The Hungarian Government issued a new decree, which sets the criteria to identify critical assets and infrastructure, and appoints the competent authorities for the uninterrupted provision of services in the infocommunications sector. The decree will enter into force in 4 March 2018.

1. The sector and services affected

The decree covers every regulated area of infocommunications ranging from Internet infrastructure to wired and wireless services, radio and space telecommunications, broadcasting, government systems and postal services. The decree excludes closed electronic information systems managed for national security, military, law enforcement and diplomatic purposes, as well as system components managed for experimental, research and educational purposes.

2. The acting authorities

The decree appoints the Hungarian National Media and Infocommunications Authority (NMHH) to define the national and European critical assets in almost the entire field of infocommunications and postal services. The minister responsible will act as the authority for government systems. A decision-making committee will support both authorities, making their operations more efficient.

3. The criteria of national and European critical assets

The decree sets the minimum criteria the critical assets must meet. This includes assets, which if lost, which would have significant effect on Hungary (at the national level) or on at least two EEA countries (at the European level). An infocommunication asset may be identified as critical on the national level if the loss of service (as specified by law) would affect more than fifty thousand persons, or if the asset is regarded as a universal communications service. In case of broadcasting services, the criteria is that it must be received over 95% of Hungarian territory and should be irreplaceable in case of loss of service. The decree also sets minimum criteria for postal services to be assigned as national or European critical assets, and for portions of international systems to be regarded as European critical assets.

Service providers of critical infrastructure and critical assets should follow the actions of the NMHH and the Ministry, in order to assess whether their services meet new criteria set by those authorities.

Law: Government Decree 249/2017. (IX. 5.) on the Identification and Protection of Critical Assets and Infrastructure in the Infocommunications Sector.