Foreign Relations & International Law

Senate Report Finds Poor Executive Branch Oversight of Chinese State-Owned Telecoms

Justin Sherman
Wednesday, June 17, 2020, 8:01 AM

The Senate Permanent Subcommittee on Investigations published a report on June 9 on “Threats to U.S. Networks: Oversight of Chinese Government-Owned Carriers.”  What's in the document?

Marco Rubio, acting chair of the Senate Select Intelligence Committee, addresses a crowd in Columbus, Ohio in 2015 (Gage Skidmore/https://flic.kr/p/xrGHX9/CC BY-SA 2.0/https://creativecommons.org/licenses/by-sa/2.0/)

Published by The Lawfare Institute
in Cooperation With
Brookings

The Senate Permanent Subcommittee on Investigations published a report on June 9 on “Threats to U.S. Networks: Oversight of Chinese Government-Owned Carriers.” The report’s focus is on the executive branch. This includes Team Telecom, the executive branch’s ad hoc group that inspects foreign telecommunications carriers operating in the U.S. for national security risks. Team Telecom has now been formally established as an executive branch committee through a recent executive order. The report also focuses on the Federal Communications Commission (FCC), the Department of Justice and the Department of Homeland Security.

What’s in the report? The document introduces some new information on the foreign telecom oversight process, and it details useful information about the operations of Chinese state-owned or state-controlled telecoms (for example, ComNet). It also helpfully recaps previous U.S. government efforts to monitor Chinese state-owned carriers in the U.S. But the report’s main significance comes in its conclusion and its recommendations. The subcommittee found fundamental problems with the executive branch’s foreign telecom review process—and it recommends congressional action to fix the process. It’s an important signal that Congress may get more involved in empowering and monitoring the executive branch’s supply-chain security process for foreign telecoms.

There is much concern in the U.S. government that Chinese state-owned or state-controlled telecoms are a vector for the Chinese government to conduct espionage in the United States. The government also worries that the Chinese government may use these companies’ infrastructural presence in the U.S. telecommunications space for activities beyond espionage, like commercial data theft for economic gains or even potentially deactivating or disrupting networks in the event of a U.S.-China crisis.

The Senate subcommittee is clear up front that “state-ownership does not presume a national security risk” and that “there are also compelling commercial interests dependent on facilitating the flow of data between the United States and China.” But “commercial interests,” the report says, “must be balanced against national security interests,” like risks of Chinese government control of telecommunications firms. In other words, the approach is more measured than what has come out of the current administration, appreciating the value of balancing economic and security concerns as well as moving beyond country of origin as the sole indicator of risk.

On this point, the report says bluntly that Team Telecom has proved an inadequate bulwark against Chinese government intrusion into the telecom sector. The report notes that the interagency body has exercised “minimal oversight” of Chinese state-owned telecoms in the United States. It quotes “FCC commissioners” as describing the Team Telecom review process as “broken,” an “inextricable black hole,” and providing “no clarity for [the] future.” Collectively, it says the FCC, the Justice Department and the Department of Homeland Security (all of which work with or support Team Telecom) have exercised “minimal oversight to safeguard U.S. telecommunications networks against risks posed by Chinese state-owned carriers.” This insufficient oversight, the report notes, has “undermined the safety of American communications and endangered our national security.” What’s the basis for this searing critique? The subcommittee reviewed more than 6,400 pages of documents and conducted more than 10 interviews, including with individuals from government agencies, U.S. telecom suppliers and Chinese state-owned telecom suppliers.

In light of this report, it seems overwhelmingly likely that President Trump’s executive order to formalize Team Telecom, signed on April 4 of this year, was issued in anticipation of these criticisms. As the report notes, the subcommittee’s investigation was still ongoing when the executive order was signed. But while the subcommittee gives a nod to the executive order and other changes since the investigation’s launch, it still expresses dissatisfaction with the executive branch’s oversight of the privacy and security risks posed by foreign telecoms.

This is where the second big takeaway from the report comes into play: its recommendations. Asserting that even with the executive order, “the new committee’s authorities remain limited,” the subcommittee recommends not just that the FCC complete its ongoing review of four Chinese telecoms—a process that may be entering its final stages—but also that Congress should start throwing more weight behind foreign telecom security reviews.

Significantly, it recommends that Congress statutorily authorize the new telecom committee that the executive order calls for. Rather than having the group operate under an executive order as it does now, this would explicitly put its authorities into law. This kind of move is not unprecedented in the supply-chain security space. The Committee on Foreign Investment in the United States (CFIUS), which reviews foreign acquisitions of U.S. companies for national security risks, underwent a similar overhaul back in 2007 with the Foreign Investment and National Security Act. In light of shortfalls in the CFIUS’s foreign investment reviews, Congress statutorily authorized the committee and increased the CFIUS’s power and Congress’s oversight of it. (On an related CFIUS note, the subcommittee report notes that Homeland Security and Justice currently often assign the same individuals to Team Telecom work as they would to CFIUS work, and personnel would prioritize CFIUS due to statutory requirements.)

The FCC can already revoke foreign telecoms’ licenses to operate in the U.S. based on Team Telecom (now, the new telecom committee) recommendations. But statutory authorization of the telecom committee could give the body more power, including the explicit authority to recommend that the FCC revoke existing licenses. As of now, the subcommittee says, Team Telecom wouldn’t engage with a foreign telecom if there was no security agreement between the government body and the telecom firm.

The legislation called for by the subcommittee to statutorily authorize the telecom committee would also include oversight provisions: setting deadlines by which the committee must complete FCC-related application reviews; ensuring adequate, congressionally provided resources to the executive branch to conduct foreign telecom reviews; requiring the committee to coordinate telecom application reviews with CFIUS inspections of foreign ownership; and requiring periodic review and renewal of security agreements between the telecom committee and foreign telecoms. Given the subcommittee’s findings on Team Telecom’s inadequate oversight and lack of resources, these measures could bolster the executive branch’s foreign telecom security reviews. Of course, it remains to be seen if this legislative proposal will get traction (again, the report only just came out). But it’s a thorough and much needed recommendation—equipping the executive branch to have a more empowered, resourced and congressionally monitored process for handling telecom supply-chain security.

Finally, the report recommends Congress and the White House “take steps to ensure reciprocal access to the Chinese telecommunications market for U.S. companies.” Forced technology transfers, discriminatory regulations and burdensome licensing requirements are just some of the measures it lists as Chinese measures that underpin the “highly asymmetric playing field”— U.S. telecoms face “immensely restrictive policies” in China but not the other way around.

This is a particularly interesting recommendation. If the White House were to make such a comment right now, talk of ensuring reciprocal market access would much more clearly seem a call to keep blurring economic and security risks for political gain. The administration has an established track record of using real security risks as political pawns for trade negotiations, like with Huawei. But coming from the subcommittee—which discusses China’s market access restrictions and Chinese state-owned telecoms’ security risks as related but distinct issues—this recommendation suggests a far more measured approach. It calls out the fact that, as long as the U.S. government is paying more attention to how foreign telecoms are treated in the U.S., it should likewise devote greater attention to how U.S. telecoms are treated in China.

All told, this call for legislative action on foreign telecom security is an important one. It’s important as a political signifier—the Senate calling out the executive branch’s inadequate oversight of Chinese state-owned telecoms in the United States. It’s important as a call to look specifically at China, yes, but beyond China too—while the report focuses specifically on Chinese state-owned carriers, the recommendations are broader and could impact reviews of many foreign carriers. And it’s important on the recommendation side, as the subcommittee calls not just for executive branch reform (like saying the FCC needs a clearer, standard process for revoking carriers’ licenses) but also for congressional action on telecom supply-chain security. It’s a potential sign that some members of Congress want greater congressional involvement in shaping the apparently insufficient executive branch approach to Chinese state-owned telecoms and security risks.

The subcommittee is right that constant evolutions in technology, the supplier landscape and the risks mandate changes to existing practice. The next question, in the wake of the report and in light of the FCC’s impending decisions on four Chinese telecoms’ licenses, is whether Congress will enact these kinds of recommendations.


Justin Sherman is a contributing editor at Lawfare. He is also the founder and CEO of Global Cyber Strategies, a Washington, DC-based research and advisory firm; a senior fellow at Duke University’s Sanford School of Public Policy, where he runs its research project on data brokerage; and a nonresident fellow at the Atlantic Council.

Subscribe to Lawfare