Schalast Rechtsanwälte is your expert for OTT regulation

From 21 December 2020, all providers of OTT communications services that offer their product in an EU member state are required to comply with the requirements of the European Electronic Communications Code (EECC), the Directive on privacy and electronic communications (ePrivacy Directive) and other European legal acts as well as the respective national legal peculiarities. Insofar, the new regulatory regime in telecommunications has global reach.

In cooperation with partner law firms worldwide, Schalast Rechtsanwälte has created a one-stop-solution to ensure OTT providers’ compliance under the new European regulatory regime. However, naturally, clients are not required to obtain the whole package of our services. Dependent on the amount of work than can be done internally, we are happy to provide individual solutions that suit our clients’ respective needs perfectly.

Clients’ advantages

Schalast Rechtsanwälte has many years of experience in advising telecommunications providers, network operators and other industry-related companies. We have focused on the regulatory environment of OTT providers for many years.

The personnel required for implementation can be provided by us completely and at short notice. You avoid both the time-consuming creation of new positions and the burden of unnecessary overhead costs in the future. Schalast Rechtsanwälte regularly supports clients in the implementation of complex compliance projects. Our lawyers are experienced in project management.

Schalast Rechtsanwälte is a member of the global law firm network Multilaw. Together with our partner law firms, we have created an international network of law firms with particular expertise in telecommunications and OTT regulation. Thereby, our clients are provided with a one-stop-shop solution for the whole EU including access to specialised knowledge of the relevant national laws.

Our lawyers have many years of practical experience in the telecommunications industry and are familiar with all relevant stakeholders (e.g., the national regulatory authorities, BEREC, interest groups, incumbents).

Many measures to be implemented are not limited to one-off adjustments but require the introduction of permanent processes. Such processes can tie up staff in the long term. We can provide our clients with both cost-efficient and flexible monitoring and other supplementary services so that you can concentrate on your core business.

Examples of our services

Below, we have listed several examples to illustrate how our expertise and ressources can be utilized in a compliance project. You have full control: Depending on your specific needs, you can order a comprehensive service package and leave the rest to our experts or supplement your internal compliance measures individually with the services you require.

The new regulatory framework defines a service-specific data protection regime to which a company’s internal processes must be adapted. In cooperation with your IT department, we analyse the current scope and manner of data processing and provide recommendations for a legally compliant design of the underlying processes – naturally, without losing sight of your business interests.

We adapt your data protection declarations to the new requirements.

We support you in the legally compliant design of your processes for communicating data protection incidents to the competent authorities and your customers. This includes recommendations on how automation and the use of legal tech tools can increase the efficiency of your processes.

Article 40 para. 1 of the EECC requires OTT providers to ” take appropriate and proportionate technical and organisational measures to appropriately manage the risks posed to the security of networks and services“. These requirements are specified in the publications of the European Union Agency for Cybersecurity (ENISA) and the national regulatory authority. We communicate the relevant legal requirements to your IT department and jointly determine the necessary scope of adaptation. We ensure that all information obligations vis-à-vis the authorities are complied with.

Should a security incident occur despite all precautions, the necessary processes must be implemented to deal with such in a legally compliant manner. Every security incident must be identified and analysed regarding its effects. The competent authority and, if applicable, the customers must be informed. We develop the necessary processes to meet these obligations and support you in their implementation.

Dealing effectively with the new regulatory framework requires awareness of your company’s new rights and obligations among your employees. In particular, your legal department should be familiar with the new options for dispute resolution and legal recourse under the EECC: Consumers will be able to appeal to official dispute resolution boards. The right to initiate (cross-border) official dispute resolution procedures against other market players allows for obtaining both quick and binding decisions. Companies with market power can be put in their place by applying for an official abuse procedure.

Schalast Rechtsanwälte can support you in embedding all relevant knowledge effectively, both on- and off-site via personal trainings and/or automated training tools.

New competences of national regulatory authorities under the EECC are likely to increase the number of regulatory actions (e.g., requests for information and administrative orders) directed at your company and requires their professional management. We protect and enforce your rights both vis-à-vis the authorities and in court.

Optimally, a potential conflict is averted in advance. This requires systematic monitoring of regulatory plans as well as proactive communication with the authorities and other state actors. Schalast Rechtsanwälte enables you to identify opportunities for influence and to use such opportunities proactively via statements and other measures.