As the United States tries to cut China out of its media network, outgoing Democratic Party Chairwoman Jessica Rosenworcel Federal Communications Commissionsays it's important for her Republican successor to maintain strong oversight of the telecommunications industry.
The government is still reeling from China “Salt Storm” offensive campaign hacked into at least nine US telecommunications companies and gave Beijing access to Americans' phone calls and text messages as well as eavesdropping systems used by law enforcement . This operation exploits the extremely poor cybersecurity of US carriers, incl AT&T administrator account lack of basic security protections.
To prevent a repeat of the unprecedented telecommunications breach, Rosenworcel used the final days of his FCC leadership to propose new cybersecurity requirements for telecommunications operators. . On Thursday, the committee close vote to accept her offer. But those rules face a bleak future, as president-elect Donald Trump prepares to take office and control of the FCC passes to commissioner Brendan Carr, a Trump ally who voted against it. Rosenworcel's management plan.
In an interview days before Trump's inauguration, Rosenworcel was adamant that regulation was part of the answer to America's telecommunications security crisis. And she has a stern message for Republicans who say the solution is for the telecommunications agency itself to be the police.
“We are grappling with what has been described as the worst telecommunications hack in our country's history,” she said. “Either you take serious action or you don't.”
“The right thing to do”
Rosenworcel's plan includes two steps. First, the FCC officially declared that the Communications Assistance for Law Enforcement Act (CALEA) of 1994, which requires telecommunications companies to design their telephone and internet systems to comply with wiretapping, also require them to deploy basic cyber defenses to prevent spoofing. Next, the FCC proposes requiring many companies regulated by the commission to develop detailed cyber risk management plans and certify their implementation annually.
The outgoing chairwoman described the rules as a reasonable response to a devastating attack.
“In the United States in 2025, most consumers would be shocked to learn that our networks do not have minimum cybersecurity standards,” Rosenworcel said. “We are asking carriers to develop a plan and certify that they follow that plan. It was the right thing to do.”
Without these standards, “our networks will lack the protection they need against nation-state threats like these in the future,” she added.
But Republicans are unlikely to accept new regulations on telecommunications networks. The powerful telecommunications industry tends to staunchly oppose any new regulations, and Republicans almost always side with the industry in these debates.
Sen. Ted Cruz, the Texas Republican who chairs the Commerce Committee, called Rosenworcel's plan “at best a band-aid and at worst concealing a serious blind spot.” during the hearing in December.
Carr—who last month called salt storm “deeply concerned”—voted against Rosenworcel's proposal, along with his fellow Republican commissioner Nathan Simington. Carr's office did not respond to a request for comment on the new regulations. But he does criticized many times Rosenworcel's approach to enforcing rules on the telecommunications industry accuses her of overreacting and warns that the FCC must restrain itself or face pushback from the courts.