Data Protection in Telecommunications
The telecommunications sector is subject to special data protection rules. And there are many. But they are scattered across all sorts of legislation. But the clear focus is on maintaining the confidentiality of telephone conversations. Licensed providers of telecommunications services, such as telecommunications companies, which transfer information for third parties according to Article 3(b) of the Telecommunications Law are obligated by Art. 43 of the Telephony Secrecy Law to maintain the secrecy of telecommunications. What this means is that anyone entrusted telecommunications may not provide any information about the communications traffic of the subscriber (user) and may not allow others to do the same.
Telecommunications secrecy laws also apply to internet service providers (ISPs) that provide the public with telecommunications transmission of information based on the IP technology using public IP addresses. In addition to the telephone traffic, as a rule all of the newer services (e-mail, mobile, fax, pager, etc.) are included under the telecommunications secrecy laws.
A violation of the telecommunications secrecy laws can result in the telecommunications service provider having its license suspended or revoked. In addition, the employees, support staff, and officials who revealed the secret information to others in an unlawful manner may be subject to a fine or imprisonment of up to three years. It is therefore important to take the necessary technical, legal and organisational measures to preserve the secrecy as required. This is not always easy. This holds true for new applications and business models as well as the outsourcing of business and application functions.
Maintaining the secrecy of telecommunications is certainly important. However, this is only one of the many challenges posed by data protection laws on those in the telecommunications industry.
We provide legal support for the following applications and services in the telecommunications sector:
- Data protection-compliant planning, implementation and operation of customer interaction centres (CICs)
- Data protection-compliant organization and execution of outbound (such as cold calling, telemarketing) and inbound calls (such as collection, analysis and use of personal information from customer-initiated telephone calls)
- Call recording and evaluation of telephone conversations for business purposes
- Telephone and email monitoring in the workplace
- Mystery calls to verify the quality of service and advice offered by employees when taking telephone inquiries.
- Employee behaviour analysis
- Email monitoring of service requests
- Routing and retrieval of customer calls to third-party service providers
- Outsourcing of call centres and customer interaction centres (CICs)
- Customer surveys (by phone, email, SMS and letter)
- Winning back customers through personal data mining analysis
- Quality assessments
- Market research
- LBS (location based services)
- SMS advertising, SMS Clubs
- Cross-selling, up-selling
- Mobile CRM
- Mobile payment
- Data processing on outside devices through telecommunications technology
- ActiveX controls, scripts, cookies, web bugs, hidden identifiers, spyware