The New Jersey Assembly unanimously passed its version of Caller ID anti-spoofing legislation Monday -- the Truth in Caller Identification Act (A3002). The bill would make Caller ID spoofing illegal in the state when an entity uses the practice to defraud, harm or steal. The bill allows for a $10,000 fine for a first offense and up to a $20,000 fine for each additional offense. The Senate is still considering an identical version of the bill (S743). The bill would also direct the state attorney general to issue cease and desist orders for fraudulent spoofing and would allow judges to award trebled damages in spoofing lawsuits.
Federal and state regulators’ authority under Communications Act Sections 251 and 252 to require interconnection agreements in an IP format remains an open question given continued proceedings at the FCC and at the state level, industry lawyers said Friday. AT&T is suing the Michigan Public Service Commission in U.S. District Court in Kalamazoo over the PSC’s decision earlier this year to require the telco to allow IP-to-IP interconnection with Sprint (see 1404170038). There are also ongoing or recent interconnection issues in Illinois, Massachusetts, Ohio and Puerto Rico, said Benjamin Aron, Sprint state regulatory counsel-Northeast, at an FCBA event.
The Senate passed the Department of Homeland Security-centric National Cybersecurity Protection Act (S-2519) by unanimous consent Wednesday. The bill codifies DHS’s current cybersecurity role, primarily via the department’s National Cybersecurity and Communications Integration Center (see 1412080071). Senate passage of the bill is “critical” for DHS to continue to build “strong relationships with businesses, state and local governments, and other entities across the country so that we can all be better prepared to stop cyber attacks,” said Senate Homeland Security Committee Chairman Tom Carper, D-Del., in a statement.
The Senate passed the Federal Information Security Modernization Act (S-2521) on a voice vote Monday. The bill would update the existing Federal Information Security Management Act, and direct the Department of Homeland Security to create rules for federal agencies’ response to government data leaks. The Senate Homeland Security Committee cleared the bill in June (see 1406270036). The House will need to sign off on S-2521, which differs from a House-passed version of the bill (HR-1163). House Oversight Committee Chairman Darrell Issa, R-Calif., who sponsored HR-1163, doesn’t support S-2521 and is continuing to encourage the Senate to approve HR-1163, a spokeswoman said. The Senate is still expected to consider the National Cybersecurity Protection Act (S-2519) before the lame-duck session ends this week, an industry lobbyist told us. S-2519 would codify the DHS's current cybersecurity role, including the role of its National Cybersecurity and Communications Integration Center (see 1412080071). The version of S-2519 up for Senate consideration includes language from an earlier version of S-2519 and the House-passed National Cybersecurity and Critical Infrastructure Protection Act (HR-3696). The House is also expected to consider the Senate-passed Border Patrol Agent Pay Reform Act (S-1691), which includes language from the DHS Cybersecurity Workforce Recruitment and Retention Act (S-2354), the lobbyist said. The Senate passed S-2354 in September (see 1411070037).
The Vermont Public Service Board (PSB) said Tuesday it's considering delaying a vote on a new incentive regulation plan (IRP) for FairPoint Communications while the board does a separate investigation into issues with FairPoint’s service quality in the state. The PSB is required to issue findings on service quality as part of issuing a new IRP. The PSB is initiating the service quality investigation in response to more than 450 consumer complaints between July and the end of November, along with a Nov. 28 outage that partially knocked out connectivity to Vermont’s 911 system (see 1412050055).
The Senate is likely to consider two cybersecurity bills this week -- the National Cybersecurity Protection Act (S-2519) and the Federal Information Security Modernization Act (S-2521) -- as the lame-duck session draws to a close, an industry lobbyist told us. The timing of final votes on the two bills was fluid amid wrangling by the bills’ Senate supporters, though it was possible a vote on S-2519 could occur as early as Monday night after our deadline, the lobbyist said. Senate Homeland Security Committee Chairman Tom Carper, D-Del., has been circulating the revised version of S-2519, originally called the National Cybersecurity and Communications Integration Center Act, in recent days in the form of a manager’s amendment, the industry lobbyist said. The revised S-2519 would combine many elements of the original S-2519 and some language from the House-passed National Cybersecurity and Critical Infrastructure Protection Act (HR-3696), the manager's amendment said. S-2519 would codify the Department of Homeland Security’s current cybersecurity role, particularly via DHS's National Cybersecurity and Communications Integration Center. Senate Homeland Security originally cleared the bill in June (see 1406270036). Senate Homeland Security didn’t comment. The revised S-2519 doesn’t include provisions in HR-3696 that would have amended the Support Anti-terrorism by Fostering Effective Technologies (SAFETY) Act of 2002 to allow companies to seek liability protections for sharing cybersecurity information with DHS. S-2519 does include language from HR-3696 urging security clearances be provided to critical infrastructure owners and operators, as well as requiring the DHS secretary to submit a report six months after the bill’s enactment on facilitating information sharing. The American Civil Liberties Union endorsed HR-3696 but has criticized the stalled Cybersecurity Information Sharing Act (S-2588) and its House-passed counterpart, the Cyber Intelligence Sharing and Protection Act (HR-624).
A Vermont investigation and recent Washington state investigation into 911 outages highlight problems identified in an FCC report on an April 10 multistate outage (see 1410170057), industry executives and lawyers told us. The Vermont Public Service Board (PSB) will move ahead this week on investigating FairPoint Communications’ response to a Nov. 28 partial 911 outage as part of a larger investigation of the telco's service quality, which the state Department of Public Service requested last week (see 1412010037). The Washington Utilities and Transportation Commission is reviewing a staff report released last week (see 1412030032) on an April 10 outage, which affected all of Washington and portions of six other states, a UTC spokeswoman said.
The Communications Security, Reliability and Interoperability Council approved a report Wednesday from CSRIC Working Group 2 on wireless emergency alerts that recommends the FCC modify its current 90-character limit rule for WEA alerts, to allow for messages of up to 280 characters for 4G LTE devices following technology confirmation by the Alliance for Telecommunications Industry Solutions (ATIS). The FCC should retain the 90-character rule for WEA alerts for devices using legacy 2G and 3G networks, but the working group believes the goal should be to phase that limit out as 2G and 3G devices go offline, said CTIA Assistant Vice President-Regulatory Affairs Brian Josef, Working Group 2 co-chairman. “We’re raising the floor” but recognize that some devices will be able to accept WEA alerts of only up to 90 characters, Josef said during the CSRIC meeting.
FCC Wireline Bureau Deputy Chief Matthew DelNero urged state and local governments Tuesday to comment on the IP transition rulemaking the commission adopted in late November seeking input on how the agency should deal with the transition away from copper. The FCC also approved a related declaratory ruling at its November meeting on FCC ability to require approvals for copper retirements (see 1411210037). The NPRM sought comment on how states, localities and tribal nations should be involved in IP transition rulemaking, along with clearer rules for determining when to allow incumbents to retire a “last-mile” service and battery backup standards. The FCC believes comments from states and localities will be particularly valuable on IP transition rules because they’re “the ones who are closest” to on-the-ground conditions in different parts of the U.S., DelNero said during an FCC seminar. The NPRM is awaiting Federal Register publication, he said.
Multiple House and Senate committees responsible for cybersecurity legislation and oversight will have new leadership in the 114th Congress, but industry lawyers and lobbyists told us that's unlikely to result in substantial changes in how the committees handle cybersecurity legislation. Most cybersecurity legislation has been stalled during the 113th Congress and there are limited prospects for bills like the Cybersecurity Information Sharing Act (CISA) to pass during the lame-duck session (see 1411070037). Those limited prospects are in part a reflection of a desire to “start fresh” on cybersecurity once the 114th Congress convenes, said Jessica Herrera-Flanigan, a lobbyist at the Monument Policy Group whose Q3 clients included LinkedIn and Microsoft.