Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Kosovo: ARKEP publishes regulation on security of electronic communications services and networks
The Regulatory Authority of Electronic and Postal Communications ('ARKEP') published, on 23 November 2016, Regulation No. 29 on technical and organisational standards for the security and integrity of networks and electronic communications services ('the Regulation').
The Regulation requires service providers to protect the confidentiality of communications and traffic data from eavesdropping and illegal surveillance, and provides that operators shall not collect any data about users apart from what is necessary for providing the service. In addition, Article 5 of the Regulation requires operators to notify the ARKEP of incidents involving the unauthorised access to electronic data or violations of system integrity. Operators are also required to carry out an impact assessment of security incidents according to the criteria provided in Annex 1 to the Regulation and submit a report to the ARKEP within 15 days following a security incident.
You can read the press release here and the Regulation here, both only available in Albanian.