Carr: AI Emerging as a Top Priority for FCC and Broader Trump Administration
The FCC’s Communications Security, Reliability and Interoperability Council (CSRIC) approved two final reports Thursday, including one on threats that AI poses to networks. FCC Chairman Brendan Carr told CSRIC members that AI has become a top focus for the agency, as it has for the rest of the Trump administration. The second report examines “Connecting Stalled 911 Calls Through Alternative Network Options.”
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
The reports “touch on a few of the key priorities of mine as chair,” Carr said at the start of the meeting. Those include the use of AI “and how that interacts with our networks, and making sure that Americans have access to cutting-edge 911 services.”
The AI report focuses on how attackers can use the technology “to exploit vulnerabilities in communications networks, potentially threatening our national security,” Carr said. Trump “has made clear that he wants the United States to lead the way on AI; he wants us to have the gold-standard approach to it,” Carr added. “Our foreign adversaries are hard at work,” and AI is a top priority for China. “We’ve seen a lot of attacks at our infrastructure.” Like any new technology, AI isn’t inherently good or bad, he said.
It was the first report from CSRIC's Harnessing AI/Machine Learning to Ensure the Security, Reliability and Integrity of the Nation’s Communications Networks Working Group. It was originally due in March but had been pushed to June (see 2503190051).
Vijay Gurbani, the group's co-chair and Vail Systems' chief data scientist, said the report tackles an extremely complex area. The question that the group set out to answer last fall “was how does AI/ML affect the security and reliability of communications networks” and “how to mitigate the challenges that the technology poses.” The report is only the beginning of the work CSRIC needs to do on AI, he said.
The No. 1 recommendation that emerged is that “you need to start with a secure foundation,” said Jason Hogg, the group's other co-chair and general manager of the Microsoft Edge and Platform Team. With any system that adopts AI, “you have to start thinking about how the system itself is actually secured,” he said. “If an attacker was on the network, do you have the right levels of protection in place?”
AI-based attacks can exploit “even the smallest vulnerabilities,” Hogg said. “Vulnerabilities that you may have overlooked in the past, you probably need to have a second look at.” Companies can also use AI to look at vulnerable code paths “to help sort of reprioritize patches that may not have actually been deployed in the past,” he said. The report also stresses the importance of output testing and validation, he said, adding that AI education and awareness are critical as well.
Companies need to think about their supply chain, Hogg said. “Where’s the data coming from? Who’s owning and managing the model creation? And do you trust that party?”
AI changes how companies must approach computer science, Gurbani said. The technology is based on probabilistic models, “and because they’re probabilistic, we know that they’re going to be wrong in some cases,” he said. “The thing we have to ask is what is the cost of the false positive or the false negative,” because they will occur in the network.
The complexity of AI/ML systems “must be understood, and the risks must be considered,” Gurbani said. Innovation in AI is happening on an hourly basis, and “the question is, how are we going to harness that innovation to our advantage?”
The working group “jettisoned” efforts in a few areas because members felt they didn’t have the time or expertise, Gurbani said. He called for further attention to issues surrounding IoT, which uses 5G and Wi-Fi networks and is “embedded” in supervisory control and data acquisition systems and “other ecosystems,” he said. Future CSRICs should consider looking “in depth into the security characteristics of IoT devices, how they communicate with the network and what’s [their] resilience and reliability.”
Alternatives for Wireless 911 Calls
Emergency calling is also a big FCC focus, Carr said. “One of the most important things we can do for public safety is to ensure that calls to 911 always go through.” When wireless phones can’t get through to a network, “they’re going to become capable of searching for alternative options to successfully complete the call,” he said.
The wireless calling report looks at options for connecting stalled 911 calls through alternative networks. “We’re only going a certain way through the call path in this first report,” said working group co-Chair Brandon Abley, chief technology officer at the National Emergency Number Association. “There’s a lot … we put on the shelf until the second report.”
The report looks at options including satellite connections, private cellular networks, citizens broadband radio service networks, VoIP and Wi-Fi “to some extent,” Abley said. Some 80% of calls to 911 are wireless, “and that figure is always steadily going up.” The last CSRIC examined Wi-Fi as an alternative, and the working group decided that the “state of the art” hadn’t changed substantially enough to take another deep dive, Abley said. “We stand by the recommendations that the previous CSRIC had adopted.”
CSRIC is scheduled to next meet on Sept. 25.