Let Other Agencies Handle Cybersecurity, Telecom Players Tell FCC
The FCC should concentrate on public awareness of cybersecurity instead of adopting a massive security road map that would conflict with other federal agencies’ work and ultimately weaken protections, telecommunications players said in comments filed Wednesday and Thursday with the commission. The comments responded to an Aug. 9 notice about how the FCC should deal with cybersecurity in line with a National Broadband Plan recommendation.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
A cybersecurity road map “will not materially improve core network security” from attacks and could be “counter-productive,” Qwest said. It could conflict with or duplicate cybersecurity plans of other federal agencies, the carrier said. The most useful actions that the FCC could take are public education and assistance programs, it said. End users have a low rate of adopting cybersecurity mechanisms and practices, it said, and the commission could work with broadband network providers and ISPs to run an effective outreach program, Qwest said.
CTIA said it has “serious concerns” that an FCC cybersecurity road map could weaken current efforts. By detailing the vulnerabilities of commercial broadband networks and the steps public and private players would take in a crisis, it could be used as a tool for destruction. It also could hamper the flexibility of wireless network operators to manage their networks by setting a specific path to cybersecurity, CTIA said. The association recommended that the commission promote cybersecurity through consumer education and outreach. The FCC should be “mindful of the myriad efforts already underway” in the federal government to achieve cybersecurity, it said.
"A road map would likely reveal hugely sensitive cybersecurity information, which hostile actors can then use to create their own road map to further their malicious activities,” Sprint said. A road map could quickly be obsolete and accidentally hurt rapid responses to emerging cyber threats, it said. Sprint suggested that the FCC stop planning cybersecurity activities and wait for a federal plan. Meanwhile, the commission should focus on public outreach, it said. “Given the vast majority of cyber vulnerabilities stem from the lack of end user knowledge or awareness, an educational outreach program may be the most effective approach the Commission can take to help strengthen the overall security of the Internet,” it said.
The federal government needs a coordinator to direct the nation’s cybersecurity policy, said USTelecom. Duplication and overlapping authority will grow as additional agencies get involved in cybersecurity, the association said. The federal government’s position is increasingly characterized by the conflicting roles of disparate agencies, it said. The Department of Homeland Security is the lead agency on cybersecurity matters, and the FCC should play a subordinate rolet. The best use of the commission is continuing to engage in public-private partnerships and cybersecurity outreach efforts, using its existing private-public framework, the association said.
Verizon, Verizon Wireless and AT&T struck similar notes. Any road map should endorse a governmentwide cybersecurity program and steer away from duplicative proposals such as a cybersecurity best practices certification program or cybersecurity event reporting, said the Verizon companies. The FCC should focus on cybersecurity issues that other federal agencies aren’t dealing with, such as statutory restraints on information sharing, consumer education and the security of IT protocols, they said. ISPs already have significant market incentives to protect their networks from cyberthreats and need flexibility to address attacks, said AT&T. At least six other federal bodies including the White House and the Department of Defense are working on cybersecurity, it added, creating confusion and the risk of overlap, the carrier said.