The FCC has released a Notice of Inquiry seeking comment on how and to what extent the agency should tackle the issue of 5G network security. Specifically, the Commission seeks comment on: (1) protecting confidentiality, integrity and availability; (2) authentication; (3) encryption; (4) physical security; (5) device security; (6) protecting 5G networks from Denial-of-Service (DoS) and Distributed DoS (DDos) attacks; (7) patch management; (8) risk segmentation; and (9) additional 5G considerations, including roles and responsibilities, costs, benefits, impact on public safety, and other related matters. The Notice of Inquiry comes on the heels of the FCC’s release of a July 2016 Report and Order, which among other things, opened up swaths of spectrum above 24 GHz specifically for 5G uses while simultaneously establishing a few network security reporting measures. On December 14, 2016, two days prior to the release of the FCC’s Notice of Inquiry, CTIA filed a Petition for Reconsideration which, among other things, asked the FCC to rescind its new rule compelling 5G service providers to file compliance reports with the FCC. As of the release of the Notice of Inquiry on December 16, 2016, the FCC did not address CTIA’s Petition for Reconsideration. Comments in response to the Notice of Inquiry are due within 90 days of the date of publication of the Notice of Inquiry in the Federal Register, which has not yet occurred, and reply comments must be filed within 120 days after publication of the Notice of Inquiry in the Federal Register.
