The Secure and Trusted Networks Act of 2019 (HR 4998; previously introduced in the 116th Congress as HR 4459) both 1) prevents the government from providing subsidies to telecommunications companies for the purposes of buying or maintaining any network equipment that poses a national security risk and 2) provides funds to replace previously-purchased equipment that poses a national security risk. Under this Act, the Federal Communications Commission (FCC) must create a list of “covered equipment” that poses a “national security risk” to the US. The government determines if a piece of equipment is a national security risk in four ways:
- An interagency body within the executive branch that specializes on national security, such as the Federal Acquisition Security Council, makes such a determination.
- The Department of Commerce makes such a determination by following the guidelines and procedures established in Executive Order 13873, which declares a national emergency regarding certain telecommunications equipment as posing a national security threat from foreign adversaries.
- The piece of equipment fits the definition of “covered telecommunications equipment or service” in section 889(f)(3) of the 2019 John McCain National Defense Authorization Act. Examples of covered telecommunications equipment or services include equipment produced by Chinese companies Huawei Technologies Company or ZTE Corporation.
- An appropriate “national security agency”, defined in the Act as the Department of Homeland Security, the Department of Defense, the Office of the Director of National Intelligence, the National Security Agency, or the Federal Bureau of Investigation, makes such a determination.
Once the FCC establishes the list of covered equipment, the government cannot provide grants or subsidies to buy or maintain equipment on that list. This restriction only applies to equipment needed to provide “advanced communication service,” which the bill defines by referencing the federal definition of “advanced telecommunications capability”: namely, any technology necessary to provide broadband connections. Moreover, the restriction only applies to technology that is capable of routing user traffic, allows for remote network disruptions, or otherwise poses an “unacceptable” national security risk. The ban on using federal money to purchase an item on the list would begin 60 days after the item is added to the list. Companies could still use private money to purchase covered equipment but would have to demonstrate that if they additionally receive federal money that none of that money is going toward the covered equipment.
The FCC would additionally provide funds to small telecommunications companies (those having less than two million customers) to remove, replace, and dispose of any equipment on that list that the company has previously acquired. The FCC will create a list of suggested, secure replacement technology; they will also issue regulations for how to dispose of covered technology so that those items cannot be reused. Once a telecommunications company receives this funding, they have one year to remove or replace listed equipment. Any company receiving these replacement funds cannot use these funds or even private funds to buy covered equipment from the FCC’s initial list.
The FCC would be able to enforce violations against either of the Act’s major provisions through its standard enforcement mechanisms established by the Communications Act of 1934. Companies violating the use of replacement funds would additionally have to repay all funds they had received and may potentially be barred from participation in other FCC programs.