Overview
The Federal Communications Commission ("FCC") recently issued a Notice of Proposed Rulemaking ("NPRM") to address national security concerns in the technology and telecommunications equipment supply chain, aiming to make the Commission's equipment authorization program more secure and reliable in testing and approving telecommunications equipment and consumer devices for the U.S. market. The NPRM, which proposes new restrictions on Telecommunications Certification Bodies ("TCBs") and Measurement Facilities ("Test Labs"), is one of a series of actions the FCC has taken recently to impose more stringent, national security-inspired regulations on the technology and telecommunications industries. The FCC's focus on national security risks in the telecommunications marketplace is in line with measures taken by Congress and the Executive Branch to address national security risks posed by foreign adversaries.
Background
The FCC's equipment authorization program is intended to ensure the safety and usability of radiofrequency ("RF") devices, such as Wi-Fi routers, smart phones, TVs, tablets, and wearables, that Americans use to participate in modern society and the digital economy. TCBs and Test Labs play a critical role in this effort. To facilitate the review and approval of the countless devices that are brought to market each year, the FCC permits third-party TCBs to authorize, and Test Labs to test, RF devices before they can be operated, sold, or marketed in the U.S. FCC rules require that TCBs be located either in the U.S. or in countries that have entered into Mutual Recognition Agreements ("MRAs") with the U.S. Existing FCC rules do not require accreditation for Test Labs that are part of the Supplier's Declaration of Conformity ("SDoC") process for equipment authorization, which applies to devices that emit RF as a byproduct of their operation rather than as their primary function (such as equipment containing digital circuitry that does not intentionally transmit RF, like computers and peripherals, TV and radio receivers, and LED lightbulbs).
In the past several years, increasing threats posed by foreign adversaries have prompted the FCC to place new national security-related restrictions on its equipment authorization program. The new rules propose a number of changes impacting the equipment authorization process, including the SDoC authorization procedures. Pursuant to the Secure Equipment Act of 2021 and the Secure and Trusted Communications Networks Act of 2019, the FCC recently has adopted a number of rules that implement restrictions on certain foreign entities listed on the Commission's Covered List, which is a list of communications equipment and services by foreign entities that are deemed to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons. Covered List designations can be made any time that an agency with national security expertise deems certain foreign adversaries to pose such risks. Recent FCC restrictions include a ban on the import and sale of Chinese telecommunications equipment deemed to pose unacceptable national security risks and a requirement that certain telecommunications providers that use equipment in their networks obtained from banned entities or their parents, affiliates, or subsidiaries, remove and replace such equipment (colloquially known as the "Rip & Replace Program"). In addition, the FCC has adopted rules to regulate foreign participation and expand disclosure requirements for telecommunications companies holding international section 214 authorizations.
The NPRM represents a further exercise of the FCC's authority to shore up the security of the tech and telecommunications sectors.
Proposed Changes to Existing Rules for Equipment Authorization Processes
The NPRM seeks public comment on proposed changes to existing FCC rules that would place more scrutiny on the relationships between foreign entities and TCBs and Test Labs:
- New Thresholds for Foreign Ownership Restrictions. The NPRM proposes to prohibit any TCB or Test Lab from participating in the equipment authorization program if an entity on the Covered List directly or indirectly owns or controls 10% or more of a TCB or Test Lab.
- New Certification and Reporting Requirements.
- Within 30 days of their effective date, the proposed rules would require that all TCBs and Test Labs authorized by the FCC certify that no entity on the Covered List has, possesses, or controls an equity or voting interest of 10% or more in the particular TCB or Test Lab.
- Within 90 days of the rules' effective date, TCBs and Test Labs would have to identify and report any entity that directly or indirectly owns or controls 5% or more of the TCB or Test Lab.
- SDoC Accreditation Changes. The NPRM proposes that equipment subject to SDoC procedures be authorized only by FCC-accredited Test Labs.
- Additional Restrictions and Other Covered Lists. The proposed rules would impose further eligibility restrictions on TCBs and Test Labs affiliated with entities identified on other covered lists developed by Executive Branch agencies that address national security concerns (e.g., the Specially Designated Nationals and Blocked Persons List, which is maintained by the U.S. Department of Treasury's Office of Foreign Assets Control), potentially expanding the list of banned entities and thus imposing further restrictions and limitations on participation in the equipment authorization program.
- Post-Market Surveillance Requirement. The FCC is considering additional regulations in the NPRM, including a requirement for TCBs to perform post-market surveillance of authorized equipment, and to identify problematic or erroneous equipment authorizations, including identifying covered equipment under the Rip & Replace Program.
Next Steps
The proposed rules could impact private companies engaged in the manufacture and sale of RF devices in a number of ways, including by extending the time it takes for such devices to obtain FCC approval (which could have downstream effects on product launch timelines). In addition, if some TCBs or Test Labs are denied accreditation under the new rules, it will reduce the number of FCC-accredited entities available to process certification and testing requests, potentially causing additional backlog in authorizations and delays in the consumer technology devices market. If the proposed rules are adopted, TCBs and Test Labs that do maintain their accreditation will face heightened administrative requirements in the form of increased reporting, ownership disclosure, and related regulatory obligations, which may result in additional costs and resourcing.
DWT will monitor this proceeding and advise on impacts to industry, including the reporting and compliance obligations that may be adopted. Comments on the NPRM are due 60 days after publication in the Federal Register, and reply comments are due 90 days after publication.
+++
DWT's International Trade, Investment & National Security Team and Communications Practice Group regularly advise clients on compliance with domestic and international trade, investment, and national security laws and regulations, including those impacting the technology and telecommunications industries. Please let us know if you would like our assistance in assessing the implications of the NPRM, and in submitting comments to the Commission.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.