Wikisource

Threats to U.S. Networks/Section 4B

< Threats to U.S. Networks
Section IV, A
Threats to U.S. Networks: Oversight of Chinese Government-Owned Carriers
by the Permanent Subcommittee on Investigations
Section IV, C

B. Team Telecom Assessed National Security and Law Enforcement Risks, but It Historically Operated in an Ad Hoc Manner

As described above, the FCC seeks input from a variety of Executive Branch agencies on the national security, law enforcement, foreign policy, and trade policy concerns implicated by a foreign carrier's Section 214 application.[1] DOJ, DHS, and DOD—until recently referred to as Team Telecom—focused on assessing national security and law enforcement risks.[2] DOJ's National Security Division's Foreign Investment Review Section served as the unofficial group lead for Team Telecom on Section 214 applications and coordinated among internal DOJ component parts and other Team Telecom members.[3]

Despite the long history of Team Telecom, it historically operated in an ad hoc manner. Team Telecom was not established in statute; it operated only at the request of the FCC.[4] Further, Team Telecom had no formal procedures, policies, or guidelines governing its review of Section 214 applications. This informality resulted in protracted review periods and a process FCC commissioners described as "broken,"[5] and an "inextricable black hole" that provided "no clarity for [the] future."[6] It also limited the actions Team Telecom could take to address identified national security or law enforcement risks. Team Telecom could recommend that the FCC approve or deny applications by foreign-owned entities.[7] Team Telecom could also recommend a foreign-owned entity be approved for Section 214 authorization if it entered into a security agreement to mitigate national security or law enforcement concerns.[8] Even where a security agreement was entered, however, Team Telecom's process for monitoring compliance with that agreement was haphazard.

1. Team Telecom's Section 214 Review Process

Before the recent Executive Order, Team Telecom's process for reviewing foreign carriers' Section 214 applications was ambiguous, due in part to its lack of authority and established procedures. Team Telecom only publicly disclosed a list of factors it considered in evaluating national security and law enforcement concerns in 2018.[9] Upon receipt of the FCC's request to review a Section 214 application, Team Telecom conducted an initial review to determine whether the FCC's streamlining and granting of an application within two weeks was appropriate.[10] The factors weighed by Team Telecom included:

  • The Applicant: Whether the applicant has a criminal history; has engaged in conduct that calls the applicant's trustworthiness into question; and is vulnerable to exploitation, influence, or control by other actors;
  • State Control, Influence, and Ability to Compel Applicant to Provide Information: Whether an applicant's foreign ownership could result in the control of U.S. telecommunication infrastructure or persons operating such infrastructure by a foreign government; is from a country suspected of engaging in actions, or possessing the intention to take actions, that could impair U.S. national security; whether the applicant will be required, by virtue of its foreign ownership, to comply with foreign requests or is otherwise susceptible to such requests or demands made by a foreign nation or other actors; and whether such requests are governed by publicly available legal procedures subject to independent judicial oversight;
  • Planned Operations: Whether the applicant's planned operations within the United States provide opportunities for an applicant or other actors to (1) undermine the reliability and stability of the domestic communications infrastructure, (2) identify and expose national security vulnerabilities, (3) render the domestic communications infrastructure otherwise vulnerable to exploitation, manipulation, attack, sabotage, or covert monitoring, (4) engage in economic espionage activities against corporations that depend on the security and reliability of the U.S. communications infrastructure to engage in lawful business activities, or (5) otherwise engage in activities with potential national security implications; and
  • U.S. Legal Process: Whether the Executive Branch will be able to continue to conduct its statutorily authorized law enforcement and national security missions, which may include issuance of legal process for the production of information or provision of technical assistance.[11]

If no immediate concerns were identified, Team Telecom informed the FCC that it had no comment on or objections to the application.[12] As noted above, the FCC did not conduct further review of the issues—the foreign carrier's application was streamlined and deemed approved within 14 days.[13]

If Team Telecom determined that the applicant's foreign ownership or proposed services raised potential concerns, it recommended that the application be removed from the FCC's streamlining process.[14] Team Telecom also requested that the FCC defer any action on the application until Team Telecom's review was complete.[15] Team Telecom then engaged the foreign carrier applicant to learn more about its business and proposed services. Information solicited from the applicant typically included:

  • Descriptions of the regulated and unregulated services provided by the applicant, including the technical specifications for providing such services;
  • Revenue information;
  • Actual and expected categories of customers (e.g., enterprise, residential, carrier), including any federal, state, and local governmental customers;
  • Individuals and entities with ownership interests and the level of each's involvement in the company;
  • Members of management;
  • Other foreign persons with access to infrastructure or customer records;
  • Location of current and anticipated customer and business records; and
  • Anticipated access to public switched telephone networks or the internet.[16]

Depending on the nature of the responses, Team Telecom occasionally required the applicant to clarify or expand on the information provided.[17] This engagement of the applicant was done solely by Team Telecom; no FCC personnel were involved.[18] Throughout this process, Team Telecom was constantly assessing whether its concerns could be mitigated through a written security agreement―commonly referred to as a network security agreement or a letter of assurance.[19]

Team Telecom ultimately made one of three recommendations to the FCC:

  1. It had no concerns and therefore no objection to the application;
  2. Concerns existed but could be mitigated through a security agreement, so Team Telecom did not object to the FCC approving the application subject to the carrier agreeing to comply with the conditions and obligations contained in the security agreement; or
  3. The concerns were so great that they could not be mitigated by a security agreement and therefore, Team Telecom recommended that the application be denied outright.[20]

Where Team Telecom recommended the application be subject to the carrier complying with the conditions and obligations contained in a security agreement, the FCC's authorization provides that failure to comply with the conditions and obligations constitutes a failure to meet a condition of the Section 214 authorization and serves as grounds for terminating the authorization.[21]

2. Team Telecom's Lack of Statutory Authority, Established Procedures, and Limited Resources Hampered its Review Process

FCC Commissioners have long criticized Team Telecom's review process. Before becoming Chairman, Ajit Pai described the process as "broken," given that it "[took] too long and lack[ed] predictability."[22] Commissioner Michael O'Rielly similarly outlined a number of "high-level" complaints with Team Telecom's process, including:

  • Inextricable Black Hole—Once applications are submitted, there is little to no information available to the [FCC], much less applicants, on status or potential areas of concern, no timeline for conclusion, and no way to discern which agency, if any, has concerns.
  • No Clarity for the Future—The haphazard process does not provide any precedential value for future applicants to know what may be acceptable or unacceptable practices, structure or partnerships. This leaves applicants subject to the whim of the individual members of Team Telecom at that exact moment in time.[23]

One major criticism was the time Team Telecom took to review applications. Because its review process was not conducted pursuant to formal statutory authority, once an application was removed from streamlining, Team Telecom had no deadline by which it had to make a final recommendation to the FCC.[24] Therefore, the process could—and did—last years. In response to an FCC notice of proposed rulemaking, telecommunications companies claimed that applications referred to Team Telecom took up to four times longer to process than other applications.[25] As discussed more below, China Mobile USA applied for Section 214 authorization in September 2011, but Team Telecom did not recommend that the FCC deny that application until July 2018.[26]

Current officials recognize that Team Telecom has suffered from a lack of statutory authority.[27] Although the Department of Justice served as the unofficial lead, Team Telecom had no formal chair or spokesperson.[28] Further, both internally and externally, Team Telecom had to work with agencies that had conflicting responsibilities and mission areas.[29] This often led to interagency delay in decision making.[30] As one Team Telecom component agency characterized, "responsibility without authority is problematic."[31]

Team Telecom's review process also suffered from a lack of staff dedicated to reviewing applications. DHS officials estimated that the Office of Policy, which represents DHS on Team Telecom, has had, at most, only two employees designated to Team Telecom; these employees are responsible for all aspects of the Team Telecom portfolio, including reviewing applications and monitoring compliance with security agreements.[32] DOJ historically dedicated only one attorney to Team Telecom matters.[33] Like DHS, DOJ's employee was responsible for both the initial review of applications and post-authorization compliance monitoring.[34] With limited exception, these individuals were responsible not only for Team Telecom's portfolio but also that of the Committee on Foreign Investment in the United States ("CFIUS").[35] Because the CFIUS process is governed by statutory requirements, including deadlines by which applications must be reviewed, DOJ and DHS resources typically focused on those projects, at the expense of Team Telecom projects.[36] 204 DOJ claims to have vastly increased its Team Telecom resources in recent years. Today, it has five attorneys dedicated to reviewing FCC applications.[37] According to the team's managing attorney, however, the longest tenured individual has been with the agency for little more than a year.[38]

3. Team Telecom's Post-Authorization Monitoring and Oversight Was Also Limited and Sporadic

Not only was Team Telecom's review of Section 214 applications limited, but so too was its oversight and monitoring of the carriers with which it entered into a security agreement.[39] Without a security agreement, Team Telecom had no insight into the activities of a foreign-owned carrier after Section 214 authorization was granted.[40] Team Telecom officials informed the Subcommittee that they believed they had the authority to review any Section 214 authorized carrier at any time, even where no security agreement existed.[41] The officials further noted their belief that Team Telecom could recommend that the FCC revoke an existing authorization at any time.[42] However, the officials acknowledged there was no formal legal basis for these reviews and recommendations, and Team Telecom never conducted a sua sponte review or recommended revoking the authorization of a carrier with which Team Telecom did not have a security agreement.[43]

Where Team Telecom did enter into a security agreement with a Section 214 authorized carrier, Team Telecom had a slightly larger degree of oversight power.[44] Team Telecom's authority, however, was limited to ensuring the carrier complied with the specific terms of the security agreement.[45] Team Telecom officials, however, recognized the limited enforcement mechanism this provides.[46] Although security agreements have become more robust over time, older agreements contained few provisions, were broad in scope, and provided little for Team Telecom to verify.[47] Another reason that monitoring agreements proved difficult is that Team Telecom had to rely heavily on the carrier's forthrightness:

Although [Team Telecom] . . . monitors [a company's] compliance with [its security] agreements on an ongoing basis, [Team Telecom] can never have full visibility into all of a company's activities. Therefore, [Team Telecom] necessarily relies on the other party to adhere rigorously and scrupulously to [security] agreement provisions and to self-report any problems or issues of non-compliance.[48]

Team Telecom retained oversight authority through the security agreements; however, its exercise of that authority was sporadic.[49] Team Telecom did not establish a process by which to ensure compliance with security agreements until 2010 or 2011, even though it entered into agreements years prior.[50] Team Telecom developed no formal protocol, policy, or guidance document detailing how it monitored compliance with security agreements.[51] Team Telecom officials stated it relied heavily on written correspondence and requests for information from the foreign carriers.[52] Team Telecom provided no evidence or explanation demonstrating how it evaluated written representations for accuracy.

Team Telecom also conducted site visits to the carriers' U.S.-based facilities. It used these visits to physically visit domestic sites, look for violations of a security agreement, and speak to employees.[53] As with written correspondence, the frequency of site visits varied.[54] Further, even if Team Telecom identified violations of the security agreement or issues to suggest the security agreement was inadequate, Team Telecom did not have strong enforcement mechanisms.[55] It could attempt to induce companies to come back into compliance with agreement terms or recommend that the FCC revoke a carrier's authorization.[56] Team Telecom officials, however, claimed they do not know what the FCC would deem a sufficient reason for revocation, and none were familiar with the FCC ever revoking an authorization on the basis of national security concerns.[57] Team Telecom officials, however, stressed that site visits were still a helpful tool in that they, at a minimum, signaled to the foreign carriers that Team Telecom was watching from an oversight perspective.[58]

As with the review process, in addition to limited statutory authority,[59] resources have been a major contributing factor to Team Telecom's haphazard oversight.[60] As described above, DHS has only two employees dedicated to Team Telecom—both reviewing applications and monitoring security agreement compliance.[61] DOJ historically had one attorney doing the same.[62] Although it has attempted to increase resources, DOJ currently employs only two attorneys dedicated to compliance monitoring efforts.[63] Those attorneys, along with their supervisor, are responsible for monitoring compliance with more than 100 security agreements.[64]

  1. 1997 FCC Foreign Participation Order, supra note 147, at ¶63; FCC Proposed Executive Branch Review Reform, supra note 154, at ¶6. See also Executive Branch Recommendation re China Mobile USA, supra note 56, at 2.
  2. Briefing with the Dep't of Justice (Aug. 1, 2019); Executive Branch Recommendation re CTA, supra note 56, at 12. Other agencies, including the Department of State, the Department of Commerce, the United States Trade Representative, and the White House Office of Science and Technology Policy are responsible for assessing other concerns raised by the Section 214 application. See FCC Proposed Executive Branch Review Reform, supra note 154, at n.16. Team Telecom works closely with the agencies to prepare a single recommendation on behalf of the Executive Branch, which is filed by the National Telecommunications and Information Administration, a part of the Department of Commerce. Briefing with the Dep't of Justice (Aug. 1, 2019). The Subcommittee's investigation focused on Team Telecom's processes. The Subcommittee, however, recognizes the important role played by the other agencies in evaluating risks associated with foreign carriers.
  3. Briefing with the Dep't of Justice (Aug. 1, 2019). Team Telecom also reviewed other applications at the request of the FCC, such as applications to operate submarine cable landing sites. For those applications, DHS's Office of Policy usually served as the lead coordinating agency. See id; Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020).
  4. Briefing with the Dep't of Justice (Aug. 1, 2019); Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020).
  5. See FCC Proposed Executive Branch Review Reform, supra note 154 (statement, Ajit Pai, Commissioner, Fed. Commc'ns Comm'n).
  6. See Michael O'Reilly, Team Telecom Reviews Need More Structure, Fed. Commc'ns Comm'n (Sept. 18, 2015).
  7. Briefing with the Dep't of Justice (Aug. 1, 2019). Cf. FCC-PSI-003792–93 ("Executive Branch agencies have the opportunity to offer advice to the FCC regarding any foreign applicant seeking a license to operate in the United States."); 1997 FCC Foreign Participation Order, supra note 147, at ¶¶ 65-66.
  8. Briefing with the Dep't of Justice (Aug. 1, 2019).
  9. Executive Branch Recommendation re CTA, supra note 56, at 14-15; Executive Branch Recommendation re China Mobile USA, supra note 56, at 6–7 (citing a May 2015 Letter from U.S. Dep't of Justice to China Mobile).
  10. Briefing with the Dep't of Justice (Aug. 1, 2019).
  11. Executive Branch Recommendation re CTA, supra note 56, at 14–15; Executive Branch Recommendation re China Mobile USA, supra note 56, at 6-7. According to Team Telecom, these factors were developed "based on input from agencies with expertise in national security and law enforcement matters, as well as past experiences evaluating applications referred by the Commission and monitoring the effectiveness of mitigation measures." Executive Branch Recommendation re CTA, supra note 56, at 15.
  12. Briefing with the Dep't of Justice (Aug. 1, 2019); FCC Proposed Executive Branch Review Reform, supra note 154, at ¶8; Kathleen Collins, Assistant Bureau Chief, International Bureau, Fed. Commc'ns Comm'n, Remarks for Panel Discussion at the 2d National Forum on CFIUS (July 21, 2015).
  13. See 47 C.F.R. § 63.12(a)–(b); FCC Proposed Executive Branch Review Reform, supra note 154, at ¶8; Kathleen Collins, Assistant Bureau Chief, International Bureau, Fed. Commc'ns Comm'n, Remarks for Panel Discussion at the 2d National Forum on CFIUS (July 21, 2015).
  14. Briefing with the Dep't of Justice (Aug. 1, 2019); Kathleen Collins, Assistant Bureau Chief, International Bureau, Fed. Commc'ns Comm'n, Remarks for Panel Discussion at the 2d National Forum on CFIUS (July 21, 2015).
  15. Briefing with the Dep't of Justice (Aug. 1, 2019); Kathleen Collins, Assistant Bureau Chief, International Bureau, Fed. Commc'ns Comm'n, Remarks for Panel Discussion at the 2d National Forum on CFIUS (July 21, 2015).
  16. See, e.g., TT-DOJ-001-15; TT-DOJ-045-60; FCC Proposed Executive Branch Review Reform, supra note 154, at ¶7 (citing to a letter explaining that "the reviewing agencies' current practice is to send an applicant a set of initial questions").
  17. Briefing with the Dep't of Justice (Aug. 1, 2019); FCC Proposed Executive Branch Review Reform, supra note 154, at ¶7. See also TT-DOJ-106–08; TT-DOJ-061–63; TT-DOJ-067–101 (China Telecom Americas responding to Team Telecom's clarification questions about its Section 214 application).
  18. FCC Proposed Executive Branch Review Reform, supra note 154, at ¶7.
  19. FCC Proposed Executive Branch Review Reform, supra note 154, at ¶7; Briefing with the Dep't of Justice (Aug. 1, 2019). According to DOJ, there is no substantive difference between a network security agreement and a letter of assurance. See Briefing with the Dep't of Justice (Aug. 1, 2019). Thus, for ease of reference, the Subcommittee uses security agreement throughout.
  20. See Briefing with the Dep't of Justice (Aug. 1, 2019). See also FCC Proposed Executive Branch Review Reform, supra note 154, at ¶8; Kathleen Collins, Assistant Bureau Chief, International Bureau, Fed. Commc'ns Comm'n, Remarks for Panel Discussion at the 2d National Forum on CFIUS (July 21, 2015).
  21. See, e.g., IB Public Notice, 30 FCC Red at 11018; Wypoint Telecom, Inc., Termination of International Section 214 Authorization, Order, 30 FCC Red 13431, 13431–32, ¶ 2 (2015). In addition to termination, the FCC can impose monetary sanctions or other enforcement actions for failing to meet a condition of the authorization. 47 U.S.C. §§ 312, 503.
  22. See FCC Proposed Executive Branch Review Reform, supra note 154 (statement, Ajit Pai, Commissioner, Fed. Commc'ns Comm'n).
  23. See Michael O'Reilly, Team Telecom Reviews Need More Structure, Fed. Commc'ns Comm'n, (Sept. 18, 2015), https://www.fcc.gov/news-events/blog/2015/09/18/team-telecom-reviews-need-more-structure.
  24. See Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020).
  25. Comments of Telecommunications Companies, IB Docket No. 16-155, at 4 (May 23, 2016) ("FCC applications requiring referral to Team Telecom . . . take three to four times longer to receive approval than applications not subject to this review.").
  26. See Int'l Bureau Selected Applications Listing, File No. ITC-214-20110901-00289, Fed. Commc'ns Comm'n, http://licensing.fcc.gov/cgi-bin/ws.exe/prod/ib/forms/reports/swr031b.hts?q_set=V_SITE_ANTENNA_FREQ.file_numberC/File+Number/%3D/ITC2142011090100289&prepare=&column=V_SITE_ANTENNA_FREQ.file_numberC/File+Number.
  27. Briefing with the Dep't of Justice (Aug. 1, 2019); Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020); Briefing with the Dep't of Justice (Apr. 3, 2020); Email from the Dep't of Justice to the Subcommittee (June 3, 2020) (on file with the Subcommittee).
  28. Briefing with the Dep't of Justice (Aug. 1, 2019); Briefing with the Dep't of Justice (Apr. 3, 2020); Email from the Dep't of Justice to the Subcommittee (June 3, 2020) (on file with the Subcommittee).
  29. Briefing with the Dep't of Justice (Aug. 1, 2019); Briefing with the Dep't of Justice (Apr. 3, 2020); Email from the Dep't of Justice to the Subcommittee (June 3, 2020) (on file with the Subcommittee).
  30. Cf. Briefing with the Dep't of Justice (Aug. 1, 2019); Briefing with the Dep't of Justice (Apr. 3, 2020).
  31. Email from the Dep't of Justice to the Subcommittee (June 3, 2020) (on file with the Subcommittee).
  32. Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020). This does not account for employees from other DHS offices, such as the Office of General Counsel, who assist on Team Telecom matters. See Email from Dep't of Homeland Sec. to the Subcommittee (June 4, 2020) (on file with the Subcommittee).
  33. Briefing with the Dep't of Justice (Apr. 3, 2020).
  34. Id.
  35. Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020); Briefing with the Dep't of Justice (Aug. 1, 2019).
  36. Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020); Briefing with the Dep't of Justice (Aug. 1, 2019).
  37. Briefing with the Dep't of Justice (Apr. 3, 2020).
  38. Id.
  39. Briefing with the Dep't of Justice (Aug. 1, 2019).
  40. Id.
  41. Id.
  42. Id.
  43. Id.
  44. Id.
  45. Id.
  46. Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020).
  47. Id.
  48. Executive Branch Recommendation re China Mobile USA, supra note 56, at 16.
  49. Although never formally documenting its compliance monitoring procedures, the Department of Justice noted that it has always dedicated personnel to compliance monitoring. Historical knowledge about these compliance efforts, however, has been "weakened" due to employee attrition. See Email from the Dep't of Justice to the Subcommittee (June 3, 2020) (on file with the Subcommittee).
  50. Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020). Around 2010, the Department of Homeland Security created an internal interagency system of record to track Team Telecom compliance deliverables, which is still used today. Id.
  51. Briefing with the Dep't of Justice (Aug. 1, 2019).
  52. Id.
  53. Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020).
  54. Briefing with the Dep't of Justice (Aug. 1, 2019).
  55. Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020).
  56. Id.; Email from the Dep't of Homeland Sec. to the Subcommittee (June 4, 2020) (on file with the Subcommittee).
  57. Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020); Briefing with the Dep't of Justice (Aug. 1, 2019).
  58. Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020); Briefing with the Dep't of Justice (Aug. 1, 2019).
  59. Team Telecom officials noted that the lack of statutory authority left it with limited enforcement mechanisms. For example, unlike CFIUS, Team Telecom had no subpoena authority or means to protect classified information. See Email from the Dep't of Justice to the Subcommittee (June 3, 2020) (on file with the Subcommittee).
  60. See id.
  61. Briefing with the Dep't of Homeland Sec. (Feb. 7, 2020). Again, this represents only employees in DHS's Office of Policy, which is the DHS representative to Team Telecom. It does not include employees from other DHS offices, such as the Office of General Counsel, who assist on Team Telecom matters. See Email from Dep't of Homeland Sec. to the Subcommittee (June 4, 2020) (on file with the Subcommittee).
  62. Briefing with the Dep't of Justice (Apr. 3, 2020).
  63. Id.
  64. Id.
Retrieved from "https://en.wikisource.org/w/index.php?title=Threats_to_U.S._Networks/Section_4B&oldid=14524425"