Cybersecurity and Non-Compliance

Yes, non-compliance can get expensive

by Charles Parker

Every business has its mission statement and goals. These differ generally for the for-profit and non-

profit organizations. One aspect that is present with all organizations. One aspect that is present with all

organizations is for the staff to move the company forward to the goals. One area though that has been

misconstrued and misunderstood at times is also a bedrock for the organization’s success. Any company

depends on compliance to provide the solid base of operations. Without this firmly in place, the staff is

likely to run afoul of the law. Compliance has the direct and simple purpose of guiding the company so

the operations and staff work within the statutes, laws, and regulations.

This isn’t only for the cyber/information security industry. This mode of operation is applicable across

most industries. If the company is publicly traded there is the SEC, banking has the GLBA, medical has

HIPAA, and so on. These may also be national, such as the GDPR in the EU. What makes this topical is

Telegram recently had the opportunity to address this very issue.

Germane German Law

In 2017 German lawmakers enacted the Network Enforcement Act of 2017, which is focused on

removing hate speech on social media (e.g., Facebook, Google, or Twitter). With the law, the social

media platform has to remove the reported items after review. The business has to log the activity and

create a report every six months of the number of complaints and how the business dealt with it. As this

was processed through their legislative system, the fine points were debated thoroughly. One point of

contention was how the law could affect the online free speech. The law wasn’t only a strongly worded

requirement, but also included a section for fines. If the company continued to fail to comply, the fine

for this would be up to €50M or up to $56M USD. This also allows for fines up to €5M for the company

designee responsible for compliance if one is not noted. Within the law, there is also the potential for

criminal laws to be applied. In theory this could get very expensive very quickly.

Applied to Telegram

It appears Telegram did not comply with the German statute on two fronts. The German Justice Minister

announced Telegram would be receiving million dollar fines based on this violation of the statute. It

appears the company did not designate a person in Germany as the person to contact when the hate

speech was detected in their social media. Also, they did not create or apply a process for a person to

notify the social media platform of any of this unlawful content. To comply, this has to be easily

identifiable.

Lessons Learned

This probably won’t end up costing them millions and millions of Euros. There is the potential for some

fine to be assessed. The companies operating in Germany with social media platforms need to hire or

appoint competent people to read and understand applicable laws and apply these to the business

operation. Oddly enough, the published accounts have not noted why Telegram has refused to comply

with this. They were prior to the fine written to over these two points of non-compliance. In the future,

the fines assessed may be substantial.

Resources

Associated Press. (2021, June 14). Germany seeks to fine operators of telegram messenger app.

https://www.courthousenews.com/germany-seeks-to-fine-operators-of-telegram-messenger-app/

Cysecurity. (2022, January 11). German ministry of justice announced millions in fines for telegram in

case of non-compliance with laws. https://www.cysecurity.news/2022/01/german-ministry-of-justice-

announced.html

IT Security News. (2022, January 12). German ministry of justice announced millions in fines for telegram

in case of non-compliance. https://www.itsecuritynews.info/german-ministry-of-justice-announced-

millions-in-fines-for-telegram-in-case-of-non-compliance-with-laws/

Jordans, F. (2017, June 30). Germany passes law against online hate speech.

https://apnews.com/article/europe-business-germany

The News Glory. (2022, January 20). Germany threatened telegram with large fines in case of non-

compliance with laws. https://thenewsglory.comgermany-threatened-telegram-with-large-fines-in-case-

of-non-compliance-with-laws/

Check back soon

Once posts are published, you’ll see them here.

Cybersecurity and Medical IoT Devices

Cybersecurity and Medical Devices

Cybersecurity and Linux SSH Servers

Cybersecurity and the Auto Industry

Cybersecurity and the Energy Sector

Cybersecurity and Costs

Cybersecurity and Electronic Health Records

Cybersecurity and IoMT

Cybersecurity and Obscurity

Cybersecurity and New Devices and Old Problems

No tags yet.

Cybersecurity and Non-Compliance

Featured Posts

Recent Posts

Archive

Search By Tags

Follow Us