UPDATE Because of the Salt Typhoon data breach that the U.S. government alleges was conducted by Chinese-backed actors, the FCC is now mandating the American carriers secure their networks, Inside Towers reported. Incoming FCC Chair Brendan Carr cried foul, noting that congressional GOP leaders in Congress told FCC Chairwoman Jessica Rosenworcel two months ago, not to adopt controversial items. She leaves office today.
Carr posted on X, “Just 5 days before we complete the transition-when bipartisan collaboration on national security matters should be paramount-the Biden FCC forced a vote on a partisan & [sic] counterproductive approach to Salt Typhoon. The threat requires a serious & [sic] effective response-this is neither.”
The Commission adopted a Declaratory Ruling finding last Thursday that section 105 of Communications Assistance for Law Enforcement Act (CALEA) affirmatively requires telecommunications carriers to secure their networks from unlawful access or interception of communications. The Declaratory Ruling took effect immediately.
In response to the vote on the Declaratory Ruling, Carr called Salt Typhoon, “the worst cyber intrusion in our nation’s history. That intrusion, which the next Administration will be left to address, represents an unacceptable risk to our national security. It should never have been allowed to happen.”
Carr dissented from the former Democratic majority, saying “we should be working closely with the intelligence community officials and the network providers that have been targeted by this attack. We should be conveying in real time the remedial steps that are necessary to restore the integrity of our networks—and ensuring that providers are implementing them. And we should be taking a series of actions that will restore America’s deterrence and harden our networks going forward.”
Carr doesn’t agree with the Democrats’ interpretation of CALEA. He said the FCC had chosen to “issue a decision that it does not even have the authority to adopt.”
“Specifically, CALEA requires a covered provider to open their network within the ‘switching premises’— but only within the switching premises—to enable authorized intercepts by U.S. law enforcement,” Carr stated on X. He said the agency “reads CALEA as also imposing an affirmative obligation on a covered provider to take certain undefined cybersecurity actions across every portion of the network—meaning, both within and outside the switching premises. But the FCC and the court of appeals have already determined that CALEA’s ‘switching premises’ language is key to the statute’s operation.”
By Leslie Stimson, Inside Towers Washington Bureau Chief
Reader Interactions