Security, Privacy and Information Governance

Author: Nate Bolin

FCC to Wade into the US Telecom Supply Chain in the Name of National Security


The Federal Communications Commission (FCC) made headlines on March 26 when Chairman Ajit Pai proposed that the FCC bar several companies, in the name of national security, from participation in the FCC programs. The FCC plans to vote on this proposal at its next Open Meeting on April 17, 2018.

The proposal was prompted by letters he received from 18 Congressional leaders last December, which asserted the potential for compromised security of U.S. telecommunications networks through insecure equipment supply chains required FCC consideration. Chairman Pai responded to the Congressional letters by noting that FCC itself does not purchase or use the equipment from the named companies and would not intend to take service from a service provider that does. The Chairman however did not stop there; he is proposing that certain companies be barred from participating in the Universal Service Fund (USF) program that subsidizes carrier equipment.

Continue reading

DOJ Settlement with Netcracker Technology Corporation Highlights Cybersecurity and Export Control Best Practices for Government Contractors and Information Technology Companies


This week the U.S. Department of Justice (DOJ) and Netcracker Technology Corporation (NTC) announced that they had settled charges that NTC had violated U.S. controls on foreign access to sensitive data. The settlement underscores many of the export control and related compliance risks surrounding the provision and use of cloud computing services and global networks. At the same time, the Enhanced Security Plan issued by NTC and DOJ as part of the settlement provides a helpful set of benchmarks and best practices for companies that may be considering the use of cloud services and network infrastructure to house and transmit their most sensitive data.

According to DOJ’s settlement announcement, NTC had worked as a subcontractor on two federal government contracts with the Defense Information Systems Agency (DISA), a combat support agency of the U.S. Department of Defense (DoD), and performed some product support work from locations outside the United States, including Russia. DOJ alleged that by failing to maintain adequate controls on the cloud and network infrastructure supporting these contracts, NTC had threatened the security of sensitive data about individuals, DoD projects, networks and critical U.S. domestic communications infrastructure. DOJ further asserted that uncleared NTC foreign national employees in Russia and Ukraine worked on the DISA projects and were aware of the sensitive nature of the projects and the data stored and transmitted through the network managed by DISA.

Continue reading

© 2018 Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

Disclaimer/Privacy Policy