Enlarge /. The flag of China.
According to a bipartisan Senate report released today, the Federal Communications Commission and other U.S. agencies have not properly monitored Chinese telecommunications companies operating in the U.S.
After a year-long investigation, the Senate Standing Subcommittee on Investigation Personnel Report found that "the FCC and Team Telecom, an informal group of officials from the Department of Justice, Homeland Security and Defense, did not monitor them." three Chinese state-owned airlines, "said a joint announcement by the Republican and Democratic leaders of the subcommittee. The three airlines referred to by the subcommittee are China Telecom Americas (CTA), China Unicom Americas (CUA) and ComNet USA. The companies "had been operating in the United States for almost 20 years without the federal government missing it," the senators' announcement said.
"The Chinese government is undertaking cyber and industrial espionage efforts against the United States, and US telecommunications companies can use them to drive these efforts forward," the report said.
The report comes two months after the FCC has stepped up its review of government-controlled telecommunications companies. The FCC ordered China Telecom, China Unicom, ComNet and ComNet owner Pacific Networks "to explain why the Commission should not begin to withdraw its national and international section approvals so that they can operate in the United States". However, the FCC and other agencies had not previously exercised proper supervision over these companies, the Senate report said.
The lack of oversight described in the report occurred during both the Republican and Democratic governments. "A FCC spokesman said the Commission is looking forward to reviewing the Senate report," a Reuters article said today.
China Telecom faced little US ratings
Team Telecom – the informal grouping of the Department of Justice, Department of Homeland Security, and Department of Defense – assesses national security and law enforcement concerns about telecommunications companies and makes recommendations to the FCC.
A section of the China Telecom report said the company was "ultimately owned by the Chinese government" and has been operating in the United States for nearly 20 years. "The company's US operations offer China the opportunity to engage in industrial espionage against the United States," the report said.
When China Telecom applied for US operations in 2001, Team Telecom had no objection and the FCC "optimized the application and approved it two weeks after it was accepted for submission". The original approval "limited CTA to the provision of international services between the United States and international locations other than China," but the FCC soon approved another "approval to serve as a facility-based air carrier between the United States and China."
According to these two permits, "Team Telecom did not interact with CTA between 2002 and 2007" and "Documents indicate that Team Telecom may not have understood that CTA was providing US-China services before 2007," the Senate report said .
CTA notified the FCC of a change of ownership in July 2007, although the "change did not affect the final ownership of CTA" by the Chinese government, the report said. The restructuring triggered a new FCC review, in which CTA informed the agency that "its customers had been shared among corporate customers and other telecommunications providers in the United States". CTA "also provided Team Telecom with a list of the top three executives, all of whom were Chinese nationals."
"Team Telecom has determined that security measures are warranted," and "the parties have negotiated a tripartite security agreement" that, among other things, "is intended to prevent unauthorized access or disclosure of the content of communications or US records."
But the U.S. government has barely followed up CTA after this agreement. "Monitoring of CTA by Team Telecom since 2007 has consisted of two site visits and intermittent email communication," the Senate report said.
"When asked by Team Telecom to explain the lack of oversight during this period, even though the security agreement was in effect, they referred to the security agreement and found that compliance was straightforward because it was written in general "says the report.
Hands-off approach ends
Team Telecom finally began "CTA content monitoring" in 2017, sometimes with an on-site visit that "identified concerns about the storage of US customer information by CTA." The report also said that "there were allegations that China Telecom hijacked communications data by 2010," but "Team Telecom did not interview CTA until January 2019 about these reports."
CTA denied the allegations, and "Team Telecom appears to have relied on CTA's written statements regarding the alleged incidents. Team Telecom did not provide any records or explanations of how further interviews were conducted, additional documents requested or reviewed, or CTA's allegations to others Ways have been questioned, "the Senate report said.
The hands-off approach changed until April 2020, when Team Telecom "advised the FCC to revoke and terminate Section 214 CTA approvals for" significant and unacceptable "national security risks." Team Telecom "warned that CTA's facility-based privileges made it possible to request connections with US carriers," and that CTA "has already established relationships with major US carriers such as Verizon, CenturyLink, and AT&T".
"Neither Verizon, AT&T, nor CenturyLink have a mitigation or other agreement that focuses on network security with CTA or its parent company," although these US airlines "maintain company-wide cyber security safeguards that apply to all external traffic." , says the Senate report.
The report states that "CTA is not trustworthy" and argues that the company's "late response" to document and information requests in April 2018 "challenged CTA's willingness to comply with the security agreement". Team Telecom also found that "CTA violated the security agreement by failing to implement a formal written information security policy prior to December 1, 2018."
China Telecom Denies "Hypothetical Risks"
The FCC continues to consider Team Telecom's recommendation to revoke CTA's privileges. CTA denied allegations in an FCC file yesterday, saying that the FCC investigation "wrongly and unfairly charged the CTA with providing negative information about unspecified national security concerns regarding" exploitation "and" influence "by the Chinese government These vague terms are left undefined in the Order or to the knowledge of CTA anywhere in the FCC rules or decisions. "The revised filing of CTA states that the company" serves many US customers "and" many US citizens and permanent residents " employed.
"(E) If the Commission were to credit the purely hypothetical risks proposed in the (Team Telecom) recommendation, none of which have actually occurred, the Commission would have to consider whether there is a means to exclude these risks Team Telecom's overall refusal to even consider potential mitigation measures is unjustified, "China Telecom wrote.
CTA also wrote that "the Communications Act and the Commission's precedent only allow CTA's approvals to be revoked if there is clear and compelling evidence of CTA's gross misconduct."