FCC Adopts NPRM Proposing to Strengthen Emergency Alert System

The FCC adopted an Emergency Alert System notice of proposed rulemaking today that the agency said is “intended to improve EAS by facilitating involvement on the state and local levels, supporting greater testing and awareness of the system, leveraging technological advances, and enhancing EAS security.” The item, which was adopted in PS dockets 15-91 and 15-94 at the agency’s monthly meeting, seeks views in part on recommendations made by the FCC’s Communications Security, Reliability, and Interoperability Council concerning state plans and security (TRDaily, March 20, 2014).

The NPRM drew a partial dissent from Commissioner Mike O’Rielly.

During a presentation at today’s meeting, Greg Cooke, associate chief of the Policy and Licensing Division in the FCC’s Public Safety and Homeland Security Bureau, noted that state EAS plans are currently filed with the Commission on paper. The NPRM proposes that state plans be filed online and using a template.

“This streamlined system will allow states to file plans that fully detail their strategies for delivering life-saving alerts, and will provide the Commission with a useful tool to gauge the effectiveness of each state’s ability to deliver alerts and warnings to their citizens,” Mr. Cooke said.

Mr. Cooke also said that the notice “proposes to evolve EAS testing from a purely technical event into one that would support voluntary integration with community public safety exercises. The item proposes authorizing ‘live’ code tests [without a waiver] and public service announcements that use the familiar EAS sounds. The notice also seeks comment on how best to ensure that community-based exercises address the needs of all community members, including individuals with limited English proficiency and individuals with disabilities.”

In addition, the NPRM “seeks comment on the impact of advancements in technology on EAS,” Mr. Cooke observed. “Specifically, the notice seeks comment on whether the Commission needs to retain its current forced tuning and selective override provisions, which were designed to help cable providers efficiently transmit alerts by shifting viewers to a single EAS channel. The notice also seeks comment on the extent to which consumers expect to receive EAS over services outside of traditional broadcast or pay TV, and what technical, policy or jurisdictional issues would need to be addressed. The item also seeks comment on the potential of technological advancements to further improve accessibility.”

Mr. Cooke also said that the NPRM “proposes to require EAS participants to certify performance of industry-recommended security best practices. The notice further proposes to require reporting for false alerts and ‘lockouts,’ and to ensure that all alerts are properly authenticated and validated to protect against malicious or accidental misuse of this national security resource.  Finally, the notice seeks comment on whether adoption of a software-defined networking approach to the EAS architecture would help make the EAS more secure and more resilient.”

In his statement, Commissioner O’Rielly said that “the Commission must periodically review its regulations to ensure they are still needed and to modify or update them as necessary. And EAS is no different. Therefore, I am generally supportive of a proceeding to re-evaluate our rules.

“I am highly skeptical, however, about some of the issues raised, if they were to be part of any final item,” the Commissioner added. “For instance, the ideas about obtaining information on the use of social media and highway signs as part of state emergency plans, some of the testing procedures and outreach measures, and machine-translation technologies for accessibility could result in unnecessarily burdensome rules. I am also concerned that the portion of the order on software-defined EAS networks could lead to duplicative EAS infrastructures and technology mandates. Let’s hope the record adequately addresses all of these issues to ensure that the correct balance is achieved and costs are minimized. Our main goal must be an EAS system that works, not a half-baked mandate for inclusion in every communication mechanism.”

Mr. O’Rielly added that he is “most disturbed about those portions of the item that seek, or could be used, to capture the Internet in our EAS rules. For instance, there are questions about whether our requirements should be expanded beyond channels that carry programming, which could possibly capture channels carrying interactive games, the Internet, and Internet access. Further, we seek comment on expanding alerts to ‘emerging video technology,’ which could ultimately be used to impose EAS requirements on over-the-top (OTT) providers, such as multichannel video programming distributor (MVPD) and broadcaster mobile applications, Netflix, Hulu, and others.

“Had the public seen the first version of this item, they would likely be outraged by how directly it attempted to capture certain OTT services in this morass,” the Commissioner added. “Making the language vaguer does not hide its true intentions. Beyond the harmful direction in policy, we have limited statutory authority to regulate the Internet or edge providers, and I will not be supportive of any efforts to do so.”

“Although the Commission asserts that it is just seeking information on these new technology issues, this is a façade,” Mr. O’Rielly asserted. “We have been down this road before. Using the guise of an advisory committee, industry best practices have turned into Commission mandates before our very eyes. We actually use this approach in this very item. This item takes the security measures that are part of CSRIC best practices and makes them mandatory by requiring certifications of compliance from EAS participants.” He also said that he disagrees with the use of section 706 of the 1934 Communications Act, as amended, “as authority for all of the ideas in this notice.”

Republican Commissioner Ajit Pai said he was “particularly pleased that the Notice now includes a section that asks some fundamental questions about the structure of our alerting system. Right now, EAS messages are transmitted in one of two ways: either through the traditional, broadcast-based EAS protocol or through a newer, Internet-based protocol. Does it make sense to maintain these two approaches for redundancy or other purposes? Or should we switch to a single distribution method?

“We also seek comment more broadly on whether our alerting system is appropriately tailored to today’s communications landscape,” he noted. “Do we need to rethink the basic structure of our system in light of advances in technology? Or is the current system flexible enough to continue to serve as our alerting platform going forward? Vital questions all, and I’m glad that we’re now asking them.”

Mr. Pai added, “As important as what’s in the document is what’s not. The Notice no longer seeks comment on imposing regulations on over-the-top (‘OTT’) providers in a way that would have tilted the regulatory playing field against a subset of those providers. Given the nascent, competitive, and dynamic nature of the OTT market, I thought it was important to move forward in a more balanced manner, and I appreciate the compromise struck on this point. As we modernize the system, we must be mindful of how our regulations might impact the market for IP-based offerings.”

In response to the criticism by Mr. O’Rielly, FCC Chairman Tom Wheeler defended the NPRM. “We’re talking about safety, safety – our most important assignment in this agency,” he said. “It would be a tragedy beyond comprehension to wake up late to how technology is changing the way in which people” get information.

In his written statement, Mr. Wheeler said, “Technology is evolving, which presents both a challenge and an opportunity for the EAS.  We not only need to ensure that Americans continue to reliably receive alerts, but we also have the chance to make alerting even more valuable to the public. Today’s item lays the groundwork to do just that.”

“We are also beginning an important dialogue with stakeholders about the future of alerting,” he added. “For example, as Americans increasingly view programming over new platforms, how can we ensure that the public still receives critical warnings when disaster strikes?  How can we responsibly leverage social media techniques, like crowdsourcing, for sharing information as crises unfold?”

“The item acknowledges that some social media platforms are already improving the accessibility of emergency messages by offering users the ability to translate alerts from English into more than forty languages,” said Commissioner Mignon L. Clyburn. “And yes, we should encourage emergency managers at the federal, state, and local levels, to integrate those proven, most advanced, commercial technologies into their matrices so that no member of our society is left more at risk in times of crisis.

“Another important aspect of this Notice, is that it proposes several thoughtful approaches in addressing significant vulnerabilities in the nation’s EAS infrastructure,” she said. “Over the past several years, there have been a number of security breaches where hackers gained access to Emergency Alert [System] facilities and actually sent out fraudulent or false alerts.  One such breach is one too many.”

Ms. Clyburn stressed that the NPRM “recommends common sense measures such as requiring the filing of annual certifications which would affirm that entities are performing those best practices recommended by our CSRIC advisory committee, mandating the reporting of false alerts, as well as ensuring that jurisdictions are taking the necessary steps to ensure that those alerts are originated by authorized sources.”

Commissioner Jessica Rosenworcel said that “emergency alerts can do great things. But great programs do not thrive without continued attention and care.  The emergency alert program deserves this consideration. It needs to be modernized.”

She noted that the NPRM “proposes a streamlined online filing process for State Emergency Alert plans. It proposes expanded testing under real-life conditions. It asks about changing technology—and it seeks to improve security of the Emergency Alert System and protect essential infrastructure from attack. This has my unconditional support.” – Paul Kirby, paul.kirby@wolterskluwer.com