A PYMNTS Company

FCC Responds to Cybersecurity Threats with CALEA Ruling

By  |  February 19, 2025

By: Casey Lide & Liam Fulling (Keller & Heckman)

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    In this piece for the Beyond Telecom blog, authors Casey Lide & Liam Fulling (Keller & Heckman) examine the FCC’s recent actions on cybersecurity and the evolving regulatory landscape for telecommunications providers.

    Earlier this month, in the final days of Jessica Rosenworcel’s tenure as Chair of the Democrat-led FCC, the Commission issued a Declaratory Ruling affirming that Section 105 of the Communications Assistance for Law Enforcement Act (CALEA) requires telecommunications carriers to safeguard their networks from unlawful access and the interception of communications. In doing so, the FCC effectively positioned CALEA as a foundation for implementing additional cybersecurity regulations.

    Alongside the ruling, the Commission adopted a Notice of Proposed Rulemaking (NPRM) aimed at extending cybersecurity and supply chain risk management requirements to a broader range of service providers.

    Commissioners Carr and Simington dissented from both the Declaratory Ruling and the NPRM. While Commissioner Carr has frequently highlighted cybersecurity risks, particularly those posed by state-sponsored actors from the People’s Republic of China (PRC), it remains uncertain whether the newly GOP-led FCC will uphold these measures or take a different regulatory approach.

    Background on CALEA

    Enacted in 1994, CALEA mandates that telecommunications carriers and manufacturers of telecom equipment ensure law enforcement agencies have the necessary surveillance capabilities to monitor communications over their networks. Under the “substantial replacement” provision, the FCC has interpreted the term “telecommunications carrier” for CALEA purposes to include facilities-based broadband Internet access service (BIAS) and interconnected VoIP providers, extending its reach beyond traditional telecom services…

    CONTINUE READING…