The FCC will tackle the growing problem of low-orbit space debris, legacy analog TV rules, inmate calling and rules for emergency alerts at the commissioners' Sept. 29 meeting, the agency said Thursday. Unlike for other meetings, Chairwoman Jessica Rosenworcel was traveling Wednesday and didn’t preview the drafts released.
The FCC will revisit wireless emergency alerts and the emergency alert system in an NPRM teed up for a vote by commissioners, Chairwoman Jessica Rosenworcel said Wednesday. “It is critical that these public safety systems are secure against cyber threats, which means that we must be proactive,” Rosenworcel said of EAS: “The draft proposals shared today will help ensure that our national alerting systems work as intended during emergencies and the public can trust the warnings they receive.” Among the issues teed up are the amount of time EAS participants “may operate before repairing defective EAS equipment,” the need for participants to report compromises of their equipment and the need for security requirements and annual certification of cybersecurity risk management plans. The NPRM also asks about requirements that carriers “take steps to ensure that only valid alerts are displayed on consumer devices.” The FCC said last week 42 state and local government agencies will conduct local WEA tests Monday and Tuesday (see 2208300046).
The FCC Public Safety Bureau granted 42 alert originator waivers Tuesday to do tests of the wireless emergency alert system. The tests will be Sept. 12 and 13, with alternate dates of Sept. 19 and 20. “Promoting the effectiveness of the nation’s emergency alerting systems is an important priority for the Commission and granting this waiver will enable” the bureau “in partnership with 42 alert originators, to gather critical data regarding WEA performance from geographically targeted areas across the United States.” This information collected “will help address a gap in alert originators’ understanding of WEA’s end-to-end performance,” the order said: The bureau “received reports that emergency management agencies are declining to use WEA in situations where it could save lives because they lack information about, and confidence in, how WEA works in practice.” The system wasn't used during the Marshall fire in Boulder “due to ‘concerns about its reliability and delivery,’” the bureau said. “The alert will sound and appear on compatible mobile devices using participating wireless networks in that area,” the FCC said in a news release: “The alert message will make clear that it is only a test and contain a link for the recipient to complete a survey about their receipt of the alert. Each agency will have a control group of volunteers in the targeted geographic area complete the survey, and members of the public may also do so. The tests are intended to assess the geographic accuracy of the alerts in addition to other performance factors, including reliability and speed.” The FCC also sent letters to AT&T, T-Mobile and Verizon with questions they're asked to answer as the FCC does a broader assessment of the tests. WEAs “are a life-saving tool, but emergency managers tell us that they need more information on the geographic accuracy of these alerts in order to use them with confidence,” said Chairwoman Jessica Rosenworcel.
Communications providers need to act to secure emergency alert system equipment against online attacks, warned the FCC Public Safety Bureau in a public notice Friday. The PN stems from an Aug. 1 Federal Emergency Management Agency advisory warning of a vulnerability in EAS encoders and decoders. If they aren't updated to the most recent software versions, the vulnerability "could allow an actor to issue EAS alerts over the host infrastructure (TV, radio, cable network).” The advisory warned the vulnerability may be presented as a proof of concept at the upcoming DEFCON 2022 conference in Las Vegas, Thursday to Aug. 14: “In short, the vulnerability is public knowledge and will be demonstrated to a large audience in the coming weeks.” The Public Safety Bureau warned broadcasters about the vulnerability in April and “again urges all EAS Participants, regardless of the make and model of their EAS equipment, to upgrade their equipment software and firmware to the most recent versions,” the PN said. Providers should keep their equipment updated and change default passwords, the PN said. FEMA “is working with the FCC to provide any assistance necessary, and share information with our broadcast partners to help correct this issue,” said a FEMA spokesperson. “This vulnerability does not directly impact any of FEMA’s systems.”
CTIA reported to the FCC that the number of handsets in use in the U.S. that can use the latest generation of wireless emergency alert technology (WEA 3.0) continues to grow. CTIA, citing IDC data, now estimates the WEA 3.0 penetration rate is about 60% of active smartphones, an increase from 34% last year, said a filing posted Friday in docket 15-91. “Given the reported handset lifetime of 35 months … we conclude that such handsets amount to a majority of active smartphones in use in 2022,” CTIA said: “CTIA and its member companies appreciate the Commission’s dedication to enhancing the WEA system and are very pleased with the progress that the wireless industry and FEMA have made on delivering new WEA features to consumers.”
The record is clear that performance measurements proposed in a Further NPRM on wireless emergency alerts are “incompatible with the existing WEA system and could raise privacy concerns,” CTIA said in reply comments. Comments were posted Wednesday in docket 15-91 on the April FNPRM (see 2204190053). In initial comments, APCO and the National Weather Service asked the agency to impose reporting requirements on carriers (see 2206220033).
The House voted Wednesday and Thursday to approve a slate of telecom and tech-focused amendments to the FY 2023 National Defense Authorization Act (HR-7900), including proposals to require more DOD transparency on its implementation of its 2020 spectrum sharing strategy and modifications to the Cybersecurity and Infrastructure Security Agency’s remit (see 2207070064). House lawmakers, meanwhile, refrained from filing any FCC-related amendments to the FY23 omnibus appropriations package that includes funding for that agency (HR-8294) but proposed several aimed at restraining the FTC. The chamber is likely to take up HR-8294 and floor votes on amendments next week.
The FCC shouldn’t modify or replace the emergency action notification (EAN) code used for alerting in nationwide emergencies, said NCTA in an ex parte call with the Public Safety Bureau Tuesday, according to a filing Thursday in docket 15-94. “The EAN code is substantially different” from other emergency alert system codes “in that it is hard-wired into downstream equipment” such as set-top boxes, NCTA said. “Thus, any changes to the EAN code would be difficult to implement.” Modifying the code was among several proposals the FCC floated last year for updating emergency alerting (see 2110200065). Cable set-top boxes have about a 10-year lifecycle, and many customers may have even older boxes, NCTA said. “Older set-top boxes are frequently phased out via attrition, rather than actively replaced.”
State Emergency Communications Committees (SECCs) that haven’t submitted their state emergency alert system (EAS) plans in the alert reporting system should do so “as soon as possible,” said the FCC Public Safety Bureau in a public notice Wednesday. The plans were due in the ARS Tuesday. “The Bureau stands ready to assist any SECCs that may need help either with the Commission’s rules governing State EAS Plans or with utilizing the ARS.” The FCC website Thursday afternoon listed only Illinois as having submitted an approved state EAS plan.
CTIA urged the FCC Public Safety Bureau to involve carriers in any localized wireless emergency alert tests. “The 2021 nationwide WEA test was successful in part due to coordination and the exchange of information among relevant stakeholders that took place prior to the event,” the group said in a filing posted Monday in docket 22-160. Involving participating carriers “would provide an important opportunity to assess the feasibility and effectiveness of various proposed approaches for evaluating WEA performance,” the group said: “CTIA also stressed that WEA testing should be tailored to avoid measurements when it is not feasible for a WEA-capable device to receive an alert, otherwise the testing may not provide an accurate assessment of system performance.”