As the United States scrambles to kick China out of its communications networks, Jessica Rosenworcel, the outgoing Democratic chair of the Federal Communications Commission, says it’s vital for her Republican successor to maintain strong oversight of the telecommunications industry.
The government is still reeling from the Chinese “Salt Typhoon” hacking campaign that penetrated at least nine US telecom companies and gave Beijing access to Americans’ phone calls and text messages and the wiretap systems used by law enforcement. The operation exploited US carriers’ shockingly poor cybersecurity, including an AT&T administrator account that lacked basic security protections.
To prevent a repeat of the unprecedented telecom intrusion, Rosenworcel used the waning days of her FCC leadership to propose new cybersecurity requirements for telecom operators. On Thursday, the commission narrowly voted to approve her proposal. But those rules face a bleak future, with president-elect Donald Trump preparing to take office and control of the FCC transferring to commissioner Brendan Carr, a Trump ally who voted against Rosenworcel’s regulatory plan.
In an interview days before Trump’s inauguration, Rosenworcel is adamant that regulation is part of the answer to America’s telecom security crisis. And she has a stern message for Republicans who think the solution is to let the telecoms police themselves.
“We are wrestling with what has been described as the worst telecommunications hack in our nation’s history,” she says. “Either you take serious action or you don’t.”
“The Right Thing to Do”
Rosenworcel’s plan consists of two steps. First, the FCC formally declared that the 1994 Communications Assistance for Law Enforcement Act (CALEA), which required telecom companies to design their phone and internet systems to comply with wiretaps, also requires them to implement basic cyber defenses to prevent tampering. Next, the FCC proposed requiring a wider range of companies regulated by the commission to develop detailed cyber risk-management plans and annually attest to their implementation.
The outgoing chairwoman describes the rules as a commonsense response to a devastating attack.
“In the United States in 2025, it would shock most consumers to know that our networks do not have minimum cybersecurity standards,” Rosenworcel says. “We’re asking the carriers to develop a plan and certify they follow that plan. That’s the right thing to do.”
Absent these standards, she adds, “our networks are going to lack the protection they need from nation-state threats like this in the future.”
But Republicans are unlikely to embrace the new regulations on telecom networks. The powerful telecom industry tends to staunchly oppose any new regulations, and Republicans almost always side with the industry in these debates.
Senator Ted Cruz, a Texas Republican who now chairs the Commerce Committee, called Rosenworcel’s plan “a Band-Aid at best and a concealment of a serious blind spot at worst” during a hearing in December.
Carr—who last month called Salt Typhoon “deeply concerning”—voted against Rosenworcel’s proposal, along with his fellow Republican commissioner Nathan Simington. Carr’s office didn’t respond to a request for comment about the new regulations. But he has repeatedly criticized Rosenworcel’s approach to enforcing rules on the telecom industry, accusing her of overreach and warning that the FCC must rein itself in or face pushback from courts.
+ There are no comments
Add yours