site.btaCommunications Regulator Orders Mobile Operators to Strengthen Network Security After Outages

The Communications Regulation Commission (CRC) will require mobile operators to improve network security to prevent incidents such as those involving Vivacom Bulgaria on April 24 and A1 Bulgaria on April 29, CRC said on Friday.

At a regular meeting, CRC reviewed and adopted internal investigation reports from A1 and Vivacom concerning recent service disruptions. The investigations were launched by a CRC decision on May 8.

On April 29, A1 experienced technical issues affecting calls and text messages on its 2G and 3G networks nationwide. On April 24, Vivacom warned of temporary difficulties with mobile voice and internet services due to a supplier's software update.

The reports presented on Friday identified human error in both cases—during a supplier-led software update in Vivacom’s case, and during A1’s migration to a cloud platform.

Following its analysis, CRC will hold talks with the relevant authorities under Article 243v of the Electronic Communications Act to develop guidelines for strengthening network security and preventing similar incidents.

CRC will also contact the Consumer Protection Commission to arrange a meeting on setting minimum compensation for affected users and clarifying providers’ obligations to notify users and the public during such incidents. Amendments to the current General Requirements will follow.