The FCC Votes to Scrap Cybersecurity Rules for U.S. Phone and Internet Giants
On Thursday, the Federal Communications Commission made a controversial decision to eliminate regulations that required major U.S. telecommunications companies to adhere to specific cybersecurity standards. The vote, which passed 2-1 along party lines, was led by chairman Brendan Carr and Republican commissioner Olivia Trusty, both appointed during the Trump administration.
The rules in question mandated that telecommunications carriers take measures to secure their networks against unauthorized access and interception of communications. These regulations were put in place by the Biden administration earlier this year but have now been reversed by the FCC.
While Carr and Trusty supported the repeal of these rules, the FCC’s lone Democratic commissioner, Anna Gomez, dissented. In a statement following the vote, Gomez expressed her disappointment, emphasizing that the now-repealed regulations were a crucial step in enhancing cybersecurity efforts following a major hacking campaign orchestrated by a China-backed group known as Salt Typhoon.
The Salt Typhoon hackers successfully infiltrated over 200 telecom companies, including industry giants like AT&T, Verizon, and Lumen. Their activities involved extensive surveillance of American officials, with some instances of targeting wiretap systems mandated by the U.S. government for law enforcement purposes.
Unsurprisingly, the FCC’s decision to rescind these rules has sparked criticism from various quarters. Sen. Gary Peters, a key member of the Senate Homeland Security Committee, expressed concern over the rollback of essential cybersecurity safeguards, warning that it could leave the American people vulnerable to cyber threats.
Similarly, Sen. Mark Warner, who serves as the ranking member of the Senate Intelligence Committee, raised alarms about the lack of a coherent strategy to address critical security gaps exploited by groups like Salt Typhoon. He emphasized the importance of robust cybersecurity measures to protect national interests.
Industry responses to the FCC’s move have been mixed. The NCTA, representing the telecommunications sector, applauded the decision, labeling the regulations as overly restrictive and counterproductive. However, Gomez cautioned that voluntary agreements with industry stakeholders are insufficient without stringent enforcement mechanisms in place.
Gomez stressed the need for proactive measures to strengthen cybersecurity defenses and prevent future breaches. She argued that relying solely on voluntary cooperation would not be effective in combating state-sponsored hackers like Salt Typhoon, underscoring the importance of comprehensive regulatory frameworks.
