Consumer Electronics Daily was a Warren News publication.
Confidentiality Concerns

Possible State Access to Outage Data Brings Flurry of FCC Meetings

November 23, 2018 by Adam Bender and Matt Daneman|Top News

A surge in FCC ex parte meetings about access to national outage data in the network outage reporting system (NORS) and disaster information reporting system (DIRS) may foreshadow commission action in the near future, said parties to docket 15-80. States and others seek access, but the telecom industry is raising confidentiality concerns (see 1811060036). Multiple stakeholders that have talked with the FCC said the bureau is asking for input and meetings, but it's not clear what, if anything, Chairman Ajit Pai wants to do on the issue or when. The impetus for those meetings isn't clear, we were told.

It wouldn’t surprise NARUC if the FCC acts in Q1 2019, given the uptick in ex partes and “laudable increased focus by the Commission on disaster response” over the past two years, General Counsel Brad Ramsay emailed. “Given clear benefits of state access for disaster response, [I] would be surprised if that’s not the direction the FCC goes.” The FCC didn't comment.

Cooperation can go a long way,” NARUC President Nick Wagner told us. His state, Iowa, collects information from providers and "it's the same information that they're providing to the FCC," he said. "If there are areas where we can reduce duplication, it's … going to create a more efficient and effective delivery of those services for our customers.” The FCC seems open to working on the issue, he said. "We'll get there -- we’ve just got to work through some of these things that have been in place for a while.”

DIRS and NORS data should be shared with states and territories, said Puerto Rico Telecommunications Bureau Chairwoman Sandra Torres Lopez in a letter to Chairman Ajit Pai posted Wednesday. “Access to NORS/DIRS information will be an essential tool … to coordinate assistance to the companies and to emergency governmental agencies” and “restore the communications services and assist the citizens that are affected by the outage.” The Puerto Rico agency “knows the importance of maintaining and assuring the confidentiality of the information to be shared and is more than willing to comply with any requirement the FCC deems necessary.” Torres plans to meet with Pai next Wednesday, said her spokesperson.

NORS and DIRS access would help the Michigan Public Service Commission “proactively respond to outage situations and actively work with providers to prevent and mitigate outages,” the PSC said in a Nov. 16 ex parte about an Oct. 31 phone call with FCC staff. The Michigan PSC isn’t aware of specific timing by the FCC, a spokesperson said Tuesday. “There is precedent for granting states access to confidential federal data, and these protections can be extended to states prior to obtaining access to their respective region’s NORS outage information using processes previously established at the FCC,” the agency said in the ex parte. “The MPSC routinely handles confidential trade secrets, commercial information, and other sensitive data and is already equipped to handle and store sensitive and confidential information.”

The National League of Cities wants the FCC to “include local governments in future updates to federal network outage reporting systems and information availability, including information that crosses jurisdictional lines,” NLC said in a Nov. 9 call with the Public Safety Bureau, according to an ex parte. The National Emergency Number Association had a Nov. 13 call with the Public Safety Bureau about giving 911 centers real-time access to NORS and DIRS, said an ex parte. It could help maintain 911 service, but “the minutiae contained in these reports (e.g., the precise locations and specific equipment affected) may not be necessary for 9-1-1’s purposes,” and a summary of outages areas might be more useful, NENA said.

If the FCC lets state entities like public service commissions have access to NORS data, it must adopt safeguards for the sometimes-sensitive and proprietary data, such as having it be in a read-only format and limited to jurisdictions in an affected area, the CCA said Tuesday. There also should be a certification by the state entity that it will maintain data confidentiality, it said. And the FCC should consider requiring state PSCs to immediately notify affected parties of a breach and imposing penalties for a breach.

Echoing similar data confidentiality concerns, the Alliance for Telecommunications Industry Solutions (ATIS) Network Reliability Steering Committee (NRSC) told Public Safety and Homeland Security Bureau staffers that sharing NORS data with state agencies must come with prohibitions against sharing with governmental bodies not certified to protect such data and with private entities. It said if ATIS NRSC were to provide training for personnel receiving NORS data, that training could be produced within months but couldn't be finalized until after any new rules on NORS data sharing. ATIS NRSC said it was asked whether the industry would prefer having to file state-specific reports rather than single aggregated reports for each outage. ATIS NRSC recapped the meeting in an ex parte filing.