CES 2023: Railroad Industry Needs Cybersecurity Update

WASHINGTON, November 28, 2022 – The Federal Communications Commission published Friday a modification of certification rules that will bar from United States markets technologies that are considered threats to national security.

The commission’s action seeks to prevent Chinese tech companies deemed to be national security threats – such as Huawei and ZTE – from gathering data on and surveilling American citizens. The Chinese Communist government can force, under law, private companies to hand over data from their products, thus putting Americans at risk, experts and government officials have said.

Friday’s action bars the commission from issuing further authorizations for covered technologies, without which those technologies may not be imported to or marketed in the United States. The action also closes loopholes that would allow certain products to skirt the authorization process.

“That does not make any sense,” said FCC Chairwoman Jessica Rosenworcel in a statement. “After all, there is little benefit in having these lists and these bans in place just to leave open other opportunities for this equipment to be present in our networks. So today we are taking action to align our equipment authorization procedures with the rest of our national security policies.”

The FCC already publishes a list of entities and products, on the advice of Public Safety and Homeland Security,  that pose national security risks. The commission has long shown skepticism toward such risky technologies, notably disallowing the use of universal service funds to buy certain products in 2019.

The rule covers many types of equipment, including base stations, phones, cameras, and Wi-Fi routers.

With this decision, the FCC has fulfilled a congressional mandate to enact a moratorium on equipment on the covered list within 12 months. The statute followed a notice of proposed rulemaking it issued last year.

Congress in 2017 forbade the Department of Defense from using telecommunications equipment or services from Huawei or ZTE. Building on that effort, Congress the next year expanded prohibitions on federal use of technology from those companies and three others. In 2019, in response to concerns over the integrity of communications networks and supply chains, the White House declared a national emergency.

In March 2020, then-President Donald Trump signed into law the Secure Networks Act, requiring the FCC to prohibit the use of moneys it administers for the acquisition of designated communications equipment. The act promoted the removal of existing compromised equipment through a reimbursement program – called Rip and Replace – and further directed the commission to create and maintain the covered list.

FCC Commissioner Brendan Carr, outspoken on national security issues, celebrated Friday’s decision, but called for further action.

“We must also vigilantly monitor compliance with the rules we’ve established today, including by ensuring that entities do not make an end run around our decision by ‘white labeling’ covered gear – a process that involves putting a benign or front group’s name on equipment that would otherwise be subject to our prohibitions,” Carr said in a statement.

Rosenworcel said in her statement that the order covers “re-branded or ‘white label’ equipment that is developed for the marketplace. In other words, this approach is comprehensive.”

Carr also once again called for federal action against TikTok, the Chinese built social media app. The video-sharing app gathers extensive data on users, and despite protestations to the contrary, the platform routinely feeds Americans’ information to the Chinese government, reports say.

“Secure networks mean little if insecure applications are allowed to run, sweep up much of the same sensitive data, and send it back to Beijing,” Carr said.



Source

Originally posted on January 6, 2023 @ 6:56 am