The Senate Permanent Subcommittee on Investigations released on Tuesday a report, \u201cThreats to US Networks: Oversight of Chinese Government-owned Carriers.\u201d The document slams the current government review process that oversees how Chinese telecom companies operate in the United States for not rigorously monitoring Chinese tech providers. It outlines a Senate investigation that began shortly after the Federal Communications Commission (FCC) in May 2019 denied a China Mobile USA application to provide international telecom services.The subcommittee said it reviewed more than 6,400 pages of documents and conducted more than ten interviews, including interviews with representatives from the FCC, Department of Justice (DOJ), Department of Homeland Security (DHS), China Telecom Americas, China Unicom Americas, ComNet, AT&T, Verizon and CenturyLink. The subcommittee also said it met with researchers who analyzed the Chinese government\u2019s use of telecommunications carriers to hijack communications.The subcommittee\u2019s investigation found that the FCC and \u201cTeam Telecom,\u201d a formerly informal group composed of representatives from the DOJ, DHS and Department of Defense, have failed to adequately monitor three Chinese government-owned carriers, China Telecom Americas, China Unicom Americas, and ComNet since they began operating in the United States in the early 2000s.\u00a0\u201cThis bipartisan report demonstrates that federal agencies have done little to protect the integrity of US telecommunications networks and counter national security threats from China,\u201d Senator Rob Portman (R-OH), Chairman of the Subcommittee said in a statement. Tom Carper (D-DE), the ranking member of the subcommittee, echoed Porter, in saying \u201cOur bipartisan report reveals how little oversight has been done of Chinese telecommunications carriers that operate here in the United States.\u201dLack of cybersecurity authority in telecom oversightAlthough the subcommittee offers a lengthy list of concerns, of particular importance is the lack of real authority that either the FCC or Team Telecom has had in overseeing what the subcommittee characterizes as a Chinese telecommunications market heavily controlled by the government in Beijing.\u00a0Among the Subcommittee\u2019s, many findings were the following:The FCC regulates foreign carriers seeking to provide international telecommunications services between the United States and overseas locations but has historically relied on Team Telecom to assess the national security and law enforcement risks associated with a foreign carrier\u2019s proposed services.The FCC is not required to review a foreign carrier\u2019s authorization once it is granted. Authorizations effectively exist in perpetuity despite any national security implications that might arise.Team Telecom was an informal group with no statutory authority. As a result, its review of foreign carriers\u2019 applications was ad hoc, leading to delays and uncertainty.Team Telecom had insufficient resources and had fewer than five employees monitoring compliance with the more than 100 security agreements with the Chinese companies currently in effect. It had no statutory authority to conduct meaningful compliance.Risk management strategy neededSeveral experts disagree with this harsh assessment of how the federal oversight process has failed to rein in Chinese supply chain threats. \u201cOur problem is not the lack of adequate enforcement powers for the FCC,\u201d Dr. Peter Cowhey, the Qualcomm Endowed Chair in Communications and Technology Policy and Dean of the School of Global Policy and Strategy at the University of California at San Diego, tells CSO. \u201cIt has them. Our problem is the lack of a clear-eyed risk management strategy that considers network risks as a whole.\u201dChoosing between an outright ban or enhanced safeguards on any Chinese telecom company or tech supplier requires a clearer risk management strategy, Cowhey argues. For example, \u201cYou could remove Huawei network equipment from US networks, and you would not eliminate the cybersecurity problems posed by networks where intelligence and control of the network are moving steadily to the network edge in trillions of smart devices.\u201d\u201cYou could ban Chinese networks from operations in the US and thereby create a precedent for other countries to do the same to US networks, and you would not eliminate the risks incurred by global Internet traffic moving on global networks,\u201d Cowhey says.Private sector lacks information on telecom supply chain riskOther experts see valid reasons to ban Chinese technology suppliers but think the government could improve the steps to achieve that goal. \u201cThe report suggests the US government needs to find better ways to communicate with the private sector earlier about security risks and geopolitics,\u201d Megan Brown, a partner at top communications law firm Wiley Rein and a specialist on matters relating to the FCC and Team Telecom, tells CSO.\u201cSome companies got the message about Huawei many years ago, but many did not and could not have,\u201d she adds. \u201cWithout ties to the national security community or having gone through a Team Telecom review, a smaller or rural provider would not have a way to know the US government\u2019s concerns.\u00a0 Nor frankly would your average IT company or innovator.\u201dAsked whether the commission could be faulted for not being proactive during a time when few outside of the intelligence community were worried about Chinese supply chain threats, Brown says: \u201cThe FCC is not a national security agency, and its comparative advantage will not be as a first-mover on security.\u201dA lot has happened in the year following the launch of the subcommittee\u2019s investigation. The Commerce Department put Huawei and other Chinese tech giants on an export ban list, blocking US tech suppliers from selling to them. That action followed a White House executive order that bars foreign Chinese providers such as Huawei from providing gear in the USLast November, the FCC barred the use of its $8.5 billion universal service fund for the purchase of equipment from Chinese tech giants ZTE and Huawei. Shortly after that, the ban was codified in the Secure and Entrusted Communications Act, which prohibits federal subsidies from going toward the purchase of communications equipment or services that pose a national security risk.In the spring, the DOJ sought to revoke and terminate the licenses of China Telecom. That action followed a surprise executive order that dissolved the informal Team Telecom arrangement to create the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector.In late April, the FCC issued Orders to Show Cause against four Chinese companies -- China Telecom Americas, China Unicom Americas, Pacific Networks, and ComNet. The orders asked them to explain why the commission should not start the process of revoking their domestic and international section authorizations enabling them to operate in the United States.\u00a0Greater coordination needed to mitigate supply chain riskIt\u2019s no surprise, then, that Wiley Rein\u2019s Brown sees the need for greater coordination across the federal government when it comes to supply chain actions against Chinese telecom providers. It \u201cillustrates the need for coordination across federal agencies,\u201d she says.\u201cThere is so much going on right now on ICT supply chains--possible regulation of emerging technology, export controls--it is hard to keep up.\u00a0 It raises serious risk of duplication of effort across Commerce, State, DHS, FCC, and DOJ.\u00a0 There is not a clear point of entry for the government, either for US companies or for overseas companies or investors.\u00a0 It is a challenge.\u201dThe FCC itself is staying mum during its legal proceeding and did not respond to a request for comment from CSO. The Senate subcommittee hopes that the needed coordination will emerge soon. \u201cEspecially when dealing with state-owned telecommunications carriers, greater controls are needed, and the Administration and Congress must work together to ensure sufficient safeguards and oversight mechanisms are in place,\u201d the report concluded.