Skip to main content
Version status: In force | Document consolidation status: Updated to reflect all known changes
Version date: 9 June 2023 - onwards
Version 2 of 2

12. Providers to notify users of particular and significant threat of security incident

(1) In the case of a particular and significant threat of a security incident in public electronic communications networks or publicly available electronic communications services, a provider of such networks or services shall -

(a) inform its users potentially affected by such a threat of any possible protective measures or remedies which can be taken by the users, and

(b) where appropriate, inform its users of the threat itself.

(2) Subsection (1) is a regulatory provision.

(3) A provider who fails to inform its users in accordance with subsection (1)(a) commits an offence and is liable on summary conviction to a class A fine.