IBLS Speaker's Corner : telecommunication

Europe Fights Mobile Malware

Maricelle Ruiz — Wed, 27 Jun 2007 12:10:00 GMT

Just when we thought our computer antivirus would protect us from anything out there…the mobile virus made its grand entrance into Europe. Police started to investigate and recently detained a prolific, mobile-virus creator. Information on the modus operandi of mobile hackers and tips to avoid their traps has been released to nip this challenge in the bud. Although they concur that this criminal activity is still not widespread, experts also agree that it shouldn’t be underestimated.

“Viruses are not harmless pranks; they cause real harm disrupting business and personal communications as well as destroying and stealing sensitive data,” says Graham Cluley, senior technology consultant for Sophos, an IT security firm. “The computer crime authorities around the globe are becoming more experienced at tracking down hackers and virus writers, and malware authors should be asking themselves whether it’s really worth taking the risk.”

After an investigation spanning half a year, Spanish police have detained a 28-year-old man accused of creating more than twenty “Leslie” viruses, reportedly affecting the high-end devices of more than 100,000 people. Millions of dollars could have been lost as a result of the viruses, reportedly named after the suspect’s fiancée. Police have seized computers, mobiles and other high-tech devices to build up their case.

The “Leslie” viruses resembled malware affecting the mobiles of hundreds of people attending the 2005 IAAF World Championships in Athletics in Helsinki, Finland, and devices in Northern Spain. The ‘Leslies’ spread through Bluetooth, manipulating infected devices to send multimedia messages to contacts in the phone agenda as well as in the call and incoming messages lists.

This particular malware came with pornography, ring tones, sports news, chat applications and even antiviruses, and manipulated devices to transmit costly phone messages or caused phones to run out of battery. However, experts report that malware may also come with pictures and video clips; replace system applications; and make screen text unreadable, among other criminal activity.

To protect mobiles, telecom and technology companies recommend that users equip mobiles with antivirus protection and firewalls; or run applications to revamp already affected devices. These programs are available online or at an operator. Companies also advise users to accept ONLY content from a known source, through Bluetooth or Beam infrared technology. Users should deactivate the technology when it is not in use to keep phones from receiving messages containing malware.

Internet security firms also report a fight against multilingual mobile spam within the continent.

Israeli Bill Will Require ISPs to Block Pornographic Sites

IBLS Editor — Fri, 15 Jun 2007 17:05:00 GMT

IBLS Contributor: Odia Kagan, Tel Aviv, Israel, odia@okaganlaw.com, writes:

The Israeli Minister of Communication, Mr. Ariel Atias, of the ultra-religious party “Shas” is promoting a new bill to force Israeli Internet Service Providers (ISPs) to block pornographic websites using special filters. The sites would be un-blocked only pursuant to the specific request of a customer. The bill is intended to prevent minors from accessing websites with adult content (pornography and gambling) without imposing excessive controls, resulting in public outrage.

This requirement from the ISPs follows a similar prohibition, effective on May 25, 2007, imposed on the Israeli cellular telephone companies. By amending their licenses for the provision of telecommunication services over mobile telephone, the Ministry of Communications required the companies to block free access to pornographic services offered in their cellular portals. Access would only be permitted after the customer has proven that he or she is 18 or older, by sending a fax or an email with a picture and a scanned copy of the National Identity Card.

Before the amendment, the age could be established by the input of the Identity Card number and the date of birth. As this information is generally known to children, it was decided that this data does not provide adequate protection. The prohibition applies only to the cellular portal, a content service provided by the cellular companies. It does not apply or ban access to websites, which may be surfed using the mobile telephone.

Originally published on Ms. Kagan's blog e-legal on May 8, 2007 at www.odiakagan.typepad.com

Ms. Kagan specializes in Internet and IT law. Her articles on these subjects are published regularly in professional publications of the American Bar Association and the New York State Bar Association as well as in national Israeli websites. Ms. Kagan authored the Israeli Chapter in the book “Cybercrime and Security” published worldwide by Oceana Publications, a division of Oxford University Press. A graduate of the Law Faculty of Tel Aviv University, Ms. Kagan is a member of the Israel and New York Bars, is qualified as a Solicitor in England & Wales and is also admitted as legal practitioner in New South Wales, Australia.

The statement above is the author’s opinion and does not constitute or replace legal consultation.

European Parliament Adopts New International Roaming Regulation

IBLS Editor — Tue, 29 May 2007 16:04:00 GMT

IBLS Contributor: Bart Goddyn, Goddyn Belgium, bart.goddyn@goddyn.eu, writes:

On 23 May 2007, the plenary session of the European Parliament voted, with a strong majority, for the adoption of a Regulation to reduce international roaming tariffs for mobile communication within the European Union. This Regulation is said to bring a new era in mobile communications with important benefits to consumers.

Rationales for a Regulation

In May 2005, the European Regulators’ Group (ERG) noted that international mobile roaming charges are too high without clear justification. Average retail prices for calls made whilst roaming are four times higher than the equivalent prices for domestic mobile calls. This difference does not reflect the cost incurred by the operators.

Roaming charges for consumers are neither transparent nor comprehensible. Initiatives to address this problem, such as the creation of websites showing roaming prices by regulatory authorities appear to be insufficient.

Roaming services are supplied in at least two Member States. This results in different national approaches to address the consumer prices. These differences bar the development of a single EU market for mobile telecommunication services.

Main Elements for the Regulation

The main elements for the Regulation relate to the cap of charges both among mobile operators and for consumers and to the transparency of these charges. The Regulation should also encourage competition below the price caps (also called “Eurotariff”).

The cap of wholesale charges relates to the charges that mobile phone operators charge each other for their roaming services. This cap takes as its starting point the tariffs for connecting mobile phone calls from other domestic networks. The cap of retail charges sets the maximum price limit at 130% of the average wholesale charge.

This would apply to calls made and received while roaming. Beneath these caps, operators would remain free to compete by offering cheaper roaming services, or packages differentiated according to customer demand.

The proposal also enhances transparency of roaming charges for consumers. Operators will therefore be required to provide and update consumers with readily comprehensible information (either by SMS or by means of a voice call) on applicable roaming charges.

Towards the Regulation

The Council of EU Telecom Ministers is expected to endorse the Regulation on 7 June 2007. The Regulation will then become directly applicable law in all 27 Member States following its publication in the Official Journal, expected by mid-June. The capped retail charges must be made available to customers one month later and will apply by default after a further two months. The wholesale cap will take affect two months after entry into force of the Regulation.