NCTA to OMB: Reject FCC's 5G Cybersecurity Reporting Requirement

NCTA: The Internet & Television Association has told the Office of Management and Budget not to approve the Federal Communications Commission's new 5G cybersecurity data collection requirements. That came in a letter the week of Jan 2 to OMB.

As part of the FCC's Spectrum Frontiers Report and Order on freeing up more spectrum bands for 5G wireless and fixed broadband, which was approved last July, the FCC required public disclosures with the FCC on "plans for safeguarding networks and devices from security breaches." NCTA says the "substantial" new reporting requirement—OMB has to sign off on added paperwork burdens in new federal rules per the Paperwork Reduction Act (PRA)—is unnecessary, has no "practical utility," and "grossly" underestimates the time and effort in compiling. NCTA says the requirement will either require "a high enough level of generality to avoid compromising network security by providing details that create vulnerabilities, but therefore offer the FCC information with no practical use," or expose information that could reveal vulnerabilities and actually decrease 5G cybersecurity. NCTA says that the PRA requires that utility of information must be actual, not theoretical or potential, and the FCC has not demonstrated an "actual, timely use for the information."