FCC to vote on reversing telecom security rulemakings next month

The Federal Communications Commission is expected to vote next month on reversing measures that sought to boost the security of wiretap request systems in response to major Chinese hacks into telecommunications companies discovered last year.

FCC Chairman Brendan Carr said Wednesday that the “eleventh hour” ruling “exceeded the agency’s authority and did not present an effective or agile response to the relevant cybersecurity threats.”

The measure was enacted at the tail end of the Biden administration under then-FCC Chairwoman Jessica Rosenworcel and immediately required telecommunications firms to secure their networks against unauthorized access to systems that house wiretap requests from law enforcement. A related notice of proposed rulemaking passed under Rosenworcel would require communications providers to submit annual attestations to the agency about their security posture.

The moves came in response to hacks carried out by Salt Typhoon, a Chinese cyberespionage group backed by the nation’s Ministry of State Security, which breached dozens of communications firms in the U.S. and around the world over the course of several years.

The campaign was only uncovered around a year ago. The FBI concluded in August that over 80 countries were targeted and said some 600 organizations were notified of potential compromise.

The agency’s Republican majority makes it likely that the vote to repeal the measures will pass.

The FCC oversees the Communications Assistance for Law Enforcement Act, or CALEA, which passed in 1994. It requires telecom operators to engineer their systems for “lawful intercept” orders that let the FBI obtain phone communications data or eavesdrop on conversations of suspected criminals and spies.

The systems that facilitate lawful intercept requests were hijacked and exploited by the Chinese hackers, allowing them to target the phone calls of people like President Donald Trump and Vice President JD Vance when they were campaigning for the White House. Communications tied to former Vice President Kamala Harris and her presidential campaign were also targeted.

Carr’s proposed order, made public Thursday, says the previous FCC “misinterpreted” its CALEA authority and ignored court precedent on the definition of “interception.” It adds that the measure’s “inflexible, across the board” mandates risk “leaving carriers with a burdensome and inchoate compliance standard” that does little to protect communications networks.

The FCC’s press office said it could not return comment requests due to the ongoing government shutdown.

CALEA is now a 30-year-old legal protocol that has become a mainstay in law enforcement’s domestic surveillance toolkit, but it hadn’t seen a major update since the FCC last reviewed it in 2005. 

Wiretaps have evolved from the act of physically tapping analog phone lines to remotely intercepting digital communications across multiple channels that collate calls, texts and internet traffic. Modern-day intercept systems now allow law enforcement to request targets’ phone data through secure log-in portals hosted by telecom firms’ legal demand centers. 

Once the request is greenlit by an overseer at a telecom company, the FBI can obtain phone metadata on targets, including call records that map the time, duration and participants of calls, as well as geolocation data, enabling U.S. law enforcement to trace communication patterns and movements of targets. 

A court warrant is required to carry out these wiretap requests. Specialized orders can also allow the FBI to listen to phone calls in real-time. 

But the backdoor nature of CALEA means that, if put in the wrong hands, those listening capabilities can be hijacked for intelligence-gathering and exploitation. The FCC for years has allowed carriers to develop their own wiretap solutions tailored to their networks, purchase solutions from equipment manufacturers and rely on a third party to determine whether they are CALEA-compliant. 

Telecom systems are high-value targets for nation-state hackers because compromising them can reveal insights into the private communications of government officials. 

Such breaches have not let up. Hackers accessed Ribbon Communications, a major backbone telecom operator, and remained in its systems for around a year, Reuters first reported Thursday.