» ISP News, Key Developments » 

New UK Law Set to Boost Broadband Rollouts and Device Security

Wednesday, November 24th, 2021 (10:56 am) - Score 4,152
Works to lay new paving slabs and temporary footpath closed red warning sign on London sidewalk

The UK Government has today introduced their new Product Security and Telecommunications Infrastructure Bill (PSTI), which among other things will make it easier for broadband and mobile operators to upgrade and share infrastructure. The bill will also aim to ensure that internet connected devices are more secure.

In terms of the telecoms related measures, the new bill proposes a number of changes to the Electronic Communications Code (ECC), which reflects a set of rights that are designed to facilitate the installation and maintenance of electronic communications networks.

The ECC was last reformed in 2017 as part of the 2017 Digital Economy Act – supported by Ofcom’s Code of Practice (here). The changes back then were aimed at making it both easier and cheaper for telecoms operators to access public or private land / property in order to build new networks.

However, the revised ECC faced a bumpy ride, not least due to some operators pushing land / building owners into accepting “derisory payments” (here) for access to install their infrastructure (wayleave agreements). A good chunk of those issues have since been resolved, but the new tribunal process that was setup alongside this can still get bogged down and delays have also occurred in terms of the time taken to reach an agreement.

NOTE: A report published in 2020 by the Centre for Policy Studies suggested that 80% of negotiations take more than 6 months to be completed, while the average time for agreements to be completed is 11 months and nearly a third of negotiations stall.

The Government also notes that further problems have arisen because some landowners fail to reply to requests to access land for network deployment, and not to mention the strict limitations on an operators’ ability to upgrade and share their equipment, which are said to be “stopping existing networks being used as efficiently as possible.”

Changes to the ECC

The new bill thus aims to tackle all this via a series of measures.

The PSTI’s New ECC Measures

➤ A new requirement for telecoms operators to consider the use of Alternative Dispute Resolution (ADR) – a way of resolving disputes that does not involve going to court such as mediation or arbitration – in cases where there are difficulties in agreeing terms. Operators will also be required to explain the availability of ADR as an option in their notices to landowners.

➤ New automatic rights for operators to upgrade and share underground infrastructure – such as fibre optic cables – which were installed prior to the 2017 Code reforms and are not currently covered. This is in cases where there will be no impact on private land or burden on the site provider.

➤ New rules to allow operators to apply for time-limited access to certain types of land more quickly where a landowner does not respond to repeated requests for permission.

➤ New provisions to speed-up negotiations for renewal agreements. Operators who already have infrastructure installed under an expired agreement will have the right to either renew it on similar terms to those for new agreements, or request a new one.

It’s thus hoped that these changes will help to accelerate broadband deployments under the new £5bn Project Gigabit programme, which aims to ensure that at least 85%+ of UK premises can access a 1Gbps capable network by the end of 2025. On top of that it will also support the existing £1bn Shared Rural Network project (inc. £500m of public investment), which seeks to extend geographic 4G mobile coverage to 95% of the UK by the end of 2025 (this may also aid future 5G coverage).

Changes to the ATI Regulations

The Government have also been exploring the possibility of greater sharing via existing infrastructure (here), although much of that has more to do with planned changes to the Access to Infrastructure (ATI) Regulations 2016 than the ECC above.

Telecoms companies are already free to make their own commercial infrastructure sharing agreements, such as with the 2017 deal between Neos Networks and Thames Water to run fibre through the sewers (here). The government has also given broadband firms access to existing infrastructure before, which is why electricity poles are used “extensively throughout England to carry broadband cables“.

NOTE: The ATI applies to all operators and includes provisions on the exchange of information about existing infrastructure, and the right to access that infrastructure on fair and reasonable commercial terms etc.

However, many of the aforementioned commercial agreements often occur independently of the wider ATI Regulations, which have not been widely used and can indeed be quite restrictive – amending the current ATI rules might thus make the process easier and more cost-effective. We note how the ATI outlines that network operators should allow “reasonable access,” but there is no regulated pricing (unlike PIA on Openreach), which can result in some network operators setting high prices to keep rivals out.

In keeping with all this, the government has today published its response to their earlier Call for Evidence on the ATI regulations, which they claim “includes measures to make existing regulations easier to use and amend in future.” But in reality the Government “do not propose making major changes to the ATI Regulations at this time“, which they claim would be “disproportionate, and our resources may be better focused on removing other key barriers for the sector.” A further review of this will be undertaken within the next 5-years.

In fairness, the consultation shows that some Alternative Network (AltNet) ISPs were concerned about the risk of “unintended consequences” if changes to the ATI ended up undermining the investment cases in new networks. Likewise, operators expressed “limited interest in using non-Openreach or non-telecoms infrastructure,” due to a general preference for telecoms infrastructure, as well as the “availability of a more stringent regulated product on a near ubiquitous nationwide network.”

Instead, the changes that have been suggested are merely “clarifications” of the existing rules.

Proposed ATI Regulation Tweaks

We have identified some clarifications and improvements that could make the Regulations easier to use, namely:

➤ Clarifying that publicly owned infrastructure is included in scope of the Regulations

➤ Clarifying that the Regulations can be used for the purpose of deploying business broadband; and

➤ Cutting some of the timescales to respond to information requests

Currently, making any changes to the Regulations would require primary legislation. However, we plan to introduce legislation that will give us the ability to amend the Regulations more quickly in future via secondary legislation. Any statutory instruments would be subject to a statutory duty to consult, and to the affirmative resolution procedure, in order to allow any changes to be fully scrutinised by industry and Parliament. The necessary primary legislation will be introduced when Parliamentary time allows through a suitable legislative vehicle.

In addition, whilst we are not proposing to make major changes to the Regulations, we consider that the existing Regulations can still be used to greater effect. There are some excellent examples of infrastructure sharing across the country, and we think there is scope for this to be more widespread. The government encourages all infrastructure operators in all sectors to work together on new innovative solutions and cross industry standards. This will facilitate greater benefits from, and enable easier access to, sharing infrastructure, such as helping to reduce the costs and environmental impacts of deployment.

Secure by Design Changes

Finally, we come to the long-awaited Secure by Design proposals (i.e. ensuring devices are better able to resist cyberattacks, while also protecting individual privacy and security), which take us away from our usual focus on broadband and mobile infrastructure, thus we’ll only give a brief summary.

In short, the existing rules do not protect consumers from harm caused by cyber breaches, which can include fraud and theft of personal data. The PSTI Bill will counter this threat by giving ministers new powers to bring in tougher security standards for device makers. Company’s (i.e. both manufacturers and retail shops that sell the products) could face fines if they faily to comply with this.

The Keys Secure By Design Changes

➤ A ban on easy-to-guess default passports that come preloaded on devices – such as ‘password’ or ‘admin’ – which are a target for hackers. All passwords that come with new devices will need to be unique and not resettable to any universal factory setting.

➤ A requirement for connectable product manufacturers to tell customers at the point of sale, and keep them updated, about the minimum amount of time a product will receive vital security updates and patches. If a product does not come with security updates that must be disclosed. This will increase people’s awareness about when the products they buy could become vulnerable so they can make better informed purchasing decisions. Nearly 80 per cent of these firms do not have any such system in place.

➤ New rules that require manufacturers to provide a public point of contact to make it simpler for security researchers and others to report when they discover flaws and bugs in products.

The Bill places duties on in-scope businesses to investigate compliance failures, produce statements of compliance, and maintain appropriate records of this. This new cyber security regime will be overseen by a regulator, which will be designated once the Bill comes into force, and will have the power to fine companies for non-compliance up to £10 million (or 4% of their global turnover), as well as up to £20,000 a day in the case of an ongoing contravention.

The regulator will also be able to issue notices to companies requiring that they comply with the security requirements, recall their products, or stop selling or supplying them altogether. As new threats emerge or standards develop, ministers will have the power to mandate further security requirements for companies to follow via secondary legislation.

By the sounds of it, the new bill will likely have the biggest impact on cheaper imported products, which might not normally adhere to UK rules as closely as they perhaps should. We can also foresee problems around retailers that need to sell older stock, which might not offer the same length of support to those who buy them – this could risk creating more electronic waste.

Overall, the government have put forward an interesting and diverse set of changes, although they’re perhaps not as radical as some might have hoped.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
4 Responses
  1. Anthony Goodman says:

    ” A requirement for connectable product manufacturers to tell customers at the point of sale, and keep them updated, about the minimum amount of time a product will receive vital security updates and patches.”….Utterly worthless, as they will just say something like 2 years. Whereas technology these days has got to the point where its good for years, even decades. OpenWRT releases security updates for routers made 15 years ago that people still happily use that the providers in question has long since disbanded. They need to be forced to support their products for at least 10 years or its worthless (and so much for supporting Greta Thunburg and her we’re all doomed with this programmed obsolesce of hardware in only 2 years).

    1. Mike says:

      If you force them, they will either refuse to sell products in the UK or hike the prices.

  2. anonymous says:

    The government aren’t going to force a private company to spend their own money in this way. They would only look to control how public funds are spent.

    Streets get left out of builds all the time. I’m in one. Can’t really argue with the reason we weren’t built to. That’s life.

Comments are closed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Ultrafast ISPs
  • Gigaclear £17.00
    Speed: 200Mbps, Unlimited
    Gift: None
  • Community Fibre £20.00
    Speed: 150Mbps, Unlimited
    Gift: None
  • Vodafone £25.00
    Speed: 100Mbps, Unlimited
    Gift: None
  • Hyperoptic £25.00
    Speed: 158Mbps, Unlimited
    Gift: Promo code: BIGBANG
  • Virgin Media £27.00
    Speed: 108Mbps, Unlimited
    Gift: None
Large Availability | View All
Cheapest Superfast ISPs
  • Hyperoptic £17.99
    Speed 33Mbps, Unlimited
    Gift: Promo code: BIGBANG
  • Shell Energy £20.99
    Speed 35Mbps, Unlimited
    Gift: None
  • NOW £22.00
    Speed 36Mbps, Unlimited
    Gift: None
  • Vodafone £22.00
    Speed 38Mbps, Unlimited
    Gift: None
  • Plusnet £22.99
    Speed 36Mbps, Unlimited
    Gift: £75 Reward Card
Large Availability | View All
The Top 20 Category Tags
  1. FTTP (4201)
  2. BT (3180)
  3. Politics (2148)
  4. Building Digital UK (2041)
  5. Openreach (1995)
  6. FTTC (1931)
  7. Business (1866)
  8. Mobile Broadband (1629)
  9. Statistics (1525)
  10. 4G (1397)
  11. FTTH (1372)
  12. Virgin Media (1301)
  13. Ofcom Regulation (1250)
  14. Fibre Optic (1246)
  15. Wireless Internet (1244)
  16. Vodafone (939)
  17. 5G (923)
  18. EE (920)
  19. TalkTalk (831)
  20. Sky Broadband (794)
Helpful ISP Guides and Tips

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact