On January 20, long-time public servant Jessica Rosenworcel will step down from the Federal Communications Commission (FCC) after an exceptional 12-year period. Throughout her tenure, Rosenworcel has been a pioneering force in the realms of cybersecurity, data privacy, and the regulation of emerging technologies, particularly artificial intelligence (AI) within the communications sector. Her legacy is marked by a proactive and assertive regulatory approach that has significantly shaped the FCC’s direction.
Pioneering Efforts in Cybersecurity
During her tenure, Rosenworcel steered the FCC towards a more assertive stance on cybersecurity. This era saw the FCC issuing unprecedented fines to telecom companies and other entities responsible for data breaches, privacy infringements, and misleading uses of AI, especially in political contexts. These punitive actions were complemented by proactive measures, including the proposal and implementation of new regulations addressing cybersecurity threats and privacy concerns. Noteworthy among these were the reinterpretations of longstanding laws to fit contemporary and future technologies and infrastructures, thereby sustaining relevance in a rapidly evolving technological landscape.
Under her leadership, Rosenworcel ensured that the FCC’s cybersecurity initiatives addressed both immediate and long-term challenges. She believed cybersecurity and privacy concerns were fundamentally intertwined with national and economic security. The emphasis was on secure communications infrastructure, which gravitated towards embracing regulatory measures that reflected the current and foreseeable technological environment.
Revoking Authorizations and Replacing Equipment
One of the most notable actions taken under Rosenworcel’s leadership was the revocation of service authorizations for Chinese-affiliated telecom corporations, citing security concerns. This move was part of a broader initiative to replace Huawei and ZTE equipment in the United States’ communications networks. Recent legislation has bolstered this effort with an infusion of $3 billion to expedite the overhaul, underscoring the FCC’s commitment to national security.
Further focus was given to ensuring that devices using radio frequencies passed through stringent security checks, all of which were underpinned by newly enacted Secure Equipment Acts. Another significant stride was the crackdown on unauthorized selling of geolocation data by wireless carriers and a fundamental update of the FCC’s data-breach policies—policies that had become archaic in the face of the accelerated pace of digital evolution.
Addressing Sim-Swapping Fraud and Data Protection
Addressing the rising threat of sim-swapping fraud represented another front in the agency’s broader cybersecurity offensive. A pivotal aspect that facilitated these varied initiatives was the creation of the Privacy and Data Protection Task Force. This conglomeration of staff from diverse agency domains worked synergistically to address security challenges and secure the communications infrastructure within homes and businesses. By collating diverse expertise, the task force effectively tackled a spectrum of threats, enhancing the overall integrity of national communications networks.
Analyzing Rosenworcel’s regulatory approach highlights a trend of adapting older legislations to meet modern requirements. For instance, the Communications Act’s provision on network security became a cornerstone around which new frameworks were built, especially in the context of the growing Internet of Things (IoT). Her administration developed the U.S. Cyber Trust Mark, aimed at aiding consumers in making informed choices about IoT devices, exemplifying the FCC’s nuanced, forward-looking regulatory approach.
Proactive Cybersecurity Measures
The FCC’s response to the Salt Typhoon intrusions into U.S. telecommunications networks further exemplifies a proactive cybersecurity stance. Recognizing the heterogeneous nature of U.S. communications infrastructure, Rosenworcel initiated efforts to build a robust cybersecurity framework to preempt future breaches. The preeminent law in use here was the Communications Assistance for Law Enforcement Act (CALEA) of 1994, a legislation Rosenworcel sought to reinterpret to enforce modern cybersecurity standards across telecom networks. This reinterpretation aimed to establish minimum cybersecurity standards, creating a security baseline irrespective of the varied equipment forming the national communications grid.
Rosenworcel called for real-time frameworks to tackle invasions like Salt Typhoon without waiting for intelligence communities to complete extensive evaluations. Her proactive proposal advocated immediate action, emphasizing FCC’s role in national security. Collaboration between various stakeholders, including the Cyber Safety Review Board, national intelligence experts, and telecom providers, was crucial in investigating these breaches. Through such collaborations, the crux revolved around identifying breach mechanisms, expelling malicious actors, and implementing preventive measures—all areas where the FCC leveraged its regulatory authority.
AI Regulation and Transparency
AI’s increasing intersection with national security and public trust forms another significant aspect of Rosenworcel’s tenure. A major incident on her watch was a large-scale AI-driven voice cloning event, targeting voters in New Hampshire with fraudulent calls ostensibly from President Biden. The FCC’s swift response—leveraging existing laws like the McDowell Telephone Consumer Protection Act of 1991—underscored Rosenworcel’s readiness to apply old statutes to novel technologies. The result was a significant fine and determination to set stringent precedents against such misuse of AI, setting a clear message to other malicious actors.
Rosenworcel’s approach to AI in political ads seeks to instill transparency norms, ensuring that consumers are aware when interacting with synthetic media. She emphasizes that AI’s contextual usage must be communicated clearly to consumers—an assertion reinforcing the modernity of regulatory frameworks. Challenges from other regulatory bodies like the Federal Election Commission chair, along with concerns around jurisdiction voiced by FCC Commissioner Brendan Carr, highlight ongoing debates surrounding the extension of FCC’s regulatory purview. Despite these contentions, Rosenworcel advocated for norm-setting rules that incorporated transparency in AI usage.
Tackling Robocalls and Legislative Needs
On January 20, Jessica Rosenworcel, a long-time public servant, will conclude her distinguished 12-year tenure at the Federal Communications Commission (FCC). Over these years, Rosenworcel has made a significant impact, particularly in the arenas of cybersecurity, data privacy, and the regulation of emerging technologies, with a focus on artificial intelligence (AI) within the communications sector. Her approach has been both proactive and assertive, earning her recognition as a pioneering force in the regulatory landscape.
Rosenworcel’s commitment to these critical areas has helped shape the FCC’s direction and policies in profound ways. Her leadership has not only advanced the agency’s regulatory framework but also ensured that the FCC keeps pace with the rapid technological changes affecting the communication industry. Her efforts have laid a robust foundation for the future of telecommunications regulation, particularly as it pertains to safeguarding data and maintaining robust cybersecurity measures in an increasingly digital world.
Moreover, Rosenworcel’s work in the AI domain has set important precedents for how such technologies should be governed to protect consumers and maintain fair practices. Her tenure at the FCC will be remembered for her forward-thinking strategies and her relentless advocacy for security and privacy in the communications sector. As she steps down, her legacy will continue to influence the FCC’s approach to the ever-evolving challenges of modern technology.
