Rule2026-06992
Protecting Our Communications Networks by Promoting Transparency Regarding Foreign Adversary Control
Primary source
Metadata and text below are from the Federal Register, a public-domain U.S. government work. Always verify the official published version before relying on it for any legal matter.
Published
April 10, 2026
Effective
June 9, 2026
Issuing agencies
Federal Communications Commission
Abstract
In this document, the Federal Communications Commission (Commission or FCC) addresses the risks of foreign adversary control of Commission-granted licenses and authorizations by adopting rules requiring a broad range of holders of such licenses, authorizations, or approvals to attest whether they are owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary, and, if so, to disclose additional information about such foreign adversary control. Among other things, the Commission defines categories of licenses and authorizations that are subject to the rules, and establishes a streamlined process by which license and authorization holders should file their foreign adversary control attestations and disclosures.
Full Text
<html>
<head>
<title>Federal Register, Volume 91 Issue 69 (Friday, April 10, 2026)</title>
</head>
<body><pre>
[Federal Register Volume 91, Number 69 (Friday, April 10, 2026)]
[Rules and Regulations]
[Pages 18670-18702]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2026-06992]
[[Page 18669]]
Vol. 91
Friday,
No. 69
April 10, 2026
Part IV
Federal Communications Commission
-----------------------------------------------------------------------
47 CFR Parts 1 and 73
Protecting Our Communications Networks by Promoting Transparency
Regarding Foreign Adversary Control; Final Rule
��Federal Register / Vol. 91, No. 69 / Friday, April 10, 2026 / Rules
and Regulations��
[[Page 18670]]
-----------------------------------------------------------------------
FEDERAL COMMUNICATIONS COMMISSION
47 CFR Parts 1 and 73
[GN Docket No. 25-166; FCC 26-2; FR ID 338486]
Protecting Our Communications Networks by Promoting Transparency
Regarding Foreign Adversary Control
AGENCY: Federal Communications Commission.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: In this document, the Federal Communications Commission
(Commission or FCC) addresses the risks of foreign adversary control of
Commission-granted licenses and authorizations by adopting rules
requiring a broad range of holders of such licenses, authorizations, or
approvals to attest whether they are owned by, controlled by, or
subject to the jurisdiction or direction of a foreign adversary, and,
if so, to disclose additional information about such foreign adversary
control. Among other things, the Commission defines categories of
licenses and authorizations that are subject to the rules, and
establishes a streamlined process by which license and authorization
holders should file their foreign adversary control attestations and
disclosures.
DATES:
Effective date: Effective June 9, 2026.
Compliance date: Compliance with Sec. Sec. 1.80003 and
73.1212(j)(8) of the Commission's rules, 47 CFR 1.80003 and
73.1212(j)(8), will not be required until the Commission announces the
compliance date for Sec. Sec. 1.80003 and 73.1212(j)(8) by
notification in the Federal Register and revises Sec. Sec. 1.80003 and
73.1212(j)(8) accordingly.
ADDRESSES: Federal Communications Commission, 45 L Street NE,
Washington, DC 20554.
FOR FURTHER INFORMATION CONTACT: Mason Shefa, Attorney Advisor,
Competition Policy Division, Wireline Competition Bureau, at
<a href="/cdn-cgi/l/email-protection#d499b5a7bbbafa87bcb1b2b594b2b7b7fab3bba2"><span class="__cf_email__" data-cfemail="226f43514d4c0c714a474443624441410c454d54">[email protected]</span></a> or (202) 418-2494; Andrew McArdell, Attorney
Advisor, Mobility Division, Wireless Telecommunications Bureau, at
<a href="/cdn-cgi/l/email-protection#cf8ea1abbdaab8e182ac8ebdabaaa3a38fa9acace1a8a0b9"><span class="__cf_email__" data-cfemail="01406f657364762f4c62407365646d6d416762622f666e77">[email protected]</span></a> or (202) 418-1576; Gabrielle Kim, Attorney
Advisor, Telecommunications and Analysis Division, Office of
International Affairs, at <a href="/cdn-cgi/l/email-protection#44032526362d212828216a0f2d29042227276a232b32"><span class="__cf_email__" data-cfemail="5d1a3c3f2f3438313138731634301d3b3e3e733a322b">[email protected]</span></a> or (202) 418-0730;
Chris Smeenk, Attorney Advisor, Operations and Emergency Management
Division, Public Safety and Homeland Security Bureau, at
<a href="/cdn-cgi/l/email-protection#67240f150e1449340a0202090c2701040449000811"><span class="__cf_email__" data-cfemail="1e5d766c776d304d737b7b70755e787d7d30797168">[email protected]</span></a> or (202) 418-1630; Brendan Murray, Deputy Chief,
Policy Division, Media Bureau, at <a href="/cdn-cgi/l/email-protection#692b1b0c070d080747241c1b1b0810290f0a0a470e061f"><span class="__cf_email__" data-cfemail="3d7f4f5853595c531370484f4f5c447d5b5e5e135a524b">[email protected]</span></a> or (202) 418-
1573; or Tanner Hinkel, Industry Economist, Office of Economics and
Analytics, at <a href="/cdn-cgi/l/email-protection#f6a29798989384d8be9f989d939ab6909595d8919980"><span class="__cf_email__" data-cfemail="4b1f2a25252e3965032225202e270b2d2828652c243d">[email protected]</span></a> or (202) 418-1536. For additional
information concerning the Paperwork Reduction Act information
collection requirements contained in this document, contact Nicole
Ongele at (202) 418-2991, or send an email to <a href="/cdn-cgi/l/email-protection#edbdbfacad8b8e8ec38a829b"><span class="__cf_email__" data-cfemail="6a3a382b2a0c0909440d051c">[email protected]</span></a>.
SUPPLEMENTARY INFORMATION: This is a summary of the Commission's Report
and Order in GN Docket No. 25-166, FCC 26-2, adopted on January 29,
2026, and released on January 30, 2026. The complete text of this
document is available for download at <a href="https://docs.fcc.gov/public/attachments/FCC-26-2A1.pdf">https://docs.fcc.gov/public/attachments/FCC-26-2A1.pdf</a>. Alternative formats are available for
people with disabilities (Braille, large print, electronic files, audio
format) by sending an email to <a href="/cdn-cgi/l/email-protection#492f2a2a7c797d092f2a2a672e263f"><span class="__cf_email__" data-cfemail="86e0e5e5b3b6b2c6e0e5e5a8e1e9f0">[email protected]</span></a> or calling the
Commission's Consumer and Government Affairs Bureau at (202) 418-0503.
Regulatory Flexibility Act. The Regulatory Flexibility Act of 1980,
as amended (RFA),335 requires that an agency prepare a regulatory
flexibility analysis for notice and comment rulemakings, unless the
agency certifies that ``the rule will not, if promulgated, have a
significant economic impact on a substantial number of small
entities.'' Accordingly, the Commission has prepared a Final Regulatory
Flexibility Analysis (FRFA) concerning the possible impact of the rule
changes contained in this Report and Order on small entities. The FRFA
is set forth in Appendix B, <a href="https://www.fcc.gov/document/protecting-us-networks-foreign-adversary-control">https://www.fcc.gov/document/protecting-us-networks-foreign-adversary-control</a>.
Paperwork Reduction Act. This Report and Order may contain new or
substantively modified information collection requirements subject to
the Paperwork Reduction Act of 1995 (PRA), Public Law 104-13. All such
requirements will be submitted to the Office of Management and Budget
(OMB) for review under Section 3507(d) of the PRA. OMB, the general
public, and other federal agencies will be invited to comment on any
new or modified information collection requirements contained in this
proceeding. In addition, we note that pursuant to the Small Business
Paperwork Relief Act of 2002, Public Law 107-198, see 44 U.S.C.
3506(c)(4), we previously sought specific comment on how the Commission
might further reduce the information collection burden for small
business concerns with fewer than 25 employees.
In this present document, we describe several steps we have taken
to minimize the information collection burdens on small entities. We
have assessed the effects of the attestation and disclosure
requirements adopted herein and find that they will not impose
significant costs on Regulatees because similar requirements currently
exist for many Covered Authorizations and they are likely to be
familiar with the processes required for compliance. Further, we
created a sliding-scale Schedule-based approach to the application of
our attestation and disclosure requirements to minimize the burdens of
complying across differently situated Regulatees. By doing so, we place
certain Covered Authorizations that are typically or exclusively held
by small entities in Schedule C and exempt these Regulatees from the
initial reporting requirements. We also extended the duration of the
filing deadline for small entities, minimizing any burdens they may
face in complying with these requirements.
Congressional Review Act. The Commission has determined, and the
Administrator of the Office of Information and Regulatory Affairs,
Office of Management and Budget, concurs that this rule is ``non-
major'' under the Congressional Review Act, 5 U.S.C. 804(2). The
Commission will send a copy of this Report and Order to Congress and
the Government Accountability Office pursuant to 5 U.S.C. 801(a)(1)(A).
OPEN Government Data Act. The OPEN Government Data Act, requires
agencies to make ``public data assets'' available under an open license
and as ``open Government data assets,'' i.e., in machine-readable, open
format, unencumbered by use restrictions other than intellectual
property rights, and based on an open standard that is maintained by a
standards organization. This requirement is to be implemented ``in
accordance with guidance by the Director'' of OMB. The term ``public
data asset'' means ``a data asset, or part thereof, maintained by the
Federal Government that has been, or may be, released to the public,
including any data asset, or part thereof, subject to disclose under
[the Freedom of Information Act (FOIA)].'' A ``data asset'' is ``a
collection of data elements or data sets that may be grouped
together,'' and ``data'' is ``recorded information, regardless of form
or the media on which the data is recorded.''
[[Page 18671]]
Synopsis
Scope of the Information Collection
In this section, we set forth the scope of licenses, leases,
authorizations, permits, grants, and other approvals subject to the
attestation and disclosure requirements (reporting requirements) we
adopt in this Report and Order. For the purposes of regulatory
consistency, we use the Commission's preexisting definitions of an
individual or entity ``owned by, controlled by, or subject to the
jurisdiction or direction of a foreign adversary,'' ``foreign
adversary,'' and ``foreign adversary country'' to govern the scope of
individuals and entities which are subject to our Foreign Adversary
Control rules. In this Report and Order, we use the term ``Foreign
Adversary Control'' to refer to the term ``owned by, controlled by, or
subject to the jurisdiction or direction of a foreign adversary'' as
defined by the Commission. We then define three categories of licenses,
leases, authorizations, permits, grants, and other Commission approvals
(hereafter, Covered Authorizations)--Schedules A, B, and C--which apply
different attestation requirements under our Foreign Adversary Control
rules. Finally, we place each Covered Authorization into one or more of
these Schedules, weighing various factors including national security
risk of Foreign Adversary Control, public interest in transparency, and
administrability.
Definitions
Owned by, controlled by, or subject to the jurisdiction or
direction of a foreign adversary. For the purposes of our Foreign
Adversary Control attestation and disclosure requirements, we use the
definition of ``owned by, controlled by, or subject to the jurisdiction
or direction of a foreign adversary'' that was adopted by the
Commission in the Submarine Cable Report and Order (90 FR 48648, Oct.
27, 2025). As explained in the Submarine Cable Report and Order (90 FR
48648, Oct. 27, 2025), the Commission adopted this definition
consistent with the Department of Commerce's rule, 15 CFR 791.2, with
certain narrow modifications. Specifically, pursuant to Sec.
1.70001(g) of our rules, the term ``owned by, controlled by, or subject
to the jurisdiction or direction of a foreign adversary'' applies to:
(1) Any individual or entity, wherever located, who acts as an
agent, representative, or employee, or any person who acts in any other
capacity at the order, request, or under the direction or control, of a
foreign adversary or of an individual or entity whose activities are
directly or indirectly supervised, directed, controlled, financed, or
subsidized in whole or in majority part by a foreign adversary;
(2) Any individual, wherever located, who is a citizen of a foreign
adversary or a country controlled by a foreign adversary, and is not a
United States citizen or permanent resident of the United States;
(3) Any entity, including a corporation, partnership, association,
or other organization, that has a principal place of business in, or is
headquartered in, incorporated in, or otherwise organized under the
laws of a foreign adversary or a country controlled by a foreign
adversary; or
(4) Any entity, including a corporation, partnership, association,
or other organization, wherever organized or doing business, that is
owned or controlled by a foreign adversary, to include circumstances in
which any person identified in paragraphs (1) through (3) of this
Section possesses the power, direct or indirect, whether or not
exercised, through the ownership of a majority or a dominant minority
(10% or greater) of the total outstanding voting interest and/or equity
interest, or through a controlling interest, in an entity, board
representation, proxy voting, a special share, contractual
arrangements, formal or informal arrangements to act in concert, or
other means, to determine, direct, or decide important matters
affecting an entity.
In determining whether a foreign adversary ``possesses the power .
. . to determine, direct, or decide important matters affecting an
entity,'' we refer to the factors indicative of control found in Sec.
63.24, note 1 to paragraph (d), of our rules. As we stated in the
Submarine Cable Report and Order (90 FR 48648, Oct. 27, 2025), we note
that, while we include factors indicative of control in our definition
of ``owned by, controlled by, or subject to the jurisdiction or
direction of a foreign adversary,'' a determination of control is not
limited to these factors. The Commission will consider the totality of
the circumstances reflected in the record.
We find that cross-referencing the Commission's preexisting
definition of this term, which incorporates the Department of
Commerce's definition in 15 CFR 791.2, promotes regulatory consistency
not only across Commission rules but also across other Federal agencies
implementing Executive Order 13873. We also find that the inclusion of
equity and controlling interests in our preexisting definition is
applicable here and supports the national security goals of this
proceeding by capturing all mechanisms of Foreign Adversary Control,
and that applying a dominant minority threshold of 10% promotes
consistency with other Commission rules. We note that, rather than
proposing to adopt a definition that differs in language from the
Department of Commerce's definition in 15 CFR 791.2, the Foreign
Adversary Control Notice of Proposed Rulemaking (Document) (90 FR
26244, June 20, 2025) proposed to interpret ``that is owned . . . by a
foreign adversary'' in subpart (4) of that definition to include both
equity and voting interests and to interpret ``dominant minority'' to
mean a minimum of 10% interest. Given the Commission has adopted a
definition of ``owned by, controlled by, or subject to the jurisdiction
or direction of a foreign adversary'' that incorporates these
clarifications within the text and is thus aligned with the
interpretation proposed in the Document (90 FR 26244, June 20, 2025),
we find that cross-referencing Sec. 1.70001(g) for purposes of
implementing the Foreign Adversary Control rules will have the same
effect as our original proposal while simplifying administrability of
the new rules. The National Association of Broadcasters (NAB) notes
that the 10% dominant minority threshold for voting and equity
interests differs from the 5% threshold applied to broadcast licensees
under the broadcast attribution rules. First, NAB argues that we should
raise the 10% threshold to a level that it considers to be
``controlling,'' yet does not suggest a specific percentage. Second,
NAB argues that, for broadcast licensees, we should instead match the
lower threshold of 5% voting interests to which broadcasters are
already subject under the broadcast attribution rules, for the sake of
reducing burdens. While we understand NAB's desire for the Commission
to harmonize the voting thresholds for broadcast licensees subject to
existing ownership disclosure requirements, we find that adopting a
uniform threshold of 10% equity and voting interests across all Covered
Authorizations for purposes of the Foreign Adversary Control rules
strikes the right balance between promoting national security, reducing
regulatory burdens, and promoting regulatory consistency. For this
reason, we also reject Foundation for Defense of Democracies' (FDD)
suggestion to adopt a 5% dominant minority threshold. We respond
specifically to NAB's arguments about increased burdens below. Finally,
NAB concedes, ``[i]n the event that the Commission chooses not to apply
the 5% voting interest
[[Page 18672]]
threshold consistent with broadcast attribution rules, NAB supports the
use of a 10% voting or equity threshold.'' As the Commission noted in
the Submarine Cable Report and Order (90 FR 48648, Oct. 27, 2025), an
individual or entity may exert direction or control, or significant
influence, over a subject entity even without holding a majority of the
equity and/or voting interests, and ownership interests as low as five
and ten percent are relevant to protecting national security by
identifying foreign adversary involvement in a licensee. The Commission
also stated that this ownership threshold is consistent with Commission
rules and precedent for assessment of any national security, law
enforcement, foreign policy, and/or trade policy concerns regarding
certain applications filed with the Commission as they relate to the
applicant's reportable foreign ownership. Consistent with that view and
in light of our decisions today, for purposes of Sec. 1.70001(g)(4) of
the Commission's rules, we treat a holder of 10% or greater of the
total outstanding voting and/or equity interest in a Regulatee as
``possess[ing] the power . . . to determine, direct, or decide
important matters affecting an entity.'' Accordingly, to the extent
that any individual or entity identified in Sec. 1.70001(g)(1)-(3)
possesses such an interest in a Regulatee, the Regulatee is covered by
Sec. 1.70001(g)(4) and shall attest affirmatively where applicable to
the Regulatee under our reporting requirements, and include the
requisite additional disclosures. To the extent such Regulatee believes
that the 10% or greater voting and/or equity interest in the Regulatee
does not allow the interest holder to ``determine, direct, or decide
important matters affecting an entity,'' it must attest affirmatively
and demonstrate by clear and convincing evidence why such interest does
not meet Sec. 1.70001(g)(4). We delegate authority to the Licensing
Bureaus and Offices, and the Enforcement Bureau, to review, conduct
further inquiries, request additional information, and make
determinations on such provisional attestations. We also delegate
authority to OEA and PSHSB, in consultation with the Licensing Bureaus
and Offices and the Enforcement Bureau as appropriate, to determine how
to treat such attestations in the Foreign Adversary Control System
after review is concluded and a determination is made.
Commenters largely support our adoption of this definition. As the
Foundation for Defense of Democracies (FDD) notes, our expansion beyond
mere ownership will ``stymie [foreign adversaries'] efforts to use . .
. regulatory and legal architecture to coerce nominally independent
firms into furthering the [adversary's] geopolitical ambitions.'' FDD
further adds that a foreign adversary may ``use[] a range of corporate
governance structures, including `golden shares,' shell companies, and
other intermediaries, to obscure its control over nominally commercial
ventures.'' We agree with FDD that, by adopting this expanded
definition of Foreign Adversary Control, the Commission ``will
effectively capture these dynamics within the regulatory process.'' We
disagree with the Information Technology Industry Council's (ITI)
contention that the definition is ``overly broad and lacks sufficient
clarity to be reliably implemented in the communications sector.''
While ITI agrees that ``control may also be exercised through other
vectors,'' it suggests that the term ``subject to the jurisdiction of''
``broadens the scope of the . . . rule significantly without producing
tangible upside from a supply chain risk management perspective.'' ITI
also argues that inclusion of the term ``risks forcing FCC Regulatees
to classify employees based on citizenship status, rather than actual
control or influence, thereby complicating compliance and undermining
workforce equity and operational certainty.'' We disagree that this
term will raise such a risk. The attestation and disclosure
requirements we adopt herein pertain to the Regulatee, whether an
individual or entity, that holds the Covered Authorization. Under our
definition, a Regulatee would not be deemed ``owned by, controlled by,
or subject to the jurisdiction or direction of a foreign adversary''
solely because it has an employee that is a citizen of a foreign
adversary country, as the definition would be applied to the Regulatee
instead of the employee. The rule does not define an individual or
entity that is ``owned by, controlled by, or subject to the
jurisdiction or direction of a foreign adversary'' to include any
individual or entity that employs a person who is a citizen of a
foreign adversary country. The definition would apply to circumstances,
for example, where a Regulatee is an employee of a foreign adversary
country, or a Regulatee is owned or controlled by (as those terms are
defined herein) an employee of a foreign adversary or of an individual
or entity that is owned or controlled by a foreign adversary. We also
reiterate that this definition has been adopted by the Commission and
the Department of Commerce, and thus our implementation of such
definition for purposes of the Foreign Adversary Control rules would
promote consistency and minimize burdens for Regulatees subject to
various similar regulations. For this reason, we also decline ITI's
suggestion that we adopt a 50% ownership threshold, rather than a 10%
threshold. Lastly, we dispute NAB's contention that requiring all
Regulatees to identify their voting and equity interests for the
purposes of our Foreign Adversary Control rules would be unfair to
those, such as broadcasters, that only must identify voting interests
on their ownership reports by ``creat[ing] additional burdens that are
not being imposed on other services.'' Rather, we find that applying
the rule broadly across different services reduces any perceived
unfairness by requiring the same burden of reporting to which some
Regulatees have already been subject. We additionally note that, as we
explain below, we adopt a more tailored application of the attestation
and reporting requirements to account for different entity types,
sizes, and levels of sophistication.
Despite TP-Link's claims to the contrary, nothing in this Order
labels Regulatees or individual owners of Regulates as ``foreign
adversaries.'' Rather, ``foreign adversaries'' are the six specific
governments or persons identified to date by the Secretary of Commerce.
The requirements we adopt today apply when a Regulatee is ``owned by,
controlled by, or subject to the jurisdiction or direction of a foreign
adversary,'' as that term is defined elsewhere in Commission rules.
That definition addresses not just ``control'' but also when a person
or entity is subject to the ``jurisdiction or direction of a foreign
adversary.'' TP-Link fails to address the ``jurisdiction or direction''
element of the definition, including the extent to which citizens of a
foreign adversary country fall under that provision because they must
comply with that country's laws and regulations. Indeed, as the
Commission recognized specifically with respect to China, ``Chinese law
requires citizens . . . to cooperate, assist, and support Chinese
intelligence efforts wherever they are in the world.'' While the
alternatives put forth by TP-Link would provide an exception for
citizens of foreign adversary countries that hold U.S. visas, reside in
the United States, or have applications for citizenship or petitions
for permanent residency pending, none of these alternatives
[[Page 18673]]
address the fact that such citizens of foreign adversary countries
nonetheless remain subject to foreign laws. Accordingly, requiring
attestation when a Regulatee is itself a citizen of a foreign adversary
country or when such citizen possesses the power to determine, direct,
or decide important matters affecting an entity is a factual statement
regarding the association that such citizen, and hence the Regulatee,
has with a foreign adversary. As such, the rules we adopt today do not
compel speech in violation of the First Amendment. To the contrary, a
requirement to report information to the government fundamentally
differs from the typical compelled speech case, which generally
involves situations where ``the complaining speaker's own message [is]
affected by the speech it [is] forced to accommodate.'' Conversely, the
rules here require reporting of factual information to the Commission--
a Regulatee's association with a foreign adversary--to allow the
Commission to analyze potential national security risks. Additionally,
a Regulatee that attests as to Foreign Adversary Control is also
required to ``describe the nature of the foreign adversary ownership,
control, jurisdiction, or direction to which the Regulatee is
subject.'' Therefore, any Regulatee would be able to explain why such
Regulatee meets our definition of ``owned by, controlled by, or subject
to the jurisdiction or direction of a foreign adversary'' but, in the
Regulatee's view, should not be considered ``owned by, controlled by,
or subject to the jurisdiction or direction of a foreign adversary.''
Despite TP-Link's claims to the contrary, the rules we adopt today
impose only a reporting requirement. Unlike in the other decisions TP-
Link notes, our Report and Order today does not adopt any adverse
presumptions based on a Regulatee's association with a foreign
adversary. There is no message being forced by the government. Even
assuming that speech rights are implicated, our reporting requirements
are consistent with the First Amendment, as they entail disclosure of
``purely factual and uncontroversial'' information in a commercial
context and the disclosure is reasonably related to a substantial
governmental interest (ensuring information needed to assess national
security risks) which outweighs the ``minimal'' interest in not
disclosing purely factual, uncontroversial information. In the
alternative, even assuming our requirements are subject to heightened
First Amendment review, our reporting requirements satisfy this higher
standard because there is a substantial interest in knowing whether
Regulatees are associated with foreign adversaries to assess national
security risks and the requirement is not more extensive than is
necessary because the information will be collected in a manner that
balances national security concerns against the burden on regulated
entities.
We decline to adopt SentinelOne's suggestion to expand the
definition of Foreign Adversary Control to encompass more subtle forms
of foreign adversary influence such as ``commercial dependencies and
critical contractual relationships, . . . material business interests,
. . . economic coercion and strategic dependence scenarios, and . . .
intellectual property and critical supply chain dependencies.'' In the
Submarine Cable Report and Order (90 FR 48648, Oct. 27, 2025), we also
declined to include the word ``influence'' in defining the term ``owned
by, controlled by, or subject to the jurisdiction or direction of a
foreign adversary,'' and instead adopted a clearer and narrower
definition that is also ``aligned with interagency national security
regulations deriving from President Trump's Executive Order 13873,
covering the closely related matter of `Securing the Information and
Communications Technology and Services Supply Chain.' '' We recognized
``that industry has recommended and prefers clear lines and directions
rather than ambiguous and potentially capacious terminology.'' We noted
that, ``while every major global company is `subject to the influence'
of the government of the People's Republic of China, including many
prominent cable landing licensees, not all companies may be subject to
a degree of influence such that they threaten national security and law
enforcement interests.'' We reach the same conclusion here, that,
``[w]hile we wish to sweep broadly enough to cover private entities
subject to multi-faceted forms of foreign adversary control, we do not
desire or intend a scope as broad as `subject to the influence' by
itself implies.'' We also noted, however, that the Commission's rules
recognize that ``[b]ecause the issue of control inherently involves
issues of fact, it must be determined on a case-by-case basis and may
vary with the circumstances presented by each case.'' We similarly find
for purposes of the Foreign Adversary Control rules that, ``[w]hile we
include factors indicative of control in our definition of `owned by,
controlled by, or subject to the jurisdiction or direction of a foreign
adversary,' a determination of control is not limited to these
factors.'' The Commission will consider the totality of the
circumstances reflected in the record. We are confident that applying
the definition through a fact-based analysis on a case-by-case basis
will allay SentinelOne's concerns regarding specific scenarios
potentially raised by Foreign Adversary Control. We note that, while we
decline to amend the definition to include more subtle forms of
control, we nevertheless retain the authority to take action to
mitigate national security risks stemming from such forms of control
should such actions be necessary.
We also decline to ``exclude any companies headquartered in the
U.S. or an allied nation . . . who use a Chinese-incorporated
subsidiary to conduct business in China's commercial marketplace,'' as
the Center for Procurement Advocacy suggests. The Center for
Procurement Advocacy adds that we should consider exempting ``companies
that have firewalled any Chinese operations appropriately, thereby
insulating non-Chinese business operations from risk.'' As noted above,
TP link also urges the Commission to narrow this definition. Exempting
such companies from disclosure could sweep too broadly by allowing a
Regulatee to determine that a firewall is sufficient without even
disclosing a Chinese-incorporated subsidiary. This would deprive the
Commission of the information needed to assess national security risk
associated with the subsidiary, given that the multitude of domestic
businesses which have foreign adversary-incorporated subsidiaries may
have varying levels of ``firewalls'' protecting their domestic
operations from Foreign Adversary Control. Given that the purpose of
the rules is to establish a disclosure mechanism to fill gaps in the
Commission's knowledge of the forms of Foreign Adversary Control over
Covered Authorizations, we find it important to gather all relevant
information that would enable the Commission to responsibly protect
national security interests. Indeed, in contrast to the submarine cable
rules that rely on this definition, we are not today even imposing
legal restrictions on entities with Foreign Adversary Control, merely
attestation and disclosure requirements. We thus find that our case-by-
case approach to evaluating Foreign Adversary Control is well-suited to
account for risk factors presented by Chinese-incorporated subsidiaries
as well as the sufficiency of any mitigating measures such as
firewalls. Additionally, as noted above, our interest in maintaining
regulatory
[[Page 18674]]
consistency within the agency and with other Federal agencies that
administer this definition supports our decision not to adopt an
exemption for such arrangements. Of course, any entity subject to this
definition is free to petition the Commission to waive its rules as
applied to such entity ``for good cause.''
Foreign adversary and foreign adversary country. For the purposes
of our Foreign Adversary Control attestation and disclosure
requirements, we use the definition of ``foreign adversary'' that was
adopted by the Commission in the Submarine Cable Report and Order (90
FR 48648, Oct. 27, 2025). Specifically, the Commission defined
``foreign adversary'' consistent with the Department of Commerce's
rule, 15 CFR 791.2, as ``any foreign government or foreign non-
government person determined by the Secretary of Commerce, pursuant to
Executive Order 13873 of May 15, 2019, to have engaged in a long-term
pattern or serious instances of conduct significantly adverse to the
national security of the United States or security and safety of United
States persons as identified in 15 CFR 791.4.'' For the purposes of
implementing the rules we adopt today, we follow the Department of
Commerce's determination of foreign adversaries, consistent with the
Submarine Cable Report and Order (90 FR 48648, Oct. 27, 2025), which
currently includes:
(1) The People's Republic of China, including the Hong Kong Special
Administrative Region and the Macau Special Administrative Region;
(2) Republic of Cuba;
(3) Islamic Republic of Iran;
(4) Democratic People's Republic of Korea;
(5) Russian Federation; and
(6) Venezuelan politician Nicol[aacute]s Maduro.
In this Report and Order, our use of the term ``foreign adversary
country'' incorporates the meaning of the Department of Commerce's
rule, 15 CFR 791.4, which specifically identifies ``foreign governments
or foreign non-government persons'' (in lieu of ``countries'') as
``constitut[ing] foreign adversaries.'' As in the Submarine Cable
Report and Order (90 FR 48648, Oct. 27, 2025), we define ``foreign
adversary country'' to include both the foreign governments identified
as foreign adversaries in 15 CFR 791.4 and countries controlled by a
foreign adversary (including foreign nongovernment persons) identified
in 15 CFR 791.4. We find that, as with our definition of Foreign
Adversary Control, applying a definition that is already in use across
Federal agencies and previously adopted by this agency promotes
regulatory consistency and efficiency, and aligns with the policy goals
of Executive Order 13873. We agree with ITI that alignment with the
Department of Commerce's rule ``will mitigate business uncertainty that
would arise if multiple national security review programs were to make
divergent determinations as to what countries are determined as
`foreign adversaries.' '' We note that our list of foreign adversary
countries is also currently identical to the list of ``foreign
governments'' determined by the Attorney General, with the concurrence
of the Secretaries of State and Commerce, to be ``countries of
concern.''
We disagree with FDD that we should ``expand sourcing for [the]
list of `foreign adversaries' to include the Consolidated Screening
List and other designations'' such as ``the Entity List maintained by
the Bureau of Industry and Security and the 1260H List maintained by
the Department of Defense.'' As noted above, our adoption of the list
of foreign adversaries designated by the Department of Commerce for its
Information and Communications Technology and Services (ICTS) rules is
aligned with Executive Order 13873 which addresses the risks presented
by foreign adversaries' exploitation of ``vulnerabilities in
information and communications technology and services, which store and
communicate vast amounts of sensitive information, facilitate the
digital economy, and support critical infrastructure and vital
emergency services.'' The foreign governments or foreign non-government
persons identified in the Department of Commerce's rule, 15 CFR 791.4,
``have engaged in a long-term pattern or serious instances of conduct
significantly adverse to the national security of the United States or
security and safety of United States persons.'' We decline to adopt the
Entity List maintained by the Department of Commerce's Bureau of
Industry and Security, which, designates ``certain foreign persons--
including businesses, research institutions, government and private
organizations, individuals, and other types of legal persons--that are
subject to specific license requirements for the export, reexport and/
or transfer (in-country) of specified items.'' Such a list may be
unnecessarily granular with respect to ``foreign persons'' than would
be necessary or appropriate for purposes of addressing the risks of
Foreign Adversary Control associated with holders of Commission-issued
licenses and authorizations. We also decline to adopt the 1260H List
given that the inclusion of China on the Department of Commerce's ICTS
list of foreign adversaries would necessarily cover all the entities
included on the 1260H List. Most of the entities on the Entity List are
also covered under the rules we adopt today.
Establishing a Risk-Based Framework of Schedules To Classify Covered
Authorizations
We adopt rules to establish a reporting framework that
distinguishes and categorizes each Covered Authorization based on
whether the Regulatee is: (A) required to submit an attestation either
affirming or denying Foreign Adversary Control; (B) solely required to
submit an attestation affirming Foreign Adversary Control; or (C) is
not required to file an attestation in either event. We then categorize
Commission-granted licenses, leases, authorizations, permits, grants,
and other approvals onto three Schedules that assign each of these
levels of reporting requirements based on a variety of factors
including national security risk of Foreign Adversary Control and
reporting burdens. We find this approach ensures the Commission
receives the information it needs to promote national security while
minimizing burdens to entities that present minimal or no national
security risk. The complete listing of Covered Authorizations by
Schedule can be found in Appendix A, Sec. 1.80002(a) through (c).
Under this approach, we clarify that, if a Regulatee with an
attestation obligation is unsure how to respond, it must respond
``yes,'' and Commission staff will review the matter. ``No'' responses
must be definitive, and filers may not seek staff clarification in
their attestations or include materials with such responses meant to
disclose information for staff review.
Schedule A. We assign to Schedule A those Covered Authorizations
for which Regulatees must make a definitive attestation as to whether
or not they are subject to Foreign Adversary Control. We find that
Covered Authorizations in Schedule A present heightened national
security risks because any exploitation of such Regulatees through
Foreign Adversary Control could directly compromise the integrity of
the nation's communications networks. These entities typically provide
essential services upon which the entire communications ecosystem
depends. Their facilities often serve as the backbone of the nation's
communications networks, such that
[[Page 18675]]
vulnerabilities presented by even a single facility could be exploited
to cause negative impacts that cascade across multiple networks and
sectors. Because of this systemic importance, we find it necessary for
Schedule A Regulatees to provide definitive ``yes'' or ``no''
attestations, ensuring that the Commission and our national security
Federal partners receive transparent and actionable information.
Further, we considered typical entity size when making determinations
for how to classify Covered Authorizations, and those assigned to
Schedule A include some of the largest Regulatees. These larger
entities typically have larger networks and greater resources,
including the means to obtain legal or compliance advice, that would
facilitate compliance with these attestation and disclosure
requirements. Thus, we conclude Regulatees with Covered Authorizations
in Schedule A will be able to sustain the regulatory burden of
completing the attestation and disclosure requirements, and the
benefits of collecting this information outweigh the burdens.
Schedule B. We assign to Schedule B those Covered Authorizations
for which Regulatees must make a definitive attestation only if they
are subject to Foreign Adversary Control. We find that the systemic
national security risks associated with Foreign Adversary Control of
these entities is lower than for Schedule A Regulatees, but
nevertheless Schedule B Regulatees operate in markets or provide
services where knowledge of the presence of Foreign Adversary Control
would be critical to the Commission's oversight and protection of the
nation's communications networks. This tailored approach ensures that
the Commission will receive ``yes'' attestations where risk is present,
while minimizing compliance burdens where no or minimal risk exists.
Schedule C. We assign to Schedule C those Covered Authorizations
that are exempt from initially attesting as to whether or not they are
subject to Foreign Adversary Control. We exempt these Covered
Authorizations from the initial attestation requirement because we find
that likelihood of Foreign Adversary Control is limited, other
reporting obligations already provide sufficient visibility into their
ownership or control, their role in communications networks presents
minimal national security risks, or they are already subject to other
Commission regulations that adequately address the risks of Foreign
Adversary Control. Further, we find that individual or small-entity
Regulatees may pose a lesser risk to national security should they be
under Foreign Adversary Control. Therefore, the collection of this
information would be unnecessarily burdensome upon these individuals
and entities, substantially outweighing the benefits. By exempting
these Covered Authorizations, we prioritize efficiency and reduce
duplicative reporting requirements. We also note that, unless the
relevant licensing Bureau or Office has provided clarification, a
license, authorization, grant, or other Commission approval that is not
listed in Schedules A, B, or C shall apply Schedule C requirements, and
the Regulatee is exempt from initially attesting to whether they are
subject to Foreign Adversary Control.
Future Adjustments. We recognize that national security risks
associated with Foreign Adversary Control may change over time, both as
the broader national security landscape evolves and as communications
technologies, market forces, and economic realities that influence the
communications sector continue to develop. We must balance our need to
obtain a clear understanding of the presence of Foreign Adversary
Control in the communications sector with the administrability of the
information collection. Accordingly, we delegate authority to the
respective Bureau or Office issuing the Covered Authorization
(including those not addressed in this Report and Order) to modify the
list of Covered Authorizations within each Schedule to add a new
Covered Authorization, reassign an existing Covered Authorization from
one Schedule to another, or remove a Covered Authorization, subject to
the analysis described below. A Bureau or Office may make such
modifications on petition or its own motion, through notice-and-comment
rulemaking as necessary, and such modifications will be published in
the Federal Register. Prior to adopting any modifications, the Bureau
or Office will seek comment on any such modifications to the Schedules
in accordance with the requirements of the Administrative Procedure Act
(APA), and the Commission's rules. Bureaus and Offices must consider
and discuss the following factors when determining whether a
modification is warranted:
(1) National security risks. This includes assessing (i) the type
and size of Regulatee; (ii) the communications sector involved,
including supply chain dependencies; (iii) the nature and type of the
underlying infrastructure; (iv) the possibility and probability of
Foreign Adversary Control; and (v) the existence of risk-mitigating
Commission regulations;
(2) Administrability. This includes assessing (i) whether the
modification would simplify or complicate existing compliance processes
for both the Commission and Regulatees, and (ii) the feasibility of
agency review and enforcement;
(3) Burden on Regulatee. This includes evaluating (i) whether the
attestation and disclosure requirements substantially duplicate
existing reporting requirements; (ii) whether the burden would fall
disproportionately on smaller entities; and (iii) whether the license,
lease, authorization, permit, grant, or other Commission-granted
approval is similarly situated to an existing Covered Authorization and
thus should be treated similarly; and
(4) Other relevant considerations. This includes any other criteria
deemed relevant by the applicable Bureau or Office, such as whether the
attestation requirement for the Covered Authorization remains necessary
in light of technological or industry developments. When a Bureau or
Office considers whether to make adjustments to the Covered
Authorizations list or to assign a Covered Authorization to a Schedule,
these factors should be evaluated and taken in balance such that the
benefits of the reporting outweigh the burdens. Commenters agree that
it is important for the Commission to be aware of Foreign Adversary
Control in the communications sector, but disagree as to whether the
list of Covered Authorizations should be expanded or narrowed. Some
urge a broader scope to reduce opportunities for foreign adversaries to
access U.S. networks or circumvent reporting requirements. Others
believe that existing Commission disclosure processes are sufficient.
Several commenters support a balanced approach that secures necessary
information without imposing unnecessary burdens on entities that do
not pose Foreign Adversary Control risks. Commenters also emphasize the
need to account for sector-specific risk exposure so that regulatory
resources remain focused on genuine national security threats and
compliance costs do not hinder innovation or investment. We agree with
CCIA that ``[a] risk-based set of disclosure rules--requiring more
information from entities with demonstrable and significant foreign
adversary control'' provides an appropriate approach. Guided by these
considerations, we find that the framework adopted today balances the
need for the Commission's insight into
[[Page 18676]]
Foreign Adversary Control and the burdens placed on reporting entities.
Types of Licenses Required To Report
Wireless Services
We adopt our proposal to include all licenses, leases,
authorizations, permits, grants, and other approvals in the wireless
services within the scope of our Foreign Adversary Control rules, but
adopt a tailored approach to the application of the rules by
individually categorizing each license type within the three Schedules
discussed above.
Broadband-capable geographic-area wireless licenses and Commission-
certified frequency coordinators. We assign to Schedule A geographic-
area wireless licenses capable of 4G or 5G mobile broadband service.
These exclusive-use licenses cover the backbone of commercial wireless
communications networks in the United States. Foreign Adversary Control
of such licenses would therefore present a great risk to our national
security interests. We also include in this category Commission-
certified frequency coordinator certifications. Frequency coordinators
make key recommendations to the Wireless Telecommunications Bureau
regarding frequency assignments over a wide range of spectrum bands.
Given their unique role in spectrum assignments, we likewise find that
the national security risk of Foreign Adversary Control of such
Regulatees outweighs the burden of filing a Schedule A certification.
Site-based wireless licenses and geographic-area licenses not
covered by Schedule A or C, and FCC-appointed managers of third-party
registration database(s) (part 101 subpart Q). We designate on Schedule
B all site-based wireless licenses, and those geographic-area wireless
licenses that do not fall within Schedule A or C, i.e., geographic-area
licenses: (1) for services that do not have sufficient capacity to
support broadband, (2) that under our service rules may not provide
mobile service, or (3) that are not exclusive-use or are individually
licensed. These licenses and authorizations largely play localized
roles in supporting business and industry (and to a much lesser extent,
mass-market consumers) and therefore the risk of Foreign Adversary
Control over these licenses and authorizations is lower than those on
Schedule A. We also agree with National Wireless Communications
Council's (NWCC) argument that there would be administrability
challenges in applying a Schedule A attestation requirement on private,
non-common-carrier licensees. As NWCC argues, ``requiring
certifications from private and non-common carrier licensees authorized
under 47 CFR parts 22, 80, 87, 90, 95 and 96, 101 may be unduly
burdensome for the FCC, whose staff will need to review each such
certification. There are several hundred thousand such licensees,
including a large number of [public safety] entities, and the
communications networks they operate are internal to their own
organizations.''
Mandatory antenna structure registrations. Consistent with our
authority under Sections 301 and 303 of the Act, we assign to Schedule
B registrations of towers in the Antenna Structure Registration (ASR)
system pursuant to mandatory filing under 47 CFR 17.4(a). Unless such
owners also hold Commission-granted licenses or authorizations, they do
not directly access the public communications network and thus Foreign
Adversary Control over such entities would pose less of a risk to
national security. ASR owners that also hold Covered Authorizations
assigned to Schedule A shall report according to the attestation rules
applicable to that Schedule.
Other wireless licenses and authorizations. We assign to Schedule C
Amateur Radio Service licenses; voluntary antenna structure
registrations; Ship and Aircraft licenses; General Mobile Radio Service
(GMRS) licenses; Commercial Radio Operator licenses (pursuant to 47 CFR
part 13); and authorizations for individuals to operate stations by
rule in the Ship, Aircraft, and Personal Radio Services (pursuant to 47
CFR parts 80, 87, and 95).
We agree with the National Association for Amateur Radio (ARRL)
that, while there is a need to protect national security where entities
are ``engaged in commerce by providing networks, services or equipment
to the American public, where there is the possibility of sensitive
information being surreptitiously accessed.'' As ARRL notes,
``[a]mateur radio licensees not only do not sell or provide any
communications service, network, or equipment to the public, but in
fact they are prohibited from doing so by both international and
domestic law.'' The risk to national security of Foreign Adversary
Control over these licenses is minimal due to the lack of connection to
any of the nation's communications networks used by the public. We also
agree with ARRL that this reasoning applies to similar services where
licenses are held by individuals (e.g., GMRS, Commercial Radio
Operators), as well as other licenses and authorizations that lack
sufficient connection to commercial wireless communications networks in
the United States. Furthermore, the Personal Radio Services--a category
that encompasses over 1.6 million unique, mostly individual licensees--
operate in shared spectrum bands for hobbyist and safety purposes,
posing little threat to national security. Similarly, we include
antenna structure owners that voluntarily register their towers in
Schedule C because they are likely to be individuals or companies that
lack sufficient connection to commercial communications networks. Given
the sheer number of licensees and authorization holders in this group,
the drain on Commission personnel and resources to process the
collections and attestations for each individual licensee would far
outweigh the little benefit to the public or the agency of doing so.
Section 310(b) Declaratory Rulings
We adopt our proposal to include both pending and granted Section
310(b) petitions for declaratory ruling within the scope of the
attestation and disclosure rules, and place them in Schedule A. Section
310(b) of the Act provides for Commission review of foreign investment
in radio station licenses and imposes specific restrictions on who may
hold certain types of radio station licenses. Section 310(b)(3)
prohibits foreign individuals and entities from holding equity and/or
voting interests of more than 20% in a U.S. broadcast, common carrier,
or aeronautical radio station licensee. Section 310(b)(4) prohibits
foreign individuals and entities from holding equity and/or voting
interests of more than 25% in a U.S.-organized entity that directly or
indirectly controls a U.S. broadcast, common carrier, or aeronautical
en route or aeronautical fixed radio station licensee. With a prior
Commission finding that the proposed foreign ownership is in the public
interest, a foreign individual, government, or entity may hold,
directly or indirectly, more than 25% (and up to 100%) of the equity
and voting interests of a licensee's controlling U.S. parent. No
comment in the record addresses how best to receive certification and
reporting from entities holding Section 310(b) declaratory rulings. The
Commission's rules set out the specific requirements for what must be
included in the petition, which include, among other things, the
proposed aggregate foreign ownership and the citizenship for all
individuals and entities, both United States or foreign, that will hold
a direct or indirect 10% or greater equity and/or voting interest in
the
[[Page 18677]]
controlling U.S. parent of the licensee(s). In evaluating a petition
for a declaratory ruling seeking a determination that it is in the
public interest to exceed the Section 310(b)(3) and (b)(4) statutory
foreign ownership benchmarks, the Commission's public interest analysis
considers, among other things, any national security, law enforcement,
foreign policy, and trade policy concerns raised by the proposed
foreign investment. While the rules set forth ownership disclosure
requirements, those requirements do not capture the information that we
need to ascertain whether a petitioner is ``controlled by, or subject
to the jurisdiction or direction of a foreign adversary.'' Unlike the
newly adopted certification rules for applicants for submarine cable
landing licenses, the Commission's requirements for a petition for
Section 310(b) declaratory ruling do not include a certification as
whether or not a petitioner is owned by, controlled by, or subject to
the jurisdiction or direction of a foreign adversary. Foreign Adversary
Control of a Regulatee may raise similar national security risks to
critical U.S. communications infrastructure as foreign adversary
ownership. Without this up-to-date information, the Commission lacks
full visibility into the risks within our networks presented by such
Foreign Adversary Control. We thus include Section 310(b) petitions
that are pending or have been granted in Schedule A to close this
information gap and assist the Commission's review of public interest
implications of a Section 310(b) petition. We clarify that Regulatees
that hold Covered Authorizations that are assigned to Schedules B or C
and have a pending Section 310(b) petition for declaratory ruling or
are subject to a Section 310(b) declaratory ruling will instead be
required to file Schedule A attestations.
Satellite
We adopt the Commission's proposal to include space and earth
station authorizations within the scope of the attestation and
disclosure requirements and place them in Schedule A. As discussed in
the Document (90 FR 26244, June 20, 2025), the Commission requires
applicants for space and earth station authorizations, including
authorizations for U.S. market access, to submit FCC Form 312--Main
Form, which includes certain disclosures regarding reportable foreign
ownership interests in the applicant or licensee. ITI suggests the
Commission should avoid creating overlapping requirements with existing
frameworks. To avoid duplicative disclosure requirements, we decline to
incorporate the Foreign Adversary Control attestation into the current
FCC Form 312 in favor of a unified reporting approach for all
Regulatees. No commenter objected to the proposed reporting
requirements. As such, we conclude that all Regulatees submitting, or
who have submitted, FCC Form 312 or otherwise seeking or holding an
authorization under part 25 of the Commission's rules must also submit
a Foreign Adversary Control attestation, consistent with the procedures
adopted herein. We find that attestations from these Regulatees will
serve the public interest by providing more accurate and specific
information regarding Foreign Adversary Control in space and earth
station networks. Further, we determine that any burdens or overlaps in
reporting posed by these attestation and disclosure requirements are
minimal and outweighed by the necessity and benefit of disclosure and
transparency in protecting U.S. satellite networks from foreign
adversaries. The Commission's Space Modernization for the 21st Century
Notice of Proposed Rulemaking (Space Modernization Notice) (90 FR
56338, Dec. 5, 2025) adopted in October 2025 proposes to modernize and
revise the space and earth station licensing procedures under part 25
of the Commission's rules, including the foreign ownership reporting
for these applicants and licensees. We clarify that the Foreign
Adversary Control attestation and disclosure requirements adopted
herein do not affect, or conflict with, any proposed revisions or
requirements in the Space Modernization Notice (90 FR 56338, Dec. 5,
2025) and any changes to the part 25 rules or proposed part 100 rules
specific to foreign ownership reporting will be addressed in that
proceeding.
Media
Broadcast licenses and Cable Television Relay Service. We adopt our
proposal to include broadcast licenses within the scope of the
attestation and disclosure rules, and place them in either Schedule A
or Schedule B, depending on certain qualifications. Broadcast licenses
include AM, FM, Low Power FM, FM Translator, FM Booster, TV, Class A
TV, Low Power TV, and TV Translator station licenses. As explained with
respect to Section 310(b) petitions for declaratory rulings, a
broadcaster, regardless of size, that has filed a petition for
declaratory ruling or is subject to a declaratory ruling will be
assigned to Schedule A. We also assign to Schedule A broadcast and
Cable Television Relay Service (CARS) licenses held by a Regulatee (or
its affiliate) with six or more full-time employees. In calculating the
number of full-time employees, a Regulatee should include all of the
full-time employees of the Regulatee's affiliates in addition to its
own full-time employees. We assign all other broadcast and CARS
licenses to Schedule B. Historically, the Commission has exempted
broadcast licensees with five or fewer employees from rules or given
those licensees more time to comply with Commission rules, and we
believe that the same treatment is appropriate here. Consistent with
the Document (90 FR 26244, June 20, 2025), we find that the public
interest will be served by requiring larger broadcasters and those with
Foreign Adversary Control to provide more accurate information about
foreign adversary interests in accordance with the uniform initial
reporting deadline we establish in this rulemaking, rather than
postponing the filing of this information until the next license
renewal cycle. We note that the Commission has found that ``leased
airtime [is] the primary means by which foreign governmental entities
are accessing U.S. airwaves to persuade the American public without
adequately disclosing the true sponsor.'' In the case of foreign
adversary countries, however, we find that the national security risks
discussed above justify a heightened and more immediate level of
reporting with respect to lessees as well as the licensees themselves.
The attestation and disclosure rules will fill critical information
gaps regarding the Foreign Adversary Control of broadcast licensees in
a timely manner. The Commission requires all existing broadcast
licensees to certify in their renewal applications filed every eight
years that they comply with our foreign ownership requirements and in
foreign ownership petitions for declaratory ruling if the licensee will
have foreign investment that exceeds specified thresholds. Filings of
non-biennial Ownership Reports on occasion also capture station
ownership but do not specifically collect foreign ownership
information, as do applications for new station construction permits
and applications for assignment or transfer of control of a broadcast
station. The Commission also collects foreign ownership information
from broadcasters that are publicly traded companies and that have a
sudden change in ownership. Where foreign ownership does not exceed the
thresholds in Section 310, the licensee does not need to provide
anything other than a simple certification with its renewal
application. Immediate reporting will ensure that if a foreign
[[Page 18678]]
adversary takes ownership of, or exerts other forms of control over, a
licensee that provides critical information to our local communities,
we will not need to wait up to eight years to discover that fact.
Foreign adversary sponsorship. As we note in multiple contexts and
in the Document (90 FR 26244, June 20, 2025), ownership is only one of
many forms of control that a foreign adversary may exercise over a
Regulatee. As such, in the broadcast context, we consider a recipient
of an affirmative response from a foreign adversary to the required
inquiries applicable to airtime lessees under the Commission's foreign
sponsorship identification rules to be subject to a higher national
security risk comparable to Foreign Adversary Control, and require such
recipients to file foreign adversary lessee information with the
Commission. Specifically, any broadcaster that receives an affirmative
response under the Commission's foreign sponsorship identification
rules from a lessee that is a foreign adversary must file with the
Commission the information the lessee provided to the broadcaster. If
the broadcast licensee has fewer than six employees and receives an
affirmative response under the Commission's foreign sponsorship
identification rules from a lessee that is a foreign adversary but the
licensee itself does not meet the criteria for a ``yes'' attestation,
then the broadcaster will fulfill its duties under Schedule A by filing
a copy of the lessee's information with the Commission; the licensee
will not be required to attest ``no.'' Our foreign sponsorship
identification rules require radio and television stations to provide
an on-air disclosure whenever the licensee broadcasts programming that
is provided by a foreign governmental entity through a lease of time on
their stations and place additional information regarding the
disclosures and corresponding programming in the station's Online
Public Inspection File (OPIF). The Commission found these requirements
were necessary because instances of foreign government involvement in
the broadcast of programming had gone undisclosed. However, affirmative
responses are not filed with the Commission, and although lessees must
identify the country associated with a foreign governmental entity,
they are not required to state whether a reported foreign governmental
entity is also a foreign adversary. Requiring all broadcasters that
lease airtime to foreign adversaries to file foreign adversary lessee
information with the Commission will fill this information gap by
making the relevant information readily available to Commission staff
and the public, separate and apart from all of the other information
that is filed in OPIF, without unduly burdening broadcasters.
NAB raises concerns about the burden on broadcasters that the
Commission's attestation and disclosure requirements will impose. NAB
argues that the requirements we are adopting are unnecessary because
the Commission cannot point to a single instance of Foreign Adversary
Control going undetected except with respect to several Chinese state-
owned Section 214 authorizations. NAB also argues that ``mandating tens
of thousands of broadcasters and other Regulatees to conduct due
diligence and submit certifications about foreign adversary control is
merely imposing another costly layer of regulation on holders of
Covered Authorizations with no corresponding public interest benefit.
In particular, there is no point in tens of thousands of Regulatees
reporting that they lack any foreign adversary control.'' NAB adds
that, ``[g]iven the existing burdens facing broadcasters and the fact
that they already are required to conduct diligence and submit
ownership-related information to the Commission, imposing a foreign
adversary control certification would be an unjustified burden on
broadcast licensees.'' While we agree that the Commission should avoid
imposing unnecessary burdens wherever possible, we find that the
national security risk of Foreign Adversary Control over larger
broadcasters outweighs the cost of filing a Schedule A attestation. To
mitigate the burdens on smaller broadcasters, we adopt the less
burdensome Schedule B attestation requirement which enables
broadcasters with five or fewer employees to comply with attestation
and disclosure requirements only in the event of Foreign Adversary
Control. In addition, we provide an extended initial response period
for certain small broadcasters. We anticipate that many broadcasters
will qualify for this extended deadline. We discuss NAB's assessment of
costs in more detail in Section III.D below.
NAB also claims the Commission lacks authority under the
sponsorship identification rules to require broadcasters to inquire
whether a lessee is a foreign adversary or make any disclosure not
already required by those rules. NAB adds that no broadcaster that is
not leasing time to a foreign governmental entity should be required to
make any additional or different inquiries of lessees or undertake
additional ``due diligence'' to ascertain the identity of the sponsor.
NAB's statutory authority objections are not applicable to the final
rule. Our rule does not require broadcasters to obtain any new
information from lessees or undertake additional inquiries of lessees.
Rather, we require only that the broadcaster determine whether the
country named in a foreign governmental entity sponsorship ID
disclosure is one of the six foreign adversaries identified in our
rules and file a foreign adversary lessee's disclosure in the Foreign
Adversary Control System. Our rule does not require any new on-air
disclosure. A lessee's status as a foreign adversary clearly goes to
its identity and not to unrelated characteristics that are outside the
scope of the Commission's authority under Section 317 of the
Communications Act. Further, in determining whether a foreign country
named by a foreign governmental entity lessee is a ``foreign
adversary'' pursuant to the Commission rule that identifies foreign
adversaries by name, a broadcaster is not conducting ``due diligence''
to ensure that the lessee has properly reported its status; rather, the
broadcaster is applying the Commission's rule to the facts to determine
whether it must file a copy of the lessee's disclosure in the Foreign
Adversary Control System. This modest requirement is wholly
distinguishable from the judicially vacated due diligence requirement
that broadcasters must ``[i]ndependently confirm the sponsor's status,
at both the time of the lease and the time of any renewal, by checking
the Department of Justice's Foreign Agents Registration Act website and
the FCC's U.S.-based foreign media outlets reports.''
International broadcast station licenses. We adopt our proposal to
include international broadcast station (IBS) licenses within the scope
of the attestation and disclosure rules, treating them consistently
with other broadcast licenses, and place them in Schedules A and B,
depending on the number of employees of the Regulatee. We assign to
Schedule A international broadcast station licenses held by a Regulatee
(or its affiliate) with six or more employees, and assign to Schedule B
all other IBS licenses. International broadcast stations engage in
cross border communications that rely on receivers and audiences in
foreign countries, which have made them targets for control by foreign
entities. Any IBS licensee that receives an affirmative response under
the Commission's foreign sponsorship identification rules from a lessee
that is a foreign adversary must file with the
[[Page 18679]]
Commission the information the lessee provided to the broadcaster. If
the broadcast licensee has fewer than six employees and receives an
affirmative response under the Commission's foreign sponsorship
identification rules from a lessee that is a foreign adversary but the
licensee itself does not meet the criteria for a ``yes'' attestation,
then the broadcaster will fulfill its duties under Schedule A by filing
a copy of the lessee's information with the Commission; the licensee
will not be required to attest ``no.'' Consistent with the Document (90
FR 26244, June 20, 2025), we find that the public interest will be
served by requiring larger broadcasters and those with Foreign
Adversary Control to provide more accurate information about foreign
adversary interests. We received no comment adverse to adoption of this
proposal.
Section 325(c) authorizations. We adopt our proposal to include
Section 325(c) authorizations within the scope of the attestation and
disclosure rules, and place them in Schedules A and B, depending on the
number of employees of the authorization holder, as Section 325(c)
authorizations are subject to the same criteria for meeting the
programming standards component of the public interest, convenience,
and necessity requirement as domestic broadcast licensees. We assign to
Schedule A Section 325(c) authorizations held by a Regulatee (or its
affiliate) with six or more employees, and assign to Schedule B all
other Section 325(c) authorizations. Any Section 325(c) authorization
holder that receives an affirmative response under the Commission's
foreign sponsorship identification rules from a lessee that is a
foreign adversary must file with the Commission the information the
lessee provided to the authorization holder. If the Section 325(c)
authorization holder has fewer than six employees and receives an
affirmative response under the Commission's foreign sponsorship
identification rules from a lessee that is a foreign adversary but the
authorization holder itself does not meet the criteria for a ``yes''
attestation, then the authorization holder will fulfill its duties
under Schedule A by filing a copy of the lessee's information with the
Commission; the authorization holder will not be required to attest
``no.'' Consistent with the Document (90 FR 26244, June 20, 2025), we
find that the public interest will be served by requiring larger
broadcasters and those with Foreign Adversary Control to provide more
accurate information about foreign adversary interests. We received no
comment adverse to adoption of this proposal.
Submarine Cables
Submarine cable landing licenses. We adopt our proposal to include
submarine cable landing licenses within the scope of the attestation
and disclosure requirements, and place them in Schedule A. We require
all submarine cable landing licensees and applicants to certify whether
or not they are subject to Foreign Adversary Control because submarine
cables are critical to national security. Submarine cables serve as the
foundation for the global internet infrastructure and carry over 99% of
transoceanic digital communications. Submarine cables are also critical
infrastructure that historically have carried more than 95% of all
U.S.-international voice, data, and internet traffic, including
civilian and military U.S. Government traffic. In the Submarine Cable
Report and Order (90 FR 48648, Oct. 27, 2025), we took action to
protect the security, integrity, and resilience of this critical
infrastructure by adopting certain information requirements,
certification requirements, conditions, and prohibitions that will
enable the Commission to identify and mitigate foreign adversary
threats. Among other things, we adopted a new Foreign Adversary Annual
Report requirement that will enable the Commission to identify existing
cable landing licensees--whose license was or is granted prior to the
effective date of those new rules--that are owned by, controlled by, or
subject to the jurisdiction or direction of a foreign adversary.
Specifically, we adopted a new routine condition requiring a cable
landing licensee whose license was or is granted prior to the effective
date of the new rules to file a Foreign Adversary Annual Report if such
licensee meets one or more of the criteria specified therein, including
a licensee that is owned by, controlled by, or subject to the
jurisdiction or direction of a foreign adversary, as defined in Sec.
1.70001(g) of the newly adopted rules. Such licensees will be required
to file an annual report containing (1) information as required in
Sec. 1.70005(a) through (g), (i), and (m) of the newly adopted rules,
and (2) certifications as set forth under Sec. 1.70006 of the newly
adopted rules. We also adopted a new certification requirement that
will require an applicant to certify whether or not it exhibits any of
the criteria set out in a presumptive disqualifying condition,
including whether it is owned by, controlled by, or subject to the
jurisdiction or direction of a foreign adversary. While the Commission
took significant steps, the new submarine cable rules will, however,
leave a critical information gap. Importantly, while our rules require
entities that own or control 5% or greater interest in the cable system
and use the U.S. points of the cable system to become cable landing
licensees, we did not adopt a requirement that any licensee that is
subject to the Foreign Adversary Annual Report requirement provide up-
to-date ownership information, or disclose their 5% or greater interest
holders annually. While we adopted a one-time information collection
that will require cable landing licensees to provide certain
information--such as updated information about the licensed submarine
cables and licensees, information about submarine line terminal
equipment (SLTE), and information as to whether or not the licensee
currently uses any equipment or services identified on the Covered
List, or uses a third-party foreign adversary service providers--that
collection will not require licensees to provide up-to-date ownership
information. In the Submarine Cable Report and Order (90 FR 48648, Oct.
27, 2025), we considered but declined to lower the current 10%
ownership reporting threshold to 5% or greater direct or indirect
equity and/or voting interests in the applicant(s) and licensee(s).
Instead, we retained the rule for applicants to identify the 10% or
greater direct and indirect equity and/or voting interests held in the
applicants. We assessed that national security risks are best addressed
through the certifications adopted regarding whether the applicant is
owned by, controlled by, or subject to the jurisdiction or direction of
a foreign adversary. Pursuant to this Report and Order, we will apply a
5% ownership disclosure requirement to a submarine cable applicant that
is owned by, controlled by, or subject to the jurisdiction or direction
of a foreign adversary, as defined in Sec. 1.70001(g) of the newly
adopted rules, but will apply the 10% ownership threshold for all other
applicants seeking a cable landing license or modification, assignment,
transfer of control, or renewal or extension of a cable landing
license. Additionally, our rules do not require all other licensees to
attest whether or not they are subject to Foreign Adversary Control. We
assess that including cable landing licenses within the scope of the
attestation and disclosure requirements set out in Schedule A
supplements the new submarine cable rules and ensures the
[[Page 18680]]
Commission has the information necessary for the protection and
security of submarine cables.
Our action today, combined with the rules adopted in the Submarine
Cable Report and Order (90 FR 48648, Oct. 27, 2025), takes further
steps to ensure the Commission has complete information to address
foreign adversary threats to critical submarine cable infrastructure.
The Commission will receive timely notification of ownership changes
such as when a cable landing licensee becomes subject, or is no longer
subject, to Foreign Adversary Control, or where a licensee with
reportable Foreign Adversary Control has a new 5% or greater interest
holder. While a narrow subset of cable landing licensees will be
required to attest in the initial attestation requirement adopted here
and in the Foreign Adversary Annual Report as to whether or not they
are owned by, controlled by, or subject to the jurisdiction or
direction of a foreign adversary, we believe any burden of this
additional reporting is outweighed by the benefit of obtaining
accurate, consistent, and up-to-date foreign adversary ownership
information. We do not modify in this proceeding the information
content requirements for the Foreign Adversary Annual Report that are
set forth in Sec. 1.70017 of our newly adopted rules. We therefore
find that requiring submarine cable landing licensees and applicants to
submit an attestation under Schedule A will enable the Commission to
have comprehensive and accurate insight into any Foreign Adversary
Control of cable landing licenses and to verify that licensees are in
compliance with the Foreign Adversary Annual Report requirement.
Telephone and Common Carrier
Domestic Section 214 authority. We adopt our proposal to include
authorizations to provide domestic interstate telecommunications
service pursuant to Section 214 of the Act within the scope of the
attestation and disclosure rules, and place them in Schedule A. Section
214(a) prohibits any carrier from constructing, acquiring, or operating
any line, and from engaging in transmission through any such line,
without first obtaining a certificate from the Commission ``that the
present or future public convenience and necessity require or will
require the construction, or operation, or construction and operation,
of such . . . line . . . .'' The Commission has emphasized that it
takes seriously this mandate to ensure that the operation of
telecommunications carrier lines furthers the public convenience and
necessity both presently and in the future. While the Commission has
granted all telecommunications carriers blanket authority under Section
214 to provide domestic interstate services and to construct or operate
any domestic transmission line, it retains full authority to protect
the present and future public convenience and necessity and stop
abusive practices by domestic carriers, including through revocation of
such blanket authority when necessary. It is therefore imperative that
the Commission exercise its authority to review and ensure that the
public convenience and necessity continue to be served by a domestic
carrier's operations, particularly as it relates to the promotion and
protection of national security. In light of heightened threats to the
nation's telecommunications infrastructure, we find that the public
interest will be served by applying the same attestation and disclosure
requirements we adopt today for international Section 214 carriers and
others directly to carriers operating in the United States pursuant to
blanket domestic Section 214 authority. We emphasize that we are not
requiring entry certification or pre-approval for domestic interstate
carriers to construct, operate, or engage in transmission over lines of
communications. The Commission has found that blanket authority
promotes competition by removing regulatory hurdles to market entry,
and we do not change that regulatory treatment here.
No commenter disagrees with the inclusion of blanket domestic
Section 214 authorization holders within the scope of the attestation
and disclosure rules. USTelecom affirmatively supports the
requirements, while noting that it is important to minimize reporting
burdens where possible. To this end, we adopt the proposal in the
Notice (90 FR 26244, June 20, 2025) to identify carriers operating
pursuant to blanket domestic Section 214 authority through the existing
registration requirement for interstate telecommunications carriers
that is associated with the FCC Form 499-A and Sec. 64.1195 of the
Commission's rules. Section 64.1195 directs a telecommunications
carrier that will provide interstate telecommunications service to file
certain registration information on FCC Form 499-A, and states that any
telecommunications carrier already providing interstate
telecommunications service must do the same. We require domestic
interstate carriers subject to Sec. 64.1195 to comply with the foreign
adversary attestation and disclosure requirements. We do not require
them to otherwise register or provide additional identifying
information other than what they already provide through the FCC Form
499-A process prior to complying with the new requirements. We also
note that to the extent domestic wireline carriers also hold an
international Section 214 authorization, they will already be tracking
their existing ownership percentages. In addition, domestic wireline
carriers seeking authority to transfer control pursuant to Section 214
must disclose the name, address, citizenship, and principal business of
any person or entity that directly or indirectly owns 10% or more of
the equity interests and/or voting interests, or a controlling
interest, of the applicant.
Eligible Telecommunications Carriers. We adopt our proposal to
include Eligible Telecommunications Carriers (ETCs) within the scope of
our attestation and disclosure rules, and place them in Schedule A. We
explained in the Document (90 FR 26244, June 20, 2025) that while
Section 214(e) grants primary jurisdiction for ETC designations and
relinquishments to the states, where a state does not have jurisdiction
over a carrier, the Commission is able to designate ETCs under Section
214(e)(6), and all ETCs are subject to federal Universal Service Fund
rules enacted by the Commission. ETCs receiving Lifeline support and/or
high cost support are generally required to offer voice telephony
services, and we find that, like other providers operating and serving
customers in the U.S., it is necessary to ensure we can protect
communications networks and the public interest by bringing them within
the scope of the rules we adopt today. We received no comment regarding
the inclusion of ETCs within the scope of our Foreign Adversary Control
rules.
International Section 214 authorizations. We adopt our proposal to
include international Section 214 authorizations within the scope of
the attestation and disclosure rules, and place them in Schedule A. No
comment in the record addresses how best to receive attestation and
disclosure from international Section 214 authorization holders. Given
that international Section 214 authorizations are critical to national
security, we need maximum transparency about any Foreign Adversary
Control over such authorization holders. In recent years, for example,
the Commission found that significant national security and law
enforcement risks were associated with certain carriers' retention of
Section 214 where the carrier was controlled by a foreign adversary. In
the China Telecom
[[Page 18681]]
Americas Revocation Order, China Unicom Americas Revocation Order, and
Pacific Networks/ComNet Revocation Order, the Commission found, among
other things, that the significant national security and law
enforcement risks associated with those entities' retention of their
Section 214 authority ``pose a clear and imminent threat to the
security of the United States,'' including ``numerous opportunities to
access, monitor, store, disrupt, and/or misroute U.S. communications in
ways that are not authorized and that can facilitate espionage and
other activities harmful to U.S. national security and law enforcement
interests.'' In April 2023, the Commission adopted the Evolving Risks
Order that required all international Section 214 authorization holders
to respond to a one-time information collection to update the
Commission's records regarding their foreign ownership, including
foreign adversary ownership, given the Commission had incomplete and
outdated information. Our action today takes further steps to improve
the Commission's insight into threats by foreign adversary-controlled
entities to critical communications infrastructure.
We assess that applying the attestation and disclosure rules
adopted herein would address a critical gap in the Commission's
knowledge regarding Foreign Adversary Control of international Section
214 authorization holders and applicants. Although Section 63.18(h) of
the rules sets out certain ownership disclosure requirements (including
a 10% disclosure threshold) for international Section 214 applications,
those requirements do not capture whether an applicant is ``controlled
by, or subject to the jurisdiction or direction of a foreign
adversary.'' Specifically, the Commission's rules require that any
person or entity that seeks to provide U.S.-international common
carrier telecommunications service must obtain prior Commission
approval pursuant to Section 214 of the Act by filing with the
Commission an application that contains information required by Sec.
63.18 of the Commission's rules. An applicant for international Section
214 authority must identify, among other things, ``[t]he name, address,
citizenship, and principal businesses of any individual or entity that
directly or indirectly owns ten percent or more of the equity interests
and/or voting interests, or a controlling interest, of the applicant,
and the percentage of equity and/or voting interest owned by each of
those entities (to the nearest one percent).'' Applicants seeking an
assignment or transfer of control of an international Section 214
authorization are also subject to the ownership disclosure requirement
in Sec. 63.18(h) pursuant to Sec. 63.24 of the Commission's rules.
With certain exceptions, the Commission generally will refer to the
Committee for the Assessment of Foreign Participation in the U.S.
Telecommunications Services Sector (Committee) applications for
international Section 214 authorizations and applications to assign,
transfer control of, or modify such authorizations, among other things,
where the applicant has reportable foreign ownership. While the
Commission obtained updated foreign ownership information, including
foreign adversary ownership, through the one-time collection for
international Section 214 authorization holders, the information
collection was based on the requirements set forth in Sec. 63.18(h),
and thus did not collect information on whether an authorization holder
is ``controlled by, or subject to the jurisdiction or direction of a
foreign adversary'' or 5% ownership of those subject to Foreign
Adversary Control. Specifically, the Commission directed each
international Section 214 authorization holder to identify its 10% or
greater direct or indirect foreign interest holders that hold such
equity and/or voting interests (reportable foreign ownership) as of
thirty (30) days prior to the filing deadline. Pursuant to this Report
and Order, we will apply a 5% ownership disclosure requirement to an
applicant as discussed below that is owned by, controlled by, or
subject to the jurisdiction or direction of a foreign adversary, as
defined in Sec. 1.70001(g) of the newly adopted rules, but will apply
the 10% ownership threshold for all other applicants seeking an
international Section 214 authorization or modification, assignment, or
transfer of control of international Section 214 authorization.
Additionally, the ownership information provided to the Commission is
dated as of December 2023 and may not reflect current information.
Furthermore, that information collection was a one-time collection, and
the Commission has not adopted new rules in that proceeding, including
any ongoing reporting requirement. Therefore, we conclude that applying
the new attestation and disclosure requirements will fill this
information gap by providing comprehensive and up-to-date information
on whether any international Section 214 authorization holders and
applicants are subject to Foreign Adversary Control. Moreover, we find
that requiring these entities to submit an attestation under Schedule A
will enable the Commission to have comprehensive and accurate insight
into any Foreign Adversary Control of international Section 214
authorization holders. We find that international telecommunications
services subject to Section 214 of the Communications Act are critical
to national security, and therefore, maximum transparency about these
authorization holders is necessary.
VoIP direct access to numbering resources authorizations. We adopt
our proposal to include interconnected Voice over internet Protocol
(VoIP) direct access to numbering resources authorizations within the
scope of our attestation and disclosure rules, and place them in
Schedule A. The Commission's rules require interconnected VoIP
providers seeking to obtain numbering resources to comply with both the
requirements applicable to telecommunications carriers seeking to
obtain numbering resources and certain interconnected VoIP-specific
requirements for applying for, and maintaining, a Commission
authorization for direct access to numbering resources, including
providing certifications related to an applicant's technical,
managerial, and financial capacity to provide service and comply with
multiple Commission requirements. Interconnected VoIP providers with
this authorization may access North American Numbering Plan (NANP)
telephone numbers directly from the Numbering Administrators, rather
than through intermediary providers. The Commission has found that this
benefits both competition and consumers, improves responsiveness in the
number porting process, and increases visibility and accuracy of number
utilization, enabling the Commission to more effectively protect the
nation's finite numbering resources. The VoIP direct access
authorization also enhances the Commission's ability to enforce rules
governing interconnected VoIP providers, and helps stakeholders and the
Commission identify the sources of call routing, including by allowing
providers to determine more easily with whom they are exchanging
traffic. Since 2023, the Commission has also required the disclosure of
ownership and control by entities applying for the VoIP numbering
authorization, enabling greater transparency into who is seeking access
to numbering resources and whether foreign ownership is involved,
especially to the extent that it could facilitate illegal robocalling
from sources outside the United States. The
[[Page 18682]]
Commission has proposed applying these same requirements to all
existing VoIP direct access authorizations holders, in addition to
entities that have applied for the authorization since the 2023
effective date of the VoIP Direct Access Second Report and Order (88 FR
74098, Oct. 30, 2023). While interconnected VoIP providers with direct
access to numbers comply with specific rules that allow the Commission
to protect the public interest, we estimate that VoIP providers that do
not also provide telecommunications service likely do not hold any
other Commission licenses or authorizations that would require them to
make the same foreign adversary attestation and disclosures we adopt
here for all other communications providers operating in the United
States. The Commission has not addressed the regulatory classification
of interconnected VoIP service or interconnected VoIP service
providers. Like other communications providers, VoIP providers subject
to Foreign Adversary Control that directly access U.S. numbering
resources in order to provide their service could pose an unacceptable
risk to national security. We therefore find that it is in the public
interest to require interconnected VoIP direct access authorization
holders to comply with the attestation and disclosure rules we adopt
today. No commenter opposes this requirement, and we find that there
are no reasons why these providers could not comply with the
requirements in the same manner as other Covered Authorization holders.
Other
FCC auction applications. We adopt our proposal to include
applications to participate in an FCC auction within the scope of the
attestation and disclosure rules, and place them in Schedule C. We
received no comment on our proposal to include auction applications
within the scope of these rules. Generally, the Commission's auctions
are only the first part of a two-stage application and review process,
in which parties initially apply to participate in the auction and, if
successful in the bidding, subsequently apply for a spectrum license,
construction permit, or universal service support. Current Commission
regulations require all applicants to participate in any Commission
auction to certify under penalty of perjury their compliance with
Commission rules applicable to winning bidders that apply for spectrum
licenses or universal service support. Thus, any applicant to
participate in an auction that is not in compliance with those rules,
including the applicable rules regarding attestation and disclosure
with respect to foreign adversary involvement, cannot truthfully
complete an auction application consistent with the certification
requirement. Following an auction, all winning bidders will be subject
to the applicable attestation and disclosure requirements for
Commission licensees and recipients of universal service support,
protecting against the risk of foreign adversary influence.
Placing auction applications on Schedule C and waiting until
winning bidders are identified to collect additional information, if
necessary, is consistent with the Commission's long-standing approach
to auction applications, which values ease of entry at the short-form
stage. For example, auction applicants identify the existence of
agreements that subsequently may need to be disclosed but submit the
contents of any relevant agreements only at the post-auction
application stage. Pre-auction certification combined with post-auction
verification enables the Commission to expeditiously process auction
applications, through initial review and correction, to competitive
bidding, without the delay that could arise from any potential review
of additional disclosures, which might not provide any corresponding
benefit. As noted, Commission regulations already require applicants to
provide substantial information regarding ownership. By placing auction
applications on Schedule C we minimize duplicative regulation and
prioritize efficiency.
Equipment authorization certifications. With an exception for
Regulatees obtaining an Authorization under the Supplier's Declaration
of Conformity (SDoC) discussed below, we adopt our proposal to include
equipment authorization certifications within the scope of the
attestation and disclosure rules, and place them in Schedule A. We find
that requiring disclosure of Foreign Adversary Control by holders and
applicants of such certifications is necessary to minimize
vulnerabilities and strengthen national security within the
communications equipment supply chain, and ensure that the Commission
has sufficient information to address evolving national security, law
enforcement, foreign policy, and trade policy risks on a continuing
basis. Requiring applicants for equipment certification to comply with
the attestation and disclosure rules will help the Commission identify
equipment that may warrant heightened scrutiny before it is made
available for marketing, importation, and use within the United States.
This approach is consistent with our implementation of similar
information collection activities in other areas of the equipment
authorization process.
We place Covered Authorizations obtained solely under the SDoC
process in Schedule C. We agree with CCIA's and ITI's suggestion that
entities operating under the SDoC process presently ``do not pose the
same systemic risk as operators of public networks and direct-
connectivity infrastructure.'' At this time, we decline to place
equipment authorizations under the SDoC process that are designated as
high-risk within Schedule A. For devices subject to SDoC, the
responsible party must keep on file information that includes a
compliance statement that lists a U.S.-based responsible party. The
responsible party is the party responsible for the compliance of the
equipment with the applicable standards. The SDoC process is
``streamlined'' in the sense that, unlike the equipment certification
process, it does not require submission of applicable information to a
Commission-recognized telecommunication certification body. For
example, while our rules require that the equipment authorized under
the SDoC procedure must include a unique identifier the equipment is
not listed in a Commission equipment authorization database. We observe
that the format of ``unique identifier'' is at the responsible party's
discretion and has no correlation to a Commission-established FCC ID.
The Commission can specifically request that a responsible party
provide compliance documentation or device samples as necessary. The
responsible party is required to retain records on the equipment that
demonstrates compliance with the Commission's requirements for that
equipment. Id. Sec. 2.938. The Commission may request these records
and request equipment samples. The Commission already prohibits
equipment that is produced by entities identified on the Covered List
from obtaining SDoC authorization, requiring that any such equipment be
authorized under our equipment certification procedures. Thus, any
equipment authorization application determined to pose a national
security risk would already be subject to the broader Schedule A
attestation and reporting of ownership for any equipment that requires
authorization. When balanced against the burden of requiring
attestations and disclosures for every SDoC authorization, we find that
the adoption of the broader reporting requirements for equipment
authorization certifications and
[[Page 18683]]
applications combined with the existing SDoC safeguards (including
prohibiting authorization of equipment produced by entities identified
on the Covered list and requiring a responsible party located in the
United States) provides sufficient protection against the risk of
Foreign Adversary Control while preserving the streamlined nature of
the SDoC process.
Data Network Identification Codes. We adopt our proposal to include
Data Network Identification Codes (DNIC) within the scope of the
attestation and disclosure rules, and place them in Schedule A. No
comments in the record address how best to receive certification and
reporting from DNIC holders. DNICs raise important national security
considerations. The Commission assigns DNICs under International
Telecommunication Union ITU-T Recommendation X.121. The DNIC is the
central device of the international data numbering plan developed by
the International Telecommunication Union (ITU) and is intended to
identify and permit automated switching of data traffic to particular
networks. DNICs are unique numerical codes designed to provide discrete
identification of individual public data networks. The assignment of a
DNIC to a particular data network allows network switches throughout
the world to recognize that network and to direct traffic to it.
Currently, applicants seeking a DNIC must include in the application,
among other things, a network diagram showing the international nature
of the network; a description of the service(s)/application(s) for
which the DNIC will be used (e.g., voice, SMS text messaging, or other
applications); information showing that the applicant's network has the
capability to efficiently interconnect with existing public data
networks and the network also provides a capability for routing transit
traffic; and a statement explaining how allocation of the code is
necessary because alternative technical scenarios will not be
sufficient. While operators of public data networks must provide to the
Commission this information, the Commission currently does not obtain
information about their ownership or control. As a result, the
Commission does not have up-to-date information as to whether DNIC
holders are owned by, controlled by, or subject to the jurisdiction or
direction of a foreign adversary, and lacks full visibility into the
risks to U.S. critical communications infrastructure presented by such
Foreign Adversary Control. We conclude that applying Schedule A to DNIC
holders and applicants will enable the Commission to have comprehensive
and accurate insight into any Foreign Adversary Control of such
entities.
International Signaling Point Codes. We adopt our proposal to
include International Signaling Point Codes (ISPC) within the scope of
the attestation and disclosure rules, and place them in Schedule A. No
comments in the record address how best to receive certification and
reporting from ISPC holders. The Commission, as the Administrator for
the United States, assigns ISPCs for Signaling System No. 7 (SS7)
networks under International Telecommunication Union ITU-T
Recommendation Q.708. ISPCs raise important national security
considerations, as they are used at the international level for
signaling message routing and identification of signaling points
involved. The ITU-T Recommendation Q.708 defines an international
signaling point code as a ``code with a unique 14-bit format used at
the international level for [signaling] message routing and
identification of [signaling] points involved.'' Such signaling points
are within an SS7 switch. For this reason, only carriers that operate
their own switch would need a signaling point code. ISPCs are used, for
example, by international SS7 gateways as addresses for routing
domestic voice traffic to an international provider. In recent years,
the Commission found that significant national security risks were
associated with a carrier's use of an ISPC. Currently, applicants
seeking an ISPC must include in the application, among other things, a
statement regarding the nature of the use of the ISPC(s) in the
network; a network diagram that shows how the ISPC(s) will be used; a
statement regarding the signaling point manufacturer/type; and the
physical address where the ISPC(s) will be located. While applicants
must provide this information, the Commission currently does not obtain
information about their ownership or control. As a result, the
Commission does not have up-to-date information as to whether ISPC
holders are owned by, controlled by, or subject to the jurisdiction or
direction of a foreign adversary, and lacks full visibility into the
risks to U.S. critical communications infrastructure presented by such
Foreign Adversary Control. We conclude that placing ISPC holders and
applicants in Schedule A will enable the Commission to have
comprehensive and accurate insight into any Foreign Adversary Control
of such entities.
Recognized Operating Agencies. We adopt our proposal to include
recognized operating agencies and applicants within the scope of the
attestation and disclosure rules, and place them in Schedule A. No
comments in the record address how best to receive certification and
reporting from recognized operating agencies. We will require all
recognized operating agencies and applicants to certify whether or not
they are subject to Foreign Adversary Control because designation of
recognized operating agency status raises important national security
considerations. We therefore need maximum transparency about any
Foreign Adversary Control of such entities. Any party requesting
designation as a recognized operating agency within the meaning of the
International Telecommunication Convention must file a request for such
designation with the Commission. Pursuant to Sec. Sec. 1.10014(h) and
63.701 of the rules, the Commission sends a letter to the Department of
State recommending grant or denial of recognized operating agency
status. Recognized operating agencies may participate in the ITU.
Section 63.701 of the Commission's rules sets out certain ownership
disclosure requirements for such applications. Any party requesting
designation as a recognized operating agency must include in the
application, among other things, ``[a] statement of the ownership of a
non-corporate applicant, or the ownership of the stock of a corporate
applicant, including an indication whether the applicant or its stock
is owned directly or indirectly by an alien.'' Those requirements do
not capture whether an applicant is ``controlled by, or subject to the
jurisdiction or direction of a foreign adversary.'' However, control,
jurisdiction, or direction of a Regulatee by a foreign adversary would
be directly relevant to the question of whether recognized operating
agency status may present national security risks to critical U.S.
communications infrastructure. The Commission does not have up-to-date
information as to whether recognized operating agencies are owned by,
controlled by, or subject to the jurisdiction or direction of a foreign
adversary, and lacks full visibility into the risks that may be
presented by any such Foreign Adversary Control. Therefore, we conclude
that assigning recognized operating agencies and applicants to Schedule
A is necessary to enable the Commission to have comprehensive and
accurate insight into any Foreign Adversary Control of such entities
and to inform the decision whether to recommend grant or denial
[[Page 18684]]
of an applicant's request for such designation.
Telecommunications Relay Services. We adopt our proposal to include
internet-based Telecommunication Relay Services (TRS) certification
applicants and holders within the scope of the attestation and
disclosure rules and place them in Schedule A. TRS are ``telephone
transmission services that provide the ability for an individual who is
deaf, hard of hearing, deaf-blind, or who has a speech disability to
engage in communication by wire or radio . . . in a manner that is
functionally equivalent to the ability of a hearing individual who does
not have a speech disability to communicate using voice communication
services by wire or radio.'' Currently, in an application for
certification to provide internet-based TRS, applicants must include a
list of individuals or entities that hold at least a 10% equity
interest in the applicant, have the power to vote 10% or more of the
securities of the applicant, or exercise de jure or de facto control
over the applicant. In addition, proposed changes in ownership require
a new application for certification, unless the new owner is already
certified to provide internet-based TRS. We find that the public
interest will be served by requiring entities holding or seeking
certification to provide internet-based TRS to provide more complete
information about Foreign Adversary Control. No commenters disagreed
with the inclusion of internet-based TRS certification holders within
the scope of the attestation and disclosure rules. The additional
burdens to these entities are minimal and outweighed by the disclosure
benefits to ensure we can protect our communications networks from
foreign adversaries.
Attestation and Disclosure Requirements
Attestation. We adopt new attestation and disclosure requirements
for Schedule A and Schedule B Regulatees described herein, and exempt
Schedule C Regulatees from the initial attestation requirement. We
clarify that Regulatees holding a variety of Covered Authorizations
listed in different Schedules will be required to comply with the
requirements pertaining to the Schedule with more requirements. For
example, a Regulatee holding both a Schedule A and a Schedule C license
would be required to file a single Schedule A attestation covering all
licenses held. A Regulatee holding both a Schedule B license and a
Schedule C license would be required to file a single Schedule B
attestation if the Regulatee is subject to Foreign Adversary Control.
For all Regulatees holding Covered Authorizations listed in Schedule A
or that have an application for a Covered Authorization listed in
Schedule A pending before the Commission, we require an officer or
other authorized representative of the Regulatee to submit an
attestation to the Commission that it is or is not owned by, controlled
by, or subject to the jurisdiction or direction of a foreign adversary
as defined above (i.e., Foreign Adversary Control). For Regulatees
subject to Foreign Adversary Control holding Covered Authorizations
listed in Schedule B or that have an application for a Covered
Authorization listed in Schedule B pending before the Commission, we
require an officer or other authorized representative of the Regulatee
to attest affirmatively to Foreign Adversary Control. We decline to
require Schedule B Regulatees that are not subject to Foreign Adversary
Control to attest to that fact, and exempt Regulatees holding Covered
Authorizations listed in Schedule C or that have an application for a
Covered Authorization listed in Schedule C pending before the
Commission from the initial attestation requirement altogether. As
noted below, we require all entities attesting that they are subject to
Foreign Adversary Control, regardless of Schedule, to file additional
disclosures about the nature of that Foreign Adversary Control, and
additionally impose ongoing reporting requirements. Finally, we require
all Regulatees filing Foreign Adversary Control attestations to attest
to the truth and accuracy of the attestation.
We find that adopting a sliding-scale approach to the application
of our attestation and disclosure requirements, rather than a one-size-
fits-all approach as proposed in the Document (90 FR 26244, June 20,
2025), effectively promotes the Commission's goal of promoting national
security while also maximizing efficiency and reducing regulatory
burdens. This tailored approach recognizes the differing risk levels of
Foreign Adversary Control by type of authorization, and reduces
unnecessary regulatory and administrative burdens in cases where the
risk is relatively minimal. We agree with commenters that Foreign
Adversary Control over Commission-granted licenses and authorizations
does not pose the same risk to national security across all license and
authorization types, and indeed, the likelihood of Foreign Adversary
Control over certain lower risk license and authorization types is
presently slim.
We received support in the record for adopting the attestation
requirement broadly across various Commission-issued license and
authorization types. As FDD notes, ``[w]hile the FCC has targeted
select sectors for greater scrutiny, such as equipment testing
laboratories and submarine cables, these measures have not extended to
other FCC-regulated markets, leaving an opening for the [Chinese
Communist Party] to expand its influence.'' By broadening the scope of
our Foreign Adversary Control attestation requirements to reach a
variety of license and authorization types, the Commission ``will
streamline efforts to prevent China and other foreign adversaries from
accessing the nation's telecommunications network, while preventing
states, entities, and individuals from circumventing reporting
requirements.''
Sliding-scale approach. While we received assurance from some
commenters that complying with an attestation requirement applicable to
all Commission-issued licenses and authorizations would be feasible, we
received a fair number of comments that argue for a more nuanced and
targeted approach. For example, CCIA, ITI, and NAB all advocate for
``limit[ing] certification requirements to entities with actual or
reportable foreign adversary ownership or control'' to avoid imposing
an ``undue burden, especially on entities with no nexus to national
security concerns.'' As described in Section III.A.3, a variety of
Regulatee stakeholders raise concerns that certain licenses and
authorizations have little to no likelihood of Foreign Adversary
Control, or that the risk to national security of Foreign Adversary
Control of such licenses and authorizations is extremely limited. We
recognize these concerns and thus adopt a more tailored approach to the
attestation requirement by categorizing licenses and authorizations
into three Schedules. We find that such a sliding-scale approach will
reduce burdens on Regulatees whose potential Foreign Adversary Control
poses less of a threat to national security, while preserving enhanced
attestation and disclosure requirements for Regulatees where the threat
is greater. We thus adopt our proposal to require Regulatees holding
licenses and authorizations that would confer rights and privileges
that would present a sizeable risk to national security should they be
controlled by a foreign adversary to file ``yes'' or ``no''
attestations, and impose less burdensome requirements on Regulatees
holding licenses and authorizations where such risk is lower. FDD also
argues that requiring filers to make
[[Page 18685]]
either a positive or negative attestation ``will be effective in
building out a more comprehensive registry while also allowing for
potential prosecution of claimants found to be falsifying
submissions.'' We have also considered the balance of risks and burdens
in structuring the reporting categories.
Exemptions. We exempt holders of Schedule C licenses or
authorizations from the initial Foreign Adversary Control attestation
requirement. As noted in Section III.A.2, Foreign Adversary Control
over Schedule C licenses and authorizations is less likely, poses a
less critical risk to national security, or poses a risk that is
already mitigated by other Commission regulations, or the
administrability burdens of requiring attestations from such entities
substantially outweigh any transparency benefits. Nevertheless, as
noted above, we require all Regulatees attesting to Foreign Adversary
Control to provide the additional disclosures described in this
Section.
We also exempt federally recognized Tribal Nations and businesses
controlled by federally recognized Tribal Nations from the attestation
and disclosure requirements adopted by this Report and Order. Federally
recognized Tribal Nations are sovereign, domestic dependent nations,
and the Commission through its long-standing policy statement
recognizes a unique government-to-government relationship with them. We
also exempt state and local governmental licensees from our attestation
and disclosure requirements, given that, by definition, these entities
cannot be foreign adversaries or subject to Foreign Adversary Control.
For example, wireless licensees that identify as ``Governmental
Entities, Tribal Nations, or Businesses controlled by Tribal Nations''
in response to FCC Form 601, Question 14, are exempt for purposes of
Foreign Adversary Control reporting. Governmental licensees should be
aware of the restrictions on the procurement and use of certain covered
telecommunications equipment as a result of the John S. McCain National
Defense Authorization Act of 2019 and subsequent legislation. In
compliance with the FY 2019 National Defense Authorization Act,
governmental agencies may not procure, obtain, extend, renew, or enter
into a contract with certain covered telecommunications providers. The
Commission maintains the list of communications equipment and services
deemed threats to U.S. national security.
We decline to adopt any further exemptions at this time. CCIA and
ITI request that we avoid imposing duplicative obligations on
Regulatees that are already subject to mitigation agreements entered
into with the Executive Branch agencies and with which compliance is a
conditions of the license and/or authorization. The Commission, in its
discretion, may refer applications, petitions, and other filings to the
Executive Branch for review for national security, law enforcement,
foreign policy, and/or trade policy concerns. The Commission will
generally refer to the Executive Branch applications filed for an
international Section 214 authorization and submarine cable landing
license as well as an application to assign, transfer control of, or
modify those authorizations and licenses where the applicant has
reportable foreign ownership and petitions for Section 310(b) foreign
ownership rulings for broadcast, common carrier wireless, and common
carrier satellite earth station licenses pursuant to Sec. Sec. 1.767,
63.18, 63.24, and 1.5000 through 1.5004 of the rules. The Executive
Branch agencies are either Members of or Advisors to the Committee
created pursuant to Executive Order 13913. The Department of Justice
(DOJ), Department of Homeland Security (DHS), and the Department of
Defense (DOD) also are known informally as ``Team Telecom.'' We find
that the approach we adopt is sufficiently tailored to remove concerns
of duplicative reporting, and thus decline to adopt a blanket exemption
for such Regulatees. Existing mitigation agreements contain specific
and varying commitments for each Regulatee, including with respect to
reporting obligations. While recent mitigation agreements may require
reporting of certain ownership information to relevant national
security agencies, for example, such reporting obligations are not
necessarily tailored to capture multi-faceted forms of Foreign
Adversary Control, or whether and to what extent a Regulatee currently
is or becomes subject to Foreign Adversary Control, such as the
standard we apply to the attestation and disclosure requirements
herein. We also note generally that the framework we establish by this
Report and Order solely involves reporting requirements, and does not
prohibit or limit the actual granting of Covered Authorizations.
Additional disclosures. We require any Schedule A, B, or C
Regulatee that attests it is owned by, controlled by, or subject to the
jurisdiction or direction of a foreign adversary to further disclose to
the Commission all 5% or greater direct or indirect equity and/or
voting interests held in the Regulatee, as well as several other
disclosures. Specifically, a Schedule A, B, or C Regulatee that attests
it is owned by, controlled by, or subject to the jurisdiction or
direction of a foreign adversary, must:
(1) identify its 5% or greater direct or indirect equity and/or
voting interest holders and controlling interest holders, and include
an ownership diagram that illustrates the Regulatee's vertical
ownership structure, specifically--
(a) for each reported natural person interest holder of a direct or
indirect interest of 5% or greater, or a controlling interest, disclose
name; address; the country or countries of citizenship; principal
business(es); the percentage of equity and/or voting interest or a
description (including any percentage) of the controlling interest,
held directly or indirectly in the Regulatee; and
(b) for each reported entity (including a government entity)
interest holder of a direct or indirect interest of 5% or greater, or a
controlling interest, disclose name; address; the country under the
laws of which the entity is organized and the country of the principal
place of business and headquarters; type of entity and principal
business(es); the percentage of equity and/or voting interest or a
description (including any percentage) of the controlling interest,
held directly or indirectly in the Regulatee;
(2) identify the foreign adversary or foreign adversary country or
countries the Regulatee is owned by, controlled by, or subject to the
jurisdiction or direction of;
(3) describe the nature of the foreign adversary ownership,
control, jurisdiction, or direction to which the Regulatee is subject;
and
(4) attest to the truth and accuracy of all information.
Specifically, we require that disclosure of ownership information
must include the equity and voting interests and controlling interests
as calculated through use of the requirements set out in Sec. 63.18(h)
of the Commission's rules. Equity interests that are held by an
individual or entity indirectly through one or more intervening
entities shall be calculated by successive multiplication of the equity
percentages for each link in the vertical ownership chain, regardless
of whether any particular link in the chain represents a controlling
interest in the company positioned in the next lower tier. Voting
interests that are held through one or more intervening entities shall
be calculated by successive multiplication of the voting percentages
for each link in the vertical ownership chain, except that wherever the
voting interest for any link in the chain is equal
[[Page 18686]]
to or exceeds 50% or represents actual control, it shall be treated as
if it were a 100% interest. We find that applying a uniform methodology
based on rules that currently apply to certain Regulatees will ensure
consistency of information, provide clarity to Regulatees complying
with the new attestation and disclosure requirements, and promote
administrative efficiency. We also require that the Regulatee include
an ownership diagram consistent with the requirements set out in Sec.
63.18(h) of the Commission's rules. Specifically, the ownership diagram
shall illustrate its vertical ownership structure, including the direct
and indirect equity and/or voting interests held by the individuals and
entities identified pursuant to this disclosure requirement. Every such
individual or entity with equity and/or voting interests shall be
depicted and all controlling interests must be identified. If an
individual or entity submits an attestation and additional disclosures
as part of an application for a transfer of control or assignment, as
discussed below, the ownership diagram shall include both the pre-
transaction and post-transaction ownership of the Regulatee. Consistent
with rules governing receiving approval of foreign ownership in
broadcast, common carrier, aeronautical en route, and aeronautical
fixed radio station licensees and common carrier spectrum lessees, to
the extent that a Regulatee subject to this additional reporting
requirement is an eligible U.S. public company, as that term is defined
in Sec. 1.5000(e) of the Commission's rules, we adopt the same
standard as is found in that Section governing what information the
company shall use in identifying its 5% or greater direct or indirect
interest holders, the citizenship(s) or place of organization of
disclosable interest holders, and other information required by our
Foreign Adversary Control rules. As USTelecom notes, ``[g]iven that a
publicly traded company's stock is purchased on the open market, when
that company will know about a new shareholder may vary considerably.''
We find that application of this preexisting standard for publicly
traded companies will result in regulatory consistency and reduced
burdens for such entities.
We affirm our tentative conclusion in the Document (90 FR 26244,
June 20, 2025) that limiting our attestation requirements to require
information about Foreign Adversary Control, as opposed to foreign
control more broadly, and limiting the reporting obligations to
Regulatees that have Foreign Adversary Control will minimize the
compliance burden on Regulatees. We also affirm our tentative
conclusion in the Document (90 FR 26244, June 20, 2025) that a 5% or
greater direct or indirect equity and/or voting interest threshold is
reasonable given that the requirement to file such disclosures is
limited to Regulatees with reportable Foreign Adversary Control and
because a higher reporting threshold may not fully capture national
security risks presented by foreign ownership, particularly when there
is Foreign Adversary Control. We received support both for adopting
these additional reporting requirements, and for adopting a 5%
disclosure threshold. We find that this disclosure threshold is
consistent with similar Commission regulations, and thus ``would
promote regulatory clarity, reduce compliance costs for low-risk
entities, and allow the Commission to concentrate its resources on
high-risk ownership structures that genuinely run the risk of
compromising U.S. communications infrastructure.''
We decline suggestions in the record to require disclosures beyond
what we adopt today. The Coalition for a Prosperous America suggests
that we require manufacturers of high-wattage connected appliances ``to
explicitly disclose detailed information about foreign adversary
ownership or control,'' and to ``prominently communicate, in consumer-
facing privacy policies and at the point-of-sale, the precise nature
and extent of data collection, storage, and any potential access or
usage by foreign governments.'' Whirlpool submits similar suggestions.
The purpose of this proceeding is limited to gathering information
about Foreign Adversary Control over Covered Authorizations for the use
of the Commission and disclosure to the public, so we decline to expand
it at this stage to include the data-handling practices of Regulatees.
Because this information will be available to the public through
Commission databases, we decline to require point-of-sale or similar
additional disclosures. We find that the benefit such disclosures would
provide to consumers is outweighed by the complexity that would burden
not only manufacturers but also distributors, resellers, and others in
the supply chain resulting from ownership changes that could occur too
frequently to ensure consistent accuracy.
We also decline the similar suggestions raised by SentinelOne and
Michael Ravnitsky to establish a ``verification framework'' of
submitted attestations, or conduct ``mandatory screening of all FCC
licensees and regulated entities, irrespective of their self-reported
foreign ties.'' As discussed in Section III.C.4 below, we delegate
authority to the Licensing Bureaus and Offices and the Enforcement
Bureau, to conduct investigations into potential false attestations,
and to initiate revocation proceedings with respect to any Covered
Authorizations held by a wrongdoer. In multiple contexts, instead of
independently validating filings as they are submitted, the Commission
has opted to rely on an investigation and enforcement process should
the Commission later discover a deficiency. For example, in the
interconnected Voice over internet Protocol (VoIP) direct access
authorization application process, the Commission delegated to both the
Wireline Competition Bureau and the Enforcement Bureau the authority to
revoke authorizations should either Bureau later discover a rule
violation or a false statement, among other conditions. Similarly, in
the context of Robocall Mitigation Database certifications by voice
service providers, gateway providers, and non-gateway intermediate
providers, the Commission pursues enforcement action after conducting
investigations into apparent violations of the Robocall Mitigation
Database rules. While we expect that our adoption of post-filing
investigation and enforcement mechanisms will sufficiently deter bad
actors from submitting false or deficient attestations, we reserve the
ability in the future to adopt additional information disclosures and
enforcement mechanisms as necessary to achieve our national security
goals. As noted below, we direct the Licensing Bureaus and Offices to
review the filings submitted and promptly compile a list of Regulatees
in Schedule A that failed to file, and identify those entities subject
to Schedules A and B that filed after the deadline. We also delegate to
the Licensing Bureaus and Offices authority to contact filers for
additional information and make preliminary assessments regarding the
willfulness of a deficiency.
Applicability. After the deadline for initial attestations, and on
an ongoing basis, we require a new attestation, and if affirmative,
additional disclosures, by:
(1) any Regulatee holding a Covered Authorization designated in
Schedule A or B, regardless of whether it has already filed an
attestation;
(a) within 30 days of the Regulatee becoming subject to Foreign
Adversary Control, to the extent such change does not require
Commission approval; or
(b) within 60 days, or for small entities within 120 days, of the
effective date of an addition to the Department of
[[Page 18687]]
Commerce's list of foreign adversaries in 15 CFR 791.4 of a foreign
government or foreign non-government person that has Foreign Adversary
Control over the Regulatee;
(2) any Regulatee of a Covered Authorization newly designated in
Schedule A regardless of whether it has already filed an attestation,
within 30 days of the effective date of a public notice announcing the
designation;
(3) a Schedule A or B Regulatee that is subject to Foreign
Adversary Control, or any Regulatee whose last attestation was
affirmative;
(a) upon application for any new Covered Authorization;
(b) upon application for an assignment, except a pro forma
assignment, of any Covered Authorization held by the Regulatee;
(c) upon application for a renewal of any Covered Authorization;
(d) upon application for a modification of any Covered
Authorization;
(e) within 30 days of any changes to 5% or greater direct or
indirect equity and/or voting interests, or controlling interests, held
in the Regulatee; or
(f) within 30 days of the effective date of a public notice
designating a Covered Authorization held by the Regulatee in Schedule
B;
(4) any entity regardless of Foreign Adversary Control;
(a) upon application for the entity's initial Covered Authorization
designated in Schedule A; or
(b) upon application for the entity to be the transferee or
assignee of its initial Covered Authorization designated in Schedule A,
except in the case of a pro forma transfer of control or assignment;
(5) any entity that is subject to Foreign Adversary Control;
(a) upon application for the entity's initial Covered Authorization
designated in Schedule B;
(b) upon application for the entity to be the transferee or
assignee of its initial Covered Authorization designated in Schedule B,
except in the case of a pro forma transfer of control or assignment; or
(c) upon application for modification of a Covered Authorization
designated in Schedule A or B that would cause the entity to be a
licensee or lessee of the Covered Authorization; and
(6) any Regulatee whose last attestation was affirmative within 30
days of its determination that it is no longer subject to Foreign
Adversary Control.
We adopt these ongoing requirements to file new attestations based
on delineated circumstances, rather than in a generally applicable
annual attestation, to tailor the filing requirements to those
Regulatees whose Foreign Adversary Control would present the greatest
risk. This tailored approach thereby reduces burdens on the large
number of Regulatees which hold Covered Authorizations presenting lower
risks and either are not subject to Foreign Adversary Control or are
already subject to other Commission regulations that adequately address
the risks of any Foreign Adversary Control. We received support for
requiring Regulatees to report changes as they arise, rather than in an
annual attestation. We agree with SentinelOne that, by requiring a new
attestation in the event of material changes, we will ensure ``real-
time accuracy'' as to the extent of Foreign Adversary Control over
Regulatees.
Implementation Considerations
In this section, we amend the Commission's rules to create a new
subpart setting forth the attestation and disclosure requirements.
Next, we adopt our proposal to create a single, consolidated reporting
system, and establish a general deadline for reporting, with an
exception for small entities. We then establish a streamlined
revocation procedure, applicable where consistent with existing
statutory requirements, and discuss enforcement mechanisms. Finally, we
adopt our proposal to publish the data and address privacy
considerations.
Rule Updates
We amend part 1 of the Commission's rules to establish a new
subpart GG, where we adopt the rules detailed in this Report and Order.
Part 1 of the Commission's rules contains other rules related to
foreign ownership, such as Subpart DD, Secure and Trusted
Communications Networks. We did not receive any comment in response to
proposals in the Document (90 FR 26244, June 20, 2025) on this issue.
We find that consolidating all new Foreign Adversary Control
attestation and disclosure rules in a single subpart will promote
clarity and administrative efficiency, and facilitate a Regulatee's
ability to readily identify the rules that are applicable to their
various licenses and authorizations. We conclude that incorporating
these rules into existing licensing rules with respect to applications,
transfers of control, and assignments would reduce ease of
searchability, result in unnecessary redundancy across the Commission's
rules, and potentially create inconsistencies across Covered
Authorizations.
Method of Collection
We adopt our proposal to establish a single, consolidated reporting
system, which we designate as the Foreign Adversary Control System
(FACS). We require all Regulatees with a reporting obligation to make
their attestations and submit any further required information within
the FACS. We affirm our conclusion in the Document (90 FR 26244, June
20, 2025) that collecting all required information in a single,
consolidated system ``would allow entities and individuals to enter
their Foreign Adversary Control information once covering all of their
existing Covered Authorizations.'' We agree with USTelecom on the
importance of streamlining the process to the extent possible, and find
that centralizing attestations and disclosures into a single system
will minimize duplicative and burdensome requirements to file
information regarding Foreign Adversary Control across multiple systems
and platforms. In addition, this approach will enhance the accuracy and
reliability of the data by minimizing the potential for filing
inconsistencies across disparate systems. Generally, the reporting
requirements of this collection will provide the Commission greater
insight into Regulatee's Foreign Adversary Control, where applicable,
compared to what is currently collected. However, we note that the
Commission collects ownership information associated with applications
involving certain Covered Authorizations in existing Commission
systems. In the limited instances where the burden may be duplicative,
we find it reasonable to require Regulatees with Covered Authorizations
to comply with the attestation and reporting requirements using the
FACS because it facilitates compliance, helping to ensure that all
necessary information is collected in a standardized format. Given the
expense associated with making modifications to existing systems, we do
not expect Bureaus and Offices to make changes to existing systems in
response to this Report and Order, except where necessary to enable the
operation of the FACS. However, Bureaus and Offices should take into
consideration the information collected in the FACS when making
modifications to existing systems for other reasons.
We delegate authority to the Office of Economics and Analytics
(OEA) and the Public Safety and Homeland Security Bureau (PSHSB), in
consultation with the relevant licensing Bureaus and Offices and the
Office of the Managing Director, to determine all aspects of the
design, development, implementation,
[[Page 18688]]
and ongoing operations of the FACS, consistent with the direction and
objectives of this Report and Order. We also delegate to the Licensing
Bureaus and Offices, to OEA, and to the Office of the Managing Director
authority to conduct a rulemaking proceeding to determine whether a fee
must be assessed for the filing of attestations and disclosures, and if
so, the fee amount. Section 8(c) of the Act requires the Commission to,
by rule, amend the application fee schedule if the Commission
determines that the schedule requires amendment so that: (1) such fees
reflect increases or decreases in the costs of processing applications
at the Commission or (2) such schedule reflects the consolidation or
addition of new categories of applications. Section 8(c) of the Act
does not mandate a timeframe for making any such amendments under
Section 8(c). The Commission previously explained that when the
application fee schedule may require an amendment pursuant to Section
8(c), the Commission will initiate a rulemaking to seek comment on any
proposed amendment(s) to the application fee schedule. Upon the launch
of the FACS, we direct OEA and PSHSB to publish a notice that details
the attestations required for the holders of licenses listed in each
Schedule and instructions for how such Regulatees should submit such
information for their Covered Authorizations. We also delegate to OEA
and PSHSB, and the relevant Licensing Bureaus and Offices authority to
provide rule clarifications or further guidance with respect to the use
of the FACS, including amendments to the Code of Federal Regulations to
reflect the filing method and deadlines. The delegations in this
paragraph include authority to use notice-and-comment procedures if OEA
and the relevant Licensing Bureaus and Offices deem it necessary or
advisable to do so.
All Regulatees with Covered Authorizations subject to the
attestation and disclosure requirements must submit the required
information via the FACS. Use of the FACS satisfies only the
requirements of Subpart GG. Covered Authorizations that do not have a
separate licensing system must also use the FACS to submit attestations
and any required disclosures. Entities that file registration
information on FCC Form 499-A indicating that they provide interstate
telecommunications service shall submit attestations as holders of
blanket domestic Section 214 authorizations. Similarly, interconnected
VoIP direct access authorization holders must also file through the
FACS. By requiring blanket domestic Section 214 authorization holders
and interconnected VoIP direct access authorization holders to submit
attestations, we close potential gaps in the Commission's oversight.
Training and outreach. We direct OEA and PSHSB, along with the
relevant Licensing Bureaus and Offices, in consultation with the
Consumer and Governmental Affairs Bureau, to conduct outreach and
training regarding the FACS and the requirements for filing. NAB
recommends that the outreach and training efforts ``should include
contacting licensees at . . . addresses on file with the Commission,
holding at least one webinar, . . . highlighting the new requirements .
. . [on] the Commission's website and social media sites'' and
notifying member and industry organizations of the new requirements.
Although NAB expressed specific concern for broadcast licensees, we
find that a broad outreach campaign is warranted to ensure that
Regulatees understand the reporting requirements and will enhance
compliance rates and the quality of the information collected.
Deadline
General rule. We establish a filing deadline of 60 days after the
public notice announcing the launch of the FACS. Regulatees holding
Covered Authorizations or that have an application for a Covered
Authorization pending before the Commission must file Foreign Adversary
Control information as of the date of the beginning of the 60-day
period. For example, if the rules become effective on May 1 and the
public notice is released on June 1, the deadline to submit
attestations and any additional required information would be July 31.
In this example, Regulatees must submit their Foreign Adversary Control
status as of June 1 by the deadline of July 31. We find that a 60-day
deadline as a general rule appropriately balances the importance of the
Commission obtaining information about foreign adversary risks in the
communications sector in a timely manner with the need for Regulatees
to have adequate time to complete their attestations and provide any
further required information.
In the Document (90 FR 26244, June 20, 2025), we proposed to
require Regulatees to complete the required attestation and
disclosures, as applicable, ``within a 60-day window from the effective
date of the information collection based on Foreign Adversary Control
information as of 30 days prior to the filing deadline.'' Commenters
express concerns that a 60-day reporting window and 30-day lookback
period ``do not provide sufficient time'' for Regulatees to comply. We
reject Michael Schafer's contention that, because the Commission
``knows the location of the Foreign Adversary (FA) labs and
[telecommunications certification bodies (TCBs)],'' we need not give
Regulatees any time to file attestations. As noted above, this
rulemaking fills gaps in the Commission's knowledge regarding a much
broader swath of Covered Authorizations than merely equipment
authorizations and TCBs. Additionally, giving Regulatees time to file
enables them to make accurate attestations after conducting an
appropriate investigation into Foreign Adversary Control. Both CCIA and
ITI recommend extending the reporting window to 120 days, ``allowing
certifications based on ownership information as of 30 days before
filing . . . .'' We understand CCIA and ITI's concerns, and so rather
than adopt a 60-day deadline with a 30-day lookback period (which
effectively gives Regulatees 30 days to file), we require Regulatees to
attest to Foreign Adversary Control as of the start of the 60-day
period. For example, under the approach proposed in the Document (90 FR
26244, June 20, 2025), with an effective date of May 1, Regulatees
would have been required to submit their Foreign Adversary Control
information as of May 31 by June 30--effectively leaving only 30 days
for Regulatees to gather and submit the information. We find that this
effectively doubled filing period will be adequate for most Regulatees.
For small-entity Regulatees which typically have fewer resources, we
adopt an extended deadline of 120 days, as described below. To the
extent a Regulatee is unable to comply with the deadline, the Regulatee
may file a waiver request to be reviewed under the Commission's good
cause standard.
Small entity exception. For small entities, as defined below, we
establish a filing deadline of 120 days after the public notice
announcing the launch of the FACS. Regulatees meeting the definition of
a small entity must file information based on the Foreign Adversary
Control status as of the date of the beginning of the 120-day period.
For example, if the rules became effective May 1 and the public notice
was released June 1, the deadline for small entities to submit
attestations and any additional required information would be September
29. In this example, Regulatees must submit their
[[Page 18689]]
Foreign Adversary Control status as of June 1 by the September 29
deadline.
Consistent with the Commission's longstanding use of the North
American Industry Classification System (NAICS) and the Small Business
Administration (SBA) small business size standards in the rulemaking
context, we apply the same standards in this proceeding. If a Regulatee
meets the definition of a small business for the purposes of the
Regulatory Flexibility Act of 1980, the Regulatee is subject to the
120-day filing deadline. While we make distinctions based on the size
of certain Regulatees for the purposes of applying different
attestation requirements, these distinctions are based on specific
policy considerations concerning whether and what attestations such
Regulatees should file. For the purposes of the filing deadline, we
apply the same definition of small entity across all Regulatees by
using the standards set forth by the NAICS and SBA. To determine the
applicable filing deadline, a Regulatee should first determine which
Schedule applies to its Covered Authorization, and then determine
whether it falls under the SBA's small business size standard. We
clarify that the small entity exception applies to Regulatees that are
individuals subject to attestation and disclosure requirements under
Schedule A or B. Given that the Covered Authorizations cut across the
communications sector, we find this approach ensures consistency across
Commission actions and minimizes burden as small entity Regulatees that
are likely already familiar with these standards.
As noted, commenters highlight the potential challenges Regulatees
may face in complying with the attestation and disclosure requirements.
ITI explains that ``collecting ownership information can be time-
consuming, and delays in responses from interest holders are common.''
We recognize that small entities have fewer resources and may need
additional time to comply with the attestation and disclosure
requirements. In light of these considerations, we find it appropriate
to provide an extended deadline to small entities.
Administration. We delegate to OEA and PSHSB, in consultation with
the relevant Licensing Bureaus and Offices, authority to extend these
deadlines as appropriate. This delegation includes authority to use
notice-and-comment procedures if OEA and PSHSB deem it necessary or
advisable to do so. We recognize that the deadlines established here
may overlap with the period during which Regulatees apply for, or
receive approval of, certain Covered Authorizations. Thus, we encourage
Regulatees to submit any required attestations or disclosures prior to
the applicable deadline.
Enforcement and Revocation
Enforcement. The reporting requirements we adopt today aim to
protect U.S. communications networks from entities with ties to foreign
adversaries. Equally important, we adopt enforcement mechanisms that
will allow the Commission to identify and address Foreign Adversary
Control of Regulatees with Covered Authorizations. In appropriate
cases, the Commission may take enforcement actions against Regulatees,
such as issuing citations, imposing monetary penalties, or more serious
actions that result in license or authorization revocations.
Enforcement actions will take into account several non-exhaustive
factors, such as national security risk, potential harm to the public,
and any effect on downstream providers. The Commission may consider
other factors that the Regulatee presents when determining an
appropriate enforcement action.
Late and Nonresponsive Filers. Regulatees must submit their
attestation and disclosure requirements by the initial filing deadline
adopted in this Report and Order. Following that deadline, we direct
the relevant Licensing Bureaus and Offices to promptly compile a list
of Regulatees in Schedule A that failed to file the required
attestation by the deadline or filed attestations after the deadline.
The Licensing Bureaus and Offices will refer these Regulatees to the
Enforcement Bureau for possible enforcement action. The Licensing
Bureau or Office and/or the Enforcement Bureau, consistent with the
process described below, may initiate a revocation proceeding against
Regulatees that fail to file the required attestation by the deadline.
Section 503(b) of the Act authorizes the Commission to impose a
forfeiture against any entity that ``willfully or repeatedly fail[s] to
comply with any of the provisions of [the Act] or of any rule,
regulation, or order issued by the Commission[.]'' The maximum amount
varies by type of entity. The penalty for failing to file or filing
late or inaccurate imposed may be up to the maximum permitted by the
Commission's rules.
Incomplete or Inaccurate Responses. Following the receipt of an
attestation required under our new rules, the Licensing Bureau or
Office may refer the Regulatee's attestation to the Enforcement Bureau
for further investigation where it appears that an attestation may be
incomplete or inaccurate. Before referring a matter to the Enforcement
Bureau for further investigation, the Licensing Bureau or Office may
seek additional information to remedy completeness and accuracy issues
present in the initial filing. The Enforcement Bureau, in coordination
with other staff as necessary or desirable, may pursue revocation,
monetary sanctions, or any other appropriate enforcement actions.
Revocation. To the extent consistent with applicable law, we adopt
a streamlined revocation or reclamation procedure for Regulatees that
is similar to the revocation procedure for TCBs and test labs. These
streamlined procedures consist of an informal, written process with
abbreviated time to reply, except where the Communications Act requires
otherwise. We delegate to the Enforcement Bureau and the Licensing
Bureaus and Offices authority to use additional procedures if
necessary. In cases of false attestation of no Foreign Adversary
Control or failure to timely, accurately, or completely respond to the
attestation and disclosure requirements, we direct the Enforcement
Bureau and the Licensing Bureaus and Offices to coordinate prior to
initiating enforcement or revocation actions against a Regulatee with a
deficient filing.
The streamlined revocation procedure will consist of three steps:
(1) Notice of Deficiency and Opportunity to Respond (except in the case
of willfulness or those in which public health, interest, or safety
requires otherwise, in which we case we may proceed directly to step
two); (2) Order to Show Cause; and (3) Order on Revocation. This
process will provide Regulatees with ample notice and opportunity to be
heard before any enforcement action is adopted. The Licensing Bureaus
and Offices and/or the Enforcement Bureau will follow prescribed steps
when initiating an enforcement action, including revocation. As
applicable, those steps will include processes prescribed by the
Communications Act.
Step 1: Notice of Deficiency and Opportunity to Respond. Where the
Licensing Bureau or Office and/or Enforcement Bureau determine that a
Regulatee has violated the reporting requirements or assesses that
Foreign Adversary Control of the Covered Authorization may pose an
unacceptable risk to national security, it will notify the Regulatee of
the apparent deficiency or national security risk, consistent with
Section 1.89 of the Commission's rules, citing the FACS reporting
requirement and providing 30
[[Page 18690]]
days to come into compliance or otherwise respond to the notice before
a Bureau or Office takes further action. We clarify that 47 CFR 1.89
applies to the streamlined process but our 30-day response period
constitutes ``such other period as may be specified'' for purposes of
that rule. In the event the Commission does not have any or updated
information about a Regulatees mailing address for service of process,
47 U.S.C. 413 states that the requirement may be satisfied ``by posting
such notice, process, order, requirement, or decision in the office of
the secretary of the Commission.''
Where the Licensing Bureau or Office and/or the Enforcement Bureau
conclude that a Regulatee acted willfully in providing an incomplete,
inaccurate, or misleading attestation, or where the national security
risks presented by the Regulatee warrant dispensing with the first step
notice, the Licensing Bureau or Office and/or the Enforcement Bureau
may move directly to issue an Order to Show Cause without first issuing
a Notice of Deficiency and Opportunity to Respond.
Step 2: Order to Show Cause. If the Regulatee fails to cure the
filing defect noted in the Notice of Deficiency and Opportunity to
Respond, or otherwise fails to respond to that notice or demonstrate
why revocation proceedings should not be initiated, the Licensing
Bureau or Office and/or the Enforcement Bureau may issue an Order to
Show Cause initiating a revocation proceeding and providing the
Regulatee with fifteen (15) calendar days to explain why its
authorization(s) should not be revoked, except where statutory
revocation procedures apply instead. The response period of less than
30 days reflects the heightened national security risks associated with
undisclosed foreign adversary ownership. We delegate authority to the
Bureaus and Offices to afford additional process as they deem necessary
or appropriate. For revocation of broadcast and wireless licenses,
steps two and three are governed by Section 312 of the Communications
Act and Sec. 1.91 of the Commission's rules. The procedure for
revoking a broadcast or wireless license involves issuing an order to
show cause for an evidentiary administrative hearing before the
Commission's administrative law judge (ALJ) or other presiding officer
as that term is defined in Sec. 1.241 of the Commission's rules. The
issued order sets out the factual basis for any allegations that may
warrant revocation and directs the ALJ/Presiding Officer to determine
whether those facts bear out and whether the license/authorization
should be revoked. Pursuant to Sec. 2.939(b) of the Commission's
rules, except for the limited circumstances set forth in Sec. 2.939(d)
of the Commission's rules, revocation of equipment authorizations shall
be made in the same manner as revocation of broadcast licenses and
wireless licenses described above. The limited exception to this
process, as authorized by Sec. 2.939(d) of the Commission's rules,
applies when a false statement or representation is made in an
equipment certification application, or in materials or responses
submitted in connection therewith, that the equipment in the subject
application is not prohibited from receiving an equipment authorization
pursuant to Sec. 2.903 of the Commission's rules (i.e., it is not
Covered Communications Equipment), and the Commission subsequently
determines that the equipment is Covered Communications Equipment.
Section 2.939(d) of the Commission's rules sets forth the procedures
for revoking equipment authorizations in these limited circumstances.
Step 3: Order of Revocation. After providing the Regulatee notice
and opportunity to respond to the Order to Show Cause, if the ALJ/
Presiding Officer (in cases subject to 47 U.S.C. 312) or pertinent
Bureau/Office find that revocation is warranted, they will issue an
Order of Revocation. This order will revoke the Regulatee's
authorization(s).
We find that these procedures are consistent with due process and
procedural requirements under the Communications Act and the
Administrative Procedure Act (APA). Congress has granted the Commission
broad authority to ``conduct its proceedings in such manner as will
best conduce to the proper dispatch of business and to the ends of
justice.'' The Commission has broad discretion to craft its own rules
``of procedure and to pursue methods of inquiry capable of permitting
them to discharge their multitudinous duties.'' We find that the
process we adopt will ensure the development of an adequate
administrative record and appropriate procedural safeguards to ensure
due process.
FDD supports revocation of a Regulatee's Covered Authorization
within 30 days of failure to comply after an opportunity to correct or
explain any deficiencies to ensure the continued accuracy and
reliability of disclosures regarding Foreign Adversary Control. As
explained above, we find the record supports adopting a streamlined
revocation process as a default across Covered Authorizations where
consistent with applicable law. We find that our procedures are
warranted by the national security and law enforcement risks arising
from Foreign Adversary Control over Covered Authorizations while
comporting with the Communications Act, the APA, and the requirements
of due process.
NAB opposes the application of a streamlined revocation process for
broadcasters, pointing out that a streamlined process would not comport
with Section 312 of the Communications Act. We agree that the
Communications Act prescribes specific procedures for certain
Commission-granted licenses, such as broadcast licenses, as described
above. We therefore make clear that, in all such cases where a statute,
treaty, the Constitution, or other applicable law requires that the
Commission apply procedure that conflicts with the streamlined
procedure we adopt today, we direct the Bureaus and Offices to apply
the procedures mandated by the statute or other applicable law. A
streamlined revocation process is appropriate in light of the risks
that foreign adversaries pose to our networks when they act through
surrogates that they ``own or control'' and that hold licenses,
authorizations, and other approvals granted by the Commission. As
discussed above, these risks include the ability to directly compromise
the integrity of the nation's communications networks. We exclude
certain Covered Authorizations from the revocation procedures adopted
herein to the extent revocation of such Covered Authorizations is
subject to other statutory requirements that we will apply accordingly,
or the Commission has existing processes for revocation (or other
comparable action) of such Covered Authorizations that we believe are
also appropriately applied in matters involving the Regulatee's
compliance (or lack thereof) with these attestation and disclosure
requirements. When determining whether existing processes are
appropriate to apply, Licensing Bureaus and Offices are directed to
consider whether such processes are solely Commission regulations
(i.e., not required by statute, treaty, Executive Order, or the
Constitution) and, if so, whether the streamlined revocation procedure
may be applied, with modifications as necessary. In the Submarine Cable
Report and Order (90 FR 48648, Oct. 27, 2025), we adopted an informal
written process in cases involving revocation and/or termination of a
cable landing license, consistent with due process and procedural
requirements under the Cable Landing License Act of 1921, the
[[Page 18691]]
Communications Act, and the APA. We also noted that the Commission and
the State Department have existing procedures by which the State
Department approves the Commission's revocation of a cable landing
license, as required by Executive Order 10530, and these procedures
would continue to apply to any revocation of a cable landing license.
As set forth in our rules, recognized operating agency status is
granted or revoked by the U.S. Department of State. To the extent we
consider any matter relating to recognized operating agency's
compliance or lack thereof with the attestation and disclosure
requirement, we will assess whether it warrants a recommendation to
revoke the entity's recognized operating agency status and coordinate
with the State Department as needed. The Office of International
Affairs (OIA) may, for example, issue a notice of intent to recommend
revocation and will provide notice of such as required by 47 U.S.C. 413
where applicable. To the extent we consider whether reclamation of an
ISPC or DNIC is warranted due to an ISPC holder's or DNIC holder's
failure to comply with the attestation and disclosure requirement, we
will follow our existing reclamation procedures consistent with ITU-T
Recommendation Q.708 and ITU-T Recommendation X.121, respectively.
First, OIA will issue a letter notifying the ISPC holder or DNIC holder
of its intent to reclaim its provisionally assigned code(s) and require
the entity to respond within thirty (30) days. Second, if the ISPC
holder or DNIC holder fails to cure the filing defect noted in the
letter, or fails to adequately demonstrate why OIA should not reclaim
its ISPC(s) or DNIC(s), or otherwise fails to respond to that letter,
OIA will issue a letter reclaiming the ISPC(s) or DNIC(s) and notify
the ITU of the reclamation. OIA will then make the code(s) available
for reassignment.
Publication of Data and Privacy Considerations
We adopt our proposal in the Document (90 FR 26244, June 20, 2025)
to make the attestations and additional disclosures available to the
public. We find that increasing transparency into the control
structures of Regulatees across all industries will serve to deter
future Foreign Adversary Control over critical infrastructure and
protect consumers. By publishing this information, we enhance
accountability and advance the Commission's national security and
public interest objectives by deterring noncompliance and enabling
outside parties to raise concerns where appropriate. We received no
comment opposing this approach. We delegate to OEA and PSHSB, in
coordination with Licensing Bureaus and Offices and the Enforcement
Bureau, the authority to adopt necessary policies and procedures, and
conduct notice-and-comment rulemaking where necessary, to enable the
publication of both the information collected by these rules and also
of Foreign Adversary Control information more broadly, and to publish
the information. To account for the possibility that certain
information may need to remain non-public, we delegate authority to OEA
and PSHSB, in consultation with the relevant Licensing Bureaus and
Offices and the Office of General Counsel, to determine what
information, if any, should be withheld from public disclosure and the
method and format in which to publicly disclose these filings.
Cost-Benefit Considerations
Benefits. Protecting national security and preserving the
substantial economic activity conducted online are the most tangible
benefits of identifying foreign adversary threats. The Commission has
previously recognized that ``a foreign adversary's access to American
communications networks could result in hostile actions to disrupt and
surveil our communications networks, impacting our nation's economy
generally and online commerce specifically, and result in the breach of
confidential data.'' In the Document (90 FR 26244, June 20, 2025), we
argued that even a temporary disruption in communications could cause
billions of dollars in economic losses given that our national gross
domestic product was over $29 trillion in 2024, the digital economy
accounted for approximately 16% of the U.S. economy, and the volume of
international trade for the United States (exports and imports) was
$5.4 trillion in 2024. Staff estimates that the digital economy
accounts for approximately 16% of the U.S. GDP based on the statistics
published by the Bureau of Economic Analysis as of 2021: $3.7 trillion
of digital economy/$23 trillion U.S. GDP = 16%. Thus, the benefits
gained from deterring foreign adversaries or other untrustworthy actors
and preventing disruption to the U.S. economy and critical
communications infrastructure could be significant. Likewise, the
attestations and disclosures will enable the Commission and our federal
partners to more effectively address the widespread and coordinated
efforts to exploit, attack, and otherwise compromise the integrity of
communications networks for the purpose of undermining national
security. Additional benefits include preventing the possible loss of
confidential data, including the interception of sensitive governmental
information, and the undermining of public safety. Requiring Regulatees
to report Foreign Adversary Control can mitigate vulnerabilities in the
communications infrastructure and strengthen national security by
identifying potential threats. Such reporting, however, is only the
first step in neutralizing the threat posed by hostile foreign
governments. Additional steps include close scrutiny and, where deemed
appropriate, revocations to neutralize credible threats.
Costs. In the Document (90 FR 26244, June 20, 2025), the Commission
reasoned that collecting information on Regulatees owned by, controlled
by, or subject to the jurisdiction or direction of a foreign adversary
is unlikely to impose significant reporting costs for several reasons.
First, many Regulatees are already subject to the Commission's existing
foreign ownership reporting requirements. Second, a privately held
company likely knows the investors or stakeholders that hold interests
of 10% or greater or exert significant control over its business
directives, while a publicly held company is required to identify its
interest holders in requisite filings with the U.S. Securities and
Exchange Commission. Third, for those Regulatees not currently
reporting foreign ownership nor aware of their ownership interests,
Commission staff estimated a one-time foreign adversary ownership
reporting cost of $116 per Regulatee. Consistent with the Commission's
calculations in Paperwork Reduction Act (PRA) statements, we estimated
the median hourly wage for support staff (paralegals and legal
assistants) as $40. To account for estimated benefits, we added 45% for
a total hourly labor cost of $58. We estimated that for this one-time
review, each Regulatee would spend about two hours total to research
and report any 10% or greater foreign-adversary ownership stake.
NAB argues that we have underestimated the reporting burden by
oversimplifying the complexity of the required reporting tasks,
erroneously assigning them to support staff instead of attorneys, and
underestimating the time to complete them. In order to substantiate
these claims, NAB would have to produce precise, large industry cost
estimates to exceed plausible estimates of Foreign Adversary Control
reporting benefits. To illustrate, the United States' digital economy
amounted to $4.67 trillion in 2024, for
[[Page 18692]]
an average of $389 billion per month, $13 billion per day, and $540
million per hour. 16% of 2024 US GDP of $29.18 trillion = $4.67
trillion. Therefore, any disruption of the digital economy by a foreign
adversary, even for an hour's duration, is likely to generate billions
of dollars in lost value-added, the prevention of which is a benefit.
Any disruption that spillovers into global digital commerce--some of
which transits U.S. communications networks--is sure to multiply
benefits. The World Bank estimated that the digital economy comprised
15% of world nominal GDP in 2024, amounting to approximately $16
trillion of the $108 trillion world economy, over three times as much
as U.S. digital commerce alone. NAB has not provided any cost data for
the Commission to consider. Further, although NAB submits an example of
the time it would take for a single station owner to submit foreign
ownership attestations, we find that the concern is mitigated by our
sliding-scale Schedule approach to only require certain entities to
submit attestations and disclosures, and specifically for broadcast
licensees, the distinction in reporting requirements for larger and
smaller entities.
Accordingly, we conclude that the benefits of the Foreign Adversary
Control attestation and disclosure requirements far exceed the costs.
Apart from the economic benefits, we believe that the benefits to
national security also outweigh any economic costs, as ``[i]t is
obvious and unarguable that no governmental interest is more compelling
than the security of the Nation,'' which these rules promote.
Severability
All of the rules that are adopted in this Report and Order are
designed to mitigate the national security risk of Foreign Adversary
Control of Commission-granted licenses, leases, authorizations,
permits, grants, and other approvals. Each individual provision of the
rules we adopt here serves to address this strategic policy goal.
Therefore, it is our intent that each of the separate rules we adopt
herein shall be severable. If any subset of the rules is declared
invalid or unenforceable for any reason, it is our intent that the
remaining rules shall remain in full force and effect.
Final Regulatory Flexibility Analysis
As required by the Regulatory Flexibility Act of 1980, as amended
(RFA), the Federal Communications Commission (Commission) incorporated
an Initial Regulatory Flexibility Analysis (IRFA) in the Protecting our
Communications Networks by Promoting Transparency Regarding Foreign
Adversary Control, released in May 2025. The Commission sought written
public comment on the proposals in the Document (90 FR 26244, June 20,
2025), including comment on the IFRA. The comments received are
addressed below. This Final Regulatory Flexibility Analysis (FRFA)
conforms to the RFA and it (or summaries thereof) will be published in
the Federal Register.
Need for, and Objectives of, the Rules
The Report and Order adopts new attestation and disclosure
requirements that will enhance the Commission's ability to assess and
respond to emerging threats from Foreign Adversary Control over U.S.
communications networks. This action builds upon the Commission's
efforts to gain a more comprehensive and systematic view of threats
posed by foreign adversaries. The adopted rules categorize licenses,
leases, authorizations, permits, grants, and other Commission approvals
into distinct groups, each subject to different attestation and
disclosure requirements. Specifically, we adopt rules to establish a
reporting framework that distinguishes and categorizes each Covered
Authorization based on whether the Regulatee is: (A) required to submit
an attestation either affirming or denying Foreign Adversary Control;
(B) solely required to submit an attestation affirming Foreign
Adversary Control; or (C) is not required to file an attestation in
either event. We find this approach ensures the Commission receives the
information it needs to promote national security while minimizing
burdens to entities that present minimal or no national security risk.
The Report and Order also sets forth the information to be collected
for each group, method of collection, and, subject to statutory
exceptions, a streamlined process for revocation for non-compliance.
These rules will allow the Commission, as well as our law enforcement
partners, to improve situational awareness and develop approaches to
eliminate or mitigate national security threats from foreign
adversaries.
Summary of Significant Issues Raised by Public Comments in Response to
the IRFA
Comments regarding the impact of the rule on small entities were
filed by Michael Ravnitzky. In his comments, Ravnitzky suggested that
reporting mechanisms should be tailored to accommodate the realities of
small business, which could prevent undue consolidation in the industry
and encourage continued innovation and competition. As discussed in
greater detail below in Section E, the Commission takes steps to
minimize compliance burdens for small entities by exempting certain
small entities from the initial attestation requirements, and provides
an extended filing deadline for small entities that are required to
attest that they are subject to Foreign Adversary Control.
Response to Comments by the Chief Counsel for the Small Business
Administration Office of Advocacy
Pursuant to the Small Business Jobs Act of 2010, which amended the
RFA, the Commission is required to respond to any comments filed by the
Chief Counsel for the Small Business Administration (SBA) Office of
Advocacy, and also provide a detailed statement of any change made to
the proposed rules as a result of those comments. The Chief Counsel did
not file any comments in response to the proposed rules in this
proceeding.
Description and Estimate of the Number of Small Entities to Which the
Rules Will Apply
The RFA directs agencies to provide a description of, and where
feasible, an estimate of the number of small entities that may be
affected by the adopted rules. The RFA generally defines the term
``small entity'' as having the same meaning as the terms ``small
business,'' ``small organization,'' and ``small governmental
jurisdiction.'' In addition, the term ``small business'' has the same
meaning as the term ``small business concern'' under the Small Business
Act. Pursuant to 5 U.S.C. 601(3), the statutory definition of a small
business applies ``unless an agency, after consultation with the Office
of Advocacy of the Small Business Administration and after opportunity
for public comment, establishes one or more definitions of such term
which are appropriate to the activities of the agency and publishes
such definition(s) in the Federal Register.'' A ``small business
concern'' is one which: (1) is independently owned and operated; (2) is
not dominant in its field of operation; and (3) satisfies any
additional criteria established by the SBA. The SBA establishes small
business size standards that agencies are required to use when
promulgating regulations relating to small businesses; agencies may
establish alternative size standards for use in such programs, but must
consult and obtain approval from SBA before doing so.
[[Page 18693]]
Our actions, over time, may affect small entities that are not
easily categorized at present. We therefore describe three broad groups
of small entities that could be directly affected by our actions. In
general, a small business is an independent business having fewer than
500 employees. These types of small businesses represent 99.9% of all
businesses in the United States, which translates to 34.75 million
businesses. Next, ``small organizations'' are not-for-profit
enterprises that are independently owned and operated and are not
dominant in their field. While we do not have data regarding the number
of non-profits that meet that criteria, over 99 percent of nonprofits
have fewer than 500 employees. Finally, ``small governmental
jurisdictions'' are defined as cities, counties, towns, townships,
villages, school districts, or special districts with populations of
less than fifty thousand. Based on the 2022 U.S. Census of Governments
data, we estimate that at least 48,724 out of 90,835 local government
jurisdictions have a population of less than 50,000.
The rules adopted in the Report and Order will apply to small
entities in the industries identified in the chart below by their six-
digit North American Industry Classification System (NAICS) codes and
corresponding SBA size standard. The North American Industry
Classification System (NAICS) is the standard used by Federal
statistical agencies in classifying business establishments for the
purpose of collecting, analyzing, and publishing statistical data
related to the U.S. business economy. The size standards in this chart
are set forth in 13 CFR 121.201, by six digit NAICS code. Based on
currently available U.S. Census data regarding the estimated number of
small firms in each identified industry, we conclude that the adopted
rules will impact a substantial number of small entities. Where
available, we also provide additional information regarding the number
of potentially affected entities in the identified industries below.
Table 1--2022 U.S. Census Bureau Data by NAICS Code
----------------------------------------------------------------------------------------------------------------
Regulated industry (footnotes
specify potentially affected Total small
entities within a regulated NAICS code SBA size standard Total firms firms % small firms
industry where applicable)
----------------------------------------------------------------------------------------------------------------
All Other Telecommunications. 517810 $40 million 1,673 1,007 60.19
Radio Broadcasting Stations.. 516110 $47 million 2,616 2,136 81.65
Wired Telecommunications 517111 1,500 employees 3,403 3,027 88.95
Carriers....................
Computer Infrastructure 518210 $40 million 12,054 8,895 73.79
Providers, Data Processing,
Web Hosting, and Related
Services....................
Wireless Telecommunications 517112 1,500 employees 1,184 1,081 91.30
Carriers (except Satellite).
Satellite Telecommunications. 517410 $44 million 332 195 58.73
Business Associations........ 813910 $15.5 million 14,599 13,134 89.97
Web Search Portals and All 519290 1,000 employees 1,004 803 79.98
Other Information Services..
Other Communications 334290 800 employees 310 294 94.84
Equipment Manufacturing.....
Radio and Television 334220 1,250 employees 155 136 87.74
Broadcasting and Wireless
Communications Equip
Manufacturing...............
Telecommunications Resellers. 517121 1,500 employees 955 847 88.69
Television Broadcasting 516120 $47 million 413 316 76.51
Stations....................
Aircraft Manufacturing....... 336411 1,500 employees 234 209 89.32
Uncrewed Aircraft System None 100 employees or Data Not Data Not 92.20
(UAS) Operators............. less Disclosed Disclosed
----------------------------------------------------------------------------------------------------------------
Table 2--Telecommunications Service Provider Data
----------------------------------------------------------------------------------------------------------------
2024 Universal service monitoring report telecommunications SBA size standard (1500 Employees)
service provider data (data as of December 2023) -----------------------------------------------
----------------------------------------------------------------- Total # FCC
form 499A Small firms % Small
Affected entity filers entities
----------------------------------------------------------------------------------------------------------------
Telecommunications Resellers.................................... 633 615 97.16
Wired Telecommunications Carriers............................... 4,682 4,276 91.33
Wireless Telecommunications Carriers (except Satellite)......... 585 498 85.13
----------------------------------------------------------------------------------------------------------------
Table 3--Broadcast Entity Data
----------------------------------------------------------------------------------------------------------------
Broadcast station owners (as of August 8, 2025) SBA size standard ($47 Million)
----------------------------------------------------------------------------------------------------------------
# Commercial % Small
Affected entity licensed Small firms entities
----------------------------------------------------------------------------------------------------------------
Radio Stations (AM & FM) Groups................................. 2,881 2,863 99.38
Television Stations............................................. 171 142 83.04
----------------------------------------------------------------------------------------------------------------
[[Page 18694]]
Table 4--Cable Entities Data
----------------------------------------------------------------------------------------------------------------
% Small firms
Cable entities Size standard Total firms Small firms in industry
----------------------------------------------------------------------------------------------------------------
Cable System Operators (Telecom Act Serves fewer than 530 524 98.87
Standard). 498,000 subscribers,
Small Cable Operator.................. either directly or
through affiliates.
Cable Companies and Systems (Rate Serves 400,000 or fewer 530 523 98.51
Regulation). subscribers nationwide.
Small Cable Company...................
Cable Companies and Systems (Rate Serves 15,000 or fewer 4,545 3,965 87.24
Regulation). subscribers.
Small Cable System (headends).........
----------------------------------------------------------------------------------------------------------------
Description of Economic Impact and Projected Reporting, Recordkeeping
and Other Compliance Requirements for Small Entities
The RFA directs agencies to describe the economic impact of adopted
rules on small entities, as well as projected reporting, recordkeeping
and other compliance requirements, including an estimate of the classes
of small entities which will be subject to the requirement and the type
of professional skills necessary for preparation of the report or
record.
The Report and Order adopts reporting requirements based on a
variety of factors including national security risk of Foreign
Adversary Control and reporting burdens. Specifically, the Commission
exempts Covered Authorizations designated in Schedule C from the
initial attestation requirements for a variety of reasons, including
that they are typically held by individuals or small entities that may
pose a lesser risk to national security should they be under Foreign
Adversary Control. Other entities, such as broadcasters with five or
fewer employees, are only required to complete an attestation if the
entity is subject to Foreign Adversary Control. Small entities that are
required to file this attestation must do so within 120 days of the
public notice announcing the launch of the Foreign Adversary Control
System. This approach ensures the Commission receives the information
it needs to promote national security while minimizing burdens to small
and other entities that present minimal or no national security risk.
In the Report and Order, the Commission affirms its estimates that
a one-time foreign adversary reporting cost would be $116 per
Regulatee. Consistent with the Commission's calculations in Paperwork
Reduction Act (PRA) statements, we estimated the median hourly wage for
support staff (paralegals and legal assistants) as $40. To account for
estimated benefits, we added 45% for a total hourly labor cost of $58.
We estimated that for this one-time review, each Regulatee would spend
about two hours total to research and report any 10% or greater
foreign-adversary ownership stake. We find that many Regulatees are
already subject to the Commission's existing foreign ownership
reporting requirements and are familiar with similar reporting
requirements, thereby, lessening the additional burden that would be
imposed on these entities. Further, a privately held company likely
knows the investors or stakeholders that hold interests of 10% or
greater or exert significant control over its business directives,
while a publicly held company is required to identify its interest
holders in requisite filings with the U.S. Securities and Exchange
Commission. We also observe that certain types of small entities are
less likely to be subject to Foreign Adversary Control and may
therefore be subject to an exemption from the attestation and reporting
requirements.
Discussion of Steps Taken To Minimize the Significant Economic Impact
on Small Entities, and Significant Alternatives Considered
The RFA requires an agency to provide, ``a description of the steps
the agency has taken to minimize the significant economic impact on
small entities . . . including a statement of the factual, policy, and
legal reasons for selecting the alternative adopted in the final rule
and why each one of the other significant alternatives to the rule
considered by the agency which affect the impact on small entities was
rejected.''
In the Report and Order, the Commission considers a number of
alternatives to minimize the economic impact of its attestation and
disclosure requirements on small entities, especially those entities
that are unlikely to pose national security concerns. First, the
Commission creates a sliding-scale Schedule-based approach to the
application of our attestation and disclosure requirements to minimize
the burdens of complying across differently situated Regulatees. The
exploitation of some larger entities, such as many designated Schedule
A, can cause negative impacts to multiple networks. In contrast, small
entities' role in communications networks generally presents minimal
national security risks because many lack sufficient connection to
commercial communications networks, and they are less likely to be
under Foreign Adversary Control. Further, they are subject to other
existing reporting obligations that provide sufficient visibility into
their ownership or control, or they are already subject to other
Commission regulations that adequately address the risks of Foreign
Adversary Control. Specifically, instead of requiring all Regulatees to
submit an attestation, we exempt certain types of Covered
Authorizations (those designated in Schedule C) from the initial
attestation requirements for a variety of reasons including, for some
Covered Authorizations, that they are typically or exclusively held by
individuals or small entities. For other entities, such as broadcasters
with 5 for fewer employees, we reduce compliance burdens by only
requiring an attestation where the entity is subject to Foreign
Adversary Control. While other Schedule assignments may not be directly
based on size, we require the licensing Bureaus and Offices to consider
the size of a Regulatee in determining any changes to the Schedules on
an ongoing basis.
Further, the Commission adopts an extended filing deadline for
initial attestations and disclosures for small entities, recognizing
that small entities may have fewer resources. Small entities are
required to file within 120 days after the effective date of the rules
or the public notice announcing the launch of the Foreign Adversary
Control System, whichever is later, while larger entities are required
to file within 60 days. Doubling the duration of the filing
[[Page 18695]]
period for small-entity Regulatees will reduce the burden of
ascertaining the extent of Foreign Adversary Control of Covered
Authorizations and becoming familiarized with any related compliance
obligations in a timely manner. Further, this action will better
accommodate smaller entities, who frequently have limited resources and
compliance capacity. When considered in their totality, we find these
actions will meet the Commission's objectives of increasing
transparency regarding Foreign Adversary Control while significantly
reducing the economic impact on small entities and individual
licensees.
Report to Congress
The Commission will send a copy of the Report and Order, including
this Final Regulatory Flexibility Analysis, in a report to Congress
pursuant to the Congressional Review Act. In addition, the Commission
will send a copy of the Report and Order, including this Final
Regulatory Flexibility Analysis, to the Chief Counsel for Advocacy of
the SBA and will publish a copy of the Report and Order, and this Final
Regulatory Flexibility Analysis (or summaries thereof) in the Federal
Register.
Ordering Clauses
Accordingly, it is ordered, pursuant to Sections 1, 2, 3, 4(i),
4(n), 5, 201-205, 211-220, 222, 225, 251(e), 254, 301, 302, 303, 304,
307-310, 312, 316, 317, 319, 325, 332, 335, 336, 337, 338(i), 403,
409(e), 601, 631, and 653 of the Communications Act of 1934, as
amended, 47 U.S.C. 151, 152, 153, 154(i), 154(n), 155, 201-205, 211-
220, 222, 225, 251(e), 254, 301, 302a, 303, 304, 307-310, 312, 316,
317, 319, 325, 332, 335, 336, 337, 338(i), 403, 409(e), 521, 551, 573;
Sections 6001-6004, 6101-6102, 6201-6213, 6301-6303, 6401-6413, and
6502-6507 of the Middle Class Tax Relief and Job Creation Act of 2012,
47 U.S.C. 1401-1473; the Cable Landing License Act of 1921, 47 U.S.C.
34-39; Executive Order No. 10,530, 5(a), 19 FR 2709, 2711-12 (May 12,
1954), reprinted as amended in 3 U.S.C. 301 note; Section 601 of the
Communications Satellite Act of 1961, 47 U.S.C. 761; Section 706 of the
Telecommunications Act of 1996, 47 U.S.C. 1302; and Section 6(a) of the
TRACED Act, 47 U.S.C. 227b-1, this Report and Order is adopted.
It is further ordered that this Report and Order shall be effective
60 days after publication in the Federal Register. Compliance with
Sec. Sec. 1.80003 and 73.1212(j)(8) of the Commission's rules, 47 CFR
1.80003, 73.1212(j)(8), which may contain new or modified information
collections, will not be required until the Office of Management and
Budget completes review of any information collections that the Office
of Economics and Analytics and the Public Safety and Homeland Security
Bureau determine is required under the Paperwork Reduction Act. The
Commission directs the Office of Economics and Analytics and the Public
Safety and Homeland Security Bureau to announce the compliance date for
Sec. Sec. 1.80003 and 73.1212(j)(8) by subsequent Public Notice in the
Federal Register, and to cause Sec. Sec. 1.80003 and 73.1212(j)(8) to
be revised accordingly.
It is further ordered that the Office of the Managing Director,
Performance Program Management, shall send a copy of this Report and
Order in a report to be sent to Congress and the Government
Accountability Office pursuant to the Congressional Review Act, see 5
U.S.C. 801(a)(1)(A).
It is further ordered that the Commission's Office of the Secretary
shall send a copy of this Report and Order, including the Final
Regulatory Flexibility Analysis, to the Chief Counsel for Advocacy of
the Small Business Administration.
List of Subjects
47 CFR Part 1
Administrative practice and procedure, Communications,
Communications common carriers, Communications equipment, Cuba,
Individuals with disabilities, Internet, Organization and function
(Government agencies), Penalties, Radio, Reporting and recordkeeping
requirements, Satellites, Security measures, Telecommunications,
Telephone, Television.
47 CFR Part 73
Television.
Federal Communications Commission.
Marlene H. Dortch,
Secretary.
Final Rules
For the reasons discussed in the preamble, the Federal
Communications Commission amends 47 CFR parts 1 and 73 as follows:
PART 1--PRACTICE AND PROCEDURE
0
1. The authority citation for part 1 continues to read as follows:
Authority: 47 U.S.C. chs. 2, 5, 9, 13; 28 U.S.C. 2461 note; 47
U.S.C. 1754, unless otherwise noted.
0
2. Add subpart GG, consisting of Sec. Sec. 1.80000 through 1.80004, to
read as follows:
Subpart GG--Foreign Adversary Control of Commission-Granted Licenses
and Authorizations
Sec.
1.80000 Purpose.
1.80001 Definitions.
1.80002 Schedules of Covered Authorizations subject to Foreign
Adversary Control rules.
1.80003 Foreign adversary control attestation and disclosures.
1.80004 Enforcement and streamlined revocation procedure.
Subpart GG--Foreign Adversary Control of Commission-Granted Licenses
and Authorizations
Authority: 47 U.S.C. chs. 2, 5, 9, 11, 12, 13, 15.
Sec. 1.80000 Purpose.
The purpose of this subpart is to mitigate the risk to national
security and public safety of Foreign Adversary Control, as that term
is defined in Sec. 1.80001, of an individual or entity that holds a
Commission license, lease, authorization, permit, grant, or other
approval by requiring attestations and disclosures regarding any such
Foreign Adversary Control by the holder of such license, lease,
authorization, permit, grant, or other approval, and by an applicant
for such license, lease, authorization, permit, grant, or other
approval as set forth in Sec. 1.80003.
Sec. 1.80001 Definitions.
(a) Covered Authorization. The term Covered Authorization means a
license, lease, authorization, permit, grant, or other approval granted
by the Commission that appears on a Schedule as described in Sec.
1.80002.
(b) Foreign adversary. The term foreign adversary is given the same
meaning as defined in Sec. 1.70001(e).
(c) Foreign adversary country. The term foreign adversary country
is given the same meaning as defined in Sec. 1.70001(f).
(d) Licensing Bureaus and Offices. The term Licensing Bureaus and
Offices means a Federal Communications Commission Bureau or Office that
grants a license, lease, authorization, permit, grant, or other
approval held by a Regulatee as defined in paragraph (f) of this
section. These include the Consumer and Governmental Affairs Bureau,
Media Bureau, Public Safety and Homeland Security Bureau, Space Bureau,
Wireless Telecommunications Bureau, Wireline Competition Bureau, Office
of Economics and Analytics, Office of Engineering and Technology, and
Office of International Affairs.
[[Page 18696]]
(e) Owned by, controlled by, or subject to the jurisdiction or
direction of a foreign adversary. The term owned by, controlled by, or
subject to the jurisdiction or direction of a foreign adversary is
given the same meaning as defined in Sec. 1.70001(g). For the purposes
of Sec. 1.70001(g)(4), the Commission shall generally deem a holder of
10% or greater of the total outstanding voting and/or equity interest
in a Regulatee as possessing the power to determine, direct, or decide
important matters affecting an entity, and delegates authority to the
Licensing Bureaus and Offices, and the Enforcement Bureau, the
authority to make exceptions to this general determination on a case-
by-case basis. The term Foreign Adversary Control is used coterminously
with this term for the purposes of this subpart.
(f) Regulatee. The term Regulatee refers to the holder or grantee
of a Covered Authorization as defined in paragraph (a) of this section,
or an applicant therefor.
(g) Schedule. The term Schedule refers to the groupings used to
categorize Covered Authorizations and Regulatees, as described in Sec.
1.80002, based on the applicable attestation and disclosure
requirements.
(h) Small entity. The term small entity means a Regulatee with a
size not exceeding the size standards listed in 13 CFR 121.201.
Sec. 1.80002 Schedules of Covered Authorizations subject to Foreign
Adversary Control rules.
(a) Schedule A Covered Authorizations.
Table 1 to Paragraph (a)
------------------------------------------------------------------------
Covered
Legal authority citation authorization type Qualification(s)
------------------------------------------------------------------------
47 CF
[…truncated; see source link]Indexed from Federal Register on April 10, 2026.
This is legal information, not legal advice. Laws vary by jurisdiction and change frequently. Always verify current law with official sources and consult a licensed attorney in your jurisdiction for advice on your specific situation.