The FCC’s Task Force on Optimal Public Safety Answering Point (PSAP) Architecture (TFOPA) today voted to give final approval to its consolidated report with recommendations on actions that PSAPs should take on cybersecurity, architecture, and resources as they transition to next-generation 911 systems. The report prompted FCC Chairman Tom Wheeler to declare that the Commission has done “about everything we can do” on the issue and that Congress will need to step in to push the issue forward further.
TFOPA is a federal advisory committee tasked with providing recommendations to the Commission on actions that PSAPs can take to optimize safety, operations, and funding as they transition to next-generation 911.
At the task force’s meeting this afternoon, Chairman Wheeler said, “We are not doing as good a job as Americans have a right to expect us to do” on modernizing the 911 system. “For the last year we have been dealing with the issues that are the foundation for how we finally change that,” he said.
“How do you transition? How do you design the next-generation of 911 PSAP? How do you deal with cybersecurity?” Chairman Wheeler asked. “And, also a great challenge, how to pay for it?”
Chairman Wheeler credited Commissioner Mike O’Rielly with proposing the creation of the group. “Thank you to Mike for, once again, identifying something that we ought to be doing and we ought to be stepping forward on.”
Chairman Wheeler lamented that NG-911 had “stalled” and that the delay “represents a danger to Americans.”
“Our technology is out of date, but it is worse than that, because we are not taking advantage of what could be done,” he said. “We all say, ‘see something say something,’ but technology allows us to ‘see something, say something, show something.’ We have not had the systems in place to do that.”
Chairman Wheeler added that the FCC has “done about everything we can do” within its authority.
“We have dealt with the question of resiliency. We’ve deal with the question of location, issues such as text-to-911 to try and take advantage of new capabilities. We’ve have pretty much exhausted what we can do here at the Commission, which is why every time I have been before Congress for the last year, I have always said we have to have leadership out of the Congress, and we have to have a new national plan for NG911,” he said. “Only Congress can make that happen.”
“I pledge to you that in the year I have left in this job, every time I appear before Congress, the number one item I will talk about is the absolute necessity of … Congress dealing with the issues in NG911 so Americans can have the benefits rather than just talk about them,” he said.
Chairman Wheeler told the task force that its work has been “essential to delivering that message, because you’ve got now a blueprint that says this is how we need to proceed on these important issues.”
David Simpson, chief of the FCC’s Public Safety and Homeland Security Bureau, stressed the importance of cybersecurity in PSAPs, pointing to a blog post he made on the issue on Thursday (TRDaily, Jan. 28).
“If you are running an IP network and you are not doubling down on the things we talked about in that blog, you are not responsibly running a network that needs to be public safety great,” Mr. Simpson said.
“To those that have PSAP planning responsibilities, it is so critical to have a risk-based approach and to ensure that you are assessing risk and then investing in the right risk reduction efforts to get ahead and address cybersecurity,” he said. “That does not mean you’ve got to do it all yourself.”
“A building block approach is absolutely critical and the thought of combining internal action, contracted action, and shared cybersecurity services is essential to PSAPs recognizing how I am responsibly addressing cybersecurity risk,” Mr. Simpson added. “The report provides not only recommendations but also a set of best practices and guidelines that we think will serve state and local 911 authorities well as they enter into decision-making processes about modernizing the 911 systems.
“The report represents a body of recommendations, not directives,” he said. “We recognize our authority here at the FCC is a slice of the overall of what is in place with regards to authorities for 911.”
The task force had provisionally adopted the workgroups one (cybersecurity) and two (architecture) reports at a December meeting (TRDaily, Dec. 10, 2015) and the final consolidated report adopted today included few substantive changes to those sections.
The architecture report offers recommendations, in the areas of policy/regulation, governance, architecture and technology, standards and best practices, and education and training. The cybersecurity report included various cyber best practices, including the use of the NIST framework, the National Initiative for Cybersecurity Education framework, identity credentialing access management, and the Communications Security, Reliability, and Interoperability Council’s best practices related to public safety. It also recommended the creation of Emergency Communications Cybersecurity Centers (EC3) to provide intrusion detection and prevention services to PSAPs.
Philip Jones, commissioner on the Washington Utilities and Transportation Commission, noted that the cybersecurity concerns for PSAPs are very real.
“We have at least one large county in our state that has NG-911 equipment ready to go,” with gear in place and staff largely trained, he said. “But they are not going live. Why? Because of cybersecurity. They do not believe the telecommunications for the state has adequate, robust” security in compliance with the National Institute of Standards and Technology’s cybersecurity framework.
Regarding the third working group, which addressed optimal resource allocation, Mr. Jones said some substantive changes to its report had been made since it was adopted at a TFOPA meeting last September (TRDaily, Sept. 29, 2015).
The working group reconvened in recent weeks to discuss concerns with the consideration of a network connection fee and some other terms and details provisionally approved in September, Mr. Jones said. Mr. Jones said a policy statement in the report was changed to clarify that users, “whether they be residential or commercial, will pay the 911 fees” and that they will largely be collected by communications carriers, “whether they be broadband, telephony, or facilities-based VoIP providers and others.”
“We clarified that, based on cost causation principles, the person who benefits” from the 911 system is the end user, Mr. Jones said. “Somebody has to pay for it, so at the end of the day, the principle is the end user pays for it.”
Another change to the report addresses states that have diverted fees that were collected for the purpose of 911 systems and used them for other purposes, as was the case in eight states in 2015, Mr. Jones said.
Regarding a network connection fee, Mr. Jones said some issues were being deferred. The original working group report, for example, included four proposed options on how such a fee could be structured, but “we took all that out,” he said.
“I think we realized it’s a complex area,” Mr. Jones said. “There is no perfect solution. It’s going to vary state by state.”
Mr. Jones said there are no mandates regarding such a fee but suggested that the issue should be studied further. “It would be foolish from a funding perspective not to look at all the possible options,” he said. – Brian Hammond, brian.hammond@wolterskluwer.com
Courtesy TRDaily