FCC Chairman Ajit Pai has proposed to ban the use of money from the FCC's Universal Service Fund for equipment or services "from companies that pose a national security threat to United States communications networks or the communications supply chain."
The chairman circulated the proposal to the other commissioner today (March 26) for a planned vote at the public meeting April 17.
The item is a Notice of Proposed Rulemaking, so if it is approved at the meeting, the public will still have time to comment on it before a final order is voted--a source said that would be a 60-day comment period.
According to senior FCC officials speaking on background, the proposal in part stemmed from a Dec. 20 letter from Congress expressing concerns about Chinese companies Huawei and ZTE, plus a follow-up intelligence briefing, both of which were described as impetuses to the effort to monitor the supply chain.
They said the FCC is seeking comment in three main areas 1) how the FCC should identify companies that pose a threat, 2) how to enforce the ban, and 3) how the funds should be recovered.
The rule would only apply to future equipment purchases and does not anticipate requiring carriers to remove equipment from companies identified as a threat, though it asks what should be done when companies want to upgrade that equipment.
“Threats to national security posed by certain communications equipment providers are a matter of bipartisan concern. Hidden ‘back doors’ to our networks in routers, switches—and virtually any other type of telecommunications equipment—can provide an avenue for hostile governments to inject viruses, launch denial-of-service attacks, steal data, and more," the chairman said. "Although the FCC alone can’t safeguard the integrity of our communications supply chain, we must and will play our part in a government- and industry-wide effort to protect the security of our networks.
“That’s why I’m proposing to prohibit the FCC’s $8.5 billion Universal Service Fund from being used to purchase equipment or services from any company that poses a national security threat to the integrity of communications networks or their supply chains. The money in the Universal Service Fund comes from fees paid by the American people, and I believe that the FCC has the responsibility to ensure that this money is not spent on equipment or services that pose a threat to national security."
The chairman did not say how the FCC would identify the companies that were a threat. The USF subsidies to to underwrite the deployment and use of advanced telecommunications services, primarily broadband to rural and low-income areas.
The ban would apply to all four USF funds, high-cost, Lifeline, e-rate and rural healthcare.
Fellow FCC commisioner Michael O'Rielly had just gotten the item, but said "it makes a lot of sense."
The Telecommunications Industry Association (TIA) backed the FCC's stepping in to address the issue.
“[TIA] takes supply chain security very seriously and appreciates efforts by the U.S. government to improve the security of the network," said government affairs SVP Cinnamon Rogers. "TIA and our member companies in the information and communications technology (ICT) industry have been working in partnership with agencies across the federal government to improve cybersecurity. We strongly support efforts by the government to address concerns regarding certain communications equipment providers deemed to pose a heightened security risk.
“The FCC has a key role to play in these efforts, and we appreciate Chairman Pai’s recognition that addressing security concerns requires work across the federal government in partnership with the ICT industry. We look forward to reviewing the proposal and working with the Commission on these important issues in the months ahead.”
USTelecom, which represents telco ISPs including Verizon and AT&T, agreed with the sentiment, but was going to review the item and implications. “USTelecom members have long considered network integrity a top priority and have worked closely with government partners to improve the security of communications networks," said USTelecom President Jonathan Spalter. "We will continue working with the FCC and other agencies to address supply chain vulnerability issues. Consumers and businesses alike correctly expect their information is secure when travelling across networks, and USTelecom will continue participating in government- and industry-wide efforts to construct responsible, reasonable and effective solutions. We look forward to reviewing the Notice of Proposed Rulemaking (NPRM) and understanding the implications for our industry, our nation, and, most importantly, American families and communities.”