Industry Groups Ask FCC to Rescind Certain Cybersecurity Regulations
Groups call regulations ‘onerous and vague.’
WASHINGTON, August 13, 2025 – Industry groups have asked the Federal Communications Commission to rescind an interpretation of federal cybersecurity statute adopted earlier this year, in the wake of a major telecom breach.
Representatives from USTelecom, CTIA, and NCTA–The Internet and Television Association met with officials from the FCC’s Public Safety and Homeland Security Bureau on July 31 to request the withdrawal.
“[We] asked that the Commission grant [our] Petition for Reconsideration and rescind the Declaratory Ruling, which interprets [the Communications Assistance for Law Enforcement Act] for the first time to impose onerous and vague cybersecurity requirements,” the groups wrote in an filing.
The FCC adopted the ruling after a breach of major U.S. telecommunications networks by the Chinese-backed group Salt Typhoon.
Shortly after reports of the breach surfaced, then-FCC Chairwoman Jessica Rosenworcel circulated a proposal to interpret Section 105 of CALEA as creating a legal obligation for telecommunications companies to secure their networks broadly against cyberattacks. The Commission adopted the proposal in January over the objections of current FCC Chairman Brendan Carr.
“The Declaratory Ruling misinterprets the plain language of the statute, fails to provide notice and comment required by CALEA and the Administrative Procedure Act, and is arbitrary and capricious,” the groups wrote.
Although Carr opposed the ruling, he has been outspoken on Chinese cybersecurity threats. With a 2-1 Republican majority on the FCC, Carr may face few institutional barriers to rescinding the decision if he chooses to do so.
Member discussion