[Federal Register Volume 80, Number 14 (Thursday, January 22, 2015)]
[Proposed Rules]
[Pages 3191-3207]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2015-00940]
=======================================================================
-----------------------------------------------------------------------
FEDERAL COMMUNICATIONS COMMISSION
47 CFR Part 12
[PS Docket No. 14-193; PS Docket No. 13-75; FCC 14-186]
911 Governance and Accountability; Improving 911 Reliability
AGENCY: Federal Communications Commission.
ACTION: Proposed rule.
-----------------------------------------------------------------------
SUMMARY: In this document the Federal Communications Commission
(Commission) affirms core principles guiding its approach to 911
governance and proposes mechanisms to ensure, in cooperation with state
and local partners, that the nation's 911 governance structure keeps
pace with evolving technology so that all entities providing 911
service capabilities remain accountable for reliable 911 call
completion and accurate situational awareness. This document proposes
[[Page 3192]]
steps to address vulnerabilities in 911 reliability that have been
revealed by a series of recent ``sunny day'' 911 outages, including the
April 2014 multi-state outage that was the subject of a recent report
by the Public Safety and Homeland Security Bureau (Bureau).
Specifically, this document proposes to amend the Commission's 911
reliability certification rules to cover additional entities and
network reliability practices; require public notification for major
changes in multi-state 911 networks and services, and Commission
approval for discontinuance of existing 911 services; require entities
seeking to provide new 911 capabilities to certify as to their
technical and operational capability to provide reliable service; and
designate certain 911 service providers to take lead responsibility for
situational awareness and coordination with other service providers in
the event of a 911 outage.
DATES: Submit comments on or before March 9, 2015 and reply comments by
April 7, 2015. Written comments on the Paperwork Reduction Act proposed
information collection requirements must be submitted by the public,
Office of Management and Budget (OMB), and other interested parties on
or before March 23, 2015.
ADDRESSES: You may submit comments, identified by docket numbers PS 14-
193 and PS 13-75, by any of the following methods:
Federal Communications Commission's Web site: http://fjallfoss.fcc.gov/ecfs2/. Follow the instructions for submitting
comments.
Mail: U.S. Postal Service first-class, Express, and
Priority mail must be addressed to 445 12th Street SW., Washington, DC
20554. Commercial overnight mail (other than U.S. Postal Service
Express Mail and Priority Mail) must be sent to 9300 East Hampton
Drive, Capitol Heights, MD 20743.
People with Disabilities: Contact the FCC to request
reasonable accommodations (accessible format documents, sign language
interpreters, CART, etc.) by email: [email protected] or phone: 202-418-
0530 or TTY: 202-418-0432.
In addition to filing comments with the Secretary, a copy of any
comments on the Paperwork Reduction Act information collection
requirements contained herein should be submitted to the Federal
Communications Commission via email to [email protected] and to Nicholas A.
Fraser, Office of Management and Budget, via email to
[email protected] or via fax at 202-395-5167. Parties
wishing to file materials with a claim of confidentiality should follow
the procedures set forth in section 0.459 of the Commission's rules.
Confidential submissions may not be filed via ECFS but rather should be
filed with the Secretary's Office following the procedures set forth in
47 CFR 0.459. Redacted versions of confidential submissions may be
filed via ECFS. For detailed instructions for submitting comments and
additional information on the rulemaking process, see the SUPPLEMENTARY
INFORMATION section of this document.
FOR FURTHER INFORMATION CONTACT: Eric P. Schmidt, Attorney Advisor,
Public Safety and Homeland Security Bureau, (202) 418-1214 or
[email protected]. For additional information concerning the
Paperwork Reduction Act information collection requirements contained
in this document, contact Benish Shah at (202) 418-7866 or send an
email to [email protected].
SUPPLEMENTARY INFORMATION: This is a summary of the Commission's Policy
Statement and Notice of Proposed Rulemaking (NPRM) in PS Docket No. 14-
193 and PS Docket No. 13-75, released on November 21, 2014. The full
text of this document is available for public inspection during regular
business hours in the FCC Reference Center, Room CY-A257, 445 12th
Street SW., Washington, DC 20554, or online at http://www.fcc.gov/document/911-governance-and-accountability-policy-statement-and-nprm.
Synopsis of Policy Statement and Notice of Proposed Rulemaking
I. Introduction
One of the fundamental purposes for which Congress created the
Federal Communications Commission is to ``promot[e] safety of life and
property through the use of wire and radio communications.'' Nowhere
does the Commission give higher expression to this overarching
obligation than in its efforts to ensure that the American people have
access to reliable and resilient 911 communications service. To be
sure, this is not the Commission's responsibility alone. State
regulators and local emergency response agencies play critical roles in
ensuring that 911 is available when needed and that every 911 call will
be answered, and it is undoubtedly in the public interest that the
Commission should work in close partnership with these stakeholders to
carry out its responsibility. Nevertheless, we know that the
technologies and commercial relationships that form the foundation of
the 911 system are transitioning and, as a result, becoming
increasingly interstate in nature. The Commission is uniquely
positioned to ensure 911 reliability on a national scale and across
different communications platforms and technologies, to promote the
deployment of new and innovative 911 technologies by an increasingly
diverse array of stakeholders, and to ensure that the benefits of
advanced 911 service extend to all Americans.
The importance of ensuring nationwide 911 reliability as
technologies transition has been underscored by several recent
disruptions of 911 service that have affected the public in multiple
states or across the entire nation. For example, in April 2014, a
software coding error at a Colorado-based 911 provider's call routing
facility led to a loss of 911 service to a population of more than 11
million in seven states--California, Florida, Minnesota, North
Carolina, Pennsylvania, South Carolina, and Washington--for up to six
hours. In addition, the state of Hawaii has experienced multiple
disruptions in 911 service since January 2014, and the entire state of
Vermont lost 911 service for 40 minutes in August 2014. A growing
number of disruptions to 911 service are caused by software
malfunctions, database failures, and errors in conversion from legacy
to IP-based network protocols. These failures may occur in portions of
the network that are not directly analogous to the legacy architecture.
Moreover, these new modes of failure have the potential to affect many
states at once, or even all of a service provider's customers
nationwide.
While innovative technologies have the potential to improve many
aspects of 911 service and enhance the ability of first responders to
do their jobs more effectively, these recent outages have revealed that
technology changes may also introduce new vulnerabilities. While the
Commission has previously undertaken to monitor the transition to Next
Generation 911 (NG911) technologies to determine whether our rules
should be revised or expanded to cover new best practices or additional
entities, recent events have demonstrated that the pace of change
already requires prompt action to review these vulnerabilities. Failure
to take appropriate action risks undermining the reliability and
resiliency of current 911 services and endangering the transition to
NG911 technologies that offer even greater public safety benefits. The
American public must have confidence that 911 will work every time help
is needed. Any failure to meet this expectation puts individual lives
at stake and erodes
[[Page 3193]]
vital public trust in our nation's emergency services.
In this Policy Statement and Notice of Proposed Rulemaking, we
affirm the core principles that have guided and will continue to guide
the Commission's approach to ensuring reliable and resilient 911
service and its continuing partnership with state and local
authorities. We propose specific rules designed to address failures
leading to recent multi-state 911 outages, based on the October 2014
report of the Public Safety and Homeland Security Bureau. Finally, we
propose additional mechanisms designed to ensure that our 911
governance structure keeps pace with evolving technologies and new
reliability challenges so that all 911 service providers remain fully
accountable to the public they serve.
II. Policy Statement
It is the policy of the Commission to encourage and support efforts
by states and localities to deploy comprehensive end-to-end emergency
communications infrastructure and programs, including seamless,
ubiquitous, reliable 911 service. As IP-based 911 service providers
transition to architectures that extend beyond the boundaries of any
state and implement network changes that may affect quality of service
on a regional or national scale, consistent and collaborative
governance is not just good governance, but essential to maintaining
the vital public benefits of 911. Together with our state and local
partners, the Commission has the public safety imperative to oversee
each of the increasingly complex component pieces of the nation's 911
infrastructure, and to ensure that service providers within our
respective jurisdictions are held fully accountable for providing
reliable 911 service to all Americans. Where there are multi-state
aspects of the 911 architecture or technology trends that may increase
the risk of failure or cause confusion to PSAPs and end-users, the
Commission must, and will, take a leadership role in resolving such
risks and confusion.
While we seek comment on specific proposals designed to address the
challenges of the transition to NG911, we believe it would be useful at
the outset to articulate the general goals that serve as a framework
for these proposals. We start from the proposition that all entities
providing 911 communications services, both incumbents and new
entrants, occupy a unique position of public trust. Increased
innovation and enhanced competition in the 911 ecosystem bring
tremendous potential to enhance the functionality and utility of 911,
but these transitions must be managed in a manner that maximizes the
availability, reliability, and resiliency of the 911 network, and
ensures the accountability of all participants in the 911
communications ecosystem. Therefore, we believe that every entity with
a role in 911 call completion should be guided by two principles:
First, any new elements of 911 architecture or service should have the
necessary redundancy and reliability safeguards, along with the
appropriate governance mechanisms, to maximize reliability and protect
public safety. Second, significant changes in 911 service should be
coordinated in a transparent manner with the Commission and with state
and local authorities. To the extent that technology transitions and
changes in the market for 911 services create real or perceived gaps in
the delivery of reliable and resilient 911 service, the Commission will
act, in cooperation with state and local partners, to close those gaps
and set clear expectations regarding each service.
III. Notice of Proposed Rulemaking
In this Notice of Proposed Rulemaking, we first seek comment on
specific proposals to advance the principles described above by
ensuring that the Commission's 911 rules keep pace with changing
technology. We then seek comment on whether it may be appropriate to
take further steps, in coordination with state and local authorities,
to promote a national governance structure that proactively increases
end-to-end accountability and produces measurable results. By
initiating this rulemaking, we do not intend to impose ``one-size-fits-
all'' mandates on the nation's 911 infrastructure when different states
and communities need flexibility to respond to each situation in the
way that best suits their particular circumstances. Rather, we seek to
ensure that the Commission remains equipped, consistent with its
statutory mandates and existing legal authority, with the proper
regulatory tools to enforce continued and clear lines of accountability
for reliable 911 call completion, including as the nation transitions
to an IP-based NG911 architecture.
We also emphasize that the purpose of this rulemaking is not to
supplant state action. To the contrary, consistent with our statutory
mandate under the 911 Act, our goal is to ``encourage and support
efforts by States to deploy comprehensive end-to-end emergency
communications infrastructure,'' and to ``consult and cooperate with
State and local officials'' when developing national policies with
respect to 911 governance, implementation, and reliability. We
recognize that many decisions regarding 911 deployment, operations, and
cost recovery are best made at the state and local level, and continued
oversight by states and localities is vital to ensuring that 911
service remains effective and reliable in every community across the
country. Our action today is intended to ensure that state and local
partners continue to be empowered to fulfill this important oversight
responsibility within their jurisdictions, and we seek comment on a
variety of ways that the Commission can assist in local, state, and
regional efforts to maintain and improve 911 service quality. Thus, we
do not intend to interfere with the right of state and local 911
authorities to contract for the services they desire or to determine
the best path for deployment of NG911 technologies within their
jurisdictions. We also note that, in appropriate circumstances, federal
rules may ease burdens on state and local jurisdictions by obviating
the need for them to promulgate their own potentially disparate
requirements.
A. Revisions to 47 CFR 12.4
The Commission adopted Sec. 12.4 based on indications that during
the 2012 derecho storm ILECs providing 911 service in affected areas
failed to follow established network reliability best practices in
three specific areas, which resulted in widespread and prolonged 911
outages. To address these deficiencies and ensure improved reliability
in the future, the rule contains two components: (1) A substantive
requirement that ``covered 911 service providers shall take reasonable
measures to provide reliable 911 service with respect to circuit
diversity, central-office backup power, and diverse network
monitoring'' and (2) a reporting requirement that such providers
certify annually whether they have implemented specified best practices
or reasonable alternative measures in each of those substantive areas.
The rule defines ``covered 911 service providers'' as those that
provide specified 911 capabilities, or the functional equivalent,
``directly to a PSAP''--typically meaning those entities that provide
911 services pursuant to a contractual agreement with a PSAP or
emergency authority.
In light of the multistate 911 outages discussed above and the
lessons they provide about 911 network architectures already in use in
many parts of the nation, we propose to expand the scope of entities
covered by Sec. 12.4 (i.e., the definition of ``covered 911 service
[[Page 3194]]
provider'') to include all entities that provide 911, E911, or NG911
capabilities, such as call routing, automatic location information
(ALI), automatic number identification (ANI), location information
servers (LIS), text-to-911, or the functional equivalent of those
capabilities, regardless of whether they provide such capabilities
under a direct contractual relationship with a PSAP or emergency
authority. This definition would include all entities that provide 911-
specific network infrastructure, but only to the extent that they
provide specified 911 capabilities. For example, a wireless carrier
would be required to certify with respect to any mobile positioning
centers (MPCs), gateway mobile location centers (GMLCs) or other
databases that it uses to process and route 911 calls, but not with
respect to individual cell sites and its call origination network
generally. If a wireless carrier outsources 911 call processing
capabilities to a subcontractor, we propose that both the carrier and
the subcontractor would be required to certify their respective
reasonable measures to maintain reliable 911 service because both
entities would provide 911 capabilities specified in the proposed rule.
We seek comment on this analysis. This amendment would address 911
network architectures where multiple service providers or sub-
contractors provide call routing and ALI/ANI capabilities and ensure
that each link in that chain is treated equally under Sec. 12.4. We
propose that adding these entities would not change the duties of those
who already qualify as covered 911 service providers, except with
respect to the new certification elements proposed below, or the duties
of their agents under existing principles of legal liability. However,
we seek comment on the existing duties of the agents and sub-
contractors of covered 911 service providers, and on the feasibility of
extending certification requirements to such entities.
To ensure that Sec. 12.4 keeps pace with evolving network
architectures and reliability risks, we also propose to amend Sec.
12.4(b) to provide that ``all covered 911 service providers shall take
reasonable measures to provide reliable 911 service.'' This obligation
would include--but not be limited to--the existing areas of circuit
diversity, central-office backup power, and diverse network monitoring.
While the current Sec. 12.4 only addresses reliability with respect to
these three specific areas, we believe it would demonstrate better
governance for this rule to require covered entities to take reasonable
measures generally to ensure the reliability of 911 service, with
specific behavior identified within this rule as necessary to add more
detail.
We seek comment on additional network reliability practices that
should be incorporated into Sec. 12.4 and its associated certification
requirements. Based on the Bureau's findings with respect to the April
2014 multistate 911 outage and other large-scale disruptions in 911
service described above, we anticipate that one area of particular
importance will be the reliability and testing of software and
databases used to process 911 calls, including planned maintenance and
software upgrades. We also believe that the certification should
indicate whether a service provider's IP-based 911 architecture is
geographically distributed, load-balanced, and capable of automatic
reroutes to backup equipment in the event of a hardware, network,
software or database failure. Finally, we believe the network
monitoring component of the existing rule should cover not just the
physical diversity of monitoring facilities, but also the proper
prioritization of critical network alarms. What other measures should
be implemented by covered 911 service providers to mitigate the risk of
failure and geographic scope of impacts on 911 service? For example,
should the certification address factors such as cybersecurity and
supply chain risk management?
We also believe that Sec. 12.4 should reflect and require
certification with respect to the duty to take reasonable measures to
share information and situational awareness, as appropriate under the
circumstances, during disruptions in 911 service. We seek comment on
the scope of information and communications that should be reasonably
expected from various entities in the 911 ecosystem, including those
with direct contractual relationships with PSAPs and those that provide
service on a vendor or sub-contractor basis. At a minimum, we believe
the certification should indicate whether a covered 911 service
provider has a process in place to notify PSAPs of an outage within the
timeframes specified in part 4 of the Commission's rules. While this
proposal would not change such providers' substantive obligations under
part 4, it would provide assurance that they have taken proactive steps
to successfully perform their duties under the rules if the need
arises. Service providers may also be able to detect outages in real
time through call counts, ALI queries, and other methods of analyzing
network traffic. To what extent should the certification reflect
reasonable measures to detect and disseminate such real-time outage
information?
We seek comment on these proposals and on potential alternative
approaches. Are there other topics or practices should be incorporated
into ``reasonable measures'' and annual certification requirements?
Should any components of the certification require testing or analysis
by an independent third party, or is the certifying entity's own
attestation sufficient? Should the Commission establish standards, best
practices, or other mechanisms to promote the reliability of IP-based
911 network elements and processes not currently covered by Sec. 12.4?
Should such standards be voluntary (i.e., best practices) or mandatory?
Should providers be required to report or certify the extent of their
compliance with such standards, or should they be required to meet
certain standards or performance requirements? Are there instances in
an NG911 environment where consensus-based best practices have not yet
been established and should be referred to an advisory committee such
as the Commission's Communications Security, Reliability, and
Interoperability Council (CSRIC) for further development? Should we
include any limitations on our incorporation of such existing or future
standards or practices in our rules? If we include a more general
requirement of reliability, should we include additional guidance as to
the standards by which the Commission will measure implementation?
B. Ensuring Transparency and Accountability in Connection With Major
Changes to Existing 911 Service
The functionality of the nation's 911 networks increasingly depends
on complex relationships between service providers and PSAPs, and often
among multiple service providers, sub-contractors, and other affiliated
entities themselves. While states and localities are well-positioned
under our cooperative governance framework to oversee many aspects of
these relationships based on the needs of the PSAPs and residents
within their borders, critical 911 network infrastructure is
increasingly shared among many jurisdictions and beyond the oversight
of individual emergency authorities, and more complex in its design and
operation. Accordingly, the end-to-end reliability of a 911 network
depends on the sum of its parts and how they function together. We must
ensure that this transition process is open and transparent.
[[Page 3195]]
1. Major Changes in 911 Service
Transparency is essential as the technologies and entities
delivering 911 service capabilities evolve over time. In accordance
with section 251 of the Communications Act, the Commission's rules
require ILECs to provide public notice regarding any network change
that will (1) Affect a competing service provider's performance or
ability to provide service, (2) affect the ILEC's interoperability with
other service providers, or (3) affect the manner in which customer
premises equipment is attached to the interstate network, as well as
public notice of network changes that ``[w]ill result in the retirement
of copper loops or copper subloops, and the replacement of such loops
with fiber-to-the-home loops or fiber-to-the-curb loops.'' While the
Commission adopted these requirements primarily to ``promote[ ] open
and vigorous competition'' among local exchange carriers, as
contemplated by the Telecommunications Act of 1996, network change
notifications have also yielded information on certain changes in 911
network architecture that affect interconnection with an ILEC. However,
an increasing number of covered 911 service providers are not ILECs and
are not required to file notifications when changes to their networks
may affect 911 connectivity.
We therefore propose to require notification to the Commission and
the public of major changes in any covered 911 service provider's
network architecture or scope of 911 services that are not otherwise
covered by existing network change notification requirements. Although
parties to individual contracts for 911 services may be aware of major
changes in network architecture or in the entities responsible for
various 911 functionalities, the public also has a vested interest in
understanding changes that may affect its access to 911. Transparency
will also promote cooperation and information-sharing among the
increasingly diverse range of entities across the 911 ecosystem. We
therefore believe that public disclosure of major changes in 911
service is a key step toward increasing accountability when such
changes are not initiated at the request of a PSAP or emergency
authority or implemented on an emergency basis to mitigate or recover
from the effects of an outage.
We seek comment on this proposal. Which 911 service providers
should be subject to notification requirements? Should OSPs, ILECs,
SSPs, and their sub-contractors each be responsible for reporting major
changes in their respective facilities and networks? Or should ILECs
and/or SSPs providing 911 services directly to PSAPs be responsible for
notification of major changes by their subcontractors and other
affiliated entities? We recognize that in many instances changes in 911
network architecture and the entities providing service occur at the
request of PSAPs and state or local emergency authorities that desire
new or different 911 capabilities. Should such changes be subject to
notification requirements, and if so, who should provide the
notification? Who should receive the notification? Should the
Commission collect and publish such notifications, as it does with
wireline network change notifications required under section 251 of the
Act and associated Commission rules? How could public safety
professional organizations such as NENA and APCO facilitate the
distribution of such information to affected PSAPs? To allow sufficient
time for public inspection without unnecessarily delaying beneficial
network changes, we propose to require notification at least 60 days
before major changes in 911 service take effect. We seek comment,
however, on whether a shorter--or longer--time period would strike a
more appropriate balance.
We also seek comment on what changes should be considered ``major''
for notification purposes. In general, we propose that changes with
impact on 911 service in more than a single state should be among the
changes considered major. We seek comment on this proposal. Would such
an approach lead industry to adopt incremental, state-by-state changes
that may not be as efficient? Should we establish thresholds based on
factors such as the geography or population affected by a change in the
provision of 911 service, regardless of whether their effect is limited
to a single state or extends to multiple states? Beyond geographic or
population criteria, are there other criteria that for changes in 911
service or network architecture that should trigger a notification
requirement? Would it be helpful for an advisory committee such as
CSRIC to develop recommendations regarding the types of 911 network
changes that should require public notification? Do any existing CSRIC
best practices or recommendations provide guidance?
2. Discontinuance or Impairment of Existing 911 Services Essential To
Call Completion
In addition to proposing public notification of major changes in
911 networks as described above, we believe that additional safeguards
are needed where such changes involve discontinuance, reduction or
impairment of existing 911 services that are essential to call
completion. As with network change notifications, the Commission
already has rules requiring common carriers and interconnected VoIP
providers to obtain authorization to ``discontinue, reduce, or impair
service to a community, or part of a community.'' Similarly, we believe
that incumbent 911 service providers that have historically taken
responsibility for reliable 911 call completion have undertaken a
public trust that cannot simply be relinquished at will. While
incumbents are entitled to make decisions about their businesses and
pursue new and different lines of service, they are not entitled to do
so in a manner that endangers the public or leaves stakeholders
uninformed with respect to the functioning of the combined network.
We therefore propose that covered 911 service providers that seek
to discontinue, reduce, or impair existing 911 service in a way that
does not trigger already existing authorization requirements should be
required to obtain Commission approval. We seek comment on this
proposal, and on ways the Commission might address the details of
implementation. Are these changes in 911 service of such critical
importance that Commission approval should be required before such
changes proceed? What processes do states and localities currently have
in place to evaluate requests to discontinue, reduce or impair existing
911 service, and how can the Commission support and encourage such
processes? Would reliance on states and localities to oversee
discontinuance, reduction, or impairment of existing 911 services
better serve the policy goals of transparency and accountability?
What actions by an incumbent provider short of a complete
discontinuance of 911 service would constitute a reduction or
impairment of service for purposes of this requirement? What criteria
should the Commission use to evaluate a service provider's request to
discontinue, reduce or impair existing 911 service? Which changes in
the scope of 911 services offered by an incumbent would be most likely
to affect reliable 911 call completion? Should the Commission adopt
other requirements specific to incumbent providers seeking to exit
lines of 911 service or to outsource elements of that service to third
parties? Do CSRIC best practices provide guidance on these questions,
and should CSRIC be charged with developing additional best practices
or
[[Page 3196]]
recommendations with respect to the discontinuance, reduction, or
impairment of existing 911 services?
To be clear, nothing in this NPRM would relieve any carrier or
interconnected VoIP provider of the requirement to seek permission to
discontinue, reduce, or impair service to the extent required by
section 214(a) of the Act and/or the Commission's implementing rules.
We do not, however, intend to create duplicative obligations for
entities that are already subject to section 214(a) and associated
authorization requirements. The process proposed here would apply only
when entities seeking to discontinue, reduce, or impair existing 911
service are not already required to obtain approval under other
existing Commission rules.
We also do not propose to require public notification or Commission
approval under these rules where the discontinuance or reduction of 911
service has been requested or initiated by the PSAP or the responsible
state or local emergency authority. We presume that PSAPs and emergency
authorities that initiate such changes have the ability to take
appropriate steps to safeguard 911 reliability in the affected
facilities without Commission intervention.
C. Ensuring Reliability and Accountability of New IP-Based 911
Capabilities and Services
Increased innovation and enhanced competition in the NG911
ecosystem hold the potential to enhance the functionality and utility
of 911 while providing PSAPs and emergency authorities with greater
choice over which services and products they purchase. At the same
time, the increasing diversity of entities offering or planning to
offer NG911 services increases the challenge of ensuring that all
providers of such services will be capable of meeting appropriate
standards of reliability and accountability. It is important that we
set clear and consistent expectations with respect to the level of
performance that providers of these services will be expected to
achieve. Clarifying these obligations is essential to remove
uncertainties and barriers to NG911 investment by state, local, and
tribal authorities and to maintain public confidence in 911 as the
transition to NG911 progresses.
Historically, states have overseen the entry of entities providing
911 service through such mechanisms as tariff conditions or issuance of
certificates of public convenience and necessity. However, as we have
noted above, covered 911 service providers increasingly are building
and operating regional and nationwide IP-based 911 networks that both
extend across state boundaries and serve PSAPs in multiple states,
using less well established technologies. Thus, while states continue
to have authority to regulate provision of 911 service within their
jurisdictions, these multi-state networks transcend the regulatory
authority of any individual state. Moreover, many states have elected
not to exercise jurisdiction over IP-based communications, a
determination that may operate to restrict their ability to ensure the
reliability of 911 service that depends on IP-based technology. We
therefore believe that a federal-level process is needed to ensure that
there are no regulatory gaps in oversight of providers of new 911
services. This process is not intended to supplant state action; to the
contrary, it would complement existing state oversight and could be
used to empower state-level action.
We propose to require covered 911 service providers that seek to
offer new services that affect 911 call completion to certify to the
Commission that they have the technical and operational capability to
provide reliable 911 service. In addition, to the extent that the new
services rely on IP-based networks, associated infrastructure such as
servers and data centers, and/or associated software applications, we
propose that covered 911 service providers certify that they have
conducted a reliability and security risk analysis of the network
components, infrastructure, and/or software that they will use to
support 911 call completion. This proposal would not require Commission
approval of new entrants or delay the introduction of innovative new
911 technologies. It would, however, require entities that seek to
provide new critical links in 911 call completion to publicly
acknowledge their responsibilities and certify their preparedness to
implement relevant best practices and comply with existing Commission
rules applicable to the 911 capabilities they provide. This requirement
would extend only to IP-based services that are necessary for
successful transmission of voice calls and other data to PSAPs. For
example, a smart phone ``app'' that provides the ability to originate
calls or text messages to 911 would be subject to certification
requirements, while an app that merely enhances or adds value to a
smart phone's existing 911 dialing capabilities would not.
To what extent do state laws, regulations, or common law tort
liability already provide adequate assurances of such qualifications,
and is there a need for uniform standards in this regard? Are there
quality-of-service requirements under state law that would cover 911-
related services, and if so, what entities do they cover? Is there
immunity under state law against liability for the provision of 911
related services, or communications services by common carriers or
others? If so, how does such immunity affect incentives among covered
service providers and others to ensure that 911 service is reliable? Do
the answers to these questions depend upon whether a service is IP-
based? How can the Commission facilitate efforts by states and
localities to oversee the effective and reliable deployment of new 911
capabilities?
If we adopt a certification requirement, which entities should be
subject to it, and how should we define the scope of new services that
would trigger the need for certification? What information should
applicants provide to support their certifications? Should applicants
be required to analyze network monitoring capabilities, support for
situational awareness, and the ability to share outage information with
other stakeholders? Should the certification address issues regarding
geographic diversity and redundancy in the network, probabilities of
equipment failing due to hardware, network, software and procedural
failures, as well as the ability to switch to backup systems? To what
extent should the risk analysis include cybersecurity and supply-chain
risk assessments? Is it sufficient for service providers to conduct
their own analysis or should we require analysis and certification by
an independent third party? Would it be helpful for an advisory
committee such as CSRIC to develop best practices and recommendations
that would serve as a basis for a certification of compliance with best
practices for new 911 capabilities and services? For example, should
CSRIC be charged with recommending guidelines for the reliability and
security risk analysis proposed above? Are there other parts of the
communication industry or other industries that have similar
certification processes? For example, could the PCI Data Security
Standard (PCI DSS) self-certification for entities receiving credit
card data provide guidance?
As noted above, we do not envision that the federal certification
process proposed here would preempt existing state processes for
certification of 911 service providers. We believe, however, that
states should have the option of adopting the federal certification
framework as the basis for state-level
[[Page 3197]]
governance. We further propose to allow states to enforce federal
certification requirements at the state level. We seek comment on this
approach. Is there any potential conflict between federal certification
for covered 911 service providers and similar state-level processes,
and if so, how could such conflicts be minimized? What processes do
states and localities currently use to oversee the entry of new 911
service providers, or entities that provide components of 911 service?
Do these forms of oversight apply to all entities currently offering
one or more components of 911 service, or only to incumbents or some
other class of entities? To the extent that states use tariff
conditions to regulate the provision of 911 service, what conditions
are typically required of new entrants? In states where 911 is not a
tariffed service, how do regulators and PSAPs ensure that all entities
offering 911 service are both technically capable and committed to
public safety?
We also do not propose that federal certification would extend to
the provision of new call processing services or CPE capabilities that
are provisioned by PSAPs themselves under the oversight of state and
local governments. Nevertheless, we seek comment on how the Commission
can work with state and local partners to ensure that the reliability
of PSAP call processing is also maximized. Are there best practices or
other measures that PSAPs can take to improve the diversity and
robustness of their inbound communications links and the reliability of
their CPE? What role should the Commission play with respect to the
multi-state deployment and maintenance of new CPE technologies? We note
that the Commission recently created a task force on PSAP optimization,
which we anticipate will also provide insight regarding PSAP
infrastructure, network architecture, and procedures, including call
processing.
D. Situational Awareness and Coordination Responsibility During 911
Outages
As demonstrated by recent outage trends, the increasing complexity
of IP-based 911 network architecture, combined with the increased
diversity of entities supporting 911 capabilities, creates potential
obstacles to establishing prompt situational awareness and initiating
recovery from major 911 outages. While current Commission rules address
outage reporting to the Commission and to affected PSAPs, the
experiences during large-scale 911 outages described above also
indicate a need for better coordination and information-sharing among
communications providers themselves and any subcontractors or vendors
that provide components of the nation's 911 networks. In such outages,
restoration of 911 service is likely to be significantly delayed when
it is unclear which part of the 911 system has failed and which
provider is responsible for repairs. A lack of coordination can also
lead to the unacceptable result of multiple entities being involved in
an outage but no single entity being able to provide timely and
comprehensive information about the outage to the PSAPs and public that
they serve.
To address these concerns, we believe that more needs to be done to
address gaps in situational awareness and coordination when large-scale
911 outages affect multiple jurisdictions and service providers. First,
effective information sharing is key when diagnosing and repairing
problems that may span multiple providers' networks or originate with
one provider but affect many others. Second, in the increasingly
diverse NG911 ecosystem, it will be more and more difficult for PSAPs
and 911 service providers to coordinate an effective and timely
response to outages without a central clearinghouse for obtaining and
disseminating critical information. Accordingly, we propose to clarify
responsibility for situational awareness and coordination among 911
service providers, sub-contractors, and other affiliated entries during
disruptions in 911 service. While it may not be technically or
economically feasible for a single entity to monitor, control, or
repair every segment of a 911 network from caller to PSAP, it would be
helpful for one covered 911 service provider in each jurisdiction to
perform a triage function to mitigate the duration and impact of
outages.
To establish a clearinghouse mechanism for critical information
during major 911 outages and other significant degradations in service,
we propose to establish a class of covered 911 service providers that
would assume primary responsibility for situational awareness and
information sharing. These entities--which we propose to call ``911
Network Operations Center (NOC) providers''--would be responsible for
monitoring their networks to detect disruptions or degradations in 911
service, and for affirmatively communicating relevant information, as
appropriate, to other stakeholders, including OSPs, SSPs, vendors,
PSAPs, state emergency management offices, and the Commission's
Operations Center. As a corollary to this proposal, 911 NOC providers
would be empowered to obtain relevant information concerning outages
from other covered 911 service providers, who in turn would be required
to provide information in response to the 911 NOC provider's requests.
911 NOC providers would then coordinate with other stakeholders to
collect and distribute information regarding the impact of outages on
all affected portions of the network from call origination to
completion.
We propose that the role of 911 NOC provider for each jurisdiction
should be assigned to the entity responsible for transport of 911
traffic to the PSAP or PSAPs serving that jurisdiction. In many cases,
we expect that this role would be assumed by the incumbent LEC,
because, as noted above, ILECs have historically provided transport of
911 traffic to PSAPs and have thereby occupied the best position to
maintain comprehensive situational awareness, even as SSPs and vendors
have come to provide component pieces of those networks. Nevertheless,
as 911 networks evolve, other entities may take on the 911 transport
responsibilities that ILECs have historically provided. For example, in
an NG911 environment, the 911 transport function may be performed by an
ESINet provider that receives 911 traffic from originating service
providers and directs the traffic to PSAPs served by the ESINet. In
such cases, we envision that the ESINet provider would assume the 911
NOC provider role. We seek comment on this approach. Should ILECs,
ESINet providers, and other entities responsible for 911 transport be
the 911 NOC providers bearing primary responsibility for maintaining
situational awareness, sharing information, and coordinating outage
recovery among other affected providers? Are there situations where
more than one entity can reasonably be described as being responsible
for aspects of transport of 911 traffic to the PSAP or PSAPs serving a
jurisdiction? In such situations, which entity would be best suited to
fill the 911 NOC provider role?
Under this framework, we anticipate the need for only one 911 NOC
provider in each jurisdiction; indeed, the 911 NOC provider's role as a
clearinghouse for situational awareness will be most effective with a
single point of contact for relevant information. We also emphasize
that the proposed responsibilities of 911 NOC providers during an
outage would be limited in scope. For instance, 911 NOC providers would
not be expected to have omniscient situational awareness of the status
of 911 network components
[[Page 3198]]
outside their control except to the extent they are empowered to obtain
such information from other parties or through their own network
monitoring processes. Instead, 911 NOC providers would serve as a hub
for the collection, aggregation, and communication of available
information among covered 911 service providers and other affected
stakeholders to mitigate the impact of outages and support rapid
restoration of service. In addition, while 911 NOC providers would be
tasked with obtaining and disseminating outage information, they would
not be legally responsible for adverse consequences resulting from
outages attributable to failures of network components outside their
control, or for remediating or repairing such failures.
We do not intend these proposals to supersede or replace existing
outage reporting requirements under part 4 of the Commission's rules.
Thus, we begin with the assumption that all parties covered by existing
part 4 requirements would continue to be required to report outages to
the Commission that meet the part 4 outage thresholds, and requirements
for certain service providers to notify PSAPs and other ``911 Special
Facilities'' of outages affecting 911 service would continue to apply
independently of any action taken in this proceeding. We note, however,
that the Commission has historically relied on mandatory outage
reporting to gather statistical information on trends in communications
reliability to assess the effectiveness of best practices and provide
policy guidance on efforts to increase network reliability. While
closely related, the need to share information and situational
awareness among service providers affected by an outage may pose
different challenges requiring different oversight mechanisms. We
therefore seek comment on the alternative proposal of whether certain
obligations currently in part 4 would be better assigned to 911 NOC
providers under the framework proposed above. For example, should
current responsibilities to notify PSAPs of outages affecting 911
service be incorporated into the information-sharing responsibilities
of the 911 NOC provider, rather than the outage-reporting
responsibilities of multiple service providers under current Sec. 4.9?
Should the Commission consider any other changes to part 4 in light of
the responsibilities of 911 NOC providers proposed here?
We also seek comment on processes and mechanisms that 911 NOC
providers and other covered 911 service providers could use to carry
out their situational awareness and coordination responsibilities
proposed here. As described above with respect to reliability
certification requirements, service providers may be able to detect
outages in real time by tracking the number of 911 calls that enter and
exit their networks, an increase in call failure rates, positioning
failure rates, or the number of calls that result in an ALI or LIS
query from the destination PSAP. Service providers should have alarms
configured to bring such discrepancies to the attention of appropriate
personnel. To what extent should 911 NOC providers and other covered
911 service providers be expected to share information in real time
about call counts and alarms using standardized network management
interfaces or other mechanisms? Should CSRIC be charged with developing
recommendations on these topics?
How can the Commission facilitate the real-time exchange of
information by leveraging technologies such as machine-readable data?
Should the Commission require 911 NOC providers or other covered 911
service providers to transmit high-level data on the status of their
networks to a centralized ``dashboard'' allowing users to quickly
identify disruptions in any portion of their 911 networks? Who should
be given access to such data, and how can the Commission ensure that
privacy and confidentiality are protected? Alternatively, should 911
NOC providers be required to maintain a Web page that provides key
information on the status of their 911 networks? What information
should be included, and should such Web pages be available to the
public, or only to PSAPs and other covered 911 service providers?
How can the Commission support and empower 911 NOC providers and
other covered 911 service providers to share information under the
framework proposed above? One model for improved situational awareness
that has been developed in the communications sector is the Information
Sharing and Analysis Center (ISAC), a public-private partnership
overseen by the U.S. Department of Homeland Security National
Coordinating Center for Communications (NCC). Could a similar model be
applied to the 911 ecosystem? Which entities should be eligible to
participate, and should certain entities, such as NOC providers, be
required to participate? Should the Commission facilitate improved
communication by maintaining a centralized database of contact
information for PSAPs and state emergency offices, which would allow
911 NOC providers and other covered 911 service providers to compile
and update distribution lists for outage notification and recovery?
Should the Commission serve as a hub for compilation and distribution
of any other information? What role could advisory committees such as
CSRIC play?
We also seek comment on issues that could affect the nature and
scope of a NOC provider's responsibility for information gathering and
dissemination. For example, should the scope of information that the
NOC provider is responsible for gathering and disseminating vary
depending on where in the call completion process a 911 outage has
occurred? If so, what should the 911 NOC provider's responsibility be?
To what extent should 911 NOC providers be responsible for addressing
cybersecurity risks in 911 networks and sharing information with other
stakeholders in the event of a cyber attack? What information should
other covered 911 service providers that experience the effects of an
outage be expected to communicate back to the 911 NOC provider?
Where a PSAP is served by more than one covered 911 service
provider (e.g., where a PSAP has a direct contractual relationship with
an ILEC that sub-contracts with an SSP or other affiliated entity for
911 capabilities), should the parties be required to designate specific
support roles? Beyond the proposal that primary 911 NOC support is best
provided by the 911 transport provider, should the Commission require
covered 911 service providers to designate a hierarchy of
responsibility for such support or encourage PSAPs and providers to
negotiate their own agreements? Or should such determinations be made
at the state or local level through tariff conditions or requests for
proposals for 911 service? What information should covered 911 service
providers that are not NOC providers be expected to share with each
other?
Are there legal or regulatory barriers that currently prevent or
discourage 911 service providers, as well as their sub-contractors and
other affiliated entities, from sharing information during a 911
outage? What are the specific laws, regulations, or contractual
provisions that would preclude such information-sharing, and how can
the Commission address those barriers in order to improve efficient,
privacy-protective information sharing and situational awareness? Are
there issues of legal liability for disclosing customer information
that should be addressed as part of the Commission's efforts in this
regard? Should the Commission extend liability protections already
afforded to
[[Page 3199]]
certain entities to additional participants in the 911 ecosystem?
E. Legal Authority
The Communications Act of 1934 established the FCC, in part, ``for
the purpose of promoting safety of life and property through the use of
wire and radio communication.'' Beyond that general mandate, Congress
has repeatedly and specifically endorsed a role for the Commission in
the nationwide implementation of advanced 911 capabilities. The
Wireless Communications and Public Safety Act of 1999 (911 Act)
directed the Commission to ``designate 911 as the universal emergency
telephone number within the United States for reporting an emergency to
appropriate authorities and requesting assistance.'' It also directed
the Commission to ``encourage and support efforts by States to deploy
comprehensive end-to-end emergency communications infrastructure and
programs, based on coordinated statewide plans, including seamless,
ubiquitous, reliable wireless telecommunications networks and enhanced
wireless 911 service.'' The New and Emerging Technologies 911
Improvement Act of 2008 (NET 911 Act) further affirmed the Commission's
authority to require interconnected VoIP providers to offer 911
service. The Twenty-First Century Communications and Video
Accessibility Act of 2010 (CVAA) also advanced the Commission's
implementation of technologies such as text-to-911 by granting
authority to promulgate ``regulations, technical standards, protocols,
and procedures . . . necessary to achieve reliable, interoperable
communication that ensures access by individuals with disabilities to
an Internet protocol-enabled emergency network, where achievable and
technically feasible.'' Together, and in light of the series of 911
outages described above extending across multiple jurisdictions, we
believe these provisions authorize--and indeed require--the Commission
to take a leadership role, in cooperative partnership with states and
localities, in promoting the continued availability and reliability of
911 services nationwide.
To the extent that 911 service providers are common carriers, the
Commission also has based 911 reliability requirements on section
201(b) of the Communications Act, which requires the ``practices'' of
common carriers to be ``just and reasonable,'' and on section 214(d),
which provides that a common carrier must ``provide itself with
adequate facilities for the expeditious and efficient performance of
its service as a common carrier.'' Where 911 service requirements
affect wireless carriers, the Commission also has relied on its Title
III authority to ``[p]rescribe the nature of the service to be
rendered,'' and more generally, ``to manage spectrum . . . in the
public interest.''
With respect to proposals to promote transparency and public
notification for changes in 911 service, we note that section 218 of
the Act authorizes the Commission to ``inquire into the management of
the business of all carriers,'' and to obtain from such carriers and
from persons directly or indirectly under their control ``full and
complete information necessary to enable the Commission to perform the
duties and carry out the objects for which it was created.'' Section
251(c)(5) of the Act also requires each incumbent local exchange
carrier to ``provide reasonable public notice of changes in the
information necessary for the transmission and routing of services,''
or ``other changes that would affect the interoperability of [its]
facilities and networks.'' Furthermore, Section 4(o) of the Act states
that ``[f]or the purpose of obtaining maximum effectiveness from the
use of radio and wire communications in connection with safety of life
and property,'' the Commission ``shall investigate and study all phases
of the problem and the best methods of obtaining the cooperation and
coordination of these systems.'' The Commission also has authority,
under the New and Emerging Technologies 911 Improvement Act of 2008, to
``compile . . . information concerning 9-1-1 and enhanced 9-1-1
elements, for the purpose of assisting IP-enabled voice service
providers in complying with this section.'' Thus, as part of a
cooperative governance structure for 911, the Commission is authorized
to gather and disseminate information from carriers and other
regulatees for the purpose of ensuring effective public safety
communications. We seek comment on the application of these provisions
to proposals in this NPRM.
As the Commission concluded in the 911 Reliability Order, ``[i]n
light of these express statutory responsibilities, regulation of
additional capabilities related to reliable 911 service, both today and
in an NG911 environment, would be well within Commission's . . .
statutory authority.'' That order also committed to review the rules
established therein, ``in light of our understanding about how NG911
networks may differ from legacy 911 service,'' and based on such
factors as ``outage reporting trends'' and ``adoption of NG911
capabilities on a nationwide basis.'' Accordingly, we believe that the
Commission would have ample legal authority to adopt any or all of the
proposals discussed above, consistent with our longstanding policy of
cooperation with state and local authorities. We seek comment on this
analysis. In particular, we seek comment from state and local
regulators and emergency authorities regarding the appropriate balance
of federal, state, and local authority in each of the proposals
described above.
To the extent that any of the proposals herein affect entities that
are not subject to specific statutory authority, we also believe that
their adoption would be that ``reasonably ancillary to the Commission's
effective performance of its statutorily mandated responsibilities.''
Whether or not the increasingly diverse range of entities providing 911
services are common carriers or Commission licensees, they nevertheless
have undertaken to provide a critical public safety communications
service that is within our general jurisdiction to ``promot[e] safety
of life and property through the use of wire and radio communication.''
In light of the record of recent events leading to significant
multistate 911 outages, we believe such proposals would be reasonably
ancillary to our fulfillment of the specific statutory mandates to
ensure reliable and resilient 911 service across different
technologies, as discussed above. We seek comment on this analysis and
any other sources of legal authority for the proposals in this Notice.
V. Procedural Matters
A. Ex Parte Presentations
The proceedings initiated by this Notice of Proposed Rulemaking
shall be treated as ``permit-but-disclose'' proceedings in accordance
with the Commission's ex parte rules. Persons making ex parte
presentations must file a copy of any written presentation or a
memorandum summarizing any oral presentation within two business days
after the presentation (unless a different deadline applicable to the
Sunshine period applies). Persons making oral ex parte presentations
are reminded that memoranda summarizing the presentation must: (1) List
all persons attending or otherwise participating in the meeting at
which the ex parte presentation was made; and (2) summarize all data
presented and arguments made during the presentation. If the
presentation consisted in whole or in part of the
[[Page 3200]]
presentation of data or arguments already reflected in the presenter's
written comments, memoranda, or other filings in the proceeding, the
presenter may provide citations to such data or arguments in his or her
prior comments, memoranda, or other filings (specifying the relevant
page and/or paragraph numbers where such data or arguments can be
found) in lieu of summarizing them in the memorandum. Documents shown
or given to Commission staff during ex parte meetings are deemed to be
written ex parte presentations and must be filed consistent with Sec.
1.1206(b). In proceedings governed by Sec. 1.49(f) or for which the
Commission has made available a method of electronic filing, written ex
parte presentations and memoranda summarizing oral ex parte
presentations, and all attachments thereto, must be filed through the
electronic comment filing system available for that proceeding, and
must be filed in their native format (e.g., .doc, .xml, .ppt,
searchable .pdf). Participants in this proceeding should familiarize
themselves with the Commission's ex parte rules.
B. Comment Filing Procedures
Pursuant to sections 1.415 and 1.419 of the Commission's rules, 47
CFR 1.415, 1.419, interested parties may file comments and reply
comments in response to this Notice of Proposed Rulemaking on or before
the dates indicated on the first page of this document. Comments may be
filed using the Commission's Electronic Comment Filing System (ECFS).
See Electronic Filing of Documents in Rulemaking Proceedings, 63 FR
24121 (1998).
Electronic Filers: Comments may be filed electronically
using the Internet by accessing the ECFS: http://fjallfoss.fcc.gov/ecfs2/.
Paper Filers: Parties that choose to file by paper must
file an original and one copy of each filing. If more than one docket
or rulemaking number appears in the caption of this proceeding, filers
must submit two additional copies for each additional docket or
rulemaking number.
Filings can be sent by hand or messenger delivery, by
commercial overnight courier, or by first-class or overnight U.S.
Postal Service mail. All filings must be addressed to the Commission's
Secretary, Office of the Secretary, Federal Communications Commission.
All hand-delivered or messenger-delivered paper filings
for the Commission's Secretary must be delivered to FCC Headquarters at
445 12th St. SW., Room TW-A325, Washington, DC 20554. The filing hours
are 8:00 a.m. to 7:00 p.m. All hand deliveries must be held together
with rubber bands or fasteners. Any envelopes and boxes must be
disposed of before entering the building.
Commercial overnight mail (other than U.S. Postal Service
Express Mail and Priority Mail) must be sent to 9300 East Hampton
Drive, Capitol Heights, MD 20743.
U.S. Postal Service first-class, Express, and Priority
mail must be addressed to 445 12th Street SW., Washington, DC 20554.
C. Accessible Formats
To request materials in accessible formats for people with
disabilities (braille, large print, electronic files, audio format),
send an email to [email protected] or call the Consumer & Governmental
Affairs Bureau at 202-418-0530 (voice), 202-418-0432 (TTY).
D. Regulatory Flexibility Act
As required by the Regulatory Flexibility Act of 1980, see 5 U.S.C.
604, the Commission has prepared an Initial Regulatory Flexibility
Analysis (IRFA) of the possible significant economic impact on small
entities of the policies and rules addressed in this document. Written
public comments are requested in the IRFA. These comments must be filed
in accordance with the same filing deadlines as comments filed in
response to this Notice of Proposed Rulemaking as set forth on the
first page of this document, and have a separate and distinct heading
designating them as responses to the IRFA.
E. Paperwork Reduction Act
This Notice of Proposed Rulemaking contains proposed new
information collection requirements. The Commission, as part of its
continuing effort to reduce paperwork burdens, invites the general
public and OMB to comment on the information collection requirements
contained in this document, as required by PRA. In addition, pursuant
to the Small Business Paperwork Relief Act of 2002, we seek specific
comment on how we might ``further reduce the information collection
burden for small business concerns with fewer than 25 employees.''
VI. Ordering Clauses
Accordingly, it is ordered, pursuant to sections 151, 154(i),
154(j), 154(o), 155(c), 201(b), 214(d), 218, 219, 251(e), 301, 303(b),
303(g), 303(j), 303(r), 332, 403, 615, 615a, 615c, 621(b)(3), and
621(d) of the Communications Act of 1934, as amended, 47 U.S.C. 151,
154(i), 154(j), 154(o), 155(c), 201(b), 214(d), 218, 219, 251(e), 301,
303(b), 303(g), 303(j), 303(r), 332, 403, 615, 615a, 615c, 621(b)(3),
and 621(d), that this Policy Statement and Notice of Proposed
Rulemaking in PS Docket Nos. 14-193 and 13-75 is adopted.
It is further ordered that the Commission's Consumer and
Governmental Affairs Bureau, Reference Information Center, shall send a
copy of this Policy Statement and Notice of Proposed Rulemaking,
including the Initial Regulatory Flexibility Analysis, to the Chief
Counsel for Advocacy of the Small Business Administration.
VII. Initial Regulatory Flexibility Analysis
As required by the Regulatory Flexibility Act of 1980, as amended
(RFA), the Commission has prepared this Initial Regulatory Flexibility
Analysis (IRFA) of the possible significant economic impact of the
proposals described in the attached Policy Statement and Notice of
Proposed Rulemaking (NPRM) on small entities. Written public comments
are requested on this IRFA. Comments must be identified as responses to
the IRFA and must be filed by the deadlines for comments in the Notice.
The Commission will send a copy of the Notice, including this IRFA, to
the Chief Counsel for Advocacy of the Small Business Administration
(SBA). In addition, the NPRM and IRFA (or summaries thereof) will be
published in the Federal Register.
A. Need for, and Objectives of, the Proposed Rules
The NPRM seeks comment on governance mechanisms to promote reliable
911 call completion nationwide and improve situational awareness and
information sharing among 911 service providers. Specifically, it
proposes to: (1) Amend the Commission's 911 reliability certification
rules to cover additional entities and network reliability practices
that are vital to call completion; (2) require public notification for
major changes in multi-state 911 networks and services, and Commission
approval for discontinuance of existing 911 services; (3) require
entities seeking to provide new 911 capabilities to certify as to their
technical and operational capability to provide reliable service; and
(4) designate certain 911 service providers to be primarily responsible
for situational awareness and coordination with other service providers
in the event of a 911 outage.
[[Page 3201]]
The NPRM also affirms core principles guiding the Commission's
approach to 911 governance and proposes mechanisms for the Commission,
in cooperation with state and local partners, to ensure that the
nation's 911 governance structure keeps pace with evolving technology
so that all entities providing 911 service capabilities remain
accountable for reliable 911 call completion and accurate situational
awareness. As discussed in the NPRM, recent outage trends have revealed
new reliability challenges due to geographic consolidation of network
infrastructure and an increasing reliance on software-based network
components to process and route 911 calls on a regional or national
scale. Furthermore, an increasing number of 911 service providers
subcontract with third party vendors for call-routing and other
technical capabilities that are essential to call completion. As a
result, 911 call centers potentially face real-time communication
problems in trying to mitigate 911 service problems with 911 service
providers and subcontractors. The Commission has a responsibility to
promote reliable emergency communications and prevent avoidable
failures.
The NPRM builds upon the 911 Reliability Order adopted by the
Commission in 2013 following the 2012 derecho storm, and sets forth
principals to guide the Commission's 911 governance efforts in light of
technology transitions and changing outage trends. In particular, the
Policy Statement affirms the Commission's policy of working with state
and local partners to ensure reliable 911 call completion as technology
transitions consolidate network infrastructure and change the way 911
services are delivered to PSAPs in multiple states. Further, the
Commission stresses that service provider changes to 911 services must
be transparent and coordinated with the Commission and the appropriate
state and local authorities.
B. Legal Basis
The legal basis for any action that may be taken pursuant to this
Notice of Proposed Rulemaking is contained in sections 1, 4(i), 4(j),
4(o), 5(c), 201(b), 214(d), 218, 219, 251(e), 301, 303(g), 303(j),
303(r), 332, 403, 615, 615a, 615c, 621(b)(3), and 621(d) of the
Communications Act of 1934, 47 U.S.C. 151, 154(i), 154(j), 154(o),
155(c), 201(b), 214(d), 218, 219, 251(e), 301, 303(b), 303(g), 303(j),
303(r), 332, 403, 615, 615a, 615c, 621(b)(3), and 621(d).
C. Description and Estimate of the Number of Small Entities to Which
the Proposed Rules Would Apply
The RFA directs agencies to provide a description of and, where
feasible, an estimate of the number of small entities that may be
affected by the proposed rules. The RFA generally defines the term
``small entity'' as having the same meaning as the terms ``small
business,'' ``small organization,'' and ``small governmental
jurisdiction.'' In addition, the term ``small business'' has the same
meaning as the term ``small business concern'' under the Small Business
Act. A small business concern is one which: (1) Is independently owned
and operated; (2) is not dominant in its field of operation; and (3)
satisfies any additional criteria established by the Small Business
Administration (SBA).
1. Small Businesses, Small Organizations, and Small Governmental
Jurisdictions
Our action may, over time, affect small entities that are not
easily categorized at present. We therefore describe here, at the
outset, three comprehensive, statutory small entity size standards.
First, nationwide, there are a total of approximately 27.5 million
small businesses, according to the SBA. In addition, a ``small
organization'' is generally ``any not-for-profit enterprise which is
independently owned and operated and is not dominant in its field.''
Nationwide, as of 2007, there were approximately 1,621,315 small
organizations. Finally, the term ``small governmental jurisdiction'' is
defined generally as ``governments of cities, towns, townships,
villages, school districts, or special districts, with a population of
less than fifty thousand.'' Census Bureau data for 2011 indicate that
there were 89,476 local governmental jurisdictions in the United
States. We estimate that, of this total, as many as 88,506 entities may
qualify as ``small governmental jurisdictions.'' Thus, we estimate that
most governmental jurisdictions are small.
The NPRM seeks comment on the class of entities to which the
proposals would apply. In the Derecho Report and the 911 Reliability
Order the Commission defined ``covered 911 service providers,'' as
those that provide specified 911 capabilities, or the functional
equivalent, ``directly to a PSAP.'' The NPRM asks whether the
Commission should expand the ``covered 911 service providers''
definition to also include all entities that provide 911, E911, or
NG911 capabilities, such as call routing, automatic location
information (ALI), automatic number identification (ANI), location
information servers (LIS), text-to-911, or the functional equivalent of
those capabilities, regardless of whether they provide such
capabilities under a direct contractual relationship with a PSAP or
emergency authority. Depending on how 911 calls are routed and
processed in different network architectures, the proposed definition
could apply to originating service providers (OSPs) such as wireless
carriers and interconnected VoIP providers, incumbent local exchange
carriers (ILECs), 911 system service providers (SSPs) that provide 911
services such as call routing and location information to PSAPs, and
vendors and subcontractors of such entities to the extent that they
provide covered 911 capabilities.
The NPRM seeks comment on which 911 service providers should be
subject to additional 911 network change notification requirements,
including publicly reporting major changes in their respective
facilities and networks that affect PSAPs in multiple states. To the
extent that changes in 911 service amount to a discontinuance,
reduction, or impairment of existing services, the NPRM proposes to
require Commission approval to the extent that authorization is not
already required under section 214 of the Communications Act. The NPRM
also seeks comment on whether to require 911 entities that propose to
offer new services that affect 911 call completion to certify with the
Commission baseline assurances of their technical and operational
qualifications to provide reliable 911 service, as well as comment on
which 911 entities should be subject to this certification.
To facilitate situational awareness and coordination, the NPRM
seeks comment on the establishment of a class ``911 Network Operations
Center (911 NOC) providers,'' which would assume primary responsibility
for situational awareness and information sharing during disruptions in
911 service. The NPRM proposes that the 911 NOC provide role for each
jurisdiction should be assigned to the entity responsible for transport
of 911 traffic to the PSAP or PSAPs serving that jurisdiction--
typically the local ILEC in legacy network architectures. However, as
we transition into IP-based NG911 networks, other entities such as SSPs
and emergency services Internet Protocol network (ESINet) providers may
receive 911 traffic from an OSP and then direct traffic to the PSAP.
The NPRM seeks comment on whether ILECs, ESINet providers or other 911
[[Page 3202]]
call transport entities should be the 911 NOC providers under this
proposal.
2. Communications Service Entities
Incumbent Local Exchange Carriers (Incumbent LECs). Neither the
Commission nor the SBA has developed a small business size standard
specifically for incumbent local exchange services. The appropriate
size standard under SBA rules is for the category Wired
Telecommunications Carriers. Under that size standard, such a business
is small if it has 1,500 or fewer employees. Census Bureau data for
2007, which now supersede data from the 2002 Census, show that there
were 3,188 firms in this category that operated for the entire year. Of
this total, 3,144 had employment of 999 or fewer, and 44 firms had had
employment of 1,000 or more. According to Commission data, 1,307
carriers reported that they were incumbent local exchange service
providers. Of these 1,307 carriers, an estimated 1,006 have 1,500 or
fewer employees and 301 have more than 1,500 employees. Consequently,
the Commission estimates that most providers of local exchange service
are small entities that may be affected by the rules and policies
proposed in the NPRM. Thus under this category and the associated small
business size standard, the majority of these incumbent local exchange
service providers can be considered small.
Competitive Local Exchange Carriers (Competitive LECs), Competitive
Access Providers (CAPs), Shared-Tenant Service Providers, and Other
Local Service Providers. Neither the Commission nor the SBA has
developed a small business size standard specifically for these service
providers. The appropriate size standard under SBA rules is for the
category Wired Telecommunications Carriers. Under that size standard,
such a business is small if it has 1,500 or fewer employees. Census
Bureau data for 2007, which now supersede data from the 2002 Census,
show that there were 3,188 firms in this category that operated for the
entire year. Of this total, 3,144 had employment of 999 or fewer, and
44 firms had had employment of 1,000 employees or more. Thus under this
category and the associated small business size standard, the majority
of these Competitive LECs, CAPs, Shared-Tenant Service Providers, and
Other Local Service Providers can be considered small entities.
According to Commission data, 1,442 carriers reported that they were
engaged in the provision of either competitive local exchange services
or competitive access provider services. Of these 1,442 carriers, an
estimated 1,256 have 1,500 or fewer employees and 186 have more than
1,500 employees. In addition, 17 carriers have reported that they are
Shared-Tenant Service Providers, and all 17 are estimated to have 1,500
or fewer employees. In addition, 72 carriers have reported that they
are Other Local Service Providers. Of the 72, seventy have 1,500 or
fewer employees and two have more than 1,500 employees. Consequently,
the Commission estimates that most providers of competitive local
exchange service, competitive access providers, Shared-Tenant Service
Providers, and Other Local Service Providers are small entities that
may be affected by rules proposed in the NPRM.
Wireless Telecommunications Carriers (except satellite). This
industry comprises establishments engaged in operating and maintaining
switching and transmission facilities to provide communications via the
airwaves. Establishments in this industry have spectrum licenses and
provide services using that spectrum, such as cellular phone services,
paging services, wireless Internet access, and wireless video services.
The appropriate size standard under SBA rules is for the category
Wireless Telecommunications Carriers. The size standard for that
category is that a business is small if it has 1,500 or fewer
employees. For this category, census data for 2007 show that there were
11,163 establishments that operated for the entire year. Of this total,
10,791 establishments had employment of 999 or fewer employees and 372
had employment of 1,000 employees or more. Thus under this category and
the associated small business size standard, the Commission estimates
that the majority of wireless telecommunications carriers (except
satellite) are small entities that may be affected by rules proposed in
the NPRM.
Wireless Service Providers. The SBA has developed a small business
size standard for wireless firms within the two broad economic census
categories of ``Paging'' and ``Cellular and Other Wireless
Telecommunications.'' Under both categories, the SBA deems a wireless
business to be small if it has 1,500 or fewer employees. For the census
category of Paging, Census Bureau data for 2002 show that there were
807 firms in this category that operated for the entire year. Of this
total, 804 firms had employment of 999 or fewer employees, and three
firms had employment of 1,000 employees or more. Thus, under this
category and associated small business size standard, the majority of
firms can be considered small. For the census category of Cellular and
Other Wireless Telecommunications, Census Bureau data for 2002 show
that there were 1,397 firms in this category that operated for the
entire year. Of this total, 1,378 firms had employment of 999 or fewer
employees, and 19 firms had employment of 1,000 employees or more.
Thus, under this second category and size standard, the majority of
firms can, again, be considered small.
All Other Telecommunications Providers. To the extent that entities
such as SSPs and interconnected VoIP providers are subject to proposals
in the NPRM but are not ``Wired Telecommunication Carriers,''
``Wireless Telecommunication Carriers,'' or ``Cellular and Other
Wireless Telecommunications'' under the categories listed above, the
closest U.S. Census category appears to be ``All Other
Telecommunications.'' All Other Telecommunications is defined as
follows: ``This U.S. industry comprises establishments primarily
engaged in providing specialized telecommunications services, such as .
. . Internet services or voice over Internet protocol (VoIP) services
via client-supplied telecommunications connections.'' In analyzing
whether a substantial number of small entities would be affected by the
requirements proposed in the NPRM, the Commission notes that the SBA
has developed a small business size standard for All Other
Telecommunications, which consists of all such firms with gross annual
receipts of $30 million or less. For this category, census data for
2007 show that there were 2,639 establishments that operated for the
entire year. Of those establishments, a total of 1,912 had gross annual
receipts between $100,000 and $1 million; 487 had gross annual receipts
between $1 million and $25 million; and 240 had gross annual receipts
over $25 million. Thus, a majority of All Other Telecommunications
firms potentially affected by the proposals in the NPRM can be
considered small.
D. Description of Projected Reporting, Recordkeeping, and Other
Compliance Requirements for Small Entities
As noted above, the NPRM proposes to (1) amend the Commission's 911
reliability certification rules to cover additional entities and
network reliability practices that are vital to call completion; (2)
require public notification for major changes in multi-state 911
networks and services, and Commission approval for discontinuance of
existing 911 services; (3) require entities seeking to provide
[[Page 3203]]
new 911 capabilities to certify as to their technical and operational
capability to provide reliable service; and (4) designate certain 911
service providers to be primarily responsible for situational awareness
and coordination with other service providers in the event of a 911
outage.
The NPRM proposes that a covered 911 service provider take
reasonable measures to provide reliable service and complete an annual
certification indicating whether it has implemented specified best
practices or reasonable alternative measures. Covered 911 service
providers' ``reasonable measures'' obligation would include --but would
not be limited to--existing areas of circuit diversity, central-office
backup power, and diverse network monitoring. Further, covered 911
service providers' certifications to the Commission would indicate
whether IP-based 911 architecture is geographically distributed, load-
balanced, and capable of automatic reroutes to backup equipment in the
event of a hardware, network, software or database failure. The
networking monitoring section of the certification would also include
current requirements for physical diversity of monitoring facilities,
but also the proper prioritization of critical network alarms. Further,
the NPRM proposes that 911 entities have a duty to take reasonable
measures to communicate with other 911 entities during disruptions in
911 service. Providers would be required to certify whether they have
an outage notification process is in place to notify PSAPs of
disruptions in 911 service within time frames specified in part 4 of
the Commission rules.
These proposals build upon the existing 911 reliability
certification process for covered 911 service providers that the
Commission established in 2013. Under this process, a corporate officer
with supervisory and budgetary authority over network operations in all
relevant service areas must file an annual attestation with the
Commission describing the entity's implementation of specified best
practices, or if it is not feasible to implement those best practices,
a description of reasonable alternative measures designed to mitigate
the risk of failure. The option of certifying alternative measures is
designed to provide flexibility to small entities operating in diverse
service areas, which may have unique ways of addressing network
reliability challenges. Because many covered 911 service providers have
indicated they already conduct activities that form the basis for this
certification in the normal course of business, the Commission expects
the additional burden of filing certifications to be minimal.
Certifications will be submitted through a simple online form, which is
designed to allow small entities to input certification information and
upload an attestation from a corporate officer without the need for any
specialized personnel. In some cases, however, covered 911 service
providers may choose to hire consultants or engineers to conduct
technical aspects of the certification, or an attorney to review
certification information for compliance with applicable rules.
However, the Commission expects that most covered 911 service
providers, including small entities, will be able to complete and
submit the annual certification using only in-house personnel.
The NPRM proposes to require notification to the Commission and the
public of major changes in any 911 service provider's network
architecture or scope of 911 services that are not otherwise covered by
existing network change notification requirements. The NPRM seeks
comment on the specific changes that would be subject to notification
requirements but proposes generally that changes affecting 911 service
to PSAPs in multiple states would be considered ``major'' and subject
to public notification. The proposed notifications would be filed with
the Commission in a process similar to the existing network change
notifications required from incumbent LECs under section 251 of the
Communications Act. These are typically relatively short filings
describing the nature of the planned changes and location(s) affected.
Some companies may wish to have an attorney review such notifications
for compliance purposes, but the proposal does not require such a
review.
For incumbent 911 service providers that seek to discontinue,
reduce or impair existing 911 service in a way that does not trigger
already existing authorization requirements under section 214 of the
Communications Act, the NPRM proposes to require prior Commission
approval. The NPRM seeks comment on which actions by an incumbent 911
service provider would be considered a discontinuance, reduction or
impairment of service. However, this proposal would not include changes
requested by a PSAP or the responsible state or local emergency
authority that might otherwise constitute a discontinuance, reduction
or impairment of service. Commission approval under this proposal would
require the applicant to file a request to discontinue, reduce, or
impair 911 services stating the nature of the changes, the location(s)
affected, and the anticipated date of the changes. If the Commission
does not act on such a request within 60 days, the request will be
deemed approved. As noted above, certain applicants may wish to hire
engineers, consultants, or attorneys to review applications for
discontinuance or technical portions thereof, but there is no such
requirement in the proposed rule.
The NPRM also proposes to require covered 911 service providers
that seek to offer new services that affect 911 call completion to
certify to the Commission that they have the technical and operational
capability to provide reliable 911 service. To the extent that the new
services rely on IP-based networks, associated infrastructure such as
servers and data centers, and/or associated software applications, the
NPRM proposes that covered 911 service providers certify that they have
conducted a reliability and security risk analysis of the network
components, infrastructure, and/or software that they will use to
support 911 call completion. This proposal would not require Commission
approval of new entrants or delay the introduction of new 911
technologies. It would, however, require entities that seek to provide
new critical links in 911 call completion to publicly acknowledge their
responsibilities and certify their preparedness to implement relevant
best practices and comply with existing Commission rules applicable to
the 911 capabilities they provide. The Commission does not anticipate
the need for any specialized personnel to provide such a certification.
To improve situational awareness during 911 outages, the NPRM
proposes to establish a class of ``911 Network Operations Center (911
NOC) providers,'' which would assume primary responsibility for
monitoring their networks to detect disruptions or degradations in 911
service, and for affirmatively communicating relevant information, as
appropriate, to other affected 911 entities, including OSPs, SSPs,
vendors, PSAPs, state emergency management offices, and the
Commission's Operations Center. The role of the 911 NOC provider would
be assigned to the entity responsible for transport of 911 traffic to
the PSAP(s) in each jurisdiction. 911 NOC providers would receive
information from, and coordinate with other covered 911 service
providers to collect and distribute information regarding the impact of
outages on all affected portions of the network from call origination
to completion. The NPRM seeks comment on other responsibilities
[[Page 3204]]
of the 911 NOC provider, as well as the responsibilities of other
covered 911 service providers to share information with the 911 NOC
provider. The Commission anticipates that most or all of these
information-sharing activities would be performed by in-house personnel
who already are employed to monitor and maintain covered 911 service
providers' networks. In any event, the NPRM proposes that 911 NOC
providers would not be legally responsible for outages attributable to
failures of network components outside their control, or for
remediating or repairing such failures.
E. Steps Taken To Minimize Significant Economic Impact on Small
Entities, and Significant Alternatives Considered
The RFA requires an agency to describe any significant,
specifically small business alternatives that it has considered in
reaching its proposed approach, which may include the following four
alternatives (among others): ``(1) The establishment of differing
compliance or reporting requirements or timetables that take into
account the resources available to small entities; (2) the
clarification, consolidation, or simplification of compliance or
reporting requirements under the rule for small entities; (3) the use
of performance, rather than design, standards; and (4) and exemption
from coverage of the rule, or any part thereof, for small entities.''
The NPRM seeks to update and enhance the Commission's current 911
reliability certification rules, which complement its general approach
of encouraging communications providers to voluntarily implement best
practices and measuring compliance through certification requirements
and outage reporting. Thus, small entities with limited resources would
continue to enjoy many of the benefits of the current regime, including
a general focus on network performance and reliability rather than
specific design requirements. The option to certify reasonable
alternative measures in lieu of specified certification requirements
also provides flexibility to small entities, and the online system for
submission of certification information is designed for ease of use by
all communications providers without the need for specialized
personnel. Public notifications and certifications proposed in the NPRM
would follow similar submission processes and would not mandate any
specific standards for 911 network architecture. The Commission has
traditionally considered this approach a more flexible and less costly
alternative to more comprehensive regulation, and the NPRM would
preserve those advantages in large part.
Furthermore, the proposals in the NPRM apply primarily to service
providers that offer 911 services on a multi-state scale to PSAPs in
multiple jurisdictions. For example, IP-based 911 call routing
capabilities are typically concentrated in a small number of servers
and databases that may serve PSAPs across the country. Our proposals
with respect to public notification and Commission approval of major
changes in 911 service or discontinuance of 911 service also would
apply only to providers serving PSAPs in multiple states. Thus, while
there is no explicit exemption proposed for small entities, many of the
rules by their nature will tend to apply only to larger communications
providers that operate major, multi-state 911 networks.
To the extent that the NPRM would impose new obligations on small
entities, we seek comment on alternatives including (1) the
establishment of differing compliance or reporting requirements or
timetables that take into account the resources available to small
entities; (2) the clarification, consolidation, or simplification of
compliance or reporting requirements under the rule for small entities;
(3) the use of performance, rather than design, standards; and (4) an
exemption from coverage of the rule, or any part thereof, for small
entities. Which of the proposed approaches do small entities find
particularly difficult or costly to comply with, and how could those
difficulties be addressed through modifications or exemptions? What
would be the effect on public safety of exemptions from 911 service
requirements, regardless of cost?
F. Federal Rules That May Duplicate, Overlap, or Conflict With the
Proposed Rules
None.
List of Subjects in 47 CFR Part 12
Resiliency, redundancy and reliability of communications.
Federal Communications Commission.
Marlene H. Dortch,
Secretary.
Proposed Rules
For the reasons discussed in the preamble, the Federal
Communications Commission proposes to amend 47 CFR part 12 as follows:
PART 12--RESILIENCY, REDUNDANCY, AND RELIABILITY OF COMMUNICATIONS
0
1. Revise the authority for part 12 to read as follows:
Authority: 47 U.S.C. 151, 154(i), 154(j), 154(o), 155(c),
201(b), 214(d), 218, 219, 251(e), 301, 303(b), 303(g), 303(j),
303(r), 332, 403, 615, 615a, 615c, 621(b)(3), and 621(d).
0
2. In Sec. 12.4 revise paragraph (a)(4); add paragraphs (a)(12)
through (14); revise paragraphs (b) and (c)(3); and add paragraphs
(c)(4) and (5) to read as follows:
Sec. 12.4 Reliability of covered 911 service providers
(a) * * *
(4) Covered 911 service provider.
(i) Any entity that:
(A) Provides call routing, automatic location information (ALI),
automatic number identification (ANI), location information services
(LIS), text-to-911, or any other capability required for delivery of
911, E911, or NG911, or the functional equivalent of any of those
capabilities, to a public safety answering point (PSAP), statewide
default answering point, or appropriate local emergency authority as
such entities are defined in Sec. 64.3000(b) of this chapter, whether
directly or indirectly as a contractor or agent to any other entity;
and/or
(B) Operates a central office that directly serves a public safety
answering point (PSAP), statewide default answering point, or
appropriate local emergency authority as such entities are defined in
Sec. 64.3000(b) of this chapter. For purposes of this section, a
central office directly serves a PSAP, statewide default answering
point, or appropriate local emergency authority if it hosts a selective
router or the functional equivalent, hosts an ALI/ANI database or the
functional equivalent, or is the last service-provider facility through
which a 911 trunk or administrative line passes before connecting to a
PSAP, statewide default answering point, or appropriate local emergency
authority.
(ii) The term ``covered 911 service provider'' shall not include:
(A) PSAPs or governmental authorities to the extent that they
provide 911, E911, or NG911 capabilities; or
(B) Communications providers that solely originate voice calls or
text messages to 911 but do not provide any of the capabilities or
services described in paragraph (a)(4)(i) of this section.
* * * * *
(12) Geographically distributed. For purposes of this section, 911
network
[[Page 3205]]
architecture is geographically distributed if all calls on the 911
network can be routed through more than one database or call processing
facility in more than one geographic location.
(13) Load balanced. For purposes of this section, 911 network
architecture is load balanced if call volume is dynamically distributed
among multiple active databases or call processing facilities rather
than concentrated in one active location.
(14) Situational awareness. For purposes of this section,
situational awareness means the ability to detect disruptions or
degradations in 911 service, to assess the scope and impact of such
disruptions or degradations in 911 service, and to share information as
appropriate to mitigate and resolve such impacts.
(b) Provision of reliable 911 service. All covered 911 service
providers shall take reasonable measures to provide reliable 911
service. Performance of the elements of the Certification set forth in
paragraphs (c)(1)(i), (c)(2)(i), (c)(3)(i), (c)(4)(i), and (c)(5)(i) of
this section shall be deemed to satisfy the requirements of this
paragraph (b). If a covered 911 service provider cannot certify that it
has performed a given element, the Commission may determine that such
provider nevertheless satisfies the requirements of this paragraph (b)
based upon a showing in accordance with paragraph (c) of this section
that it is taking alternative measures with respect to that element
that are reasonably sufficient to mitigate the risk of failure, or that
one or more certification elements are not applicable to its network.
(c) * * *
(3) Network monitoring.
(i) A covered 911 service provider shall certify whether it has,
within the past year:
(A) Conducted Diversity Audits of the Aggregation Points that it
uses to gather network monitoring data in each 911 Service Area;
(B) Conducted Diversity Audits of Monitoring Links between
Aggregation Points and NOCs for each 911 Service Area in which it
operates;
(C) Implemented Physically Diverse Aggregation Points for network
monitoring data in each 911 Service Area and Physically Diverse
Monitoring Links from such aggregation points to at least one NOC; and
(D) Established appropriate alarms for network failures that would
be reasonably likely to result in a disruption of 911 service within a
911 Service Area, and procedures designed to ensure that such alarms
quickly bring such network failures to the attention of appropriate
personnel.
(ii) If a covered 911 service provider has not implemented all of
the elements in paragraph (c)(3)(i) of this section, it must certify
with respect to each such 911 Service Area:
(A) Whether it has taken alternative measures to mitigate the
relevant risk, or is taking steps to remediate any vulnerabilities that
it has identified with respect thereto, in which case it shall provide
a brief explanation of such alternative measures or such remediation
steps, the date by which it anticipates such remediation will be
completed, and why it believes those measures are reasonably sufficient
to mitigate such risk; or
(B) Whether it believes that one or more of the requirements of
this subsection are not applicable to its network, in which case it
shall provide a brief explanation of why it believes any such
requirement does not apply.
(4) Database and software configuration and testing.
(i) A covered 911 service provider shall certify whether it has,
within the past year:
(A) Implemented reasonable measures to ensure that any Internet
Protocol (IP)-based architecture used to provide 911, E911, or NG911
capabilities defined in paragraph (a)(4)(i) of this section is
geographically distributed, load balanced, and capable of automatic
reroutes in the event of a software or database failure.
(B) Implemented reasonable measures to ensure that any software or
database used by the covered 911 service provider to provide 911, E911,
or NG911 capabilities such as call routing, automatic location
information (ALI), automatic number identification (ANI), location
information services (LIS), text-to-911, or the functional equivalent
of those capabilities, is designed, configured, and tested to ensure
reliable operation.
(C) Implemented reasonable measures to maintain continuity of 911
service during planned maintenance and/or updates to any software or
database used to provide 911, E911, or NG911 capabilities.
(ii) If a covered 911 service provider has not implemented all of
the elements in paragraph (c)(4)(i) of this section, it must certify:
(A) Whether it has taken alternative measures to mitigate the risk
of a hardware, network, software, database, or other failure or is
taking steps to remediate any issues that it has identified with
respect thereto, in which case it shall provide a brief explanation of
such alternative measures or such remediation steps, the date by which
it anticipates such remediation will be completed, and why it believes
those measures are reasonably sufficient to mitigate such risk; or
(B) Whether it believes that one or more of the requirements of
this subsection are not applicable to its network, in which case it
shall provide a brief explanation of why it believes any such
requirement does not apply.
(5) Situational awareness and information sharing.
(i) A covered 911 service provider shall certify whether it has,
within the past year:
(A) Implemented reasonable measures to maintain real-time
situational awareness regarding the operational status of 911, E911, or
NG911 service throughout any portion(s) of the 911 network that it
owns, leases, or otherwise operates or controls or as to which it
otherwise provides any of the capabilities or services described in
paragraph (a)(4)(i)(A) of this section.
(B) Implemented reasonable measures to share appropriate
information with PSAPs and other covered 911 service providers in the
event of a disruption of 911, E911, or NG911 service, including, at a
minimum, the information required under part 4 of the Commission's
rules and under Sec. 12.7 .
(ii) If a covered 911 service provider has not implemented all of
the elements in paragraph (c)(5)(i) of this section, it must certify:
(A) Whether it has taken alternative measures to mitigate the risk
of inadequate situational awareness and information sharing or is
taking steps to remediate any issues that it has identified, in which
case it shall provide a brief explanation of such alternative measures
or such remediation steps, the date by which it anticipates such
remediation will be completed, and why it believes those measures are
reasonably sufficient to mitigate such risk; or
(B) Whether it believes that one or more of the requirements of
this subsection are not applicable to its network, in which case it
shall provide a brief explanation of why it believes any such
requirement does not apply.
* * * * *
0
3. Add Sec. 12.5 to read as follows:
Sec. 12.5 Transparency and accountability in connection with major
changes in 911 service.
(a) Major Changes in 911 network architecture and services. A
covered 911 service provider, as defined in Sec. 12.4(a)(4), seeking
to make major changes in its 911 network architecture and services
shall file a public
[[Page 3206]]
notification under this section, except as provided under paragraphs
(a)(3) through (5) of this section.
(1) For purposes of this section, the following actions by a
covered 911 service provider constitute major changes in 911 network
architecture and services:
(i) A change in 911 network architecture that affects the primary
geographic routing or logical processing of voice calls, automatic
location information (ALI), automatic number identification (ANI),
location information services (LIS), text-to-911, or functionally
equivalent capabilities, to public safety answering points (PSAPs),
statewide default answering points, or appropriate local emergency
authorities in more than one state;
(ii) A change in 911 network architecture that affects the
availability of backup routing or processing capabilities for voice
calls, ALI, ANI, LIS, text-to-911, or functionally equivalent
capabilities, to PSAPs, statewide default answering points, or
appropriate local emergency authorities in more than one state; or
(iii) A change in the allocation of primary responsibility with
respect to provision of any of the capabilities or services described
in Sec. 12.4(a)(4)(i) affecting more than one state, including but not
limited to a covered 911 service provider's allocation of such
responsibilities to a sub-contractor or other third party.
(2) Notifications under this section shall be filed with the
Commission at least 60 days before the changes described therein take
effect.
(i) Notifications shall state publicly the nature of the proposed
changes, the geographic area(s) or jurisdiction(s) affected, the
anticipated date of the changes, and any other relevant information.
(ii) To the extent that notifications contain information that
would cause competitive harm or a threat to public safety or national
security if disclosed, a covered 911 service provider may request
confidential treatment of such information under Sec. 0.459 of this
chapter.
(3) Changes initiated by a PSAP or emergency authority. Changes in
911 network architecture or service initiated by a public safety
answering point (PSAP) or state or local emergency authority shall not
require a notification to be filed under this section.
(4) Changes subject to public notice under Section 251. Changes in
911 network architecture or service that require public notice of
network changes under Sec. 51.325 of this chapter shall not require a
separate notification under this section.
(5) Emergency changes. Changes in 911 architecture or services
reasonably necessary to mitigate the impacts of a disruption or
degradation in 911 service, including temporary re-routes to backup
equipment or secondary PSAPs, shall not require a notification to be
filed under this section.
(b) Discontinuance, reduction, or impairment of existing 911
services. A covered 911 service provider, as defined in Sec.
12.4(a)(4), seeking to discontinue, reduce, or impair existing 911
services shall file a public notification with the Commission and
receive approval from the Commission before undertaking such actions,
except as provided in paragraphs (b)(3) and (4) of this section.
(1) For purposes of this section, the following actions by a
covered 911 service provider constitute a discontinuance, reduction, or
impairment of existing 911 services:
(i) Exit from a line of 911 services previously provided to PSAPs,
statewide default answering points, or appropriate local emergency
authorities in more than one state;
(ii) Termination or reduction in technical support or maintenance
for 911 network components or customer premises equipment (CPE) to
PSAPs, statewide default answering points, or appropriate local
emergency authorities in more than one state; or
(iii) Reduction or impairment of quality-of-service levels for 911
services to PSAPs, statewide default answering points, or appropriate
local emergency authorities in more than one state.
(2) Applications for discontinuance, reduction, or impairment of
existing 911 services under this section shall be filed with the
Commission at least 60 days before the changes described therein are
requested to take effect. The Commission shall respond within 60 days
by approving the request, approving the request subject to conditions,
or denying the request. If the Commission takes no action within 60
days, the request shall be deemed approved.
(i) Applications shall state publicly the nature of the proposed
discontinuance, reduction, or impairment, the geographic area(s) or
jurisdiction(s) affected, the anticipated date of the changes, and any
other relevant information.
(ii) To the extent that applications contain information that would
cause competitive harm or a threat to public safety or national
security if disclosed, a covered 911 service provider may request
confidential treatment of such information under Sec. 0.459 of this
chapter.
(3) Changes initiated by a PSAP or emergency authority. Changes in
911 network architecture or service initiated by a PSAP or state or
local emergency authority, including changes that would otherwise
constitute a discontinuance, reduction, or impairment of existing 911
services under paragraph (b) of this section, shall not require
Commission approval under this section.
(4) Changes subject to Section 214 authorization. Changes in 911
network architecture or service that require Commission authorization
under Section 214 of the Communications Act and associated Commission
rules shall not require separate Commission approval under this
section.
0
4. Add Sec. 12.6 to read as follows:
Sec. 12.6 Reliability and accountability of new IP-based 911
capabilities and services.
(a) Certification of capability to provide reliable 911 service.
Entities that propose to provide one or more of the capabilities of a
covered 911 service provider, as defined in Sec. 12.4(a)(4), but do
not provide such capabilities prior to November 21, 2014, shall certify
to the Commission that they:
(1) Possess the technical and operational capability to provide
reliable 911 service;
(2) Have conducted a reliability and security risk analysis of any
network components, infrastructure and/or databases and software used
to support 911 call completion, including automatic location
information (ALI), automatic number identification (ANI), location
information services (LIS), text-to-911, or the functional equivalent
of those capabilities; and
(3) Understand and agree to abide by the Commission's annual
reliability certification requirements under this part 12, any
applicable outage reporting or PSAP outage notification requirements
under Sec. 4.9 of this chapter, and any other Commission rules
applicable to the new 911 capabilities that it offers.
(b) [Reserved]
0
5. Add Sec. 12.7 to read as follows:
Sec. 12.7 Situational awareness and coordination responsibility
during disruptions in 911 service.
(a) Designation of 911 Network Operations Center (NOC) Provider.
The covered 911 service provider responsible for transport of 911 calls
and associated information to the public safety answering point (PSAP),
statewide default answering point, or appropriate local emergency
authority in each jurisdiction, pursuant to a
[[Page 3207]]
contractual relationship with that PSAP, statewide default answering
point, or appropriate local emergency authority, shall be the 911 NOC
Provider in that jurisdiction.
(b) Responsibilities of 911 NOC Provider. The 911 NOC Provider in
each jurisdiction shall monitor the availability of 911 services and
coordinate situational awareness and information sharing during
disruptions in 911 service. For purposes of this section, disruptions
in 911 service include events resulting in a complete loss of 911
service, as well as events that substantially impair service quality or
public access to 911 without a complete loss of service, including
disruption of automatic location information (ALI), automatic number
identification (ANI), location information services (LIS), or any other
services that locate callers geographically.
(1) In the event of such a disruption in 911 service, the 911 NOC
Provider shall request information from any other affected covered 911
service provider(s) regarding their situational awareness of the cause
and scope of the outage from the origination to the completion of 911
communications, including voice calls, ALI, ANI, LIS, and text-to-911.
The 911 NOC Provider shall then communicate to any other affected
covered 911 service providers, PSAPs, state emergency management
offices, and to the Commission's Operations Center, all information
reasonably available to mitigate the effects of the disruption and to
restore service.
(2) All other covered 911 service providers shall communicate to
the 911 NOC Provider all reasonably available information regarding the
cause and scope of a disruption in 911 service that occurs on or
affects portions of the 911 network that they own, lease, or otherwise
operate or control and shall respond promptly to any request for such
information by the 911 NOC Provider.
[FR Doc. 2015-00940 Filed 1-21-15; 8:45 am]
BILLING CODE 6712-01-P