President Signs Two Broadband Bills
On March 24, President Trump signed two bills designed to enhance the availability and security of 5G and other broadband services. The first bill, the “Broadband Deployment Accuracy and Technological Availability Act” or the “Broadband DATA Act” requires the FCC to develop rules for fixed, satellite and mobile broadband providers to create and update accurate maps of broadband coverage across the country, and to prohibit broadband providers “from selling, leasing, or otherwise disclosing for monetary consideration any personally identifiable information to any other entity other than for purposes authorized under this title.” Especially in these times when people are forced to work remotely, Congress has found that it is critical to enhance the amount of broadband coverage, noting that “98.3 percent of those living in urban areas have access to high-speed broadband, while that number is 73.2 percent for rural areas, and 67.6 percent for Tribal lands.” The first step in enhancing broadband coverages is to know where genuine true broadband exists, and where it doesn’t.
But be wary. As people crush the current broadband networks by telecommuting, they quickly learn the tyranny of the words “up to.” Your mobile, satellite or fixed broadband provider may market or advertise that the offer speeds of “up to” 2,000Mbps probably are providing speeds closer to 940Mbps at peak times. Not too bad. In fact, the most recent FCC report on fixed broadband (in 2017) “for most ISPs, the actual speeds experienced by subscribers either nearly met or exceeded advertised service tier speeds.” The same report noted that there were still issues with respect to latency and packet loss, especially since user habits have changed and people are not simply browsing the web but also using videoconferencing and streaming services, which put greater strain on the internet backbone and delivery systems. But with mobile broadband, a lot depends on the technology deployed, the location, the geography and the weather. You will find that “up to” and actual speeds will vary. You may find that out more now that you are working from home.
The second bill signed by Trump requires the FCC to “develop and submit to the appropriate committees of Congress a strategy to ensure the security of 5th and future generations wireless communications systems and infrastructure within the United States” and to work with allies “to maximize the security of 5th and future generations wireless communications systems and infrastructure inside their countries” and “to protect the competitiveness of United States companies, privacy of United States consumers, and integrity and impartiality of standards-setting bodies and processes related to 5th and future generations wireless communications systems and infrastructure.”
The legislation recognizes the importance of current and future 5G deployment and the risks associated with having insecure or potentially compromised 5G infrastructure (hint, hint, a particular large Chinese telecom and 5G provider) and requires the FCC to conduct risk assessments that will identify “potential security threats and vulnerabilities to the infrastructure, equipment, systems, software, and virtualized networks that support 5th and future generations wireless communications systems, infrastructure, and enabling technologies.” The assessments are required to “include a comprehensive evaluation of the full range of threats to, and unique security challenges posed by, 5th and future generations wireless communications systems and infrastructure, as well as steps that public and private sector entities can take to mitigate those threats.”
The bill could more accurately be called the “No Huawei, China Mobile or ZTE Act of 2020.” Clearly, both Congress and the administration are concerned that these two Chinese telecom giants have installed, both in the United States and internationally, infrastructure that supports current and future 5G connectivity. Apart from mere xenophobia, there are legitimate (and illegitimate) security, competitiveness, privacy and self-interest concerns about foreign (and state-supported) industries having such a deep and integrated foothold in such a critical infrastructure in the U.S. In light of reports that the NSA sponsored a Swiss company, Crypto AG, to propagate cryptological products around the world that were designed to allow secret access by the U.S. government, governments are decidedly wary about deploying technologies for critical infrastructures that they do not control.
As the Senate report on the legislation noted, Congress has already barred federal agencies from procuring communications services from providers that have purchased equipment from Huawei and ZTE, and also limited the ability of the federal government to provide grants, loans and loan guarantees to providers that intend to use that money to purchase equipment from those same providers. The president issued an executive order prohibiting the use of certain foreign broadband technology, while the FCC prohibited the use of the USF funds (taxes on broadband access) to buy broadband goods or services from any provider identified as posing a national security risk to communications networks or the communications supply chain.
The new legislation continues that trend, mandating a comprehensive risk analysis prior to the introduction of new 5G hardware, software or services. While this may simply be a cover for a “buy American” trend, the Crypto AG model shows that governments and countries are right to be wary about deploying technology that they cannot be 100% sure of its provenance. That’s great when the U.S., UK and others are refusing to buy Chinese 5G telecom. It’s not so great when, with the same general concerns, India refuses to buy Cisco routers or Australia refuses to buy Android phones.
Commerce relies on trust. If every country distrusts products, goods or services provided by another country, then it becomes impossible to have commerce. When you invade that trust for one national purpose, you run the risk that you destroy that trust for other purposes. In their efforts to hunt down Osama Bin Laden, U.S. government agencies used Afghan doctors to run a fake hepatitis vaccine clinic in Abbottabad in an attempt to get familial DNA. Awesome. But as a result, the doctor who did the hepatitis tests was arrested by the Pakistani government and the distrust engendered has led to people refusing the vaccine and to other physicians being assaulted and killed because they are suspected of working as shills for the CIA.
That’s the law of unintended consequences. When we try to corrupt technology for our own short-term goals, we run the risk of destroying faith in technology generally. When we put a “back door” into a crypto product or a 5G network (or are suspected of doing so), we may ensure that nobody buys any products from the U.S. or China in the future. So you have to ask yourself one question: Do you feel lucky? Well, do ya, punk?
