Like the United States States are scrambling to expel China from their communications networks, according to Jessica Rosenworcel, the outgoing Democratic Speaker of Parliament. Federal Communications Commissionbelieves it is vital that his Republican successor maintains close oversight of the telecommunications sector.
The government is still in shock from the Chinese “Salt Typhoon” hacking campaign that penetrated at least nine U.S. telecommunications companies and gave Beijing access to Americans’ phone calls and text messages as well as wiretap systems used by law enforcement. The operation exploited the scandalously poor cybersecurity of US carriers, including an AT&T administrator account which lacked basic safety protections.
To avoid a repeat of this unprecedented telecommunications intrusion, Rosenworcel used the final days of his FCC leadership to propose new cybersecurity requirements for telecommunications carriers. On Thursday, the commission narrowly voted to approve his proposal. But those rules face a bleak future, as President-elect Donald Trump prepares to take office and control of the FCC shifts to Commissioner Brendan Carr, a Trump ally who voted against the regulatory plan. Rosenworcel.
In an interview days before Trump’s inauguration, Rosenworcel was adamant that regulation is part of the response to America’s telecommunications security crisis. And she has a stern message for Republicans who think the solution is to let telecommunications police itself.
“We are grappling with what has been described as the worst telecommunications hack in the history of our country,” she said. “Either you take serious action or you don’t. »
“The right thing to do”
Rosenworcel’s plan consists of two stages. First, the FCC officially declared that the Communications Assistance for Law Enforcement Act (CALEA) of 1994, which required telecommunications companies to design their telephone and Internet systems to comply with wiretapping, also required them to implement basic cyber defenses to prevent tampering. Next, the FCC proposed requiring more companies regulated by the commission to develop detailed cyber risk management plans and attest to their implementation each year.
The outgoing president describes the rules as a common-sense response to a devastating attack.
“In the United States in 2025, most consumers would be shocked to know that our networks do not have minimum cybersecurity standards,” Rosenworcel says. “We ask carriers to develop a plan and certify that they are following it. It’s the right thing to do.
Without these standards, she adds, “our networks will not have the protection they need against such nation-state threats in the future.”
But it is unlikely that Republicans will adopt the new regulations on telecommunications networks. The powerful telecommunications industry tends to strongly oppose any new regulations, and Republicans almost always side with the industry in these debates.
Sen. Ted Cruz, a Texas Republican who now chairs the Commerce Committee, called Rosenworcel’s plan “at best a Band-Aid and, at worst, the cover-up of a serious blind spot.” during a hearing in December.
Carr—who last month called Salt Typhoon “deeply concerning” — voted against Rosenworcel’s proposal, alongside fellow Republican Commissioner Nathan Simington. Carr’s office did not respond to a request for comment on the new regulations. But he has repeatedly criticized Rosenworcel’s approach to enforcing rules on the telecommunications industry, accusing it of going too far and warning that the FCC must rein itself in or face resistance from the courts.