Technical operability and information security
The aim of the legislation and supervision is to promote the technical operability, reliability, information security and efficiency of networks and services.
FICORA's steering and supervision of technical operability and information security is divided into the following area entities:
- Technical operability
- Information security of networks and services
- Internal networks and telecommunications contracting
- CE markings
- Qualified certificates and identification
- Fi-domain names.
Steering and supervision concerning the technical operability and information security of networks and services is a continuous process which is described in the following figure.
The operability, information security and reliability of networks and services are governed by different acts. FICORA specifies acts, whenever necessary, with binding technical regulations and supervises that the operations meet the minimum requirements of acts and regulations.
In addition to acts and technical regulations, FICORA issues recommendations, guidelines, working group reports and other reports. As part of its technical supervision, FICORA monitors, if necessary, international standardisation groups and other international development. In addition to the measures mentioned above, another key measure in ensuring interference-free radio frequencies is granting of radio licences.
Supervision methods are supervision surveys, inspections, companies' obligations to report information security and functionality disturbances, and supervision decisions on the basis of own-initiative investigations or complaints.
Telecommunications operators are surveyed by FICORA in writing. The purpose of the surveys is to examine how the operators meet the requirements laid down in provisions and regulations in their own operations. The surveys are detailed and they are usually defined to concern certain topics. On the basis of the replies, FICORA can provide telecommunications operators with information on good practices, impose obligations on operators to repair defects, target supervision and guidance, assess the needs to amend regulations, and produce general, public information on networks and services.
The purpose of technical inspections is to ensure that communications networks and services of telecommunications operators are implemented as required by provisions. An inspection can be a general inspection or it can focus on a defined topic.
If necessary, an inspection can also be carried out in order to resolve a single complaint. An agreement on inspections is usually made in advance. Telecommunications operators may have to submit a preliminary clarification before the inspection. FICORA can commission an independent expert of its choice to carry out a security audit based on the Act on Privacy in Electronic Communications.
Subject to inspections are both the actual systems used for service provision and the systems supporting the provision. A record of the inspection is drawn up and, if necessary, the telecommunications operator subject to the inspection is obliged, on a separate decision, to repair the defects.
FICORA may investigate the operations of telecommunications operators on its own initiative or on the basis of a complaint. Based on its investigation, FICORA may, for example, oblige a telecommunications operator, telecommunications contractor, real estate building holder or housing company, or a corporate or an association subscriber to change its operations or procedures.
By its decision, FICORA cannot oblige that the technical operability of an individual customer's communications service is repaired in certain time. The decision can only be used for resolving whether the operations of the telecommunications operator have been in accordance with provisions. Instead, the customer may be entitled to a standard compensation or some other kind of compensation due to a violation of contract. Disputes concerning compensations are settled by a general court of law. Consumer customers can also contact the Consumer Disputes Board.
FICORA's decisions concerning technical operability and information security may be appealed to the Administrative Court. The decision must be complied with despite any appeal unless the Administrative Court orders otherwise.
Public authority networks mean communications networks built for the needs of government measures and state security, military defence, public order and security, border control, rescue activities, maritime rescue activities, emergency centre activities, immigration, first aid services, railway security, or civil defence.
Because the set of users using public authority networks is subject to prior restriction, the networks are not public telecommunications.
Public authority networks may be incorporated into telecommunications operators' general communications networks. Thus, the requirements that concern them must not cause operability and information security disturbances in general communications networks and services.
Because of the nature and the purpose of use of public authority networks, the needs for their reliability are, in practice, stricter than in general communications networks. FICORA does not regulate the reliability of public authority networks. With regard to public authority networks, it is very essential to maintain own network infrastructure, but also the level of ensuring network and communications services acquired from telecommunications operators in a general communications network has an important role. Acquiring a network service from a general communications network is normal subcontracting in which the level of quality is agreed on in agreements and the subcontractor is responsible for acquiring such services that the subcontractor's own standards require.