The German Federal Court of Justice recently clarified online platforms' liability for user-generated content, ruling platforms aren't directly liable without knowledge but must act swiftly upon notification, significantly impacting digital service providers across Europe.
Australia’s eSafety Commissioner ordered Telegram to pay AUD 1 million for ignoring transparency obligations. Officials requested details on terrorist and child sexual content steps, but Telegram delayed months, triggering enforcement under the Online Safety Act.
On 28 February 2025, Japan’s Cabinet announced significant plans to introduce a Bill to promote research, development, and practical application of artificial intelligence technologies. The legislation focuses on transparency, protection of rights, and international cooperation.
Norway’s new Electronic Communications Act 2025 requires service providers to conduct ongoing risk assessments, report significant security breaches within strict timelines, and notify users of risks, prioritising transparency and strengthening electronic communication networks and user privacy.
On 1 January 2025, Norway implemented the Electronic Communications Act (Prop. 93 LS), introducing enhanced cybersecurity measures for electronic communication networks and services.
The new regulations aim to bolster digital security, requiring service providers to adopt proactive risk management strategies and transparent communication practices in the event of breaches.
The Act mandates electronic communication operators to conduct ongoing risk assessments to safeguard their networks and services.
This approach compels operators to remain vigilant against emerging threats by regularly updating security protocols and ensuring that their systems are robust enough to withstand cyberattacks.
These risk assessments are not a one-time measure but an ongoing obligation, reflecting the dynamic nature of cybersecurity threats.
Operators must monitor vulnerabilities, implement necessary fixes, and adopt modern technologies to protect communication infrastructure from potential exploitation.
The legislation also introduces strict timelines for reporting security breaches. Service providers are required to inform the Norwegian Data Protection Authority (DPA) within 72 hours of detecting a significant breach.
This allows regulators to assess the impact, coordinate responses, and hold operators accountable for lapses in security.
Moreover, in cases where users’ data or privacy might be compromised, service providers must notify affected subscribers within 24 hours.
This swift notification requirement prioritises transparency, giving users the information they need to protect themselves from potential misuse of their personal data.
A core component of the Act is its focus on protecting user and subscriber privacy. With the increasing volume of personal information stored and transmitted through digital networks, the new regulations aim to prevent unauthorised access and data breaches that could harm users.
By mandating immediate action and user notifications, the Act acknowledges the importance of timely communication in mitigating the effects of security incidents.
This measure empowers users to take necessary precautions, such as changing passwords or monitoring account activity, in response to potential threats.
The Act places a significant operational burden on service providers, requiring them to invest in robust cybersecurity frameworks and maintain high levels of readiness to detect and address security breaches.
Companies operating in Norway must now integrate these requirements into their existing protocols, ensuring compliance with both national and international cybersecurity standards.
Failure to adhere to these regulations could result in penalties and damage to a company’s reputation. As such, many operators are expected to enhance their investments in cybersecurity technologies and training programs for their staff.
Norway’s Electronic Communications Act reflects the growing urgency of addressing cybersecurity threats in an increasingly interconnected world.
With digital communication forming the backbone of modern society, the Act provides a framework for operators to protect infrastructure and maintain public trust in electronic communication services.
The German Federal Court of Justice recently clarified online platforms' liability for user-generated content, ruling platforms aren't directly liable without knowledge but must act swiftly upon notification, significantly impacting digital service providers across Europe.
Australia’s eSafety Commissioner ordered Telegram to pay AUD 1 million for ignoring transparency obligations. Officials requested details on terrorist and child sexual content steps, but Telegram delayed months, triggering enforcement under the Online Safety Act.
The European Commission recently submitted a proposal for an EU Blueprint on cybersecurity crisis management. The recommendation outlines response mechanisms, promotes Union, and calls for collaboration between civilian authorities and military partners.
China's new rules on military content sharing impose tighter guidelines on what can be posted online. The rules mandate platforms to follow official sources, banning misinformation while promoting government-approved perspectives on national defence, history, and military achievements.
Follow the latest Tech Law news and updates about AI, Digital Assets, Internet Law, Data Protection, LawTech.
