FCC Adopts Order to Rip and Replace Huawei, ZTE Equipment Amid 5G Security Challenges

The Federal Communications Commission unanimously adopted an order to create a fund for reimbursing smaller telecommunications operators removing any equipment from untrusted Chinese providers—Huawei and ZTE— in their supply chains, assuming Congress appropriates the money. 

Commissioners used strong ideological rhetoric in voting to approve the order Thursday, while Democrat Jessica Rosenworcel warned the commission’s actions are being taken in the shadow of China’s role developing global standards for fifth-generation networking technology and urged a more comprehensive approach to securing U.S. telecommunications infrastructure.

“The previous administration's position was that, and I quote, ‘we welcome China's rise, and China's rise is potentially good for the world,’” FCC Chairman Ajit Pai said. “Consistent with this view, on the previous FCC's watch, Chinese manufactured equipment was incorporated into our communications network with nary an eyebrow raised by agency leadership.”

Pai, Republican Commissioner Brendan Carr and Democrat Commissioner Geoffrey Starks all invoked the Chinese Communist Party in approving the order, as well as another that moved to begin the process of revoking China Telecom Americas’ authority to provide international and domestic interstate telecommunications services within the United States. 

“America has turned the page on the weak and timid approach to Communist China of the past,” Carr said. “Any backsliding or softening of our approach would be a monumental mistake. So today we implement a process for removing insecure equipment that's already installed in networks throughout the country.”

Pai, Carr and Starks noted executive branch agencies' investigations into China Telecom, flagging cybersecurity concerns.

“Executive branch agencies maintain that China Telecom Americas has failed to comply not only with prior commitments made in order to retain access to the US market but also with federal and state cybersecurity and privacy laws,” Pai said. “The executive branch agencies further contend the China Telecom Americas operations, ‘provide opportunities for increased Chinese state-sponsored cyber activities, including economic espionage and the disruption and misrouting of U.S. communications traffic.’” 

But while votes on both orders were unanimous, Rosenworcel struck a cautionary note, saying such bans on Chinese equipment within the U.S. are important but not enough to secure 5G networks.

“We can't stop here, this is only the beginning, because we have so much more work to do to ensure that our communications future is secure,” Rosenworcel said. “Despite our efforts here, the Chinese government is still actively consolidating its global 5G authority. It is a central player in writing international standards and securing patents for emerging 5G technologies.”

The FCC’s Communications Security, Reliability, and Interoperability Council—predominantly comprised of industry representatives—has been examining the security implications of the standards development process at the Third Generation Partnership Project or 3GPP. 

On Wednesday, the group approved a report which found that the 3GPP’s decision to make security features attached to new 5G standards optional for certain equipment was justified as networks transitioned.

“Standards bodies at a global level need to accommodate conflicting national and regional needs,” said Kathy Whitbeck, director of the network management center at communications provider Nsight and chair of the working group that produced the report. “Some nations, some regions require the ability to individually determine whether they’ll support a security capability. 3GPP operates at a global level and we need to operate within that ecosystem so there may need to be the ability to turn [security features] off.”

Whitbeck added that there are also legal restrictions and export limitations on certain security-related technologies, such as encryption.

In a previous report, the working group recommended industry consider the development of a device security management system for 5G networks, and on Wednesday, added that carriers should implement higher-layer security protections as they transition to the new stand-alone 5G systems.

At the same time, Wednesday’s report recommended the FCC adopt no new regulations regarding carriers’ use of security features.