The Federal Communications Commission has unanimously rejected requests from communications carriers who want to evade laws aimed at protecting U.S. supply chains from foreign opponents depending on their location and the design of certain equipment such as “commercial.”
“We reject USTelecom’s request to remove the Network Operations Center (NOC) premises under the definition of” Home Communications Infrastructure, “wrote the FCC in its final draft of the new rules for approving US-based organizations at some level of foreign investment or control.
The commission voted on Thursday with an order asking a series of questions that at least 5 percent of foreign ownership companies will respond when applying for FCC licenses. Applicants will be required to submit detailed information that can be identified to all non-U.S. people. They can’t reach the ropes of the submarine, among other information.
USTelecom, a major commercial organization in the telecommunications industry, said that such information would change dramatically and challenge the regulation of international standards. The group said overseas NOCs should not be considered as critical domestic infrastructure and should not operate under the new law. The FCC did not agree.
“While the NOC may be located outside the United States, the external NOC may regulate the Home Communications Infrastructure, so it is appropriately included in this definition,” writes the organization. “Information relating to NOCs outside the United States, including information about individuals and organizations that have access to that NOC, is a critical consideration to assess national security and concerns about foreign NOC legislation.”
According to ex-party filings leading to the vote, USTelecom has also requested the release of commercial equipment on the shelf described in the Underwater Cable Licensing Act to apply more widely to applications that include non-wireless and international network vehicle licenses.
In a press conference after Thursday’s vote, FCC officials said the final order did not include any such changes.
These aspects of the FCC decision could affect other information and communication technology providers, such as major cloud providers such as Microsoft and other major technology companies such as the U.S. It suggests a difficult way for China to start trade talks with Beijing.
“For too long, China’s non-adherence to global trade patterns has undermined the prosperity of the American people and others around the world,” US Trade Representative Katherine Tai said on Monday while speaking at the Center for Strategic and International Studies. “We will use the full range of tools we have and build new tools where necessary to protect the interests of the American economy in risky practices and practices.”
Among the problems in the dispute is the protection of intellectual property, which means that U.S. officials They find that China is gaining ground through cyber attacks and by continuing to integrate government-backed businesses with U.S. companies. By merger or investment.
One outstanding example of U.S. government efforts To curb allegations of theft of Chinese goods circulated by Cybersecurity Maturity Model Certification. As with the FCC submarine law, CMMC rules do not include contracts made exclusively for commercial warehouse, or COTS, equipment. And as the telecommunications company did with the FCC, major technology companies requested a comprehensive application of the exception.
The Information Technology Industry Council, or ITI, which represents more than 70 major technology companies, has also challenged DOD officials to eliminate their need for companies that have already received safety standards of standards similar to those offered by the International Organization for Standardization, or ISO.
But certification of ISO standards can be obtained from international accreditation agencies, including China, and officials such as National Security Agency Director of Defense Rob Joyce and other security experts highlight the growing use of commercial equipment as a vector for cyberattacks. The renewed engagement with China also comes after a major attack on Microsoft Exchange servers, a company that linked them to Beijing.
Top management officials briefed reporters on China’s renewed talks program on Sunday highlighting cooperation with European partners as another major difference between its approach and that of former President Donald Trump. They have drafted agreements to review and enforce restrictions on foreign investment, among other numerous commitments to align trade and technology policies.
European officials have reportedly refused to convene a new U.S. council Trade and Technology with China. Bringing the U.S. and Europe together could mean a strong pressure on technology companies on issues such as competition and consumer protection, but according to ITI, TTC has been their vision.
“ITI has promoted and supported the formation of the TTC,” said Robert Strayer, ITI’s senior vice president, after the first council meeting on Wednesday. “We commend the U.S. and the EU for implementing this important milestone and welcomed the opportunity to participate in the first summit today.”
The media release by ITI in response to the council’s commitment identified the party’s efforts in January to build the council and its interim forum objectives. One such goal was for the U.S. and the EU to “make a commitment to support regulatory or procurement standards at international, industrial, and voluntary technical standards.”
According to the White House, the council has “identified a shared interest in using voluntary and multi-stakeholder programs to complement alternative management systems” related to data management and technology forums, including the role of cloud infrastructure and services.
But White House officials over a phone call on Sunday stressed management’s focus on protecting foreign influence, and Europe’s commitment to similar efforts, including joint investment testing policies and export controls.
“We have been actively monitoring China’s direct investment in the U.S. through the process [of the United States Foreign Investment Committee],” said one senior official.
The FCC’s decision on Thursday marked an agreement with a committee made up of representatives from the Departments of Home Security, Justice, Defense and others, including intelligence agencies, which make up CFIUS. That body – often referred to as Team Telecom when announcing FCC decisions – will have the final say at home on how to manage procurement by controlling foreign investment.
“Committee members… [say] the water line is a critical US infrastructure and that applicants should provide PII and other information about non-US people who cannot access the US or international facilities (e.g.) submarine cable as required by national analysis. and the safety of the observance of the Committee. We agree, ”wrote FCC. “We also agree with the staff of the Committee that submarine cable operators should have access control policies in these critical centers that will enable them to provide information about people accessing their facilities, whether in the United States or abroad. ”
For others, those concerns should also apply to the case of certain commercial service providers, other than outside ownership.
“Look, companies are building software. It’s a strange complexion. There are millions of lines of code. Mistakes made. That happens, of course. But if it happens 100 times a month, and in the deepest case, when 70% of the errors are serious and we … watching those critical risks are exploited, over and over again by opponents, that’s scary for me, “a former FBI official told Nextgov about product attacks. for Microsoft.
“This technology has spread all over the world, in the U.S. government, and is being exploited and no one is saying anything about it,” said a former FBI agent. “I do not understand.”
A senior official identified hundreds of Microsoft physical engineers based in China and expressed disbelief that U.S. officials They do not make many connections to the security risk you claim. Microsoft is not the only major company with such ties to China, but former DHS chief executive Paul Rosenzweig has recently raised concerns about Microsoft in particular, for what he calls a single natural disaster for the provincial government.
CFIUS discussions on related issues could serve as an example for other governmental bodies – such as the Federal Acquisition Security Council headed by the Office of Budget Management and DHS – which are trying to figure out how to effectively access information communication technology.
It may be some time before it becomes clear whether the new U.S. TTC will succeed in bringing the U.S. and the EU together when the previous forum failed. In the meantime, action from the joint commission suggests that cloud providers, as well as all communications technology experts, can expect to hear more from the FCC.
“Our work here is clearly far from over,” said Brendan Carr, a senior Republican of the FCC, ahead of the commission’s vote. “We need to close the gap in our equipment licensing process to ensure that equipment from national security threats will no longer be approved by the FCC, and we need to continue our full review of threats to the security of our telecommunications infrastructure. , whether these threats are from carriers or service providers, hardware or software.