OVERNIGHT TECH: FCC panel proposes cybersecurity guidelines

The voluntary guidelines contrast with pending legislation in the Senate that would empower the Homeland Security Department to set mandatory security standards for critical networks.

The FCC committee recommended that Internet providers educate consumers about how to prevent their computers from being infected and used as “botnets” in attacks on websites. The Internet providers should also offer assistance for consumers whose computers have already been infected, according to the guidelines.

Hacker group Anonymous regularly uses botnets to overwhelm websites with thousands of infected computers. The attacks have crashed the websites of the Justice Department, the CIA and major record labels and movie studios in recent months.

The guidelines also recommended that Internet providers use a security extension called DNSSEC to detect if a user is being redirected to a fraudulent website. The fake websites are often designed to look legitimate to trick users into divulging their financial information.

The committee called on network operators to develop and adopt new technologies to combat Internet route hijacking. Using this technique, hackers can misdirect traffic and access personal data.

Genachowski said the guidelines will beef up cybersecurity without invading individuals’ privacy.

“And while there are some who suggest that we should compromise privacy to enhance online security, this too is a false choice,” Genachowski said. “Privacy and security are complementary — both are essential to consumer confidence in the Internet and to adoption of broadband. We can and must improve online security while protecting individuals’ privacy.”

Industry groups praised the FCC for developing voluntary, rather than mandatory, security standards.

USTelecom President and CEO Walter B. McCormick Jr. said:

“We agree with Chairman Genachowski’s statement that solutions to cyber threats will require multiple stakeholders in the Internet community to work together, and that the multi-stakeholder process, rather than a regulatory approach, has proven over time to be an effective way to secure networks while keeping the Internet an open platform for innovation and communication. We are pleased that the recommendations adopted today recognize the need for more work in areas where standards are still under development, and where economic barriers may exist for some companies whose business models do not allow them to recover investments in cybersecurity solutions.”

CenturyLink President Glen Post said:

“I commend the industry for recognizing the importance of these voluntary initiatives and the continued willingness to work cooperatively to seek meaningful solutions.”

Comcast Executive Vice President John Schanz said:

“We’ll continue to develop innovative solutions and participate in groups like [the Communications, Security, Reliability and Interoperability Council (CSRIC)] that encourage the development of real-world solutions, best practices, and codes of conducts. There is no ‘one size fits all’ model for addressing cybersecurity risks. It takes broad participation for the best results. The flexibility for us to design and develop the best security solutions for our network architecture and customer environment is a core element of a successful cybersecurity policy. This flexibility helps ensure we can continue to focus on security and innovation, rather than regulation. Comcast is delighted to be part of CSRIC and other industry organizations working to make the global Internet even better.”

Wireless industry proposes accelerated timetable for spectrum auctions: CTIA-the Wireless Association on Thursday proposed a timetable for the FCC to conduct auctions of spectrum licenses. Under the program, which Congress authorized as part of a payroll tax cut extension earlier this year, the FCC will pay television stations to give up their spectrum and then sell the spectrum to wireless carriers, which are struggling to meet the growing data demands of smartphones and tablet computers.

Under CTIA’s optimistic timeline, the FCC would grant spectrum licenses to wireless companies by Feb. 22, 2015.

The association admitted that achieving its “aggressive” goal would not be easy, but said the FCC would have to set an “accelerated timeframe if it is to comply with its own goal of bringing 300 MHz of spectrum to market by 2015.”

FCC ‘welcomes’ DOJ charges against AT&T: The Justice Department on Thursday accused AT&T of defrauding a federal program out of millions of dollars and assisting Nigerian scammers.

According to the lawsuit, AT&T knowingly billed the FCC for calls placed by international scammers through IP Relay services, a program for the hearing-impaired.

“The Commission welcomes the Department of Justice’s filing, which arises from an investigation that the Commission’s Office of Inspector General actively assisted,” an FCC spokesman said in a statement. “Fraudulent IP Relay practices are a serious problem the Commission has been addressing, and the Commission’s Enforcement Bureau also has ongoing investigations of IP Relay practices. We will continue to work with DOJ and other law enforcement authorities to protect these critical services from abuse.”

AT&T insisted that it followed the FCC’s rules for providing IP Relay services.


The Senate on Thursday passed an amended version of House Republicans’ Jumpstart Our Business Startups (JOBS) Act, a bill supporters saidy would generate jobs by easing capital-formation regulations for small companies.

The American Civil Liberties Union criticized employers who ask for job candidates’ Facebook passwords after The Associated Press reported Tuesday that the practice is becoming more widespread.

David Boies and Ted Olson, the famed lawyers behind a legal challenge to California’s Proposition 8 ban on same-sex marriage, are threatening to sue the Motion Picture Association of America unless it changes the R rating of the documentary film “Bully.”