« EU データガバナンス法案 | Main | NATOのサイバー演習 Cyber Coalition 2020はバーチャル環境で実施され成功裡に終わった »

2020.11.30

英国 電気通信セキュリティ法案

こんにちは、丸山満彦です。

U.K.が電気通信セキュリティ法案を公表していますね。。。

● U.K. Government

・2020.11.24 (Press) New telecoms security law to protect UK from cyber threats

Telecoms companies in the UK must follow tougher security rules or face fines of up to ten per cent of turnover, under a new law laid in Parliament today.

  • New legal duties on telecoms firms to increase the security of entire UK network
  • New powers for government to remove high risk vendors such as Huawei
  • New responsibilities on Ofcom to monitor telecoms operators’ security
  • Fines up to ten per cent of turnover or £100,000 a day for failing to meet standards

要は

  • 英国のネットワーク全体のセキュリティを強化するために、電気通信事業者に新たな法的義務を課す
  • Huaweiなどのハイリスクベンダーを排除するための新たな権限を政府に付与する
  • 電気通信事業者のセキュリティを監視するためにOfcom [wikipedia] に新たな責任を課す
  • 違反した場合は、売上高の10%または1日10万ポンドを上限として罰金を課す

ということのようです。。。

法案と詳細なインパクトアセスメントは↓

・2020.11.24 (Guidance) Telecommunications (Security) Bill: overarching documents

・・[PDF] Telecommunications (Security) Bill

・・[PDF] National security powers in relation to high risk vendors (Impact Assessment)

・・[PDF] The Telecoms Security legislation (Impact Assessment)

 


法案の概要等、高橋先生のブログが参考になります!

IT Research Art

・2020.11.29 英国の電気通信セキュリティ法案


 

 

 

 

CONTENTS

Duties of providers of public electronic communications networks and services
1 Duty to take security measures
2 Duty to take measures in response to security compromises
3 Codes of practice about security measures etc

Informing others of security compromises
4 Informing others of security compromises

Securing compliance with security duties
5 General duty of OFCOM to ensure compliance with security duties
6 Powers of OFCOM to assess compliance with security duties
7 Powers of OFCOM to enforce compliance with security duties
8 Civil liability for contravention of security duties
9 Relationship between security duties and certain other duties etc
10 Statement of policy on ensuring compliance with security duties

Reports on security etc
11 Reporting on matters related to security
12 Powers to require and share information related to security
13 Appeals against security decisions of OFCOM
14 Reviews of sections 1 to 13

Designated vendor directions
15 Designated vendor directions
16 Designation notices
17 Laying before Parliament

Monitoring and enforcement
18 Monitoring of designated vendor directions
19 Monitoring directions: inspection notices
20 Power of Secretary of State to enforce compliance with designated vendor
directions etc
21 Urgent enforcement directions

Designated vendor directions: further provision
22 Requirement not to disclose
23 Power of Secretary of State to require information etc

Further amendments
24 Further amendment concerning penalties
25 Further consequential amendments

Final
26 Financial provision
27 Extent
28 Commencement
29 Short title


|

« EU データガバナンス法案 | Main | NATOのサイバー演習 Cyber Coalition 2020はバーチャル環境で実施され成功裡に終わった »

Comments

Post a comment



(Not displayed with comment.)


Comments are moderated, and will not appear on this weblog until the author has approved them.



« EU データガバナンス法案 | Main | NATOのサイバー演習 Cyber Coalition 2020はバーチャル環境で実施され成功裡に終わった »