Technical operability and information security
FICORA's steering and supervision of technical operability and information security is divided into the following area entities: technical operability, information security, numbering, internal networks and telecommunications contracting, frequencies, CE markings, qualified certificates and identification, and domain names.
By ensuring and managing the technical operability of telecommunications networks, the reliability and quality of communications services provided by telecommunications operators are guaranteed in different situations. Technical operability means fulfilment of the service quality, reliable performance capacity in normal and disruptive situations, management of the capacity, network neutrality, and interoperability.
Information security means the security of data communications, hardware, software, data material, and operations. The purpose of it is to secure the integrity, confidentiality and usability of networks and services. Telecommunications operators' public communications networks supervised by FICORA refer to both fixed and wireless networks intended for targeted and mass communications. The supervision of other providers of electronic communications and corporate or association subscribers centres around data protection. A special target group in terms of information security supervision is the players processing international classified information and information produced by authorities.
Numbering in a public telephone network and essentially related telephone number portability, barring categories in telecommunications, and technical implementation of charging are issues for which the sector must have uniform practices and procedures. Uniform practices and procedures enable that the interoperability and quality of telephone services provided by telecommunications operators are ensured.
Communications networks and communications systems in real estate buildings, i.e. internal networks, are part of the basic equipment in real estate buildings, similarly to e.g. the electrification in real estate buildings. High-quality internal networks enable the use of communications services in real estate buildings. Although telecommunications connections can also be implemented wirelessly, it should be noted that an internal network implemented by means of cables is the basis for versatile use of services in the future, too.
The construction of internal networks is regulated in Finland by FICORA's regulation which must be complied with when constructing an internal network. In addition, other documents which provide help for the planning and construction of internal networks have been made. The documents concerning the planning, construction and maintenance of internal networks can be found below.
FICORA steers and supervises the use of radio frequencies and grants licences for radio transmitters. The authority performs inspections related to the use of radio frequencies, for example in sports and culture events where an exceptional high number of frequency users operate simultaneously. FICORA also detects the reasons causing radio interference. If necessary, inspections can also be carried out in order to detect individual cases of radio interference.
FICORA supervises the conformity of radio equipment. Manufacturers, importers and distributors of radio equipment must ensure that only interference-free and compliant CE-marked radio equipment is available to consumers. The conformity of radio equipment is in everyone's interest.
Strong electronic identification, electronic signatures and certificates help in identity verification, identification and data encryption in electronic information networks. Strong electronic identification and electronic signatures are governed by law. Qualified certificates are currently provided by the Population Register Centre, strong electronic identification by banks and mobile operators.
Steering and supervision concerning the technical operability and information security of networks and services is a continuous process which is described in Finnish in the following figure.
The operability, information security and reliability of networks and services are governed by different acts. FICORA specifies acts, whenever necessary, with binding technical regulations and supervises that the operations meet the minimum requirements of acts and regulations.
In addition to acts and technical regulations, FICORA issues recommendations, guidelines, working group reports and other reports. As part of its technical supervision, FICORA monitors, if necessary, international standardisation groups and other international development. In addition to the measures mentioned above, another key measure in ensuring interference-free radio frequencies is granting of radio licences.
Supervision methods are supervision surveys, inspections, companies' obligations to report information security and functionality disturbances, and supervision decisions on the basis of own-initiative investigations or complaints.
Telecommunications operators are surveyed by FICORA in writing. The purpose of the surveys is to examine how the operators meet the requirements laid down in provisions and regulations in their own operations. The surveys are detailed and they are usually defined to concern certain topics. On the basis of the replies, FICORA can provide telecommunications operators with information on good practices, impose obligations on operators to repair defects, target supervision and guidance, assess the needs to amend regulations, and produce general, public information on networks and services.
The purpose of technical inspections is to ensure that communications networks and services of telecommunications operators are implemented as required by provisions. An inspection can be a general inspection or it can focus on a defined topic.
If necessary, an inspection can also be carried out in order to resolve a single complaint. An agreement on inspections is usually made in advance. Telecommunications operators may have to submit a preliminary clarification before the inspection. FICORA can commission an independent expert of its choice to carry out a security audit based on the Act on Privacy in Electronic Communications.
Subject to inspections are both the actual systems used for service provision and the systems supporting the provision. A record of the inspection is drawn up and, if necessary, the telecommunications operator subject to the inspection is obliged, on a separate decision, to repair the defects.
FICORA may investigate the operations of telecommunications operators on its own initiative or on the basis of a complaint. Based on its investigation, FICORA may, for example, oblige a telecommunications operator, telecommunications contractor, real estate building holder or housing company, or a corporate or an association subscriber to change its operations or procedures.
By its decision, FICORA cannot oblige that the technical operability of an individual customer's communications service is repaired in certain time. The decision can only be used for resolving whether the operations of the telecommunications operator have been in accordance with provisions. Instead, the customer may be entitled to a standard compensation or some other kind of compensation due to a violation of contract. Disputes concerning compensations are settled by a general court of law. Consumer customers can also contact the Consumer Disputes Board.
FICORA's decisions concerning technical operability and information security may be appealed to the Administrative Court. The decision must be complied with despite any appeal unless the Administrative Court orders otherwise.
Public authority networks mean communications networks built for the needs of government measures and state security, military defence, public order and security, border control, rescue activities, maritime rescue activities, emergency centre activities, immigration, first aid services, railway security, or civil defence.
Because the set of users using public authority networks is subject to prior restriction, the networks are not public telecommunications.
Public authority networks may be incorporated into telecommunications operators' general communications networks. Thus, the requirements that concern them must not cause operability and information security disturbances in general communications networks and services.
Because of the nature and the purpose of use of public authority networks, the needs for their reliability are, in practice, stricter than in general communications networks. FICORA does not regulate the reliability of public authority networks. With regard to public authority networks, it is very essential to maintain own network infrastructure, but also the level of ensuring network and communications services acquired from telecommunications operators in a general communications network has an important role. Acquiring a network service from a general communications network is normal subcontracting in which the level of quality is agreed on in agreements and the subcontractor is responsible for acquiring such services that the subcontractor's own standards require.