By: Rakesh Patel, Jennifer Bagg and Alex Tate
In light of a number of recent actions the Federal Communications Commission (“FCC” or “Commission”) has tied to national security, many in the communications industry wonder whether the FCC is gearing up to become the country’s next national security agency. The FCC’s sweeping authorization statute includes a mandate to make available a national and international wire and radio communication service “for the purpose of the national defense,”1 which the Commission has at times relied on to assert that national security issues are within its authority.2 Recent FCC actions, however, have made it clear that the FCC under the leadership of FCC Chairman Brendan Carr intends to weave national security more explicitly into its work.
In March 2025, Chairman Carr announced that he established a Council on National Security (“Council”) that “will leverage the full range of the Commission’s regulatory, investigatory, and enforcement authorities to promote America’s national security and counter foreign adversaries.”3 The newly established Council was directed to address the communications industry’s reliance on foreign adversaries—particularly China and the CCP—in the technology and telecom supply chain and reduce the country’s vulnerabilities to cyberattacks, espionage, and surveillance by foreign adversaries. In addition, the Council was instructed to “[e]nsure the U.S. wins the strategic competition with China over critical technologies, such as 5G and 6G, AI, satellites and space, quantum computing, robotics and autonomous systems, and the Internet of Things.”4 Notably, in November 2025, the White House released the National Security Strategy which, although it generally noted surveillance of persistent threats to U.S. networks, did not include any specifics related to what the FCC’s role in national security would be.
Since standing up the Council, the FCC has undertaken revisions of several rules with the stated goal of strengthening national security. For instance, the FCC adopted rules to preclude authorization of radio frequency equipment tested at a lab which is owned, controlled or directed by a foreign adversary, as well as new rules barring equipment authorization for modular transmitters produced by Covered List entities.5 In December 2025, the FCC also expanded the Covered List to include uncrewed aircraft systems and their critical components produced in foreign countries. And in January of this year, the Commission adopted rules that would enhance foreign ownership reporting requirements in an effort to identify foreign adversary ties to entities under the Commission’s jurisdiction.
These proceedings are inherently transparent in that they involve the public notice and comment periods mandated by the Administrative Procedure Act. What’s less clear is how the FCC will “leverage” the “full range” of its investigatory and enforcement authorities.6 Since there is no existing national security-related enforcement roadmap to follow, the communications industry faces considerable enforcement risk in navigating the unknown.
Take for example the FCC’s recent robocall mitigation action against China Telecom Global Limited. On December 8, 2025, the FCC’s Enforcement Bureau released an order directing China Telecom Global to cure deficiencies in its Robocall Mitigation Database (“RMD”) certification or face removal from the RMD,7 which would effectively terminate China Telecom Global’s ability to provide voice service in the United States.8 An order of this kind is a fairly routine FCC enforcement function. However, the FCC injected national security considerations into the RMD removal question, framing it as an “in the public interest” issue, which was entirely unprecedented.9 The Enforcement Bureau categorically stated that “[China Telecom Global] poses national security risks” because it is affiliated with China Telecom (Americas) Corporation, a Chinese state-owned enterprise whose section 214 authorization (required to provide international common carrier telecommunications service), the FCC had revoked in 2021 on national security grounds.10 The Enforcement Bureau required China Telecom Global to provide “convincing evidence” that “its presence in the RMD is not a threat to national security and is in the public interest.”11 The Bureau has not taken final action in this matter, but the order’s explicit language on the risks China Telecom Global poses suggest it is unlikely the FCC would allow it to remain in the RMD and provide voice service in the United States.
In the array of FCC robocall mitigation orders, advisories, public notices, and other policy statements that the FCC has released over the course of the past decade, not once has the FCC put the communications industry on notice that national security considerations would factor into a robocall mitigation matter of any kind. Thus, the Enforcement Bureau’s action raises two areas of concern.
First, if the FCC removes China Telecom Global’s RMD certification on national security grounds with no prior notice that it interprets its authorities as requiring or permitting this, then industry should be considering what other enforcement actions the Bureau could take on national security grounds—such as actions related to equipment authorization, licensing, cybersecurity, data protection, FCC funded programs, competition, or foreign ownership reporting—without prior notice.
Second, what does “convincing evidence” mean? The FCC required China Telecom Global to provide “convincing evidence” that it is not a threat to national security, but this is not a legal standard that exists in any FCC enforcement context. It is unclear what threshold of evidence would satisfy this standard and which office at the Commission decides when it has been met—the Enforcement Bureau or a somewhat more neutral arbiter such as the General Counsel. This language might also signal that the FCC is shifting the burden from the government having to prove its allegations to the target having to prove its innocence with “convincing evidence” when national security concerns are at stake. Of critical importance is whether the FCC will adopt this standard in other enforcement matters going forward.
Chairman Carr’s Council on National Security is in its early stages, so it is not surprising that questions exist on the enforcement aspects of the FCC’s approach. Another major question is how the agency’s definition of national security threat will evolve. The Chairman’s March 2025 press release announcing the Council’s establishment noted that the agency will counter foreign adversaries and singled out China. In the face of recent international actions, are there other countries the FCC considers a foreign adversary? What about non-state threat actors, which may or may not have some hostile state affiliation? In terms of cybersecurity, the FCC has not said if it would consider a U.S.-based provider who suffers a data breach a victim of a (potentially overseas) threat actor, or if it will face FCC liability for the breach. And how will the FCC factor national security into other enforcement actions, in particular by including national security considerations in its forfeiture penalty determinations?
As the FCC’s Enforcement Bureau accelerates its national security-related enforcement activity, the industry will gradually get answers to these questions. In the meantime, the lack of clarity on the specific national security considerations that will prompt the Bureau to take action makes proactively addressing these issues a challenge. A provider may not know what it has done wrong until the FCC serves it with notice that it is the subject of an enforcement inquiry and facing dozens of questions, documents requests, and interviews, as well as a potential loss of an authorization and payment of substantial fines.
All signs indicate that national security will be fundamental to the FCC’s work this year and for the balance of Chairman Carr’s term. But how national security will feature in investigations and enforcement actions, and the framework for resolving national security within an enforcement action, is still largely unknown. The communications industry should be prepared for any FCC action to be tied to national security, even those actions not previously classified as national-security related violations of the FCC’s rules. For the industry, particularly from an enforcement perspective, we are entering an uncertain, complex, and potentially difficult time.
[1] Congress created the FCC “for the purpose of regulating interstate and foreign commerce in communication by wire and radio so as to make available, so far as possible, to all the people of the United States, without discrimination on the basis of race, color, religion, national origin, or sex, a rapid, efficient, Nation-wide, and world-wide wire and radio communication service with adequate facilities at reasonable charges, for the purpose of the national defense, for the purpose of promoting safety of life and property through the use of wire and radio communications, and for the purpose of securing a more effective execution of this policy by centralizing authority heretofore granted by law to several agencies and by granting additional authority with respect to interstate and foreign commerce in wire and radio communication.” 47 U.S.C. § 151.
[2] Protecting Against National Security Threats to the Communications Supply Chain Through FCC Programs, Declaratory Ruling and Second Further Notice of Proposed Rulemaking, 35 FCC Rcd. 7821, 7822 ¶ 5 (2020).
[3] Press Release, FCC, Chairman Carr Establishes New Council on National Security Within Agency (Mar. 13, 2025) https://docs.fcc.gov/public/attachments/DOC-410155A1.pdf.
[4] Id.
[5] The FCC’s Covered List is a list of communications equipment and services deemed to pose an unacceptable risk to national security of the United States or safety and security of U.S. persons. List of Equipment and Services Covered By Section 2 of The Secure Networks Act, FCC, https://www.fcc.gov/supplychain/coveredlist (last updated Jan. 7, 2026).
[6] Press Release, FCC, Chairman Carr Establishes New Council on National Security Within Agency (Mar. 13, 2025) https://docs.fcc.gov/public/attachments/DOC-410155A1.pdf.
[7] China Telecom Global Limited, Order, DA 25-1022, EB-TCD-25-00039418, ¶ 1 (rel. Dec. 8, 2025).
[8] The FCC established the Robocall Mitigation Database as part of its implementation of the December 2019 Pallone-Thune Telephone Robocall Criminal Enforcement and Deterrence (TRACED) Act. The FCC requires all voice service providers to file certifications in the RMD regarding their efforts to fight illegal robocalls on their networks.
[9] China Telecom Global Limited, Order, DA 25-1022, EB-TCD-25-00039418, ¶ 9 (rel. Dec. 8, 2025).
[10] Id. ¶¶ 5, 8.
[11] Id. ¶ 10.