The US controls telecommunications networks and services at federal level, including control over the sale and use of wireless telecommunications devices, through the US Federal Communications Commission ("FCC"). The key legislation is the Communications Act of 1934 (as amended).
The equivalent controls in the UK are administered by a Government Department (the Secretary of State for Business, Information and Skills) and a regulatory body - the Office of Communications ("Ofcom") and the key legislation is the Communications Act 2003 and the Wireless Telegraphy Act 2006.
The equivalent controls in the UAE (again, the arrangements apply at Federal level) are administered by the Telecommunications Regulatory Authority ("TRA") and the key legislation is Federal Law by Decree No.(3) of 2003 (as amended).
A comparative overview of Telecommunications Regulations in US, UK and UAE shows that both the US and the UK have also enacted important legislation to assist law enforcement and to allow the State to intercept certain communications/require providers to assist the State in accessing communications.
In each jurisdiction, the relevant regulatory authority is able to exercise statutory powers to protect the public interest and will also have additional contractual rights under the terms of the licences it issues to authorised network operators/telecommunications equipment/apparent providers.
Licences are often in model form - see the comments below in relation to Network Security Agreements in the US, which are aimed at protecting the national security of the US.
Statutory protections in the interests of national security/threats to public safety are more explicitly stated in UK legislation - see the summary of the Secretary of State/Ofcom's right to issue a direction suspending or restricting the activities of service providers.
US Telecommunications Regulation, general circumstances under which FCC may suspend or revoke a License. The Communications Act of 1934 (47 U.S.C. 151 et. Seq) (the "Act") grants the FCC broad discretionary authority over the licensing regime for wireless communications, with a mandate that the FCC regulate in the public interest.
The Act, at Section 303(m)(1), provides the FCC with the "authority to suspend the license of any operator" upon proof that the operator (among other possible violations): (a) has violated, or caused, aided, or abetted the violation of any Act, treaty or convention binding on the US which is administered by the FCC or any regulation issued pursuant to such Act, treaty, or convention; (b) has: (1) transmitted superfluous radio communications or signals or communications containing profane or obscene language, (2) false or deceptive signals or communications, or (3) a call signal or letter which has not been assigned by proper authority to the station he is operating; (c) has wilfully or maliciously interfered with other radio communications or signals; or (d) has obtained or attempted to obtain, or has assisted another to obtain an operator's license by fraudulent means.
Suspension under Section 303(m) does not take effect until 15 days after notice in writing has been provided to the operator, who may request a public hearing.
Among other things, the FCC also may revoke a wireless communications license under Section 312 of the Act, under the following circumstances: (1) for false statements knowingly made in the Licensee's application; (2) because of changed conditions undermining the basis for the original award of the license (such as that the applicant, or Licensee, has been convicted of certain criminal acts that bear upon his character, which the FCC is entitled to consider in granting a license); (3) for willful or repeated failure to operate as set forth in the license; (4) for willful or repeated violation of, or repeated failure to observe the Act or any rule or regulation of the FCC authorized by the Act; (5) for violation of or failure to observe a cease and desist order issued by the FCC; and (6) for specific violations of US law.
Prior to revoking a license under Sec. 312, the FCC must issue an order to show cause why the revocation should not be issued and offer to hold a hearing on the matter.
Circumstances under which FCC may suspend or revoke the License of a Wireless Operator because of Foreign Ownership Restrictions. The Act restricts foreign ownership of licenses for broadcast (e.g., television and radio) and radio-transmission services (e.g., mobile telecoms).
Section 310(b) of the Act establishes a general prohibition against direct possession or direct control of such licenses by any foreign person or entity (so-called "aliens"). Under Section 310(b)(3), an alien may not directly own or vote more than 20% of the capital stock of a U.S. company that holds a broadcast or radio-telecoms license (a "Licensee").
This is an absolute cap and cannot be exceeded.
Under Section 310(b)(4), an alien may indirectly own or vote up to 100% of the capital stock of a radio-telecoms Licensee (e.g., through an intervening U.S. holding company), if the FCC authorizes such ownership.
In individual cases, however, the FCC may still deny authority for ownership acquisitions by aliens in excess of the 25% indirect ownership cap, on the basis of competition, trade policy, or national security concerns.
Thus, for mobile telecom as well as broadcast Licensees, the FCC has retained its "general requirement that licensees seek Commission approval before they accept indirect foreign ownership that would put them over Section 310(b)(4)'s 25 percent benchmark [and] will also continue to require licensees who have already received approval to exceed the 25 benchmark up to a certain level of indirect foreign ownership to seek further Commission approval in order to increase that level."
Foreign Participation Order, Nov. 25, 1997, para. 114.
More broadly, Section 310(d) of the Act requires "the proposed transferee or assignee" to obtain FCC approval prior to the transfer of control over or assignment of a broadcast or radio-telecoms license. See, e.g., 47 C.F.R. 20.5, applicable to mobile wireless licensees.
Under these rules, the transferee (the entity taking control) of a wireless license must submit an application for approval from the FCC prior to completing the transfer.
Section 312 of the Act provides the FCC with a range of enforcement powers to prevent and/or remedy violations of Section 310. In addition to its power to suspend/revoke a license, the FCC has authority under Section 312(b) to issue "Cease and Desist Orders" to "any person" who "has violated or failed to observe" Section 310 or any "rule or regulation" of the FCC implementing Section 310.
Such orders to cease and desist from noncompliance with FCC rules can be issued on the basis of a hearing by an FCC administrative law judge. As a form of equitable relief, a cease and desist order can include an instruction to sell or not to purchase additional shares in a Licensee.
With respect to foreign investment specifically, the Justice Department and FBI, in collaboration with the FCC, have all necessary authority to block or restrict any indirect foreign investment in a Licensee above the 25% level that presents national security concerns.
As reported by a special task force on this subject: Strict limits on foreign ownership and/or control of domestic telecommunications facilities were loosened . . . in the FCC's implementation of the WTO Agreement.
Simultaneously, the FCC has included Government agencies with national security responsibilities (e.g., DOD and the FBI) as part of the regulatory review process.
Agreements between U.S. companies and the security agencies are now an important part of the FCC's review process of mergers and other commercial arrangements involving foreign ownership.
The current regulatory structure appears to satisfy the diverse interests of the parties. U.S. companies generally are able to receive approval to conduct transactions involving foreign telecommunications companies, subject to agreements with the defense and law enforcement agencies.
The FCC is able to fulfill its role of protecting the public interest. In addition, the defense and law enforcement agencies are able to exact the commitments they require to protect national security.
In a 1997 House Commerce Committee hearing at which the Clinton Administration explained the U.S. commitment under GATS in the telecommunications sector, the then-FCC Chairman, Reed Hundt received the following questions from and provided the following answers to Representative Klink: Rep.
Klink: What if this agreement had been in effect in the early 1970s, and at that time a group of wealthy Iranian business people had decided to buy a common carrier. . . Of course at that time the Shah was in power in Iran. Later on of course he was deposed and the Ayatollah took control.
And obviously . . . relations between our country and that country deteriorated greatly. What would happen in this agreement under circumstances like that, if all of a sudden the government changed, the holdings were nationalized [but] they're already doing business here as a common carrier.
Then what occurs? Mr. Hundt: We still have full public interest authority after granting a license. We can revisit the situation with respect to a licensee, we can and would - we certainly would - apply national security concerns, safety concerns to any situation that were presented.
Transfers of control would also give us an opportunity to examine these issues.
But I think, to underscore the importance of your question, an existing license holder from a country that went through the kind of turmoil that you've talking about, so that that country became a national security [problem] for the United States, that license holder would also be a national security concern for us [at the FCC].
And I imagine and believe that the Administration would ask the FCC to immediately take such steps as are necessary to assure America's security, and we would have the legal power to do so.
Rep Klink: [Y]ou're saying that you feel that within the FCC you would have the ability, working with the Administration, with the Justice Department, to end that investment. How would that occur? Mr. Hundt: Well, these licenses are not indefeasible [permanent] grants of private property interests, they are merely licenses, and they are conditional in a variety of respects.
For example, licenses to use the wireless spectrum are fundamentally licenses to use public property, and they are not in any way a grant of private property rights. So we would of course have to have, as we do in this country and in all respects, a public and open proceeding. But the results of that certainly could include revocation of these licenses.
Rep. Klink: And that is allowed for within the agreement? Mr. Hundt: [T]hat has always been the law in this country, and the agreement does not take one comma away from the law in this respect.
On the basis of this exchange, as well as the few FCC precedents in this area, it seems clear that the FCC could and would seek to suspend/revoke a license and/or force the divestiture of an indirect foreign shareholding that it regarded as contrary to the public interest on national security grounds, assuming that the Executive Branch supported such action.
In the event of a serious, continuing, and open violation of its rules, the FCC also has the option to refer such violation to the Criminal Division of the Justice Department for prosecution under provisions of law that can make it a criminal violation to engage in a "knowing violation" of the Act. (See Section 501 of the Act).
Network Security Agreements: Prior to authorizing indirect foreign ownership of radio-telecoms Licensees in excess of the 25% cap, the FCC routinely requires the foreign parent and Licensee to enter into a Network Security Agreement ("NSA") with the Justice Department, FBI and Department of Homeland Security (also with the Defense Department sometimes a party).
These agreements aim to protect the national security of the US, including the viability, integrity and security of the communications system, and to assure US law enforcement agencies of access to calling data and call-identifying information for lawful governmental purposes.
What NSAs Require: Such agreements generally require that the telecoms infrastructure used to deliver calls to US subscribers be located in the US and that the foreign owner cooperate with the US government to facilitate electronic surveillance by the US government when required. Furthermore, the US subsidiary must agree to make available to the US law enforcement authorities upon subpoena any stored communications, transactional data and call associated data relating to domestic communications, subscriber information, and billing records.
Furthermore, the agreements generally prohibit the foreign owner from disclosing transactional data, call associated data, subscriber information, and any classified or sensitive information to any foreign government without US government approval.
The agreements also provide that the foreign owner must take measures to prevent unauthorized access to certain data, and must comply with certain reporting and notice requirements.
Remedies for Breach of an NSA: NSAs specify a range of remedies for breach, including a provision consenting to injunctive relief to prevent violations. See, for example, Section 4.3 of the Deutsche Telekom AG/DOJ/FBI agreement, providing for "specific performance and injunctive or other equitable relief."
Furthermore, the FCC conditions the grant of the licenses held by a foreign owned entity to its continued compliance with the relevant NSA, such that breach of the NSA can result in suspension or revocation by the FCC of any license, permit, or other authorization granted or given by the FCC to that entity.
Requirement to assist Law Enforcement/assistance capability requirements - CALEA , As noted above, the FCC has authority to penalize licensed operators for violations of license terms and conditions and also for violations of applicable FCC regulations, including regulations that implement the Communications Assistance for Law Enforcement Act ("CALEA").
CALEA requires FCC-licensed common carriers to configure their networks to provide US law enforcement authorities with calling data and call-identifying information in response to a lawful request for such information.
Operators that lack the technical capability to provide such data in response to lawful requests from US authorities could be found in violation of FCC rules and potentially be subject to a range of penalties, including license suspension/revocation.
Specifically, in an order dated 3 May 2006, the FCC held that "the Commission may pursue enforcement actions against any carrier for failure to ensure that its equipment, facilities or services are capable of providing [US authorities with] the assistance capability requirements prior to receiving an electronic surveillance request."
See CALEA Second Report and Order at http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-06-56A1.pdf.
For additional information on CALEA and the FCC's enforcement authority see http://www.askcalea.net/.
Equipment Authorizations, The FCC regulates the sale and use of wireless telecommunications devices, primarily to prevent interference over the radio spectrum but also for law enforcement purposes.
Section 302(b) of the Communications Act (47 USC 302a(b)) provides that: No person shall manufacture, import, sell, offer for sale, or ship device or home electronic equipment and systems, or use devices, which fail to comply with regulations promulgated pursuant to this section.
The FCC invoked its enforcement authority in a recent enforcement action against Uniden for marketing non-compliant General Mobile Radio Service transmitters, which were equipped with an illegal voice scrambling feature.
The Commission assessed a total forfeiture of $23,000.
See http://fjallfoss.fcc.gov/edocs_public/attachmatch/DA-09-2374A1.pdf According to United Kingdom Telecommunications Regulation, in general conditions, Telecommunications networks and services are provided in the UK pursuant to a set of general conditions which automatically apply to those providers which fall within their scope (the "General Conditions").
Both the Secretary of State for Business, Innovation and Skills (the "Secretary of State") and the Office of Communications ("Ofcom") have certain powers to suspend or restrict a provider's entitlement to provide networks and/or services under the General Conditions.
Under section 132 of the Communications Act 2003 ("CA 2003"), the Secretary of State may, if he has reasonable grounds for believing that it is necessary to do so, either (a) to protect the public from any threat to public safety or public health, or (b) in the interests of national security, issue a direction requiring Ofcom to suspend (either generally or in relation to particular networks or services) or to restrict the entitlement of a provider to provide networks or services.
Ofcom does this by issuing a direction addressed to the relevant provider which specifies the networks, services and facilities which may no longer be provided (the "Ofcom Direction").
The Ofcom Direction will take effect for an indefinite period from the time when it is notified to the relevant provider (unless the Ofcom Direction states otherwise).
The Ofcom Direction may impose conditions on the relevant provider which are intended to protect the provider's customers, including a condition requiring the making of payments by way of compensation for loss or damage suffered by the relevant provider's customers or in respect of annoyance, inconvenience or anxiety which result from the direction.
After making the Ofcom Direction, Ofcom is then required to provide the relevant provider with an opportunity to make representations and to propose steps to remedy the situation. While Ofcom can modify the Ofcom Direction, it can only be revoked at the direction of the Secretary of State.
Ofcom has certain powers to suspend or restrict a provider's entitlement to provide networks and/or services under the General Conditions including: for serious and repeated contraventions of the General Conditions or certain conditions imposed on providers with significant market power, universal service obligations or other access obligations (each a "Breach") and the imposition of penalties or the giving of enforcement notifications has failed to secure compliance (section 100 CA 2003); In urgent cases where there has been a Breach and Ofcom would be entitled to issue an enforcement notification and there is an immediate risk of (i) a serious threat to the safety of the public, to public health or to national security; (ii) serious economic or operational problems to communications providers or persons who make associated facilities available; or (iii) serious economic or operational problems for persons who make use of such networks, services or associated facilities (section 98 CA 2003); The provider has been in serious and repeated contravention of requirements to pay administrative charges and the bringing of proceedings and/or the imposition of financial penalties have not been sufficient to secure compliance (section 42 CA 2003); there has been a serious and repeated contravention of conditions regulating premium rate services and the imposition of penalties or the giving of enforcement notifications has failed to secure compliance (section 124 CA 2003); or There has been a serious and repeated contravention of requirements for providers to provide information to Ofcom and the imposition of penalties or the giving of enforcement notifications has failed to secure compliance (section 140 CA 2003).
Wireless Telegraphy Act licences, Providers of wireless networks also require a licence under the Wireless Telegraphy Act 2006 ("WTA 2006") in order to use certain radio frequency bands ("WTA Licences").
Ofcom has certain powers under WTA Licences to suspend the use of the radio equipment licensed thereunder (the "Radio Equipment").
For example, the WTA Licences for 2G and 3G mobile telephone services provides that Ofcom may require the Radio Equipment or any part thereof, to be modified or restricted in use, or temporarily or permanently closed down immediately if in the opinion of Ofcom (a) a breach of the WTA Licence has occurred; and/or (b) the use of the Radio Equipment is causing or contributing to undue interference to the use of other authorised Radio Equipment. In addition, Ofcom may in the event of a national or local state of emergency being declared require the Radio Equipment to be modified or restricted in use, or temporarily or permanently closed down either immediately or on the expiry of such period as Ofcom may specify. Ofcom may exercise this power by a written notice served on the licensee or by a general notice applicable to holders of a class of WTA Licence.
In addition, Ofcom has certain powers to vary the terms, provisions or limitations of WTA Licences and may in certain circumstances revoke such licences. Ofcom may, for example, at any time by giving the holder of the licence a notice in writing revoke the licence or vary its terms, provisions or limitations, if it appears to Ofcom to be necessary or expedient to do so in the interests of national security or for the purpose of securing compliance with an international obligation of the United Kingdom (section 6 WTA 2006).
Assisting Law enforcement/interception of and access to communications - RIPA, The Regulation of Investigatory Powers Act 2000 is the broad equivalent of the US CALEA provisions. The separate Data Retention (EC Directive) Regulations 2009 are also relevant. In this respect, Interception of communications on public telecommunications networks The interception of communications on public telecommunications networks is regulated principally by Part I of the UK's Regulation of Investigatory Powers Act 2000 ("RIPA").
Section 1(1) of RIPA makes it a criminal offence, subject to exceptions, to intercept communications over public telecommunications networks.
This includes diversion of recording of communications so that they can be reviewed subsequently.
RIPA identifies various circumstances in which it is lawful to intercept communications.
In particular, the Secretary of State can issue a warrant under section 5 permitting or requiring the interception of communications where necessary; in the interests of national security; for the purpose of preventing or detecting serious crime; for the purpose of safeguarding the economic well-being of the United Kingdom; or for the purpose, in circumstances appearing to the Secretary of State to be equivalent to those in which he would issue a warrant by virtue of paragraph (b), of giving effect to the provisions of any international mutual assistance agreement.
Warrants can be issued on the application of any of various persons, including, for example, the Director-General of the Security Service; the Chief of the Secret Intelligence Service; the Director of GCHQ; and the Chief of Defence Intelligence (section 6).
The recipient of the warrant can, however, carry out the permitted or required interception through a third party acting on its behalf (section 11(1)). If the third party is a public telecommunications operator it is obliged to co-operate (section 11(4)).
Part I of RIPA can be (and is) used to require public telecommunications operators to intercept communications and disclose them to the security services. Network configuration, access to encryption keys, etc.
RIPA also includes provisions designed to facilitate access to communications for national security and other purposes.
In particular: Section 12 (also in Part I) allows the Secretary of State to make orders imposing on public telecommunications obligations designed to make it practicable to impose and comply with interception warrants.
The Secretary of State has made such an order (the Regulation of Investigatory Powers (Maintenance of Interception Capability) Order 2002 (the "Order")).
The Order imposes various obligations on public telecommunications operators, with which they must abide in the design, operation, etc. of their networks, designed to facilitate interception of communications.
Part III of RIPA (and in particular section 49) applies in circumstances where any person has come into possession of encrypted (or otherwise "protected") information pursuant to an interception warrant or in various other circumstances.
It allows that person to require disclosure of encryption keys and other similar technology held by any other person where necessary in the interests of national security; for the purpose of preventing or detecting crime; or in the interests of the economic well-being of the United Kingdom.
Where encrypted information is obtained pursuant to an interception warrant, the warrant can grant the power to serve these notices. In some other circumstances, permission of a court is required.
The section 49 mechanism can, therefore, be used to require telecommunications operators and others to disclose encryption keys and other technologies required to decrypt communications obtained through interception warrants.
Retention of communications data, in addition, the Data Retention (EC Directive) Regulations 2009 (the "Regulations") impose various obligations on public telecommunications operators to retain data relating to communications over their networks for 12 months from the date of the communication, so that they are accessible by the authorities under interception warrants.
The Regulations require the retention of various categories of information but this does not extend to the content of communications.
Apparatus supply, Both the CA 2003 and the WTA 2006 also contain provisions which allow Ofcom to suspend the supply of certain apparatus. For example, Ofcom may direct a supplier of apparatus to suspend its activities where: there has been serious and repeated contravention of any conditions imposed on an apparatus provider with significant market power and the imposition of penalties or the giving of enforcement notifications has failed to secure compliance (section 101 CA 2003); there has been a serious and repeated contravention of requirements for apparatus suppliers to provide information to Ofcom and the imposition of penalties or the giving of enforcement notifications has failed to secure compliance (section 141 CA 2003); or in relation to wireless telegraphy apparatus, it appears to Ofcom to be expedient to do so for the purpose of preventing or reducing the risk of interference with wireless telegraphy (subject to the UK's international obligations), in which case Ofcom may make a restriction order imposing restrictions in relation to the manufacture, sale, letting or importation of apparatus of a class or description specified in the order (section 62 WTA 2006).
The UAE's Telecommunications Regulatory Authority (TRA) administers a Policy on Radiocommunications issued on 23 July 2008 that, at Article 11.1, prohibits the use of "encryption techniques for the purpose of obscuring the meaning in relation to contents unless explicitly authorized by the Authority."
Under TRA Resolution No. (7) of 2008 Regarding the Licensing Regulations, the TRA has authority under Article 4 to suspend an operator's license if, among other things: "The Licensee is in breach of the License conditions and has failed to remedy the breach despite the Authority requiring it to do so."
The same Article provides for license suspension as necessary "[i]n the national interest."
Further, under the Public Access Mobile Radio Licence Template issued by TRA on 23 July 2008, Article 20 requires license holders to "comply with any directions as the Authority or other competent authorities may issue from time to time on matters relating to public interest, safety and/or national security."
The authority of TRA as set forth above is broadly similar in scope and purpose to the authority held by the FCC under its regulatory regime and by the US law enforcement authorities, acting through the FCC, to prevent operators (i.e., under CALEA and applicable network security agreements) from undermining the ability of US law enforcement authorities to acquire calling data and call-identifying information in accordance with their lawful authority and the equivalent regime in the UK.