Skip to main content

FCC Takes Next Steps Toward Network Security

FCC's 2020 seal
(Image credit: FCC)

The FCC has voted on a Second Report and Order (a final action) to approve the framework for preventing the use of suspect tech in U.S. networks and removing (the new term of art rather than "ripping") and replacing existing suspect tech, including a process for identifying which tech to expel.

The FCC called it a major step to protect those networks from potential security threats. That vote came at what will be the second to the last meeting for FCC chairman Ajit Pai and the last for outgoing Republican commissioner Michael O'Rielly.

Thursday's decision comes in the face of the exponential growth of internet-connected devices controlling everything from power grids to refrigerators; an increasingly hunkered down, work and play from home, virtual world; and the wealth of data, personal and otherwise, being trafficked on the 'net and stored in the cloud.

Now, the FCC just needs Congress to pony up the money for the rip-and-replace regime that was mandated in the Secure and Trusted Communications Network Act.

The FCC has already formally designated Huawei and ZTE as suspect tech and excluded them from the $8.3 billion in Universal Service Fund broadband subsidy money.

Related: Senate Bill Would Boost Rip-and-Replace Eligibility

The rules require Eligible Telecommunications Carriers (ETCs) to "remove and replace covered equipment from their networks," and create a "Secure and Trusted Communications Networks Reimbursement Program" to fund smaller carriers' removal and replacement of suspect tech, at least once Congress has appropriated the $1.6 billion the FCC has estimated it will cost.

The FCC also approved a Second Report and Order that:

•  "Adopts rules to publish and modify a list of communications equipment and services that Congress or enumerated national security agencies or interagency bodies with appropriate national security expertise determine pose an unacceptable risk to the national security of the United States or the safety and security of its people.

• "Prohibits the use of any Federal subsidy that is made available through a program administered by the Commission and that provides funds to be used for the capital expenditures necessary for the provision of advanced communications service to purchase, rent, or otherwise obtain any covered communications equipment or services.

• "Establishes the Secure and Trusted Communications Network Reimbursement Program, which will provide funds for the removal, replacement, and disposal of covered communications equipment and services, and condition the start of the program on Congress appropriating the funds the Commission estimates that program will cost.

• "Requires Eligible Telecommunications Carriers and participants in the Secure and Trusted Communications Network Reimbursement Program to remove, replace, and dispose of covered communications equipment and services in their networks.

• "Requires all providers of advanced communications services to report whether their networks use covered communications equipment or services acquired after August 14, 2018."

FCC chairman Ajit Pai has said those all are "critical next steps toward securing our communications networks." 

Commissioner O'Rielly said the need to protect networks from harm has never been more apparent. He said the FCC is effectively closing out market in the interests of national security and that those actions will have global repercussions, but that ultimately he supported the item. He said that a mandated rip and destroy program will look more like "duplicate and dismantle," so the FCC needs to be mindful of the disruption it will create.

He said the FCC should not tip the scales toward certain companies or pick technologies winners and losers, and should tread carefully.

Commissioner Brendan Carr, after first saying O'Rielly had outworked probably everyone in this building, pointed out he had promoted rip-and-remove a couple of years ago, and the need for that program had only grown. He said the record is clear on China's intent to spy on the U.S. to get an industrial and business edge. 

He said the FCC "has shown the strength and resolve to meet this threat." He also said it had turned the page on "the weak and timid approach to China of the past," and that it would be a mistake to revert to that approach, a not-to-veiled reference to Republican concerns about the approach of a Biden Administration. 

Commissioner Jessica Rosenworcel began her comments with a shout-out to O'Rielly, saying that she appreciated his allegiance to the Constitution, "even in times where it may not have been convenient or easy." O'Rielly's nomination was pulled by President Trump, a move generally credited to O'Rielly's defense of the First Amendment against attempts to regulate social media speech, attempts the President has supported.

Of the item, Rosenworcel said the Chinese government is still trying to consolidate its 5G authority and sustain its supply chain advantages. She said that means banning two vendors--Huawei and ZTE--is a start, but not enough. She said there needs to be a more comprehensive national 5G security strategy. 

Commissioner Geoffrey Starks, having saluted O'Rielly as well, called the item "another important step in confronting the threat of insecure equipment in our nation’s communications networks." Given the seriousness and urgency of the threats to our networks, I am glad that we have decided to move forward with today’s Order, even as we await an appropriation," he said.

He also said he appreciated the chairman's willingness to tweak the item. 

"I am pleased that the chairman worked with me to make changes to today’s Order that will further reduce the national security impact of the funding lag," said Starks. "The version we now adopt will effectuate the recommendations by chairman Frank Pallone and ranking member Greg Walden and make clear that the Commission intends to develop and release the Catalogue of Eligible Expenses as soon as possible, so that it can be a resource to providers who wish to begin the replacement process before reimbursement funding becomes available. It also encourages companies to proceed with the replacement process before the reimbursement program is funded with confidence that doing so will not jeopardize their eligibility. These steps should encourage providers to make these critical security improvements now."

Pai, who had already praised O'Rielly in his opening statement, went straight to the issue. 

He talked about the previous (Democratic) FCC's watch, during which he said China's rise drew praise from the Administration and Chinese equipment was allowed to be incorporated into U.S. networks "with nary an eyebrow raised." But he said that had changed under his watch.

"We have made real progress in securing our networks and supply chains," he said, including the initial designations of Huawei and ZTE as national security threats, and pushing for open radio access networks (ORANs).

Pai also put in another plug for Congress to fund the program, which could cost upwards of $1.6 billion.

Rosenworcel suggested more needed to be done on ORANs, including the FCC launching testbeds, and Starks said he would have preferred the item require that those replacing suspect tech with government demonstrate that they had considered ORAN solutions.

The Telecommunications Industry Association supported the move. 

“In the midst of a pandemic, we depend on our networks more than ever to keep us working and learning from home," said TIA CEO David Stehlin. "We urge Congress to now appropriate the necessary funds and make this critical investment to ensure the security of our nation’s digital infrastructure."