Red Scare: FCC To Blacklist Equipment Providers That Present National Security Threat – Proposed Rule Would Bar Use of Universal Service Funds to Purchase From Blacklisted Companies
The Federal Communications Commission (FCC) has released a draft of a Notice of Proposed Rulemaking (NPRM) that is expected to be formally adopted at its April 17th open meeting. The NPRM seeks comment on a rule prohibiting the use of universal service fund (USF) support to purchase equipment or services from any communications equipment or service providers identified as posing a national security risk to U.S. communications networks or the communications supply chain. It would apply to all universal service support mechanisms. Comment deadlines will be announced after the NPRM is formally adopted.
The proposed rule would apply prospectively, meaning carriers receiving USF support would be put on notice that they can’t buy any new equipment from manufacturers that have been blacklisted. Also, the rule would extend to upgrades of existing equipment or services. The FCC is considering prohibiting the use of any USF funds on any project where equipment or services provided by a company posing a national security threat is being purchased or obtained. While the rule clearly targets Chinese companies Huawei and ZTE, the NPRM asks for input on how to identify which companies should be outlawed.
Notably, the draft NPRM does not address Huawei and ZTE equipment that is already in service. Many rural carriers have already deployed equipment manufactured by the two Chinese companies. Cost is a major factor for rural carriers when it comes to decision-making. Huawei and ZTE equipment, such as switches, have been purchased and incorporated into rural networks because their price points are competitive and they work well. For example, Viaero Wireless, which provides service in rural parts of Colorado, Nebraska, Wyoming and Kansas reportedly has thousands of cell sites that utilize Huawei equipment. If adopted, the rule would prohibit Viaero from using USF to recover the cost of upgrades to those sites.
As for compliance and enforcement, the FCC expects to have USAC, through periodic audits, confirm whether carriers are complying with the rule. Violations would result in loss of USF funding and forfeitures. In addition, the FCC is considering permanently barring carriers from receiving USF if they are found to violate the national security rule.
To some, the FCC’s proposed rule has appeared out of nowhere. But actually, support for the America first policy embodied by the rule has been growing for years, and has recently come to fruition in other contexts. Last month, based on advice from the Committee on Foreign Investment in the United States (CFIUS), the Trump administration announced it would block Broadcom’s attempt to acquire Qualcomm because the deal could threaten U.S. national security. Qualcomm chips are found in consumer devices, and are used by the U.S. defense industry. In its review, CFIUS concluded the Broadcom/Qualcomm deal would cede U.S. leadership of 5G technology to Chinese companies, and result in the transfer of key assets and technology to China. It’s thought that equipment manufactured by Chinese companies may contain secret backdoors that facilitate surveillance and spying.
Since at least 2012, the U.S. federal government has been concerned that equipment manufactured by Chinese telecom companies Huawei and ZTE could undermine U.S. national-security interests. These two companies have ties to the Chinese government and are thought to be subservient to the Chinese Communist Party’s intelligence and security services. Based on these relationships, federal lawmakers and other policymakers are worried that telecom equipment produced by Huawei, ZTE, and other Chinese companies are constructed with secret backdoors that give Chinese spying operatives and hackers entrance to U.S. communications networks.
Below is an outline summary of the FCC's draft NPRM.
Text of Proposed Rule
§ 54.9 Prohibition on use of funds
No universal service support may be used to purchase or obtain any equipment or services produced or provided by any company posing a national security threat to the integrity of communications networks or the communications supply chain.
Scope of Proposed Rule
- We propose to adopt a rule that, going forward, no USF support may be used to purchase or obtain any equipment or services produced or provided by a company posing a national security threat to the integrity of communications networks or the communications supply chain.
- Further, we expect that the proposed rule would extend to upgrades of existing equipment or services, and we seek comment on this view.
- We also seek comment on whether other federal agencies have rules that we should follow as a model for limiting USF recipients’ purchase of equipment or services from companies that trigger national security concerns.
- We seek comment on the types of equipment and services covered by our proposed rule. One bright-line approach would be to prohibit use of USF funds on any purchases whatsoever from companies that have been identified as raising national security risks. Would such a rule be most appropriate here?
- Another approach would be to limit the scope of the proposed rule to equipment and services that relate to the management of a network, data about the management of a network, or any system the compromise or failure of which could disrupt the confidentiality, availability, or integrity of a network.
- Alternatively, which components or services are most prone to supply chain vulnerabilities? Is there any reason to exempt certain categories of equipment or services from the scope of the rule? For example, should the rule cover all software or only software that manages the communications network or devices used on the network?
- Additionally, are there existing processes or methods, such as supply chain risk management processes, through which equipment can be certified not to present a supply chain risk, thereby allowing that equipment to be exempted from coverage under our proposed rule? Does the Department of Homeland Security or another Federal entity test communications equipment for supply chain risk? Should the Commission convene an advisory group or voluntary industry panel that would be able to provide such certification?
The Proposed Rule Would Limit Use of USF Funds.
- We expect that our proposed rule would limit use of USF funds both directly by the recipient of that funding as well as indirectly by any contractor or subcontractor of the recipient. We seek comment on this view.
- For example, should there be a limit on how many levels of subcontractors are subject to the proposed rule?
- Are there different practical or policy questions that necessitate crafting rules on a program-specific basis across the four separate USF programs? Or would an overarching rule for all USF programs better meet the goals of safeguarding USF-funded infrastructure and providing effective USF support? We seek comment on these issues and any related issues of application.
- Additionally, given the fact that projects supported through the Fund involve both USF funds and non-USF funds, and given that money is fungible, should our proposed rule prohibit the use of any USF funds on any project where equipment or services produced or provided by a company posing a national security threat to the integrity of communications networks or the communications supply chain is being purchased or obtained?
The Proposed Rule Would Apply Prospectively
- We make clear that our proposed rule or any alternative that we adopt in this proceeding would apply only prospectively and seek comment on when the rule should become effective.
- How long would USF recipients need to begin compliance with the rule? Should we consider phasing in the proposed rule for certain USF programs before others?
- Are there special considerations for schools, libraries, and rural health care facilities, which may not be as well-positioned as a carrier receiving USF support to know whether the services and/or equipment they purchase with USF support are being provided by an entity that pose a supply chain integrity risk?
- Should we consider a later effective date for smaller USF recipients?
- Should we consider a phase-in period for certain programs, USF recipients, or equipment or services?
Legal Authority: Sections 201(b) and 254 of The Communications Act
- We believe that sections 201(b) and 254 of the Act provide ample legal authority for the rule we propose today.
- Section 201(b) gives the Commission the authority to promulgate “such rules and regulations as may be necessary in the public interest to carry out the provisions of this Act.”
- And section 254 requires that USF recipients “shall use that support only for the provision, maintenance, and upgrading of facilities and services for which the support is intended.” In the USF/ICC Transformation Order, the Commission interpreted this language as providing it with the authority to designate the services for which USF support will be provided and to “encourage the deployment of the types of facilities that will be st achieve the principles set forth in section 254(b).” Among these principles are “[q]uality services . . . available at just, reasonable, and affordable rates,” “[a]ccess to advanced telecommunications and information services . . . in all regions of the Nation,” and “other principles” that are “necessary and appropriate for the protection of the public interest, convenience, and necessity. . . .” Moreover, the Commission has the discretion to define the services supported by USF, and to “consider the extent to which such telecommunications services . . . are consistent with the public interest, convenience, and necessity.” As the Tenth Circuit has explained, “nothing in the statute limits the FCC’s authority to place conditions . . . on the use of USF funds.” As such, we believe the condition on the use of USF funds that we propose here is within our authority.
- We believe that the promotion of national security is consistent with the public interest, and that USF funds should be used to deploy infrastructure and provide services that do not undermine our national security. Would adopting our proposed rule be equivalent to establishing a new definition of the “evolving level of telecommunications services” that are supported by USF mechanisms under section 254(c)(1)? Are there other statutory provisions that affect USF recipients’ obligations with respect to the security of their networks, or other sources of legal authority on which we should rely?
Enforcement: How Should The FCC Enforce The Rule
- We seek comment on how to enforce our proposed rule. We expect that USF recipients would comply with the rule and that USAC, through periodic audits, would be able to confirm such compliance. We also note that all USF recipients are required to maintain records demonstrating that they use the support in the manner in which it is intended to be used.
- If a recipient of USF support is found to have violated our proposed rule, what steps should we take in response? Are there any mitigating factors we should consider when taking such responsive steps?
- We seek comment on how USAC should recover funds disbursed in violation of the proposed rule.
Should There Be Additional Penalties Besides Loss Of Funding
- Upon finding a violation, are there additional penalties we should impose beyond loss of funding and potential forfeitures under section 503 of the Act? What form would such penalties take? For instance, should parties who are found to have violated our proposed rule be suspended or permanently barred from receiving USF support? What other considerations should we take into account in the context of enforcing our proposed rule?
Compliance: Should The FCC Take Other Steps To Confirm Compliance? Should There Be A Separate Certification?
- We expect that USF recipients would comply with the rule and that USAC, through periodic audits, would be able to confirm such compliance. We also note that all USF recipients are required to maintain records demonstrating that they use the support in the manner in which it is intended to be used.
- Notwithstanding these safeguards, we seek comment on any other steps we should take to ensure compliance with our proposed rule. For example, should we make changes to any of the relevant forms submitted by USF applicants or recipients (e.g., by adding a certification)?
- Or should we require a separate certification? Who should make the certification and how often should it be filed?
- In instances where an applicant for USF support is not a service provider—such as when eligible schools and libraries receive discounts under the E-Rate program, or when health care providers receive support via the Rural Health Care program—should the applicant be required to make such a certification, or should the certification be made by the service provider that has knowledge of and control over its network? Does it matter whether the applicant is seeking to purchase and install equipment itself or whether it is purchasing services from another?
- We also seek comment on how potential bidders complied with the national security certification required by the Spectrum Act and the Commission’s implementing regulations. While those provisions do not apply here, the experience of potential bidders may nevertheless be instructive. Are there practical lessons to be learned from that process? How did the certification requirement affect smaller and first-time bidders? Should we require a certification by USF recipients that they are not using USF support to pay for services or equipment from covered sources, analogous to the Commission’s certification requirements for bidders in the broadcast incentive auction?
Should The FCC Consider Waivers Of The Proposed Rule
- We seek comment on whether and how applicants for USF support may seek a waiver of our proposed rule.
- In general, the Commission’s rules may be waived for “good cause.” Should we establish a separate process from our general waiver provision for waivers of our proposed rule? If we provide such a waiver process, how should it function?
- Should we require a higher standard than good cause for granting waivers, such as “extraordinary circumstances?” Who should have the authority to grant a waiver, and under what circumstances?
How Should The Rule Affect Multiyear Contracts Or Contracts With Voluntary Extensions
- How should the proposed rule affect multiyear contracts or contracts with voluntary extensions between USF recipients and companies identified as posing a supply chain integrity risk, if any such contracts exist? Should we consider grandfathering contracts that are currently in place for legal, cost, or other reasons? Should the proposed rule apply if a USF recipient has entered into a contract to purchase equipment or services from a company identified as posing a supply chain integrity risk, but the USF recipient has not received installation of equipment at the time that the proposed rule would go into effect? Should these contracts be grandfathered? If we do grandfather contracts, should we only grandfather unexpired annual or multiyear contracts, or also grandfather one-year contracts with voluntary extensions? Do relevant contracts include change-of-law or similar provisions that would cover the new rule we are proposing? While the proposed rule would not apply to equipment already in place, as discussed above, we anticipate that rule would extend to upgrades of existing equipment or services.
What Are The Costs And Benefits Of The Proposed Rule
- We seek comment on the costs and benefits of our proposed rule. Does our proposed rule promote our goals of ensuring that USF funds are used consistently with our national security interests while simultaneously continuing our universal service mission of making communications services available to all Americans? Does this proposed rule improve our ability to safeguard the country’s telecommunications networks from potential security risks? How can we quantify any such benefit to national security? Are there alternative approaches that would better protect the security of the nation’s communications networks at a lower cost?
- What are the potential costs associated with our proposed rule to USF recipients, the Fund, end users, consumers, the public safety and law enforcement community, the Commission, or other federal agencies? Does this proposed rule affect our continuing goal of ensuring that all Americans have access to communications services? If so, how? Do the potential benefits of our proposal to national security outweigh any possible costs? In particular, we seek comment on the impact of our proposed rule on small businesses, as well as any modifications or alternatives that might ease the burden of this proposed rule on small businesses.