This document is scheduled to be published in the Federal Register on 07/12/2016 and available online at http://federalregister.gov/a/2016-16273, and on FDsys.gov
6712-01 FEDERAL COMMUNICATIONS COMMISSION 47 CFR Part 4 [PS Docket No. 15-80, 11-82; FCC 16-63] Disruptions to Communications AGENCY: Federal Communications Commission. ACTION: Proposed rule. SUMMARY: In this document, the Federal Communications Commission (Commission) seeks comment on: a proposal to update the Commission’s outage reporting requirement rules to address broadband network disruptions, including packet-based disruptions based on network performance degradation; proposed changes to the rules governing interconnected voice over Internet protocol (VoIP) outage reporting to include disruptions based on network performance degradation, update our outage definition to address incidents involving specified network components; and modify the reporting process to make it consistent with other services; reporting of call failures in the radio access network and local access network, and on geography-based reporting of wireless outages in rural areas; and, refining the covered critical communications at airports subject to the Commission’s outage reporting requirements. DATES: Submit comments on or before [INSERT DATE 45 DAYS AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER], and reply comments on or before [INSERT DATE 60 DAYS AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER]. ADDRESSES: You may submit comments, identified by PS Docket No. 15-80 and 11-82, by any of the following methods:
Federal Communications Commission’s Web Site: http://fjallfoss.fcc.gov/ecfs2/. Follow the instructions for submitting comments. Filings can be sent by hand or messenger delivery, by commercial overnight courier, or by first-class or overnight U.S. Postal Service mail. See the SUPPLEMENTARY INFORMATION Section for more instructions. People with Disabilities: Contact the FCC to request reasonable accommodations (accessible format documents, sign language interpreters, CART, etc.) by e-mail: [email protected]
or phone: 202-418-0530 or TTY: 202-418-0432. For detailed instructions for submitting comments and additional information on the rulemaking process, see the SUPPLEMENTARY INFORMATION Section of this document. FOR FURTHER INFORMATION CONTACT: Brenda D. Villanueva, Attorney Advisor, Public Safety and Homeland Security Bureau, (202) 418-7005, or [email protected]
SUPPLEMENTARY INFORMATION: This is a summary of the Commission’s Further Notice of Proposed Rulemaking (FNPRM), FCC 16-63, adopted May 25, 2016, and released May 26, 2016. The full text of this document is available for inspection and copying during normal business hours in the FCC Reference Center (Room CY-A257), 445 12th Street, SW., Washington, DC 20554 or via ECFS at http://fjallfoss.fcc.gov/ecfs/. The full text may also be downloaded at: http://apps.fcc.gov/edocs_public/attachmatch/FCC-16-63A1.pdf. Pursuant to sections 1.415 and 1.419 of the Commission’s rules, 47 CFR 1.415, 1.419, interested parties may file comments and reply comments on or before the dates indicated on the first page of this document. Comments may be filed using the Commission’s Electronic Comment Filing System (ECFS). See Electronic Filing of Documents in Rulemaking Proceedings, 63 FR 24121 (1998).
Electronic Filers: Comments may be filed electronically using the Internet by accessing the ECFS: http://apps.fcc.gov/ecfs/. Paper Filers: Parties who choose to file by paper must file an original and one copy of each filing. If more than one docket or rulemaking number appears in the caption of this proceeding, filers must submit two additional copies for each additional docket or rulemaking number. Filings can be sent by hand or messenger delivery, by commercial overnight courier, or by first-class or overnight U.S. Postal Service mail. All filings must be addressed to the Commission’s Secretary, Office of the Secretary, Federal Communications Commission. All hand-delivered or messenger-delivered paper filings for the Commission’s Secretary must be delivered to FCC Headquarters at 445 12th St., SW, Room TWA325, Washington, DC 20554. The filing hours are 8:00 a.m. to 7:00 p.m. All hand deliveries must be held together with rubber bands or fasteners. Any envelopes and boxes must be disposed of before entering the building. Commercial overnight mail (other than U.S. Postal Service Express Mail and Priority Mail) must be sent to 9300 East Hampton Drive, Capitol Heights, MD 20743. U.S. Postal Service first-class, Express, and Priority mail must be addressed to 445 12th Street, SW, Washington DC 20554. People with Disabilities: To request materials in accessible formats for people with disabilities (braille, large print, electronic files, audio format), send an e-mail to [email protected]
or call the Consumer & Governmental Affairs Bureau at 202-418-0530 (voice), 202-418-0432 (tty). Synopsis of Further Notice of Proposed Rulemaking
In this document, the Federal Communication Commission (Commission) seeks comment on proposals to modernize its outage reporting rules to increase its ability to detect adverse outage trends and facilitate industrywide network improvements. The Commission seeks comment on whether and how to update its part 4 outage reporting requirements to address broadband, an increasingly essential element in our nation’s communications networks, along with other streamline proposals. This action seeks to ensure that the outage reporting system keeps pace with technological change and addresses evolving consumer preference impact in order to be better equipped to promote the safety of life and property through the use of wire and radio communication. In a companion document, a Report and Order and Order on Reconsideration in PS Docket No. 15-80, and ET Docket No. 04-35, respectively, the Commission adopts several proposals in a Notice of Proposed Rulemaking in 2015, and resolves several outstanding matters related to its adoption of the part 4 rules in a Report and Order in 2004. I.
Further Notice of Proposed Rulemaking 1.
As service providers transition from legacy network facilities to IP-based
networks, the Commission must continue to safeguard the reliability and resiliency of all of these interrelated systems. As we have observed before, broadband networks and services increasingly characterize the environment for the nation’s 9-1-1 and NG911 emergency communications and, thus, are central to the nation’s emergency preparedness, management of crises, and essential public safety-related communications. To meet the challenge of assuring broadband networks in order to carry out its foundational public safety mission, the Commission must maintain visibility into TDM-based networks while simultaneously ensuring similar visibility into commercial IP and hybrid networks. Our current part 4 rules establish outage reporting requirements that are in many ways centered on “circuit-switched telephony” and circuits that involve a “serving central 4
office.” The proposals in this FNPRM, among other things, aim to update the part 4 rules to ensure reliability of broadband networks used to deploy critical communications services, used both for emergency and non-emergency purposes. As discussed below, we believe the part 4 rules can likely provide the Commission with the necessary situational awareness about these broadband networks by updating them to (1) extend their application to broadband Internet access services (BIAS), and (2) revising the manner in which they apply to existing and future dedicated services to ensure a broadband emphasis. In this FNPRM, we propose to use the term “dedicated service” to refer to those services defined in 2013’s Special Access Data Collection Implementation Order, i.e., “service that ‘transports data between two or more designated points, e.g., between an End User’s premises and a point-of-presence, between the central office of a local exchange carrier (LEC) and a point-of-presence, or between two End User premises, at a rate of at least 1.5 Mbps in both directions (upstream/downstream) with prescribed performance requirements that include bandwidth, latency, or error-rate guarantees or other parameters that define delivery under a Tariff or in a service-level agreement.’”).These actions, we believe, will ensure that the Commission’s ability to monitor communications reliability and resiliency keeps pace with technological change and the broadband-based capabilities and uses of today’s evolving networks. 2.
More specifically, we: (i) seek comment on proposed reporting requirements,
metrics, and narrative elements for both BIAS and dedicated services outages and disruptions, including for network performance degradation; and (ii) propose to amend the Commission’s existing outage reporting requirements for interconnected VoIP to reflect disruptions resulting from network performance degradation. In addition, we seek further comment on two proposals raised in the Notice and aimed at increasing our awareness of certain outages: (i) reporting call failures in both the wireless and wireline/interconnected VoIP access networks; and (ii) reporting 5
outages that affect large geographic areas but do not trigger the user-minute threshold because of sparse population. We also seek comment on establishing outage reporting triggers for certain airport communications assets (“special offices and facilities”) designated as TSP Level 3 and Level 4 facilities. Finally, we seek to determine the most cost-effective approaches to accomplish these objectives, and accordingly seek comment on potential costs and benefits associated with each proposal in the FNPRM. To that end, commenters should provide specific data and information, such as actual or estimated dollar figures, and include any supporting documents and descriptions of how any data was gathered and analyzed. 3.
The nation’s transition from legacy (i.e., TDM-based) communications platforms
to IP for communications services has been steadily progressing since the last time the Commission expanded its outage reporting requirements to include “newly emerging forms of communication” in 2004. For one thing, consumers have significantly increased their dependence on broadband networks. Beyond consumer technologies, important sectors are relying increasingly on interconnected VoIP and broadband services. Indeed, in 2016, broadband service is a central part of most Americans’ lives. 4.
Reliance by enterprise customers on dedicated services also continues to increase,
reflecting the rapid transition of the nation’s businesses and governmental institutions to broadband powered communications. As we recently observed in the Special Access proceedings, such services are “an important building block for creating private or virtual private networks across a wide geographic area and enabling the secure and reliable transfer of data between locations.” They can also “provide dedicated access to the Internet and access to innovative broadband services.” They are used by mobile wireless providers to backhaul voice and data traffic from cell sites to their mobile telephone switching offices. Branch banks and gas stations use such connections for ATMs and credit card readers. Businesses, governmental 6
institutions, hospitals and medical offices, and even schools and libraries use them to create their own private networks and to access other services such as Voice over IP (VoIP), Internet access, television, cloud-based hosting services, video conferencing, and secure remote access. Carriers buy them as a critical input for delivering their own customized, advanced service offerings to end users. We believe it is critical that our outage reporting rules, long applicable to communications services such as special access, continue to provide an appropriate measure of network resiliency, reliability and security assurance for today’s and tomorrow’s broadband network services. 5.
The Commission has long recognized the importance of these trends for outage
reporting. In 2010, the National Broadband Plan called on the Commission to extend part 4 outage reporting rules to broadband Internet service providers and interconnected VoIP service providers, citing a “lack of data [that] limited our understanding of network operations and of how to prevent future outages.” The following year, the Commission proposed to safeguard reliable 911 service by extending outage reporting rules to broadband Internet access service (BIAS) and backbone Internet service as well as interconnected VoIP service. In the 2012 Part 4 VoIP Order, the Commission adopted rules to extend reporting requirements to interconnected VoIP service providers for outages resulting in a complete loss of service, but deferred action on the remaining proposals. At the time, the Commission indicated that its proposals to extend outage reporting obligations to broadband providers “deserve[d] further study.” 6.
Numerous commenters in this and other proceedings have urged the Commission
to closely monitor changes in network reliability as 911 networks migrate to IP, and others assert that some communities are increasingly dependent upon robust mobile broadband connectivity to deliver, in part, public safety services necessary for modern life. As federal funds are spent to ensure deployment of broadband, e.g., through programs such as the Connect America Fund, we 7
expect recipients of these funds to build out networks that serve the public interest through reliable access to critical communications, e.g., 911. The U.S. Government Accountability Office (GAO) recognized that “[t]he communications sector is transitioning from legacy networks to an all-Internet Protocol (IP) environment, leading consumer and public safety groups, among others, to question how reliably the nation’s communications networks will function during times of crisis.” Echoing the Broadband Opportunity Council, in its 2015 report GAO questioned whether the Commission can currently fulfill its information needs through existing efforts to collect comprehensive, nationwide data on technology transitions, and recommended that we develop a strategy and gather information on the “IP transition to assess its potential effects on public safety and consumers.” It also noted that this “would help [the Commission] address these areas of uncertainty as it oversees the IP transition,” and enable “data-driven decisions.” We agree and seek comment below on mechanisms to improve the quantity and quality of data collected on the impact of increased broadband availability and usage. 7.
In the fulfillment of its public safety responsibilities, no context is more important
for the Commission to research and monitor the technology transition than in the deployment of IP-based Next Generation 911 (NG911) networks. NENA’s i3 architecture has become the de facto standard for NG911 network design, in which voice, text, and data communications to, from, and between PSAPs operate over an Emergency Services IP network (ESINet). The Commission has observed that “new capabilities will enhance the accessibility of 911 to the public (e.g., by enabling video and text-to-911 for persons with speech and hearing disabilities), and will provide PSAPs with enhanced information that will enable emergency responders to assess and respond to emergencies more quickly.” Service providers typically market such
improvements to 911 as a way to offer better service at lower cost and an opportunity to phase out obsolete technologies. 8.
Nevertheless, we acknowledge that “evolving technology, while providing many
benefits to PSAPs and the public, also has introduced new and different risks.” For example, 911 service can now be disrupted by software malfunctions, database failures, and errors in conversion from legacy to IP-based network protocols, and such disruptions can occur in unique parts of the IP network that lack analogous counterparts in legacy architecture. Moreover, the consolidation of critical resources in a small number of databases increases the risk of a 911 service failure that affects many PSAPs at once, even across state lines or potentially impacting all of a service provider’s customers nationwide. Given the growing deployment of ESINets and the Commission’s specific interest in monitoring the reliability and resiliency of PSAP connectivity, we believe that it is critical for the Commission to have visibility into the networks of all providers supporting ESINet service and other critical infrastructure to fully understand reliability and resiliency factors associated with public safety and critical infrastructure communications. 9.
For both emergency and non-emergency services, broadband is now (or rapidly is
becoming) the communications sector’s essential transmission technology and, thus, “an integral component of the U.S. economy, underlying the operations of all businesses, public safety organizations, and government.” These communications sector developments, both in NG911 deployment and in the nation’s communications sector more broadly, illustrate how important it is that the Commission’s outage reporting requirements evolve at a similar pace as the communications sector. As 911 services evolve toward NG911 combinations of voice, data, and video, and as voice and data are exchanged over the same infrastructure, it is necessary for the Commission to refocus its lens for outage reporting and re-examine its part 4 reporting metrics to 9
ensure that they collect the necessary data on the reliability of broadband networks. Access to such objective information would ensure that the evolution of critical communications services does not pose an obstacle to the Commission’s established consumer protection, public safety, and national security statutory missions. A.
Broadband Network Outage Reporting 1.
The Need for Updated Broadband Network Disruption and Outage Reporting
Broadband networks now provide an expanding portion of today’s emergency and
non-emergency communications and have technological flexibility that allows service providers to offer both old and new services over a single architecture. We observe that broadband networks come with their own advantages and challenges; particularly, outages and service disruptions can occur at both at the physical infrastructure and the service levels. We recognize that network outage or service disruptions at the application level in which various services are provided (e.g., streaming video, video teleconferencing) have different performance and network management requirements than those at the physical network infrastructure level. Broadband networks are just as vulnerable to physical outages and service disruptions as the public-switched telephone network (PSTN), but are also susceptible to attacks at the application layer, which may not affect the underlying physical infrastructure. We seek comment on these observations as they relate to our proposed broadband outage reporting requirements. 11.
We further observe that broadband networks’ interrelated architectural makeup
renders them more susceptible to large-scale service outages. Growing reliance on remote servers and software-defined control has increased the scale of outages, as compared to those in the legacy circuit switched-environment. Through news accounts, we have observed recent outage events impacting customers across several states. Moreover, broadband networks’ 10
architectural efficiencies can actually magnify the impact of customer service-affecting outages that do occur. For example, “sunny day” outages – caused by technical issues rather than by environmental ones – have been shown to jeopardize 911 communications services, sometimes across several states. Indeed, broadband networks can support centralized services, but, if not engineered well, they can harm resiliency objectives. We believe that these challenges will likely become more pronounced as broadband increasingly comes to define the nation’s communication networks. This new paradigm of larger, more impactful outages suggests that there would be significant value in collecting data on outages and disruptions to commercial broadband service providers. We seek comment on this view. 12.
Given the potential for broad-scale, highly-disruptive outages in the broadband
environment – and particularly those impacting 911 service – the adoption of updated broadband reporting requirements would likely provide the Commission with more consistent and reliable data on critical communications outages and enable it to perform its mission more effectively in light of evolving technologies and service offerings. Over the past decade, review and analysis of outage reports have enabled the Commission to facilitate and promote systemic improvements to reliability, both through industry outreach, the CSRIC, and formal policy initiatives. The analysis of trends identified from our authoritative outage report repository has proven to be a useful tool for the Commission in working with providers to address outages and facilitate sector-wide improvements. As NG911 functionality becomes centralized within broadband networks, network vulnerabilities specific to emergency services will emerge, and the Commission should be well-informed of such vulnerabilities. We seek comment on this position. a.
Mandatory vs. Voluntary Reporting
In the 2011 Part 4 Notice, the Commission asked whether and how outage
reporting should to be extended to broadband. At the time numerous commenters challenged the idea, with some suggesting that mandatory outage reporting is not suitable for broadband packetswitched networks given built in redundancies, and the complexity of tracing disruptions to a single cause. . 14.
Where the Commission has required mandatory reporting of disruptions to IP
communications (such as interconnected VoIP communications), 47 CFR 4.3(h), 4.9(g), we have found substantial value from that reporting. We believe that the same is true for other IP-based networks and services that have become such a typical feature of our communications networks. Additionally, in the 2012 Part 4 Order, the Commission observed that “the record . . . reflect[ed] a willingness on the part of broadband Internet service providers to participate in a voluntary process” to improve the Commission’s awareness of broadband outages and their impact on public safety. Over the past four years, broadband providers have not come forward with concrete proposals for such a process or even expressed such an interest in voluntary reporting. As with previous attempts at voluntary reporting, we are concerned that any voluntary regime for broadband outages would be unsuccessful in achieving a level of participation necessary to make the program effective. We seek comment on this position, and how to apply the lessons learned from our previous voluntary outage reporting regime. Finally, as the Commission observed in 2011, “even if incentives did motivate individual market participants to optimize their own reliability, they do not necessarily optimize systemic reliability.” We believe that mandatory reporting of broadband network outages would motivate such optimization, and, thus, would advance the public interest. We seek comment on this view. 15.
For the reasons set out above, we reaffirm our belief that mandatory reporting
requirements would have a positive effect on the reliability and resiliency of broadband 12
networks. Therefore, we tentatively conclude that broadband network outage reporting should be mandatory. We seek comment on this tentative conclusion and seek further comment on the issues first raised generally in the 2011 Part 4 Notice. 2. 16.
Proposed Coverage of Broadband Outages.
In proposing updated broadband outage reporting rules, we must identify the
appropriate set of broadband ‒ and broadband-constituent ‒ services, facilities, and infrastructure that are reasonably appropriate for reporting requirements. In the 2015 Open Internet Order, we described the broadband communications environment to include a number of different market segments and services, including arrangements underlying those services. Among other things, we drew a distinction between networks and services deploying broadband capabilities provided to consumers, those deploying such capabilities to businesses and other enterprises, and those providing Internet backbone services. And we specifically excluded from broadband Internet access service (BIAS) enterprise service offerings such as “special access services” and their functional equivalents and other non-BIAS services, e.g., Internet access, interconnection, backbone service, traffic exchange, non-BIAS data services. 17.
In the Business Data Services/Special Access NPRM, including its adjunct 2015
Data Collection, we further described the “special access” or “dedicated services” that form critical portions of the broadband ecosystem, i.e., – links that “enabl[e] secure and reliable transfer of data between locations.” Although such services are already addressed in part 4 to some extent, which as noted above broadly defines those “communications services” subject to these rules, our part 4 reporting standards do not ensure that outage reporting illuminates broadband issues critical to functionality of these services. We believe that the public safety goals to be accomplished through Part 4 assurance for today’s broadband communications world can best be advanced if we extend the scope of our rules to BIAS, for the first time, and update 13
and clarify those requirements for dedicated services so that we receive broadband-specific outage information for those services, and that we ensure our requirements apply equally and neutrally regardless of technology or provider type. We seek comment on this view. 18.
For broadband outage reporting purposes, we believe developing reporting
metrics that clearly address this functionality to be critical to our continued ability to obtain situational awareness with respect to reliability of the Nation’s most important communications services. For the reasons set forth below, we tentatively conclude that the public safety goals to be accomplished through Part 4 assurance for today’s broadband communications world can most reasonably be advanced by extending those rules to cover BIAS, and by updating those requirements for measuring the reliability of dedicated services. In our view, these steps are likely to provide us with most if not all of the information reasonably necessary for purposes of our Part 4 mission, while avoiding the need to subject other service providers (such as Internet backbone providers) to these reporting requirements. Our proposal will also ensure that our requirements apply equally and neutrally regardless of technology or provider type. We seek comment on these views. By taking the actions now proposed, we believe we will have the ability to ensure greater broadband network reliability, resiliency, and security. We believe, thus, that this approach would ensure comprehensive outage reporting that, for BIAS and dedicated services, would encompass: (i) all customer market segments to include – mass market, small business, medium size business, specific access services, and enterprise-class (including PSAPs, governmental purchasers, carriers, critical infrastructure industries, large academic institutional users, etc.); (ii) all providers of such services on a technology neutral basis; and (iii) all purchasers (end users) of those services without limitation. We seek comment on this view. a.
Broadband Internet Access Service (BIAS) 14
The Commission defines BIAS in 47 CFR 8.2(a) as: [a] mass-market retail service by wire or radio that provides the capability to transmit data to and receive data from all or substantially all Internet endpoints, including any capabilities that are incidental to and enable the operation of the communications service, but excluding dial-up Internet access service. This term also encompasses any service that the Commission finds to be providing a functional equivalent of the service described in the previous sentence . . . .
BIAS includes those services offered over facilities leased or owned, wireless or wireline, to residences and individuals, small businesses, certain schools and libraries and rural health entities. BIAS does not include enterprise service offerings, which are typically offered to larger organizations through customized or individually-negotiated arrangements, or special access (“dedicated”) services. Some NG911 systems use BIAS to support critical functions like transmission of location information, making it of particular interest to the Commission as NG911 is rolled out. BIAS is also increasingly integral for everyday life; according to the Commission’s latest broadband subscribership data, over 250,000,000 Americans purchase wireline or wireless (or both, typically) BIAS to meet an ever-expanding array of their communications needs. These services are essential for work, family and community activities, social engagements and leisure, and are increasingly vital for emergency services communications whether as voice, texting or other data transmission. Given BIAS’ ubiquitous penetration throughout the American landscape and the multiple important emergency and nonemergency uses for which Americans consume BIAS, we recognize the same, if not higher, need for assurance through outage reporting under part 4 as we have long recognized for other communications services. We seek comment on this understanding and approach. 15
Existing part 4 rules define relevant providers to include “affiliated and non-
affiliated entities that maintain or provide communications networks or services used by the provider,” and require reporting of “all pertinent information on the outage.” We seek specific comment on whether BIAS providers could be used as a central reporting point for all broadband network outages, i.e., whether our part 4 assurance goals for broadband outage reporting can be effectuated through, or should be limited to, an approach in which only BIAS providers (as opposed to other entities providing networks or services) would be required to report. We ask commenters to address BIAS providers’ services relationships with other providers (i.e., entities that provide IP transport underlying the BIAS offering), and particularly whether, and the extent to which they share information (formally or informally) relevant to outage reporting. Do providers typically discuss or notify each other in the event of disruptions? Do or can BIAS providers enter into service level or other agreements that contain requirements that enable them to obtain adequate information concerning the source of outages that originate with such other providers? Should our rules impose an obligation on BIAS providers to provide such information in their part 4 reports? 21.
In what way is the Commission’s experience with entities that “maintain or
provide communications networks or services used by the provider” (e.g., for legacy voice communications or interconnected VoIP service) instructive in its consideration of these issues associated with BIAS outage reporting? Or, are there sufficient technical or operational differences between BIAS and entities already covered by part 4 as to warrant a new approach? If so, what are those differences and how should the Commission approach BIAS outage reporting to address those differences in ways that promote effective outage reporting? What actions could the Commission take to ensure that BIAS providers can obtain sufficient information in the event of a service outage about the source and cause of the outage? We also 16
seek comment on whether a BIAS-only approach would sufficiently capture critical communications, i.e., communications involving critical infrastructure, needed for NS/EP, or otherwise associated with public safety or emergency preparedness. If it does not, should the Commission extend its reporting requirements directly to other entities that maintain or provide communications networks or services used by the BIAS provider? b. 22.
In our Dedicated Services/Special Access proceeding, we have closely examined
the evolving (in terms of scope, array and use of services) and expanding (in terms of participants, including new entrants) market for IP- and other data protocol-based packet services to enterprises and other segments and purchasers not included within the mass market level served by BIAS providers. These dedicated services power the fullest range of large data pipe (high capacity) services, e.g., circuit-based TDM facilities like DS3s, or data network transmission (packet-based) facilities such as “Ethernet”, and are deployed without geographic restraint (i.e., in use for “last mile”, “middle mile”, “long haul”, etc.). Although DS3s and DS1s, both of which are longstanding dedicated services “warhorses”, have always been subject to outage reporting (as have other “two-way voice and/or data communications”, 47 CFR 4.3(b)), our reporting rules may provide insufficient clarity as to non-TDM dedicated services such as “Ethernet.” We seek to provide both broadband-specific reporting emphasis and scope of covered services clarity in this FNPRM. In the past, our rules and reporting emphasis under part 4 have been framed mostly by reference to legacy TDM special access circuits, which is certainly a segment of the services and infrastructure properly classified as “dedicated services.” In this FNPRM, we now place clearer emphasis on broadband outages through new proposed metrics, thresholds and triggers, and also take steps to ensure all dedicated services providers – old and new – understand their compliance obligations under our rules. 17
To achieve this clarity and emphasis, we first seek comment on the following
definition of “dedicated services” for outage reporting purposes: Services that transport data between two or more designated points, e.g., between an end user’s premises and a point-of-presence, between the central office of a local exchange carrier (LEC) and a point-of-presence, or between two end user premises, at a rate of at least 1.5 Mbps in both directions (upstream/downstream) with prescribed performance requirements that include bandwidth, latency, or error-rate guarantees or other parameters that define delivery under a Tariff or in a service-level agreement. In addition to commenting on this proposed definition for part 4’s purposes, we ask commenters whether there are any other descriptors needed to ensure both the clarity and breadth of the services that should be included within dedicated services for part 4 reporting assurance purposes. 24.
Dedicated services are important components for creating private or virtual
private networks across a wide geographic area, and for enabling the secure and reliable transfer of data between locations, including the provision of dedicated Internet access and access to innovative broadband services. Dedicated services, however, [are] distinctly different from the mass marketed, “best efforts” [BIAS] provided to residential end users, such as AT&T’s U-verse or Comcast’s XFINITY. Dedicated services typically provide dedicated symmetrical transmission speeds with performance guarantees, such as guarantees for traffic prioritization, guarantees against certain levels of frame latency, loss, and jitter to support real-time IP telephony and video applications, or guarantees on service availability and resolving outages. As such, dedicated services tends to cost substantially more than “best efforts” services and are offered to businesses, non-profits, and government institutions who need to support mission critical applications 18
and have greater demands for symmetrical bandwidth, increased reliability, security, and service to more than one location.
As with BIAS, we seek comment on the extent to which those who provide
dedicated services are in a position to inform the Commission of the source and cause of reportable outages. We believe that such providers are reasonably likely to be well-informed about these questions. Dedicated services providers also provision service “solutions” for other communications providers; for example, mobile providers use dedicated services to backhaul voice and data traffic. 26.
With respect to negotiated terms and conditions for assurance, is it standard
industry practice to inform dedicated services customers about the nature of any particular outage or performance issue that triggers assurance guarantees (i.e., credits)? Does this also extend to inform such customers about any non-service impacting outages, regardless of the seriousness of the outages, or to inform customers as to the provider’s overall performance using an established set of metrics? For example, are dedicated service customers interested in nonservice impacting outages whose notification helps inform resiliency decisions or helps inform predictive risk mitigation actions based on a larger data set of observed failure modes? If so, how are such customer needs addressed through contract negotiations or, post-contract, through course of dealing between parties or by other means (e.g., Industry Data Breach Annual Summaries, academic research, etc.)? 27.
We recognize that variation between and among dedicated services providers, the
services they provide, their customers’ service needs and profiles, and other factors may indicate differences that we should consider with respect to the benefits and burdens of dedicated services
outage reporting. Accordingly, we seek comment on such differences, and particularly their impact on relative costs and burdens for outage reporting. 28.
In sum, to ensure the Commission can effectively discharge its public safety
mandates and mission with respect to the communications networks and services upon which America’s citizens, businesses and governmental organizations rely, we propose that BIAS providers be required to report outages pursuant to the Commission’s part 4 rules, and we propose to update existing outage reporting metrics to reflect broadband disruptions involving dedicated services and provide clarity as to scope of covered services. We recognize that this approach may not capture the full scope of communications services, but we believe, at this time, that the costs of extending our outage reporting requirements beyond these services may exceed the benefits. We seek comment on this view. To the extent commenters believe that there are other communications providers that provide broadband-related services warranting part 4 outage reporting, we invite commenters to elaborate in detail. 3. 29.
Proposed Reporting Process for Broadband Providers
Three-part submission process. We seek comment on whether to apply the three-
part structure used by other reporting entities under part 4 to covered broadband service providers. This process would require the provider to file a notification to the Commission within 120 minutes of discovering a reportable outage as further defined in Section V.B.; an initial report within 72 hours of discovery of the reportable outage; and a final report within 30 days of discovering the outage, similar to the process described in 47 CFR 4.9(a), (c)-(f) for cable, satellite, SS7, wireless, and wireline providers. Covered providers would submit all reports electronically to the Commission and include all of the information required by Section 4.11 of the Commission’s rules. A notification would include: the name of the reporting entity; the date and time of the onset of the outage; a brief description of the problem, including root 20
cause information and whether there were any failures of critical network elements, if known; service effects; the geographic area affected by the outage and a contact name and telephone number for the Commission’s technical staff. We note that this notification requirement is distinct from a covered 911 service provider’s obligation to notify PSAPs in the event of an outage impacting 911 service, 47 CFR 4.9(h), and we defer discussion of those notification requirements to PS Docket Nos. 13-75 and 14-193. The initial reports would include the same information, and in addition, any other pertinent information then available on the outage, as submitted in good faith. Further, the provider’s final report would include all other pertinent information available on the outage, including root cause information where available and anything that was not contained in or changed from the initial report. 30.
Reporting requirements concerning critical network elements. Pursuant to the
requirements of Section 4.11 of our rules, once an outage triggers a reporting requirement, there is certain information that we expect providers, acting in good faith, to include in their reports to the extent such matters are at issue in a given reportable event and the provider, through the exercise of reasonable due diligence, knows or should know the facts. We believe our concept of reportable outages must evolve as new events threaten the reliability and resiliency of communications in ways that can expose end users to serious risks, to that end we routinely update the NORS data fields to reflect changes in technology and seek to do so here. Specifically, we expect providers to include information in their reports concerning (1) the failure of facilities that might be considered critical network elements, and (2) unintended changes to software or firmware or unintended modifications to a database to the extent relevant to a given outage or service disruption that is otherwise reportable. We seek comment on this approach.
We propose to consider a network element “critical” if its failure would result in
the loss of any user functionality that a covered broadband provider’s service provides to its end users. For example, Call Agents, Session Border Controllers, Signaling Gateways, Call Session Control Functions (CSCF), and Home Subscriber Server (HSS) could be considered “critical” network elements. And, we believe that information concerning such failures uniquely provides a sharper network and service vulnerability focus that would further the Commission’s public safety and related missions by enhancing the Commission’s situational awareness and network operating status awareness. We seek comment on this assessment. We seek comment on these views and on this reporting approach. Additionally, we propose that to the extent unintended changes to software or firmware or unintended modifications to a database are revealed as part of reportable disruptions, we should be apprised of those facts through the outage reports providers submit. 32.
As with events involving critical network element failure, we propose to modify
the NORS interface to support information regarding outages and disruptions that are associated with unintended changes to software or firmware or unintended modifications to a database. This is consistent with our customary practice of updating NORS information fields as technologies and services evolve. Thus, if unintended changes to software or firmware or unintended modifications to a database played a role in causing an otherwise reportable outage, we would expect providers’ reports to include specific detail about the nature of the associated facts. The Commission seeks comment on what information would be useful to understand these exploitations. Would it be helpful for us to use open fields so that outages can be described in terms defined by the provider acknowledging that these may differ from provider to provider? We seek comment on this approach. We recognize that unintended changes to software and firmware and unintended modifications to a database may not always manifest themselves in the 22
form of reportable communications “outages” as traditionally defined by the Commission or as we propose for broadband outage reporting. Are there additional data drop-down menu fields we should consider beyond those proposed above that would provide significant information about broadband outages? Would it be useful to establish pre-defined elements in the reporting metrics that would provide the Commission with more consistent failure information that would improve long-term analysis about unintended changes to software and firmware or unintended modifications to a database that would not otherwise be reported to the Commission? For example should the Commission receive information on distributed denial of service (DDoS) attacks in order to support an improved correlation should multiple outages involve DDoS as a contributing factor? 33.
Should we expand our definition of Part 4 outages to include failures that are
software-related or firmware-induced, or unintended modifications to a database that otherwise do not trigger hard-down outages or performance degradations as described below? For example, should a route hijacking that diverts packets to another country, but still delivers the packets to the consumer be a reportable outage? If so, we seek comment on this position. What process should be followed to make the Commission aware of such disruptions? Would such a requirement be unnecessary were the Commission to adopt proposed data breach reporting requirement proposed in the Broadband Privacy Notice of Proposed Rulemaking, WC Docket No. 16-106? 34.
We seek broad comment on updates to our traditional NORS reporting processes
and expectations when reportable broadband outages involving unintended software or firmware changes or unintended modifications to a database occur. We ask commenters to address whether valid public safety, national security, economic security or other reasons support the kind of granular reporting features we now describe for broadband, and whether such reasons 23
justify treating broadband outage reporting differently from non-broadband outage reporting. Do commenters believe that alternative approaches should be explored that could ensure that the Commission receives all useful outage and disruption causation information in a timely and costeffective manner? 35.
Also, as discussed below, we propose to adopt the same reporting approach for
interconnected VoIP providers as we have for legacy service providers (i.e., a notification, interim report and final report). We seek comment on this proposal. Alternatively, we seek comment on whether all reporting (i.e., legacy, broadband and interconnected VoIP) should be adjusted to a two-step process. Are there other similar steps that we should consider that would ensure adequate reporting in reasonable, appropriate time intervals across the various technologies at issue for reporting? 36.
We seek comment on other steps the Commission can take to make providers’
reporting obligations consistent across services or otherwise streamline the process. As with other covered providers in § 4.9, we seek comment on whether 9-1-1 special facilities are served by BIAS and dedicated services providers such that a reporting requirement when 9-1-1 special facilities experiences a reportable outage or communications disruption would be warranted. Similarly, each covered provider in part 4 is required to report outages and communications disruptions to special offices and facilities (in accordance to § 4.5 (a) through (d)). We seek comment on whether special offices and facilities are served by BIAS and dedicated services providers such that a reporting requirement when these experience a reportable outage or communications disruption would be warranted. One potential benefit of the transition to more advanced communications technologies is the ability to automate processes that historically have required a significant amount of manual processing. We seek comment on whether there are ways of automating the outage reporting process beyond what has been possible or has been 24
attempted in the context of legacy communications services. How could such automated reporting be accomplished? What are the advantages of such a reporting mechanism? What are the disadvantages? What cost savings would result from any such automation? 4.
Proposed Metrics and Thresholds for Broadband Network Outage Reporting a.
“Hard Down” Outage Events Metrics and Thresholds
By “hard down” outage events, we refer to outages that result in loss of service, as
opposed to performance degradations discussed below. In determining the appropriate metrics and thresholds for our broadband outage reporting proposals, we initially sought comment on the method for calculating the “user minutes” potentially affected by a broadband outage. In the 2011 Part 4 Notice, we proposed using potentially-affected IP addresses as a proxy for the number of potentially affected users. At least one commenter claimed using IP addresses would tend to overstate the impact of an outage, and advocated using subscriber counts instead. More recently, in response to our proposal for major transport facility outage reporting, Comcast recommended using a “bandwidth-based standard” as a potential replacement for our userminute metric used for major transport facility outage reporting. In light of technological advances, we now seek to revisit this issue. 38.
We further propose a throughput-based metric and threshold for “hard down”
outage events. We propose to define “throughput” as the amount of information transferred within a system in a given amount of time. In light of significant changes in technology and the characteristics of broadband networks generally, we believe that it is appropriate to tailor our approach with respect to the identification of a threshold event for hard-down outages. Since part 4 was first enacted, the communications network architecture and elements, and the services carried over those networks, have grown more diverse and require increased throughput. The 25
Commission currently uses DS3 as the unit of throughput with which to calibrate our reporting threshold for major transport facility outages. The companion document, Report and Order, adopts an updated metric, changing the standard from DS3 to OC3. Given the accumulating amount of throughput required to deliver today’s broadband services, we believe that 1 Gbps would function as a modern-day equivalent of the DS3 (45 Mbps) unit originally adopted in 2004,we now calculate that a gigabit can support nearly 24DS3s or 16,000 DS0s (64 Kbps voice or data circuits). This can be seen in the increased deployments of residential communications services offering up to 1 Gbps in download speeds. As such, we tentatively conclude that the threshold reporting criterion for outages should be based on the number of Gbps minutes affected by the outage because Gb is a common denominator used throughout the communications industry as a measure of throughput for high bandwidth services. We further propose to introduce a broadband metric calibrated with the current 900,000 user minute threshold. In today’s broadband environment, a typical user requesting “‘advanced telecommunications capability’ requires access to actual download speeds of at least 25 Mbps.” Accordingly, we calculate that if a facility with throughput totaling 1 Gbps providing individual users 25 Mbps of broadband capacity each, experienced a disruption to communications resulting in a complete outage, 40 individual users would be impacted. We calculate that 1Gbps in throughput total, which is converted to 1,000 Mbps, is divided by 25 Mbps as the download speed for each user, would result in a total of 40 individual users impacted by an outage event. In establishing a gigabit per second user minute threshold, we calculate that 900,000 user minutes divided by the 40 individual users impacted by the outage, results in 22,500 Gbps user minutes. The 22,750 Gbps user minute figure was derived from the current threshold-reporting criterion of “900,000 user minutes.” Assuming a 25 Mbps broadband user connection, as stated in the 2015 Broadband Progress America report, being delivered over a 1 Gbps facility, we compute: 1 Gbps 26
divided by 25 Mbps equals 40 broadband user connections. Then, 900,000 user minutes divided by the number of impacted broadband user connections, 40, equals 22,750 Gbps user minutes. This means that an outage event would become reportable when it resulted in 1 Gbps of throughput affected in which the event exceeds 22,500 Gbps user minutes. To determine whether an outage event is reportable using this threshold, we multiply the size of the facility measured in Gbps, by the duration of the event measured in minutes, and this total generates a Gbps user minute number. If this user minute number exceeds 22,500, then the outage event is reportable to the Commission. So for example, if a 1 Tbps (terabits per second) facility experienced a disruption for 45 minutes, we would multiply 1000 by 45 minutes to get 45,000 Gbps user minutes, and since this figure exceeds 22,500 Gbps user minutes, the outage event would be reportable. We seek comment on the analysis presented, which would establish a reporting threshold of an outage of 1 Gbps (gigabit per second) lasting for 30 minutes or more. 39.
We seek comment on a throughput-based metric and its advantages or
disadvantages over a user-based metric, for example, a 900,000 user-minute metric that treats broadband users for measurement purposes as those broadband end users that have no service. We also seek comment on whether a throughput-based metric would be more appropriate for some networks rather others. For instance, would our proposed 1 Gbps throughput threshold be appropriate for both BIAS and dedicated services? If not, why not? Should we consider a throughput-based metric for BIAS networks set at a lower threshold, such as 25 megabits per second (Mbps)? Would this result in an unacceptably small number of outages reports? How well would a threshold of 1 Gbps or greater lasting for 30 minutes or more reflect the geographic scope and impact of an outage and the number of subscribers impacted by an outage? Would a user-minute based threshold better capture the geographic scope and impact of an outage and the number of subscribers impacted? Does using a throughput metric in lieu of potentially-affected 27
IP addresses, or that of subscriber count, as described below, provide better information to the Commission? Would a throughput metric be less or more burdensome for providers than a userbased one? If so, why? How might the increasing availability of Gbps services affect the usefulness of throughput as an outage indicator? Is there a better throughput threshold than 1 Gbps or greater lasting for 30 minutes or more? If so, what would it be? 40.
In addition, we revisit the 2011 proposal to use potentially-affected IP addresses
as a proxy for the number of potentially affected users. If we were to adopt the 2011 proposal, would the metric overstate the impact of an outage? If so, by how much would the outage impact be overstated? How well could a potentially-affected IP addresses threshold effectively communicate the geographic scope and impact of an outage and the numbers of subscribers impacted? Would the increasing deployment of IPv6 addresses affect the utility or accuracy of this proposed metric, and if so, how? Would using subscriber counts as a proxy for number of users be a more accurate metric to determine the impact of an outage? In what ways do providers measure the number of subscribers now? Do providers measure broadband subscribers apart from other types of subscribers? If so, why? Which new subscribers would be counted under the proposed rules that were not previously counted? Should we consider unique subscriber-based metrics for BIAS and dedicated services provider? In instances of outage events lasting less than 30 minutes, should we consider whether subscriber-based metrics should be more indicative of a network outage impacting a large metropolitan area or geographic region? What benefit would this add to our proposed broadband outage reporting rules? Do current provider subscriber counts measure the total number of subscribers served at any given time? Are provider subscriber counts verified at the occurrence of an outage or disruption? What difficulties, if any, would covered broadband providers experience in applying a subscriberbased metric? 28
Performance Degradation Outage Events Metrics and Thresholds
The following section addresses requirements to report outage events in cases of
significant degradation of communication. We tentatively conclude that outage events are reportable when there is a loss of “general useful availability and connectivity,” even if not a total loss of connectivity. We propose a series of metrics and thresholds that we believe could identify outage events that significantly degrade communications: (1) a combination of packet loss and latency metrics and thresholds, and (2) a throughput-based metric and threshold. Finally, we seek comment on the appropriate locations for significant degradation of communication measurements. (i) 42.
“Generally Useful Availability and Connectivity”
Consistent with the part 4 definition of an “outage,” in 47 CFR 4.5(a) (defining an
“outage” as “a significant degradation in the ability of an end user to establish and maintain a channel of communications as a result of failure or degradation in the performance of a communications provider’s network), we again seek comment on whether covered broadband providers should be required to report disruptions that significantly degrade communications, including losses of “generally useful availability and connectivity” as measured by specific metrics. We propose to define “generally useful availability and connectivity” to include the availability of functions that are part of the service provided (i.e., “service functionality”). We tentatively conclude that outage events experiencing significantly degraded communications include those events with a loss of generally useful availability and connectivity, and seek comment on this tentative conclusion. 43.
In 2011, ATIS stated that losses of “generally useful availability and
connectivity” not resulting in a complete loss of service should not be reportable under the part 4 29
rules, arguing that such events are “more akin to static/noise on legacy communications systems or error rates in DS3 lines…” However, the loss of “generally useful availability and connectivity” in the broadband context would appear to be more akin to a legacy voice call during which the users cannot hear or make themselves understood, tantamount to a complete loss of service. This threshold may be even more recognizable in a digital context where effective bandwidth minimums are well understood. Accordingly, we reintroduce the Commission’s 2011 proposal to require covered broadband providers to report on losses of ‘generally-useful availability and connectivity’ to capture analogous incidents where customers are effectively unable to use their broadband service. We seek comment on this proposal. 44.
We also seek comment on possible alternatives or additional metrics of generally-
useful availability and connectivity. For instance, should the Commission create a reporting metric based on loss of network capacity? If so, how should the Commission quantify a loss of a network capacity for reporting purposes, and what would be an appropriate reporting threshold? Should we consider a metric measuring the average relative bandwidth, where providers would compare the active bandwidth against the provider’s bandwidth advertised or offered? Could such a metric be quantified for reporting purposes? If so, what would be an appropriate reporting threshold? What other metrics should the Commission consider? (ii) 45.
Metrics for Performance Degradation
In addition to the metrics for generally-useful availability and connectivity, we
seek comment on potential broadband outage reporting metrics to measure significant performance degradation in communications. In this regard, we propose two sets of proposals. We propose a throughput metric and seek comment on the appropriate thresholds; or, propose an alternative metric based in a combination of three core metrics, throughput, packet loss, and latency, and seek comment on the appropriate thresholds. Moreover, we seek comment on the 30
extent potential metrics for generally-useful availability and connectivity may overlap with the proposed metrics for significant performance degradation in communications. 46.
First, given that throughput is widely recognized as a key metric for measuring
network performance, we propose using a throughput metric threshold at 1 Gbps for a network outage or service disruption event lasting 30 minutes or more. In addition to the use of a throughput metric for hard down outages described above, a throughput metric can also determine when a significant degradation occurs in a network, as transmission rates decline as network congestion increases. In addition to throughput, we seek comment on the utility of two other metrics to indicate broadband network performance degradation: packet loss and latency. Can a proposed 1 Gbps event lasting for 30 minutes threshold capture instances in which the network suffers an outage or experience degradation in network performance? Would it be more appropriate to maintain the 900,000 user-minute threshold for throughput? If so, why? How would it be determined and calculated to be equivalent to a throughput-based metric of 1 Gbps threshold? How would maintaining the 900,000 user-minute threshold capture and account for the complexities found in broadband networks and the outages occurring on those networks? We also seek comment on whether a throughput threshold for performance degradation should require a carrier’s average throughput to drop a nominal percentage, say 25 percent, below normal levels. How would such a threshold be measured and reported should this threshold be reached? Would this effectively capture the impact to network subscribers and facilities? Is a nominal drop of 25 percent in average throughput thresholds indicative of noticeable network performance degradation? We seek comment on this approach. 47.
We seek comment on a second proposal looking at these proposed core metrics —
packet loss, latency, and throughput. To what extent do covered broadband providers already collect information on packet loss, latency, and throughput? Are any of the metrics better suited 31
than others at measuring loss of generally-useful availability and connectivity of broadband service? Are there any alternate performance metrics that would more effectively capture network outages or performance degradation? If so, what are they and do these providers already capture these metrics? Are any of the metrics more cost-effective to monitor than others, and if so, which are they and why? 48.
We further propose to limit the scope of outage filings to those events that affect
customer communications. We seek comment on this approach. In addition to packet loss, latency, and throughput, we seek comment on whether there are other metrics and thresholds that would be indicative of events impacting customer communications, and comment about other appropriate indicators that might better reflect when these communication services are disrupted. Are there existing measurement efforts regarding network performance and assurance conducted by the Commission that would provide better guidance in determining reporting thresholds for broadband network outage reporting? How are these other performance and assurance measurements aligned with our proven public safety and reliability efforts in our current part 4 outage reporting efforts? How does the use of these network performance metrics complement or conflict with other efforts at the Commission? The Commission is providing guidance across a number of areas regarding network performance metrics and measurements ensuring users receive adequate and expected network performance from their service subscriptions. 49.
Alternatively, should we consider adopting more specific, absolute thresholds for
packet loss, latency, and throughput to measure significant performance degradation of communications? In 2011, the Commission proposed that service degradation occurs whenever there is a noticeable decline in a network’s average packet loss; or average round-trip latency; or average throughput of 1 Gbps, with all packet loss and latency measurements taken in each of at least six consecutive five-minute intervals from source to destination host. If absolute thresholds 32
are preferable, how would these particular thresholds be calculated and determined? Would an absolute threshold still be appropriate with current broadband systems? How could the reporting thresholds for packet loss, latency, and throughput be set at appropriate levels? If any of these thresholds should be adjusted, what is an appropriate threshold? Should the requirement to take performance measurements in six consecutive five-minute intervals be modified? If so, how? 50.
We also seek comment on whether these metrics support a consistent reporting
standard across all broadband provider groups. The Commission recognizes that there may be different metrics for performance degradation for different services and that a “one size fits all” approach to determining appropriate metrics and thresholds indicating the health and performance of broadband networks and services may not be appropriate depending on underlying quality of service and network performance requirements. Are these metrics (packet loss, latency, and throughput) appropriate to evaluate performance for both BIAS and dedicated services? Alternatively, are these metrics unique to either BIAS or dedicated services, but not appropriate for both? We also seek comment on whether and how the proposed metrics should differentiate mobile broadband from fixed broadband. Are there unique attributes of mobile broadband that we should consider for our outage reporting purposes? For example, will application of these metrics to mobile broadband result in too many instances where, although a threshold is passed, there is no major problem with the network? Why or why not? Are other network performance metrics more suitable for mobile broadband than fixed broadband, and if so, what are they? (iii) 51.
Measurement of Performance Degradation
We also seek comment on the end points from which covered broadband
providers would measure whether there is performance degradation. In the case of BIAS providers, we believe that these metrics should be measured from customer premises equipment 33
to the destination host. For dedicated services providers, we believe that the metrics should be measured from the closest network aggregation point in the access network (e.g., DSLAM serving DSL subscribers) to the closest network facility routing communications traffic or exchanging traffic with other networks (e.g., PoP, gateway). 52.
We seek comment on these tentative conclusions, and on whether these end-
points for measurement are appropriate for their corresponding services, as well as the use of the term “destination host” for all providers. Does “destination host” appropriately cover the various types of network facilities used by covered broadband providers to connect to their customers and/or exchange traffic with other networks? Where in a BIAS network should the measurements take place to record the measurements most accurately? In a dedicated services network? At what level of aggregation should the measurements be taken in the BIAS and dedicated services networks? What is the best way to determine the measurement clients and servers are correctly chosen to accurately measure the proposed metrics? Are there other terms that would better describe the point where network traffic is routed and aggregated from several endpoints (e.g., network aggregation point) for either type of service? For example, should we follow the performance metrics established under the Measuring Broadband America program or other broadband measurement metrics developed by the Commission? We also seek comment on a scenario in which the “destination host” is on another BIAS provider’s network. In that case, how would the original BIAS provider detect an outage on its network path? We seek comment on this scenario and anything else the Commission should consider with respect to network end-points. 5. 53.
Broadband Reporting Confidentiality and Part 4 Information Sharing
Currently, outage reports filed in NORS are withheld from routine public
inspection and treated with a presumption of confidentiality. We propose to extend this same 34
presumptive confidential treatment to any reports filed under rules adopted pursuant to this FNPRM, including broadband outage reporting filings. We recognize, however, that this approach of presumed confidentiality may need to evolve as networks, and consumer expectations about transparency, also evolve. Accordingly, we seek comment on the value and risk of increased transparency with respect to information about, or select elements of NORS reports filed under the current part 4 rules and any additional rules adopted pursuant to this FNPRM. 54.
As noted in the Report and Order companion document, we believe that the
proposal of sharing NORS information with state and other federal entities requires further investigation, including where state law would need to be preempted to facilitate information sharing. The Commission currently only shares access to the NORS database with DHS. 55.
To assist the Commission, we direct the Bureau to study these issues, and develop
proposals for how information could be shared appropriately with state entities and federal entities other than DHS. Accordingly, we seek comment on the current reporting and information sharing practices of broadband and interconnected VoIP providers with state governments and other federal agencies. To which agencies and States do providers already report? To what extent is reporting mandatory? What information on outages or communications disruptions do providers report to other federal and state government bodies? What triggers the reporting process? What are the strengths and weaknesses of any existing reporting and information sharing processes? Could any such processes provide an avenue for the Commission to acquire data that it would otherwise receive under the proposed rules? If so, how? What else should the Commission consider regarding the current reporting and information sharing practices of broadband or interconnected VoIP providers? Commenters should address the impact of any other information sharing activities on the part 4 mandates 35
proposed herein, and how these requirements might be tailored to ensure compliance without undue imposition on those other information sharing activities. 56.
We seek comment on how the Commission can strike the right balance between
facilitating an optimal information sharing environment and protecting proprietary information. Our goal is to foster reciprocal sharing of information on broadband network outages with federal and state partners, while maintaining confidentiality among those partners and of information contained in the outage reports. To ensure that the Commission benefits from information that providers make available to other federal agencies or state governments, should we encourage covered broadband and interconnected VoIP providers to provide the Commission with copies of any outage reporting that they currently provide to states or other federal agencies, to be treated in the same manner (i.e., confidential or non-confidential) as the entity receiving the original report? Are there alternative methods toward sharing this information? Should we ask our federal and state government partners to provide a preferred path toward sharing this information? We recognize that other federal and state agencies may have different requirements for licensees and FCC regulated entities, and we seek comment on the wider regulatory landscape in which broadband providers may or may not already be reporting outages. Are there special considerations required for the new filings or information collected that the Commission has not previously accommodated for part 4 providers? If so, what adjustments to our original information sharing proposals in the Notice should be made for these new NORS filings and information collected? 6. 57.
Cost-Benefit Analysis for Broadband Network Outage Reporting
In the 2012 Part 4 Order, the Commission deferred action on several broadband
outage proposals because they were “sharply opposed by industry on several bases, but especially based on the expected costs.” In this FNPRM, we seek to update the record on the 36
costs of implementing broadband outage reporting, and also seek comment on the costs of compliance with any additional reporting requirements considered herein. We also seek comment on the costs associated with any alternative proposals or unintended modifications to proposals set out by commenters. Specifically, we invite comment on the incremental costs of detecting and collecting information on the outage thresholds described above; the costs of filing reports in NORS; and the costs associated with any additional reporting or other requirements the Commission may adopt to promote network reliability and security. Comments in this area should not focus on new equipment but on the cost of modifying existing outage detection systems to detect and notify the Commission on observed outages meeting reporting thresholds proposed in this FNPRM. a. 58.
Costs of Detecting and Reporting Outages
We first consider the costs associated with detecting and collecting information
on reportable outages under the proposed rules. As a general matter, we agree with the 2011 comments of the National Association of State Utility Consumers Advocates (NASUCA) and the New Jersey Division of Rate Counsel, who observe that VoIP and “broadband [providers] should already be collecting outage-related data in the normal course of conducting their businesses and operations.” We believe this to be as true today as it was in 2011 in light of service providers’ public assurances of network performance and reliability. If covered broadband providers already collect internal data to support claims of high network reliability through advertising, we anticipate that they would be able to provide the Commission with similar information at minimal incremental cost. For this reason and others discussed below, we do not believe that requiring covered broadband providers to submit outage data would create an unreasonable burden.
Outages Defined by Threshold Events
To begin, we note that nearly all providers already have mechanisms in place for
determining when an outage occurs and when it surpasses a certain threshold, and if a provider does not, in today’s wired world it would not impose significant cost to install such a mechanism. In fact, the record reflects that providers routinely monitor the operational status of their network as part of the normal course of business. Verizon, for instance, explained in 2011 that it “has significant visibility into its broadband networks.” We believe that any provider with “significant visibility” into its network already has the ability to detect network failures or degradations that result in a total loss of service for a large number of customers. Commenters appear to concede this view. Both ATIS and AT&T proposed alternative reporting schemes that would require reporting on total losses of broadband service, and AT&T submits that its proposed scheme would be “unambiguous and easy-to-apply.” CenturyLink likewise admits that “reporting by a broadband Internet access service provider where there is a loss of connectivity to the Internet by end-users is reasonable.” Comments like these, along with ubiquitous advertising on network reliability and performance generally, suggest that the regime described above to report total losses of broadband service would not impose significant additional burdens on providers. We seek comment on this discussion. (ii)
Outages of “Generally Useful and Available Connectivity”
In 2011, industry commenters identified data collection costs as the most
significant cost burden of the proposed rules for performance degradation events. However, we note that the proposed reporting based on loss of “generally-useful availability and connectivity” does not concern every degradation in performance an individual user experiences, but is instead designed to capture incidents in which service is effectively unusable for a large number of users 38
or when critical facilities are affected. We seek further comment on the extent to which providers already collect performance degradation data for internal business purposes. In 2011, covered VoIP and broadband providers were already monitoring QoS metrics, like packet loss, latency and jitter, to assess network performance for certain customers. Today, providers collect network performance information as a necessary part of fulfilling their SLA duties for particular customers, and more generally, providers have significant incentives to track these metrics as part of their network, service, and business risk assurance models. In other words, providers’ existing approaches for network data collection for premium customers likely already captures losses of “generally-useful availability and connectivity,” and we believe similar techniques could be expanded to monitor network performance on a broader scale. By building on existing provider practices and harnessing technological developments in network monitoring, we believe that the proposals for broadband reporting requirements described herein would not be unduly costly. 61.
Because providers already routinely collect much of this data, we believe that the
cost of compliance of additional rules would be only the cost of filing additional reports. We seek comment on this discussion. If providers do not collect this data, is there similar or comparable data that providers already collect, or could collect at minimal expense, that would be as cost-effective as data they would report under the proposals outlined above? If so, what data, and would it provide the Commission with adequate visibility into events that cause a loss of generally-useful availability and connectivity for significant numbers of broadband users? What would the cost be of this comparable data? 62.
We seek comment on whether we should implement a prototype phase of two
years whereby providers would be given significant latitude to determine a qualifying threshold for the “generally useful availability and connectivity” standard. While mandatory reporting 39
would remain, the data collected would positively inform standards in this category that would be broadly applicable to the Commission’s needs in this area yet closer to what the reporting companies use for their own operations, thereby reducing potential costs for providers. We seek comment on this analysis. b. 63.
Costs of Filing Outage Reports
While we anticipate that the costs of filing reports under the proposed rules—i.e.,
of reformatting and uploading information in the NORS database—would not impose an unreasonable burden on covered broadband providers, we seek comment on the specific costs. Outage reports are currently filed in the Commission’s web-based NORS database using simple and straightforward “fill-in-the-blank” templates. NORS currently accepts reports for legacy service outages (wireline, wireless, etc.), as well as interconnected VoIP “hard down” outages. We expect that any reports from covered broadband providers pursuant to rules ultimately adopted in this proceeding would adhere to the same efficient and streamlined process. 64.
In light of growing overlap in corporate ownership of telecommunications
network and service offerings, we expect that the inclusion of broadband service under part 4 would largely extend reporting obligations to providers already familiar with reporting via NORS and with internal processes in place for filing reports. We recognize that entities without prior experience reporting in NORS, either themselves or through affiliates, may incur some startup costs, i.e., of establishing a NORS account and training personnel in the use of NORS. We seek comment on this analysis and what specific startup costs would be. 65.
Furthermore, we believe the overall cost to providers of filing disruption reports is
a function of the number of reports that are filed and the costs of filing each report. Previously, the Commission has estimated that the filing of each three-stage outage report (i.e., notification, initial report, and final report) requires two hours of staff time, compensated at $80 per hour, 40
amounting to a $160 total cost for the provider. We believe that this estimate remains valid. Moreover, we estimate that adoption of the proposed rules for covered broadband providers would result in the filing of 1,083 reports per year, based on the likely correlation of broadband Internet access service outages with interconnected VoIP outages, in which there were 750 reports in 2015, and of broadband backbone outages with interoffice blocking outages, in which there were 330 reports in 2015. In other words, based on 2015 figures, we estimate that there would be approximately 750 reportable VoIP outages, added to the 330 reportable broadband outages independent of VoIP, results in 1,083 total reports. Accordingly, we estimate that adoption of the rules proposed in this FNPRM would create $173,280 in reporting costs; calculated by adding the number of VoIP and broadband outages in 2015, and multiplying by the expected cost of $160. We seek comment on this cost estimate. c. 66.
Benefits of Proposed Network Outage Reporting
On balance, we believe that the proposals of this FNPRM would ultimately
produce substantial benefits for the public. As noted above, the nation is increasingly reliant on broadband communications, and disasters, pandemics, and cyber attacks can lead to sudden disruptions of normal broadband traffic flows. Adopted prior to widespread adoption of broadband, the current part 4 outage reporting rules have played a significant role in the Commission’s successful efforts to promote reliable and resilient communications networks. The Commission’s receipt of data on broadband service (and expanded interconnected VoIP service) disruptions would enable it to adapt this established practice to a world in which IPbased networks are increasingly relied on for critical communications—including 911 service— as well as for financial transactions, health care delivery and management, and the operation of our nation’s critical infrastructure.
Given the large and rising volume of communications that occur over broadband
networks—and the overall economic value these communications represent—even minor increases in network reliability that result from outage reporting could have a significant public benefit. We believe that the benefits of the proposed reporting requirements will be substantial, as increases in network reliability can improve not only business continuity, but also the availability of emergency response, thereby saving many lives. We therefore expect that, even if only a few lives are saved each year, the annual benefit from these proposed changes will far exceed the costs they impose on affected parties. We have noted throughout this FNPRM that the harm from not requiring broadband outage reporting could be substantial, and we believe that the benefits of the proposals would far exceed the costs. We seek comment on other harms that consumers or providers face currently or may face in the future as a result of loss of connectivity that could have been avoided if industry outage trends had been spotted earlier and addressed more constructively through NORS reporting. We seek comment on the total expected benefit of the proposed reporting requirements for broadband providers. B.
Interconnected VoIP Outage Reporting
In 2012, the Commission adopted limited outage reporting requirements for
interconnected VoIP providers. The rules apply to both facilities-based and non-facilities-based interconnected VoIP services. Since extending outage reporting to interconnected VoIP, however, the Commission has not received consistent, timely, or sufficiently detailed reporting needed to promote greater interconnected VoIP service. This causes us now to raise questions about how to stimulate granular and consistent reporting for interconnected VoIP providers that aids the Commission in its efforts to ensure reliable, resilient, and secure interconnected VoIP service for America’s consumers and businesses. Accordingly, we propose to modify the existing reporting process for interconnected VoIP to hew closer to the process for other 42
providers. Lastly, we seek comment on whether there are any differences between interconnected VoIP services and other foregoing broadband services that weigh in favor of establishing different outage reporting rules for the two kinds of service providers. 1. 69.
Interconnected VoIP Outage Reporting Process
We propose to amend the reporting process for outages involving interconnected
VoIP service to harmonize it with the “legacy” services and the proposed reporting process for broadband outages. However, because the current outage reporting rules for interconnected VoIP allow a 24-hour notification period and do not require interim reports, the Commission rarely learns of interconnected VoIP network outages in near real time, and often has to wait almost a month until the final report is submitted to get outage event root causes or other useful information. 70.
Under the part 4 rules for legacy services, specifically 47 CFR 4.11, initial reports
provide the Commission with timely access to more detailed information about an outage than was available to the provider at the time of the notification, in many cases confirming the existence of an outage that was only tentatively reported at the notification stage. However, such initial reports are not required of interconnected VoIP providers, and what’s more, the 24-hour notification period has resulted in notifications being filed well after an outage has commenced, in some cases after the outage has concluded. In one recent instance, an interconnected VoIP outage that affected close to 1 million users across nearly a dozen states was first reported to the Commission twenty-three hours after its discovery. Consequently, for certain interconnected VoIP outages, the Commission must wait until a final report is filed ‒ up to thirty days after the notification is filed ‒ to receive any information about the underlying cause of an interconnected VoIP outage, or even to verify that a reportable outage in fact occurred. Providers also do not report information on the duration of the outage in the notification, and are currently only 43
required to give this information 30 days later in the final report. Thus, we believe that the abridged reporting adopted for interconnected VoIP “hard down” outages creates significant gaps in the Commission’s visibility into such outages and hinders its ability to take appropriate remedial actions. 71.
We recognize that a lack of visibility into underlying broadband networks may
pose challenges to interconnected VoIP providers, in providing information as the cause of the outage. As with BIAS and dedicated services providers, we seek comment on whether interconnected VoIP providers can, do, or should take steps contractually or otherwise to address these problems. At a minimum, we believe that providers should make reasonable efforts to learn about the causes of any reportable outages and thus to be in a position to include such information in their reports, irrespective of whether the affected facility is within their control. Moreover, because interconnected VoIP services often rely on networks that provide BIAS services, we believe that the proposed rules for broadband outage reporting discussed supra largely eliminate this concern and essentially place interconnected VoIP providers on the equal footing with other part 4 entities. Accordingly, we propose to replace the existing reporting structure for interconnected VoIP with the three-report structure used by all other reporting entities, as originally proposed in the 2011 Part 4 Notice. Specifically, we propose to tighten the timeframe for interconnected VoIP providers to notify the Commission of an outage from 24 hours to 120 minutes; to require providers to file an initial report with additional information within 72 hours; and to file a final report within 30 days of the outage that includes all pertinent information about the outage, including any information available that was not contained in or changed from the initial report. All reports would be filed electronically with the Commission. 72.
Furthermore, although not independent triggers for part 4 reporting, we expect
providers to include information in their reports concerning (1) the failure of facilities that might 44
be considered critical network elements (we consider a network element “critical” if the failure of that network element would result in the loss of any user functionality that an interconnected VoIP provider provides to its consumers, for example, Call Agents, Session Border Controllers, Signaling Gateways, Call Session Control Functions (CSCF), and Home Subscriber Server (HSS)), and (2) unintended changes to software or firmware or unintended modifications to a database to the extent relevant to a given outage or service disruption that is otherwise reportable. As described fully in the broadband reporting process above, reports should include specific details. 73.
At this time we believe adopting a three-part reporting structure for
interconnected VoIP outages is appropriate, however, as raised for broadband outage reporting above, we seek comment on other steps the Commission can take to make providers’ reporting obligations consistent across services or otherwise streamline the process. We seek comment on whether there are ways of automating the outage reporting process for interconnected VoIP service providers beyond what has been possible or has been attempted in the context of legacy communications services. How could such automated reporting be accomplished? What are the advantages of such a reporting mechanism? What are the disadvantages? What cost savings would result from any such automation? Alternatively, we seek comment on maintaining the two-step process for interconnected VoIP outages. 2.
Proposed Interconnected VoIP Outage Metrics a.
Outages Defined by Performance Degradation (i)
Metrics for Performance Degradation
We also propose to require interconnected VoIP providers to report outages, per
47 CFR 4.5(a), that reflect losses of “generally useful availability and connectivity” as defined by specific metrics. Similar to our proposal for covered broadband providers, we propose to 45
base performance degradation on packet loss and latency for any network facility used to provide interconnected VoIP service. We also seek comment on whether it would be appropriate to adopt a throughput-based outage metric for interconnected VoIP outage reporting in addition to the throughput metric discussed above with respect to broadband providers, i.e., providers would be required to report an outage of 1Gbps or more of interconnected VoIP service for 30 minutes or more. Are the proposed metrics ‒ relating to packet loss, latency and throughput ‒ well-suited for interconnected VoIP? Would this approach provide better methods for detecting and reporting outages on interconnected VoIP networks? 75.
We recognize that adopting performance degradation metrics may result in an
increased burden on VoIP providers than their legacy voice counterparts. We ask whether interconnected VoIP’s unique technology justifies a departure from a pure “hard down” reporting metric currently required for interconnected VoIP providers and that of legacy counterparts, to the adoption of significant performance degradation reporting metrics? Are there throughputrelated issues associated with interconnected VoIP calling? For example, where the service might be up and running, yet be degraded to a point that emergency call information exchange is negatively impacted? Or, given interconnected VoIP’s dependence on broadband connectivity, are there vulnerabilities associated with that technology that introduce threat scenarios (i.e., attack vectors) that justify the added reporting burden? Are there other considerations we should take into account on the question of adding a performance degradation element to interconnected VoIP providers’ obligations under part 4? 76.
As with our current “hard down” outage reporting for interconnected VoIP, we
propose to apply any new rules to both facilities-based and non-facilities-based interconnected VoIP. Do interconnected VoIP providers have differing standards for network performance? Are non-facilities-based interconnected VoIP providers able to measure and/or access packet 46
loss, latency, and/or throughput measurements? If not, why? How are non-facilities-based interconnected VoIP providers able to determine the network performance requirements for their service? Should the Commission instead adopt a single metric beyond which voice service is so degraded that it is no longer functional? If so, what is that metric and how and where is it measured? Would multiple metrics be required? If so, what would those metrics and how and where would they be measured? We seek comment on these proposals. We also seek comment on how the proposed metrics apply to mobile VoIP. Will application of these metrics to mobile VoIP result in too many instances where, although the threshold is passed, there is no major problem with the network? Are there other metrics that are better suited for mobile VoIP service? If so, why? Should the monitoring period and metrics adopted for interconnected VoIP outage reporting be consistent with the monitoring period and metrics adopted for broadband outage reporting, or are there differences between the two types of services that warrant different monitoring period and metrics? 77.
Alternatively, as with our proposed broadband outage reporting, we could adopt
more specific, absolute thresholds for performance degradation, like those proposed in the 2011 Part 4 Notice for broadband providers, e.g., service degradation occurs whenever there is: (i) an average packet loss of 0.5 percent or greater; or (ii) average round-trip latency of 100 ms or greater, with all measurements taken in each of at least six consecutive five-minute intervals from source to destination host. If absolute thresholds are preferable, are these reporting thresholds for packet loss and latency set at appropriate levels for interconnected VoIP service? Should the Commission adjust any of these thresholds and, if so, what is an appropriate threshold? Should the Commission modify the requirement to take performance measurements in six consecutive five-minute intervals? If so, how?
Measurement of Performance Degradation
Moreover, we seek comment on the end-points from which interconnected VoIP
providers will need to measure these metrics. We recognize that it is important to consider the methods used to measure the proposed metrics and account for the location of the network elements within the interconnected VoIP networks. This will help to ensure accurate and reliable measurements of the proposed metrics to indicate network performance. We propose that these metrics be measured from “source to the destination host.” The term “source” would refer to the network elements responsible for the setting up the VoIP call (e.g., call manager, user agent, client) while the term “destination” would refer to the endpoints routing and executing the call (e.g., VoIP router, softphone). We seek comment on the use of the terms “source” and “destination host” and ask if these terms appropriately cover the various types of network facilities (e.g., CSCF, HSS, AAA servers, SIP servers, Session Border Controllers, Media Gateway Controllers) used by interconnected VoIP providers to connect to their customers and/or exchange network traffic with other interconnected VoIP networks? Are there other terms that would better convey the network elements from which interconnected VoIP providers will need to measure the proposed reporting metrics? b. 79.
Benefits and Costs of Proposed Reporting
We seek comment on whether the benefits of this additional reporting would
outweigh the incremental burden on providers. We estimate that the three-part reporting of an outage—including the filing of a notification, initial report, and final report—imposes only a $300 cost burden on the provider. In 2015, the Commission reviewed 750 interconnected VoIP outages. We expect to review an additional 750 filings for the same number of outages received in 2015, and an additional 75 filings as a result of our performance degradation proposal discussed above. Therefore, 750 plus 75 initial reports multiplied by 0.75 hours it takes to 48
complete an initial report, multiplied by the cost of $80 employee hourly rate, results in $49,500 added cost. We therefore do not believe that expanding the reporting process from two reporting stages to three would significantly increase burdens for providers. We seek comment on this tentative conclusion. To the extent that commenters disagree, we seek comment on alternative, least costly methods. Is there similar or comparable data that providers already collect, or could collect at minimal expense given current data collection practices, that would be more costeffective to report than the data they would report under the proposed rules? If so, what data, and would it provide the Commission with adequate visibility into events that cause a loss of generally-useful availability and connectivity for significant numbers of interconnected VoIP users? What would the cost be of this comparable data? 80.
We believe that the benefits of the proposed rules would exceed the costs. Absent
the rules proposed in this FNPRM, the Commission lacks sufficient visibility into the reliability and security of interconnected VoIP networks. We believe that relevant data is already routinely collected by interconnected VoIP providers (in real time), so the cost of compliance would be only the cost of filing additional reports where necessary. Moreover, we believe that many of the proposed outage reporting triggers for interconnected VoIP, including those based on performance degradation, are likely to be covered by outages to the underlying broadband networks. Therefore, we do not believe the number of additional reports filed annually pursuant to the proposed rules for interconnected VoIP to be significant. We seek comment on this discussion. C.
Call Failures in Radio Access Networks
In the 2015 Part 4 Notice, we sought comment on the reporting of call failures
that result from congestion in wireless radio access networks (RAN), and in non-wireless (i.e., wireline and VoIP) local access networks. We noted that the inability of the access network to 49
support excess demand may not be considered reportable as a “failure or degradation” under our current rules, but the inability of consumers to make calls still undermines the reliability of networks. Nevertheless, we are concerned about the impact of such events on the reliability of 911 service. Because this appears to be predominantly an issue with wireless networks, we proposed to amend our part 4 rules to require reporting of systemic wireless call failures that results from overloading in the RAN. 82.
Requiring reporting of overloading in the access network (wireless radio or non-
wireless local access) should not be interpreted to mean that providers must engineer their networks to account for sporadic spikes in calls. Instead, the reports would provide the Commission with data to identify any trends in network overloading. This could include identifying, for example, a particular network equipment that may be more susceptible to failure in mass calling events. Moreover, analysis of this data allows the Commission to work with industry to address situations where the network consistently fails to address “bursty” call patterns similar to those generated after disaster and wide-scale emergencies. While we recognize the point made by several commenters that networks should not be engineered to be able to transmit every single call if everyone in an area attempted to use the network at once, we believe that it would be in the interest of the public for the Commission to receive information on those situations, so that we can determine if, when, and where, blocking is consistently happening. 83.
Verizon argues that such reporting that would be collecting information “for the
sake of it,” but that point ignores the premise behind our outage reporting rules. Although situational awareness is one goal of outage reporting, another key objective is to provide data to the Commission so that it can detect adverse outage trends and facilitate industry-wide network improvements. Moreover, even though we continue to believe that outage reporting encourages 50
providers to fix problems in their networks, we note that many outage reports do not always result in permanent fixes to the network, as the outage may be a “one-off” event. However, as Public Knowledge observes, we will not know that such events are indeed “one-off,” if the Commission is not aware of them in the first place. 84.
Commenters also note that mass calling events are often unpredictable and
typically short-lived, so they question the value of reporting on such events. However, because a mass calling event can be the consequence of a widespread disaster, we see significant value in collecting information on such events, as these are the incidents where reliable, resilient communications are most needed. Indeed, understanding failure patterns in moments of network saturation can help identify best practices for network management, as well as help certain communities realize a need for greater detail in emergency management plans. We recognize that reporting on mass calling events will not prevent them from occurring in the future, but we believe there is substantial value in analyzing such events in hindsight, as individual providers are unlikely to be able to see how such an event fits into broader industry practices and performance levels. With such data, the Commission would be in a better position to work with providers to address industry-wide problems and share industry-wide mitigation solutions. 85.
With respect to wireless RANs, we propose to consider a cell site to be “out”
whenever a cell tower operates at full capacity (i.e., is unable to process any additional calls) for 75 percent of the time during a period of at least 30 minutes. If the number of potentiallyaffected wireless user-minutes exceeds 900,000 for the cell sites considered “out,” the outage would be reportable. Similarly, for non-wireless local access networks, we propose to amend our outage reporting rules to consider a loop carrier system or remote switch to be “out” whenever a remote terminal or the group of channels connecting a remote switch to a host operates at full capacity (i.e., is unable to process any additional calls) for 75 percent of the time 51
during a period of at least 30 minutes. If the number of user-minutes exceeds 900,000 for the loop carrier systems and remote switches that are considered “out,” the outage would be reportable. 86.
We seek comment on these proposals. Is 30 minutes an appropriate time period
to measure call blockages? If not 30 minutes, what should be the appropriate interval of measurement for averaging purposes? Is 75 percent of that time at full capacity the right percentage of time? Alternatively, what percentage of calls blocked during that period constitutes congestion of the access network? To the extent that commenters oppose our proposal, we encourage them to propose an alternative, workable metric that addresses our concern. Is there a better way to measure persistent, widespread call failures in the RAN or local access network? 87.
With respect to wireless RANs, we seek comment on how providers currently
measure call failures. Would providers know of, and therefore have a way to measure, call attempts when a cell site is fully congested and not accepting call origination information? Also, given that wireless calls are constantly initiated and terminated within any given cell site, could some percentage below full capacity constitute congestive RAN failure for purposes of reporting? For congested cell sites, should the usual methods for calculating the total number of customers affected be used, or should some account be taken of the fact that more than the usual number are trying to use the towers during these periods? 88.
In the Notice, we estimated that under our proposal for reporting of widespread
call failures in wireless RANs, providers would need to file approximately 420 reports per year, thus increasing their annual reporting costs by $67,200. We based this estimate on the assumption that wireless networks and interoffice networks are engineered to achieve comparably low rates of call failure and would have a comparable rate of calls blocked. 52
We seek further comment on the specific costs to implement some type of
reporting on call failures in both the RAN and the local access network. With regard to the RAN, CCA disagrees with an assumption in the Notice that providers are already technically capable of tracking call failures at each cell site, asserting that some of its members “do not currently collect and preserve this information in an ongoing manner.” We seek more specific information about the data that providers already have about call failures and the costs of adding equipment to track call failures at cell sites. To what extent do providers already track call failures in the RAN and the local access network? What other parameters do operators use to determine when new towers or equipment must be installed to meet increasing demand? Commenters should be specific as to the information that their networks can track. Commenters should be specific and realistic in their costs estimates as well. 90.
Moreover, we ask if some type of delayed implementation or exemption for
smaller and/or rural providers would be helpful, particularly given that we expect network overloading is less likely to be an issue in rural areas. If we were to delay implementation of this type of reporting for a certain subset of providers, what would be a reasonable amount of time? What definition of smaller and/or rural carrier would be most appropriate? D.
Geography-based Wireless Outage Reporting
In the 2015 Part 4 Notice, we sought comment on a separate and additional
wireless outage reporting requirement based on the geographical scope of an outage, irrespective of the number of users potentially affected. Wireless outages that may not meet our 900,000 user-minute threshold but cover large geographic areas may be important because wireless service may be the only option in many areas, particularly as the percentage of calls to 911 from wireless devices continues to increase. It may be possible that large geographic areas are regularly losing service, but we are not aware of them (other than by press reports) because they 53
do not meet the 900,000 user-minute threshold. Nonetheless, these outages are especially important to areas where service (wireless or otherwise) is minimal, and when an outage occurs, those in an emergency would have to travel far to make a 911 call. 93.
We propose to amend the part 4 reporting requirements to include wireless
outages significantly affecting rural areas. We seek comment on this proposal. Specifically, we propose to require a wireless provider serving a rural area to file outage reports whenever onethird or more of its macro cell sites serving that area are disabled such that communications services cannot be handled through those sites, or are substantially impaired due to the outage(s) or other disruptions affecting those sites. We seek comment on, alternatively, requiring such reporting upon the disabling of one-half of the macro cell sites in the rural area. In regard to the definition of “rural area,” while the Communications Act does not include a statutory definition of what constitutes a rural area, the Commission has used a “baseline” definition of rural as a county with a population density of 100 persons or fewer per square mile. We propose to use this same definition for purposes of determining wireless outages affecting predominantly rural areas. We ask, however, whether other alternative definitions might be of better use in aiding our visibility into rural-specific outages. For example, should we focus on areas designated for the Universal Service Mobility Fund support? Are there other rural area designation tools or proxies that should be considered (e.g., defining areas by rural exchange operating carrier designations – OCNs)? We seek comment on these questions and proposals. 94.
Is there a geographic area designation other than “rural area,” as defined above,
that aligns better with the way wireless providers measure their own service? For example, is there a subset of any licensed service area (e.g., Cellular Market Area) that wireless carriers could more easily use to identify outages in predominantly rural areas? Or, would the use of zip codes, such as when one hundred percent of a zip code is impacted be an appropriate 54
measurement? Also, we seek comment on whether an outage of at least one-third, or one-half, of cell sites within the rural area would indicate an outage that would be of a nature that it substantially affects wireless coverage for a large geographic area. 95.
We recognize that this issue may become less critical as wireless providers begin
to comply with the new standardized method, adopted in the above Report and Order, for calculating the number of potentially affected users during a wireless outage. By using a national average to determine the potentially affected users per site, will adoption and implementation of this new formula for the number of potentially-affected users increase the reporting of outages in low population areas? We also seek comment on alternative measurements for outages in rural areas. For example, could we adopt a lower user-minute threshold for rural areas to increase the reporting of events affecting rural communities? For example, would a threshold of 300,000 user-minutes in rural areas increase our chances of receiving information on outages that affect rural communities? Conversely, for example, would clear geographic criteria, such as a county-based threshold, for wireless outage reporting simplify the M2M rules for automated outage reporting and eliminate the need for manual interpretations of thresholds? 96.
In the Notice, we estimated that adoption of a geography-based outage reporting
requirement would result in the filing of an additional 1,841 reports per year, thereby increasing reporting costs by $294,560 (i.e., 1,841 reports x $160 staff costs per report). To reach this estimate, we subtracted the number of additional outage reports that would be generated by geography-based reporting from the number of reports that would be submitted for outages that meet the current 900,000 user-minute threshold. We estimated that geography-based reporting would generate additional reports in counties where a wireless provider has fifteen or fewer cell sites. The number of counties with fifteen or fewer cell sites represents 2.7 percent of the total 55
number of cell sites nationwide, based on analysis of data collected from companies given to the Commission during activations from the Disaster Information Reporting System (DIRS) in 2012. Using as a guide counties with fifteen or fewer cell sites, we calculated that a disruption to communications would be reportable under a geographic coverage standard if one or two cell sites in the county are down. Based on historical NORS data, we then estimated that each cell site has a 22.6 percent chance of experiencing an outage within a given year, and using CTIA’s estimate that 301,779 cell sites were in operation nationwide as of the end of 2012, we tentatively conclude that adoption of a geography-based reporting requirement would likely result in the filing of 1,841 additional reports per year, creating an estimate of $294,560 cost burden. 97.
We seek further comment on the costs of implementing a new geography-based
outage reporting requirement for wireless carriers. Sprint and Verizon argue that carriers would need to develop and deploy additional automation tools and monitoring mechanisms. We estimate that, based on our proposal here, our estimate of 1,841 additional reports per year from the Notice will be the same. We seek further comment on a way in which we could capture outages affecting large geographic areas without being overly burdensome for providers. If, for example, we were to adopt an outage reporting requirement when 33 percent of cell sites become disabled within a county, would such a calculation require additional tools or monitoring mechanisms? We assume carriers would already know when (and why) their cell sites become disabled, and would know the number of cell sites per county. Therefore, we believe it would be a relatively easy and inexpensive calculation for providers to determine if a certain threshold of cell sites in a county have become disabled. Is one-third (33 percent) the appropriate threshold? 98.
NTCA comments that the burden would be greater on smaller carriers, where the
failure of one tower may trigger a reporting obligation. While we could consider some type of 56
exemption for smaller carriers, we believe smaller and rural carriers cover precisely the areas targeted by this proposal. Therefore, we do not propose to exempt any carriers. We seek comment on this approach. E.
Refining the Definition of “Critical Communications” at Airports
Commercial aviation increasingly depends on information systems that are not
collocated with airport facilities, and that may carry critical information. We seek comment on requiring reporting of outages affecting critical aviation information facilities that are not airportbased, either as a function of their status as TSP Level 3 or 4 facilities (facilities are eligible for TSP Level 3 or 4 prioritization if they (3) support public health, safety, and maintenance of law and order activities or (4) maintains the public welfare and the national economic system), or upon some other basis. In particular, we seek comment on whether it is correct to assume that some information systems critical to safe commercial aviation are not located within an airport’s facility. If the assumption is accurate, we invite discussion of the architecture of such external systems, including the safeguards currently established for those systems. Were the Commission to explore outage reporting requirements for these systems and facilities, what reporting criteria should it establish? For outage reporting purposes, should the Commission distinguish between facilities enrolled in the TSP program and those facilities that are not? If so, on what basis should the different treatment be premised? What, if any, additional costs might be associated with expanding the reporting obligation to such facilities, whether or not enrolled in TSP? F.
Legal Authority 1.
911 and Emergency Communications
Following the evolution in the country’s commercial communications networks,
the nation’s emergency communications systems are in the process of a critical transition from
legacy systems using time-division multiplex (TDM)-based technologies to Next Generation 911 (NG911) systems that utilize IP-based technologies. 102.
As a result of this transition, the nation’s 911 system will increasingly include the
BIAS and dedicated services, which will support a new generation of 911 call services that may be vulnerable to a similarly new generation of disruptions that may not have existed on legacy 911 networks. Indeed, as NG911 services are increasingly provisioned through broadband network elements, disruptions to broadband could impact the provision and reliability of local 911 voice and other shared services essential to emergency response. Accordingly, we believe that monitoring the resiliency of broadband networks supporting that communication is vital to ensure the reliable availability and functionality of 911 services. 103.
Regarding our proposal to update the outage reporting rules for interconnected
VoIP service providers, 47 U.S.C. 615a-1 instructs the Commission to “take into account any technical, network security, or information privacy requirements that are specific to IP-enabled voice services” and to update regulations “as necessitated by changes in the market or technology, to ensure the ability of an IP-enabled voice service provider to comply with its obligations.” The proposed reporting process seeks to modernize the outage reporting system in light of technology advances and greater consumer adoption of interconnected VoIP service, considering the potential for degradations of service to impact 911 call completion. We seek comment on how Section 615a-1 provides authority to adopt such proposals with respect to interconnected VoIP. 104.
We also believe that our proposals to extend outage reporting to the classes of
broadband providers and services described in this FNPRM are authorized by or reasonably ancillary to our statutorily mandated responsibility under Section 615a-1 to ensure that “IPenabled voice service provider[s] provide 9-1-1 service and enhanced 9-1-1 service.” As noted 58
above, broadband services are now and will continue to be key for delivery of 911 call information (including not only voice but also data and video) from the end-user to a PSAP. Therefore, to ensure broadband-enabled voice service providers comply with their 911 obligations, we seek comment on how our proposals better equip the Commission to meet its Section 615a-1 mandates. Moreover, in light of our obligation to identify capabilities necessary to support 911 and E911 service for interconnected VoIP, 47 U.S.C. 615a-1(6)(c), how would our proposals here enable us to determine if there are capabilities currently not captured by our rules? We seek comment on whether networks, facilities, databases or other components to the extent these are elements that support a “seamless transmission, delivery, and completion of 911 and E-911 calls and associated E-911 information” have changed sufficiently to warrant further consideration, or because “critical components of the 911 infrastructure may reside with an incumbent carrier, a PSAP, or some other entity.” How should the Commission analyze these considerations in our Section 615a-1 analysis? In addition, we seek comment as to whether these proposals are authorized by or reasonably ancillary to our statutory mandates to develop best practices that promote consistency and appropriate procedures for defining network diversity requirements for IP-enabled 911 and E911 call delivery. 105.
Additionally, under the Twenty-First Century Communications and Video
Accessibility Act of 2010 (CVAA), the Commission may “promulgate regulations to implement the recommendations proposed by the [Emergency Access Advisory Committee (EAAC)], as well as any other regulations, technical standards, protocols, and procedures as are necessary to achieve reliable, interoperable communication that ensures access by individuals with disabilities to an Internet protocol-enabled emergency network, where achievable and technically feasible.” The CVAA has served as the basis for Commission actions with respect to text-to-911 and 911
relay services, and we now seek comment on the application of the CVAA to our proposed disruption reporting rules for broadband. 106.
In this vein, the EAAC has recommended that the Commission “issue regulations
as necessary to require that target entities, in the development and deployment of NG9-1-1 systems, take appropriate steps to support features, functions and capabilities to enable individuals with disabilities to make multimedia NG9-1-1 emergency calls.” The EAAC enumerated a list of goals for the Commission related to 911 accessibility, including enabling consumers to call 911 using different forms of data, text, video, voice, and/or captioned telephony individually or any combination thereof; ensuring direct access to 911 using IP-based text communications (including real-time text, IM, and email); and facilitating the use of video multimedia calls into a PSAP. The EAAC also recommended that users have the option to call 911 via voice or text service, as well as video and any other emerging technology; that is, callers should be able to access 911 using both old and new communications services – something that a single broadband network can support. We note that these technologies are commonly supported by broadband networks, and to ensure access to 911 for individuals with disabilities, the Commission must be able to assess how those technologies are performing. The EAAC also made clear that its recommendations should evolve with the technology. Perhaps most importantly, the EAAC recommended that the Commission “adopt requirements that ensure that the quality of video, text and voice communications is sufficient to provide usability and accessibility to individuals with disabilities based on industry standards for the environment.” 107.
Given that video, text, and voice communications to 911 already traverse
broadband networks and will continue to do so as the deployment of Real-Time Text and other NG911 multimedia applications grows, we believe that the CVAA’s mandate for ensuring equal access to 911 provides an additional legal basis for the broadband reporting rules proposed 60
herein. We seek comment on this tentative conclusion. Is disruption reporting the optimal mechanism for the Commission to the quality of video, text and voice communications is sufficient to provide usability and accessibility to individuals with disabilities? Are there alternative measures the Commission could take to ensure broadband network availability for non-traditional 911 calls (i.e., 911 text messages or relay calls)? We believe the proposed reporting requirements are an “achievable and technically feasible” way to ensure access to 911 for the deaf and hard of hearing, as required under the CVAA, and we seek comment on this approach. 2. 108.
The Commission has classified BIAS and dedicated services as
telecommunications services under Title II of the Act. As such, we tentatively conclude that the Commission has ample authority under Title II to support the outage reporting requirements proposed in this FNPRM. We seek comment on this tentative conclusion, and on the relevance of Sections 201, 202, 214, 218, and any other provisions of Title II for supporting the outage reporting requirements proposed here for BIAS and dedicated services. As we observed in the 2015 Open Internet Order, [S]ection 201 imposes a duty “on common carriers to furnish communications services subject to Title II ‘upon reasonable request,’” and to ensure that their practices are “just and reasonable.” We also noted that the general conduct standard “represents our interpretation of [S]ections 201 and 202 in the broadband Internet access context.” We seek comment on the interplay between the 2015 Open Internet Order and the Commission’s authority under [S]ection 201 to “prescribe rules and regulations as may be necessary in the public interest to carry out the provisions of this chapter”, as such authority relates to BIAS. We also seek comment generally on other provisions of Title
II and legal theories under those provisions to support outage reporting in the dedicated services and BIAS contexts. 3. 109.
With respect to the rules proposed herein for wireless voice and broadband
providers, we believe the Commission has further legal authority to support the rules proposed herein under Title III of the Communications Act. The Supreme Court has long recognized that Title III grants the Commission “expansive powers” and a “comprehensive mandate” to regulate the use of spectrum in the public interest, Nat’l Broad. Co. v. United States, 319 U.S. 190, 219 (1943) (recognizing the FCC’s “expansive powers” and “comprehensive mandate”). 110.
We believe that 47 U.S.C. 303(b) and (r), and 316 provide the Commission with
authority to apply outage reporting requirements to mobile BIAS and dedicated services providers and to CMRS providers in instances of call failures in the radio access network. We seek comment on this view. 111.
For example, Section 303(b) authorizes the Commission to “[p]rescribe the nature
of the service to be rendered by each class of licensed stations and each station within any class.” Addressing the scope of this provision in Cellco Partnership v. FCC, 700 F.3d 534 (D.C. Cir. 2012) , the D.C. Circuit recognized that Section 303(b) authorizes the Commission to “lay down a rule about ‘the nature of the service to be rendered’ by entities licensed” by the Commission. The court further explained in Cellco that, while a provider may choose not to offer a wireless service, Section 303(b) authorizes the Commission to “define the form” that the “service must take for those who seek a license to offer it.” 112.
We also believe 47 U.S.C. 316 authorizes the Commission to impose new
conditions on existing licenses if we think such action “will promote the public interest, convenience, and necessity.” The DC Circuit in Celtronix Telemetry, Inc. v. FCC, 272 F.3d 585 62
(D.C. Cir. 2001), recognized as “undisputed that the Commission always retain[s] the power to alter the term of existing licenses by rulemaking.” Accordingly, we believe that the outage reporting requirements proposed here for mobile service providers of BIAS or dedicated services, as conditions imposed on existing licenses, fall within the Commission’s Section 316 authority, and we seek comment on this view. 4. 113.
Section 706 of the Telecommunications Act
It is the established policy of the United Stated to “promote the continued
development of the Internet and other interactive computer services and other interactive media . . . [and] to encourage the development of technologies which maximize user control over what information is received by individuals, families, and schools who use the Internet and other interactive computer services, ” 47 USC 230(b). Furthering this policy, in 1996 Congress adopted Section 706 of the Telecommunications Act of 1996, which instructs the Commission to “encourage the deployment on a reasonable and timely basis of advanced telecommunications capability to all Americans,” and further provides if the Commission finds advanced telecommunications capability is not being deployed on a reasonable and timely basis, it must “take immediate action to accelerate deployment of such capability.” Advanced telecommunications capability, as defined in the statute, 47 U.S.C. 1302(d)(1), includes a subset of broadband Internet access. Thus, under Section 706(b), the Commission conducts an annual inquiry as to whether advanced telecommunications capability is being deployed to all Americans on a reasonable and timely basis. 114.
We seek comment on the contours of Section 706 as the basis for broadband-
related outage reporting under part 4. We believe broadband network reliability, resiliency, and security are germane to the Commission’s effort to achieve Section 706’s policy objectives. Mandatory outage reporting could provide the Commission with a dependable stream of 63
objective data to further inform its annual inquiry under Section 706. We seek comment on the value of the proposed broadband outage reporting to our annual Section 706 inquiry, and on our more general view that such disruption and outage data may aid the Commission’s efforts to ensure the deployment of advanced telecommunications capabilities to all Americans. 115.
Further, the 2016 Broadband Progress Report found that advanced
telecommunications capability is not being deployed to all Americans in a reasonable and timely fashion, requiring the Commission to take immediate action to accelerate broadband deployment by removing barriers to infrastructure investment and promoting competition. We seek comment on whether broadband outage reporting would aid the Commission in its efforts to identify where infrastructure investment and effective competition may be lacking and thus enable the Commission to take steps to remove any barriers to infrastructure investment that may prevail or otherwise to promote competition in affected areas. For instance, we observed in the 2016 Broadband Progress Report that there are indications of a “correlation between non-adoption of broadband and security and privacy concerns.” We also have stated that “privacy and network security are among the factors that can affect the quality and reliability of broadband services,” and that “[c]ommunications security, integrity, and reliability must be maintained as providers transition to IP-supported networks.” Does the proposed disruption reporting facilitate the 706(b) mandate to take immediate action to accelerate broadband deployment by providing valuable information on broadband infrastructure and service vulnerabilities, risks and disruptions that dampen consumer adoption and, thus, dis-incent broadband investment and deployment? Would the proposed reporting guide us to remove barriers to infrastructure investment and promote competition? Would broadband reporting promote Section 706’s goals by enabling us to view sustained availability over time, providing a comprehensive view of performance-related metrics data? Of long-term advanced capability deployment? Could the 64
Commission use the proposed outage reporting to spot areas of decreased investment or barriers to competition that we might need to stimulate or remove? We seek comment on whether the reliability of broadband service and its underlying network infrastructure can advance Section 706 availability goals as well as bring a real-time measure of the services that are available in a given area. For example, Form 477 supports Section 706 goals through non-outage data submitted by providers on a semiannual basis. Although those collections facilitate Section 706 availability driven considerations, we ask whether more granular data submitted in Part 4’s time intervals may be of additional value to the Commission in the execution of Section 706’s mandates. We think that these insights can be added to our Broadband Progress Report analyses without compromising the objectives now achieved through Part 4’s confidentiality treatment (as further discussed below), and we seek comment on this view. 5. 116.
Universal Service Fund Mandates under Section 254
In addition, we believe that the Commission’s universal service funding
mandates, underlying principles and goals, as set forth in Section 254 of the Act, authorize us to require broadband disruption and outage reporting, as proposed, where the data from such reports could promote, or provide assurance (e.g., of “maximum value”) to, the Commission’s universal service funding efforts under Section 254. Sections 254 and 1 operate dynamically to ensure an appropriately broad scope of Commission authority to promote and safeguard universal service, thus, Section 1, as a policy statement, “illuminates” Section 254 which, in turn, “builds upon” Section 1. Comcast, 600 F.3d at 654. We seek comment on this observation and analysis. 117.
Certain broadband providers receive significant federal universal service high-
cost broadband funding support through the USF’s Connect America Fund (CAF) program. To the extent that covered broadband providers receive (or have received) such funding, it is logical 65
to require a certain level of assurance in behalf of the end users who fund it. Accordingly, we tentatively conclude that such part 4 reporting is an appropriate assurance expectation from CAF recipients, and we seek comment on this tentative conclusion. 118.
On that basis, we now ask how part 4 disruption reporting concerning the
broadband services funded through CAF support can best be used to assure these services and infrastructure? Specifically, should such assurance measurements be sought through our part 4 disruption reporting, or through some other mechanism? How might the collection and analysis of CAF recipient outage information help inform our Section 254-related considerations and assist us in achieving our universal service goals? Should the Commission adopt standards for network health to be made part of CAF funding considerations? If so, what mechanisms should be used by the Commission to effectuate that approach? Should the Commission, for example, condition CAF support on standards that take into account a provider’s network health as revealed through outage reporting? 119.
Section 4(o). As noted above, Section 4(o), 47 U.S.C. 154(o), states that “[f]or
the purpose of obtaining maximum effectiveness from the use of radio and wire communications in connection with safety of life and property, the Commission shall investigate and study all phases of the problem and the best methods of obtaining the cooperation and coordination of these systems.” We believe that in order for the Commission to fulfill this mandate in today’s transitioning world and beyond, it must be able to obtain relevant data – including BIAS and dedicated services outage reporting – to investigate and study all aspects of broadband communications. We also believe Section 4(o) authorizes the Commission to gather broadband network outage data to help ensure NS/EP communications continue to obtain maximum effectiveness, e.g., to receive appropriate levels of priority, be delivered over robust and resilient infrastructure, and function as required. Indeed, we believe that the ability to collect information 66
on major disruptions to broadband communications supporting NS/EP priority services is essential to the Commission in fulfilling its national security/defense assurance role under the Act. We seek comment on these views. II.
Procedural Matters 120.
As required by the Regulatory Flexibility Act of 1980 (RFA), the Commission
has prepared an Initial Regulatory Flexibility Analysis (IRFA) of the possible significant economic impact on small entities of the proposals addressed in the FNPRM. Written public comments are requested on the IRFA. Comments must be identified as responses to the IRFA and must be filed by the deadlines for comments indicated on the first page of this FNPRM. In addition, the FNPRM and its IRFA (or summaries thereof) will be published in the Federal Register. 121.
The proceeding this FNPRM initiates shall be treated as a “permit-but-disclose”
proceeding in accordance with the Commission’s ex parte rules. Persons making ex parte presentations must file a copy of any written presentation or a memorandum summarizing any oral presentation within two business days after the presentation (unless a different deadline applicable to the Sunshine period applies). Persons making oral ex parte presentations are reminded that memoranda summarizing the presentation must (1) list all persons attending or otherwise participating in the meeting at which the ex parte presentation was made, and (2) summarize all data presented and arguments made during the presentation. If the presentation consisted in whole or in part of the presentation of data or arguments already reflected in the presenter’s written comments, memoranda or other filings in the proceeding, the presenter may provide citations to such data or arguments in his or her prior comments, memoranda, or other filings (specifying the relevant page and/or paragraph numbers where such data or arguments can be found) in lieu of summarizing them in the memorandum. Documents shown or given to 67
Commission staff during ex parte meetings are deemed to be written ex parte presentations and must be filed consistent with rule 1.1206(b). In proceedings governed by rule 1.49(f) or for which the Commission has made available a method of electronic filing, written ex parte presentations and memoranda summarizing oral ex parte presentations, and all attachments thereto, must be filed through the electronic comment filing system available for that proceeding, and must be filed in their native format (e.g., .doc, .xml, .ppt, searchable .pdf). Participants in this proceeding should familiarize themselves with the Commission’s ex parte rules. III.
Initial Regulatory Flexibility Analysis 122.
As required by the Regulatory Flexibility Act of 1980, as amended (RFA), the
Commission has prepared this present Initial Regulatory Flexibility Analysis (IRFA) of the possible significant economic impact on a substantial number of small entities by the policies and rules proposed in this Further Notice of Proposed Rule Making (FNPRM). Written public comments are requested on this IRFA. Comments must be identified as responses to the IRFA and must be filed by the deadlines for comments provided in “Comment Period and Procedures” of this FNPRM. The Commission will send a copy of this FNPRM, including this IRFA, to the Chief Counsel for Advocacy of the Small Business Administration (SBA). In addition, the FNPRM and IRFA (or summaries thereof) will be published in the Federal Register. 123.
The FNPRM seeks additional comment on various proposals first issued in a
Notice of Proposed Rulemaking in PS Docket 11-80, adopted in 2011 and in a Notice of Proposed Rulemaking in PS Docket No. 15-80, adopted in 2015. 124.
The FNPRM seeks comment on:
a proposal to require the filing of outage reports for broadband network disruptions (BIAS and dedicated service), including disruptions based on network performance degradation; 68
proposed updates to the rules governing interconnected VoIP outage reporting to (i) include disruptions based on network performance degradation, and (ii) modify the VoIP outage reporting process to make it consistent with other services; reporting of call failures in wireless radio access networks and wireline local access networks, and on geography-based reporting of wireless outages in rural areas; refining the definition of “critical communications” at airports. 125.
The Commission traditionally has addressed network resiliency and reliability
issues by working with communications service providers to develop and promote best practices that address network vulnerabilities, and by measuring the effectiveness of best practices through outage reporting. Under the Commission’s current rules, the outage reporting process has been effective in improving the reliability, resiliency and security of legacy networks and the services delivered over them. Commission staff collaborate with individual providers and industry organizations to review outage results and address areas of concern. These efforts have resulted in significant reductions in outages affecting legacy services, including interconnected VoIP. The aim of extending outage reporting to cover broadband providers is to achieve a similar result: enhance the reliability, resiliency and security of their services utilizing an approach— tailored as appropriate to account for broadband’s unique aspects—that has produced significant benefits with respect to legacy networks and services. 126.
The legal bases for the rule changes proposed in this FNPRM are contained in
sections 1, 4(i), 4(j), 4(o), 201(b), 214(d), 218, 222, 251(e)(3), 254, 301, 303(b), 303(g), 303(r), 307, 309(a), 309(j), 316, 332, 403, 615a-1, and 615c, 706 of the Communications Act of 1934, as amended, 47 U.S.C. 151, 154(i)-(j) & (o), 201(b), 214(d), 218, 222, 251(e)(3), 254, 301, 303(b), 303(g), 303(r), 307, 309(a), 309(j), 316, 332, 403, 615a-1, and 615c, 1302(a) and 1302(b). 69
Description and Estimate of the Number of Small Entities to Which Rules Will Apply
The RFA directs agencies to provide a description of, and, where feasible, an
estimate of, the number of small entities that may be affected by the proposed rules adopted herein. The RFA generally defines the term "small entity" the same as the terms "small business," "small organization," and "small governmental jurisdiction." In addition, the term "small business" has the same meaning as the term "small business concern" under the Small Business Act, 5 U.S.C. 601(3). A small business concern is one which: (1) is independently owned and operated; (2) is not dominant in its field of operation; and (3) satisfies any additional criteria established by the Small Business Administration (SBA), Small Business Act, 15 U.S.C. 632. 1. 128.
Total Small Entities
Our action may, over time, affect small entities that are not easily categorized at
present. We therefore describe here, at the outset, three comprehensive, statutory small entity size standards. First, nationwide, there are a total of approximately 28.2 million small businesses, according to the SBA. In addition, a “small organization” is generally “any not-forprofit enterprise which is independently owned and operated and is not dominant in its field.” Nationwide, as of 2007, there were approximately 1, 621,315 small organizations. Finally, the term “small governmental jurisdiction” is defined generally as “governments of cities, towns, townships, villages, school districts, or special districts, with a population of less than fifty thousand.” Census Bureau data for 2011 indicate that there were 89,476 local governmental jurisdictions in the United States. We estimate that, of this total, as many as 88,506 entities may qualify as “small governmental jurisdictions.” Thus, we estimate that most governmental jurisdictions are small. 70
Interconnected VoIP and Broadband ISPs services
The 2007 Economic Census places Internet Service Providers, the services of
which might include Voice over Internet protocol (VoIP), in either of two categories, depending on whether the service is provided over the provider’s own telecommunications facilities (e.g., cable and DSL ISPs), which are considered within the Wired Telecommunications Carriers category. Or, depending on whether the VoIP service is provided over client-supplied telecommunications connections (e.g., dial-up ISPs), which are considered within the All Other Telecommunications category. To ensure that this IRFA describes the universe of small entities that our action might affect, we discuss several different types of entities that might be currently providing interconnected VoIP service, broadband Internet access service, or business data services. In the document, http://apps.fcc.gov/edocs_public/attachmatch/FCC-16-63A1.pdf, we provide a thorough discussion of VoIP service provided over the provider’s own telecommunications facilities; and VoIP service provided over client-supplied telecommunications connections, and to the extent applicable, whether each listed are considered “small businesses.” 3. 130.
Neither the Commission nor the SBA has developed a small business size
standard specifically for incumbent local exchange services, providers of interexchange services, or operator service providers. The appropriate size standard under SBA rules is for the category Wired Telecommunications Carriers. This industry comprises establishments primarily engaged in operating and/or providing access to transmission facilities and infrastructure that they own and/or lease for the transmission of voice, data, text, sound, and video using wired telecommunications networks. Transmission facilities may be based on a single technology or a combination of technologies. Establishments in this industry use the wired telecommunications 71
network facilities that they operate to provide a variety of services, such as wired telephony services, including VoIP services; wired (cable) audio and video programming distribution; and wired broadband Internet services. By exception, establishments providing satellite television distribution services using facilities and infrastructure that they operate are included in this industry.” In the document, http://apps.fcc.gov/edocs_public/attachmatch/FCC-16-63A1.pdf, we provide a thorough discussion of Incumbent Local Exchange Services, Providers of Interexchange Services, or Operator Service Providers, and to the extent applicable, whether each of these listed are considered “small businesses.” 4. 131.
Wireless Providers – Fixed and Mobile
To the extent the wireless services listed below are used by wireless firms for
fixed and mobile broadband Internet access services, the NPRM’s proposed rules may have an impact on those small businesses as set forth above and further below. Accordingly, for those services subject to auctions, we note that, as a general matter, the number of winning bidders that claim to qualify as small businesses at the close of an auction does not necessarily represent the number of small businesses currently in service. Also, the Commission does not generally track subsequent business size unless, in the context of assignments and transfers or reportable eligibility events, unjust enrichment issues are implicated. In the document, http://apps.fcc.gov/edocs_public/attachmatch/FCC-16-63A1.pdf, we provide a thorough discussion of Wireless Telecommunications Carriers (except Satellite); Wireless Communications Services (WCS); 1670-1675 MHz Services; Wireless Telephony; Broadband Personal Communications Service; Specialized Mobile Radio Licenses; Lower 700 MHz Band Licenses; Upper 700 MHz Band Licenses; 700 Mhz Guard Band Licensees; Air-Ground Radiotelephone Service; AWS Services (1710–1755 Mhz and 2110–2155 Mhz Bands (AWS-1); 1915–1920 Mhz, 1995–2000 Mhz, 2020–2025 Mhz And 2175–2180 Mhz Bands (AWS-2); 72
2155–2175 Mhz Band (AWS-3)); 3650-3700 MHz Band; Fixed Microwave Services; Local Multipoint Distribution Service; Broadband Radio Service and Educational Broadband Service; and to the extent applicable, whether each of these listed are considered “small businesses.” 5. 132.
Satellite Service Providers
Two economic census categories address the satellite industry. The first category
has a small business size standard of $32.5 million or less in average annual receipts, under SBA rules. The category of Satellite Telecommunications category comprises firms “primarily engaged in providing telecommunications services to other establishments in the telecommunications and broadcasting industries by forwarding and receiving communications signals via a system of satellites or reselling satellite telecommunications.” The second category has a size standard of $32.5 million or less in annual receipts. The second category, i.e., “All Other Telecommunications” “comprises establishments primarily engaged in providing specialized telecommunications services, such as satellite tracking, communications telemetry, and radar station operation. This industry also includes establishments primarily engaged in providing satellite terminal stations and associated facilities connected with one or more terrestrial systems and capable of transmitting telecommunications to, and receiving telecommunications from, satellite systems. Establishments providing Internet services or voice over Internet protocol (VoIP) services via client-supplied telecommunications connections are also included in this industry.” In the document, http://apps.fcc.gov/edocs_public/attachmatch/FCC-16-63A1.pdf, we provide a thorough discussion of Satellite Telecommunications firms, and All Other Telecommunications establishments; and to the extent applicable, whether each of these listed are considered “small businesses.”
Cable Service Providers
Because Section 706 requires us to monitor the deployment of broadband
regardless of technology or transmission media employed, we know that some broadband service providers do not provide voice telephony service. Accordingly, we describe below other types of firms that may provide broadband services, including cable companies, MDS providers, and utilities, among others. Wired Telecommunications Carriers comprise of establishments primarily engaged in operating and/or providing access to transmission facilities and infrastructure that they own and/or lease for the transmission of voice, data, text, sound, and video using wired telecommunications networks. Transmission facilities may be based on a single technology or a combination of technologies. Establishments in this industry use the wired telecommunications network facilities that they operate to provide a variety of services, such as wired telephony services, including VoIP services; wired (cable) audio and video programming distribution; and wired broadband Internet services. By exception, establishments providing satellite television distribution services using facilities and infrastructure that they operate are included in this industry.” For Cable Companies and Systems, the Commission has also developed its own small business size standards, for the purpose of cable rate regulation. Under the Commission’s rules, a “small cable company” is one serving 400,000 or fewer subscribers nationwide. Industry data indicate that all but ten cable operators nationwide are small under this size standard. In addition, under the Commission’s rules, a “small system” is a cable system serving 15,000 or fewer subscribers. For Cable System Operators, the Communications Act of 1934, as amended, also contains a size standard for small cable system operators, which is “a cable operator that, directly or through an affiliate, serves in the aggregate fewer than 1 percent of all subscribers in the United States and is not affiliated with any entity or entities whose gross annual revenues in the aggregate exceed $250,000,000.” The Commission 74
has determined that an operator serving fewer than 677,000 subscribers shall be deemed a small operator, if its annual revenues, when combined with the total annual revenues of all its affiliates, do not exceed $250 million in the aggregate. In the document, http://apps.fcc.gov/edocs_public/attachmatch/FCC-16-63A1.pdf, we provide a thorough discussion of Wired Telecommunications Carriers; Cable Companies and Systems; and Cable System Operators; and to the extent applicable, whether each of these listed are considered “small businesses.” B.
Description of Projected Reporting, Recordkeeping, and Other Compliance Requirements
The rules proposed in the FNPRM would require broadband Internet access
providers and dedicated service providers as well as interconnected VoIP providers, to report outages or disruptions to communications according to specified metrics and thresholds, of at least 30 minutes. These providers as proposed, would need to specify when the outage is related unintended changes to or failures of software or firmware, unintended modifications to databases, or attributed to a critical network element. Reporting requirements would align the reporting process and timing with that of legacy reporting currently required in the part 4 rules. 135.
Further, the rules proposed in the FNPRM would require interconnected VoIP
service providers to submit Initial Reports, in addition to the Notifications and Final Reports currently required. These reporting requirements would align the reporting process and timing with that of legacy reporting currently required in the part 4 rules. 136.
Moreover, the rules proposed in the FNPRM would require wireless and wireline
providers to report outages that exceed proposed specified technical thresholds in the wireless radio access network and the wireline local access network respectively. The rules proposed in the FNPRM would also require wireless providers serving rural areas to file outage reports 75
whenever one-third or more of its macro cell sites serving that area are disabled such that communications services cannot be handled through those sites, or are substantially impaired due to the outage(s) or other disruptions affecting those sites. 137.
Under the Commission’s current outage reporting rules, which apply only to
legacy circuit-switched voice and/or paging communications over wireline, wireless, cable, and satellite communications services and interconnected VoIP, about 11,000 outage reports per year from all reporting sources combined are filed with the Commission. As a result of the rules proposed, we anticipate that fewer than 2,000 additional outage reports will be filed annually. Hence, we estimate that if the proposed rules are adopted, the total number of reports from all outage reporting sources filed, pursuant to the current and proposed rules, combined would be fewer than 13,000 annually. We note that, occasionally, the proposed outage reporting requirements could require the use of professional skills, including legal and engineering expertise. As a consequence, we believe that in the usual case, the only burden associated with the proposed reporting requirements contained in this FNPRM would be the time required to complete the initial and final reports. We anticipate that electronic filing, through the type of template that we are proposing (similar to the type that other service providers currently subject to outage reporting requirements are employing) should minimize the amount of time and effort that will be required to comply with the rules that we propose in this proceeding. 138.
The FNPRM’s proposal to require outage reporting would be useful in refining
voluntary best practices and in developing new ones. In each case for the reporting thresholds proposed, we have chosen specific circumstances, applicable to the specific service that, in our view, warrant reporting as a significant outage, leading to FCC analysis and, possibly, the application of existing best practices or the development and refinement of best practices in the future. There may be additional thresholds that should also be included to improve the process 76
of developing and improving best practices. We encourage interested parties to address these issues in the context of the applicable technologies and to develop their comments in the context of ways in which the proposed information collection would facilitate best practices development and increased communications security, reliability and resiliency throughout the United States and its Territories. C.
Steps Taken to Minimize Significant Economic Impact on Small Entities, and Significant Alternatives Considered
The RFA requires an agency to describe any significant alternatives that it has
considered in reaching its proposed approach, which may include (among others) the following four alternatives: (1) the establishment of differing compliance or reporting requirements or timetables that take into account the resources available to small entities; (2) the clarification, consolidation, or simplification of compliance or reporting requirements under the rule for small entities; (3) the use of performance, rather than design, standards; and (4) an exemption from coverage of the rule, or any part thereof, for small entities. 140.
Over the past decade, the proportion of communications services provided over a
broadband platform has increased dramatically, and the U.S. increasingly relies on broadbandbased services not only for day-to-day consumer use but also for Homeland Defense and National Security. Over the past three years, the number of outages reported each year has remained relatively steady at about 11,000. We believe that the proposed outage reporting requirements are the minimum necessary to assure that we receive adequate information to perform our statutory responsibilities with respect to 911 services and ensure the reliability of communications and critical infrastructures. Also, we believe that the magnitude of the outages needed to trigger the proposed reporting requirements (e.g., outages of at least 30 minutes duration that potentially affect at least 900,000 user minutes) is set sufficiently high as to make it 77
unlikely that small businesses would be impacted significantly by the proposed rules. We also believe the choice of performance-based, as opposed to design-based, degradation characteristics (e.g., packet loss and round-trip latency) and the corresponding thresholds chosen to trigger the outage reporting will not unduly burden smaller entities because of their objective, readily ascertainable nature. We have also carefully considered the notion of a waiver for small entities from coverage of the proposed rules, but declined to propose one, as a waiver of this type would unduly frustrate the purpose of the proposed requirements and run counter to the objectives of the FNPRM. Further, we believe that the proposed requirement that outage reports be filed electronically would significantly reduce the burdens and costs currently associated with manual filing processes. 141.
The proposed rules in the FNPRM are generally consistent with current industry
practices, so the costs of compliance should be small. For a number of reasons, we believe that the costs of the reporting rules that we propose in the FNPRM are outweighed by the expected benefits (i.e., ensuring communications reliability through outage reporting, trend analysis and network best practice development and implementation). We have excluded from the proposed requirements any type of competitively sensitive information, information that would compromise network security, and information that would undermine the efficacy of reasonable network management practices. We anticipate that the record will suggest alternative ways in which the Commission could increase the overall benefits for, and lessen the overall burdens on, small entities. 142.
We ask parties to include comments on possible alternatives that could satisfy the
aims of the proceeding in cost-effective ways that do not overly burden providers, and we also seek comment on appropriate legal authority(ies) for the proposals under consideration. Moreover, we also seek comments on the relative costs and benefits associated with the proposed 78
rules. We ask commenters to address particularly the following concerns: What are the costs, burdens, and benefits associated with any proposed rule? Entities, especially small businesses and small entities, more generally, are encouraged to quantify the costs and benefits of the proposed reporting requirements. How could any proposed rule be tailored to impose the least cost and the least amount of burden on those affected? What potential regulatory approaches would maximize the potential benefits to society? To the extent feasible, what explicit performance objectives should the Commission specify? How can the Commission best identify alternatives to regulation, including fees, permits, or other non-regulatory approaches? 143.
Further, comments are sought on all aspects of this proposal, including the
proposed extension of such requirements, the definitions and proposed reporting thresholds, and the proposed reporting process that would follow essentially the same approach that currently applies to outage reporting on legacy networks and services. We ask that commenters address whether the proposed rules would satisfy the Commission’s intended aims, described herein, and would promote the reliability, resiliency and security of interconnected VoIP, broadband Internet access, and dedicated services. We also ask for comments on our tentative conclusions that: expanding part 4 outage reporting requirements currently applicable to interconnected VoIP service providers, and extending part 4 reporting to BIAS providers and dedicated service providers, (i) would allow the Commission to analyze outage trends related to those services; (ii) would provide an important tool for network operators to use in preventing future outages; and (iii) would help to enhance and ensure the resiliency and reliability of critical communications networks and services. 144.
In sum, we welcome comments on: the proposed rules themselves; whether they
would achieve their intended objectives; whether there are performance objectives not mentioned that we should address; whether better alternatives exist that would accomplish the 79
proceeding’s objectives; the legal premises for the actions contemplated; and the costs, burdens and benefits of our proposal. D.
Federal Rules that May Duplicate, Overlap, or Conflict with the Proposed Rule
List of Subjects in 47 CFR Part 4 Airports, Communications common carriers, Communications equipment, Disruptions to communications, Network outages, Reporting and recordkeeping requirements, Telecommunications. FEDERAL COMMUNICATIONS COMMISSION.
Gloria J. Miles, Federal Register Liaison Officer. Office of the Secretary.
Proposed Rules For the reasons discussed in the preamble, the Federal Communications Commission proposes to amend 47 CFR part 4 as follows: PART 4 – DISRUPTIONS TO COMMUNICATIONS 1.
The authority citation for part 4 is revised to read as follows: Authority: Sections 1, 4(i), 4(j), 4(o), 251(e)(3), 254, 301, 303(b), 303(g), 303(r), 307,
309(a), 309(j), 316, 332, 403, 615a-1, and 615c of Pub. L. 73-416, 48 Stat. 1064, as amended, and section 706 of Pub. L. 104-104, 110 Stat. 56; 47 U.S.C. 151, 154(i)-(j) & (o), 251(e)(3), 254, 301, 303(b), 303(g), 303(r), 307, 309(a), 309(j), 316, 332, 403, 615a-1, 615c, and 1302, unless otherwise noted. 2.
Section 4.3 is amended by redesignating paragraph (i) as paragraph (k) and adding new
paragraphs (i) and (j) to read as follows: § 4.3 Communications providers covered by the requirements of this part. ***** (i) Broadband Internet access service providers (BIAS) are providers of broadband Internet access service, as defined in § 8.2 of this chapter. (j) Dedicated Service providers are providers of service that transports data between two or more designated points, e.g., between an end user’s premises and a point-of-presence, between the central office of a local exchange carrier (LEC) and a point-of-presence, or between two end user premises, at a rate of at least 1.5 Mbps in both directions (upstream/downstream) with prescribed performance requirements that include bandwidth, latency, or error-rate guarantees or other parameters that define delivery under a tariff or in a service-level agreement. *****
Section 4.7 is amended by revising the section heading and paragraph (e)(2), and adding
paragraphs (g) through (i) to read as follows: § 4.7 Definitions of metrics used to determine reporting of outages and disruptions to communications. ***** (e) * * * (2) The mathematical result of multiplying the duration of an outage, expressed in minutes, by the number of end-users potentially affected by the outage, for all other forms of communications. ***** (g) Packet loss is defined as the loss of one or more packets of data traveling across a network, which after being transmitted from a source, fail(s) to reach the destination point designated in the transmitting message. (h) Latency is defined as the average time delay for a packet to travel from a source to a destination. (i) Throughput is the amount of information transferred within a system in a given amount of time. 4.
Section 4.9 is amended by revising the heading of paragraph (g), paragraphs (g)(1)(ii),
(g)(2) and adding paragraph (i) to read as follows: § 4.9 Outage reporting requirements – threshold criteria. ***** (g) Interconnected VoIP Service. (1) * * *
(ii) Within 120 minutes of discovering that they have experienced on any facilities that they own, operate, lease, or otherwise utilize, an outage of at least 30 minutes duration that: (A) Potentially affects at least 900,000 user minutes of Interconnected VoIP service and results in complete loss of service; (B) Potentially affects 22,500 Gbps user minutes; or (C) Potentially affects any special offices and facilities (in accordance with paragraphs (a) through (d) of § 4.5). (2) Not later than 72 hours after discovering the outage, the provider shall submit electronically an Initial Communications Outage Report to the Commission. Not later than 30 days after discovering the outage, the provider shall submit electronically a Final Communications Outage Report to the Commission. The Notification and the Initial and Final reports shall comply with the requirements of § 4.11. ***** (i) BIAS or Dedicated Service providers. (1) All BIAS providers and Dedicated Service providers, as defined in § 4.3 shall submit electronically a Notification to the Commission within 120 minutes of discovering that they have experienced on any facilities that they own, operate, lease, or otherwise utilize, an outage of at least 30 minutes duration that: (A) Potentially affects at least 22,500 Gbps user minutes; (B) Potentially affects any special offices and facilities (in accordance with paragraphs (a) through (d) of § 4.5); or (C) Potentially affects a 911 special facility (as defined in (e) of § 4.5). (2) Not later than 72 hours after discovering the outage, BIAS providers and Dedicated Service providers, as defined in § 4.3, shall submit electronically an Initial 83
Communications Outage Report to the Commission. Not later than 30 days after discovering the outage, the broadband Internet access service provider shall submit electronically a Final Communications Outage Report to the Commission. The Notification and the Initial and Final reports shall comply with the requirements of § 4.11. [FR Doc. 2016-16273 Filed: 7/8/2016 11:15 am; Publication Date: 7/12/2016]