Brendan Carr Interview

6:55PM Jan 20, 2022

Speakers:

Conor Healy

Keywords:

fcc

dji

entities

authorization

national security

authority

devices

communist regime

dji drones

decision

equipment

huawei

view

data

question

argument

list

china

license

lobbying

Mr. Carr, can you hear me? I'm doing well. How are you? Good. I'm doing great. Thanks. Thanks for having me. Of course. Thank you so much for spending the time. We really appreciate it. It's, it's awesome to meet you.

Yeah. I'm glad that you decided to celebrate your birthday by spending time with me. That's also a, you know, a real honor. So thanks for that number, that

it's the it's the best present. I could have gotten. I mean, yeah. You know, I can't have a big party. So may as well do this. Very kind of you. Thank you. Well, I won't use up too much of your time on chit chat. So should I just jump right into it? Yeah, that works for me. Sure. Okay. Question one. In October, you called for DJI to be added to the covered list. And you said, then I'm just quoting you here. Most people probably don't realize the vast amount of sensitive data that's being collected today by DJI drones in this country, and that the evidence against DJI has been mounting for years. Can you elaborate on the evidence against DJI? Why belongs in the covered list? And why should Americans be concerned?

It is really quite alarming to me, you know, when you start talking about DJI and the information that drones can collect, one of the first things you hear is people say, well, there's Google Earth already. And so there's images of every part of the country. What's the big deal? And I say, What's the big deal? Well, a couple things. One, you know, these DJI, drones are collecting a lot more information than once you get on Google or just a start. There's technology there that can monitor from a distance, someone's heart rate. The high rez imaging can look at detailed information like getting serial numbers off of telecom hardware, you can measure, you know, body temperature off of people from a distance. So the data that these DJI drones are collecting is much more detailed, much more sensitive than what's out there. And it's not just what they're collecting from the world around them. There's a lot of reports that talk about how these devices are able to pull information from the smartphones. When those smartphones are being used to operate the drones. There's been reporting about some of that data, either that data pulled from phones, or just other data that these DJI devices are collecting, being sent back to Beijing. And so when you look at the types of data, the sensitivity of it, the reports of that data going back to Beijing, I think there's enough there that we should all be disturbed about, and the federal government has been taking some actions, you know, they've been put on the covered list before. There's been grounding of DJI fleets based on national security concerns. And so I think it's time for the national security agencies to get together and give us the FCC, you know, their definitive thumbs up or thumbs down on the national security risk here.

Got it right. And so what's the process like for adding an entity like DJI to your covered list, and do expect the Congress or other agencies that are also maintaining their own covered list would add DJI in tandem? Or how would that work?

There's a couple different ways you can get on the FCCs list. One way is if Congress specifies it in a law, that's how we got entities like Huawei, ZTE, other entities on there already, there's a couple other vectors as well, most relevant here is the national security agencies can get together and make a recommendation that they get added to the list. So that's, you know, ODNI, DHS, other entities like that. And that's in the main, what I have been calling for is for those national security agencies to get together, some of which have issued report, some of which haven't, and give us the FCC the definitive view. And that will be the way that those entities can get on the list. Right now, there's not a mechanism for the FCC on its own without that input, to add them on the list.

Got it. And as concerned about these companies, as grown, you know, the covered entities and DJI have both spent millions of dollars on lobbying federal officials. I believe it's $6 million in the past year or past couple of years DJI is spent and you know, Hikvision, for example, has hired prominent former federal officials. They had Senator David Vitter at one point. Even the former FCC Chief of Staff, not a John Nakata. What's your opinion on this massive lobbying efforts in terms of how successful it is and any issues that are raised by this aggressive foreign lobbying, lobbying?

But my initial reaction is, God bless. I mean, look, everybody is entitled to petition the government make their case, you know, hire whoever they want to hire, obviously, there's, you know, sometimes there's guardrails around, you know, lobbying disclosures and other things like that. So obviously, everybody should be playing by the rules from that perspective. But you know, look, I work at the FCC, you know, every day there's a either digitally on zooms or in person. There's various lobbyists and other individuals that come in to, to make cases for all sorts of things. And we're very talented at the FCC of piercing through all that and making the right decision at the end of the day. But yeah, people should feel free to, you know, advocate whoever they feel like they need to to represent their interests. And I just hope that, you know, regulators like myself, Congress, others just make these decisions based on the facts and the data at the end

of the day. Got it. Okay, great. So Turning now to the investigation we've done on DJI main thing we're here to talk about. So we show that DJI is much more widely used by shinjang public security forces than was has been previously reported. That includes numerous contracts for DJI drones haven't been reported yet by shinjang. Public Security officials, many of them tied to the weaker Chinese side, we found they operate seven branches in the region. The company itself claims to assist in in massive agricultural operations. They claim their drones are assisting in more than 2 million hectares of crops. This includes cotton pepper, crops that are known to use forced labor, we are forced labor that is, so So how did these findings affect your view of DJI in general? And and also just with specific regards with the proposal adapted to the FCC covered list, which, you know, is more a national security cybersecurity focus kind of item? Yeah, look, I

think these reports and developments are deeply troubling. And I think they should be deeply troubling for a lot of people. I mean, look, we are seeing genocide taking place right now in Xinjiang, involving weekers. At the same point in time, you know, as a regulator, it's important, I think we divide these issue up into distinct segments. So for instance, Commerce Department or Entity List, they have focused on that coordination and participation in the security apparatus that has been involved in the weaker genocide as part of their decision to put DJI on the commerces Entity List at the FCC, you know, I'm focused on you know, what's the threat to devices here today to here to national security here, and we need to make that decision, you know, relatively in that silo. You know, that's not to say that there's other points in times where other government entities should be looking at that close working relationship with weaker genocide and taking that into account. But these are sort of, in some ways, they're independent modes of analysis. And stepping out of that, look, my long term view is, I think it's troubling, when you see entities that are deeply involved in communist China's, you know, security apparatus. And I do think that, you know, if you're involved in Shin Jang, if you're manufacturing products in Shin Jang, my view is, you should be put to a burden when you're coming through the FCC for equipment authorization to show that you're not, you know, using slave labor in your supply chain. Again, it's a little different, you know, from a mode of analysis from the straight national security considerations, but we got to be looking at all of this.

Yeah. Well, on the subject, one type of risk that has been discussed at the FCC, and, you know, other US agencies is, is that these companies are subject to China's laws, you know, specifically their data security laws, and they're obligated to turn over data to the government, if the government asks, they're obligated to disclose vulnerabilities before anyone else will find out about them. And so I'm wondering is this you know, another area where you could say, the obligation to, to commit atrocities on behalf of the state is indicative of where their interests are most aligned. So So does it tie into national security in the sense that it tells us about the character of these firms that they're willing to? They're willing to participate in these crimes against humanity? You know, surely it's not such a leap that they'd be willing to participate in spying on Americans? If, if that's the standard they're setting in China? Yeah, I

mean, the approach we take is we look at these entities that have close ties to the communist regime in China. And then we look for, in my view, a series of plus factors we look, the National Security Law is an important consideration, the idea that, you know, there really isn't going to be much choice, if they demand data for you to turn over the data, you know, the deep ties. formal ties, as we're seeing here with the national security apparatus is a plus factor. In my view, again, the fact that you're just, you know, based out of China alone isn't enough. But you start to add on these plus factors, these additional considerations, and it certainly heightens concerns that these entities aren't gonna be operating away that separate from doing the bidding of the communist regime.

Yeah. And so speaking of state control, so good segue into something else we found in our investigation, which is the DG eyes received investment from a state owned entity. Now, I mean, many companies in China have received investments from state owned entity. The importance of this is that it contradicts tgis claims they've said we've not received anything Chinese government investment turns out that this isn't true. And the particular firm involved the CCT G is known for its work integrating civilian electronics with military applications. So my question around this is, has transparency being an issue with firms like DJI and the covered entities? Because DJI had this public statement, we've received no investment and it didn't exactly take a ton of investigative work to show that wasn't true. This is something I think we've seen with other firms. What's your perspective on that?

This is disturbing. You know, look, we do not take kindly to the hiding of information or misleading about core important facts in the FCC, his own record shows this, you know, we take into account lack of candor, when we discover it when we make these decisions. One of the entities for instance, that we recently either denied or revoked section 214 authorization to one of these mobile carriers connected back to China. One things we expressly said there was a lack of candor, they told us X, you know, we found out why. And so you know, separate and apart from the fact that the lack of information allegedly comes from has to do with connections, the communist regime, if you're not being forthright with a regular that alone is a is a pillar, a basis for looking at taking action.

Yeah. You know, another, just today, really, another transparency issue came up for us that's related to the current NPRM. As perhaps you know, from reading the comments, Hikvision has argued their devices don't pose a risk, because many configurations don't use internet connections, basically, just a few days ago, Hikvision published its top eight trends for the security industry in 2022. And one of those trends will be publishing on this, by the way, and would probably submit a comment. But one of those trends says the cloudbet, quote, cloud based solutions and services will be essential. And Hikvision emphasizes in this post how internet connectivity is of growing importance to surveillance end users. So on the one hand, in the FCC comments process, they say our devices don't need to be used with the Internet. On the other hand, they're they're, they're saying publicly and their materials that that in 2022, they expect more and more users to want to connect their devices to the Internet. So that's another example of what we might see as a transparency issue. But But specifically, does Hikvision argument that their devices don't pose a risk because they can be used without an internet connection? Does that comport with your understanding of the risks, risks posed by Hikvision devices, or for that matter, DJI, or any other entity that's arguing, you know, these devices don't need to be used with the Internet.

It's rape is an odd argument. You know, there are certain activities that entities take place in the United States that require, you know, FCC, or other authorizations to 14 for instance. And so the actions that we are taking here are targeted at the areas where we have authority revoking to 14 authorization, for instance, if there is activity that an entity is engaging in that did not require the FCC authorization for whatever reason, that's not going to be directly impacted by the FCC revocation of authority. At the same point in time, you know, we have sort of this separate proceeding going on where we're looking at the fundamental question of equipment authorization. So regardless of whether you have a license, or whether you connect to the internet, you can't have any electronic device in this country without an FCC authorization. So that's one of the reasons why I think we need to go to the core and include within our equipment authorization process, some sort of national security checks, we can stop people from bringing things in, regardless of what particular license they need. And historically, the FCC has, you know, license revocation, license modification process. So, under our long standing organic authorities, we can take a look at things that are here already. So I don't think it's fair to say, you know, if we take this one technical change, you know, we're scot free and do whatever we want. If there's a national security risk there. I think, you know, we need to complete this equipment authorization process, which would then be another mechanism by which we can address and mitigate those concerns.

Yeah. And during the equipment authorization NPRM the proposed ban. Some of the covered entities have raised questions about the FCC statutory authority. So how do you think the proposed equipment authorizations band relates the FCC mandate and and has it timed your role as an FCC commissioner to be in support of that?

Yeah, again, another argument that has puzzled me you know, look, there's two things going on here. There's one, the SEC is what I call sort of organic you know, pre existing long standing of For me that has to do with approving devices. And I, you know, that authority in my view comes with modifying and revoking licenses. That's an independent source of authority that gives us pretty wide range to take action. The second point is Congress passed the secure equipment Act, which gives the FCC additional authority to take action, there's portions of the secure equipment act that are focused in their language on a going forward basis. But again, that doesn't modify the FCC underlying authority to potentially look at taking action at existing licenses. So if their argument is a secure equipment Act doesn't give us authority to do that, or a particular secure equipment act proceeding doesn't allow us to do that, you know, you know, we have that debate. But it's largely irrelevant in the sense that, you know, obviously, we have organic authority, that if we need to go back on a license approval, you know, I'm not aware of any precedent that, you know, prohibits the FTC from doing that.

Yeah. Okay. Interesting. A quick follow up on that one of the specific arguments they've made, or at least the Hikvision Dahua have made, and I think cartera has made this argument to it is basically that they don't belong on the covered list. More recently, they've been filing, saying that, you know, they shouldn't be on the carpet list at all. Do you think they're making a valid argument there? Are you familiar with that argument? And if you have any thoughts on whether that will affect the process?

And I haven't seen the details of that. I mean, look, a lot of entities that you mentioned, weren't necessarily put on there through an FCC adjudicatory process. Some of these was a determination by Congress and they want to go back to Congress, they can they can have at it. You know, I'm always happy to take a look at the facts and look at the data. But you know, directionally what we've seen is, you know, a lot more companies are getting their licenses revoked, authorizations denied being added to the Entity List, about the FCC covered list. And so directionally, I'd be surprised if some new data comes to light. That undermines a previous decision. If they got that new mitigating data, bring it forward. Same with DJI. I mean, look, the point that I'm making is, there's a lot of questions around this. There's been grounding of DJI fleets by national security entities, in my view, is let's get a definitive thumbs up and down. If there's some reason why, you know, these concerns are off base and there's mitigation out there, then let's put that in the record. But there's enough there that we just can't, you know, continue to kick along without the national agencies, the FCC reaching a definitive view. And again, I think there's enough out there to be concerned.

Got it. Okay, great. So I'm almost done. By the way. The current NPRM proposes to ban future authorizations but not existing authorizations. Do you think the FCC should revoke any existing authorizations? And why or why not?

Yeah, again, I think, you know, under the SEC existing organic authority, I don't read a limit in our authority in terms of, you know, go back. And if you have a license or an authorization that the FCC can't ever revisit that began, people are making some arguments about the secure equipment act, and that that legislation was very much focused on going forward. That's fine. But again, there's two sources of authority, existing FTC authority and secure equipment act authority. So I'm not aware of any reason why, in the appropriate circumstances, you could go back outside of the secure equipment act, and take a look at existing authorizations.

Right. And, you know, other than the issue of authority, just in terms of what the FCC should do, in your view. I mean, it's fair to say that you support banning any future authorizations but but how do you think about existing authorizations in terms of the threat they posed and what the FCC should do about those?

Well, I go, I go to Huawei on that. If you go back to 2017, maybe 2018. When we first started down this process, we issued a notice of proposed rulemaking and said, Let's look at the national security threat posed by Huawei and similar gear, in the initial draft that was circulated that documents that we're only going to be looking prospective at not letting new gear in if we find there's a problem, and I said, like, you know, timeout, once my FC colleague has a look, if we determine that there's a sufficient concern here, we need to put on the table, getting that gear that's in this in the network already out of it. So we did that. We included that in our notice, we saw comment on it. Flash forward to today. And of course, we are engaging in a rip and replace process right now with Huawei gear. So I think that's pretty good precedent that says, you know, if we make the decision, that there's sufficient reason to get gear out of the network, then you know, we should take that step.

Got it. Okay. Good. So I think this is my last question. So, as you'll be aware, last March, the FCC issued a public notice adding Dawa and Hikvision other entities to quote, the list of communications equipment and services that are deemed to pose an unacceptable risk to the national security of the United States. So, Darwin, hikers Used to have ignored this designation in terms of addressing it publicly, and US companies that sell 10s or hundreds of millions of dollars worth of their devices. Also, it seems ignored this designation. Do you think that sellers and buyers in the United States should be concerned about purchasing or dealing in this equipment that that's on the FCCs? List is posing a national security threat?

Yeah, I think entities should be making decisions cognizant of that FCC determination. And here's why. One reason why we have engaged in this billion dollar effort to reimburse entities that put Huawei gear in there as there was a policy determination and somewhere along the line, that these entities, these small carriers, rural carriers, other entities that purchase this year T devices did so in good faith. Some claim that they consulted with national security entities at the time, and they didn't hear back about any red flags. So it was a good faith purchase a good faith investment, without knowledge of the national security risks. And, you know, that's a different situation here, if you're buying into a company and devices with knowledge that they've been placed on the FCC s list, you know, that may be a relevant factor if the FCC goes down the road and, you know, makes additional decisions about you know, rip and replace and other components of that deal. And so I'm not either telling people, you know, buy this or don't buy this, but you know, the knowledge of the potential risk of the gear is something that has been relevant before, when it comes to reimbursement for taking gear out of networks.

Got it. All right. Last question. When do you expect the FCC will vote on the equipment authorizations? Ban the existing NPRM?

Yeah, hopefully soon. I don't have a date that I've gotten from the FCC chair on when she plans on bringing a boat forward. But I hope it is soon, you know, in the early part of this year that we get going and get that proceeding across the finish line.

Got it. Okay. That's all the questions I had. Is there anything else that you think is worth addressing here that come up? No. Yeah, no, I think we got it covered is good. Cool. Well, thank you. Pleasure to meet you. Yeah, absolutely. Thanks, God. Appreciate it. You bet.

I like