COVID-19: Connectivity, Cybersecurity, and the Digital Divide
The worsening COVID-19 outbreak and related response efforts have uncovered a number of shortcomings in public health policy. However, ongoing federal, state, and local guidance promoting social distancing, significant shifts to teleworking and remote learning, and the increasing desire for online access to information and entertainment have also spotlighted the importance of technology, telecommunications, and cybersecurity to limiting the negative impacts of the global pandemic and preserving the American way of life.
In the weeks and months ahead, we expect the ongoing COVID-19 dialogue to include collaboration between the public and private sectors to respond to the growing need for connectivity in the short-term. We also anticipate debate on longer-term policy reforms to close the digital divide and enhance the preparedness of U.S. technology and communications infrastructure to be resilient in future times of crises.
Increasing Demands for Connectivity, Speed, and Reliability
Prior to President Donald Trump declaring the spread of COVID-19 a national emergency, it was estimated nearly a quarter of the U.S. workforce worked at least some hours from home on an average day. Now, with many companies mandating their employees work full time from home, experts have measured roughly a 50 percent increase in global internet traffic.
Demand has increased among employees seeking bandwidth for emailing clients, live streamlining webinars, and video conferencing with coworkers. For example, Cisco reported 3.2 million multi-participant meetings were held on their Webex online video conferencing platform on Monday alone.
Greater internet connectivity has also been sought by students whose coursework has been moved online for the remainder of this academic year, as well as consumers seeking online access to entertainment or virtual connections with friends and family while quarantined at home. New apps to provide these services have raised questions and concerns regarding internet speeds and reliability.
While there have been anecdotal reports of subscribers contacting their internet service providers (ISPs) seeking to upgrade their internet speeds, today’s networks appear to be meeting the challenges associated with new ways of working, learning, and living, at least for the time being. Of course, this is not true for rural areas that were previously unserved or underserved. There have also been temporary performance degradations arising when consumers in close proximity simultaneously pursue high-bandwidth internet utilization.
Short-Term Solutions: Public-Private Partnerships
Existing networks have largely been able to absorb increased demand for connectivity due to the availability of a variety of wireline and wireless internet solutions. This is also due, at least in part, to public-private collaboration we have seen since the start of the COVID-19 outbreak to make reliable internet service more readily available.
On February 13, Federal Communications Commission (FCC) Chairman Ajit Pai launched the Keep Americans Connected Pledge to ensure Americans do not lose their broadband and telephone connectivity in light of the exceptional circumstances surrounding COVID-19. The pledge asks U.S. ISPs to commit for the next 60 days to:
not terminate service to any residential or small business customers because of their inability to pay their bills due to the coronavirus pandemic;
waive any late fees that any residential or small business customers incur because of their economic circumstances related to the coronavirus pandemic; and
open Wi-Fi hotspots to any American who needs them.
The current public health crisis and the consequences for internet connectivity have also led the FCC to call for companies to also consider expanding low-income broadband programs, relaxing data cap policies, waiving long-distance and other telephone overage fees, working with schools and libraries to improve remote learning opportunities, and prioritizing the internet needs of hospitals and healthcare providers. We have also seen members of Congress, including Senator Mark Warner (D-VA) and Jerry McNerney (D-CA), reaching out directly to ISPs to encourage them to think creatively about how they might contribute to the COVID-19 response.
As a result, over the past several days, wireless carriers have implemented new data allowances intended to keep subscribers online. Cable providers have started to offer free, short-term television subscriptions, and also opened their networks to non-subscribers. ISPs offering both wired and wireless internet solutions have also committed to keeping customers connected over the next several months, regardless of their ability to pay for service. We have also seen companies advising consumers on how to maximize their internet experience, for example by utilizing wireline connections when possible and relocating routers to optimize service.
Additionally, the FCC has begun to implement regulatory measures aimed at meeting increased consumer demand for broadband during the COVID-19 pandemic. For example, the FCC is granting special temporary authorities for ISPs, such as T-Mobile, U.S. Cellular, and Verizon, to access airwaves currently licensed to other users to help meet surging network traffic for telehealth, distance learning, teleworking, and first responders.
The FCC is also waiving some rules for Lifeline, which subsidizes broadband service for low-income Americans, to ensure program beneficiaries remain connected and waiving E-Rate gift rules to assist schools and libraries impacted by COVID-19. In particular, Representative Doris Matsui (D-CA) has called on the FCC to explore measures to grant provisional approvals for Lifeline subscribers as more Americans become eligible in light of decreased income and job losses because of COVID-19.
Long-Term Challenge: Broadband Deployment and Closing the Digital Divide
While there is no silver bullet to significantly improving the reach, speed, or reliability of the internet, especially as deployment of new spectrum resources and fine tuning of connected devices could take months, the COVID-19 crisis has shed light on the need to promulgate policy and regulations that will support the internet of the future.
As the first cases of COVID-19 were reported in the U.S., House Majority Whip Jim Clyburn’s (D-SC) Rural Broadband Task Force had been making progress, releasing a section-by-section summary of forthcoming legislation. This bill is expected to establish a formal Office of Internet Connectivity and Growth, promote effective price competition and ensure affordability, and expand Wi-Fi access through mobile hotspots and school bus connectivity. Additionally, the task force is considering legislative provisions to expand FCC subsidies, finance more widespread broadband deployment, and improve transparency in reporting on internet access. While it is unclear how changes in the congressional calendar due to COVID-19 might impact the timeline for a formal bill introduction this summer, the continuing pandemic escalates the urgency for consideration of such legislation.
Similar sentiments have been echoed by regulators and other lawmakers in the initial days following the COVID-19 emergency declaration. For example, as schools increasingly shutter their doors for the semester, Democratic FCC Commissioner Jessica Rosenworcel has called on the Trump Administration to explore federal funding for Wi-Fi hotspots. In addition, Sen. Chris Van Hollen (D-MD) has indicated his bill to create a fund to help address the “homework gap” could be included in a COVID-19 emergency bill or subsequent appropriations legislation.
With the internet and communications technology critical to fighting COVID-19 and supporting the economy, there are numerous proposals under discussion for closing the digital divide. These concepts include measures aimed at increasing requirements for minimum internet speeds, legislation that would require coordination agreements between ISPs to ensure network resiliency during emergency situations, and a review of eligibility criteria for federal broadband grant and loan programs to ensure new deployment is fast, robust, and targets unserved and underserved areas.
We also anticipate further debate on spectrum issues as they relate both directly and indirectly to closing the digital divide. As additional spectrum is cleared and auctioned to support the nationwide 5G rollout, we are likely to observe efforts aimed at directing auction proceeds towards rural broadband. Of course, revenues from spectrum auctions have also frequently been proposed as offsets for government spending, which will increase significantly as Congress and the administration work to pass stimulus bills to minimize the economic fallout from COVID-19.
COVID-19 has also increased the demand for Wi-Fi and highlighted the need for more unlicensed spectrum to meet the exponential increase in connected devices. This, coupled with the race the 5G, evince the need for Wi-Fi as a solution for offloading mobile internet traffic. The FCC has two active proceedings that would open up 5.9 GHz and 6 GHz spectrum for Wi-Fi and other unlicensed use cases. These proceedings are likely to garner greater attention as Wi-Fi emerges as a key technology in the COVID-19 response.
Addressing Misinformation and Protecting Consumers Online
In addition to working with the private sector to maintain internet connectivity in a time of growing demand, the federal government has also been collaborating with ISPs, broadcasters, and tech platforms to provide consumers with reliable information on COVID-19, clamp down on disinformation online, and prohibit internet retailers from taking advantage of consumers during the crisis.
The FCC has encouraged broadcasters to serve as part of the solution by distributing public service announcements (PSAs) and promoting U.S. Centers for Disease Control and Prevention (CDC) best practices on social distancing. Further, the Trump Administration has also encouraged broadcasters and content providers to continue to negotiate in good faith in order to avoid service disruptions during the next two months. In turn, the FCC is providing broadcasters with increased flexibility on repacking in the event their workers are impacted by COVID-19.
The White House has also called on large tech platforms to assist in dispelling online COVID-19 conspiracies. Following a teleconference with senior Trump Administration officials, big tech companies issued a joint statement pledging to combat fraud and misinformation about the virus, elevate authoritative content on their platforms, and coordinate with healthcare agencies to provide accurate critical information.
With an uptick in congressional interest on Section 230 content liability protections just prior to the COVID-19 emergency declaration, it is likely COVID-19 will offer a whole new angle to the debate. We should expect to see lawmakers continue to work with the Federal Trade Commission (FTC) and tech platforms to catalogue and combat COVID-19-related scams, misinformation, and hoaxes and promote reliable governmental and scientific resources.
Similarly, we anticipate an ongoing focus on false advertising and efforts online retailers can take to limit price gouging during the COVID-19 pandemic. For example, earlier this week, House Judiciary and Energy and Commerce Committee Democratic leaders, including Representatives Jerry Nadler (D-NY), Frank Pallone (D-NJ), David Cicilline (D-RI), and Jan Schakowsky (D-IL) wrote to the FTC urging the agency to protect consumers from price gouging. They also indicated they will be working on legislation to address this issue.
Senators Warner and Richard Blumenthal (D-CT) have also written to the FTC to raise concerns about big tech’s lacking efforts to police misuse of advertising on its platforms. As a result, we could see a legislative effort to eliminate liability shields for advertising and monetized content to better incentivize online platforms to enhance the level of attention paid to combating COVID-19 disinformation through paid advertising.
Internet Regulation: Reinvigorating the Net Neutrality Debate
In the near-term, we might expect the growing need for internet connectivity to also reinvigorate the debate over net neutrality and how the internet is regulated. Although networks appear to be holding up in light of greater use, concerns are surfacing about whether the Internet can be responsive to the priority needs of healthcare workers, emergency responders, and students under the Trump Administration’s current net neutrality framework.
By way of background, under Chairman Pai’s leadership, in 2017 the FCC reclassified broadband as a Title I information service, a departure from Obama-era rules that regulated the internet as a Title II common carrier service. Under the 2015 net neutrality rules, ISPs were prohibited from engaging in blocking or throttling, or offering paid prioritization. Many ISPs have indicated they continue to support net neutrality principles, despite the 2017 changes to FCC regulations.
As we experience more internet users consuming more bandwidth while they quarantine at home, public interest groups have begun to suggest there could be an opportunity to persuade Congress to pass legislation directing the FCC to reclassify broadband as a Title II service. Their thinking is this would allow the FCC to use more authorities to ensure universal service and prevent broadband outages. Additionally, they argue such action would prohibit ISPs from offering consumers prioritized internet service for streaming entertainment when priority users, such as healthcare providers and students, may not have the resources to afford paid prioritization.
Despite the evolving COVID-19 situation, a policy reversal seems unlikely at this time. Although the Democratically-controlled House of Representatives passed the Save the Internet Act last year, our sources suspect any bill overturning Chairman Pai’s Restoring Internet Freedom Order remains dead on arrival in the Senate. However, this issue may be worth monitoring as heightened connectivity needs continue during the COVID-19 pandemic.
Cybersecurity: The Need for Secure and Resilient Networks
With key government leaders focused on stopping the spread of COVID-19, adversaries have capitalized on preoccupation with the pandemic as an opportunity to launch cyberattacks, demonstrating the need to harden all critical infrastructure against cyber threats.
Earlier this week, the Department of Health and Human Services (HHS) website was hacked. The attack involved overloading HHS servers with millions of hits over several hours, but fortunately did not lead to penetration or degradation of the function of the networks. Sources familiar with the situation are labeling it as a campaign of disruption and disinformation that was aimed at undermining the response to the coronavirus pandemic. No data appears to have been taken from HHS systems.
HHS is not the only government agency that has been targeted in cyberspace during these early days of the COVID-19 outbreak. Department of Defense (DoD) networks are also seeing a rise in cyber incidents, with at least 37 cases reported so far. There is some belief DoD networks are becoming less secure as personnel transition to working remotely. Some incidents may even be related to the use of streaming services, such as Pandora and YouTube, while federal employees access DoD networks from home. In light of these threats, DoD is working to provide enterprise solutions to beef up network security.
As a result of these cyberattacks, the Trump Administration is seeking additional funding for cybersecurity as part of its request for additional COVID-19 emergency appropriations. The Office of Management and Budget (OMB) have outlined a request that includes $21 million for the Department of Energy (DOE) to pay for telework and cybersecurity support; $47 million for the Federal Emergency Management Agency (FEMA) to expand conference bridge capabilities, cybersecurity, and virtual private networks (VPNs); $17 million for the Department of Interior (DOI) to perform immediate network security upgrades; and $5.5. million for the National Archives and Records Administration (NARA) to provide electronic remote access and accelerate cybersecurity upgrades.
Cybersecurity is also a concern for companies that are mandating teleworking. Complementary to increasing demand for connectivity, greater utilization of online identification verification and encryption services to protect sensitive data has also been reported. Further, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has provided guidance on how internet users can take steps to avoid internet scams, malicious emails, and fraudulent websites and protect personal and financial information while teleworking during the COVID-19 outbreak.
As COVID-19 began to spread in the U.S., many policymakers were focused on improving cybersecurity, and more specifically, responding to the recommendations included in the Cyberspace Solarium Commission report, which was released on March 11. This report outlines more than 80 recommendations, including several pertaining to the private sector and critical infrastructure cybersecurity, around six critical pillars. Commissioners have already indicated that recommendations focused on improving Americans’ digital literary and cyber hygiene could be especially important in responding to COVID-19.
It has long been envisioned that many of the commission’s legislative recommendations would be considered as part of this year’s National Defense Authorization Act (NDAA). Although late March hearings planned with members of the commission are indefinitely postponed due to COVID-19, key congressional staffers indicate the schedule for this year’s NDAA cycle remains on track.
In fact, House Armed Services Committee Chairman Adam Smith (D-WA) recently said his committee is still planning to hold its NDAA markup on April 30 and is hoping for a vote on the House floor by mid-May. The Senate is scheduled to markup its bill during the week of May 18, with a floor vote possible in June. In recent years, the annual defense bill has served as a vehicle for cybersecurity policy, and this year, cyber provisions may be influenced by growing threats associated with COVID-19.
COVID-19 and the Ongoing Privacy Debate
As the federal government continues to explore how it might work with the private sector to strengthen its hand in the fight against COVID-19, major tech companies are participating in discussions about tactics that may use location data from consumers’ phones to minimize the spread of COVID-19. Data would be collected using a practice known as syndromic surveillance. Similar approaches have already been implemented in China and South Korea as part of their COVID-19 response strategies. The Israeli government has also approved the use of cell phone data to track the locations of infected people and those with whom they may have had personal contact.
Although talks are ongoing, U.S. policymakers have outlined a path forward where data collection could be aggregated and anonymous. However, opposition to a syndromic surveillance method is rising out of concern that such data collection efforts could be abused by tech platforms, especially those who have previously overstepped commitments on consumer privacy.
Similarly, the Trump Administration’s partnerships with Google and Alphabet subsidiary Verily to rollout new websites that will contain resources related to COVID-19 education and prevention and facilitate more widespread testing are also raising privacy concerns. On Wednesday, Senators Bob Menendez (D-NJ), Cory Booker (D-NJ), Sherrod Brown (R-OH), Kamala Harris (D-CA), and Blumenthal wrote to Google leadership regarding the lacking assessment of privacy vulnerabilities in developing these online resources.
The privacy implications of syndromic surveillance and COVID-19 testing websites operated by third parties are especially challenging in the absence of a federal privacy standard. Prior to the full pivot of the legislative agenda to COVID-19, House Energy and Commerce Committee staff were reviewing stakeholder comments on draft bipartisan privacy legislation. In the Senate, bipartisan privacy talks between Senators Roger Wicker (R-MS) and Maria Cantwell (D-WA) had slowed significantly and those between Senators Jerry Moran (R-KS) and Blumenthal cratered under the weight of fundamental disagreements on private right of action and preemption.
California, which is among the states hardest hit by the COVID-19 outbreak, especially in San Francisco where seven million residents are under a shelter-in-place order, is implementing its new privacy law. There is yet to be a clear nexus between COVID-19 and the California Consumer Privacy Act (CCPA). However, the California statute provides consumers the right to learn what personal information about them is held by businesses, request deletion of information, and opt out of its sale. CCPA, which is often referred to as a guidepost for federal privacy legislation, excludes health information and healthcare providers covered under the California Confidentiality of Medical Information Act and HIPAA. Only time will tell how these provisions apply to new concepts like syndromic surveillance and what impact they could have on the federal privacy debate.
Telehealth: Alleviating Burdens on the Healthcare System
As alluded to above, healthcare providers are also seeking enhanced internet connectivity in order to leverage new telehealth benefits that will improve provider efficiency, free up hospital beds for the sickest COVID-19 patients, and limit potential exposure to the virus.
On March 6, the Trump Administration announced expanded Medicare telehealth coverage that will allow the Centers for Medicare and Medicaid Services (CMS) to temporarily pay clinicians to provide routine telehealth services for beneficiaries residing across the country, as opposed to just those in rural areas who would otherwise need to travel to a medical facility for telehealth consultations with an expert in a remote location.
While there are several benefits to expanding telehealth coverage, the technology throughput must exist to accommodate the flood of new patients accessing these services and that strain it could place on both healthcare professionals and technical resources. As the number of virtual visit requests increases, technological challenges have already presented, including around access to health records, system overloads, and frustration caused by user errors due to general unfamiliarity with telehealth technology.
To address some of these challenges, the FCC has temporarily waived the gift rule for its Rural Health Care (RHC) broadband subsidy program through September 30. This will allow carriers to provide free network upgrades, donate cutting edge equipment, and launch Wi-Fi hotspots to support hospitals and other healthcare providers in their growing telehealth mission. On Wednesday, a group of 26 senators wrote to Chairman Pai requesting additional changes to the RHC program, including increasing subsidies for RHC program participants for the 2019 funding year and extending the filing window for the 2020 funding year to June 30.
Further, Chairman Pai has called on Congress to appropriate funding for a new COVID-19 Connected Care Pilot that would enable federal funds, including financial support from the FCC’s Universal Service Fund (USF), to be used to support in-home equipment and broadband resources for patients impacted by the virus.
Impact of COVID-19 on Lawmakers and Regulators
While there are clearly a number of policy, appropriations, and regulatory matters pertaining to technology, telecommunications, and cybersecurity that merit further discussion as part of the COVID-19 response, the ability of lawmakers and key agency officials to act may in itself be hamstrung by the spread of COVID-19. Like the private sector, government is also struggling to work through procedural, connectivity, and cybersecurity obstacles to conducting business remotely.
Despite federal guidance encouraging teleworking and discouraging gatherings of more than ten people, Congress and federal agencies currently have no uniform policy for operating under current circumstances. That said, the congressional calendar remains fluid, although at this time, we do not expect any congressional hearings or markups through at least the end of March, and perhaps for the foreseeable future.
House lawmakers remain in their districts awaiting guidance on when they are expected to return to Washington from recess. Representatives Mario Diaz-Balart (R-FL) and Ben McAdams (D-UT) were also recently announced as the first members of Congress to test positive for COVID-19.
Meanwhile, the Senate remains in session and Majority Leader Mitch McConnell (R-KY) has indicated weekend votes are possible on a COVID-19 stimulus package. With the number of confirmed COVID-19 cases in the DC area rising, it is presumed the Senate will pass at least a third emergency package before it adjourns to protect members, including several who are in the high risk population, from exposure to the virus.
Also challenging is the fact that House and Senate rules require voting in person. Although these rules were well intended to ensure that members elected to represent constituencies are genuinely present to vote, it means little consideration has ever been given to the technological and security measures that would need to exist to provide remote and digital options for voting. So far, Leader McConnell and House Speaker Nancy Pelosi (D-CA) appear to be holding firm on in-person voting.
However, last week Representatives Eric Swalwell (D-CA) and Rick Crawford (R-AR) introduced their MOBILE (Members Operating to Be Innovative and Link Everyone) resolution, which would mandate the development of a secure system members could use to vote remotely, primarily on non-controversial suspension bills. While Representative Swalwell has introduced similar legislation every year since 2013, COVID-19 is increasing support for this proposal. In addition, Representatives Swalwell, Katie Porter (D-CA), and Nicholas Van Taylor (R-TX) recently led a letter to House leadership requesting a rule change to allow for online voting. This bipartisan letter include more than 50 signatures.
Similar sentiments have been articulated in the Senate. For example, Democratic Whip Dick Durbin (D-IL) has been outspoken in recent days on the need for virtual committee hearings and the ability to vote without having to record verbal “yeas” and “nays” that only count when spoken in person on the Senate floor. We are also hearing Sen. Rob Portman (R-OH) intends to introduce legislation this week that would amend the Senate’s standing rules by allowing the majority and minority leader the authority to allow remote voting during times of national crisis for at least 30 days.
The White House and the FCC have also been forced to cancel events and change their way of working as COVID-19 continues to spread. The FCC has already postponed a March 26 forum on 5G virtualized radio access networks and the White House has followed suit in delaying an April 1 5G summit.
Decisions have yet to be made on how the FCC will approach open meetings under current guidance related to COVID-19. While some FCC staff has already transitioned to teleworking, it is still possible for commissioners to proceed with open meetings. In fact, the FCC has some experience conducting open meetings remotely, as open meetings were held by conference call during the prolonged government shutdown in early 2019. It is possible, however, that COVID-19 could result in relatively light, non-controversial, and non-technical agendas should meetings take place.
Conclusion
The COVID-19 situation is rapidly evolving. What the spread of the virus and ongoing efforts to protect public health, support American families, and shelter the U.S. economy means for technology, telecommunications, and cybersecurity, both in terms of challenges and opportunities, is also changing daily.
We look forward to continuing to monitor these particular issues, along with broader policy changes impacting U.S. business in the days, weeks, and months ahead and look forward to providing future updates. In the meantime, we hope you stay safe, healthy, and connected during these unusual times!