Companies providing communications services, investors in those companies, and manufacturers of products with wireless features should consider the potential impact of the Federal Communications Commission’s focus on national security enforcement.
Many of the agency’s programs aim to mitigate the risk that adverse foreign threats use US telecommunications networks or consumer devices to obtain sensitive information, and that such information could be leveraged for nefarious purposes.
Some aim to address specific risks that the FCC and other federal agencies have identified in telecommunications equipment. Others aim to address risks the FCC has identified around providing access to the US market for government-controlled companies from countries that pose security risks.
The FCC is considering changes that could affect a variety of commercial interests. If it broadens national security reviews of telecommunications transactions, this could delay approvals of those transactions and impose new conditions on approved transactions.
Changes in equipment rules could either restrict availability of commonly used products or require companies to identify new suppliers, potentially on short time frames.
Here are some areas where the FCC could move forward with concrete actions.
Equipment authorization rules. This proposal would ban sales of products on the Covered List of communications-related products that other federal agencies say pose unacceptable national security risks. The list generally identifies manufacturers and categories of products by those manufacturers, rather than individual products.
The FCC already has prohibited entities on the Covered List and their affiliates from obtaining new authorizations to sell equipment in the US. But the proposal would prohibit sale of any equipment from entities on the Covered List, even if that equipment previously had been approved, effectively terminating those authorizations.
If the proposal becomes final, it wouldn’t require companies to stop using equipment from entities on the Covered List, but they may find it difficult to replace or repair malfunctioning equipment.
US Cyber Trust Mark. Last year, the FCC released a notice of proposed rulemaking to create the US Cyber Trust Mark program. This voluntary program would allow manufacturers with conforming internet of things devices to display the US Cyber Trust Mark logo on product packaging.
The program aims to operate much like the Energy Star program. The US Cyber Trust Mark logo would indicate to consumers those devices that meet certain cybersecurity requirements, and it suggests that those devices not displaying the logo don’t meet those requirements. The FCC likely will vote to create this program during its March open meeting.
Expansion of Covered List. While the FCC doesn’t control which companies are placed on the Covered List, it can influence the agencies that make that determination.
For instance, in response to a congressional inquiry, the FCC last year requested that several national security agencies review whether products made by two Chinese manufacturers posed security risks. The FCC could seek similar reviews of other companies and their products this year.
Telecommunications authorizations. The FCC is reviewing its rules on basic telecommunications authorizations, known as Section 214 authorizations. As part of that rulemaking, all entities that hold such authorizations for international service were required to report on their foreign ownership no later than Jan. 22, 2024.
The FCC is also considering whether to require entities that hold international Section 214 authorizations to renew those authorizations every 10 years or to provide periodic updates on their ownership. These proposals intend to allow the FCC to review potential national security implications of foreign ownership of entities that hold these authorizations on a regular basis.
The agency also is considering whether to expand national security reviews of international Section 214 applications—both initial applications and transfers of control—to include applications that don’t report any foreign ownership.
Network neutrality. The FCC’s notice of proposed rulemaking would revive the network neutrality rules that were repealed in 2018 and asks whether the agency should require authorization to transfer control of a provider of broadband internet access service. This proposal is explicitly tied to national security considerations, as under current rules, a non-US entity could purchase an internet service provider with no scrutiny from the FCC.
Rip and replace. The FCC informed Congress that the program to replace network equipment manufactured by Huawei Technologies Co. and ZTE Corp., known as rip and replace, is facing a $3 billion shortfall, causing companies to receive only 40% reimbursement of their costs.
This would affect many small and rural providers of telephone and wireless service that are replacing that equipment because they no longer would be eligible for support under federal universal service programs. Congress likely will feel pressure to appropriate the additional funds so the replacement process can be completed.
There still are opportunities to offer input to the FCC on equipment authorizations, international Section 214 authorizations, and network neutrality if those proceedings raise concerns for any interested party.