The UK telecoms regulator, Ofcom, will tomorrow (1st Oct 2024) begin enforcing new roaming rules that require mobile network operators, such as Three UK, Vodafone, EE and O2 (including their many virtual / MVNO partners), to protect consumers who travel abroad from mobile BILL SHOCKS on data (broadband), call and text charges.

Just to recap. The regulator previously found (here) that the quality of information being provided by mobile operators on roaming charges could be “inconsistent and unclear“. In addition, Ofcom noted that 19% of holidaymakers are unaware they could face extra charges when using their phone abroad, and a similar proportion (18%) said they do not research roaming charges before travelling.

However, Ofcom lacks the power to stop mobile operators from charging customers for using their services when travelling, so instead they will tomorrow begin enforcing new rules and guidance that require all UK mobile operators to tell their customers when they start roaming, how much it will cost them and any action they can take to limit their spend. Many already do this, albeit to varying different degrees.

The new rules also tackle the issue of “inadvertent roaming“, which is where mobile phones inadvertently roam to a network in a different country even though the customer is not physically in that country, such as when UK customers on the English coast inadvertently roam on to French networks (Ofcom says 14% of UK mobile customers experience this both when abroad or still in the UK).

What Changes Have Ofcom Made?

Requiring providers to send roaming alerts so that customers can make informed decisions and are protected from unexpected bills

Providers must notify customers when they start roaming (both in the EU and rest of world destinations). The notification(s) must provide clear, comprehensible, accurate information so a customer can make informed decisions when roaming and:

• enable customers to understand any charges that apply to using roaming services, any fair use limits and the time period that applies to any time-limited charges. The new rules give providers some flexibility in how they communicate the information to their customers;

• inform customers that they can specify or modify a mobile bill limit and direct them to information on how to put in place or amend such a limit; and

• direct customers to free to access, clear, comprehensible and accurate additional information on roaming.

While regulatory protections are already in place to ensure that customers are given pricing information and the option to set a mobile bill limit at the time they contract for mobile services, the roaming alert is intended to ensure customers are provided with timely, clear and accurate information at the point of roaming. It should ensure they can make an informed decision about the use of roaming services and are aware of their right to specify or modify a mobile bill limit, helping to protect customers from harms such as unexpected roaming bills.

Providers must protect customers against the impact of inadvertent roaming

The requirements on roaming alerts should ensure that customers are alerted to the fact that they are roaming, including where this is inadvertent. However, considering the potential for harm and to help protect customers from the impacts of inadvertent roaming, we have decided to bring into force the inadvertent roaming rules we consulted on. These will require providers to:

• have measures in place to enable customers to reduce and/or limit expenditure related to inadvertent roaming while they are in the UK (e.g. treating Ireland usage as UK usage).

• provide clear, comprehensible and accurate information to customers about the above measures and also how to avoid inadvertent roaming in and outside of the UK, particularly in border regions.

This approach takes account of providers’ current practices such as treating certain roaming usage as UK usage, which protects customers from the impact of inadvertent roaming while in the UK. This will particularly benefit customers in Northern Ireland who can experience inadvertent roaming on a regular basis.

Guidance setting out expectations and examples of good practice

We are issuing guidance to accompany the new roaming rules to provide greater clarity to providers on what we expect and how we are likely to approach investigating compliance as well as to promote good practice. This includes examples of roaming alerts and steps that providers are already taking to help customers in Northern Ireland protect themselves from inadvertent roaming (e.g. treating Ireland usage as UK usage).

A new survey of 3,045 UK internet users, which was conducted by Broadband Genie between 1st January and 26th April 2024, has revealed that 89% of respondents have never updated the firmware of their home router and 86% have never changed the device’s administrator password (falling to 72% for those who have never changed their WiFi password).

The survey also found that 75% have never checked to see what or who is linked to their router and 52% have never changed or updated any of their router’s settings (this is up from 48% in 2022). The study goes on to claim that leaving the router set to its default password “allows hackers to easily identify which make and model of router the target is using,” although a lot of ISPs these days supply long randomised passwords that have no specific structure for identification.

In addition, routers that have been supplied (bundled) by your ISP are often setup to auto-update their firmware, which means that the customer doesn’t need to perform any specific actions in order to ensure that their device is kept up-to-date. But it’s still wise to check with your broadband provider and confirm what their policy is.

The main exception tends to be third-party devices, such as those purchased separately, which often do require a manual action to check for recent firmware. But one issue here is that not all device manufacturers make such firmware updates accessible or easy to find, while others may only offer very limited support and could thus risk leaving security vulnerabilities unpatched – sometimes even on relatively modern kit.

As part of this study the comparison site also asked respondents, specifically those who had never changed their router’s factory settings, why they had never done so. The majority (75%) said they didn’t understand why they would need to.

The fact that your router is often the single most important device in your home network for security should be incentive enough to ensure that you’ve set a strong password and not simply used the one supplied by your ISP, which may or may not be effective or properly randomised. The rule is to never assume it’s going to be secure out of the box. Clearly more effort needs to be put into raising awareness about such issues.

At this point it’s worth noting that the Government’s Product Security and Telecommunications Infrastructure Act (PSTI), which came into effect on 29th April 2024 (here), included their new Secure by Design policy. This introduced tougher security standards for device makers and the ability to hit those that fail to comply (both retailers and manufacturers) with financial penalties.

Some examples of the changes include banning easily guessable default passwords (“admin“, “123456” etc.), as well as prompting users to change the default password, not to mention improved support for security issues and a requirement for related network products to state how long they will be supported by vital security patches (firmware updates) etc.

Some of the Improved Security Protections

➤ Common or easily guessable passwords like ‘admin’ or ‘12345’ will be banned to prevent vulnerabilities and hacking.

➤ Manufacturers will have to publish contact details so bugs and issues can be reported and dealt with.

➤ Manufacturers and retailers will have to be open with consumers on the minimum time they can expect to receive important security updates.

The changes touched everything from consumer broadband routers to Smartphones, TVs, game consoles, internet-connected fridges and smart doorbells etc.

The Comms Council UK, which represents the United Kingdom’s national Unified Communications and Voice-over-Internet-Protocol (VoIP) phone industry, has this afternoon announced the winners of their 16th annual 2024 awards event at a ceremony at The IET in London.

Eli Katz, Chair of Comms Council UK Council, said: ““It’s been another fantastic CCUK Awards ceremony, congratulations to all the winners and highly commended companies. The Awards continue to highlight the importance of our sector as unified communications powers the UK. The spirit of innovation and competition continues to be strong right across the sector, as demonstrated by our Women in Telecoms Group founders Tracey Wright and Katie Baron. They realised that more needs to be done in our industry to support women in their roles and champion them and help reach leading positions in the sector. They greatly deserve their Outstanding Achievement award for starting this group and making it the force that it has become in our industry.”

The winners are usually independently reviewed by several judges, although we couldn’t find a list of the panel members. As usual, there was also no category for consumer VoIP / IP phone services, although the SOHO (Small Office / Small Home) category does get a little bit closer to that.

Comms Council UK Award Winners 2024

Best Communication Provider – SME
VoIPstudio

Best Communication Provider – Enterprise
Bandwidth

Best Enterprise Service
8×8, Contact centre as a service (CCaaS)

Highly Commended
CallTower, Unified Communications as a Service (UCaaS) and Contact Center as a Service (CCaaS) Solutions

Best SOHO Service
bOnline

Highly Commended
Voipfone

Best Multi-national Service
Pure IP

Highly Commended
8×8

Best Comms Device
Snom Technology – M500 series

Highly Commended
Yealink W73P DECT Phone System

Best Comms Application
PolyAI, Customer-Led Voice Assistants

Highly Commended
Kerv,Compliance Cloud

Best Innovation
PolyAI Customer-Led Voice Assistants

Highly Commended
Vonage Conversational Commerce

Best Industry Enabler
Netaxis – Fusion

Highly Commended
NetSapiens International

Outstanding Achievement Award
Tracey Wright and Katie Baron – Founders of Women in Telecoms Group

The States of Guernsey, which governs the English Channel Island of Guernsey (British Crown dependency), yesterday voted to do something extraordinary by temporarily suspending local competition law in order to allow the dominant telecoms and broadband operator, Sure, to acquire Airtel Vodafone. The reward is a £48m deal to deploy 5G services.

Normally it would be unthinkable for a government to suspend its competition laws in order to allow a specific merger to go through, but Guernsey is a small island in the English Channel, which doesn’t always have the same luxury of choice or flexibility as those in major countries. On the other hand, this is still a radical approach to take and time will tell whether it is the right one.

The expectation is that this will allow Sure to make a significant investment of up to £48m in a “world-class 5G mobile network” for the islands (the deal covers Jersey too). But the move will also require Sure to make several legally binding commitments to help protect local competition, which among other things includes a requirement to launch a new virtual (MVNO) mobile operator with the Channel Island Co-Op (Coop Mobile) – expected to be setup within 12-months.

Sure Group CEO, Alistair Beak, said:

“Today’s decision is great news for Sure and Airtel customers and the future of telecommunications services in Guernsey and Jersey. We are grateful that Deputies have recognised the numerous strategic, economic and social benefits of our acquisition of Airtel.

The approval granted today paves the way for a significant investment of up to £48m in a world-class 5G mobile network for the islands. We have made several legally binding commitments to ensure Sure and Airtel customers, as well as the wider community, benefit significantly – in the form of high-speed data services, improved coverage, and greater value for money; all while maintaining competition in the market through the commitment to launch the Channel Islands Coop as a new operator.

The investment in world-class digital infrastructure will support our increasingly digital lives, connecting our island communities to a better future and contributing to economic growth.

Having secured approval in Jersey earlier in the year we can now move forward and complete the transaction in the coming weeks. In the meantime, Sure and Airtel Vodafone will continue to operate as two separate companies.

I’d like to thank everyone on our team who has worked so hard on the acquisition so far.”

Sure has also agreed not withdraw any Sure and Airtel tariffs that are active as at the date of clearance of the merger. This is designed to protect today’s prices for consumers for the 36 months following completion of the transaction, after which time Coop Mobile should be fully established and competing with Sure and JT.

Sure is separately also working alongside the States of Guernsey on a joint £37.5m project (£12.5m of public investment) to build a new Fibre-to-the-Premises (FTTP) network across the whole of Guernsey (30,000+ premises) by the end of 2026 (end of 2025 for build completion and 2026 for copper retirement), which in May 2024 revealed that it had covered 18,000 premises (inc. 10,000 customers) and that’s up from 9,000 a year earlier. Customers can order packages via Sure, JT and Airtel.

Broadband ISP and mobile operator EE (BT) has discounted their top 1.6Gbps (110Mbps upload) Busiest Home Bundle for new customers covered by Openreach’s new FTTP network, which includes their latest WiFi 7 router (Smart Hub Pro), by an extra £5 per month. This reduces its monthly rental to £64.99 per month on a 24-month term with free setup.

The same discount has also been applied to their premium ‘Made for Gamers‘ package, which offers the same features as the above tier but also adds some extras, such as Xbox Game Pass Ultimate and optimisations for fans on online multiplayer games. As a result, this package now costs £74.99 per month on a 24-month term, instead of £79.99.

At the time of writing we’re not sure how long this price point will run for, but such offers usually last for a week or two. However, customers should be mindful of EE’s new pricing policy, which like other major ISPs will increase the price you pay by £3 extra per month from 31st March each year.

Rural broadband ISP Gigaclear appears to have completed their state aid supported contract under the Fastershire scheme, which originally instructed the operator to extend their gigabit-capable “full fibre” (FTTP) network to 70,000 of the hardest to reach premises in Gloucestershire and Herefordshire (this was revised upwards to 110,000 in 2020 – here).

The deployment, which suffered from many significant delays and was previously due to complete in September 2022, has clearly been running a fair bit behind schedule. This may help to explain why we haven’t seen any progress updates over the past few years. At the same time, it’s also another reminder of just how challenging it can be to build FTTP into remote rural areas, where build costs can easily rise above expectations.

However, a new report on the Wilts and Gloucestershire Standard states that Gigaclear has just completed a related build to 3,000 premises in the Cotswolds market down of Cirencester, which the provider’s local Delivery Director says “brings to an end our longstanding contractual relationship with Fastershire.”

Just to recap. Gigaclear’s rollout for Fastershire began in 2015 in the Cotswolds, where they extended FTTP to cover an additional 6,500 homes and businesses. But this was followed by a much larger Phase 3 deal in 2017 to reach some of the remaining properties across rural Herefordshire and Gloucestershire (several other broadband operators also won contracts with Fastershire).

Gigaclear’s Original Phase 3 Build Plan

Phase 3 – Area 2 & 3c – South Herefordshire and Gloucestershire (21,800 premises)
Phase 3 – Area 3d – North Gloucestershire (12,650)
Phase 3 – Area 3e – South Gloucestershire (12,650)
Phase 3 – Area 4 – North Herefordshire (13,900)

NOTE: We never saw what the revised plan for reaching 110,000 premises looked like.

Charlie Freed, Gigaclear Delivery Director, said:

“This work in Cirencester brings to an end our longstanding contractual relationship with Fastershire.

We’re now in the planning phase of a new £16.6m, three-year contract with Project Gigabit to deliver full-fibre broadband to more than 4,000 rural properties in east Gloucestershire, including Andoversford, Kemble, Lower Slaughter, Miserden and Woodmancote.

Once connected, these communities will join the growing number of rural towns and villages on Gigaclear’s network, many of whom would otherwise not have access to fast and reliable full-fibre broadband and the benefits that brings, such as streaming digital entertainment, working from home and utilising smart gadgets.”

The East Gloucestershire (Lot 18) Project Gigabit contract mentioned above, which is valued at £16.6m (state aid), was awarded in February 2024 (here) and the first premises under that are vagely anticipated to gain access to Gigaclear’s new network sometime in 2024.

Gigaclear’s full fibre network is currently available to 560,000 premises (RFS) across rural parts of England (inc. 120,000 customers), although we don’t currently know how many premises they ended up delivering as part of their Fastershire contract. The fact that commercial builds by rivals have accelerated over the past four years can sometimes result in state aid projects delivering fewer premises than originally planned. We’ve asked Gigaclear for an update.

The company that owns and manages most of the railway network in Great Britain, Network Rail, suffered a major service outage on their national Wi-Fi network this week, which began on Wednesday and impacted 19 stations. But it appears to have been caused by an “employee of Global Reach [who] corrupted the system“.

Commuters began noticing that something was amiss at around 5pm on Wednesday, after many of them reported seeing messages about terror attacks being displayed as they logged onto the public Wi-Fi service at Network Rail managed stations. In response, Telent, which provides the service, promptly suspended it to investigate a possible “cyber security incident” against their systems.

However, the messages, which appeared to be Islamophobic in nature and referenced the 2017 Manchester Arena bombings, had not been posted by hackers. Investigations by Telent quickly established that no other services or networks provided by Telent were directly impacted and the “incident was not a result of a network security breach or a technical failure and no personal data had been affected“, said Telent.

Instead, the defacement seems to have been introduced by an employee working within the chain of associated companies.

Statement by Telent

Telent worked together with Network Rail, Global Reach and the British Transport Police to investigate the incident.

The system that manages the connection of users to the Wi-Fi is provided by Global Reach. It was established that an employee of Global Reach corrupted the system so that messages about past terrorism attacks were displayed as users logged on to the Wi-Fi. On the evening of Thursday 26 September the employee of Global Reach was arrested on suspicion of offences under the Computer Misuse Act 1990 and offences under the Malicious Communications Act 1988.

Working closely with Network Rail, Telent are now finalising plans to begin restoring the Wi-Fi service across all Network Rail managed stations.

The British Transport Police have since posted a statement of their own to confirm that a man has been arrested as part of their investigation into the abuse of access to some Network Rail Wi-Fi services. “The man is an employee of Global Reach Technology who provide some Wi-Fi services to Network Rail. He has been arrested on suspicion of offences under the Computer Misuse Act 1990 and offences under the Malicious Communications Act 1988,” said the BTP.

The abuse of access is said to have been restricted to the defacement of the splash (Wi-Fi login) pages, and no personal data is known to have been affected. The event occurred in the same month as Transport for London (TfL) was hit by an actual cyber-attack, which may have breached customers’ private details. A teenager from Walsall in the West Midlands was later arrested in connection with that attack.

The annual 2024 Comms National Awards were held this week, which each year works to recognise the stand-out organisations, technologies, leaders and innovations in the communications and ICT communities. The event covers a lot of different categories, and there were several wins for alternative broadband networks / ISPs.

The winners were selected by a team of judges from the wider industry and associated sectors. But one of the standouts was MS3 being named as the ‘Best Altnet’ for the second year running, as well as ‘Best partner support programme’ in recognition of their commitment to delivering more broadband choice across the Hull and Humber region.

The caveat is of course that, with such a small judging panel and little reflection for customer feedback, industry awards like this are always best taken with a fair pinch of salt.

Comms National Awards 2024 – Winners

Best Enterprise UC Customer Solution

F one Technologies

Best SME UC Customer Solution

Global4

Best Enterprise Mobile/IoT Customer Solution

Windsor Telecom

Best SME Mobile/IoT Customer Solution

Uplands OneTelco

Best Enterprise Vertical Market Customer Solution

SCG Together

Best SME Vertical Market Customer Solution

X-on Health

Best Enterprise Managed Service Customer Solution

Uplands OneTelco

Best SME Managed Service Solution

Global 4

Best Enterprise Contact Centre Customer Solution

Onecom

Best SME Contact Centre Customer Solution

Start Communications

Best Call Management Solution

Tollring

Best Billing Solution

Inform Billing

Best ICT Distributor

Nuvias UC

Best UCaaS Vendor

Voiceflex

Best CCaaS Vendor

Intermedia Cloud Communications

Best Network Service Provider

Pangea Connected

Best Altnet

MS3 Networks

Best Wholesale Service Provider (up to £10m)

Voip Unlimited

Best Wholesale Service Provider (above £10m)

Giacom

Reseller Business Transformation Award

Core Technology Systems

Enterprise Reseller Deal of the Year

Windsor Telecom

SME Reseller Deal of the Year

Cloud Geeks

Best Partner Programme (up to £10m)

MS3 Networks

Best Partner Programme (above £10m)

Jola

Best Channel Business Service

Channel Sales Academy

Best Channel Portal

Jola

Best Reseller Innovation Award

Fidelity Group

Best Supplier Innovation Award

GoBIG Online

Diversity equity and inclusion (DEI) award

Vorboss

Sustainability Award

BT Wholesale

Comms Dealer Entrepreneur of the Year Award

Paul Bradford

Reseller of the Year Award

Uplands OneTelco

The Peterborough-based Rydal Group, which is a UK telecoms and managed IT provider, has today announced that they’ve acquired the Cambridgeshire-based data centre (they have one site in Huntingdon), phone and broadband provider Merula for an undisclosed sum.

According to the blurb, the acquisition “empowers Rydal Group to provide more comprehensive, controlled, and robust service offerings, including access to dedicated rack space and the ability to leverage multiple broadband options such as traditional broadband, mobile, and satellite services” through Merula’s own data centre.

The acquisition is said to align with the Rydal Group’s long-term strategy of growth and investment, “ensuring that both partners and customers benefit from expanded services that are directly owned and operated by the group“. The integration of Merula’s services with Rydal’s existing portfolio will also create a more unified and expanded offering for connectivity, phone systems, mobile solutions, IT MSP support, and more.

Steffan Dancy, CEO of Rydal Group, said:

“Acquiring Merula Limited is a significant step forward for Rydal Group. By bringing the data centre and ISP capabilities in-house, and with the launch of our new partner portal, we’re able to fully control our infrastructure, enhancing the quality, flexibility, and value of the services we offer both our partners and customers. This acquisition positions Rydal and those we serve at the forefront of technological advancement in an increasingly competitive industry.”

Under the deal Richard Palmer, Managing Director of Merula Limited, will transition into a new role as Group Technical Lead, focusing on infrastructure development and innovation within the newly combined entity. The Merula team will remain in place to ensure continuity of service for existing customers.

Openreach (BT) has told ISPreview they’re reviewing new options with broadband operators (CPs) for making better and more efficient use of their existing cable ducts. This occurred after a dispute was raised over one operator’s deployment of large 51.2mm optical diameter (OD) multitube cabling (the limit is normally 25mm to a single cable/subduct diameter).

Granted, cable size isn’t exactly the sexist of topics to discuss, but for network operators engaged in the national race to deploy faster full fibre (FTTP) broadband and Ethernet infrastructure across the UK, it can be a big deal. This is particularly true if one operator is allowed to do something that others believe they cannot within Openreach’s ducts, which tends to raise competition concerns.

Openreach are required by Ofcom to open their existing underground cable ducts and overhead poles for use by rival networks to help them run new fibre, which forms part of the regulated Physical Infrastructure Access (PIA) product. But naturally there is often only a limited amount of spare duct space available, which varies between locations and can make it tricky to balance fair and efficient use of the infrastructure.

Operators that wish to use such PIA ducts are normally required to submit a formal Notification of Intent (NOI) to Openreach, which typically recommends up to 25mm for a single cable/subduct diameter. But operators could get around this by having, for example, 2 x 25mm subduct and placing 2 NOIs on the same duct section. However, even if you pay for 2 x 25mm, you generally aren’t allowed to then do things like put in 1 x 35mm etc.

What’s the issue?

The problem is that contractors, who we believe may have been working for Zayo (they haven’t responded to our request for comment), were recently spotted deploying a “50mm multi tube” (actually 51.2mm) cable through an older part of Openreach’s PIA duct network (example) – not an easy or cheap task. This seems to be on four diverse routes between Docklands and Slough, where other operators might have tried to do the same if they thought it was allowed.

However, several rival operators, many of which expressed to ISPreview how they’d long been told that 25mm was to be considered a “maximum” limit, have raised questions over whether this is fair competition. Not to mention the potential risk of adding to duct congestion (i.e. locking out other operators through the same duct, which can be particularly galling if the cable doesn’t end up being fully utilised) or causing physical damage to the network (big cabling is often less flexible, which can sometimes cause issues).

Given the recent push by Openreach to crackdown on poor adherence to other PIA rules (e.g. the whereabouts drama), some operators feel like this is one creep that shouldn’t be allowed and may lead to widespread deployment of cabling that is “simply too large“. But Openreach seem to be keeping more of an open mind, which perhaps reflects the pressures they face from Ofcom over the need to provide an equal opportunity of access.

A spokesperson for Openreach told ISPreview:

“Having investigated – we’re confident that rules to ensure fair access by other operators to our network of ducts and poles have been adhered to.

More than 170 companies have signed up to sharing our network infrastructure, and use around a third of our duct and pole estate – so it’s important that we strike a balance between overly restricting Communication Providers (CPs) when building their networks and avoiding attempts to simply block or restrict others from using the infrastructure.

The feedback we get from alt-nets for this service is also extremely good. Our NPS (net promoter) score is +29.2 and we’re delighted with the way it’s working, but we’re always looking for ways we can further improve the service we provide to our CP customers.”

Openreach also confirmed that, in their product descriptions, they do state that CPs can install multiple cables of varying diameters, and will then be charged for multiple 25mm units per duct. But the operator appeared to indicate that, currently, they do not state the maximum size of cable or sub duct or apparatus that the CPs can use (altnets dispute this), as they do not want to inadvertently stifle CP innovation.

However, in light of the recent concerns, Openreach have told ISPreview that they will be discussing with CPs options for making better and more efficient use of their infrastructure in the near future. We understand that one option here could involve asking CPs to obtain specific prior written consent to install any cables or sub-duct which is more than 25mm in diameter.

Such consent would, says Openreach, need to take into account things like whether suitable space is available, as well as an expectation that the provider would need to use the full capacity installed (i.e. within the 12-month build period – this could be tricky as not all fibres are always lit / fully utilised right away) and whether the CP can show they will comply with the best industry practice etc.

The hope is that this might help to protect the network against inefficient or unfair future use, but much will depend upon how CPs respond. The catch here is that, strictly speaking, Openreach’s own PIA rules state that the offending operator (as well as any others that may have done this elsewhere before) “must immediately rectify or disconnect the Customer Apparatus or BT will do so, at the Customer’s cost and expense.”

Some altnets may yet push for that outcome and, if Openreach fails to comply, the issue could still end up being raised with Ofcom.