The Federal Communications Commission (FCC) voted 2-1 on Thursday to eliminate cybersecurity requirements for major U.S. phone and internet companies. This decision, driven by the FCC’s Republican majority, reverses rules previously adopted by the Biden administration aimed at securing telecommunications networks against unlawful access. The move comes amid ongoing concerns about espionage and surveillance conducted by China-backed hacking groups.
The Overturned Rules and Recent Hacks
The scrapped regulations mandated that telecommunications carriers take concrete steps to protect their networks from unauthorized interception of communications. This action follows revelations of a years-long hacking campaign, dubbed “Salt Typhoon,” which compromised over 200 U.S. telecommunications companies, including industry giants like AT&T, Verizon, and Lumen. The hackers focused on broad-scale surveillance of American officials and, in some cases, targeted wiretap systems used for law enforcement.
The timing of this decision is critical because it weakens defenses while threats remain active. The FCC’s rollback suggests a prioritization of industry flexibility over national security safeguards. The previous rules were designed to ensure a baseline level of protection, especially in light of escalating cyber threats from state-sponsored actors.
Lawmaker and Industry Reactions
The FCC’s decision drew immediate criticism from Democratic lawmakers. Senator Gary Peters, ranking member of the Senate Homeland Security Committee, expressed dismay at the rollback of “basic cybersecurity safeguards.” Senator Mark Warner, from the Senate Intelligence Committee, argued that the change leaves the U.S. without a viable plan to address security gaps exploited by groups like Salt Typhoon.
Meanwhile, the NCTA, representing the telecommunications industry, welcomed the move, calling the original rules “prescriptive and counterproductive.” This highlights a fundamental tension between regulatory oversight and industry resistance to compliance costs.
The Limits of Voluntary Cooperation
FCC Commissioner Anna Gomez, the sole Democrat on the panel, dissented from the vote. Gomez warned that relying on voluntary cooperation with telecommunications companies is insufficient without enforceable standards.
“Handshake agreements without teeth will not stop state-sponsored hackers…They won’t prevent the next breach.”
Her statement underscores the reality that state-backed hacking groups operate with persistent determination, and cybersecurity requires more than goodwill. The lack of enforcement creates an environment where vulnerabilities remain unaddressed, leaving networks exposed.
The decision to repeal these rules raises questions about the FCC’s priorities and its commitment to protecting critical infrastructure. By prioritizing industry preferences over national security, the agency has effectively lowered the bar for cybersecurity standards at a time when threats are actively exploiting weaknesses in U.S. telecommunications networks.
