FCC Proposes New Foreign Adversary Disclosure Rules for Telecom Networks

 

WASHINGTON D.C. – The Federal Communications Commission (FCC) today unveiled a Notice of Proposed Rulemaking (NPRM) aimed at significantly expanding disclosure requirements for foreign ownership in U.S. communications networks. The move seeks to increase transparency and protect national security by identifying entities with ties to foreign adversaries.

The proposed rules would require covered entities holding various FCC licenses and authorizations – including wireless, satellite, media, submarine cables, and common carrier licenses – to certify whether they are owned, controlled by, or subject to the jurisdiction or direction of a foreign adversary. If affirmed, these entities would then need to disclose all ownership interests equal to or greater than 5% and detail the nature of their foreign adversary control.

"Foreign adversaries... pose a present and persistent threat to our networks in that they act through entities that they own, control, or direct and that hold licenses, authorizations, and other permissions granted by the Commission," stated an FCC representative during the meeting.

The proposal also includes requirements for initial certifications and new certifications within 30 days of any changes to foreign adversary control. A streamlined revocation procedure is also proposed for entities that falsely certify or fail to provide accurate ownership information.

FCC Chairman highlighted the importance of "sunlight as the best disinfectant" in combating multi-pronged efforts by foreign adversaries to exploit vulnerabilities in U.S. communications infrastructure. He noted existing gaps in the FCC's information collection regarding foreign adversary control and expressed support for legislative efforts in Congress to require the FCC to publish such information.

While supporting the measure, Commissioner Gomez raised concerns that the current proposal does not collect information on foreign adversary control of broadband providers, attributing this gap to the lack of Title II authority. The FCC emphasized that the public's input on the proposed requirements will be crucial as the rulemaking process develops. The item was adopted with unanimous commissioner support.

 

REF:

https://www.youtube.com/watch?v=T-4aVCn2KW0

Identifying Foreign Adversary Ownership Stakes 

 

FCC Takes Aim at "Bad Labs" to Secure U.S. Telecom Supply Chain

 

WASHINGTON D.C. - The Federal Communications Commission (FCC) today advanced new rules designed to bolster the security and integrity of the U.S. telecommunications supply chain, specifically targeting "bad labs" and untrustworthy entities involved in equipment authorization.

The FCC approved a Report and Order and Further Notice of Proposed Rulemaking that will prohibit Telecommunications Certification Bodies (TCBs), test labs, and laboratory accreditation bodies from participating in the equipment authorization program if they are owned, controlled, or directed by entities posing a national security risk, including foreign adversaries. This move aims to close a potential loophole where insecure or compromised equipment could enter U.S. networks through compromised testing and certification processes.

"Before any electronics can be imported or sold in the U.S., they must be tested in a lab to make sure they comply with FCC regulations," stated FCC Chairman. "It's not hard to imagine that an unreliable lab, one beholden to a foreign adversary, could sign off on insecure gear entering the U.S. market."

The new rules expand current reporting and certification requirements to include details on ownership, control, and equity interests of 5% or more. The FCC will also withdraw recognition from any entity that provides inaccurate information.

Additionally, the Further Notice of Proposed Rulemaking seeks comment on extending these prohibitions to entities subject to the jurisdiction of a foreign adversary and exploring ways to increase equipment authorization testing within the United States or allied countries. Concerns were raised that approximately 75% of all electronics testing currently occurs in labs located in China.

Commissioners Starks, Symington, and Gomez all voiced strong support for the initiative, emphasizing the critical role of trustworthy third-party certification in safeguarding national security and preventing undue influence from adversaries. The move builds on previous bipartisan efforts by the FCC to address threats from foreign adversaries, including actions against Huawei and ZTE.

 

 

 

REF:

https://www.youtube.com/watch?v=T-4aVCn2KW0

Safeguarding the Equipment Authorization Process from Bad Labs 

https://www.fcc.gov/document/fcc-bans-bad-labs-us-equipment-authorization-process

 

 

FCC Enhances Equipment Authorization Integrity and Security

Approximately a year ago, the FCC initiated a Notice of Proposed Rule-making on the integrity and security of its equipment authorization program. 

Building upon this, the FCC released a Report and Order and Further Notice of Proposed Rule-making on May 1, 2025, that will be addressed at the May 2025 Open Commission meeting on May 22, 2025. These actions signal potentially significant upcoming changes to equipment authorization processes in the United States.

The FCC will adopt rules through this Report and Order to bolster the integrity of entities involved in the Commission’s equipment authorization program.

Key aspects of the Report and Order:

• Prohibition of Entities: The FCC will prohibit the recognition of, and withdraw existing recognition from, Telecommunications Certification Bodies (TCBs) or test laboratories owned or controlled by a "prohibited entity."
• Definition of "Prohibited Entity": This term will encompass any entity identified on various government lists related to national security threats. These lists include, but are not limited to, the FCC Covered List, the Department of Defense Chinese Military Company List, and the Executive Branch’s list of "foreign adversaries."
• Ownership and Control Reporting: The FCC will implement reporting and certification requirements to facilitate the determination of ownership and control of relevant entities.
• Subsidiary and Affiliate Information: Any entity specifically named on the Covered List will be required to provide information regarding all of its subsidiaries and affiliates.
• Strengthening TCBs and Test Labs: Several additional rules will be adopted to enhance the integrity of TCBs, test laboratories, and laboratory accreditation bodies.

Key aspects of the Further Notice of Proposed Rule-making:

• Expansion of Prohibitions: The FCC seeks comments on whether to extend the newly adopted prohibitions to entities under the jurisdiction of a foreign adversary. It also seeks input on expanding the definition of "prohibited entities" to include additional lists from federal agencies or statutes.
• Encouraging Domestic and Allied Testing: The FCC requests further comment on methods to facilitate and encourage more equipment authorization testing to be conducted at test laboratories located within the United States or in allied countries.
• TCB Post-Market Surveillance: The FCC proposes revisions to TCB post-market surveillance procedures.
• TCB-Test Lab Relationships: The FCC proposes to restrict relationships between TCBs and the test laboratories for which the TCB reviews applications.
• Accredited Labs for Supplier's Declaration of Conformity: The FCC proposes to mandate the use of FCC-recognized accredited test laboratories for authorizations based on a Supplier’s Declaration of Conformity.

References:

• https://www.fcc.gov/May2025
• https://www.fcc.gov/document/safeguarding-equipment-authorization-process-bad-labs
• https://www.fcc.gov/document/fcc-proposes-national-security-protections-equipment-program-0
• https://docs.fcc.gov/public/attachments/DOC-411202A1.pdf
• https://www.emcrules.com/2024/05/fcc-vote-on-bad-labs-ban-proposal.html

Europe Radio Equipment Cybersecurity update

On January 30, 2025, EN 18031-1, -2 and -3 were listed in the Official Journal of the European Union thus now harmonized to give "presumption of conformity" with the essential requirements set out under articles 3.3 d, e, and f, of the Radio Equipment Directive, however with some conditions and limitations.

These standards where originally released on September 2, 2024.

EN 18031-1:2024 (Common security requirements for radio equipment - Part 1: Internet connected radio equipment)

EN 18031-2:2024 (Common security requirements for radio equipment - Part 2: radio equipment processing data, namely Internet connected radio equipment, childcare radio equipment, toys radio equipment and wearable radio equipment)

EN 18031-3:2024 (Common security requirements for radio equipment - Part 3: Internet connected radio equipment processing virtual money or monetary value)

It's important to note that these are framework standards defining common security requirements and assessment methods, not test standards.

 REF:

 Commission Delegated Regulation (EU) 2022/30

Document 32025D0138 

 

FCC requirements to protect the nation’s networks and supply chains from certain equipment

August 28, 2024 - FCC publishes a revision to Knowledge Database (KDB) document titled “Protecting Against National Security Threats to the Communications Supply Chain through the Equipment Authorization Program.” The document provides staff-level authorization guidance on how FCC 22-84 affects the equipment authorization process.

Changes include adding new guidance item 2a, “How should TCBs address applications for authorization of equipment that includes cybersecurity and anti-virus software produced or provided by Kaspersky Lab, Inc. or any of its successors and assignees?” as well as removing obsolete data from the introduction, and adding clarifying language to item 1.a.ii.

Ref:

KDB 986446 D01 Covered Equipment Guidance v03

FCC Amends Equipment Authorization Program

FCC - Validation of test sites for radiated emission testing

Posted Aug. 22, 2024, a Petition for Rule-Making requesting to incorporate the newly adopted ANSI/USEMCSC C63.25.2-2024 standard, rules for the validation of test sites used for radiated emission testing between 30 MHz and 1 GHz., into FCC Title 47 Part 2 and Part 15.

The C63.25 standard series will consolidate site validation methods into a standard series for reference from within various test method standards (i.e. C63.4, C63.10 etc.). The series addresses the appropriate and required site validation for sites used when performing tests related to the applicable frequency range of measurement.

C63.25.1 - Validation Methods for Radiated Emission Test Sites, 1 GHz to 18 GHz

C63.25.2 - Validation Methods for Radiated Emission Test Sites, 30 MHz to 1 GHz

C63.25.3 - Validation Methods for Radiated Emission Test Sites, 18-40 GHz

The content of C63.25.2 consists of the traditional normalized site attenuation methods used for years and the addition of two new methods, a site comparison method (SCM) and delta NSA (DNSA) method. For more information and details on the new methods see reference below or obtain a copy of C63.25.2.

---

Ref:

https://www.fcc.gov/ecfs/search/search-filings/filing/108210752429140

Citizens Broadband Radio Service Rules FCC Seeks Comment on Updates

On August 16, 2024, the FCC issued a Notice of Proposed Rule-making and Declaratory Ruling, allowing for a 30-day comment period following publication in the federal register.

This NPRM reflects the Commission's ongoing dedication to developing spectrum sharing models that create opportunities for expanded use of the airwaves, aligning with the recent comprehensive government approach to spectrum policy. 

The FCC is working in conjunction with federal partners to explore the next generation of spectrum sharing models and aims to uphold and improve the Citizens Broadband Radio Service, the only band where a sharing model allows licensed non-federal users and federal operators to coexist within the same geographic areas.

The topics covered in the notice include Federal Protection and Coordination, CBSD Information, Out of Band Emissions Limits, Base Station (CBSD) and End User Device (UE) Power, SAS Connectivity and/or Outages, Time Division Duplex (TDD) Synchronization (in-band and adjacent band), FSS Protection, Grandfathered Wireless Broadband Licensees, Certified Professional Installation, Private Networks and Low Power Indoor Facilities, and GAA User Coexistence.

-----

Ref:

NPRM GN DocketNo. 17-258

Statement of Commissioner Geoffrey Starks

Statement of Commissioner Anna Gomez