AGENCY:
Federal Communications Commission.
ACTION:
Final rule.
SUMMARY:
In this document, the Federal Communications Commission (Commission) establishes rules to publish a list of covered communications equipment and services determined to be a risk to national security. Eligible telecommunications carriers (ETCs) that receive universal service funding to provide service in remote areas of the country must remove such equipment or services from their networks and properly dispose of it. This document also establishes the Secure and Trusted Communications Networks Reimbursement Program, which will provide funds to smaller providers of advanced communications services for the removal and replacement of covered communications equipment and services, conditioned on the appropriation of funds by Congress. Lastly, all providers of advanced communications services must report whether their networks include any covered communications equipment or services acquired after August 14, 2018.
DATES:
Effective March 15, 2021, except for amendatory instruction 3 adding §§ 1.50004(c), (d)(1), (g), (h)(2), (j) through (n); amendatory instruction 5 adding § 1.50007; and amendatory instruction 7 adding § 54.11. The Commission will publish a document in the Federal Register announcing the effective date of those amendments.
FOR FURTHER INFORMATION CONTACT:
For further information, please contact Brian Cruikshank, Competition Policy Division, Wireline Competition Bureau, at brian.cruikshank@fcc.gov.
SUPPLEMENTARY INFORMATION:
This is a summary of the Commission's Second Report and Order in WC Docket No. 18-89; FCC 20-176, adopted on December 10, 2020, and released on December 11, 2020. The full text of this document is available for public inspection on the Commission's website at https://www.fcc.gov/document/fcc-adopts-rules-secure-communications-networks-and-supply-chain-0.
I. Introduction
1. The Commission plays an important role in protecting America's communications networks and the Commission takes further steps toward securing its communications networks by implementing the Secure and Trusted Communications Networks Act of 2019 (Secure Networks Act). The Commission first adopts a rule that requires ETCs to remove and replace covered equipment from their networks. Second, the Commission establishes the Secure and Trusted Communications Networks Reimbursement Program to subsidize smaller carriers to remove and replace covered equipment, once Congress appropriates at least $1.6 billion that Commission staff estimate will be needed to reimburse providers eligible under current law. Third, the Commission establishes the procedures and criteria for publishing a list of covered communications equipment or services that pose an unacceptable risk to the national security of the United States or the security and safety of United States persons and prohibit Universal Service Fund (USF) support from being used for such covered equipment or services. Last, the Commission adopts a reporting requirement to ensure it is informed about the ongoing presence of covered equipment in communications networks.
II. Report and Order
2. In the 2019 Supply Chain Further Notice, 85 FR 277, January 3, 2020, the Commission sought comment on the establishment of a reimbursement program to “offset reasonable costs” for ETCs to remove and replace covered communications equipment and services from their networks. The Wireline Competition Bureau (WCB) separately sought comment on section 4 of the Secure Networks Act, which created the Secure and Trusted Communications Networks Reimbursement Program. In the 2020 Supply Chain Second Further Notice, 85 FR 48134, August 10, 2020, the Commission sought comment on how to implement the various provisions of the Secure Networks Act into the Commission's ongoing Supply Chain proceeding. Based on the Commission's review of the record created in response, it adopts several rules to protect the security of its communications networks and implement the Secure Networks Act.
3. In the 2019 Supply Chain Further Notice, the Commission proposed to require ETCs receiving USF support to remove and replace covered equipment and services from their network operations, contingent on the availability of a funded reimbursement program. The Commission based the scope of the proposed requirement on its view that sections 201(b) and 254 of the Communications Act provides the Commission the legal authority to condition receipt of USF support to advance universal service principles grounded in the provision of “[q]uality services . . . at just, reasonable, and affordable rates,” while furthering the public interest and the promotion of nationwide access to advanced telecommunications and information services, and sought comment on that rationale. Following the passage of the Secure Networks Act, which, among other provisions, established a reimbursement program for the removal, replacement, and disposal of covered equipment and services, the Commission modified its proposal and sought further comment on implementation of the Secure Networks Act and, specifically, whether it provided the Commission independent authority to require ETCs or other providers to remove and replace equipment on the Covered List.
4. Consistent with the Commission's proposal in the 2019 Supply Chain Further Notice and the directives of the Secure Networks Act, it requires recipients of reimbursement funds under the Reimbursement Program and ETCs receiving USF support to remove and replace from their network and operations environments equipment and services included on the covered list required by section 2 of the Secure Networks Act (Covered List). The Commission conditions this obligation to remove and replace covered equipment and services upon a congressional appropriation to fund the Reimbursement Program. The Commission also adopts deadlines consistent with those for reimbursement funding recipients. This requirement, and the steps the Commission takes towards its implementation, will further its goal of protecting its communications networks and supply chains from communications equipment and services that pose a national security threat while facilitating the transition to safer and more secure alternatives.
5. The obligation to remove and replace covered equipment and services on the Covered List applies to recipients of reimbursement funds from the Reimbursement Program and ETCs receiving universal service support. The Commission's authority to require these entities to remove and replace covered equipment and services arises from both the Secure Networks Act and sections 201(b) and 254(b) of the Communications Act. By limiting the requirement to these recipients, the Commission protects the nation's networks from a substantial amount of equipment and services that pose a threat to the security of its communications networks while minimizing the financial and logistical challenges of removal and replacement on providers.
6. The Secure Networks Act requires any recipient of Reimbursement Program funding to remove all existing covered equipment or services in their networks as a condition of receiving reimbursement funds. The Secure Networks Act prohibits recipients of reimbursement funds from purchasing, renting, leasing, or otherwise obtaining covered equipment or services with reimbursement funds or any other funding, including private funds. Recipients must also certify that they will permanently remove, replace, and dispose of all covered equipment or services that are in the recipient's network as of the date of submission of the application for reimbursement. Also, recipients must certify that they have fully complied, or are in the process of complying, with all terms and conditions of the Reimbursement Program, all commitments made in the application, and the timeline submitted with the application. These provisions indicate congressional intent that recipients of Reimbursement Program funds are to be included within the scope of the Commission's remove-and-replace rule and must remove covered equipment. Additionally, commenters support a broad application of the Commission's remove-and-replace requirement to entities that meet the definitions contained in the Secure Networks Act. Because section 4 of the Secure Networks Act requires the removal and replacement of covered equipment and services from recipients' networks, the Commission finds sufficient support both in the language of the statute and the record to include recipients of reimbursement funding from the Reimbursement Program in the Commission's remove-and-replace requirement. No commenters in the record oppose this conclusion. While Huawei Technologies Company (Huawei) argues that the Secure Networks Act does not grant the Commission authority to mandate removal and replacement as proposed in the 2019 Supply Chain Further Notice, it does not dispute that recipients of funding through the Reimbursement Program, who volunteer to participate in the Program, are required to remove covered equipment and services as a condition of receiving funding.
7. To ensure that USF funds are not supporting covered equipment and services, and that the Commission's rule effectively and broadly removes covered equipment and services from recipients' networks to the extent permissible under its legal authority, the Commission obligates ETCs receiving USF support to remove covered equipment and services throughout their entire network, not just in jurisdictions where they operate as an ETC, and irrespective of whether they receive reimbursement under the Reimbursement Program. This broad approach to removal greatly mitigates the identified risks to national security underlying both the Commission's rules and recognized by Congress. However, the scope of the rule does not extend to affiliates and subsidiaries of ETCs. The Commission's decision to require ETCs that receive USF support to remove covered equipment and services is also consistent with the scope of removal under the Reimbursement Program recipient obligations in the Secure Networks Act, which similarly requires recipients to permanently remove covered communications equipment or services contained on the Covered List from their networks. By aligning the scope of the Commission's removal requirement with the obligations under section 4 of the Secure Networks Act, its rules will best effectuate the congressional intent to “mitigat[e] threats posed by vulnerable communications equipment and services” throughout U.S. networks.
8. The Commission conditions the implementation of its remove-and-replace rule on the appropriation of funding by Congress for the Reimbursement Program, to ensure sufficient funding is available to pay for the removal and replacement of covered equipment. Several commenters support this proposal and encourage the Commission to wait until Congress has appropriated funding, and others express concern that any obligation to remove and replace covered equipment and services without reimbursement amounts to an unfunded mandate.
9. Pursuant to the Secure Networks Act, only providers with two million or fewer broadband customers are eligible for the Reimbursement Program, but the Commission finds no reason to accordingly limit the applicability of its remove-and-replace rule to only those ETCs which are eligible for the Reimbursement Program. Although the data shows the vast majority of ETCs will be eligible to receive funding under the Reimbursement Program, in line with the intended scope of eligible entities as set forth by Congress under the Secure Networks Act, some large ETCs receiving USF support may not be eligible for reimbursement under the Reimbursement Program due to the size of their broadband customer base. ETCs are providers of “advanced communications services” and, as such, are subject to the provisions of the Secure Networks Act, including prohibitions on Federal subsidy spending in section 3 and reimbursement in section 4 of the Secure Networks Act, where eligible. Regardless, the House Report suggests that Congress intended to focus on providing reimbursement for small providers, noting that larger communications companies “generally have avoided installing and using Huawei and other suspect foreign equipment in their networks,” while smaller providers with limited resources may have purchased such equipment because it was less expensive or they were unaware of the security risks, or both. Based on the data submitted pursuant to the Information Collection and subscription data from FCC Form 477, only two ETCs using suspect foreign equipment appear to fall outside the scope of reimbursement eligibility due to the number of broadband customers. Larger ETCs are also more likely to have resources to pay for removal, replacement, and disposal of covered communications equipment and services themselves, and not need taxpayer money to accomplish the objectives of the Commission's remove-and-replace requirement. The Commission clarifies that ETCs receiving USF support that do not receive funding through the Reimbursement Program are required to remove covered communications equipment and services from their networks, but whether they replace such equipment and services with alternatives from the Replacement List is within their discretion. Furthermore, nothing in the Secure Networks Act prevents the Commission from requiring removal from entities beyond those who receive reimbursement funding. Because of the serious risks that untrusted participants in the Commission's supply chain pose to the Commission's communications networks, the benefits to our national security of removing covered equipment and services from the Commission's communications networks far outweigh the burdens that compliance with the requirement may impose on a small number of large ETCs.
10. The Commission further clarifies that, consistent with the requirements for participation in the Reimbursement Program under the Secure Networks Act, it requires all ETCs receiving USF support to dispose of the removed covered equipment and services rather than resell, donate, or trade them. Similar to other applications of the rule, such as the certification requirement, this requirement synchronizes the disposal requirements for ETC recipients of USF support with those applicable to other reimbursement recipients and minimizes any burdens that may result from the administration of disparate regimes. Furthermore, allowing ETCs that receive USF support to resell covered equipment and services removed from their networks undermines the effectiveness of the rule and fails to effectively eliminate those products that pose national security risks from the Commission's communications networks and supply chain.
11. The application of the Commission's remove-and-replace requirement to both ETCs receiving USF support and recipients of reimbursement under the Reimbursement Program appropriately considers the benefits to our national security of a broader approach against the burdens to remove and replace covered communications equipment and services from networks. The Commission recognizes that the presence of products in communications networks that pose risks to our national security is not limited to ETCs and believe that the application of its remove-and-replace requirement to recipients of reimbursement funding in addition to ETCs receiving USF support encompasses a wide range of entities whose networks may contain covered equipment or services. Furthermore, while some commenters support an expansive application of the remove-and-replace rule to require all entities to replace covered equipment or services, rather than just the recipients described in this document, the Commission finds that the slightly more limited scope of its rule not only covers entities with flawed equipment and services, it also best captures the broadest application while staying within the bounds of the Commission's legal authority. Some commenters representing non-ETC USF recipients such as schools, libraries, and rural healthcare providers favor expanding the remove-and-replace requirement to non-ETC USF recipients because of the cyberthreats such recipients face when compromised equipment and services remain in their networks. While the Commission recognizes that the continued existence of such untrusted products in its communications networks and supply chains does introduce risks, it must, as USTelecom posits, consider the “large administrative burdens” that inclusion of non-ETC USF recipients would impose against the proportionate impact on national security. The Commission finds that limiting the requirement to recipients of the Reimbursement Program and ETC recipients of USF support, rather than all USF recipients, reduces the administrative burdens of removing and replacing covered equipment and services on non-ETC USF recipients while reducing national security threats to its communications supply chain. Eligible non-ETC USF recipients may voluntarily participate in the Reimbursement Program, which would subject them to the remove-and-replace requirement but also allow them to receive reimbursement for removal, replacement, and disposal of covered equipment and services; otherwise, non-ETC USF recipients are under no obligation to remove or replace covered equipment or services from their networks. The Commission draws this important distinction to avoid imposing an unfunded mandate on non-ETC USF recipients were the Commission to require the removal and replacement of covered equipment when such recipients are not eligible to participate in the Reimbursement Program. Nevertheless, because the record indicates very little covered equipment outside the USF programs requiring an ETC designation, the Commission will closely monitor future developments, including through the information collection adopted pursuant to section 5 of the Secure Networks Act, to determine whether addressing non-ETC USF recipients is necessary and appropriate. This information collection applies to all providers of advanced communications service, unlike the Commission's previous information collection adopted in the 2019 Supply Chain Information Collection Order, 85 FR 230, January 3, 2020, which applied only to ETCs, thus providing a more expanded and comprehensive awareness of covered communications equipment and services in networks.
12. Legal Authority. A variety of separate and independent statutory provisions provide the Commission with the appropriate authority and ability to impose a remove-and-replace requirement. Section 4 of the Secure Networks Act expressly requires recipients of Reimbursement Program funding to “permanently remove[ ]” and replace “all covered communications equipment or services” in their networks as a condition of receiving reimbursement funds. The Secure Networks Act requires applicants to certify that they will permanently remove, replace, and dispose of covered equipment or services in the recipient's network as of the date of submission of the application for reimbursement and further requires recipients to submit a final certification to the Commission that they have permanently removed, replaced, and disposed of, or are in the process of doing so, all covered communications equipment or services from their networks. Relatedly, the Secure Networks Act prohibits recipients of reimbursement funds from purchasing, renting, leasing, or otherwise obtaining covered equipment or services with reimbursement funds or any other funding, including private funds, indicating congressional intent to have covered equipment and services eliminated from recipients' networks as a condition of receiving funding.
13. The requirement adopted is similarly consistent with the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (2019 NDAA), which directs the Commission to “prioritize funding and technical support to assist affected . . . entities to transition from covered communications equipment [as defined by the statute], and to ensure that communications service to users and customers is sustained.” While one commenter indicated that the Commission could rely on the 2019 NDAA to obligate removal and replacement of covered equipment and services, it finds that the provisions of the Secure Networks Act, discussed in this document, builds upon the goals of the 2019 NDAA and provides the Commission with express authority to require removal and replacement. As the Commission finds they have sufficient authority under sections 201(b) and 254 of the Communications Act and various provisions of the Secure Networks Act, it needs not consider whether the Communications Assistance and Law Enforcement Act or sections 316 or 214 of the Communications Act provide a legal basis for regulation.
14. In addition, the Communications Act provides legal authority for the application of the Commission's rule to ETCs that receive USF support. As the U.S. Court of Appeals for the Tenth Circuit has held, section 254(e) is reasonably interpreted as allowing the Commission “to specify what a USF recipient may or must do with the funds,” consistent with the policy principles outlined in section 254(b). Section 254(b) requires the Commission to base its universal service policies on the principles of providing “[q]uality services . . . at just, reasonable, and affordable rates,” as well as promoting “[a]ccess to advanced telecommunications and information services . . . in all regions of the Nation.” Section 201(b) authorizes the Commission to “prescribe such rules as may be necessary in the public interest to carry out the provisions of the [Communications] Act.” By requiring ETCs that receive USF support to remove covered equipment and services, the Commission further advances the provision of quality services nationwide, and ensure the safety, reliability, and security of the nation's communications networks, which is necessary in the public interest in fulfillment of the purpose of the Communications Act.
15. The record also supports the Commission's determination that the Communications Act provides the Commission broad legal authority to require removal of covered equipment and services by ETCs that receive USF support. Telecommunications Industry Association states that the Commission is “properly acting within its assigned responsibilities by promulgating rules that place conditions and restrictions on use of USF support.” WTA and NCTA both note that the Commission has clear and well-established authority to impose public interest conditions on the use of USF. Furthermore, the provisions of the Communications Act tied to the Commission's administration of universal service programs provide well-established authority for imposing remove-and-replace requirements on ETCs receiving universal service funds.
16. The Commission rejects arguments that it lacks the authority to mandate removal and replacement of covered equipment and services. Huawei asserts that neither the Secure Networks Act nor any other statute provides the requisite authority to impose a remove-and-replace requirement. According to Huawei, nothing in the Secure Networks Act requires removal and replacement, nor does the Reimbursement Program, which is voluntary, mandate removal. The Commission disagrees. The Secure Networks Act conditions receipt of reimbursement funds on removal and disposal of all covered equipment from the recipient's network; put differently, section 4 obligates recipients of reimbursement funds to certify to the removal of all covered equipment and services from their network, then provides a means by which to replace such equipment and services through reimbursement. While providers' participation in the Reimbursement Program is not mandatory, the Secure Networks Act requires the Commission to mandate removal of covered equipment and services by any provider who does choose to participate.
17. The Commission also rejects International Technology and Trade Associates, Inc. (ITTA) and Huawei's arguments that the Communications Act does not provide the Commission legal authority to adopt its remove-and-replace rule. ITTA argues that the proposed requirement is beyond the Commission's authority under section 254 of the Communications Act. Huawei argues that the section 254(b) principles upon which the Commission must “base policies for the preservation and advancement of universal service” do not include the promotion of national security or equipment regulation applied to a subset of USF recipients. Conditioning the receipt of USF support on removal of covered equipment and services, however, ensures against the substantial security risks associated with such equipment and services and thereby promotes access to “quality” advanced telecommunications and information services. Moreover, while Huawei contends that section 201(b) alone does not empower the Commission to enact rules in the absence of other authority under the Communications Act, it finds that the combination of these Communications Act provisions grants the Commission the authority to adopt a remove-and-replace requirement for ETCs receiving USF support.
18. The Commission limits the scope of the remove-and-replace requirement to equipment and services on the Covered List. This approach aligns with the scope of equipment and services that Congress intended to restrict under the statute, as both the section 3 prohibition and the section 4 reimbursement eligibility apply to equipment and services added to the Covered List. The Commission's rules on publication of the Covered List also incorporate notice for updates to the covered equipment or services listed, and entities will therefore have notice with regard to the scope of equipment or services they are subsequently required to remove and replace. The Commission finds that using the Covered List better aligns compliance with removal and replacement obligations to the administration of the Reimbursement Program and creates a bright-line determination for ETCs receiving USF support and reimbursement recipients to easily identify equipment and services to remove and replace from their networks. Furthermore, the Commission ties administration of the remove-and-replace requirement to the administration of the Reimbursement Program; therefore, it finds it will not be overly burdensome for entities, including smaller carriers, to identify, remove, replace, and discard covered equipment and services from their networks.
19. Consistent with the provisions of the 2019 NDAA and Secure Networks Act, this rule represents a reasoned modification of the Commission's proposal in the 2019 Supply Chain Further Notice. There, the Commission proposed to require the removal of all equipment and services from covered companies. To synchronize the requirement the Commission adopts with the scope of covered equipment and services under the Secure Networks Act, however, the Commission slightly modifies its rule from its original proposal. The Commission concludes upon review of the record in this proceeding and after considering the Secure Networks Act that its proposal risks being too broad and excessively burdensome. The Commission's slightly modified and more narrowly tailored rule instead supports a risk-based assessment of problematic equipment and services within a network, consistent with the approach taken in section 889 of the 2019 NDAA and ultimately incorporated into section 2 of the Secure Networks Act, rather than the proposed blanket prohibition to all equipment and services produced by a manufacturer. The Covered List is limited to such equipment and services that the federal government, including the U.S. intelligence community, has identified as national security threats and that are placed at the most vulnerable spots in the Commission's communications infrastructure. Equipment and services on the Covered List are also limited to certain operational functions such as routing or redirecting user data traffic, causing an advanced communications service provider's network to be remotely disrupted, or otherwise posing an unacceptable risk to United States national security. Secure Networks Act sections 2(b)(2)(A)-(C). As such, concerns raised in the record regarding inclusion of Lifeline end-user equipment are moot because they are outside the scope of the Secure Networks Act. Therefore, the Commission believes limiting the remove-and-replace requirement to equipment and services on the Covered List advances its goals of protecting its communications networks and supply chains from those products that pose a risk to our national security while minimizing the financial, administrative, and logistical efforts entities may face in compliance. The Commission clarifies that, while there is nothing in § 54.9 of the Commission's rules that restricts the use of private funds to purchase, obtain, maintain, improve, modify, or otherwise support any equipment or services produced or provided by any company posing a national security threat to the integrity of communications networks or the communications supply chain, nor is there anything in § 54.10 of the Commission's rules that restricts the use of private funds to purchase, rent, lease, or otherwise obtain any covered communications equipment or service, or maintain any covered communications equipment or service previously purchased, rented, leased, or otherwise obtained, as identified and published on the Covered List, compliance with the remove-and-replace mandate requires ETCs receiving USF support and recipients of Reimbursement Program funding to remove all covered equipment and services from their network operations and to certify compliance. To the extent there are equipment or services not on the Covered List but fall within the scope of § 54.9, entities may continue to use private funds to purchase, obtain, maintain, improve, modify, or otherwise support such equipment or services.
20. USTelecom posits that the Commission's proposal to implement section 3 of the Secure Networks Act “stands to create a significant gap in the scope of equipment that could be subject to replacement funding” vis-à-vis the scope of covered equipment under the two prohibitions. According to USTelecom, the Commission should either reconsider the scope of § 54.9 of the Commission's rules to match the definition of “covered communications equipment or service” required by the Secure Networks Act, or it should clarify that equipment subject to § 54.9 is also eligible for funded removal and reimbursement under the Reimbursement Program; otherwise, USTelecom argues, failure to do either creates a de facto unfunded mandate.
21. The Commission disagrees with USTelecom that the interplay of § 54.9 and Reimbursement Program eligibility amounts to an unfunded mandate. First, section 3 of the Secure Networks Act does not, in itself, require the removal and replacement of covered equipment or services; it merely prohibits prospective use of certain Federal subsidies to purchase, rent, lease, or otherwise obtain any covered communications equipment or service, or maintain any covered communications equipment or service previously purchased, rented, leased, or otherwise obtained on the Covered List. Second, the requirement to remove and replace, like the prohibition under § 54.10 and the equipment and services eligible for reimbursement under the Reimbursement Program, only applies to the products and services contained on the Covered List. To the extent there is equipment or service that is prohibited under § 54.9 but is not on the Covered List, it is not subject to the remove-and-replace requirement, and thus that rule does not constitute an unfunded mandate. The Commission does, however, acknowledge that the creation of two prohibitions will establish different parameters for designation of covered equipment or services.
22. The Commission disagrees with arguments raised by commenters that mandating removal and replacement is impermissibly retroactive or amounts to a regulatory taking. The Commission addresses these two concerns raised in the record in turn.
23. Pursuant to the Administrative Procedure Act (APA), in the absence of express statutory authority to promulgate retroactive rules, the Commission may only adopt legislative rules that apply prospectively. The Commission notes that the Secure Networks Act requires it to publish a list of any covered communications equipment or service produced by an entity that poses an unacceptable risk to national security or the security and safety of United States persons and to establish a reimbursement program for removal of such equipment purchased, rented, leased, or otherwise obtained before August 14, 2018. The Secure Networks Act requires the Commission to publish the list of covered communications equipment or services to its website and to complete a rulemaking to implement the reimbursement program by March 12, 2021. To the extent the rules adopted in this document serve to implement the rulemaking requirement of the Secure Networks Act, this APA limitation is inapplicable. A rule may be found to be impermissible as primarily retroactive “if it impairs rights a party possessed when he acted, increases a party's liability for past conduct, or imposes new duties with respect to transactions already completed.” Additionally, a rule may be impermissible for secondary retroactivity, in which rules affect the future legal consequence of past or ongoing actions. Where a rule has secondary retroactive effect, it is permissible unless such effect is unreasonable. And the Takings Clause of the Fifth Amendment prohibits the government from taking “private property . . . for public use, without just compensation.” Notably, and relevant to any takings arguments, Commission and judicial precedent have established that carriers have no vested property interest in USF support.
24. Retroactivity Claims. Huawei argues that the Commission's proposal to mandate replacement of covered equipment and services would impose primary retroactivity and therefore be invalid under the APA and, further, would impose secondary retroactivity by adversely and unreasonably altering future legal consequences of past actions. According to Huawei, requiring removal of equipment and services installed before the adoption of § 54.9 of the Commission's rules would “constitute a sanction on Huawei's past conduct” and restrict its ability to supply equipment and services to telecommunications carriers. LATAM argues that a remove-and-replace requirement raises concerns about the retroactive impact of regulatory actions on private investment. PRTC states that the requirement raises the same prospective application concerns that the Commission found would not be impacted in the 2019 Supply Chain Order, 85 FR 230, January 3, 2020, when adopting § 54.9 of the Commission's rules, thus contradicting the Commission's arguments in that Order that the rule would only be applied prospectively and not require carriers to remove or stop using existing equipment or services.
25. The Commission disagrees with commenters that the remove-and-replace requirement constitutes impermissible primary retroactivity. Huawei claims that the rule attaches a “new disability” or “new burdens” to past conduct. In support of its argument, Huawei cites National Mining Association, where the D.C. Circuit found that a Department of Interior rule was invalid because it imposed a “new disability,” namely permit ineligibility, based upon “pre-rule violations by mine operators over whom permit operators acquired control before the rule's effective date.” It also cites Rock of Ages Corp., where the Second Circuit found a new regulation from the Department of Labor to be impermissibly retroactive because it required on-going inspections at blasting sites beginning a year before the effective date of the regulation that imposed the inspection requirement, thus impermissibly imposing new duties on already completed transactions. Huawei also cites AMC Entertainment, Inc., where the Ninth Circuit invalidated an agency's interpretation of a rule which would have required retrofitting movie theaters before the agency announced its interpretation. The Commission finds that Huawei's interpretation of these cases is incorrect as applied to the requirement at hand. The standard for primary retroactivity assesses whether a rule has changed the past legal consequences of past actions. Unlike the factual circumstances in the cases cited by Huawei, the remove-and-replace requirement does not attach a “new disability” before the rule goes into effect. Carriers will not be penalized for having covered equipment or services in their networks before the removal and replacement rule is effective, nor do they have to take action prior to the rule taking effect; therefore, the rule has no primary retroactive effect. Thus, while it “changes the legal landscape,” it has not “rendered past actions illegal or otherwise sanctionable,” even as to the carriers themselves—much less those from whom the carriers purchase equipment not governed by such rules, such as Huawei. As to Huawei, the new rules have no application at all. They apply only to carriers, requiring them to replace Huawei equipment only if and after reimbursement to the carriers for doing so becomes available. While collateral effects on its contracts with such carriers would not be cognizable as primary retroactivity under NCTA, in any event Huawei makes no claim that the Commission's action could result in any carrier claims against Huawei, much less any damages in support of any such claims notwithstanding the reimbursement program.
26. While the effect of the removal and replacement rule may alter the future legal consequence to certain carriers of having certain equipment or services in a network by making what was once permissible equipment and services to operate now impermissible to retain going forward, “[i]t is often the case that a business will undertake a certain course of conduct based on the current law, and will then find its expectations frustrated when the law changes.” Such action “has never been thought to constitute retroactive lawmaking, and indeed most economic regulation would be unworkable if all laws disrupting prior expectations were deemed suspect.”
27. The Commission similarly finds Huawei's arguments regarding secondary retroactivity unpersuasive. Huawei argues that to compel equipment replacement would impose unreasonable secondary retroactivity on carriers and suppliers “because such a requirement would adversely and unreasonably alter the future legal consequences of past actions” and render covered equipment “essentially useless.” However, “secondary activity—which occurs if an agency's rule affects a regulated entity's investment made in reliance on the regulatory status quo before the rule's promulgation—will be upheld if it is reasonable.” First, the Commission disagrees with Huawei that this rule constitutes secondary retroactivity. The remove-and-replace requirement imposes a future obligation, albeit on existing property, by mandating removal, as well as replacement, of covered equipment and services; replacement can only occur once removal—a future action—occurs. As such, this requirement imposes a legal consequence on an action to occur at a future date, i.e., should a reimbursement recipient or an ETC receiving USF support retain covered equipment or services in its networks past the certification requirement deadline for the rule. And the Commission, in creating the Reimbursement Program, has sought to mitigate any harm that the future effect of the rule may incur.
28. Second, even assuming arguendo that the removal-and-replacement requirement amounts to secondary retroactivity, it is reasonable and therefore permissible. The threat that the presence of covered equipment and services in the Commission's communications networks poses to our national security necessitates the prompt removal and replacement of such equipment, thereby supporting that this requirement is not arbitrary and capricious. Courts have held that the Commission “is entitled to reconsider and revise its views as to the public interest and the means needed to protect that interest, though it must give a sufficient explanation of that change.” The rule the Commission adopts facilitates the transition away from such identified equipment and services that threaten our nation's security to ensure entities are able to offer secure, reliable, and quality service over their networks. To that end, the Commission's rule is no different than other regulatory requirements which require regulated entities to upgrade their networks for the improved provision of services. For example, the Commission may require a common carrier subject to section 214 of the Communications Act to “provide itself with adequate facilities for the expeditious and efficient performance of its service” which, for some carriers, could require an upgrade of their equipment. Similarly, the remove-and-replace rule requires recipients of reimbursement funding and ETCs receiving USF support—which are, in fact, common carriers—to effectively upgrade their networks by removing compromised products and services and thus improve the provision of quality services at just, reasonable, and affordable rates, in accordance with section 254 of the Communications Act.
29. Third, providers may choose alternatives to removal and replacement of covered equipment and services to avoid compliance or avoid any perceived impact on private investment. Participation in the Reimbursement Program is voluntary; providers are under no obligation to accept reimbursement funding and the conditions associated with such support. Designation as an ETC, and the opportunity therefore to participate in USF programs, or acceptance of USF funds through those programs, is likewise voluntary, and providers that are currently designated as ETCs or that accept universal service funding may decline to participate in USF programs. To allow providers so inclined a reasonable opportunity to relinquish their ETC status or secure alternative funding to USF support, ETCs choosing this option must do so within one year after WCB issues a Public Notice announcing the acceptance of applications filed during the initial filing window to participate in the Reimbursement Program. A state commission, or the Commission in the case of a common carrier providing telephone exchange service and exchange access that is not subject to the jurisdiction of a state commission, shall permit an ETC to relinquish its designation as such in any area served by more than one ETC. This time period is consistent with the amount of time that carriers participating in the Reimbursement Program and for ETCs receiving USF support that retain their designation or continue to accept universal service funding have to comply with the remove-and-replace requirement. Finally, the Commission reiterates that the applicability of this rule is within the bounds of its legal authority and, as such, only extends to recipients of reimbursement funds and ETCs receiving USF support; beyond this, the rule imposes no restriction on Huawei's ability to supply equipment and services to telecommunications carriers and other providers who are not subject to this requirement. ETCs that choose to forego their ETC designation or disclaim USF support may avoid any impact that this rule may have on future legal consequences of past actions. While the rule no doubt may frustrate a business that undertook a course of conduct based on current law, only to have its expectations frustrated, when the law changes, “this has never been thought to constitute retroactive lawmaking.”
30. Furthermore, the Commission disagrees with PRTC's assertion that the rule it adopts raises the same concerns regarding prospective application that the Commission addressed when adopting § 54.9 in the 2019 Supply Chain Order. In that Order, the Commissions found that because the rule restricting use of USF support was prospective in effect, it therefore did “not prohibit the use of existing services or equipment already deployed or in use.” That finding is not contradicted here. The prohibition contained in § 54.9 of the Commission's rules prospectively limits the use of future USF support, whereas the requirement to remove and replace obligates recipients of reimbursement funding and ETCs receiving USF support to take action to remove covered equipment and services from their networks. Not only do the regulations impose different obligations, but, as stated in this document, the future receipt of USF support is not mandatory. Therefore, under both rules, affected entities may decline to accept USF support and avoid compliance with either rule.
31. Unconstitutional Taking. LATAM argues that the Commission's remove-and-replace requirement raises regulatory takings concerns. PRTC contends that this requirement raises the same regulatory takings arguments that the Commission addressed in the 2019 Supply Chain Order. Huawei also argues that mandating removal and replacement would violate the Takings Clause and due process “because carriers have vested property interests in already-purchased equipment, and mandating its removal would deny all economically beneficial or productive use or all economically viable use of the equipment.”
32. The Commission finds the arguments from LATAM, PRTC, and Huawei unpersuasive. As explained in the 2019 Supply Chain Order, universal service support recipients do not have a property interest in maintaining particular levels of support notwithstanding changes in the program rules. Nor is the Commission persuaded that the effects on carriers' existing equipment represents a regulatory taking under the Penn Central framework. In assessing whether such a taking has occurred, courts consider: (1) The economic impact of the regulation on the regulated party; (2) the extent to which the regulation interferes with the regulated party's reasonable investment-backed expectations; and (3) the “character” of the government action. First, the economic impact on carriers is minimal, especially for reimbursement recipients who are eligible to receive reimbursement for reasonable costs incurred to remove, replace, and dispose of covered equipment through the Reimbursement Program. For those ETCs receiving USF support that do not receive reimbursement funding, the impact to replace covered equipment and services should not be severe because larger entities, who would otherwise be ineligible for reimbursement, are less likely to have covered equipment or services in their networks and otherwise have more opportunity to bear the cost of any such replacement due to their size. Second, the rule should not upend reasonable investment-backed expectations, as providers have been aware of the designation of certain products and manufacturers as covered equipment or services since the passage of the 2019 NDAA in 2018. And over the last decade, Congress and the Executive Branch have repeatedly stressed the importance of identifying and eliminating potential security vulnerabilities in communications networks and their supply chains. Third and finally, the requirement does not amount to a physical invasion of the property, especially when there is recourse for entities to relinquish their ETC designation or forego receiving future USF support in order to avoid any consequence of the rule upon physical property.
33. As an alternative basis for the Commission's conclusion, it is not persuaded that the regulatory takings precedent represents the appropriate manner of analyzing its action here. In particular, the restriction applies only as a condition on a provider's continued participation in the federal universal service program, including receipt of compensation from the federal universal service support mechanisms. However, recipients of Reimbursement Program funding are prohibited from using funding, including private funds to purchase, rent, lease, or otherwise obtain any covered communications equipment or service. Even assuming arguendo that the restriction resulted in some effect on providers' property interest in their existing equipment, there is a sufficient nexus and proportionality between the restriction and the providers' participation in the USF programs. The restriction on use of universal service support for equipment and services that pose an ongoing security risk has a clear nexus to the Commission's legitimate concerns, as explained in the 2019 Supply Chain Order. By targeting the providers' actions only insofar as they would be using federal universal service support in a manner that perpetuates a security risk, the restriction is appropriately proportional to address that harm.
34. Separately, the Commission observes that these arguments only focus on the removal of the equipment and disregard the support provided for the replacement of the equipment and the availability of “just compensation” through reimbursement appropriations. Eligibility for providers of advanced communications service to participate in the Reimbursement Program is expansive, and the vast majority of affected entities required to remove and replace covered equipment and services under the Commission's rule by virtue of their continued receipt of universal service support will be eligible to receive reimbursement. Where recipients of reimbursement funding do have a property interest in the covered equipment the Commission requires them to remove, the Reimbursement Program offers just compensation.
35. In the 2019 Supply Chain Further Notice, the Commission proposed making the remove-and-replace requirement contingent on the creation of a reimbursement program that would help “mitigate the impact on affected entities, and in particular small, rural entities.” Commenters supported this approach. Accordingly, the Commission will proceed as proposed and make compliance with the removal obligation that will coincide with the implementation of the Reimbursement Program, which the Commission separately establishes in the following. Specifically, the Commission will require ETC recipients of USF support to certify that they have complied with its new rule requiring the removal of equipment and services on the Covered List. The first certification will be required one year after WCB issues a Public Notice announcing the acceptance of applications filed during the initial filing window to participate in the Reimbursement Program. Once the one-year period has expired, ETCs receiving USF support will then need to certify going forward that they are not using equipment or services identified on the Covered List before receiving USF support each funding year. Participants in the Reimbursement Program will not need to certify compliance with the remove-and-replace rule until after the expiration of their removal, replacement, and disposal term.
36. The Commission finds that adopting a uniform certification requirement and transition period will promote equitable compliance deadlines for all entities subject to the remove-and-replace requirement, regardless of their participation in the Reimbursement Program. Additionally, as the threat to our national security is immediate, it better advances the Commission's goals to require entities to remove and replace covered equipment and services consistent with the transition periods for reimbursement in the Reimbursement Program, rather than permitting them to wait until such products are at end-of-life or replaced in the ordinary course of business.
37. The Secure Networks Act's requirements apply to “communications equipment or service” and to providers of “advanced communications service.” Although the Secure Networks Act defines “communications equipment or service” as “any equipment or service that is essential to the provision of advanced communications service,” it does not define which factors make equipment or service “essential.” Similarly, the Secure Networks Act defines “advanced communications service” as the “advanced telecommunications capability” described in section 706 of the Telecommunications Act of 1996, which encompasses “high-speed, switched, broadband telecommunications capability that enables users to originate and receive high-quality voice, data, graphics, and video telecommunications using any technology,” but does not define how the Commission should determine what constitutes “high-speed, switched, broadband telecommunications capability.” In the 2020 Supply Chain Second Further Notice, the Commission sought comment on how to interpret these two terms employed throughout the Secure Networks Act.
38. Interpretations of “communications equipment or service”. Consistent with the Commission's proposal in the 2020 Supply Chain Second Further Notice, it interprets “communications equipment and service” as defined in section 9(4) to include all equipment or services used in fixed and mobile broadband networks, provided they include or use electronic components. Included in the definition of “communications services” is software and firmware used in broadband networks. This interpretation is consistent with Commission precedent regarding software's potential security risk. Also included in this definition is any optical switching equipment or services that include or use electronic components. The Commission believes that all equipment or services that include or use electronic components can be reasonably considered essential to broadband networks, and it further believes that the Commission's definition will provide a bright-line rule that will ease regulatory compliance and administrability. The Commission's proposed definition received support from several commenters in the record, who agreed that it provides regulatory certainty and as one commenter explained, “would make it universally clear for compliance purposes.” RWA also supports the definition because it “provides the FCC with the flexibility it needs as technology evolves so that regulations do not lag behind technological developments.”
39. The Commission rejects arguments that it should interpret “communications equipment or service” more broadly or narrowly. Although the Commission agrees with CCA that it “needs not adopt a cramped interpretation in order to implement the [Reimbursement] Program,” the definition is appropriately tailored because it provides clear and simple guidance to regulated parties while still covering any equipment and service that could potentially pose a threat to national security. The Commission's decision to include in the definition of communications equipment or services any equipment or service that includes or uses electronic components does not alter or modify the statutory language, but instead interprets it in a way so as to “most accurately reflect[ ] the broad participant pool Congress intended for the program.”
40. Alternatively, CTIA's argument that the Commission's definition is “unduly broad” conflates its interpretation of “communications equipment or service” with the separate inquiry in section 2(b)(2) of the Secure Networks Act. Section 2(b)(2) provides that, relying solely on determinations made by a list of enumerated sources, the Commission shall publish on the Covered List communications equipment or service that meet specific criteria. CTIA would read out the difference between “communications equipment or service” in section 9(4) of the Secure Networks Act and section 2(b)(2), which limits the Covered List, to communications equipment and services that possess certain capabilities. CTIA proposes to “narrow the scope of the `communications equipment or service' ” because “not all equipment subcomponents are essential,” and asks the Commission to “develop a risk-based analysis relevant to the core layer, distribution layer, and access layer.” The Commission disagrees because the Secure Networks Act already provides a definition for the subset of communications equipment and services that have been subjected to the section 2(b)(2) review. Section 9(5) defines “covered communications equipment or service” as “any communications equipment or service that is on the [Covered List] . . . ,” and, thus, subject to the section 2(b)(2) criteria. These factors, which determine which pieces of equipment or service should be considered “covered communications equipment and services,” and thus must be published on the Covered List, do not apply to the definition of “communications equipment and services.”
41. Definition of “advanced communications service.” Consistent with the Commission's proposal in the 2020 Supply Chain Second Further Notice, it interprets “advanced communications service” for the purposes of the Secure Networks Act to include services with any connection of at least 200 kbps in either direction. No commenter opposed this definition. This interpretation had unanimous support in the record and is consistent with the Commission's historic interpretation of section 706 of the Telecommunications Act. The Commission acknowledges that it has encouraged providers of advanced communications service to offer broadband service at greater speeds and adjusted over time its definition of advanced telecommunications capability in its annual Broadband Deployment Reports. However, the Commission's interpretation in this proceeding covers a broader array of equipment and services, consistent with congressional intent to identify and remove insecure equipment and, therefore, it believes establishing a standard that captures this broader number of providers is appropriate. Using the standard will maximize program participation to include providers with older, legacy technology.
42. The Commission agrees with Dell that its interpretation “would ensure that insecure equipment is not left in our nation's interconnected broadband networks.” The 200 kbps threshold is a familiar benchmark to current providers of advanced communications services, as it matches the definition of “broadband services” the Commission uses to determine which facilities-based broadband providers must file the Commission's FCC Form 477 and which helps determine the availability of advanced communications services throughout the country. The Commission does not modify the definition of “advanced communications service” for any other purposes other than interpreting the Secure Networks Act. Using this standard will also allow the Commission to leverage available information on FCC Form 477 filers to verify applicant eligibility.
43. Section 2(a) of the Secure Networks Act directs the Commission to publish, no later than March 12, 2021, a list of covered communications equipment and services (Covered List). The Covered List, which will be publicly available, will serve as a reference for interested parties to indicate the communications equipment and services that certain providers must remove from their networks, as well as the equipment and services to which the section 3(a) prohibition applies, the communications equipment and services eligible for reimbursement pursuant to section 4, and the equipment and services that form the basis for the reporting requirements in section 5.
44. Consistent with the clear direction in the Secure Networks Act and the Commission's proposal in the 2020 Supply Chain Second Further Notice, the Commission will publish on its website the Covered List of communications equipment or services determined to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons. Section 2(c) of the Secure Networks Act states that the “Commission shall place” on the Covered List “any communications equipment or service that poses an unacceptable risk to the national security of the United States or the security and safety of United States persons based solely on one or more of the following determinations,” and then lists four sources for such determinations:
- “A specific determination made by any executive branch interagency body with appropriate national security expertise, including the Federal Acquisition Security Council”;
- “A specific determination made by the Department of Commerce pursuant to Executive Order No. 13873 . . . relating to securing the information and communications technology and services supply chain”;
- “The communications equipment or service being covered telecommunications equipment or services, as defined in section 889(f)(3)” of the 2019 NDAA; or
- “A specific determination made by an appropriate national security agency.” The Act defines “appropriate national security agency” to include the Department of Homeland Security, the Department of Defense, the Office of the Director of National Intelligence, the National Security Agency, and the Federal Bureau of Investigation.
45. Requirement to accept determinations. Consistent with the 2020 Supply Chain Second Further Notice, the Commission interprets Congress's use of the words “shall place” to mean it has no discretion to disregard determinations from these enumerated sources. Huawei agrees, and stated in its comments that “the Secure Networks Act's use of the term `shall' provides the Commission no discretion” when evaluating determinations for inclusion on the Covered List. The record supports the Commission's interpretation. For example, USTelecom contends that “once one of the federal agencies, either enumerated or implied, make a granular determination about `covered equipment', the Commission is bound to accept it.” Similarly, NCTA explains that “[the] Secure Networks Act did not grant the Commission plenary authority to regulate the communications network supply chain based upon its own assessment of national security risks posed by covered equipment and services.” Thus, where there is a determination from one of these sources, the Commission must take action to publish or update the Covered List to incorporate communications equipment or services covered by that determination. While it is difficult for the Commission to calculate the national security benefits derived from removing covered communications equipment and services, the Secure Networks Act requires the Commission to rely on the judgment and expertise of those enumerated sources tasked with making this assessment.
46. No deviation from enumerated sources. Consistent with the Commission's proposal in the 2020 Supply Chain Second Further Notice and the record, it interprets Congress' use of the word “solely” in section 2(c) to mean the Commission can accept determinations only from these four categories of sources. “In taking action under subsection (b)(1), the Commission shall place on the list any communications equipment or service that poses an unacceptable risk to the national security of the United States or the security and safety of United States persons based solely on one or more of the following determinations . . . .” This interpretation is shared by multiple commenters, including USTelecom, NCTA, NTCA, CTIA, and Huawei.
47. Determinations from any executive branch interagency body with appropriate national security expertise. The Secure Networks Act directs the Commission to rely on “a specific determination made by any executive branch interagency body with appropriate national security expertise, including the Federal Acquisition Security Council” to accept determinations. The Commission includes in this definition two cross-government groups: Team Telecom and the Committee on Foreign Investment in the United States (CFIUS), as these executive branch interagency bodies routinely provide expert advice to the Commission on national security-related questions. The members of Team Telecom are the Secretary of Defense, the Attorney General, the Secretary of Homeland Security, and the head of any other executive department or agency, or any Assistant to the President, as the President determines appropriate. The Executive Order establishing Team Telecom explained that Team Telecom was created to “assist the FCC in its public interest review of national security and law enforcement concerns that may be raised by foreign participation in the United States telecommunications services sector.” The Executive Order creating CFIUS authorized it to conduct inquiries “with respect to the potential national security risk posed by a transaction.”
48. The Commission has no discretion to ignore determinations from CFIUS and Team Telecom because they are plainly “executive branch interagency bodies with appropriate national security expertise.” For example, Team Telecom and the economic agencies (Department of Commerce, U.S. Trade Representative, and Department of State), recently recommended in 2018 that the Commission deny China Mobile USA's section 214 application, finding that allowing China Mobile USA to “offer telecommunications services as a common carrier between the United States and international countries . . . would pose substantial and unacceptable national security and law enforcement risks” because China Mobile USA is “subject to exploitation, influence, and control by the Chinese Government.” The Commission assessed this recommendation as part of its public interest analysis of the pending application and concluded that “significant national security and law enforcement harms would arise from granting China Mobile USA an international section 214 authorization” and decided determined that a “grant of the application would result in substantial and serious national security and law enforcement risks.” And the Commission recently adopted rules streamlining the process by which it “coordinates with [Team Telecom] for assessment of any national security, law enforcement, foreign policy, or trade policy issues regarding certain applications filed with the Commission.”
49. The Commission therefore disagrees with CTIA and NTCA that findings from Team Telecom or CFIUS “are not structured to make determinations of general supply chain risk,” because regardless of their structure, the Commission must incorporate any determinations they make into the Covered List. Huawei argues that relying on Team Telecom and CFIUS is unnecessary “given the involvement of the agencies that comprise CFIUS and Team Telecom in other relevant bodies identified in the Secure Networks Act.” But that argument fails to recognize that section 2(c)(1) of the Secure Networks Act specifically includes executive branch interagency bodies with appropriate national security expertise. The Commission also disagrees with CTIA's claim that determinations made by the [Federal Acquisition Security Council] should not “result in automatic listing of items on the Covered List” because the “FASC does not operate in a public fashion.” The Secure Networks Act specifically lists the Council as an executive branch interagency body with national security expertise, and the Commission has no authority to disregard Congress's clear direction. Moreover, any additions the Commission makes to the Covered List will be made public.
50. Determinations from the Department of Commerce. The Secure Networks Act directs the Commission to rely on determinations made by the Department of Commerce. Executive Order No. 13873 grants the Secretary of Commerce the authority to prohibit any transaction of any information and communications technology or service where the Secretary, in consultation with other relevant agency heads, determines that the transaction: (i) Involves property in which foreign country or national has an interest; (ii) includes information and communications technology or services designed, developed, manufactured, or supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary; and (iii) poses certain undue risks to the critical infrastructure or the digital economy in the United States or certain unacceptable risks to U.S. national security or U.S. persons. In November 2019, the Department of Commerce commenced a rulemaking to implement Executive Order No. 13873. The proposed rule would authorize the Secretary to make a preliminary determination to prohibit or mitigate certain transactions, subject to a notice period before the Secretary issues a final determination.
51. Pursuant to this statutory requirement, the Commission will incorporate any final determinations from the Department of Commerce and add them to the Covered List once they are published in the Federal Register. Although CTIA contends that “Commerce's implementation of the 2019 Supply Chain E.O. is replete with concerns about breadth and unpredictability,” the Secure Networks Act does not permit the Commission the discretion to alter or ignore Department of Commerce determinations. Furthermore, administrative and judicial remedies are available should there be any disagreement with the Department of Commerce's implementation of its authority under the Secure Networks Act to make determinations, and those have no bearing here. The Commission will, therefore, comply with its statutory obligation to incorporate determinations from the Department of Commerce's proceeding into the Covered List.
52. Determinations from the 2019 NDAA. The third enumerated source for determinations is found in section 889(f)(3) of the 2019 NDAA. Each subpart of section 889(f)(3) contains determinations. Section 889(f)(3) of the 2019 NDAA defines “covered telecommunications equipment or services” to include “(A) telecommunications equipment produced or provided by Huawei or ZTE Corporation (ZTE); (B) for the purpose of public safety, security of government facilities, physical security surveillance of critical infrastructure, and other national security purposes, video surveillance and telecommunications equipment produced by Hytera Communications Corporation (Hytera), Hangzhou Hikvision Digital Technology Company (Hikvision), or Dahua Technology Company (Dahua); [and] (C) telecommunications or video surveillance services provided by such entities or using such equipment.” Additionally, section 889(f)(3)(D) provides that covered telecommunications equipment or services includes “[t]elecommunications or video surveillance equipment or services produced or provided by an entity that the Department of Defense, in consultation with the Director of National Intelligence or the Director of the Federal Bureau of Investigation, reasonably believes to be an entity owned or controlled by, or otherwise connected to, the governments of [the People's Republic of China].”
53. As the Commission explained in the 2020 Supply Chain Second Further Notice, the 2019 NDAA establishes four sources of determinations. The first is telecommunications equipment produced or provided by Huawei or ZTE capable of the functions outlined in sections 2(b)(2)(A)-(C) of the Secure Networks Act. The Commission “shall place” on the Covered List “any communications equipment or service” “if, based exclusively on the determinations” under section 2(c), such equipment or service poses an unacceptable risk to the national security of the United States and the security and safety of United States persons” and is “capable” of “(A) routing or redirecting user data traffic or permitting visibility into any user data or packets that such equipment or service transmits or otherwise handles; (B) causing the network of a provider of advanced communications service to be disrupted remotely; or (C) otherwise posing an unacceptable risk to the national security of the United States or the security and safety of United States persons.” The Commission disagrees with NCTA and Huawei, which argue that the Commission must limit the scope of its designation because section 889(a)(2)(b) of the 2019 NDAA limits the restriction on the procurement of “covered telecommunications equipment or services” to equipment and services that can “route or redirect user data traffic or permit visibility into any user data or packets that such equipment transmits or otherwise handles.” This restriction to only certain types of equipment and services, however, applies only to section 889(a)(1) and does not extend to the definition section in section 889(f)(3). Nor does the restriction in section 889(b)(3)(B), which limits the scope of the prohibition on federal agency spending to equipment capable of routing or permitting network visibility, support NCTA or Huawei's argument. That restriction specifically applies only to subsection (b), not section 889(f). Congress explicitly limited the scope of its procurement restrictions to Huawei and ZTE equipment in subsections (a) and (b) of the 2019 NDAA to equipment capable of routing or permitting network visibility, but did not include such a limitation in paragraph 889(f)(3), which governs the determination the Commission must incorporate onto the Covered List. To limit the NDAA determination to equipment capable of routing or permitting network visibility would both ignore the plain text of the NDAA and read section 2(b)(2)(C) out of the Secure Networks Act, which lists the capabilities of communications equipment or service that warrant inclusion on the Covered List. The Commission will thus place on the Covered List the determination found in section 889(f)(3)(A), that is, “telecommunications equipment produced or provided by Huawei or ZTE” capable of the functions outlined in sections 2(b)(2)(A), (B), or (C) of the Secure Networks Act.
54. The second determination the Commission will incorporate from the 2019 NDAA is video surveillance and telecommunications equipment produced by Hytera, Hikvision, and Dahua capable of the functions outlined in section 2(b)(2)(A)-(C) of the Secure Networks Act. Consistent with the Commission's proposal from the 2020 Supply Chain Second Further Notice, it will incorporate onto the Covered List such equipment from Hytera, Hikvision, and Dahua, “to the extent it is used for public safety or security,” capable of the functions outlined in sections 2(b)(2)(A), (B), or (C) of the Secure Networks Act.
55. The third determination the Commission incorporates from the 2019 NDAA is “[o]ther telecommunications or video surveillance services produced or provided by Huawei, ZTE, Hytera, Hikvision, and Dahua or using such equipment” that are capable of the functions outlined in section 2(b)(2)(A)-(C) of the Secure Networks Act. Finally, the Commission will also include on the Covered List “telecommunications or video surveillance equipment” that the Department of Defense “reasonably believes to be an entity owned or controlled by, or otherwise connected to, the government of” China, but it is unaware of any such determination by the Department of Defense at this time.
56. Determinations from appropriate national security agencies. Consistent with the Commission's proposal in the 2020 Supply Chain Second Further Notice, because it is required to incorporate a specific determination made by an appropriate national security agency, the Commission will include in the definition of “an appropriate national security agency” any sub-agencies of the enumerated agencies provided in section 9(2) of the Secure Networks Act. The only party that commented on this subject, USTelecom, agrees that “sub-agencies of enumerated `appropriate national security agenc[ies]' should qualify [to make determinations under section 2(c)].”
57. Form of determinations. The Secure Networks Act grants the Commission no discretion to disregard determinations from any of these four enumerated sources. Although the Commission recognizes that each source may follow a different procedure to arrive at the conclusion that equipment or services, or classes of equipment or services, pose an unacceptable security risk, it nevertheless must incorporate their decisions into the Covered List. Accordingly, the Commission rejects CTIA's argument that the transparency of the originating source should control what kind of deference it gives to a national security determination, and Huawei's argument that an determination should only be incorporated if it identifies “particular pieces or categories of equipment.” Congress granted the Commission no authority to dictate to other agencies how to arrive at their determinations, and granted it no discretion to disregard or modify these determinations.
58. Consistent with the Commission's proposal from the 2020 Supply Chain Second Further Notice and the text of the Secure Networks Act, it will publish, update, or modify the Covered List without providing notice or opportunity to comment. Section 2(a) of the Secure Networks Act states the Commission “shall publish on its website [the Covered List]” and section 2(d) states the Commission “shall periodically update the [Covered List.]”. As the Commission stated in the 2020 Supply Chain Second Further Notice, it reads this language “to be mandatory—precluding us from altering the list beyond the specific updates (all tied to changes in section 2(c) determinations) required by its terms.” Because the Commission is statutorily obligated to update the Covered List in light of new or modified determinations, it needs not provide notice before updating the Covered List to reflect new or modified determinations. Accordingly, when one of the enumerated sources makes a new or modified determination, the Commission will update the Covered List without first providing notice or seeking comment on these changes. To provide clear guidance for affected providers, however, the Public Safety and Homeland Security Bureau (PSHSB) will issue a Public Notice each time the Covered List is updated. The Secure Networks Act's section 3(a)(1) prohibition and section 5 reporting requirement will then apply to the communications equipment and services added to the Covered List 60 days after publication of the updated Covered List.
59. Because this notice process is based on the clear language of the Secure Networks Act, the Commission disagrees with commenters who argue this process to update the Covered List fails to provide proper notice for affected parties. Section 2(a) of the Secure Networks Act tasks the agency with publishing the Covered List no later than March 13, 2021. In taking action to publish this list, Congress clearly directs the agency to rely “solely” on the determinations from external sources. The Act then requires the Commission to enforce the provisions of the Act, including section 3(a)'s prohibition that applies to items on the Covered List 60 days after their inclusion. The text of the Secure Networks Act indicates Congress intended for an expedited regulatory process by establishing procedures “so clearly different from those required by the APA that is must have intended to displace them.”
60. The Commission also disagrees with commenters who advocate for a notice period in addition to the one already provided by the Secure Networks Act to “ensure that the Commission has an accurate factual basis upon which to make the technical determination required by the Act.” For example, Huawei argues the notice period is crucial to “ensure that appropriate due process protections are provided and that companies have the opportunity to respond to allegations and provide information relevant to the analyses required by the Secure Networks Act before the Commission places any equipment or services on the Covered List.” Huawei contends that notice and comment “from relevant stakeholders regarding the technical capabilities of equipment is a critical step for the Commission to conduct the analyses section 2(b)(2)(A) and (B) require.” But under the Secure Networks Act, the Commission merely accepts the determination from the enumerated source and then add to the Covered List all communications equipment or service from that determination that is capable of the functions outlined in section 2(b)(2)(A)-(C). The Commission does not conduct its own analysis of the national security threat the equipment or services identified by these enumerated sources pose to the communications supply chain; the Secure Network Act requires the Commission to be deferential to the source agency providing the determination. In addition, there is no need to solicit public comment when the Commission performs no technical analysis prior to including equipment or services on the Covered List.
61. To the extent necessary, the Commission also finds good cause to deviate from the standard rulemaking or formal adjudication process when publishing or updating the Covered List in response to determinations. As the Commission tentatively found in the 2020 Supply Chain Second Further Notice, “the Commission's placement of the equipment or service on the Covered List . . . is a non-discretionary, ministerial act.” Because the Secure Networks Act provides the Commission no discretion when incorporating determinations onto the Covered List, its action is not subject to the notice and comment provisions of the APA. While the Commission expects that the source of the determination will either provide some opportunity for notice and comment prior to making the determination or have a justifiable reason, such as valid national security concerns, for deviating from this process, regardless of the process provided by the source of the determination, the Commission has no discretion to deviate from its role to publish and update the Covered List. When an enumerated source makes a determination that communications equipment or services pose an unacceptable risk to the national security of the United States or the security and safety of United States persons, the Commission will include it on the Covered List without seeking comment.
62. When the Commission publishes or updates the Covered List, it will do so in response to a new or modified determination from an agency specifically enumerated by the Secure Networks Act. The Commission itself changes or creates no new rule when doing so. Whether the determination originated from a process where the opportunity for notice and comment was present is irrelevant to the ministerial function the Commission performs by updating the Covered List. The Commission accordingly rejects NTCA's suggestion that it should use its designation process under § 54.9 of the Commission's rules in the Secure Networks Act designation process, as that view is untethered from the statutory requirements. The Commission therefore rejects arguments to the contrary, as inconsistent with and undermining the statutory process.
63. Moreover, inclusion on the Covered List does not mean providers are immediately prohibited from using the communications equipment—the Act's prohibition applies 60 days after the equipment or services are included on the Covered List. Similarly, such communications equipment or service must be reported pursuant to the reporting requirement in section 5 of the Secure Networks Act 60 days after the communications equipment or service has been placed on the Covered List. When updated, the PSHSB will issue a public notice indicating that the Covered List has been updated. Providers, manufacturers, and other interested parties will then have 60 days' notice before the prohibition and reporting requirement take effect and may in that time period seek whatever relief they believe is appropriate.
64. The Commission also disagrees with commenters who believe it should implement a notice period to allow time for industry to provide feedback to the Commission regarding potential effects of adding communications equipment and services to the Covered List. For example, NCTA believes the Commission should implement a “notice and interim transition period prior to placement of new equipment or services on the list.” Under this program, the Commission would allow industry to “apprise the Commission of any potential impacts of its proposed updates or seek clarification regarding models of equipment or components that would be covered by the update.” Dell argues that the Commission should seek “confidential industry advice from trusted domestic technology companies . . .” in order to “establish the level of specificity that is required to determine the threat posed by equipment or service[s].” Because the prohibition on the use of federal subsidies will not take effect until 60 days after the equipment or service's inclusion on the Covered List, the Act already provides a time period for industry to review and take appropriate action. Moreover, any interim period proposal ignores the plain language of the Secure Networks Act. If a designated government agency determines that communications equipment or services pose a threat to national security of the safety and security of United States persons, the Commission has no discretion and must add this equipment or service to the Covered List. The Commission rejects Huawei's arguments to the contrary, as they assume a degree of discretion it simply lacks under the statute.
65. Section 2(b) of the Secure Networks Act states that the Commission “shall place” on the Covered List “any communications equipment or service” that (1) “is produced or provided by any entity” “if, based exclusively on the determinations” from section 2(c), “such equipment or service poses an unacceptable risk to the national security of the United States and the security and safety of United States persons” and (2) is “capable” of “(A) routing or redirecting user data traffic or permitting visibility into any user data or packets that such equipment or service transmits or otherwise handles; (B) causing the network or a provider of advanced communications service to be disrupted remotely; or (C) otherwise posing an unacceptable risk to the national security of the United States or the security and safety of United States persons.” The Commission anticipates that some determinations will list specific communications equipment or services that “pose[ ] an unacceptable risk to the national security of the United States and the security and safety of United States persons” and others will list general categories or classes of equipment that pose such a risk. In the case of the former, the Commission will incorporate these national security determinations onto the Covered List automatically. With the latter, the Commission will incorporate these determinations onto the Covered List to the extent the class or category of equipment or service identified is “capable” of the 2(b)(2)(A)-(C) criteria.
66. Specific determinations based on the section 2(b)(2)(C) criteria. If a determination indicates that a specific piece of equipment or service poses an unacceptable risk to the national security of the United States and the security and safety of United States persons, the Commission will automatically include this determination on the Covered List. The Commission takes this approach because of the plain language in section 2(b)(2)(C) which lists, among other equipment or service capabilities mandating inclusion on the Covered List, whether the equipment or service poses an unacceptable risk to the national security of the United States or the security and safety of United States persons. If an enumerated source has already performed this analysis as part of its determination, the only action the Commission needs to take is to incorporate this determination onto the Covered List. The Commission notes that USTelecom agrees with this simple process because, when a national security determination makes a “granular determination about `covered equipment' the Commission is bound to accept it.” The Commission's role is limited to serving as “the custodian of such determinations.”
67. The Commission rejects Huawei's arguments that section 2(b)(2)(C) should be interpreted more narrowly. Huawei argues the canon of surplusage dictates that, should the Commission automatically include equipment or services that have been explicitly deemed a national security threat by an enumerated source, it would read out of the statute the technical analysis found in sections 2(c)(2)(A) and (B). But it is Huawei's reading that gives no meaning to section 2(b)(2)(C), which requires inclusion on the list of any communications equipment or services subject to a national security determination if it “otherwise posing an unacceptable risk to the national security of the United States or the security and safety of United States persons.” Huawei then claims a different canon, ejusdem generis, requires the Commission to use section 2(b)(2)(C) only to modify equipment subject to sections 2(b)(2)(A) and (B), but that would again would essentially read section 2(b)(2)(C) out of the statute. These arguments center around Huawei's contention that, by incorporating onto the Covered List specific determinations of particular pieces of equipment or services, the Commission is disregarding sections 2(b)(2)(A) and (B) because it would neglect to conduct a required analysis of the capabilities of equipment and service it includes on the Covered List. Those sections play an important role in determining which specific pieces of equipment or services belong on the Covered List when the Commission receives a more general determination. But when a determination covers a specific piece of equipment or service and the agency has indicated that such equipment or service poses a national security risk, the Commission is obligated to include it on the Covered List, particularly because one of the three capabilities that warrant inclusion on the list is whether the equipment or service is capable of “otherwise posing an unacceptable risk to the national security of the United States or the security and safety of United States persons.” The Commission therefore rejects Huawei's argument that it claims the Secure Networks Act gives the Commission a “broad, roving license” to make national security decisions. Section 2(b)(2)(C) provides that ability to other agencies or Congress. The Commission's actions in this scenario are non-discretionary and ministerial. If the determination is specified to a particular piece of communications equipment or service, the Commission has no discretion to exclude that determination from the Covered List.
68. Determinations identifying broader classes or categories of equipment or services. In the 2020 Supply Chain Second Further Notice, the Commission sought comment on how best to incorporate determinations that are made at “different levels of granularity.” Because the Commission will rely on determinations from other government agencies and sources, not every determination will be conveyed with the same level of specificity. When the Commission identifies a broader determination from a section 2(c) source that a class or category of communications equipment or service poses an unacceptable national security risk, the Commission will publish it on the Covered List to the extent the equipment or service identified is capable of the section 2(b)(2)(A)-(C) criteria. The Commission believes this procedure is best viewed through the lens of the determination the Commission received from section 889(f)(3)(A) of the 2019 NDAA. Congress provided the Commission with the determination that all “telecommunications equipment produced or provided by Huawei or ZTE C (or any subsidiary or affiliate of such entities)” poses a threat. This broader determination refers a class of equipment or service—telecommunications equipment produced or provided by Huawei or ZTE—but did not specify which specific pieces of communications equipment or services to add to the Covered List. In this case, and likewise when the Commission receives similarly broad determinations in the future, it will include on the Covered List “telecommunications equipment produced by Huawei or ZTE that is capable of (A) routing or redirecting user data traffic or permitting visibility into any user data or packets that such equipment or service transmits or otherwise handles, (B) causing the networks of a provider of advanced communications service to be disrupted remotely, or (C) otherwise posing an unacceptable risk to the national security of the United States or the security and safety of United States persons.”
69. This method for incorporating broader classes of equipment and services into the Covered List relies on the expertise and determinations of enumerated sources, and is supported by CTIA and USTelecom, which argue for a “whole-of-government approach, led by DHS and supported by Commerce.” By adopting this approach and continuing to be deferential to the enumerated sources making the determination, the Commission will “continue to work closely with Executive Branch entities with expertise and responsibilities concerning telecommunications security, including supply chain security.”
70. The Commission disagrees with commenters who argue that more general determinations should not trigger inclusion on the Covered List. Huawei commented that “the specified agencies must identify particular pieces or categories of equipment that, in their view, `pose[ ] an unacceptable risk.” Huawei believes that because the Secure Networks Act does not define “specific,” the Commission must use the ordinary meaning of the word, which is understood as “constituting or falling into a specifiable category, restricted to a particular individual, situation, relation, or effect; free from ambiguity.” Thus, Huawei asserts that the references to “specific determinations” in section 2(c) mean that only determinations as to individual types of equipment or services trigger the Commission's obligations to include such equipment or services on the Covered List. Huawei argues that “[g]eneral guidance or mere expressions of concern regarding particular manufacturers or types of equipment does not constitute a `specific determination' upon which the Commission can rely.” The Commission disagrees. The Commission interprets the Secure Networks Act to require “specific determinations” to have a level of specificity sufficient to allow the Commission to incorporate the determination onto the Covered List. Should the Commission identify a determination, for example, that failed to indicate the source or type of communications equipment or service that the originating source found potentially insecure, it would be unable to incorporate this generic determination onto the Covered List. If, however, the originating source identifies a class or category of communications equipment or service, even at a broad level, such a determination provides the Commission enough information to include it on the Covered List. Furthermore, with more general determinations, the Commission does not place on the Covered List, for example, “all Huawei equipment or services.” Instead, the Commission limits inclusion on the Covered List to a specifiable category of Huawei equipment or services capable of the functions outlined in 2(b)(2)(A)-(B) or that otherwise poses an unacceptable risk to the national security of the United States or the security and safety of United States persons. When the Commission identifies a determination, the Covered List will include the determination, subject to the 2(b)(2)(A)-(C) criteria.
71. The Secure Networks Act does not require the Commission to conduct a technical analysis of the communications equipment or service prior to including it on the Covered List. Section 2(b) merely states that, upon receipt of a determination from an enumerated source, the Commission “shall place” on the Covered List only the communications equipment and service from that determination that is capable of the functions outlined in section 2(b)(2)(A)-(C). That is precisely what the Commission will do. Accordingly, the Commission rejects the arguments of commenters that contend it should conduct various technical analyses. The Covered List, as NTCA requests, will serve as a “single source for covered [ ] equipment and service.” To the extent NTCA argues for additional specificity, it is not required by the text of the Secure Networks Act.
72. Definition of “capable” for incorporation on the Covered List. Section 2(b) requires the Commission to place on the Covered List communications equipment or service if, among other requirements, it is “capable” of the functions or impacts set forth in section 2(b)(2)(A)-(C). Consistent with the Commission's proposal in the 2020 Supply Chain Second Further Notice, it interprets “capable” for the purposes of fulfilling section 2(b)(2)(A)-(C), to include equipment or service that can possibly perform these functions, even if the subject equipment or service is not ordinarily used to perform the functions in section 2(b)(2)(A)-(C). The Commission takes this approach because it is unwilling to risk the deployment of unsecure equipment or services that would occur if it defined “capable” too narrowly. The term “capable” as presented in the Secure Networks Act is ambiguous and the Commission interprets it in light of the goals of the statute.
73. Although the Commission disagrees with Huawei that its decision to define “capable” broadly is “misguided,” it agrees that a piece of equipment or service's capabilities “refers to the present functionality of equipment or a service” as that is the ordinary interpretation of that word. The Commission's interpretation of “capable” tracks the word's definition in the Merriam-Webster Dictionary—“having traits conducive to or features permitting something.” In patent law, where “a claim [ ] recites capability and not actual operation, an accused device `need only be capable of operating' in the described mode.” “The meaning of `capable of' is explained as . . . `the ability to perform.” For the purposes of including communications equipment and services on the Covered List, the Commission defines “capable” to include the current possible uses of equipment or service. The Commission's approach does not extend this definition to the functionalities of communications equipment or services should they be modified in the future. The Commission's broad definition of “capable” in this context alone does not, as Huawei suggests, unreasonably extend the definition to equipment or services “potentially having such attributes after modification.” The Commission merely declines to narrow the scope of communications equipment or service's capability to the equipment or service's marketed use. To do otherwise would allow potentially insecure equipment or service to remain in communications networks.
74. Clarifying inclusion on the Covered List. The Commission also sought comment in the 2020 Supply Chain Second Further Notice on a process to allow interested parties to clarify whether a specific piece of communications equipment or a specific service is included on the Covered List. Some commenters argue that the Commission should consider mechanisms to provide transparency on which specific pieces of communications equipment and service are included on the Covered List. As with any Commission proceeding, providers of advanced communications service and other interested parties may seek a declaratory ruling to “terminat[e] a controversy” or “remov[e] uncertainty.” To the extent a party is uncertain whether a specific piece of equipment is subject to a determination under section 2(c) of the Secure Networks Act, the party may seek a declaratory ruling. That said, the Commission lacks discretion to modify a determination under section 2(c), and it is skeptical that any equipment that an enumerated source has determined “poses an unacceptable risk to the national security of the United States or the security and safety of United States persons” would not also, at a minimum, “pos[e] an unacceptable risk to the national security of the United States or the security and safety of United States persons.”
75. Once the Commission publishes the Covered List, PSHSB will issue a public notice indicating that the Covered List has been revised and that the section 3(a) prohibition and section 5(a) reporting requirement will take effect for communications equipment and service on the Covered List 60 days later. Pursuant to the Secure Networks Act, the Commission “shall periodically update the [Covered List] to reflect changes in the determinations described [in section 2(c)].” If one of the sources for determinations changes or modifies a determination, the Commission will update the Covered List accordingly. The Commission notes, however, that it has no discretion to reverse or modify determinations from other sources as the statute requires the Commission to accept and incorporate the determinations as provided. Should interested parties seek to reverse or modify the scope of one of these determinations, the party should petition the source of the determination.
76. Section 2(d) of the Secure Networks Act concerns how the Covered List should be updated to reflect new or revised determinations of covered communications equipment or services. Congress directed the Commission to “periodically update the [Covered List] to reflect changes in the determinations described [in section 2(c)].” In addition, the Commission “shall monitor the making or reversing of the determinations” from the enumerated sources in order to “place additional communications equipment or services on the [Covered List] or to remove communications equipment and services from such list.” If any of these determinations are reversed, the Commission “shall remove such equip- ment or service from the list . . .” unless the equipment or service's inclusion on the Covered List is based on a determination received from another enumerated source. Section 4(f) of the Secure Networks Act, discussed infra, provides options for when communications equipment or services are removed from the Covered List following an update or revocation of any determination. Secure Networks Act § 4(f). Finally, the Commission must notify the public for every twelve-month period during which the Commission does not update the Covered List. The Commission must indicate that “no updates were necessary during such period to protect national security or to address changes in the determinations . . . .”
77. No updates to Covered List unless Commission receives new or modified determination. In the 2020 Supply Chain Second Further Notice, the Commission sought comment on “the process to update and publish the Covered List and solicit ideas and best practices for ways to maintain the Covered List and keep it current and readily available.” The Commission interpreted the Secure Networks Act to not give its discretion to make any updates to the Covered List outside of determinations made by the sources enumerated in section 2(c). The Commission noted that the text of section 2(d) “does not appear to give it discretion not to update the Covered List based on changes in determinations, and hence it would be unclear what purpose a notice period would serve.”
78. The Commission believes the best interpretation of the Secure Networks Act is that it does not grant its authority to update the Covered List outside of these national security determinations, and thus, the Commission will make no changes or modifications to the Covered List unless it identifies a new or modified determination of covered communications equipment or services from any of the sources identified in section 2(c) of the Act. If one of the sources issues a new or modified determination, the Commission will update the Covered List to reflect this change. Once the Commission updates the Covered List, the PSHSB, in conjunction with WCB, will issue a Public Notice declaring that the Covered List has been updated to reflect a new or modified determination. This approach is consistent with NCTA's desire for the Commission to “provide clear and prominent notice of decisions to remove vendors of equipment items from the Covered List.” If the Commission identifies no updates or modifications in any twelve-month period, PSHSB shall issue a Public Notice indicating that “no updates were necessary during such period to protect national security or to address changes in the determinations . . . .”
79. Section 3 of the Secure Networks Act prohibits funding from Federal programs made available to subsidize capital expenditures necessary for the provision of advanced communications service from being used to purchase, rent, lease, or otherwise obtain any covered communications equipment or service, or maintain any covered equipment or service previously purchased, rented, leased, or otherwise obtained. Currently, § 54.9 of the Commission's rules imposes a similar prohibition on the spending of USF support, yet broadly applies to equipment and services produced or provided by entities designated as posing a national security threat to the integrity of communications networks or the communications supply chain. In the 2020 Supply Chain Declaratory Ruling and Second Further Notice, 85 FR 47211, August 4, 2020 and 85 FR 48134, August 10, 2020, the Commission found that § 54.9 substantially implements the prohibition under section 3 of the Secure Networks Act, but it nonetheless proposed a new rule, independent of § 54.9, to align the Commission's rules with the scope of the prohibition found in the Secure Networks Act. The Commission sought comment on that proposal and an effective period of 60 days after communications equipment or services are placed on the Covered List. The Commission also sought comment on the impact of the proposed rule on multiyear contracts or contracts with voluntary extensions between USF recipients and companies producing or providing communications equipment or services posing a supply chain security risk, if any such contracts exist.
80. Consistent with the Commission's proposal in the 2020 Supply Chain Second Further Notice, it adopts a rule to enact section 3 of the Secure Networks Act by prohibiting the use of Federal subsidies made available through a program administered by the Commission and that provides funds to be used for the capital expenditures necessary for the provision of advanced communications service to purchase, rent, lease, or otherwise obtain any communications equipment or service, or maintain any covered communications equipment or service previously purchased, rented, leased, or otherwise obtained, and identified and published on the Covered List.
81. The new rule the Commission adopts, codified at § 54.10, prohibits the use of a Federal subsidy made available through a program administered by the Commission that provides funds for the capital expenditures necessary for the provision of advanced communications service to purchase, rent, lease, or otherwise obtain any covered communications equipment or service identified and published on the Covered List, or maintain any such covered communications equipment or service previously purchased, rented, leased, or otherwise obtained. The Commission has interpreted section 3 of the Secure Networks Act as intending to apply to all universal service programs but not other Federal subsidy programs to the extent those programs may tangentially or indirectly involve expenditures related to the provision of advanced communications service. The Commission acknowledges that there will be two processes to designate equipment or services as prohibited from federal funding—one for the designation of an entity as posing a national security threat to the integrity of communications networks or the communications supply chain, and one for the designation of specific equipment and services through the Covered List process outlined in section 2 of the Secure Networks Act. Certain equipment or services may be subject to either or both the prohibition under § 54.9 of the Commission's rules and the new § 54.10 prohibition enacting section 3 of the Secure Networks Act. Parties subject to these requirements are responsible for complying with both prohibitions, as applicable, and in accordance with any applicable effective dates. The Commission finds that the prohibitions in §§ 54.9 and 54.10 of the Commission's rules are consistent with, and fully implement, section 3(a) of the Secure Networks Act. In the 2020 Supply Chain Declaratory Ruling, the Commission found that it satisfied the requirement to implement the section 3(a) prohibition within 180 days of enactment of the Secure Networks Act through its action in the 2019 Supply Chain Order; therefore, the Commission's action has no bearing on section 3(b)'s implementation deadline. The new prohibition encompasses covered equipment and services found on or added to the Covered List, while the existing prohibition in § 54.9 applies to a somewhat overlapping group of products or services from companies designated as posing a threat to national security. As the Commission stated in the 2020 Supply Chain Second Further Notice, the addition of § 54.10 will grant the Commission two different designation processes, “one for the designation of an entity, as currently provided by [§ 54.9 of] the Commission's rules, and another, more targeted process, for the designation of specific communications equipment and services per section 2 of the Secure Networks Act.” The new prohibition further applies to any funding programs administered by the Commission made available to subsidize capital expenditures for the provision of advanced communications service, including any future USF programs, whereas § 54.9 is limited to USF support. RWA recommends that the Commission apply the prohibition to both “USF programs that fund capital expenditures and to USF programs that fund operational expenditures” to encompass the broadest range of risky or compromised equipment. The Commission clarifies that, through both prohibitions under §§ 54.9 and 54.10 of the Commission's rules, the rules apply, respectively, to both USF funds and to Federal subsidies administered by the Commission that provide funds for capital expenditures used for the provision of advanced communications services, which it has interpreted to mean universal service programs. Both prohibitions apply to all universal service funding from all current USF programs. The Commission believes that this approach will comprehensively encapsulate the universe of products and services that pose a risk to our nation's communications systems and prohibit spending of public funds consistent with congressional intent.
82. The two rules are intended to complement each other, and compliance should not impose additional burdens on providers of advanced communications service. CTIA raises concerns about the overlap of the two prohibitions, specifically that parties subject to both requirements are responsible for compliance with both prohibitions, and urges the Commission to “promote consistency, pursue transparency, and work with agencies that have expertise on supply chain and national security.” Although there is some overlap between the two prohibitions, the Commission believes that the rules are straightforward and transparent in their applicability to entities, funding, and equipment or services such that providers are able to comply. For example, the equipment and services designated under each rule will be published in accordance with the respective requirements (i.e., the Commission's website for § 54.9, or the Covered List for § 54.10) such that entities can identify which equipment or services are subject to each prohibition.
83. CTIA urges the Commission to limit the new prohibition to subsidies under the USF programs, rather than expanding to include “other programs administered by the Commission that primarily support the provision of advanced communications services” and requests that the rule explicitly state the limitation to USF. The Commission finds additional limitation would be misplaced given its previously stated interpretation of the statute and its applicability. Furthermore, the Commission is compelled by the clear and direct language of the statute to make the language of § 54.10 potentially broader than USF programs. Section 3 of the Secure Networks Act applies only to Federal subsidies administered by the Commission used for capital expenditures necessary for the provision of advanced communications services which, as stated in the 2020 Supply Chain Declaratory Ruling, the Commission interprets to encompass universal service programs. Consistent with the 2020 Supply Chain Declaratory Ruling, the Commission reiterates that the prohibition does not apply to the Interstate Telecommunications Relay Service (TRS) Fund, as the TRS Fund does not subsidize capital expenditures necessary for the provision of advanced communications services. However, to the extent Congress creates additional programs in the future that provide a Federal subsidy administered by the Commission that provides funds to be used for capital expenditures necessary for the provision of advanced communications services, they would appear to fall under the prohibition in section 3 of the Secure Networks Act, and it would expect that § 54.10 would apply to those programs as well.
84. Consistent with the Commission's decision not to grandfather existing contracts under § 54.9 in the 2019 Supply Chain Order, the Commission also declines to grandfather existing contracts for equipment or services on the Covered List under § 54.10 of the Commission's rules. Exempting or excluding covered equipment or services purchased under existing multiyear contracts would negate the purpose behind the Commission's rule in contravention of the clear and direct language in section 3 of the Secure Networks Act. Dell “urge[s] the Commission to prioritize risk factors before contractual obligations,” and the Commission believes its decision advances that directive. Furthermore, although NCTA supports grandfathering existing equipment acquired pursuant to multiyear contracts except in instances where the authorized Federal body making the risk determination cites compelling evidence of an ongoing threat to national security, the Commission finds that, given the process by which the referring agencies or entities make such determinations that trigger inclusion of equipment and services on the Covered List, it finds that there is compelling evidence that equipment and services on the Covered List do pose such a threat, and grandfathering is not warranted.
85. NCTA urges the Commission to avoid an “unfair retroactive effect” by grandfathering existing equipment acquired pursuant to multiyear contracts in certain circumstances. The Commission disagrees with NCTA's assessment of the rule's effect. Section 3 of the Secure Networks Act does not, in itself, require a future action that generates a retroactive effect; it merely prohibits prospective use of certain Federal subsidies to purchase, rent, lease, or otherwise obtain any covered communications equipment or service, or maintain any covered communications equipment or service previously purchased, rented, leased, or otherwise obtained on the Covered List. As such, there can be no primary retroactivity in restricting the use of future Federal subsidies for covered equipment or services provided pursuant to existing contracts. Furthermore, the Commission relies on the presumption that, in passing the Secure Networks Act, Congress intended to apply section 3 to existing contracts absent manifest injustice. The Commission determines that the record does not support a finding of manifest injustice. Therefore, absent such a showing, the Commission declines to adopt a grandfathering exception to § 54.10.
86. Some commenters favor grandfathering existing equipment contracts in order to promote predictability and minimize network disruptions, and propose alternatives to allow for grandfathering in certain situations. For instance, CTIA suggests that rather than attempting to define ex ante what kinds of arrangements qualify for grandfathering, the Commission should “exercise its discretion and work with the regulated community to build in permissible grandfathering that is consistent with fair process and sensible regulatory practice.” NCTA further asks that the Commission clarify that “where a provider has already been selected to provide services that receive USF support, the support will not end 60 days after equipment or services are added to the Covered List.”
87. The Commission declines to adopt these alternative proposals. The Commission finds that the urgency of the threat that allowing covered equipment and services to remain in its communications networks poses to our national security outweighs the potential burdens associated with failure to grandfather or exempt certain contracts. Because such exemptions would create security loopholes to the effectiveness of the prohibition, the Commission rejects commenters' proposals to grandfather existing equipment contracts for covered equipment or services.
88. Effective date. The prohibition on the use of Federal subsidies under § 54.10 of the Commission's rules that the Commission adopts takes effect 60 days after any particular communications equipment or services are placed on the Covered List, consistent with the Secure Networks Act. Furthermore, adopting a 60-day period between placement on the Covered List and the effectiveness of the prohibition on funds appropriately balances the consideration of the compelling national security interests to promptly remove insecure equipment and services from the Commission's networks against the burdens on advanced communications service providers to identify covered equipment and services and make any adjustments to alternative funding to effectuate the prohibition. The Commission will require recipients of universal service support from each of the four USF programs to certify that they have complied with its new rule prohibiting the use of Federal subsidies for equipment and services on the Covered List.
89. Some commenters raise concerns about the 60-day period between when items are placed on the Covered List and when the prohibition under § 54.10 takes effect, and many propose alternatives. NTCA suggests that providers continue receiving USF support until federal funding is available to reimburse for the cost of replacement or the provider replaces the equipment in the normal course of business. CCA urges the Commission to be mindful of the strains the current public health crisis has placed on small and rural wireless carriers and advocates for a transition timeline that allows carriers to demonstrate progress through milestones. NCTA proposes the creation of a safe harbor “for providers that are making a reasonable, good-faith effort to transition away from newly-banned equipment but cannot meet the 60-day removal timetable without significant disruptions to network operations or service delivery.”
90. The Commission disagrees with these commenters' assessments of the impact of the 60-day effective date of the § 54.10 prohibition and therefore declines to adopt their alternative proposals. First, setting the effective date of the prohibition at 60 days after covered equipment is placed on the Covered List is statutory, and the rule the Commission adopts codifies an effective date consistent with the statute. Second, the rule prohibits the use of Federal subsidies to purchase, rent, lease, or otherwise obtain covered communications equipment or service, or maintain covered communications equipment or service previously purchased, rented, leased, or otherwise obtained on the Covered List; it does not directly speak to a deadline to remove or replace that equipment. The Commission addresses issues regarding the transition periods for removal and replacement of covered equipment and services under the Reimbursement Program in this document. To the extent providers request a transition period to secure alternative funding, similar to the Commission's decision in the 2019 Supply Chain Order, it finds that there is a compelling interest in protecting our national security, which necessitates prompt implementation of the prohibition. § 54.9 of the Commission's rules took effect immediately upon publication in the Federal Register because of the national security interests in moving expeditiously. The Commission is not granted the discretion to waive a statutory mandate; however, it believes 60 days is sufficient based on its experience with the effective date of § 54.9. Therefore, the Commission finds that 60 days is sufficient notice to prohibit spending of Federal subsidy funding on equipment and services added to the Covered List.
91. The Commission in the 2019 Supply Chain Further Notice proposed a program to reimburse ETCs for reasonable transition costs associated with the removal and replacement of equipment and services produced or provided by entities posing a national security threat as designated by the process outlined in § 54.9 of the Commission's rules. Subsequently, the President signed into law the Secure Networks Act requiring the Commission to establish the Reimbursement Program. WCB then released a public notice seeking comment on the applicability of the Secure Networks Act on the Commission's proposed reimbursement mechanism.
92. The reimbursement program required by the Secure Networks Act largely mirrors the Commission's original proposal in purpose and process. Both are focused on reimbursing entities for the removal and replacement of equipment and services posing a national security risk. Both envision a reimbursement process focused on initial cost estimates and including procedures to protect against waste, fraud, and abuse. But there are also noticeable differences. For example, the Commission initially proposed limiting eligibility to ETCs, while the Secure Networks Act expands eligibility beyond ETCs to include all providers of advanced communications service with two million or fewer customers. The process for designating covered equipment and services also differs, which could change the scope of reimbursable expenses for the removal, replacement, and disposal of such equipment and services under the Commission's proposal versus the program required by Congress. The Commission concludes the Reimbursement Program effectively supersedes the Commission's original proposal, and it conforms it to the requirements set forth in the Secure Networks Act.
93. The Commission now establishes, as directed by the Secure Networks Act, the Reimbursement Program to reimburse the costs reasonably incurred by providers of advanced communication services with two million or fewer customers to permanently remove, replace, and dispose of covered communications equipment and services from their networks. The Commission will allow eligible providers to obtain reimbursement to remove and replace older covered communications equipment with upgraded technology and will reimburse providers for certain transition expenses incurred prior to the creation of this program. The Commission requires program participants to submit estimated costs to receive funding allocations. Recipients can then obtain funding disbursements on a rolling basis upon a showing of actual expenses incurred.
94. If aggregate demand exceeds available funding, the Commission will prioritize funding for ETCs and expenses for transitioning core networks over non-ETCs and non-core network transition expenses. Program recipients will have one year from the initial funding disbursement to complete the permanent removal, replacement, and disposal of covered communications equipment. The Commission may grant a single, general six-month extension for all recipients and/or individual extensions of time if circumstances warrant. The Commission also adopts a number of measures as directed by the Secure Networks Act to combat waste, fraud, and abuse, including the filing of status updates, spending reports, and a final certification, requiring documentation retention, audits, reviews and field inspections, and seeking the repayment of disbursed funds for violations of the Secure Networks Act and the Reimbursement Program rules in addition to taking other possible enforcement actions.
95. Eligible Providers. As directed by section 4 of the Secure Networks Act, the Commission limits eligibility for the Reimbursement Program to providers of advanced communication service with two million or fewer customers. The Secure Networks Act identifies advanced communication service providers as providers of advanced telecommunications capability as defined in section 706 of the Telecommunications Act of 1996 (Telecommunications Act). Advanced telecommunications capability is defined in section 706 of the Telecommunications Act “without regard to any transmission media or technology, as high-speed, switched, broadband telecommunications capability that enables users to originate and receive high-quality voice, data, graphics, and video telecommunications using any technology.” As Blue Danube correctly notes, the advanced communications service term in the statute is “straight forward.” If Congress were to pass additional legislation defining eligibility for the reimbursement program, the Commission would modify its eligibility requirements.
96. The Commission has historically interpreted providers of advanced telecommunications capability, and thus providers of advanced communications services, to mean facilities-based providers, whether fixed or mobile, with a broadband connection to end users with at least 200 kbps in one direction. This standard is used by the Commission to identify providers required to report broadband deployment using the FCC Form 477. The few commenters addressing this issue generally support the use of this same speed threshold to determine providers of advanced communications service. Using this standard will maximize the pool of eligible applicants and help assist with the removal of insecure equipment that is older and slower than newer, more technologically up-to-date equipment from our Nation's interconnected networks.
97. Separately, for purposes of the Reimbursement Program, a school, library or health care provider, or consortium thereof, may also qualify as a provider of advanced communications service, and therefore be eligible to participate in the Reimbursement Program, if it provisions facilities-based broadband connections of at least 200 kbps in one direction to end users, which could include students, patrons, patients, or member institutions in the context of cooperative infrastructure sharing arrangements. This clarification addresses the concerns raised by Northern Michigan University as it seeks to remove and replace covered equipment from its LTE network that serves “over 15,000 NMU students, K-12 families, and community members.” However, a school, library, or health care provider that merely purchases advanced telecommunications or information services and is not a facilities-based network provider of services is not considered a provider of advanced communications services for purposes of the Reimbursement Program. Accordingly, the Commission disagrees with RWA's suggestion to interpret the statute to allow reimbursement eligibility for entities that only purchase but do not provide advanced communications services.
98. The Commission also takes this opportunity to clarify the demarcation point between eligible and non-eligible advanced communications service providers, i.e., those with fewer than two million customers. The Secure Networks Act defines “customers” to mean “with respect to a provider of advanced communications service—(A) the customers of such provider” as well as the “customers of any affiliate . . . of such provider.” The statute references the definition of “affiliate” contained in section 3 of the Communications Act, which reads “a person that (directly or indirectly) owns or controls, is owned or controlled by, or is under common ownership or control with, another person.” The definition of affiliate further states “[f]or purposes of this paragraph, the term `own' means to own an equity interest (or the equivalent thereof) of more than 10 percent.”
99. The Commission reads the phrase “customers of such provider” and “customers of any affiliate” as having more than one possible interpretation. The language could refer only to those customers purchasing advanced communications service or could refer to any customer of the provider or affiliate regardless of the service or product purchased. The accompanying House Report states “[s]ection 4 requires the FCC . . . to reimburse providers of advanced communications service with 2 million or fewer subscribers.” This language suggests an intention to focus on the subscribers of the provider that purchase advanced communications service in determining eligibility. The House Report also states the Reimbursement Program is established “to assist small communications providers with the costs of removing prohibited equipment and services from their networks.” By limiting the meaning of “customer” to those purchasing advanced communications service, potentially a large company with a small number of advanced communications service customers could qualify for the Reimbursement Program. Given the overall intent of the program to assist with the removal of equipment and services posing a national security risk and the language in the House Report, the Commission chooses to interpret customer narrowly, which in turn will increase the pool of eligibility for the program. Accordingly, the Commission interprets “customers of such provider” and “customers of any affiliate” to mean those customers taking advanced communications service from the provider and its affiliates. A provider seeking to participate in the Reimbursement Program must have two million or fewer customers, as of the date its application is filed. If the provider's number of customers increases above two million after its application is filed, they will not lose their eligibility to participate in the Reimbursement Program by virtue of the customer increase.
100. To identify customers of advanced communications service, providers must count those customers purchasing a service that includes a broadband connection with a speed of at least 200 kbps in one direction. The Secure Networks Act states an advanced communications service has the meaning given the term advanced telecommunications capability. The Commission has historically interpreted “advanced telecommunications service” to mean a service with a broadband connection of at least 200 kbps in one direction. Accordingly, the Commission directs providers to count customers of broadband service meeting or exceeding this speed threshold for purposes of program eligibility. A subscriber merely purchasing traditional plain old telephone service would therefore not count as a subscriber of advanced communications service.
101. Lastly, to be eligible, the Secure Networks Act requires providers filing applications to make specific certifications per section 4(d)(4). Applicants must certify that “as of the date of the submission of the application, the applicant—(i) has developed a plan for—(I) the permanent removal and replacement of any covered communications equipment or service that are in the communications network of the applicant as of such date; and (II) the disposal of the equipment or services removed . . . and has developed a specific timeline . . . for the permanent removal, replacement, and disposal of the covered communications equipment or services identified . . . , which timeline shall be submitted to the Commission as part of the application.” The applicant must also certify on the date of its application's approval that it “will not purchase, rent, lease, or otherwise obtain covered communications equipment or services, using reimbursement funds or any other funds (including funds derived from private sources); and . . . will consult and consider the standards, guidelines, and best practices set forth in the cybersecurity framework developed by the National Institute of Standards and Technology . . . in developing and tailoring the risk management practices of the applicant.” The Commission directs WCB to incorporate these certifications as part of the application submission process to ensure applicants are eligible for the Reimbursement Program.
102. Covered Communications Equipment or Services. The Secure Networks Act allows eligible providers to seek reimbursement for expenses associated solely with the permanent removal, replacement, and disposal of “covered communications equipment or services” as designated per section 2(a) of the Secure Networks Act. Specifically, eligible providers may seek reimbursement funds to remove, replace, and dispose of “covered communications equipment or services purchased, rented, leased or otherwise obtained” before August 14, 2018 if on the initial list published by the Commission, or no later than 60 days after the Commission adds further equipment and services to the initial list. Recipients are prohibited from using reimbursement funds to remove, replace, or dispose of covered communications equipment or service purchased, rented, or leased or otherwise obtained after these statutory cutoff dates. The Commission has no discretion to deviate from the scope of covered communications equipment or services provided under the Secure Networks Act. Accordingly, to the extent the Commission's original proposal in the 2019 Supply Chain Further Notice suggested limiting eligibility to a broader or narrower category of equipment and services, it now instead follows the requirements contained in the Secure Networks Act.
103. As proposed in the 2019 Supply Chain Further Notice, the Reimbursement Program will reimburse costs reasonably incurred for the removal, replacement, and disposal of covered equipment and services in accordance with the Secure Networks Act. The Commission notes that the Reimbursement Program does not modify rules that govern how universal service funds may be used in the various universal service programs. ETCs will still be required to certify, for example, that federal high-cost support was used only for the provision, maintenance, and upgrading of facilities and services for which the support is intended. The reasonableness standard the Commission adopts is consistent with the standard applicable to the broadcast incentive auction reimbursement mechanism. This standard is also consistent with approach taken in the Emerging Technologies framework when assisting existing operators with relocation costs in transitioning to new facilities. A standard of reasonableness will provide the Commission with a sensible approach for evaluating reimbursement costs to help combat waste, fraud and abuse through the exclusion of excessive and otherwise unreasonable costs from the Reimbursement Program.
104. The Secure Networks Act does not expressly establish a standard for evaluating costs for reimbursement. The statute simply requires the Commission to reimburse providers for the permanent removal, replacement, and disposal of covered communications equipment and services. The Commission therefore proposed to apply a standard of reasonableness when evaluating requests for reimbursement. One commenter, the Rural Wireless Broadband Coalition, urged the Commission to “follow the principle” of reimbursing any reasonable cost. Other commenters, while not engaging directly with the proposed reasonableness standard, implicitly supported this approach by commenting on the need for certainty in knowing upfront what expenses are reimbursable, advocating for the inclusion of various expenses as reasonable, and supporting use of the same standard as used in the broadcast incentive auction reimbursement mechanism.
105. The Commission sees no reason to deviate from using a standard of reasonableness, as proposed, for purposes of the Reimbursement Program. First, using a standard of reasonableness will help guide objective determinations of whether to include or deny costs for reimbursement and ensure that excessive, unreasonable costs do not jeopardize the available funding needed by all participating providers to transition away from networks posing a national security risk. Second, by using an existing standard, the Commission can leverage its prior experience with the broadcast incentive auction reimbursement mechanism standard and the Emerging Technologies framework to benefit the Reimbursement Program. There already exists in the incentive auction context a Catalog of Expenses, identifying categories of expenses considered reasonable for purposes of reimbursement. The Commission can look to these efforts to assist its determinations and help identify the types of expenses considered reasonable during a transition process in implementing the Reimbursement Program. While the equipment and services replaced may differ, the same basic steps apply here, as in planning and implementing a network transition while attempting to minimize disruptions for customers/users. Lastly, using the existing standard provides regulatory consistency between similarly situated program participants of both the broadcast incentive auction, other wireless proceedings involving the relocation of existing operators, and the instant Reimbursement Program. A fundamental precept of administrative law is to treat similarly situated entities in a similar manner.
106. The Commission will thus consider eligible for reimbursement costs reasonably incurred for the timely removal, replacement, and disposal of covered equipment and services obtained prior to the statutory cutoff dates. The Commission interpreted “costs reasonably incurred” in the broadcast incentive auction reimbursement mechanism context as requiring the reimbursement of “costs that are reasonable to provide facilities comparable to those . . . reasonably replaced.” The Commission has further interpreted “[t]hese costs [to] include both `hard' expenses, such as new equipment and tower rigging, and `soft' expenses, including legal and engineering services.” The Commission sees no reason to deviate from this model and will apply it to the instant Reimbursement Program. Although the Commission cannot forecast all types of reasonable expenses, it does provide guidance to help participants with their transition planning. The appropriate scope of “costs reasonably incurred” will necessarily be decided on a case-by-case basis, and the Commission delegates authority to WCB to make reimbursement determinations and to finalize a catalog to help participants estimate their reimbursable costs.
107. The Commission considers as reasonable replacement facilities comparable to the facilities in use by the provider prior to the removal, replacement, and disposal of covered communications equipment or service. The Commission recognizes, however, when replacing older technology that a certain level of technological upgrade is inevitable. Accordingly, the Commission will permit Reimbursement Program participants to obtain reimbursement for reasonable costs incurred for replacing older mobile wireless networks with fourth generation Long Term Evolution (4G LTE) equipment or service that are 5G ready.
108. The reimbursement program is intended “to assist small communications providers with the costs of removing prohibited equipment and services from their networks and replacing prohibited equipment with more secure communications equipment and services.” Language from the House Report demonstrates that Congress “expects the Commission, when implementing regulations . . . to preclude network upgrades that go beyond the replacement of covered communications equipment or services from eligibility; however, [Congress] expects there to be a transition from 3G to 4G or even 5G-ready equipment in instances where equipment being replaced was initially deployed several years ago.”
109. The Commission sought comment in the 2019 Supply Chain Further Notice on whether it should use the same “comparability standard” used in the broadcast incentive auction reimbursement mechanism. In the broadcast proceeding, the Commission said that reasonable reimbursement costs include “costs that are reasonable to provide facilities comparable those that [an existing operator] had prior to the auction.” The Commission further stated that it did “not anticipate providing reimbursement for optional features beyond those already present” but recognized when replacing older equipment that the new “equipment necessarily may include improved functionality.” The Commission uses a similar comparable facilities standard when relocating incumbent operators under the Emerging Technologies framework. One commenter, the Rural Wireless Association, urged the Commission to “closely mirror the structure used for the Broadcast Incentive Auction.” Another commenter, Rise Broadband, said a comparability standard for replacement costs is essential. Otherwise, commenters generally favored allowing some level of technological upgrade, especially when replacing older technology that is unlikely to have a comparable replacement.
110. Consistent with approach taken on equipment upgrades for the broadcast incentive auction, the Commission expects, as a general matter, eligible providers to “obtain the lowest-cost equipment that most closely replaces their existing equipment.” That said, the Commission recognizes the replacement of older legacy technology will inevitably require the use of newer equipment and services that have additional capabilities. Accordingly, consistent with the intent of Congress, the Commission will allow, and indeed encourage, eligible providers replacing third generation and older equipment to obtain reimbursement for the cost of 4G LTE replacement equipment that is 5G-ready.
111. The record indicates new equipment supporting older, second- and third generation wireless technology services is unavailable, and even acquiring such equipment and services on the secondary market is proving increasingly difficult and in some instances impossible. The reimbursement program is not limited to replacing covered equipment and services in wireless networks, but the Commission recognizes the initial focus is on the equipment and services provided by Huawei and ZTE, which is most often found with the provision of wireless services. Accordingly, while much of this discussion is focused on replacing wireless technology, the underlying rationale applies equally in the non-wireless context. And from a policy perspective, investing money on outdated and soon-to-be decommissioned equipment and service is of little benefit and an inefficient and wasteful use of Federal support. The Commission will therefore allow providers replacing older technology to obtain reimbursement for the cost of new replacement equipment that is 4G LTE compatible and is capable of subsequently being upgraded to provide 5G service. However, operators that elect “to purchase optional equipment capability or make other upgrades” beyond those reasonably needed to replace existing equipment must do so using their own funds, consistent with the approach the Commission took in the broadcast incentive auction proceeding and the recent C-Band auction proceeding.
112. By taking this approach on comparable facilities and technology upgrades, the Commission rejects alternative proposals for determining reimbursement amounts based on the value of the equipment being replaced. If, however, eligible providers are simply removing and disposing of covered equipment and service without replacement, e.g., simply shutting down an older network, then the Commission would consider reimbursing the provider for the cost of the depreciated value of the decommissioned equipment. For example, NTCH and NTCA suggested that to avoid the “impossibility” of evaluating what constitute appropriate replacements, the Commission should simply reimburse the original cost of the covered equipment and services plus an additional 25%. This approach, however, may not result in providing sufficient reimbursement funding for providers if the cost of the replacement equipment exceeds the reimbursement support allocated to the recipient. In addition, the Commission finds PRTC's proposal to reimburse both the present-day value of the replaced equipment and the cost of the replacement equipment unreasonable, giving the provider a windfall and an unfair competitive advantage over other providers.
113. The Commission next delegates to WCB the responsibility to develop and finalize a Catalog of Eligible Expenses and Estimated Costs (Catalog of Eligible Expenses) to inform the Reimbursement Program. The Secure Networks Act requires the Commission to “develop a list of suggested replacements” for covered equipment and services and for applicants to submit “initial reimbursement cost estimate[s] at the time of application.” The Commission is also required to “take reasonable steps to mitigate the administrative burdens and costs associated with the application process, while taking into account the need to avoid waste, fraud, and abuse.” In the broadcast incentive auction reimbursement mechanism, the use of a catalog to estimate relocation costs played a critical role in the successful processing of reimbursement applications. The Commission seeks to duplicate that success here by using a Catalog of Eligible Expenses as suggested in the record. The catalog will identify reimbursable costs with as much specificity as possible, provide guidance to entities seeking reimbursement, streamline the reimbursement process, and increase accountability. Listing in the catalog, however, is not a guarantee of reimbursement for any individual expense, and all claimed expenses are subject to review by the Commission staff to ensure each expense and request for reimbursement is reasonable.
114. The Catalog of Eligible Expenses will also help the Commission and applicants satisfy the Secure Networks Act's requirements not only by helping applicants with transition planning and estimating costs for application submissions, but also with identifying potential replacement equipment and services and expediting the Commission's reimbursement request review process. As CCA points out, the removal, replacement and disposal of covered equipment and services in a mobile wireless network is a complex, multi-step process that is likely to encompass a range of expenses, including: Drive testing to determine baseline coverage; evaluating spectrum and backhaul capabilities; ordering new equipment; installing new network core and RAN equipment; potentially leasing space on or building new towers and obtaining any associated permits and approvals; testing and optimizing the network; and migrating traffic and decommissioning covered equipment and services. Because there will likely be a range of expenses that could vary among providers, the Catalog of Eligible Expenses will be used to provide helpful guidance regarding the kinds and amounts of expenses that will be reimbursed. Accordingly, the Catalog of Eligible Expenses will not be a definitive list of all reimbursable expenses but a means to facilitate the reimbursement process. Given the importance of the Catalog of Eligible Expenses to the Reimbursement Program, Commission staff have already begun work to develop it, and the Commission expects to release it as soon as possible.
115. The Commission next turns to the acceptable timing of costs incurred by providers to comply with the Commission's requirement. Some providers have already started the process to remove and replace problematic equipment from Huawei and ZTE from their networks. The Commission applauds these providers for proactively taking steps to increase the security of their networks notwithstanding the uncertainty of Federal government assistance. As such, the Commission will allow providers to obtain reimbursement for costs reasonably incurred prior to the creation and funding of the Reimbursement Program, for the removal, replacement, and disposal of covered equipment and services.
116. The Secure Networks Act expressly limits reimbursement support to the removal, replacement, and disposal of covered equipment and services obtained before certain dates. For covered equipment and services placed by the Commission on the initial Covered List required by section 2(a) of the Secure Networks Act, the cutoff date is August 14, 2018, which is the day after the 2019 NDAA was signed into law. For equipment and services subsequently added to the Covered List required by section 2(a), the provider must have obtained the equipment or service no later than 60 days after being placed on the Covered List to obtain reimbursement for costs associated with its removal, replacement, and disposal. The cutoff deadlines are explicit in the statute, and the Commission lacks discretion to use different cutoff dates for the purchase of covered communications equipment or service that is eligible for the reimbursement of removal, replacement, and disposal costs. Because of the statutory cutoff date, the Commission lacks discretion to consider an alternative cutoff date.
117. The 2019 NDAA prohibits the head of an executive agency from obligating or expending “loan or grant funds to procure or obtain, extend or renew a contract to procure or obtain, or enter into a contract (or extend or renew a contract) to procure or obtain” telecommunications and video surveillance equipment produced by entities reasonably believed to be owned or controlled by a foreign country. The 2019 NDAA specifically identified Huawei and ZTE as producers of covered equipment, putting the general public on official notice that the Federal government considered the equipment and services produced by these entities to pose a potential national security risk.
118. Following the 2019 NDAA's enactment and as the instant rulemaking proceeding progressed, providers increasingly began planning and taking steps to proactively remove, replace, and dispose of covered equipment and services from their networks. Providers urged the Commission to reimburse costs associated with these efforts even if incurred prior to the creation of any reimbursement program. The Commission will not penalize these providers for taking decisive, proactive steps to secure their networks before the reimbursement program is created and funded. Indeed, in order to protect the nation's communications networks, the Commission encourages providers to remove and replace covered equipment and services before the Reimbursement Program begins. For any expenses incurred before the commencement of the Reimbursement Program providers may not be reimbursed for unreasonable expenses. The Commission will apply the same standard, i.e., costs reasonably incurred, to determine whether an expense is eligible for reimbursement. Accordingly, for covered equipment and services placed on the initial list required by section 2(a) of the Secure Networks Act, the Commission will reimburse reasonable costs associated with the removal, replacement, and disposal of covered equipment that were incurred on or after April 17, 2018, the date the Commission adopted the 2018 Supply Chain Notice, 83 FR 19196, May 2, 2018, commencing this proceeding. The adoption date of the 2018 Supply Chain Notice was the first clear indication that the Commission was considering taking action to remove covered equipment from U.S. networks. Costs incurred before that date are ineligible for reimbursement. For equipment and services subsequently added to the initial list, the provider must incur the costs of removal, replacement, and disposal on or after the date the equipment or services are placed on the list for the reasonably incurred cost to qualify for reimbursement.
119. The Commission recognizes the removal, replacement, and disposal of covered equipment may, in the case of mobile wireless networks, entail setting up parallel network core and RAN components and then migrating existing customers to the new network. The Commission expects providers will endeavor to mitigate service disruptions to effectuate a seamless transition for customers. Consistent with the Commission's proposal in the 2019 Supply Chain Further Notice, to the extent providers experience a reduction in revenues as a result of a temporary loss in service, reduced coverage, or otherwise as a result of the transition, it will not reimburse providers for the lost revenues in the Reimbursement Program.
120. Allowing reimbursement for lost revenues would increase the costs of the Reimbursement Program substantially, and risk exhausting funding prematurely without reimbursing many eligible providers. The Commission is also concerned that evaluating the reasonableness of requests for reimbursement for lost revenues is challenging and speculative and may result in over-reimbursement. The Commission believes scarce program funding is better spent by assisting as many eligible providers as possible with the replacement costs directly related to the transition instead of trying to ensure providers are also reimbursed for lost revenues. Moreover, the Commission expects program participants will strive to minimize service disruptions for customers during the transition process to mitigate revenue loss. Accordingly, the Commission disagrees with Mark Twain Communications Company and deem lost revenues an unreasonable and ineligible expense for purposes of the reimbursement program.
121. The Secure Networks Act limits funding use to the removal, replacement, and disposal of covered communications equipment and services. Even with covered communications equipment and services, to use funds for the removal, replacement, and disposal, the Secure Networks Act requires the recipient to have obtained the equipment or service before a certain statutorily specified cutoff date. Specifically, for covered communications equipment or services published on the Commission's initial Covered List, the recipient must have obtained the equipment or service before August 14, 2018. For communications equipment or service subsequently added to the Covered List, the recipient must have obtained the equipment or service no later than 60 days after being added to the Covered List. Separately, the Secure Networks Act prohibits recipients from using funds to “purchase, rent, lease, or otherwise obtain any covered communications equipment or service.” Recipients are also not allowed to use “other funds (including funds derived from private sources)” to “purchase, rent, lease, or otherwise obtain any covered communications equipment or service.” Requests for the reimbursement of expenses falling within the scope of these statutory prohibitions are considered unreasonable per se and thus ineligible.
122. Rural Wireless Broadband Coalition asks whether the statutory limit on funding use prohibits recipients from operating and maintaining covered communications equipment or service in their networks during the removal, replacement, and disposal process. The transition process will likely involve standing up a replacement network before migrating traffic to the replacement network and decommissioning the covered communications equipment or service in the old network. Recipients would thus need to continue operating and therefore maintain the old network containing covered communications equipment or service during the transition process to mitigate service disruptions for existing customers. According to the Rural Wireless Broadband Coalition, keeping the old network operational may involve replacing defective equipment that is covered, and because such equipment is typically proprietary, it would likely require, for purposes of interoperability, a replacement that is also supplied by the same supplier and covered.
123. The Commission reads the statute as clearly prohibiting the use of funds by recipients to obtain equipment or service that is on the Covered List even if such equipment is needed to maintain operations during a transition process. Notwithstanding this limitation, a provider possessing covered communications equipment spares obtained before becoming a Reimbursement Program recipient could use funds to install and maintain that covered communications equipment during the transition process. If, however, the recipient receives Universal Service support, then there may be other applicable rules that prohibit the use of funding to install and maintain covered communications equipment or service. The provider, however, must remove and dispose of all covered communications equipment by the time of the final certification.
124. The Commission in the 2019 Supply Chain Further Notice proposed a “detailed reimbursement application process” like the reimbursement mechanism used in the broadcast incentive auction proceeding “to confirm that funding is being used only to replace covered equipment and services, rather than to deploy services to new areas or replace aging equipment or services that are not covered.” Applicants would “provide details of the covered equipment and services being replaced, the replacement equipment and services, and the estimated costs of replacement.” To help guide applicants, the Commission sought comments on “efficient ways” to develop replacement cost estimates. The Commission separately sought comment on whether to “prioritize payments for the replacement of certain equipment and services that are identified as posing the greatest risk to the security of networks, and what categories of equipment and services should that prioritization include.” Comments were also sought on measures to prevent waste, fraud, and abuse, including applicant certifications, deadlines for completing removal and replacement, periodic compliance audits, investigations, and enforcement penalties.
125. The Secure Networks Act establishes specific requirements applicable to the application process for the reimbursement program. Specifically, “[t]he Commission shall require an applicant to provide an initial reimbursement cost estimate at the time of application, with supporting materials substantiating the costs.” The Commission is required to act on applications within 90 days after the date of submission. If there is an excessive number of applications, the Commission can extend this deadline by no more than 45 days. The Commission must also give applicants a 15-day period to cure a material deficiency in the application as determined by the Commission “(including by lacking an adequate cost estimate or adequate supporting materials) . . . before denying the application.” The statute states that “[i]f such period would extend beyond the deadline . . . for approving or denying the application, such deadline shall be extended through the end of such period.” The Secure Networks Act also includes provisions for the removal, replacement, and disposal term and extensions thereof, status updates, measures to avoid waste, fraud, and abuse, and education efforts. The statute also addresses enforcement actions and additional penalties relevant to the reimbursement program. The Commission sought comment on the impact of section 7 in the 2020 Supply Chain Second Further Notic e.
126. The Commission now adopts a reimbursement process like the one used in the broadcast incentive auction reimbursement mechanism that provides allocations to eligible providers based on their estimated costs. Program recipients can then obtain funding disbursements upon showing of actual expenses incurred. If aggregate demand exceeds available funding, the Commission will prioritize funding requests from ETCs subject to a remove and replace requirement before funding the requests of non-ETCs. Among non-ETCs, the Commission will further prioritize funding to those that voluntarily provided it with cost estimate data in response to the Supply Chain Security Information Collection over those that did not. Additionally, if the Commission is unable to fully fund either all ETCs or all non-ETCs, it will prioritize funding for transitioning core networks over funding non-core network expenses. Program recipients will have one year from the initial disbursement to complete the permanent removal, replacement, and disposal of covered communications equipment or services with the potential for a general and individual extensions of time.
127. The Commission's goals in developing a reimbursement process are threefold. First, the Commission strives to create a simple and straightforward process, providing certainty to participants while minimizing the costs associated with reimbursement and the administrative burden on both affected parties and the Commission. Second, the reimbursement mechanism should facilitate the prompt and efficient distribution of funds for the expeditious removal, replacement, and disposal of covered communications equipment and services posing a national security risk from the networks of participating providers. Third, the program should fairly cover the eligible costs reasonably incurred for reimbursement and include measures to prevent waste, fraud, and abuse. As the Secure Networks Act instructs the Commission, “[i]n developing the application process . . . , the Commission shall take reasonable steps to mitigate the administrative burden and costs associated with the application process, while taking into account the need to avoid waste, fraud, and abuse in the Program.”
128. The Reimbursement Program will allocate funds on the applicant's behalf to the U.S. Treasury for draw down by applicants on a rolling basis upon the showing of expenses actually incurred. This approach is consistent with the one used in the broadcast incentive auction reimbursement mechanism which has proven successful in the efficient and expeditious disbursement of funds for transitioning networks.
129. The Secure Networks Act states “[n]othing in this section shall be construed to prohibit the Commission from making a reimbursement under the Program to a provider of advanced communications service before the provider incurs the cost of the permanent removal, replacement, and disposal of the covered communications equipment or service for which the application of the provider has been approved . . . .” This language permits the Commission to make funding disbursements in advance of costs actually incurred but does not require any such advance payments. The Commission has concerns, however, about providing advanced funding because once disbursed, its ability to ensure the applicant spends the money as intended to avoid waste, fraud, and abuse is greatly diminished. If the Commission later finds the applicant has not used the money as intended and in compliance with the Secure Networks Act and the Commission's rules, then reclaiming the money from the applicant following advance disbursement can prove challenging. Accordingly, rather than disbursing large amounts upfront to program participants, the Commission will use an initial funding allocation process based on cost estimates, and then allow rolling disbursements based on showings of actual costs incurred. This approach provides recipients with the upfront knowledge of available funds for purposes of planning and engaging lenders and vendors. The Commission finds that this methodology best achieves Congress's goal of mitigating the administrative burden and costs of the program while taking steps to avoid waste, fraud, and abuse. By adopting a rolling reimbursement process, the Commission declines to provide funding upfront before costs are actually incurred as suggested by the Secure Networks Coalition. The Commission expects the reimbursement process, as shown in the broadcast incentive auction context, will sufficiently meet the financial needs of providers, including smaller providers, in a timely manner while ensuring appropriate agency oversight over the disbursement and use of funds for their intended purpose. Some commenters urge the Commission to “establish a payment schedule and clear milestones for payments so that carriers know when they will be able to obtain payments to facilitate a transition.” They argue that given the scope and scale of expenses, waiting for reimbursement until the transition is complete is unworkable. As NetNumber states, “the Commission should provide for milestone payments to ensure service providers receive sufficient funding at every stage of the network transition process.” The Commission surmises the milestone process suggested is akin to draws on a construction loan whereby a lender releases a certain percentage of the total loan amount upon satisfaction of certain construction milestones, e.g., obtaining the necessary permits, pouring the foundation, completing the close-in inspection, and so forth.
130. The Commission finds milestones would add an unnecessary level of complexity to the reimbursement mechanism. For such a system to work, the Commission would need to determine the appropriate deployment milestones, the percentage of funding to disburse at each stage, the documentation needed to demonstrate milestone completion, and some inspection verification process to ensure the milestones are indeed satisfied prior to disbursing funds. By instead having a rolling system of disbursements throughout the transition project based on the submission of documentation of eligible expenses incurred, the Commission successfully addresses any concerns some providers may have of delayed payments until the network transition is complete. Accordingly, the Commission declines to use a transition funding disbursement mechanism based on milestones. While the Commission declines to impose milestone-based disbursements, it delegates the task of determining the specific timing of disbursements to WCB as part of its implementation of the Reimbursement Program with the goal of efficiently and expeditiously disbursing funds to recipients.
131. Lastly, the Commission declines to provide “bonuses” for completing the removal, replacement, and removal process ahead of the applicable deadline as suggested by Blue Danube. The Secure Networks Act already provides an aggressive one-year deadline for completing the transition process. This provides ample incentives for Reimbursement Program recipients to act quickly to complete the process. Accordingly, the Commission finds additional incentive payments unnecessary.
132. The Secure Networks Act directs the Commission to “develop an application process” that “require[s] an applicant to provide an initial reimbursement cost estimate at the time of application, with supporting materials substantiating the costs.” Consistent with the statute, to participate in the Reimbursement Program, eligible providers are required to submit initial estimates of the costs to be reasonably incurred for the removal, replacement, and disposal of covered communications equipment or services to participate in the reimbursement program. The Commission directs WCB to establish an initial 30-day filing window for the submission of cost estimates and to establish subsequent filing windows as necessary should support remain, or additional support become available to fund additional requests. Participants are also statutorily required to submit, in addition to cost estimates, “supporting materials substantiating the costs,” a “specific timeline . . . for the permanent removal, replacement and disposal of the covered communications equipment or services,” and the certifications required by section 4(d)(4) as to the development of a transition plan and the use of funds if approved and in developing and tailoring risk management practices.
133. The Commission has separately tasked WCB with developing and finalizing a Catalog of Eligible Expenses to identify reimbursable costs with as much specificity as possible to help entities in preparing initial cost estimates. Applicants can reference the final Catalog of Eligible Expenses, which will contain a list of many, but not necessarily all, of the relevant expenses in lieu of providing additional supporting documentation to justify the specific cost estimate. If an applicant believes the predetermined estimate does not fully account for its specific circumstances or a predetermined cost estimate is not provided in the Catalog of Eligible Expenses for the cost identified by the applicant, the applicant can provide its own individualized cost estimate. Applicants providing such individualized cost estimates will be required to submit supporting documentation and to certify the estimate is made in good faith.
134. Regardless of whether they are claiming predetermined cost estimates or their own individualized estimated costs, each applicant will be required to certify under penalty of perjury, inter alia, that: (1) It believes in good faith that it will reasonably incur all of the estimated costs that it claims as eligible for reimbursement; (2) it will use all money received from the Reimbursement Program only for expenses it believes are eligible for reimbursement; (3) it will comply with all policies and procedures relating to allocations, draw downs, payments, obligations, and expenditures of money from the Reimbursement Program; (4) it will maintain for 10 years detailed records, including receipts, of all costs eligible for reimbursement actually incurred; and (5) it will file all required documentation for its expenses. Similar certifications were required by the Commission with the broadcast incentive auction reimbursement mechanism. In addition, a 10-year record retention requirement is consistent with the record keeping required for the broadcast incentive auction reimbursement program. The Commission will also require applicants to provide detailed information on the covered communications equipment or services they are removing, replacing, and disposing to assist the Commission in evaluating whether the estimated costs reported are reasonably incurred.
135. For entities that choose to provide their own cost estimate, i.e., either a cost estimate higher than the predetermined cost estimate or an individualized cost estimate for an expense for which the Commission does not provide a predetermined cost estimate, WCB will review the required justification for the estimate and may accept it or substitute a different amount for purposes of calculating the initial allocation. The Commission is statutorily authorized to require applicants to update initial cost estimates and/or submit additional supporting cost estimate materials. If the applicant has already incurred costs eligible for reimbursement, e.g., the applicant already started transitioning its network prior to the acceptance of applications, then it should report its actual expenses with supporting documentation and indicate which costs are actual and not estimated in its submission. Doing so will allow WCB to factor in the actual costs when determining the funding allocation. WCB may ultimately determine, based on its reasonableness review, that an applicant should receive a different allocation from that claimed on the application.
136. After an applicant submits estimated cost forms, WCB will review them to determine completeness, the applicant's eligibility for reimbursement, and the reasonableness of the cost estimates provided, and will allocate funding accordingly for draw down by applicants. The funding amount allocated represents the maximum amount eligible for draw down by an eligible provider unless a subsequent funding allocation is made. This approach is consistent with the suggestion of NetNumber to “cap reimbursement for service providers at their estimated replacement costs for covered equipment and services in their networks.” The funding amount allocated represents the maximum amount eligible for draw down by an eligible provider unless a subsequent funding allocation is made. This approach is consistent with the suggestion of NetNumber to “cap reimbursement for service providers at their estimated replacement costs for covered equipment and services in their networks.”
137. Per the Secure Networks Act, WCB must act on applications within 90 days of submission. For purposes of calculating the 90-day deadline, the Commission will consider the date of submission as the date on which the filing window closes for accepting reimbursement requests. This approach is consistent with the Commission's historical treatment of applications submitted during a filing window as all being filed on the last day of the filing window. A filing window also allows WCB to efficiently review and act on applications in batch and not in piecemeal fashion, and is necessary to manage demand for funding. If there is an excessive number of applications, WCB can extend this deadline by no more than 45 days. After the initial filing window closes, the Commission expects WCB to release a public notice announcing the applications accepted for filing and indicate whether an extension of time of up to 45 days to review applications is justified. Applicants are allowed a 15-day period to cure a material deficiency in the application as determined by WCB “(including by lacking an adequate cost estimate or adequate supporting materials) . . . before denying the application.” The statute states that “[i]f such period would extend beyond the deadline . . . for approving or denying the application, such deadline shall be extended through the end of such period.” WCB will notify applicants of material deficiencies via Public Notice. If the 15-day cure period, “would extend beyond the deadline . . . for approving or denying the application, such deadline shall be extended through the end of such period.” If WCB denies the application, the filer will be allowed to resubmit its application or submit a new filing at a later date. Resubmitted applications previously denied or new applications from filers of previously denied applications will be subjected to a subsequent filing window if there is available funding. If the Commission were to process such filings as part of the applications submitted in the initial filing window, it would delay the award of funding allocations as the Commission must ensure aggregate demand does not exceed the available funds before issuing all allocations for requests filed in the initial filing window. Once WCB completes its review, it will issue an allocation from the Program to the provider, which will be available to the provider to draw down as expenses are incurred.
138. The Commission has requested Congress to appropriate $2,000,000,000 to fund the Reimbursement Program. To date, Congress has not yet appropriated any funds. Even if the eventual appropriation is substantial, the potential exists for the costs reasonably incurred for the removal, replacement, and disposal of covered communications equipment or services to exceed the funding appropriated. ETCs with two million or fewer customers reported in the Commission's Supply Chain Security Information Collection that it would cost $1.62 billion to remove and replace Huawei and ZTE equipment in their networks. And this figure does not account for other providers of advanced communications service that would be eligible to participate in the reimbursement program.
139. In the 2019 Supply Chain Further Notice, the Commission sought comment on whether “[t]o best target available funds,” the Commission should “prioritize[ ] payments for the replacement of certain equipment and services that are identified as posing the greatest risk to the security of networks, and what categories of equipment and services should that prioritization include.” The Commission also sought comment on whether to “cap the amount eligible for each individual funding request.” In the subsequently enacted Secure Networks Act, Congress did not provide for, or expressly prohibit, any funding prioritization scheme. The statute does instruct the Commission to “make reasonable efforts to ensure that reimbursement funds are distributed equitably among all applicants . . . according to the needs of the applicants, as identified by the applications of the applicant.” The Commission is also required to notify Congress on the need for additional funding should anticipated demand exceed $1 billion. WCB sought further comment on the impact of the Secure Networks Act on the proposed reimbursement program in April 2020. Only three parties commented on this issue with WTA generally supporting the prioritization of ETCs receiving USF support over other providers, NetNumber suggesting the Commission use funding caps based on the type of service provider and the nature of the project, and RWA asking the Commission to prorate reimbursement where each recipient gets a set percentage of the appropriated funding.
140. The Commission decides to establish a prioritization paradigm in the event the estimated costs for replacement submitted by the providers during the initial or any subsequent filing window in the aggregate exceed the total amount of funding available as appropriated by Congress for reimbursement requests. The Commission finds prioritization preferable to the alternatives suggested by NetNumber and RWA. Capping fund amounts depending on the nature of the removal, replacement, and disposal project and service provider type presents added complexity to the allocation process and fails to ensure demand will not exceed the total amount of available funding as the number of requests are unlimited. NetNumber suggests the Commission use funding caps but ensure “fair compensation for the full deployment cost for replacement equipment.” If there is no limit on the number of requests filed, then NetNumber's approach could lead to a funding deficit as the total demand, even when using a capped funding approach, could exceed the total amount of available funding. The Commission also finds that prorating support equally among all participants based on a set percentage of available funding, as the only means of allocating support, fails to account for the individual needs of the applicants and runs counter to the directive in the Secure Networks Act.
141. Under the prioritization scheme the Commission adopts, it will first allocate funding to eligible providers that are ETCs subject to a remove-and-replace requirement under the Commission's rules. If funding is insufficient to meet the total demand from this subcategory of eligible providers, then the Commission will prioritize funding for transitioning the core networks of these eligible providers before allocating funds to non-core network related expenses, including reasonable costs incurred for removing, replacing, and disposing of a provider's radio access network. The Catalog of Eligible Expenses cost catalog will include additional detail as to what are considered core and non-core network related expenses. If after allocating support to ETCs for both core and non-core network expenses funding is still available, the Commission will then allocate funding to non-ETC eligible provider applicants, prioritizing those non-ETCs that provided cost estimate data in response to the Commission Supply Chain Security Information Collection over other non-ETCs. The Commission will further prioritize funding for core network transition costs over non-core network transition costs within each non-ETC category. If available funding is insufficient to satisfy all requests in a certain prioritization category, then the Commission will prorate the available funding equally across all requests falling in that category.
Priority 1: Advanced communications service providers with 2 million or fewer customers that are Eligible Telecommunications Carriers subject to section [54.11] (new removal and replacement requirement). | Priority 1a: * Costs reasonably incurred for transitioning core network(s). Priority 1b: * Costs reasonably incurred for non-core network transition. |
Priority 2: Non-ETC providers of advanced communications service with 2 million or fewer customers that participated in the Supply Chain Security Information Collection, OMB Control No. 3060-1270. | Priority 2a: * Costs reasonably incurred for transitioning core network(s). Priority 2b: * Costs reasonably incurred for non-core network transition. |
Priority 3: Other non-ETC providers of advanced communications service with 2 million or fewer customers. | Priority 3a: * Costs reasonably incurred for transitioning core network(s). Priority 3b: * Costs reasonably incurred for non-core network transition. |
* If available funding is insufficient to satisfy all requests in this prioritization subcategory, then prorate the funding available equally among all requests in subcategory. |
142. In considering prioritization of funding, the Commission interprets the Secure Networks Act as requiring it to make reasonable efforts to treat all applicants on a just and fair basis while accounting for the applicants' individual circumstances. Accordingly, the Commission may find some applicants have a greater and more urgent need for funding than other applicants. The Commission thus does not interpret the statute as requiring equal funding or treatment but instead requiring it to make reasonable efforts to treat similarly situated applicants fairly.
143. While the presence of covered communications equipment or services threatens network security for all eligible providers equally, the Commission finds ETCs who are receiving USF support stand in a different position vis-à-vis other providers. Congress and the Commission have undertaken significant efforts over the twenty-plus years to subsidize the costs of ETCs to provide service in high-cost, hard-to-serve areas to facilitate universal access to essential telecommunications and broadband services to all Americans. And these efforts have borne fruit, resulting in the affordable availability of essential communications services for hard-to-reach Americans. ETCs in many instances represent the only provider of such services in the most rural areas of our country. Accordingly, the Commission finds the protection of ETC networks—networks which are funded through USF and serve on the front lines of providing universal service—from national security threats to be of the utmost importance. PTA-FL does not expressly advocate an alternative prioritization approach but notes, without citing any statistics, that some non-ETCs are also sole source providers. PTA-FL also states non-ETCs have a greater need for reimbursement support than ETCs because their covered equipment was acquired without using USF support. Notwithstanding these assertions, the Commission has made a substantial investment to help ETCs provide service in areas where the economics often do not support viable service offerings. Facing the possibility of service disruptions absent continued support due to the remove-and-replace prohibition the Commission adopts, it finds, notwithstanding PTA-FL's recent filing, that ETCs stand in a different position than non-ETCs, justifying a prioritization in the allocation of reimbursement support. Perhaps most significantly, in this document the Commission requires ETCs receiving universal service support to remove covered equipment and services from their networks. Failure to comply will result in the loss of future universal service funding. ETCs, which often provide service in areas where providers are less likely to be able to recover their costs from subscribers, are more sensitive to the possibility that they could lose universal service funding. ETCs thus face greater consequences than non-ETC providers if the transition does not occur in a timely manner. The potential for enforcement liability or reduced universal service funding further distinguishes ETCs from the circumstances of other applicants. Based on these factors, the Commission finds there is a greater urgency to expeditiously accommodate the transition of ETC networks over other applicants. Accordingly, if initial funding is insufficient to satisfy reimbursement requests, the Commission will first prioritize funding to ETCs over non-ETC applicants. By adopting a prioritization scheme, the Commission declines to follow the suggestions of RWA to grant an equitable percentage of funding to all applicants “proportionate to need . . . . if there is an insufficient amount of funds initially appropriated.” The Commission will, however, pro rate funding within a prioritization subcategory if insufficient funds remain for all requests in the subcategory.
144. Among non-ETC applicants, the Commission will further prioritize funding, as recently suggested by RWA, to first allocate funding to those non-ETCs that voluntarily provided cost estimate data in response to the Supply Chain Security Information Collection over other non-ETC applicants. The estimated cost to remove and replace covered equipment as reported by the Supply Chain Security Information Collection participants with two million or fewer customers totaled $1.62 billion with costs reported by all filers totaling $1.84 billion. This number includes data reported not only by ETCs required to report but also non-ETCs that were encouraged to report on a voluntary basis. The Commission asked Congress to appropriate $2 billion in funding for the Reimbursement Program, taking into account the cost data collected in the Supply Chain Security Information Collection. If Reimbursement Program demand were to substantially exceed $2 billion in appropriated funding due to the emergence of providers not participating in the Supply Chain Security Information Collection, then those non-ETCs that participated voluntarily in the collection could go without or with reduced funding simply because the costs of non-participating non-ETCs were not reported, and thus not considered. The Commission finds this result inequitable. Accordingly, the Commission will prioritize funding for participating non-ETCs over other non-ETCs.
145. If funding proves insufficient to meet the estimated reimbursement costs reasonably incurred for ETCs or non-ETCs, the Commission will further prioritize funding for expenses to transition the core networks of providers over non-core network expenses. To demarcate core network transition and non-core network transition expenses, applicant will need to report estimated costs for such activities separately in their submission.
146. Commenters indicate replacing the core network is the logical first step in a network transition and may have the greatest impact on eliminating a national security risk from the network. For example, CCA states “[t]he core is where the routing functions and `intelligence' resides in today's networks, so starting with the core is a natural step both in transitioning networks and prioritizing any national security risks.” WTA also notes that “limiting removal and replacement to core equipment could save the transition time and money as the equipment that is least likely to be a threat is on the edge of the network.” While the Commission believes having covered communications equipment and service in any portion of the network poses a national security risk, it agrees that prioritizing funding for core network transition expenses makes sense logically from a network migration standpoint and will greatly mitigate risks in the network. SNC states that replacing the core without also replacing the radio access network may raise interoperability issues but such concerns do not dissuade the Commission from finding that funding is best prioritized to most efficiently address national security risks by first assisting with the replacement of the core network over a provider's radio access network when demand exceeds available funding. Accordingly, the Commission instructs WCB to further prioritize the allocation of funding among applicants.
147. If available funding is insufficient to satisfy all funding requests in a prioritization subcategory, the Commission will prorate funding among all requests in the subcategory to ensure that total funding allocated does not exceed the funding available. Specifically, WCB will reduce each applicant's funding allocation request by an equal percentage to bring down the total funding allocation within the available support limit. This process will thus result in the equitable distribution of funding among applicants within the prioritization subcategory, consistent with the statute, while still allocating more funding to those applicants with higher transition costs. WCB will determine a pro-rata factor by dividing the total amount of available funding by the total amount of funding requested. WCB will then multiply the pro-rata factor by the total amount of support requested by each applicant and will allocate funds to each eligible applicant in the prioritization subcategory consistent with this calculation. The net result is each eligible applicant in that subcategory will receive less support than requested by the same pro-rata factor to bring the overall support amount committed within the applicable limit.
148. Following the acceptance of applications submitted during the relevant filing window, WCB will assess the aggregate demand of the applications filed during the applicable filing window to determine whether demand exceeds available funding, thereby triggering the need for funding prioritization. In conducting this assessment, WCB should make a cursory review of the applications to determine if any requests are clearly ineligible for funding, e.g., equipment to be removed is not on the Covered List ineligible or there appears to be a duplicate request from an applicant, and should not be included in the aggregate demand assessment. Per the Secure Networks Act, the Commission must give applicants a 15-day period to cure any material defect in the application before denying the application. This cursory review to eliminate clearly ineligible or erroneous applications will help to ensure a more accurate assessment of aggregate demand to determine whether to apply funding prioritization.
149. WCB will need to account for the administrative cost of operating the reimbursement program when assessing aggregate demand to the extent such costs are funded by a congressional appropriation and do not count towards funding available for reimbursement requests.
150. Following the allocation of funds to eligible providers and after eligible providers incur actual costs, they will need to file reimbursement claims along with any required supporting invoices and other cost documentation, as directed by WCB, to obtain reimbursement funds from their allocation. Entities may, and likely will, submit multiple reimbursement requests as they incur expenses throughout the reimbursement period. WCB will review reimbursement claims to ensure that disbursements are made only for costs reasonably incurred.
151. If an actual cost exceeds the estimated cost for a particular line item, the program participant will need to note the nature of the variation in the reimbursement claim filing, e.g., the recipient had to change equipment vendors resulting in higher replacement costs than estimated. The Commission understands the difficulty in accurately estimating costs and expect some degree of variation between estimated and actual costs. Ultimately, while the Commission will exercise some degree of flexibility with such variations, the Reimbursement Program participant cannot draw down more than the total funding amount allocated to it and can only receive reimbursement for reasonable costs incurred. If a recipient's costs exceed the funding allocation, then the recipient will need to seek an additional allocation of funding, if funding remains available.
152. To ensure the timely use of allocated funds as intended, the Commission will require recipients to submit all applicable reimbursement claims by a set date following the expiration of the term for completing the removal, replacement, and disposal of covered communications equipment and services. Without a deadline, outstanding funding would have to remain allocated indefinitely to satisfy possible future reimbursement claims filed for actual expenses incurred even if the recipient had no intention of filing any future claims. The effect would be to essentially strand funding and prevent the reallocation of unused funds to other Reimbursement Program participants. Imposing a deadline for the filing of reimbursement claims will address these concerns.
153. The Commission recently imposed a deadline on the filing of invoices to receive committed funds in the Rural Health Care Program to address similar concerns. The Commission similarly adopted an invoicing deadline for the E-Rate Program. In that proceeding, the Commission found an invoicing deadline of 120 days following the expiration of the one-year service delivery deadline, with the possibility of a one-time 120 day extension, sufficient to give program participants time to submit claims for expenses incurred while still providing the certainty needed for the efficient de-obligation of funding for use by future program participants. For the same reasons, the Commission will apply the approach used in the Rural Health Care Program to the Reimbursement Program. Recipients are required to file all reimburse claims within 120 days following the expiration of the removal, replacement, and disposal term. Prior to the expiration of the 120-day deadline, recipients can request and receive a 120-day extension of the reimbursement claim deadline, if timely requested. After the expiration of the reimbursement claim deadline, any allocated but as-yet unclaimed funds will revert automatically to the Reimbursement Program for reallocation to other participants pursuant to a future filing window. If a petition for an extension of the removal, replacement, and disposal term is pending when the term expires, then automatic reversion of the unallocated funds is stayed until, and if, the extension request is denied. Additional details on the removal, replacement, and disposal term, and extensions thereof, are provided in the subsequent section.
154. The Secure Networks Act requires, unless there is an extension provided for by the statute, Reimbursement Program recipients to complete the removal, replacement, and disposal of covered communications equipment or service “not later than 1 year after the date on which the Commission distributes reimbursement funds to the recipient.” The Commission concludes the one year window for project completion commences when the applicant makes the initial draw down disbursement of funding during the funding distribution stage. Thus, the one-year deadline will vary among recipients depending on when each recipient chooses to accept its initial draw down disbursement. The Commission finds this approach most accurately complies with a straight-forward reading of the statute and that it provides applicants a substantial amount of control over when the one-year window opens since the applicant chooses when to accept the initial draw-down.
155. The Commission recognizes there is concern among providers that the network transition process will likely take more than a year to complete. Congress has made clear its intent, however, and the Commission lacks discretion to deviate from what the statute requires. By tying the completion term to the actual initial disbursement of funds, the Commission adheres to the statutory requirement but also provides some flexibility to applicants. Because the Commission has declined to use a milestone-based phased funding approach, the suggestion to commence the one-year project deadline to the final disbursement is unworkable. At the same time, the Commission acknowledges applicants may defer taking their initial disbursement to further delay commencement of the one-year deadline. Such actions, in turn, may delay the network transitions to remove, replace, and dispose of equipment and service posing a national security risk. To ensure the efficient and expeditious use of funding to facilitate network transitions, the Commission will require recipients to file to receive their initial disbursement within [one year] of receiving the funding allocation approval. Failure to file for an initial disbursement within one year of receipt of funding allocation approval will result in the automatic reversion of the funding allocation to the program fund for reallocation to other or future program participants.
156. Term Extensions. The Secure Networks Act authorizes the Commission to grant extensions of time to complete the removal, replacement and disposal of covered communications equipment and service. The Commission may grant a “general” six-month extension “to all recipients of reimbursements . . . if the Commission: (i) finds that the supply of replacement communications equipment or services needed by the recipients to achieve the purposes of the Program is inadequate to meet the needs of the recipients; and (ii) provides notice and a detailed justification for granting the extension to” Congress. The Commission is also authorized to grant “individual” extensions on a case-by-case basis to program recipients pursuant to petition for a period of time of up to six months. To grant an individual extension, the Commission must find that, “due to no fault of such recipient, such recipient is unable to complete the permanent removal, replacement, and disposal.” According to the legislative history, “[t]he Committee expects the Commission to not find it the fault of a recipient of the program if such recipient has a shortage of qualified workers, either employees or contracted third-parties, to complete the removal of covered equipment and replacement of new equipment under the timeframe established.”
157. The general extension provision authorizes the Commission to issue sua sponte a one-time six-month extension to all program recipients. Interpreting this provision to allow for more multiple general six month extensions for all participants without regard to the circumstances of each individual applicant would seem to run counter to the intent of Congress of having a one-year term deadline and would seem to moot, or at least significantly diminish, the need for, or relevance of allowing, individual extensions. Following the funding allocation stage, the Commission directs WCB to assess the supply of replacement equipment in the marketplace. The Commission expects WCB, in making this assessment, to account for the information reported by program recipients in the status updates filed as required by the Secure Networks Act. WCB shall inform the Commission of its assessment in a timely manner so as to give the Commission sufficient time to provide notice and justification to Congress and to issue a general extension of time before the initial one-year deadline expires for program recipients.
158. In reading the statutory provision on individual extensions, the Commission agrees with commenters who assert that the provision allows it to grant more than one extension to a recipient. The Secure Networks Act states that the Commission may grant a petition for an extension, but does not provide any direct limit as to the number of extensions that may be granted. Instead, the only limit to granting an extension is whether the Commission finds that, “due to no fault of such recipient, such recipient is unable to complete the permanent removal, replacement, and disposal.” The Commission interprets this language to mean that it may grant more than one individual extension as factors beyond the control of an applicant may exist for more than six months, an interpretation endorsed by all commenters. The Commission also agrees with commenters that the statute specifically allows it to grant both a general and individual extensions if the circumstances warrant. The Commission also agrees with commenters that it may not issue a single, across-the-board extension that exceeds six months. The Commission believes this is an important safety valve for recipients to complete their network transitions. The Commission directs WCB to address petitions for extensions in the first instance consistent with the following principles. In order to ensure prompt replacement in accordance with the goals of the Act, petitions for extension will only be granted where the program recipient demonstrates the delay is due to factors beyond its control. In making this determination, the Commission directs WCB to be guided by the Commission's precedent in dealing with similar requests involving wireless facilities under § 1.946 of the Commission's rules. § 1.946(e) allows for extensions of time “if the licensee shows that failure to meet the construction or coverage deadline is due to involuntary loss of site or other causes beyond its control.” The rule further provides that “[e]xtension requests will not be granted for failure to meet a construction or coverage deadline due to delays caused by a failure to obtain financing, to obtain an antenna site, or to order equipment in a timely manner. If the licensee orders equipment within 90 days of its initial license grant, a presumption of diligence is established.” The rule further provides that “[e]xtension requests will not be granted for failure to meet a construction or coverage deadline because the licensee undergoes a transfer of control or because the licensee intends to assign the authorization. The Commission will not grant extension requests solely to allow a transferee or assignee to complete facilities that the transferor or assignor failed to construct.” The Commission encourages WCB to provide guidance as necessary to program recipients to help them in seeking an extension of time. This addresses the request of CCA, asking the Commission to provide clear guidance on how it will implement the provision on individual extensions and what will be expected from applicants to satisfy an extension request.
159. Applicability of USF Support Certification Requirement. The new remove-and-replace rule that the Commission adopts requires ETCs to certify prior to receiving USF support that they do not use equipment or services identified on the Covered List. The Commission recognizes Reimbursement Program recipients will likely need to utilize their existing covered communications equipment or service on a temporary basis during the transition process to mitigate service disruptions for existing customers. Accordingly, Reimbursement Program recipients are not subject to the new certification requirement until after the expiration of their removal, replacement, and disposal term. However, once the term has expired, the provider will be subject to the certification requirement going forward when seeking to obtain USF support.
160. Effect of Removal from the Covered List. The Secure Networks Act provides a process for addressing situations when communications equipment or service is removed from the Covered List following the filing of an application for reimbursement. If this situation occurs, then according to the Secure Networks Act, an applicant may either: (1) Return the reimbursement funds received and be released from any further removal, replacement, and disposal requirements; or (2) retain the reimbursement funds received and remain subject to the applicable removal, replacement, and disposal requirements. For purposes of the Reimbursement Program established in this document, the Commission interprets this statutory provision to mean that if the Covered List removal occurs after an application is filed and approved, then it will give the applicant the option to either proceed with or withdraw from the Reimbursement Program altogether. If withdrawing, then the applicant would need to notify the Commission as such and return any reimbursement funds previously disbursed to the Commission where applicable. If withdrawing, any funding allocated but not yet disbursed to the applicant would automatically revert to the Commission for potential reallocation to other applicants pursuant to a subsequently established filing window. If continuing with the Reimbursement Program, then the applicant must continue to comply with all applicable program requirements and obligations. Per the Secure Networks Act, if a program recipient needs an “assurance” as to whether the reimbursement funds have been returned, then “the assurance may be satisfied [by the recipient] making an assurance that such funds have been returned.” That said, the Commission will provide recipients with confirmation of reimbursement funds returned.
161. The Commission declines to implement a preapproval process for transition plans. Both CCA and NetNumber urge the Commission to provide a mechanism by which providers can obtain an upfront approval or at least additional guidance for their network transition plans. These commenters note the complexity of transitioning a network and explain how upfront approval and guidance would mitigate wasted time and resources on a plan the Commission ultimately does not support. The upfront approval mechanism would apparently need to precede the filing window for submitting reimbursement cost estimates.
162. Although the Commission sees the benefits of having a preapproval process, it is concerned the addition of another procedural layer will unnecessarily delay the allocation of funding for the removal, replacement, and disposal of covered communications equipment and service from the networks of eligible providers. Because of the national security implications of continuing to have insecure equipment in the Commission's communications networks, it is striving to receive applications within twelve months of the adoption of this document. Adding a processing layer to pre-approve transition plans would require building in further time for implementation and the redirection of resources to reviewing and approving transition plans, instead of immediately implementing a system to receive applications. Moreover, the Commission will separately be providing participants with guidance on replacement equipment and cost estimates. The Commission finds the additional guidance will sufficiently help applicants in formulating their network transition plans and should alleviate the concerns the commenters express. Accordingly, the Commission declines at this time to establish a preapproval process for transition plans as suggested by CCA and NetNumber. For the same reasons, the Commission declines a similar suggestion by SNC, to the extent SNC's proposals differs from the process the Commission adopts, to have two separate application rounds upfront to obtain a funding allocation, i.e., one to requests funds for planning and another for replacement and implementation.
163. The Secure Networks Act directs the Commission to adopt regulations requiring the “disposal” of covered communications equipment and services by Reimbursement Program recipients to prevent the use of such equipment or services in the networks of advanced communications service providers. Disposal is defined as the act of disposing. To dispose of something means “to get rid of,” “to deal with conclusively,” “to transfer to the control of another.” While the act of disposing typically means to get rid of or to transfer control of something to another, the Commission reads “disposal” in connection with the statutory language “to prevent such equipment or services from being used in the networks of providers” as requiring the destruction of the equipment or service by the recipient so as to make the equipment or service inoperable and incapable of use. The Commission adopts a regulation consistent with its interpretation and will require recipients to dispose of covered communications equipment and service in a manner to prevent the use of the equipment or service in the networks of other providers.
164. The Commission disagrees with PRTC that the statute would allow the Commission to permit the transfer of covered communications equipment or service to non-U.S. providers in an operable state that would allow for use of the equipment or service in another provider's network, whether foreign or domestic. At the same time, the Commission agrees with CCA and will allow providers to satisfy its disposal requirements “by documenting their transfer of removed equipment to third parties tasked with destruction or other disposal of the equipment.” Regardless of the method of disposal or destruction, the Commission requires participants to retain detailed documentation to verify compliance with this requirement. The Commission expects WCB to provide participants with additional guidance to help participants with the disposal and verification process.
165. The Commission directs WCB to create one or more forms to be used by entities to claim reimbursement from the Reimbursement Program, to report on their use of money disbursed and the status of their construction efforts, and for any other Reimbursement Program-related purposes. The Commission also directs WCB to establish the timing and calculate the amount of the allocations to eligible entities from the Reimbursement Program, develop a final Catalog of Eligible Expenses with the assistance of a contractor, and make other determinations regarding eligible costs and the reimbursement process. The Commission further directs WCB to adopt the necessary policies and procedures relating to allocations, draw downs, payments, obligations, and expenditures of money from the Reimbursement Program to protect against waste, fraud, and abuse and to protect Reimbursement Program funds in the event of bankruptcy of a support recipient. The Commission expects WCB through the implementation process will address many of the procedural details highlighted by the Secure Networks Coalition with input as needed from the public.
166. WCB will consult with the Office of General Counsel and the Office of the Managing Director (OMD) in carrying out these tasks. The Commission also encourages the WCB to work, as necessary, with other appropriate Bureaus and Offices in implementing and maintaining the Reimbursement Program. The Commission authorizes WCB to engage contractors to assist in the reimbursement process and the administration of the Reimbursement Program. Lastly, as required by the Secure Networks Act, the Commission directs WCB with the assistance of the Consumer and Governmental Affairs Bureau to “engage in education efforts with providers of advanced communications service” to encourage participation in the Reimbursement Program and to assist such providers in submitting applications.
167. The Secure Networks Act requires the Commission to take “all necessary steps” to combat waste, fraud, and abuse in the Reimbursement Program. The Secure Networks Act and the associated House Report specified that these steps shall include, but are not limited to, requiring recipients to submit status updates, detailed spending reports and documentation of invoices, and conducting routine audits and random field investigations of recipients to ensure compliance with Program requirements and this Act. The Commission sought comment in the Section 4 Public Notice, 85 FR 26653, May 5, 2020, and the 2019 Supply Chain Second Further Notice on these statutory obligations. The Commission now adopts rules to protect against the waste, fraud, and abuse of taxpayer money consistent with the Secure Networks Act.
168. Status Updates. While the Commission did not receive any comments on how to implement this statutory provision, it will proceed as directed by the Secure Networks Act and require program recipients to file a status update “once every 90 days beginning on the date on which the Commission approves an application for a reimbursement.” Recipients must file the first report within 90 days of receiving their funding allocation. Although the statute allows the Commission to require more frequently filed updates, it finds an update every 90 days sufficient to keep the Commission informed of ongoing developments while not unduly burdening program recipients and diverting limited administrative resources away from the network transition process. These updates will help the Commission monitor the overall pace of the removal, replacement, and disposal process and whether recipients are acting consistently with the timelines provided to the Commission or whether unexpected challenges are causing delay.
169. In the update, the recipients shall report on the efforts undertaken, and challenges encountered, in permanently removing, replacing, and disposing its covered communications equipment or services. Recipients shall also report in detail on the availability of replacement equipment in the marketplace so the Commission can assess whether a general, six-month extension permitted by the statute is appropriate. The report must include a certification that affirms the information in the status report is accurate. After the program recipient has notified the Commission of the completion of the permanent removal, replacement, and disposal of the covered communications equipment or service pursuant to a final certification, updates are no longer required.
170. The Commission directs WCB to provide additional details on the filing requirements and contents for such status updates. Per the statute, the Commission directs WCB to publicly post on the Commission's website the status update filings within 30 days of submission. The Commission further directs WCB to prepare a report for Congress within every 180 days following the funding allocation stage. The report shall provide an update on the Commission's implementation efforts and “the work by recipients of reimbursements . . . to permanently remove, replace, and dispose of covered communications equipment or services.”
171. Spending Reports. The Secure Networks Act directs the Commission to require Reimbursement Program recipients to submit “reports regarding how reimbursement funds have been spent, including detailed accounting of the covered communications equipment or services permanently removed and disposed of, and the replacement equipment or services purchased, rented, leased or otherwise obtained, using reimbursement funds.” Like status updates, spending reports help mitigate waste, fraud, and abuse by allowing the Commission to monitor the recipient's funding use to help make sure funds are spent as intended. The statute requires the filing of spending reports on a regular basis but does not otherwise indicate the filing frequency.
172. The Commission sought and received limited comment on the implementation of this statutory provision. The lone commenter, the Rural Wireless Broadband Coalition, understands the benefits of having recipients file such reports but encourages the Commission to limit the filing frequency to a semi-annual basis. According to Rural Wireless Broadband Coalition, [p]roducing these detailed accountings will be a burdensome, time-consuming exercise for small wireless carriers, requiring them to dedicate scarce resources to track, record, assemble, review, and report extensive data related to the removal, replacement, and disposal of covered equipment.”
173. The Commission is sensitive to the reporting burden highlighted by Rural Wireless Broadband Coalition. While the removal, replacement, and disposal term is for a one-year period with possible extensions of time for up to six-months, the Commission finds that requiring filings twice a year will provide information with sufficient frequency to allow the Commission to monitor against waste, fraud, and abuse while mitigating the reporting burden on recipients. Accordingly, the Commission will require Reimbursement Program recipients to file semiannually. Spending reports will be due within 10 calendar days after the end of January and July, starting with the recipient's initial draw down of disbursement funds and terminating once the recipient has filed a final spending report showing the expenditure of all funds received as compared to the estimated costs submitted. A final spending report will be due following the filing of a final certification by the recipient.
174. The Commission directs WCB to provide Reimbursement Program recipients with additional details on the filing of and information contained in the spending reports. The Commission also directs WCB to make filed spending reports available to the public via a portal on the Commission's website. The Commission will consider detailed accounting information on the covered communications equipment or services permanently removed and disposed of, and the replacement equipment or services purchased, rented, leased, or otherwise obtained, using reimbursement funds presumptively confidential and will withhold such disaggregated information from routine public inspection.
175. Final Certification. The Secure Networks Act directs the Commission to require Reimbursement Program recipients to file a final certification “in a form and at an appropriate time to be determined by the Commission.” In the final certification, the Reimbursement Program recipient must indicate whether it has fully complied with (or is in the process of complying with) all terms and conditions of the Program and the commitments made in the application of the recipient for the reimbursement; has permanently removed from the communications network of the recipient, replaced, and disposed of (or is in the process of permanently removing, replacing, and disposing of) all covered communications equipment or services that were in the network of the recipient as of the date of the submission of the application of the recipient for the reimbursement; and has fully complied with (or is in the process of complying with) the timeline submitted by the recipient. The statute also requires the filing of an updated certification if at the time the final certification is filed, the recipient has not fully complied with and completed its obligations under the Reimbursement Program.
176. No comments were filed addressing the final certification required by the Secure Networks Act. As the Commission lacks discretion to deviate from clear statutory requirements, it adopts a rule requiring recipients to file a final certification and updates as necessary per the statute. The Commission will require recipients to file the final certification within 10 calendar days of the expiration of the removal, replacement and disposal term because the final certification relates to the completion of the removal, replacement, and disposal process. The final certification will relate to the state of compliance and project completion as of the end of the removal, replacement and disposal term. Subsequently filed final certification updates will relate to the state of compliance and project completion as of the date the update is filed. Notwithstanding the statutory allowance for a final certification update, the failure to complete the removal, replacement, and disposal process in accordance with the Reimbursement Program's requirements by the end of the removal, replacement and disposal term, as evidenced in the filing of the final certification as initially filed, may result in the assessment of fines, forfeitures, and/or other enforcement actions against the recipient. The Commission directs WCB to provide additional details on the filing requirements and contents for the final certification and associated updates.
177. Documentation Retention Requirement. Reimbursement Program recipients are required to provide documentation, including relevant invoices and receipts, to support requests for the disbursement of reimbursement funds for reasonable expenses actually incurred during the removal, replacement, and disposal process. This documentation helps the Commission assess whether funding is being used as intended for reasonable costs, helps the Commission compare actual costs to submitted estimated costs, and helps to ensure disbursements for actual costs do not exceed the recipients funding allocation. While commenters did not address document retention, the Commission finds it prudent in its effort to combat waste, fraud, and abuse to require program recipients to retain all documentation related to their requests for funding reimbursement for actual expenses incurred. Recipients must retain the documentation for a period of 10 years after the date the final disbursement payment is received from the Reimbursement Program. The retained documentation will assist the Commission with any subsequent investigations should an issue of waste, fraud, and abuse arise following the completion of the removal, replacement, and disposal process. A 10-year period of time for retaining documentation is consistent with the Commission's retention requirement for both the E-Rate program and the broadcast incentive auction reimbursement program and coincides with the 10-year statute of limitations under the False Claims Act.
178. Audits, Reviews, and Field Investigations. In the 2019 Supply Chain Further Notice the Commission proposed subjecting program recipients to periodic compliance audits and other inquiries, including investigations as appropriate, to ensure compliance with the Commission's rules and orders. The Commission did not receive any comments on this issue. The Commission now directs OMD, or a third-party identified by OMD, to prepare a system to audit Reimbursement Program recipients to ensure compliance with the Commission's rules. Consistent with the Commission's experience regarding the USF, the Commission finds that audits are the most effective way to determine compliance with the Commission's rule requirements. To facilitate audits and field investigations, the Commission requires Reimbursement Program recipients to provide consent to allow vendors or contractors used by the recipient to release confidential information to the auditor, reviewer, or other representative. Recipients must also allow any representative appointed by the Commission to enter the premises of the recipient to conduct compliance inspections.
179. Enforcement. In the 2020 Supply Chain Second Further Notice, the Commission sought comment on implementing the enforcement measures contained in section 7 of the Secure Networks Act. The Commission received only one comment, from CCA, on the issue. As provided for in the statute, a violation of the Secure Networks Act or a regulation adopted pursuant to this statute shall constitute a violation of the Communications Act. As such, the Commission's authority to impose fines and forfeitures pursuant to section 503 of the Communications Act and § 1.80 of the Commission's rules, 47 CFR 1.80, will apply equally to violations of the Secure Networks Act and Commission regulation adopted pursuant to the Secure Networks Act. Potential violators are not limited to Reimbursement Program recipients but could also include consultants, vendors and contractors that assist entities participating in Reimbursement Program. In addition, as directed by the Secure Networks Act and consistent with the Commission's proposal in the 2020 Supply Chain Second Further Notice and the Secure Networks Act the Commission requires Reimbursement Program recipients found in violation of its rules or the “commitments made by the recipient in the application for the reimbursement” to repay funds disbursed via the Reimbursement Program. Prior to requiring repayment, WCB will send notice of the violation to the alleged violator and give the alleged violator 180 days to cure the violation as required by the Secure Networks Act. In addition to taking steps necessary to address a non-compliant situation, curing a violation may simply involve a response showing that a violation has been cured. The cure period will provide alleged violators with ample time to resolve issues of non-compliance before the Commission proceeds with taking further enforcement action.
180. Section 7(c) of the Secure Networks Act requires the Commission to take immediate action to recover all reimbursement funds awarded to a recipient if the recipient is required to repay funding due to a violation. CCA urged the Commission “to include in its enforcement procedures a reasonable opportunity for carriers to cure before repayment or other penalty action is triggered. The statute already provides program participants a 180-day period to cure violations prior to initiating repayment actions, and so the Commission finds going beyond what is already required unnecessary. Accordingly, consistent with the Commission's proposals in the 2020 Supply Chain Second Further Notice, it will initiate a repayment action by sending a request for repayment to the recipient immediately following the expiration of the opportunity to cure if the recipient fails to respond to the notice of violation, indicating the violation is cured. If the alleged violator does respond to the notice but is ultimately determined by the Commission not to have cured the violation, the Commission will then request repayment following that determination.
181. The Commission directs the Enforcement Bureau (EB) to take all steps necessary to initiate enforcement actions against Reimbursement Program violators and to recover any outstanding repayment amounts once a violation of the Reimbursement Program is referred by WCB to EB. Participants found to violate the Commission's rules will also be referred to “all appropriate law enforcement agencies or officials for further action under applicable criminal and civil laws.” Any person or entity that violates the Reimbursement Program rules will also be banned from further participation in the section 4 reimbursement program, and the person or entity may also be barred from participating in other Commission programs, including Universal Service support programs.
182. Section 4(d)(1) of the Secure Networks Act requires the Commission to develop a list of suggested replacements (Replacement List) for the equipment and services being removed, replaced, and destroyed. Specifically, Congress directed the Replacement List to include “both physical and virtual communications equipment, application and management software, and services or categories of replacements of both physical and virtual communications equipment, application and management software.” The list of suggested replacements must also be technology neutral and may not advantage the use of reimbursement funds for capital expenditures over operational expenditures. The Commission sought comment on how to develop the Replacement List in April 2020.
183. Consistent with the Commission's statutory obligation, it establishes, and will publish on its website, a Replacement List that will identify the categories of suggested replacements of real and virtual hardware and software equipment and services to guide of providers removing covered communications equipment from their networks. The Commission agrees with commenters that the Secure Networks Act provides the Commission with the flexibility to choose either to create a list of suggested replacements or categories of replacements. The Commission also agrees that the Replacement List should include categories of replacements rather than try to identify suggested replacements, because, as commenters assert, creating a list of suggested replacements would have negative consequences, such as the Commission being seen as picking favored equipment and manufacturers and imposing de facto mandates of specific equipment. The Commission agrees with commenters that it should provide carriers with the flexibility to select the equipment or services that fit their needs from categories of equipment and services. The Commission is wary of actions that could harm its communications networks, or result in mandatory purchases of specific equipment included on the Replacement List. The Commission therefore will list categories of suggested replacements on the Reimbursement List.
184. Further, were the Commission to try to identify specific equipment and services, it would risk inadvertently overlooking some equipment or manufacturers because “the number and diversity of telecommunications equipment is enormous, with varying model numbers, releases, and configurations.” There is no available resource with such information in the record. The Commission believes the better approach in developing the Replacement List is to identify categories of replacement equipment and services that providers of advanced communications service could then look to as they determine the proper equipment and services for their networks.
185. Others suggest that rather than creating a list of permissible hardware and software equipment and services, the Commission should make a list of manufacturers from whom the products and services might be purchased. The Secure Networks Act specifically requires the Commission to produce a list of “Suggested Replacements.” Identifying manufacturers would give the imprimatur of government approval and create a government approved list of manufacturers. An approved government listing could influence purchases and appear to convey that the Commission believes certain equipment meets quality and security metrics, which would require intensive review of products to ensure that the Replacement List was accurate and up-to-date. It could also lead to security threats as companies rely on the Commission's “seal of approval” in lieu of conducting their own research into the security of certain equipment. Further, entities seeking to enter the market may be dissuaded if their customers are only able to purchase equipment from manufacturers approved by the Commission, harming competition and innovation right as the move to Open Radio Access Networks (O-RAN) and virtualized networks opens up markets to new competitors. For these reasons, the Commission declines to name specific manufacturers and instead find that a Replacement List with categories of suggested equipment and services to guide providers of advanced communications service is the better interpretation of its obligation.
186. In compiling this Replacement List, the Commission will use the categories of equipment and services in its recently completed information collection as guidance for specific categories on the Replacement List. Specifically, in the 2019 Supply Chain Order, the Commission directed the Office of Economics and Analytics (OEA) and WCB to conduct an information collection to determine whether ETCs own equipment or services from Huawei and ZTE; what that equipment is and services are; the costs associated with purchasing and/or installing such equipment and services; and the costs associated with removing and replacing such equipment and services. Additionally, the Catalog of Expenses adopted as part of the Reimbursement Program will inform the Replacement List by helping to target the type of equipment that will be removed and replaced. The Commission may also review efforts from other Federal partners, such as the Federal Acquisition Security Council, or the Department of Homeland Security's Information and Communications Technology Supply Chain Risk Management Task Force, if those efforts are relevant to the Replacement List. The Federal Acquisition Security Council was established pursuant to the SECURE Technology Act and the Information and Communications Technology Supply Chain Risk Management Task Force is a public-private supply chain risk management partnership established in to identify and develop consensus strategies that enhance supply chain security.
187. The Commission agrees with commenters that the Replacement List should include equipment and services equipped, or upgradable to, be used in O-RAN, or in virtualized networks. Including O-RAN equipment and services, which “could transform 5G network architecture, costs, and security,” is consistent with the Secure Networks Act's requirement that the Replacement List be technologically neutral. The Secure Networks Act allows for the inclusion of services such as O-RAN and virtualized network equipment “to the extent that the Commission determines that communications services can serve as an adequate substitute for the installation of communications equipment.” The record shows that these communications services can serve as an adequate substitute for communications equipment. The Commission makes such a finding here. The Commission encourages providers participating in the Reimbursement Program to consider this promising technology, along with all other available technologies as they make their procurement decisions.
188. One commenter asserts that the Commission should use a software overlay to allow companies with covered communications equipment and services to keep the equipment in their networks until obsolescence, potentially enabling reimbursement funding to cover more networks. They argue the software overlay will make the replacement of the risky of covered equipment more efficient “with proven and fully tested technology (tested by [the U.S. government]), that installs as software on 3rd party communications equipment and mitigates the covered equipment manufacturers” ability to remotely access, manipulate traffic, access private and proprietary data and make configuration changes.” They further suggest that these software technologies provide the ability to defend the United States communications and data infrastructure, regardless of the location and source of manufacturing allowing time for “rip and replace” actions to be accelerated at lower cost.
189. Were the Commission to adopt this proposal, covered, potentially harmful equipment could remain in its networks for years, increasing the risks to the Commission's networks. The Commission believes the better approach given the language in the Secure Networks Act is take every measure possible to immediately reduce and eliminate the risk by removing the equipment promptly. Additionally, the Reimbursement Program requires that reimbursement funds be used solely for the purposes of “permanent removal of covered communications equipment and services . . . .” The public interest and its statutory goals would be best served by the approach the Commission has adopted.
190. The Commission also declines at this time to rely solely on a third party to create a list of suggested categories or the list of replacement equipment and services, as advocated by one commenter. First, the Secure Networks Act requires the Replacement List to be technologically neutral. Trade associations or membership organizations may be inherently biased toward the interests of their membership. Rather than risk the impression of self-dealing, the Commission believes it is more prudent to maintain control of the Replacement List. Second, although the Commission recognizes the challenges inherent in creating the Replacement List, the Secure Networks Act is clear that the Commission “shall” develop the Replacement List. Outsourcing the task to a third-party trade association or similar organization could be an unlawful subdelegation and risk the appearance of abdicating the Commission's responsibility.
191. Maintenance of the List. The Commission agrees with commenters that the list of suggested equipment and service should be transparent and current. The Commission will update the list of suggested equipment and services, and program recipients and interested third parties may also provide information about suggested equipment and services to assist the Commission in keeping the list current and reflective of changes in the market. The Commission finds that the list should be updated at least annually to ensure that it stays current with new technologies and innovations while also providing access to evolving next-generation communications capabilities to all consumers. Updating the Replacement List annually is consistent with the minimum schedule that Congress set for the Commission to update the list of covered communications equipment and services. The Commission believes updating its list of equipment and services that pose a threat to national security risks and its Replacement Lists together will provide consistency and clarity for providers seeking to comply with the Commission's rules.
192. The Commission declines to update the list quarterly, as some commenters argue. By adopting a Replacement List featuring categories of equipment and services, the Commission is expressly declining to attempt to evaluate every piece of equipment or software released. The Commission finds that the relevant categories of equipment and services are unlikely to change quarterly, and that an annual review is sufficient to keep the list current and foster a competitive marketplace. An annual update will be much more comprehensive and avoid the need for providers to constantly check the Commission's website prior to investing in their networks. For these same reasons, the Commission declines to update the list at even shorter intervals, such as monthly. The Commission does, however, note that the list may be updated at a shorter interval if the Commission deems it necessary.
193. The Commission directs WCB to issue a Public Notice at least annually announcing the updates to the Replacement List.
194. In the 2019 Supply Chain Order, the Commission sought to understand the scope of potentially prohibited equipment or services in the communications supply chain to help inform its rulemaking. As a result, it adopted the 2019 Supply Chain Information Collection Order, which required ETCs, and their non-ETC affiliates and subsidiaries, to report on the existence, or lack thereof, of any of their equipment and services obtained from Huawei and ZTE. ETCs had to submit information on the type of equipment or service obtained from these covered companies; the cost to purchase and/or install such equipment and services; and the cost to remove and replace such equipment and services. All submissions were required to be certified. OEA and WCB collected and compiled this data, and the results were published in September 2020.
195. Section 5 of the Secure Networks Act requires that “providers of advanced communications service” report annually if they have “purchased, rented, leased, or otherwise obtained any covered communications equipment or service, “on or after” August 14, 2018 or 60 days after an equipment or service has been placed on the Covered List. In other words, any equipment or service on the Covered List based on one of these two specifications must be reported. Section 5 also requires that providers of advanced communications service who have indicated in the information collection that their network contains covered equipment or services, based on the specifications in this document, submit a “detailed justification” for obtaining such equipment or services, as well as information indicating whether the covered equipment or services has subsequently been removed and replaced and information about plans to continue the purchase, rent, lease, installation, or use of such covered equipment or services. Any providers that certify to the Commission that they do not have any equipment or services are not required to submit annual reports unless they acquire covered equipment or services after their last certification.
196. In the 2020 Supply Chain Second Further Notice, the Commission proposed to require that advanced communications service providers report the type, location, date obtained, and any removal and replacement plans of covered equipment and services in their networks. The Commission also sought comment on the appropriate information needed to satisfy the “detailed justification” requirement of the Secure Networks Act.
197. Consistent with the Secure Networks Act and the Commission's proposal in the 2020 Supply Chain Second Further Notice, the Commission implements a new data collection requirement applying to all providers of advanced communications service. The Commission requires that providers of advanced communications service annually report on covered communications equipment or services in their networks. Specifically, with respect to equipment or services on the initial Covered List acquired on or after August 14, 2018, or equipment or services added to the Covered List that were purchased 60 days or more after the Covered List is subsequently updated, providers must report the type of covered communications equipment or service purchased, rented or leased; location of the equipment or service; date the equipment or service was procured; removal or replacement plans for the equipment or service, including cost to replace; amount paid for the equipment or service; the supplier for the equipment or service; and a detailed justification for obtaining such covered equipment and service.
198. The detailed justification must thoroughly explain the provider's reasons for obtaining the covered equipment and/or services, including why the provider chose to obtain covered equipment and services rather than equipment and services not on the Covered List. These reasons can include technical or compatibility issues or the source of the vendor was not known by the provider. Providers must also indicate whether the equipment and services were published on the Covered List at the time of purchase, and whether the covered equipment and services supports any other covered equipment and services that do not need to be reported, because, for example, the equipment or services were obtained before August 14, 2018. This information is not only required pursuant to the Secure Networks Act but will inform future Commission action to address security issues in communications networks.
199. The Commission will release to the public a list of providers that have reported covered equipment or services in their networks, consistent with the 2019 Supply Chain Information Collection Order. The Commission believes that the public interest in knowing whether providers have covered equipment and services in their networks outweighs any interest the carrier may have in keeping such information confidential. The Commission rejects NCTA's argument to the contrary. NCTA argues that because the Secure Networks Act directed that status updates under the reimbursement program would be made public under section 4(d)(8) while remaining silent on whether the section 5 results should be made public, Congress intended that section 5 results remain confidential. The Commission disagrees. Instead, Congress provided the Commission with significant discretion as to the “form” and manner of these reports, and it believes the public interest in knowing whether covered communications equipment and services acquired after August 14, 2018 are in providers of advanced communications service networks outweigh any countervailing interest of the provider in keeping such information confidential. Moreover, at the time it passed the Secure Networks Act, Congress was aware of the Commission's intention to publish a list of ETCs with Huawei and ZTE equipment in their networks based on the 2019 Supply Chain Information Collection Order, and the Commission believes Congress's silence as to whether the section 5 results should be made public is better interpreted as endorsing a similar approach to the 2019 Supply Chain Information Collection Order rather than NCTA's reading. Other information, such as location of the equipment and services; removal or replacement plans that include sensitive information; the specific type of equipment or service; and any other provider specific information will be presumptively confidential. The Commission believes that this information would likely qualify as trade secrets under the Freedom of Information Act.
200. The Commission directs OEA to administer the collection, which includes creating a form for submission through an online portal. The form will require that all providers certify that the information provided is true and accurate subject to federal regulations. The form will have the option for providers to certify that they do not have any covered equipment and services. Those providers that certify that they do not have any covered equipment and services will not need to refile annually unless circumstances change, and they acquire any of these covered equipment and services or if equipment they currently use is subsequently added to the Covered List. However, a provider of advanced communications service that certifies that its network does have covered equipment or services will need to continue to file an annual report, including the justification, until the provider can certify that its network no longer contains covered equipment or services. The Secure Networks Act only allows entities that respond to the information collection with a negative response to cease filing unless their subsequently purchase, rent, lease, or obtain covered communications equipment and services.
201. The Commission reiterates that this information collection requirement does not have any effect on the 2019 Supply Chain Information Collection Order and its subsequent results. The 2019 Supply Chain Information Collection Order has closed, and the Commission has publicly reported its results. The results of the 2019 Supply Chain Information Collection Order helped inform the Commission of the extent of Huawei and ZTE equipment in its communications networks and provided information about the cost of replacing such equipment. USTelecom argues that the Secure Networks Act's information collection should supersede the 2019 Supply Chain Information Collection Order, but that argument has been mooted by the release of results from the 2019 Supply Chain Information Collection Order. Moreover, the 2019 Supply Chain Information Collection Order and the new information collection are distinct. The new information collection, as required by Congress in the Secure Networks Act, will inform the Commission and public about advanced communications service provider action regarding covered communications equipment or services on or after August 14, 2018. As the Commission explained in the 2020 Supply Chain Second Further Notice, the 2019 Supply Chain Information Collection Order only covered ETCs. ETCs were required to report any Huawei and ZTE equipment and services in their networks, or their subsidiaries or affiliates, regardless of when they were obtained.
202. Effective Date. For the first annual filing, certified responses to this information collection from providers of advanced communication service will be due through the portal no later than 90 days after OEA issues a public notice announcing the availability of the new reporting portal. Although the Commission proposed a six-month window in the proposed rules appendix of the 2020 Supply Chain Second Further Notice, a 90-day period would provide the Commission and the public with quicker notification of potential security risks to U.S. communications networks. The Commission finds that a 90-day period is sufficient time for providers to complete the first annual report for two reasons. First, it will likely take OEA time to prepare the portal for the annual submissions. The Commission expects providers of advanced communications service to begin work for the certification and reporting requirement before OEA issues the Public Notice, providing sufficient time for providers to gather the information when added to the 90 days after the Public Notice is published. Second, 90 days is roughly consistent with the amount of time the Commission gave ETCs, their subsidiaries, and affiliates, to comply with the first information collection, including an extension of time to respond. Thereafter, all providers of advanced communications service required to comply with this information collection must submit their certified response through the portal no later than March 31 for the previous year.
203. Based on presently available information obtained through the Commission's Information Collection, the Commission estimates the cost of requiring the removal and replacement of covered equipment and services within the next two years to be $1.8 billion for all ETCs. In the 2019 Supply Chain Order, the Commission preliminarily estimated the total cost to be between $600 million and $2 billion dollars. Not all of that amount, however, is subject to reimbursement. The ETCs that appear to initially qualify for reimbursement under the Secure Networks Act report it would require approximately $1.6 billion to replace their equipment. Yet, as the Commission concluded in the 2019 Supply Chain Order, it finds that the affected equipment has a 10-year life and that this Order will impact investment decisions starting in 2021. The Commission therefore expects to see some replacements, like those normally occurring under attrition at the end of both 2020 and 2021, covering two years and including up to 20% of the original equipment. Hence, the Commission expects the required replacement costs for the Huawei or ZTE asset base occurring at the end of the period for all ETCs may be as low as $1.5 billion (i.e., about 80% of $1.8 billion) and the reimbursement amount for qualifying ETCs may be as low as $1.3 billion (i.e., 80% of $1.6 billion).
204. The Commission nonetheless concludes that, even if total replacement cost is as high as $1.8 billion reported by all ETCs, that cost will be far exceeded by the benefits obtained by addressing the important national security concerns raised by the enumerated sources who make national security determinations. As the Commission explained in the 2019 Supply Chain Order, the benefits of removing covered equipment and services “extend to [hard] to quantify matters, such as preventing untrustworthy elements in the communications network from impacting our nation's defense, public safety, and homeland security operations, our military readiness, and our critical infrastructure, let alone the collateral damage such as loss of life that may occur with any mass disruption to our nation's communications networks.”
205. The other rules enacted in the Order are mandated by the Secure Networks Act and the Commission has no discretion to diverge from statutory direction. The Commission estimates the reporting costs of complying with the new reporting requirement, mandated by section 5 of the Secure Networks Act, to be approximately $600,000, being the product the per provider cost of $167 and the Commission's estimate of reporting providers of advanced communications services of approximately 3,500 ($167 * 3,500 = $584,500, which the Commission rounds to $600,000 recognizing its calculations are only approximations). The Commission estimates that complying would take 3 hours for each ETC subject to that collection, at a cost of about $167 per carrier, as the reporting requirements for the new collection are similar to those in the 2019 Supply Chain Information Collection. The Commission estimates there are approximately 3,500 providers of advanced communications service, i.e., providers that would have to report under the present collection, as follows. There are 3,822 current 477 filings. Some of these are from filers that affiliated with each other. The Commission associated affiliated 477 filers with a unique “parent” filer, dropping the affiliates from its count. Of the remaining 477 filers, the Commission dropped filers who only engage in fixed line resale and do not supply mobile service. This left 3,579 filers, which, recognizing the Commission's process involves approximation, it rounds to 3,500. This reporting cost estimate is higher than the cost of the data collection of the 2019 Supply Chain Information Collection because the universe of respondents includes all providers of advanced communications service, not just ETCs. The Commission anticipates that the new prohibition on Federal subsidy programs administered by the Commission will not have incremental net costs beyond those already imposed by § 54.9 of the Commission's rules. The Commission accordingly finds that its requirements will achieve the stated objectives of Congress's mandated rules in the most cost-effective manner. Huawei argues that the “significant upfront costs as well as ongoing expenditures . . . will make it extremely difficult to comply with a removal and replacement mandate.” Huawei believes a cost benefit analysis “likely would result in inequitable disbursement or reimbursement funds because some carriers may have spent more on covered company equipment that other carriers” and, for non-ETCs, “the magnitude of equipment replacements costs is not something they can afford.” The Commission disagrees. For non-ETCs, the requirement to remove and replace equipment applies only to those providers which voluntarily choose to participate in the Reimbursement Program. And the Commission received no comments from ETCs who would be ineligible to participate in the Reimbursement Program stating the requirement to remove and replace covered equipment or services is not feasible. Finally, the design of the Reimbursement Program, including section 4 of the Secure Networks Act and the rules the Commission adopts, will ensure an equitable allocation of funds to replace covered equipment and services.
III. Procedural Matters
A. Paperwork Reduction Act of 1995 Analysis
206. This document contains modified information collection requirements subject to the Paperwork Reduction Act of 1995 (PRA), Public Law 104-13. It will be submitted to the Office of Management and Budget (OMB) for review under Section 3507(d) of the PRA. OMB, the general public, and other Federal agencies will be invited to comment on the modified information collection requirements contained in this proceeding. In addition, the Commission notes that pursuant to the Small Business Paperwork Relief Act of 2002, Public Law 107-198, see 44 U.S.C. 3506(c)(4), the Commission previously sought specific comment on how the Commission might further reduce the information collection burden for small business concerns with fewer than 25 employees.
B. Congressional Review Act
207. The Commission has determined, and the Administrator of the Office of Information and Regulatory Affairs, Office of Management and Budget, concurs that this rule is major under the Congressional Review Act, 5 U.S.C. 804(2). The Commission will send a copy of this Second Report and Order to Congress and the Government Accountability Office pursuant to 5 U.S.C. 801(a)(1)(A).
208. Final Regulatory Flexibility Analysis. The Regulatory Flexibility Act of 1980 (RFA) requires that an agency prepare a regulatory flexibility analysis for notice and comment rulemakings, unless the agency certifies that “the rule will not, if promulgated, have a significant economic impact on a substantial number of small entities.” Accordingly, the Commission has prepared a FRFA concerning the possible impact of the rule changes contained in the Report and Order on small entities.
209. The Commission sought written comment on the proposals in the 2019 Supply Chain Further Notice and 2020 Supply Chain Second Further Notice, including comment on the Initial Regulatory Flexibility Analysis (IRFA). The present Final Regulatory Flexibility Analysis (FRFA) addresses comments received on the IRFAs and conforms to the RFA.
210. Consistent with the Commission's obligation to be responsible stewards of the public funds used in USF programs and increasing concern about ensuring communications supply chain integrity, and as directed by the Secure Networks Act, the Second Report and Order (Order) adopts rules to implement sections 2, 3, 4, 5, and 7 of the Secure Networks Act and to require recipients of reimbursement funds under the Reimbursement Program and ETCs receiving USF support to remove and replace from their network operations communications equipment and services included on the covered list required by section 2 of the Covered List.
211. Specifically, in addition to the requirement to remove-and-replace, the Commission adopts several rules to implement provisions of the Secure Networks Act. The Commission implements section 2 of the Secure Networks Act by publishing on its website the Covered List of communications equipment or services determined to pose a risk to national security, pursuant to the sources of determinations identified in section 2(c) of the Secure Networks Act. The Commission adopts a rule to prohibit the use of Federal subsidies made available through a program administered by the Commission to purchase, rent, lease, or otherwise obtain any covered communications equipment or service, or maintain any covered communications equipment or service previously purchased, rented, leased, or otherwise obtained, and identified and published on the Covered List. The Commission establishes, as directed by section 4 of the Secure Networks Act, the Reimbursement Program to reimburse costs reasonably incurred by providers of advanced communications service with two million or fewer customers to permanently remove, replace, and dispose of covered communications equipment and services from their networks. To further administer the Reimbursement Program, the Commission establishes, and will publish on its website, a list of suggested replacements (Replacement List) for the equipment and services being removed, replaced, and destroyed, and establishes a reporting requirement and new information collection to require providers of advanced communications service to report covered communications equipment and service in their networks.
212. Small entities potentially affected by the rules herein include eligible schools and libraries, eligible rural non-profit and public health care providers, and the eligible service providers offering them services, including telecommunications service providers, internet Service Providers, and vendors of the services and equipment used for telecommunications and broadband networks.
213. Requirement to Remove and Replace Covered Equipment and Services. The Order requires recipients of reimbursement funds under the Reimbursement Program and ETCs receiving USF support to remove and replace from their network operations covered equipment and services included on the Covered List. The Order conditions this obligation to remove and replace covered equipment and services upon a congressional appropriation to fund the Reimbursement Program. The Order limits the scope of the remove-and-replace requirement to equipment and services on the Covered List. Applicants for funds through the Reimbursement Program shall satisfy compliance with the remove-and-replace obligation in accordance with the deadlines and transition periods associated with the Reimbursement Program. Entities required to comply that are not recipients of funding through the Reimbursement Program must remove covered equipment and services within one year after WCB issues a Public Notice announcing the acceptance of applications filed during the initial filing window to participate in the Reimbursement Program. ETC recipients of USF support must certify that they have complied with our new rule requiring the removal of equipment and services on the Covered List.
214. Covered List. Consistent with the Secure Networks Act, no later than March 12, 2021, the Commission will publish on its website the Covered List of communications equipment or services determined to pose an unacceptable risk to the national security of the United States or the security and safety of United States persons. The Order establishes that the Commission will publish, update, or modify the Covered List without providing notice or opportunity to comment; however, PSHSB will issue a Public Notice every time the Covered List is updated. As directed by the Secure Networks Act, the Order states that the Commission may only accept determinations from the four sources enumerated in the Secure Networks Act, and will incorporate national security determinations into the Covered List automatically, when identifying specific communications equipment or services that “pose[ ] an unacceptable risk to the national security of the United States and the security and safety of United States persons,” or to the extent the class or category of equipment or service identified is “capable” of the 2(b)(2)(A)-(C) criteria, when listed in general categories or classes of equipment that pose such a risk. The Commission will periodically update or modify the Covered List to reflect changes in determinations and will notify the public for every twelve-month period during which the Commission does not update the Covered List.
215. Restriction on Use of Federal Subsidies. Pursuant to section 3 of the Secure Networks Act, the Order adopts a rule that no Federal subsidy made available through a program administered by the Commission for capital expenditures necessary for the provision of advanced communications service shall be used to purchase, rent, lease, or otherwise obtain any covered communications equipment or service, or maintain any covered communications equipment or service previously purchased, rented, leased, or otherwise obtained, as identified and published on the Covered List. The Commission has interpreted section 3 of the Secure Networks Act as intending to apply to all universal service programs but not other Federal subsidy programs to the extent those programs may tangentially or indirectly involve expenditures related to the provision of advanced communications service. In the Order, the Commission declines to grandfather existing contracts for equipment or services on the Covered List under § 54.10 of the Commission's rules. The prohibition on the use of Federal subsidies takes effect 60 days after any particular communications equipment or services are placed on the Covered List, consistent with the Secure Networks Act. The Order requires recipients of universal service support from each of the four USF programs to certify that they have complied with the new rule prohibiting the use of Federal subsidies for equipment and services on the Covered List.
216. Reimbursement Program. The Order establishes, as directed by the Secure Networks Act, the Secure and Trusted Communications Reimbursement Program (Reimbursement Program) to reimburse the costs reasonably incurred by providers of advanced communication services with two million or fewer customers to permanently remove, replace, and dispose of covered communications equipment and services from their networks. In the Order, the Commission allows eligible providers to obtain reimbursement to remove and replace older covered communications equipment with upgraded technology and will reimburse providers for certain transition expenses incurred prior to the creation of this program. Program participants are required to submit estimated costs to receive funding allocations, and recipients can then obtain funding disbursements on a rolling basis upon a showing of actual expenses incurred. If aggregate demand exceeds available funding, the Order prioritizes funding for ETCs and expenses for transitioning core networks over non-ETCs and non-core network transition expenses. Program recipients will have one year from the initial funding disbursement to complete the permanent removal, replacement, and disposal of covered communications equipment, and the Commission may grant a single, general six-month extension for all recipients and/or individual extensions of time if circumstances warrant.
217. Status Updates. As directed by the Secure Networks Act, the Order requires program recipients to file a status update “once every 90 days beginning on the date on which the Commission approves an application for a reimbursement.” Recipients should file the first report within 90 days of receiving their allocation. In the update, the recipients shall report on the efforts undertaken, and challenges encountered, in permanently removing, replacing, and disposing its covered communications equipment or services. Recipients shall also report in detail on the availability of replacement equipment in the marketplace so the Commission can assess whether a general, six-month extension permitted by the statute is appropriate. The report must also include information that the entity has fully complied with (or is in the process of complying with) all terms and conditions of the Program; has fully complied with (or is in the process of complying with) the commitments made in the application of the recipient for the reimbursement; has permanently removed from the communications network of the recipient, replaced, and disposed of (or is in the process of permanently removing, replacing, and disposing of) all covered communications equipment or services that were in the network of the recipient as of the date of the submission of the application of the recipient for the reimbursement; and has fully complied with (or is in the process of complying with) the timeline submitted by the recipient. The report must include a certification that affirms the information in the status report is accurate. After the program recipient has notified the Commission of the completion of the permanent removal, replacement, and disposal of the covered communications equipment or service pursuant to a final certification, updates are no longer required.
218. Steps to Mitigate Waste, Fraud, and Abuse. The Order directs OMD, or a third-party identified by OMD, to prepare a system to audit Reimbursement Program recipients to ensure compliance with the Commission's rules. The Order requires recipients found in violation of the Commission's rules or the “commitments made by the recipient in the application for the reimbursement” to repay funds disbursed via the Reimbursement Program. Prior to requiring repayment, the Commission will provide notice of the violation, and will give the violator 180 days to cure the violation. The Commission initiates such action by sending a request for repayment to the recipient immediately following the expiration of the opportunity to cure if the recipient does not respond to the notice of violation. If the alleged violator does not respond to the notice or does not repay the amounts due, the Commission will demand repayment. Participants that are found to violate the Commission's rules will also be referred to “all appropriate law enforcement agencies or officials for further action under applicable criminal and civil laws.” Any person or entity that violates the Reimbursement Program rules will also be banned from further participation in the section 4 Reimbursement Program, and the person or entity may also be barred from participating in other Commission programs, including Universal Service support programs.
219. Replacement List. The Order establishes, and the Commission will publish on its website, a Replacement List that will identify the categories of suggested replacements of real and virtual hardware and software equipment and services to guide of providers removing covered communications equipment from their networks. The Replacement List of suggested equipment and services will be updated at least annually, and program recipients and interested third-parties may also provide information about suggested equipment and services to assist in keeping the list current and informed based upon changes in the market.
220. Reporting Requirement. The Order requires that providers of advanced communications service annually report the type of covered communications equipment or service purchased, rented or leased; location of the equipment or service; date the equipment or service was procured; removal or replacement plans for the equipment or service, including cost to replace; amount paid for the equipment or service; the supplier for the equipment or service; and a detailed justification for obtaining such covered equipment and service. All covered communications equipment or services on the initial Covered List published under section 2(a) of the Secure Networks Act that was purchased, leased, or otherwise obtained by a provider on or after August 14, 2018 must be reported. Additional covered equipment or services added to the list must be reported in the next annual report that is at least 60 days after the list is updated. Those providers needing to submit a detailed justification must thoroughly explain their reasons for obtaining the covered equipment and/or services. The Commission will release to the public a list of providers that have reported covered equipment or services in their networks, consistent with the 2019 Supply Chain Information Collection Order. For the first annual filing, certified responses to this information collection from providers of advanced communication service will be due through the portal no later than 90 days after OEA issues a public notice announcing the availability of the new reporting portal.
221. The RFA requires an agency to describe the steps the agency has taken to minimize the significant economic impact on small entities of the final rule, consistent with the stated objectives of the applicable statutes, including a statement of the factual, policy, and legal reasons in support of the final rule, and why any significant alternatives to the rule considered by the agency and which affect the impact on small entities were rejected.
222. Several of the rules in the Order are adopted pursuant to statutory obligation under the Secure Networks Act. However, where the Commission has discretion in its interpretation or implementation of the Secure Networks Act provisions, or adopts rules pursuant to alternative statutory authority, the scope of the rules is narrowly tailored so as to lessen the impact on small entities. The rules adopted in the Order appropriately consider the burdens on smaller providers against the Commission's goal of protecting its communications networks and communications supply chain from communications equipment and services that pose a national security threat, while facilitating the transition to safer and more secure alternatives.
223. Consistent with the Commission's proposal in the 2019 Supply Chain Further Notice, the requirement to remove and replace covered equipment and services is contingent upon appropriation from Congress, rather than making the requirement effective before funding is secured or based upon funding obtained through alternative measures, such as USF. Waiting until appropriated funding is available will reduce the burdens imposed upon smaller providers by ensuring that funds are available to cover reimbursable expenses through the Reimbursement Program. Additionally, the Order ties the administration of the remove-and-replace requirement to the administration of the Reimbursement Program, including limiting the scope of the requirement to equipment and services on the Covered List, which will allow providers to easily identify equipment and services to remove and replace from their networks. Using the Covered List to determine the scope of equipment and services applicable to the remove-and-replace requirement, as well as the prohibition on the use of Federal subsidies in § 54.10 of the Commission's rules and the Reimbursement Program, will enable small providers to easily identify equipment and services for compliance with these rules.
224. Consistent with the statutory mandates in the Secure Networks Act, the Order establishes a program to reimburse eligible providers of advanced communications service for costs reasonably incurred to remove, replace, and dispose of covered equipment and services on the Covered List. As a general matter, when obtaining replacement products for reimbursement, the Commission expects eligible providers to “obtain the lowest-cost equipment that most closely replaces their existing equipment” yet will allow, and indeed encourage, eligible providers replacing third generation and older equipment to obtain reimbursement for the cost of 4G LTE replacement equipment that is 5G-ready. This will put recipients, including smaller providers, on equal footing to their prior position before incurring the costs of removing and replacing the covered equipment and services and, ultimately, end up placing recipients in a slightly better position than they were before having to replace the covered equipment and services.
225. Although one commenter advocated that the Commission release reimbursement funding upfront to provide financial security for smaller providers, the Order determines that the Reimbursement Program will allocate funds on a rolling basis, similar to the administration of the broadcast incentive auction. This methodology, which sufficiently met the financial needs of providers, including smaller providers, in the broadcast incentive auction context, best achieves Congress's goal of mitigating the administrative burden and costs of the program while taking steps to avoid waste, fraud, and abuse. Consistent with the Secure Networks Act, the Order further sets a term of one year from the date upon which funding is received for recipients to remove, replace, and dispose of covered equipment or services, though the Secure Networks Act authorizes the Commission to grant six-month extensions of time, either on a general or case-by-case basis, for compliance.
226. Lastly, the Commission will update the list of suggested equipment and services contained on the Replacement List at least annually to ensure that the list stays current and transparent, which will help small and rural providers required to remove and replace covered equipment and services access advanced products and services when transitioning away from covered equipment and services in their networks.
227. Pursuant to § 1.3 of the Commission's rules, any provision of the Commission's rules may be waived by the Commission on its own motion or on petition “if good cause therefor is shown.” The Order permits entities to seek a waiver of the requirements if permitted by statute. In these ways, the Order seeks to minimize the economic burden of these rules on small entities.
IV. Ordering Clauses
228. Accordingly, it is ordered that, pursuant to the authority contained in sections 1-4, 201(b), 214, 229, 254, 303(r), 403, and 503 of the Communications Act of 1934, as amended, 47 U.S.C. 151-154, 201(b), 214, 229, 254, 303(r), 403, 503, sections 2, 3, 4, 5, and 7 of the Secure Networks Act, 47 U.S.C. 1601, 1602, 1603, 1604, and 1606, section 889 of the 2019 NDAA, Public Law 115-232, and §§ 1.1 and 1.412 of the Commission's rules and 47 CFR 1.1, the Report and Order is adopted.
229. It is further ordered that Parts 1 and 54 of the Commission's rules are amended as set forth in the following.
230. It is further ordered that, pursuant to §§ 1.4(b)(1) and 1.103(a) of the Commission's rules, 47 CFR 1.4(b)(1), 1.103(a), the Report and Order shall be effective 60 days after publication of the Report and Order in the Federal Register, with the exception §§ 1.50004(c), (d)(1), (g), (h)(2), (j)-(n), 1.50007, and 54.11, which contain new or modified information collection requirements that require review and approval by the OMB under the Paperwork Reduction Act. The Commission will announce the effective date of those sections in the Federal Register after receiving OMB approval.
List of Subjects
47 CFR Part 1
- Administrative practice and procedure
- Civil rights
- Claims
- Communications
- Communications common carriers
- Communications equipment
- Drug abuse
- Environmental impact statements
- Equal access to justice
- Equal employment opportunity
- Federal buildings and facilities
- Government employees
- Historic preservation
- Income taxes
- Indemnity payments
- Individuals with disabilities, internet
- Investigations
- Lawyers
- Metric system
- Penalties
- Radio
- Reporting and recordkeeping requirements
- Security measures
- Satellites
- Telecommunications
- Telephone
- Television
- Wages
47 CFR Part 54
- Communications common carriers
- Health facilities
- Infants and children, internet
- Libraries
- Puerto Rico
- Reporting and recordkeeping requirements
- Schools
- Telecommunications
- Telephone
- Virgin Islands
Federal Communications Commission
Marlene Dortch,
Secretary.
Final Rules
For the reasons discussed in the preamble, the Federal Communications Commission amends 47 CFR parts 1 and 54 as follows:
PART 1—PRACTICE AND PROCEDURE
1. The authority citation for part 1 continues to read as follows:
2. Effective March 15, 2021, add Subpart DD consisting of §§ 1.50000 through 1.50007 to read as follows:
Subpart DD—Secure and Trusted Communications Networks
- 1.50000
- Purpose.
- 1.50001
- Definitions.
- 1.50002
- Covered List.
- 1.50003
- Updates to the Covered List.
- 1.50004
- Secure and Trusted Communications Networks Reimbursement Program.
- 1.50005
- Enforcement.
- 1.50006
- Replacement List.
- 1.50007
- [Reserved]
Subpart DD—Secure and Trusted Communications Networks
The purpose of this subpart is to implement the Secure and Trusted Communications Networks Act of 2019, Public Law 116-124, 133 Stat. 158.
For purposes of this subpart:
(a) Advanced communications service. The term “advanced communications service” means high-speed, switched, broadband telecommunications capability that enables users to originate and receive high-quality voice, data, graphics, and video telecommunications using any technology with connection speeds of at least 200 kbps in either direction.
(b) Appropriate national security agency. The term “appropriate national security agency” means:
(1) The Department of Homeland Security;
(2) The Department of Defense;
(3) The Office of the Director of National Intelligence;
(4) The National Security Agency; and
(5) The Federal Bureau of Investigation.
(c) Communications equipment or service. The term “communications equipment or service” means any equipment or service used in fixed and mobile networks that provides advanced communication service, provided the equipment or service includes or uses electronic components.
(d) Covered communications equipment or service. The term “covered communications equipment or service” means any communications equipment or service that is included on the Covered List developed pursuant to § 1.50002.
(e) Determinations. The term “determination” means any determination from sources identified in § 1.50002(b)(1)(i)-(iv) that communications equipment or service pose an unacceptable risk to the national security of the United States or the security and safety of United States persons.
(f) Covered List. The Covered List is a regularly updated list of covered communications equipment and services.
(g) Reimbursement Program. The Reimbursement Program means the program established by section 4 of the Secure and Trusted Communications Networks Act of 2019, Public Law 116-124, 133 Stat. 158, codified at 47 U.S.C. 1603, as implemented by the Commission in § 1.50004.
(h) Reimbursement Program recipient (or recipient). The term “Reimbursement Program recipient” or “recipient” means an eligible advanced communications service provider that has requested via application and been approved for funding in the Reimbursement Program, regardless of whether the provider has received reimbursement funds.
(i) Replacement List. The Replacement List is a list of categories of suggested replacements for covered communications equipment or service.
(a) Publication of the Covered List. The Public Safety and Homeland Security Bureau shall publish the Covered List on the Commission's website and shall maintain and update the Covered List in accordance with § 1.50003.
(b) Inclusion on the Covered List. The Public Safety and Homeland Security Bureau shall place on the Covered List any communications equipment or service that:
(1) Is produced or provided by any entity if, based exclusively on the following determinations, such equipment or service poses an unacceptable risk to the national security of the United States or the security and safety of United States persons:
(i) A specific determination made by any executive branch interagency body with appropriate national security expertise, including the Federal Acquisition Security Council established under section 1222(a) of title 41, United States Code;
(ii) A specific determination made by the Department of Commerce pursuant to Executive Order No. 13873 (3 CFR, 2019 Comp., p 317); relating to securing the information and communications technology and services supply chain);
(iii) Equipment or service being covered telecommunications equipment or services, as defined in section 889(f)(3) of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (Pub. L. 115-232; 132 Stat. 1918); or
(iv) A specific determination made by an appropriate national security agency;
(2) And is capable of:
(i) Routing or redirecting user data traffic or permitting visibility into any user data or packets that such equipment or service transmits or otherwise handles;
(ii) Causing the networks of a provider of advanced communications services to be disrupted remotely; or
(iii) Otherwise posing an unacceptable risk to the national security of the United States or the security and safety of United States persons.
(a) The Public Safety and Homeland Security Bureau shall monitor the status of determinations in order to update the Covered List.
(b) If a determination regarding covered communications equipment or service on the Covered List is reversed or modified, the Public Safety and Homeland Security Bureau shall remove from or modify the entry of such equipment or service on the Covered List, except the Public Safety and Homeland Security Bureau may not remove such equipment or service from the Covered List if any other of the sources identified in § 1.50002(b)(1)(i) through (iv) maintains a determination supporting inclusion on the Covered List of such equipment or service.
(c) After each 12-month period during which the Covered List is not updated, the Public Safety and Homeland Security Bureau will issue a Public Notice indicating that no updates were necessary during such period.
(a) Eligibility. Providers of advanced communications service with two million or fewer customers are eligible to participate in the Reimbursement Program to reimburse such providers for costs reasonably incurred for the replacement, removal, and disposal of covered communications equipment or services if:
(1) The covered communications equipment or service to be removed, replaced, or disposed of was purchased, rented, leased or otherwise obtained before August 14, 2018 and on the initial Covered List published per § 1.50002; or
(2) The covered communications equipment or service was added to the Covered List per § 1.50003, then no later than 60 days after the date of addition to the Covered List;
(3) The provider certifies:
(i) As of the date of the submission of the application, the provider has developed:
(A) A plan for the permanent removal and replacement of any covered communications equipment or service that is in the communications network of the provider as of such date; and the disposal of the equipment or services removed; and
(B) A specific timeline for the permanent removal, replacement, and disposal of the covered communications equipment or service, which timeline shall be submitted to the Commission as part of the application per paragraph (c)(1)(iv) of this section; and
(ii) beginning on the date of the approval of the application, the provider:
(A) Will not purchase, rent, lease, or otherwise obtain covered communications equipment or service, using reimbursement funds or any other funds (including funds derived from private sources); and
(B) In developing and tailoring the risk management practices of the applicant, will consult and consider the standards, guidelines, and best practices set forth in the cybersecurity framework developed by the National Institute of Standards and Technology.
(b) Filing window. The Wireline Competition Bureau shall announce the opening of an initial application filing window for eligible providers seeking to participate in the Reimbursement Program for the reimbursement of costs reasonably incurred for the removal, replacement, and disposal of covered communications equipment and services. The Wireline Competition Bureau may implement additional filing windows as necessary and shall provide notice before opening any additional filing window, and include in that notice the amount of funding available. The Wireline Competition Bureau shall treat all eligible providers filing an application within any filing window as if their applications were simultaneously received. Funding requests submitted outside of a filing window will not be accepted.
(c) [Reserved]
(d) Application review process. The Wireline Competition Bureau will review applications to determine whether the application is complete, whether the applicant is eligible for the Reimbursement Program, and to assess the reasonableness of the cost estimates provided by the applicant. The Wireline Competition Bureau shall approve or deny applications to receive a funding allocation from the Reimbursement Program within 90 days after the close of the applicable filing window. The Wireline Competition Bureau may extend the deadline for granting or denying applications for up to an additional 45 days if it determines that an excessive number of applications have been filed during the window and additional time is needed to review the applications.
(1) [Reserved]
(2) Denial of an application shall not preclude the applicant from submitting a new application for reimbursement in a subsequent filing window.
(e) Funding allocation. Once an application is approved, the Wireline Competition Bureau will allocate funding on the applicant's behalf to the United States Treasury for draw down by the Reimbursement Program recipient as expenses are incurred pursuant to the funding disbursement process provided for in paragraph (g) of this section.
(f) Prioritization of support. The Wireline Competition Bureau shall issue funding allocations in accordance with this section after the close of a filing window. After a filing window closes, the Wireline Competition Bureau shall calculate the total demand for Reimbursement Program support submitted by all eligible providers during the filing window period. If the total demand received during the filing window exceeds the total funds available, then the Wireline Competition Bureau shall allocate the available funds consistent with the following priority schedule:
Priority 1: Advanced communication service providers with 2 million or fewer customers that are Eligible Telecommunication Carriers subject to section [54.11] (new removal and replacement requirement). | Priority 1a: Costs reasonably incurred for transitioning core network(s). Priority 1b: Costs reasonably incurred for non-core network transition. |
Priority 2: Non-ETC providers of advanced communications service with 2 million or fewer customers that participated in the Supply Chain Security Information Collection, OMB Control No. 3060-1270. | Priority 2a: * Costs reasonably incurred for transitioning core network(s). Priority 2b: * Costs reasonably incurred for non-core network transition. |
Priority 3: Other non-Eligible Telecommunication Carriers that are providers of advanced communication service with 2 million or fewer customers. | Priority 3a: Costs reasonably incurred for transitioning core network(s). Priority 3b: Costs reasonably incurred for non-core network transition. |
(1) Application of prioritization schedule. The Wireline Competition Bureau shall issue full funding allocations for all eligible providers in the Priority 1 prioritization category before issuing funding allocations in any subsequent prioritization categories. The Wireline Competition Bureau shall continue to review all funding requests and issue funding allocations by prioritization category until there are no available funds remaining. If there is insufficient funding to fully fund all requests in a particular prioritization category, then the Wireline Competition Bureau will pro-rate the available funding among all eligible providers in that prioritization category. Requests for funds in subsequent prioritization categories will be denied for lack of available funding.
(2) Pro-rata reductions. When pro-rata reductions are required per paragraph (f)(1) of this section, the Wireline Competition Bureau shall:
(i) Divide the total remaining funds available by the demand within the specific prioritization category to produce a pro-rata factor;
(ii) Multiply the pro-rata factor by the total dollar amount requested by each recipient in the prioritization category; and
(iii) Allocate funds to each recipient consistent with this calculation.
(g) [Reserved]
(h) Removal, replacement, and disposal term. Reimbursement Program recipients must complete the permanent removal, replacement, and disposal of covered communications equipment or service within one year of receiving the initial draw down disbursement from their funding allocation.
(1) General extension. The Commission may extend by a period of six months the removal, replacement, and disposal term to all Reimbursement Program recipients if the Commission:
(i) Finds that the supply of replacement communications equipment or services needed by the recipients to achieve the purposes of the Reimbursement Program is inadequate to meet the needs of the recipients; and
(ii) Provides notice and detailed justification for granting the extension to:
(A) The Committee on Energy and Commerce of the House of Representatives; and
(B) The Committee on Commerce, Science, and Transportation of the Senate.
(2) Individual extensions. Prior to the expiration of the removal, replacement and disposal term, a Reimbursement Program recipient may petition the Wireline Competition Bureau for an extension of the term. The Wireline Competition Bureau may grant an extension for up to six months after finding, that due to no fault of such recipient, such recipient is unable to complete the permanent removal, replacement, and disposal by the end of the term. The Wireline Competition Bureau may grant more than one extension request to a recipient if circumstances warrant.
(i) Limitations on funding use. A Reimbursement Program recipient may not:
(1) Use reimbursement funds to remove, replace or dispose of any covered communications equipment or service purchased, rented, leased, or otherwise obtained:
(i) On or after August 14, 2018, if on the initial Covered List published per § 1.50002; or
(ii) On or after 60 days after the date of addition to the Covered List if the communications equipment or services were subsequently added to the Covered List per § 1.50003; or
(2) Purchase, rent, lease, or otherwise obtain any covered communications equipment or service, using reimbursement funds or any other funds (including funds derived from private sources).
(j)-(n) [Reserved]
(o) Audits, reviews, and field investigations. Recipients shall be subject to audits and other investigations to evaluate their compliance with the statutory and regulatory requirements for the Reimbursement Program. Recipients must provide consent to allow vendors or contractors used by the recipient in connection with the Reimbursement Program to release confidential information to the auditor, reviewer, or other representative. Recipients shall permit any representative (including any auditor) appointed by the Commission to enter their premises to conduct compliance inspections.
(p) Delegation of authority. The Commission delegates authority to the Wireline Competition Bureau, to adopt the necessary policies and procedures relating to allocations, draw downs, payments, obligations, and expenditures of money from the Reimbursement Program to protect against waste, fraud, and abuse and in the event of bankruptcy, to establish a Catalog of Expenses Eligible for Reimbursement and predetermined cost estimates, review the estimated cost forms, issue funding allocations for costs reasonably incurred, set filing deadlines and review information and documentation regarding progress reports, allocations, and final accountings.
(a) Violations. In addition to the penalties provided under the Communications Act of 1934, as amended, and section 1.80 of this chapter, if a Reimbursement Program recipient violates the Secure and Trusted Communications Networks Act of 2019, Public Law 116-124, 133 Stat. 158, the Commission's rules implementing the statute, or the commitments made by the recipient in the application for reimbursement, the recipient:
(1) Shall repay to the Commission all reimbursement funds provided to the recipient under the Reimbursement Program;
(2) Shall be barred from further participation in the Reimbursement Program;
(3) Shall be referred to all appropriate law enforcement agencies or officials for further action under applicable criminal and civil law; and
(4) May be barred by the Commission from participation in other programs of the Commission, including the Federal universal service support programs established under section 254 of the Communications Act of 1934, as amended.
(b) Notice and opportunity to cure. The penalties described in paragraph (a) of this section shall not apply to a recipient unless:
(1) The Commission, the Wireline Competition Bureau, or the Enforcement Bureau provides the recipient with notice of the violation; and
(2) The recipient fails to cure the violation within 180 days after such notice.
(c) Recovery of funds. The Commission will immediately take action to recover all reimbursement funds awarded to a recipient under the Program in any case in which such recipient is required to repay reimbursement funds under paragraph (a) of this section.
(a) Development of List. The Commission shall develop a list of categories of suggested replacements of physical and virtual communications equipment, application and management software, and services for the covered communications equipment or services listed on the Covered List pursuant to §§ 1.50002 and 1.50003 of this subpart.
(1) In compiling the Replacement List, the Commission may review efforts from, or overseen by, other Federal partners to inform the Replacement List.
(2) The Replacement List shall include categories of physical and virtual communications equipment, application and management software, and services that allows carriers the flexibility to select the equipment or services that fit their needs from categories of equipment and services.
(3) The Wireline Competition Bureau shall publish the Replacement List on the Commission's website.
(b) Maintenance of the List. The Wireline Competition Bureau shall issue a Public Notice announcing any updates to the Replacement List. If there are no updates to the Replacement List in a calendar year, the Wireline Competition Bureau shall issue a Public Notice announcing that no updates that have been made to the Replacement List.
(c) Neutrality. The Replacement List must be technology neutral and may not advantage the use of reimbursement funds for capital expenditures over operational expenditures.
3. Delayed indefinitely, in § 1.50004, add paragraphs (c), (d)(1), (g), (h)(2), and (j) through (n) to read as follows:
(c) Application requests for funding. During a filing window, eligible providers may request a funding allocation from the Reimbursement Program for the reimbursement of costs reasonably incurred for the permanent removal, replacement, and disposal of covered communications equipment or service.
(1) Requests for funding allocations must include:
(i) An estimate of costs reasonably incurred for the permanent removal, replacement, and disposal of covered communications equipment or service from the eligible provider's network. Eligible providers may rely upon the predetermined estimated costs identified in the Catalog of Expenses Eligible for Reimbursement made available by the Wireline Competition Bureau. Eligible providers that submit their own cost estimates must submit supporting documentation and certify that the estimate is made in good faith.
(ii) Detailed information on the covered communications equipment or service being removed, replaced and disposed of;
(iii) The certifications set forth in paragraph (a)(3) of this section;
(iv) A specific timeline for the permanent removal, replacement, and disposal of the covered communications equipment or services; and
(v) The eligible provider certifies in good faith:
(A) It will reasonably incur the estimated costs claimed as eligible for reimbursement;
(B) It will use all money received from the Reimbursement Program only for expenses eligible for reimbursement;
(C) It will comply with all policies and procedures relating to allocations, draw downs, payments, obligations, and expenditures of money from the Reimbursement Program;
(D) It will maintain detailed records, including receipts, of all costs eligible for reimbursement actually incurred for a period of 10 years; and
(E) It will file all required documentation for its expenses.
(d) * * *
(1) If the Wireline Competition Bureau determines that an application is materially deficient (including by lacking an adequate cost estimate or adequate supporting materials), the Wireline Competition Bureau shall provide the applicant a 15-day period to cure the defect before denying the application. If the cure period would extend beyond the deadline under this paragraph (d) for approving or denying the application, such deadline shall be extended through the end of the cure period.
(g) Funding disbursements. Following the approval and issuance by the Wireline Competition Bureau of a funding allocation, a Reimbursement Program recipient may file a reimbursement claim request for the draw down disbursement of funds from the recipient's funding allocation. The recipient must show in the reimbursement claim actual expenses reasonably incurred for the removal, replacement, and disposal of covered communications equipment or service. The Wireline Competition Bureau will review and grant or deny reimbursement claims for actual costs reasonably incurred.
(1) Initial reimbursement claim. Within one year of the approval of its Reimbursement Program application, a recipient must file at least one reimbursement claim. Failure to file a reimbursement claim within the one-year period will result in the reclamation of all allocated funding from the Reimbursement Program recipient and revert to the Reimbursement Program fund for potential allocation to other Reimbursement Program participants.
(2) Reimbursement claim deadline. All reimbursement claims must be filed by the Reimbursement Program recipient within 120 days of expiration of the removal, replacement and disposal term. Following the expiration of the reimbursement claim deadline, any remaining and unclaimed funding allocated to the Reimbursement Program recipient will automatically be reclaimed and revert to the Reimbursement Program fund for potential allocation to other Reimbursement Program participants.
(3) Extension of reimbursement claim deadline. A Reimbursement Program recipient may request a single extension of the reimbursement claim deadline by no later than the deadline discussed in paragraph (g)(2). The Wireline Competition Bureau shall grant any timely filed extension request of the reimbursement claim filing deadline for no more than 120 days.
(h) * * *
(2) Individual extensions. Prior to the expiration of the removal, replacement and disposal term, a Reimbursement Program recipient may petition the Wireline Competition Bureau for an extension of the term. The Wireline Competition Bureau may grant an extension for up to six months after finding, that due to no fault of such recipient, such recipient is unable to complete the permanent removal, replacement, and disposal by the end of the term. The Wireline Competition Bureau may grant more than one extension request to a recipient if circumstances warrant.
(j) Disposal requirements. Reimbursement Program recipients must dispose of the covered communications equipment or service in a manner to prevent the equipment or service from being used in the networks of other providers of advanced communications service. The disposal must result in the destruction of the covered communications equipment or service, making the covered communications equipment or service inoperable permanently. Reimbursement Program recipients must retain documentation demonstrating compliance with this requirement.
(k) Status updates. Reimbursement Program recipients must file a status update with the Commission once every 90 days beginning on the date on which the Wireline Competition Bureau approves the recipient's application for reimbursement and until the recipient has filed the final certification.
(1) Status updates must include:
(i) Efforts undertaken, and challenges encountered, in permanently removing, replacing, and disposing of the covered communications equipment or service;
(ii) The availability of replacement equipment in the marketplace;
(iii) Whether the recipient has fully complied with (or is in the process of complying with) all requirements of the Reimbursement Program;
(iv) Whether the recipient has fully complied with (or is in the process of complying with) the commitments made in the recipient's application;
(v) Whether the recipient has permanently removed from its communications network, replaced, and disposed of (or is in the process of permanently removing, replacing, and disposing of) all covered communications equipment or services that were in the recipient's network as of the date of the submission of the recipient's application; and
(vi) Whether the recipient has fully complied with (or is in the process of complying with) the timeline submitted by the recipient as required by paragraph (c)(1)(iv) of this section.
(2) The Wireline Competition Bureau will publicly post on the Commission's website the status update filings within 30 days of submission.
(3) Within 180 days of completing the funding allocation stage provided for in paragraph (e), the Wireline Competition Bureau shall prepare a report for Congress providing an update on the Commission's implementation efforts and the work by recipients to permanently remove, replace, and dispose of covered communications equipment and service from their networks.
(l) Spending reports. Within 10 days after the end of January and July, Reimbursement Program recipients must file reports with the Commission regarding how reimbursement funds have been spent, including detailed accounting of the covered communications equipment or service permanently removed and disposed of, and the replacement equipment or service purchased, rented, leased, or otherwise obtained, using reimbursement funds.
(1) This requirement applies starting with the recipient's initial receipt of disbursement funds per paragraph (g) of this section and terminates once the recipient has filed a final spending report. certification.
(2) Following the filing of its final certification per paragraph (m) of this section, certifying that the recipient has completed the removal, replacement, and disposal process, the recipient must file a final spending report showing the expenditure of all funds received as compared to estimated costs identified in its application for funding.
(3) The Wireline Competition Bureau will make versions of the spending reports available on the Commission's website subject to confidentiality concerns consistent with the Commission's rules.
(m) Final certification. Within 10 days following the expiration of the removal, replacement, and disposal term, Reimbursement Program recipient shall file a final certification with the Commission.
(1) The final certification shall indicate whether the recipient has fully complied with (or is in the process of complying with) all terms and conditions of the Reimbursement Program, the commitments made in the application of the recipient for the reimbursement, and the timeline submitted by the recipient as required by paragraph (c) of this section. In addition, the final certification shall indicate whether the recipient has permanently removed from its communications network, replaced, and disposed of (or is in the process of permanently removing, replacing, and disposing of) all covered communications equipment or services that were in the network of the recipient as of the date of the submission of the application by the recipient for the reimbursement.
(2) If a recipient submits a certification under this paragraph stating the recipient has not fully complied with the obligations detailed in paragraph (m)(1) of this section, then the recipient must file an updated certification when the recipient has fully complied.
(n) Documentation retention requirement. Each Reimbursement Program recipient is required to retain all relevant documents, including invoices and receipts, pertaining to all costs eligible for reimbursement actually incurred for the removal, replacement, and disposal of covered communications equipment or services for a period ending not less than 10 years after the date on which it receives final disbursement from the Reimbursement Program.
5. Delayed indefinitely, add § 1.50007 to subpart DD to read as follows:
(a) Contents of Report. Each provider of advanced communications service must submit an annual report to the Commission that:
(1) Identifies any covered communications equipment or service that was purchased, rented, leased or otherwise obtained on or after:
(i) August 14, 2018, in the case of any covered communications equipment or service on the initial list published pursuant to § 1.50002; or
(ii) Within 60 days after the date on which the Commission places such equipment or service on the list required by § 1.50003;
(2) Provides details on the covered communications equipment or services in its network subject to reporting pursuant to paragraph (a)(1) of this section, including the type, location, date purchased, rented, leased or otherwise obtained, and any removal and replacement plans;
(3) Provides a detailed justification as to why the facilities-based provider of broadband service purchased, rented, leased or otherwise obtained the covered communications equipment or service;
(4) Provides information about whether any such covered communications equipment or service has subsequently been removed and replaced pursuant to Commission's reimbursement program contained in § 1.50004 of this subpart;
(5) Provides information about whether such provider plans to continue to purchase, rent, lease, or otherwise obtain, or install or use, such covered communications equipment or service and, if so, why; and
(6) Includes a certification as to the accuracy of the information reported by an appropriate official of the filer, along with the title of the certifying official.
(b) Reporting deadline. Providers of advanced communications service shall file initial reports within 90 days after the Office of Economics and Analytics issues a public notice announcing the availability of the new reporting platform. Thereafter, filers must submit reports once per year on or before March 31st, reporting information as of December 31st of the previous year.
(c) Reporting exception. If a provider of advanced communications service certifies to the Commission that such provider does not have any covered communications equipment or service in the network of such provider, such provider is not required to submit a report under this section after making such certification, unless such provider later purchases, rents, leases or otherwise obtains any covered communications equipment or service.
(d) Authority to update. The Office of Economics and Analytics may, consistent with these rules, implement any technical improvements, changes to the format and type of data submitted, or other clarifications to the report and its instructions.
PART 54—UNIVERSAL SERVICE
5. The authority citation for part 54 is revised to read as follows:
6. Effective March 15, 2021, add § 54.10 to read as follows:
(a) A Federal subsidy made available through a program administered by the Commission that provides funds to be used for the capital expenditures necessary for the provision of advanced communications service may not be used to:
(1) Purchase, rent, lease, or otherwise obtain any covered communications equipment or service; or
(2) Maintain any covered communications equipment or service previously purchased, rented, leased, or otherwise obtained.
(b) The term “covered communications equipment or service” is defined in § 1.50001 of this chapter.
(c) The prohibition in paragraph (a) of this section applies to any covered communications equipment or service beginning on the date that is 60 days after the date on which such equipment or service is placed on a published list pursuant to § 1.50003 of this chapter. In the case of any covered communications equipment or service that is on the initial list published pursuant to § 1.50002 of this chapter, such equipment or service shall be treated as being placed on the list on the date which such list is published.
7. Delayed indefinitely, add § 54.11 to read as follows:
(a) Each Eligible Telecommunications Carrier receiving Universal Service Fund support must certify prior to receiving a funding commitment or support that it does not use covered communications equipment or services.
(b) For purposes of paragraph (a) of this section, covered communications equipment or services means any communications equipment or service that is on the Covered list found in § 1.50002 of this chapter.
(c) The certification required in paragraph (a) of this section is not applicable until one year after the date the Commission releases a Public Notice announcing the acceptance of applications for filing during the initial filing window of the Reimbursement Program per § 1.50004(b) of this chapter.
(d) Reimbursement Program recipients, as defined in § 1.50001(h) of this chapter, are not subject to paragraph (a) of this section until after the expiration of their applicable removal, replacement, and disposal term per § 1.50004(h).
[FR Doc. 2021-00052 Filed 1-12-21; 8:45 am]
BILLING CODE 6712-01-P