

Each mobile network operator has a monopoly in terms of how it charges other operators for reaching its customers. This is as true for SMS termination as it is for the termination of voice calls. Since the termination charge is set by the called network, which is chosen by the called subscriber, the calling party in general is not able to affect or influence termination charges. As the market power is the same for both voice and SMS termination and as both services are sold as part of the same mobile cluster, both at retail and wholesale level, the Commission considers it appropriate to deal with both voice termination and SMS termination as part of a single termination market per operator.

This would in effect subject the wholesale market for SMS termination to periodic checks by national regulators for any dominance by an operator. This could lead to a lowering of wholesale rates and ultimately the retail cost of sending SMS messages.

Even under the present rules, it has always been possible for national regulators to extend the wholesale market for voice call termination on a mobile network to include SMS. The Commission is currently considering such a case notified by the French regulator in June 2006.

Improving Consistency across the NRAs.

Telecoms operators understandably expect regulators to treat them, and their competitors, in a similar fashion in any EU country. Yet in some cases, there is a huge discrepancy between the measures/tariffs proposed and the average measures/tariffs observed at EU level. This is particularly true for the (monopolistic) call termination markets where the national measures range from the imposition of strictly cost-oriented pricing on the basis of the costs of the most efficient operator (ie mobile termination in Estonia, Cyprus) to a much weaker price regulation (ie mobile termination in Greece, Luxembourg, Slovenia).

The most effective way to achieve a truly level playing field for telecom operators across the EU would of course be to create an independent European telecom regulator that would work together with national regulators in a system, similar to the European System of Central Banks. In such a system, national regulators would continue to act as direct contact points with operators and could directly analyse the market. At the same time, a ‘light’ European agency, independent from the Commission and from national governments, could ensure by means of guidelines and, if necessary, instructions that EU rules are applied consistently in all Member States. The idea of creating such a European telecom regulator is included as a policy option in the Impact Assessment.

However, perhaps recognising the reality that the creation of such a body is highly unlikely in the present political circumstances, the Commission instead proposes to grant itself additional powers – in particular in relation to determining the remedies NRAs may apply to correct market failures that they identify.

Whereas, at present, the Commission may contest a regulator’s assessments of the national market boundaries or of the ‘significant market power’ of an operator, it may only make comments on the proposed corrective measures. Regulators are expected to take the ‘utmost account’ of these comments, but are not obliged to do so. Giving the Commission the ability to review the timeliness and effectiveness of remedies would, it says, help to improve the consistency of regulatory measures applied in similar circumstances in different Member States, and hence also improve the functioning of the single market.

This proposal is itself likely to be highly controversial – especially given the fact that many of the NRAs are opposed to some of the recent suggestions coming from the European Commission (such as those suggesting regulating retail prices for international roaming).


In summary, the Commission has made a surprisingly bold set of proposals, most of which seem to be sensible and well thought through. They have suggested significant steps towards deregulation and have made some prudent proposals to improve consistency across the EU. However some of their proposals – in particular those relating to notifying security breaches and giving the Commission itself veto power over remedies suggested by NRAs – will prove controversial and are likely to be the subject of considerable lobbying efforts over the coming months. The final proposal, to be produced by the end of this year, seems likely, in some respects, to be materially different from the current one.

Mike Conradi is with the Commercial Technology Group at Kemp Little:

[1] The Framework Directive, the Access Directive, the Authorisation Directive, the Universal Service Directive and the e-Privacy Directive – all available at

[6] Section 7.2 (page 29)

[7] Directive 2002/58/EC – the Directive on privacy and electronic communications – Article 4.

[8] The California Security Breach Notification law, SB1386