Recent actions by the US Federal Communications Commission (FCC) show it intends to continue actively seeking additional opportunities to effectively become a national security regulator, with potentially significant impacts across the technology, media and telecommunications (TMT) sector.
Until 2020, the FCC’s exercise of authority on national security matters was generally limited—its most significant national security actions arguably were setting new restrictions on the use of FCC funds to purchase or use telecommunications network equipment from certain Chinese-owned manufacturers and initiating proceedings to revoke FCC licenses held by Chinese-owned telecommunications carriers. Under Chairwoman Jessica Rosenworcel’s leadership, however, the FCC has taken more aggressive actions and has adopted a more expansive view of the agency’s national security jurisdiction.
Most recently, the FCC launched a Notice of Proposed Rulemaking (NPRM) to reclassify broadband Internet access service (BIAS) as a telecommunications service under Title II of the Communications Act and reinstate the FCC’s 2015-era Net Neutrality rules. Although national security took a back seat to other consumer-focused policy priorities in the 2015 proceeding, now Chairwoman Rosenworcel has highlighted reclassification as a way for the FCC to address national security concerns. Notably, the FCC’s latest proposals appear to go beyond impacts to BIAS providers, for example, by seeking comment on prohibiting Internet traffic exchange arrangements between Internet Service Providerss and certain companies that operate data centers or other Internet Exchange Points and on the use of certain foreign-produced equipment or services in infrastructure used to route or transmit communications (including data centers).
Other recent proposals, if adopted, and final actions would similarly impact telecommunications providers, owners of FCC licensees, network and consumer equipment vendors and suppliers, service suppliers, and consumers. For example:
In April 2023, the FCC began a rulemaking to overhaul its rules for providers that hold “international Section 214 authorization,” by requiring enhanced disclosures about licensees’ foreign ownership, use of “untrusted” equipment and “foreign-owned managed network service providers,” as well as making those licenses subject to periodic national security reviews by Team Telecom.
In September 2023, the FCC decided to refer for national security review by Team Telecom foreign-owned or foreign-controlled VoIP providers seeking access to US numbering resources (on a case-by-case basis).
In August 2023, FCC solicited comments on a new voluntary cybersecurity labeling program that would allow Internet of Things (IoT) manufacturers to use a “Cyber Trust Mark” as a way to allow consumers to more easily compare device security and ultimately make better informed purchase decisions.
In November 2022, the FCC proposed expanding equipment authorization rules to apply to equipment “components,” and potentially enable revocation of current authorizations for national security reasons.
In its various proceedings, the FCC appears to recognize that in its efforts to lean forward on national security matters, there is potential for its actions to overlap, or even conflict, with the roles and responsibilities of other government agencies. One far more encompassing framework that arguably overlaps with the FCC’s latest national security efforts is the Commerce Department’s authority to regulate the supply chain for information and communications technology and services (ICTS) under Executive Order 13873 on “Securing the Information and Communications Technology and Services Supply Chain” issued in May 2019. The Commerce Department’s initial ICTS regulations set forth a broad-sweeping and aggressive framework to identify, investigate, mitigate, block, and unwind transactions between US persons and ICTS equipment and services from foreign adversary vendors. Notably, the rules cover not just single transactions but also classes of similar ICTS transactions, which enables an efficient and broad control when a vendor, product or service has been found to pose an unacceptable risk.
However, Commerce has been extremely slow to use this four-year-old authority. Announcing several years ago that it had launched a handful of investigations into Chinese suppliers, but to date those investigations have not resulted in any formal actions to limit, prohibit, or unwind any ICTS transactions. If Commerce continues to not be active in this space, the FCC could very well move into the breach.
The Committee on Foreign Investment in the United States (CFIUS) also remains a strong force in reviewing national security risks presented by foreign investments in the U.S. telecommunications sector. CFIUS conducts mandatory reviews of covered investments in submarine cable systems, certain data centers, and satellite systems that provide services to the Department of Defense, as well as voluntary reviews for other transactions involving telecommunications assets that may or may not implicate FCC jurisdiction.
If some of the FCC’s pending proceedings result in new rules, the effects on companies could be significant in the short and longer terms. As one example, currently a relatively small number of FCC licenses (e.g., submarine cable applications, certain applications with foreign ownership above a certain level) typically get referred by the FCC to Team Telecom. Team Telecom then recommends whether the FCC grant the license, condition the license on mitigation measures, or deny the license.
But, if the FCC overhauls the requirements for international Section 214 authorizations, the scope of licenses that get referred to Team Telecom could be significantly expanded, including those with no foreign ownership whatsoever. And, although the current proposals only target international Section 214 authority holders, the FCC’s recent trend towards a more assertive national security posture could result in similar requirements being extended to other license categories like submarine cable, satellites, and domestic services in the future.
These changes (if realized) would likely be significant for the industry, and among other things could increase the amount of time needed to close many deals involving telecommunications companies and assets, and subject providers to licensing and national security oversight where none had previously been required. Both ICTS operators and investors should therefore keep a close eye on the FCC’s increased appetite to be proactive in national security matters and be prepared for further regulatory and compliance burdens that may result.