Export Compliance Daily is a Warren News publication.
9 Largest ISPs Affected

FCC Unanimously Adopts Border Gateway and USF Letter of Credit NPRMs

FCC commissioners unanimously approved an NPRM Thursday proposing specific reporting requirements on the nation's largest broadband providers regarding their border gateway protocol (BGP) security practices. "What was meant to be a short-term solution developed on the sidelines of an internet engineering conference is still with us today," Chairwoman Jessica Rosenworcel said during the commissioners' open meeting. "While BGP has allowed network operators to grow and evolve the modern internet, it was not designed with explicit security features to ensure trust in exchanged information," Rosenworcel said. Also adopted was an NPRM proposing an update of the commission's letter of credit (LOC) rules for its USF high-cost programs serving rural communities and an NPRM changing low-power TV station rules.

Sign up for a free preview to unlock the rest of this article

Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.

"These plans would describe and attest to their efforts to follow existing best practices with respect to route origin authorizations and route origin validation using the Resource Public Key Infrastructure (RPKI)," Rosenworcel said about the BGP item.

Bad actors "can exploit BGP vulnerabilities to redirect internet traffic," Public Safety and Homeland Security Bureau Chief Debra Jordan said (see 2405160076). BGP currently allows hackers to expose personal information, enable theft and extortion, and disrupt critical communications, Jordan added. The NPRM proposes requiring that ISPs report to the FCC about their progress on BGP security implementation. It will "ensure companies that provide broadband internet access service are taking necessary measures to secure the internet's routing systems against bad actors," Jordan said.

The item proposes imposing the requirements quarterly on AT&T, Altice, Charter Communications, Comcast, Cox, Lumen, T-Mobile, Telephone & Data Systems and Verizon. All other providers would also be required to have this information, although they would need to provide it only upon FCC request.

"Our actions are part of a multipronged approach throughout the government" to secure networks, Commissioner Geoffrey Starks said, noting BGP was "unfortunately not designed with security in mind." Starks sought changes to the draft, including adding questions about "how our efforts can promote accountability among stakeholders, support the development of open standard settings solutions, such as RPKI, understand how network architecture plays into BGP security and RPKI deployment, and ensure that our efforts promote risk-based routing security among ISPs."

A USTelecom spokesperson said the group is "working shoulder-to-shoulder with multiple government agencies on a risk-based, collaborative effort to advance routing security across the global digital ecosystem." USTelecom will "continue working with the FCC to ensure this rulemaking does not lead to rigid, top-down regulations that undermine that important partnership," the spokesperson said.

The LOC NPRM will seek comment on relaxing LOC value requirements for certain Rural Digital Opportunity Fund (RDOF) support recipients that "can show sufficient broadband deployment," Wireline Bureau Chief Trent Harkrader said. The item also proposes aligning LOC requirements for RDOF recipients and Connect America Fund Phase II recipients.

"Our goal is to make sure that we have right-sized these letters and our rules for the current environment so we can both protect our universal service programs and support broadband deployment for everyone, everywhere," Rosenworcel said. Commissioner Brendan Carr welcomed the item, calling the proposal a "balanced path forward."

Ahead of Thursday's meeting, the FCC unanimously approved an NPRM proposing numerous rule changes for low-power TV stations and deleted the item from the agenda. Though the NPRM's final text hasn’t been released, it's expected to closely resemble the draft, seeking comment on requiring LPTV stations that are top-four affiliates to have online public files. The NPRM also seeks comment on requiring all LPTV stations to maintain records for public inspection, clarifications to what is considered a minor change, and requirements for LPTV station call letters and programming, along with many other rule changes.

LPTV stations have become “an established component of the nation’s television system” delivering programming to millions of viewers, an FCC release on the NPRM said. “In light of changes to the LPTV Service over the last forty years and increased reliance on such stations by the public, the Commission proposes changes to its rules and policies to ensure that LPTV Service continues to flourish and serve the public interest,” it said.