[Pages H41-H43]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




 EXPRESSING SENSE OF THE HOUSE THAT STAKEHOLDERS IN 5G COMMUNICATIONS 
  INFRASTRUCTURE SHOULD CAREFULLY CONSIDER AND ADHERE TO ``THE PRAGUE 
                              PROPOSALS''

  Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, I move to 
suspend the rules and agree to the resolution (H. Res. 575) expressing 
the sense of the House of Representatives that all stakeholders in the 
deployment of 5G communications infrastructure should carefully 
consider and adhere to the recommendations of ``The Prague Proposals'', 
as amended.
  The Clerk read the title of the resolution.
  The text of the resolution is as follows:

                              H. Res. 575

       Whereas 5G, the next generation (5th generation) in 
     wireless technology, promises the next evolution of 
     communications and information technology services, 
     applications, and capabilities across every sector of 
     business, government, entertainment, and communications;
       Whereas the United States, Europe, China, and others are 
     racing toward 5G adoption and upgrading existing networks, 
     which will drive subsequent advances in artificial 
     intelligence, machine learning, smart homes, smart cities, 
     robotics, autonomous vehicles, and quantum computers;
       Whereas 5G will make possible the automatization of 
     everyday activities and the use of the full potential of the 
     Internet of Things;
       Whereas these developments, while evolutionary, could 
     include risks to important public interests, including 
     privacy, data security, public safety, and national security;
       Whereas in a highly connected world, disruption of the 
     integrity, confidentiality, or availability of communications 
     or even the disruption of the communications service itself 
     can seriously hamper everyday life, societal functions, the 
     economy, and national security;
       Whereas the security of 5G networks is crucial for national 
     security, economic security, and other United States national 
     interests and global stability;
       Whereas operators of communications infrastructure depend 
     on a complex supply chain of technology from a global market 
     of suppliers and service providers;
       Whereas government security officials and experts from 32 
     countries came together in Prague in May of 2019 to work out 
     guidelines for the deployment and security of 5G networks;
       Whereas representatives agreed that ``[m]ajor security 
     risks emanate from the cross-border complexities of an 
     increasingly global supply chain which provides [information 
     and communications technology] equipment. These risks should 
     be considered as part of the risk assessment based on 
     relevant information and should seek to prevent proliferation 
     of compromised devices and the use of malicious code and 
     functions.''; and
       Whereas the Prague 5G Security Conference adopted security 
     recommendations, which have come to be known as ``The Prague 
     Proposals'': Now, therefore, be it
       Resolved,

     SECTION 1. SENSE OF THE HOUSE OF REPRESENTATIVES.

       The House of Representatives--
       (1) urges all stakeholders in the deployment of 5G 
     communications infrastructure to carefully consider adherence 
     to the recommendations of ``The Prague Proposals'' (as 
     described in section 2) as they procure products and services 
     across their supply chain; and
       (2) encourages the President and Federal agencies to 
     promote global trade and security policies that are 
     consistent with ``The Prague Proposals'' and urge our allies 
     to embrace the recommendations of ``The Prague Proposals'' 
     for their 5G infrastructure.

     SEC. 2. PRAGUE PROPOSALS.

       The text of ``The Prague Proposals'' is as follows:
       (1) ``Policy''.--
       (A) ``Communication networks and services should be 
     designed with resilience and security in mind. They should be 
     built and maintained using international, open, consensus-
     based standards and risk-informed cybersecurity best 
     practices. Clear globally interoperable cyber security 
     guidance that would support cyber security products and 
     services in increasing resilience of all stakeholders should 
     be promoted.''.
       (B) ``Every country is free, in accordance with 
     international law, to set its own national security and law 
     enforcement requirements, which should respect privacy and 
     adhere to laws protecting information from improper 
     collection and misuse.''.
       (C) ``Laws and policies governing networks and connectivity 
     services should be guided by the principles of transparency 
     and equitability, taking into account the global economy and 
     interoperable rules, with sufficient oversight and respect 
     for the rule of law.''.

[[Page H42]]

       (D) ``The overall risk of influence on a supplier by a 
     third country should be taken into account, notably in 
     relation to its model of governance, the absence of 
     cooperation agreements on security, or similar arrangements, 
     such as adequacy decisions, as regards data protection, or 
     whether this country is a party to multilateral, 
     international or bilateral agreements on cybersecurity, the 
     fight against cybercrime, or data protection.''.
       (2) ``Technology''.--
       (A) ``Stakeholders should regularly conduct vulnerability 
     assessments and risk mitigation within all components and 
     network systems, prior to product release and during system 
     operation, and promote a culture of find/fix/patch to 
     mitigate identified vulnerabilities and rapidly deploy fixes 
     or patches.''.
       (B) ``Risk assessments of supplier's products should take 
     into account all relevant factors, including applicable legal 
     environment and other aspects of supplier's ecosystem, as 
     these factors may be relevant to stakeholders' efforts to 
     maintain the highest possible level of cyber security.''.
       (C) ``When building up resilience and security, it should 
     be taken into consideration that malicious cyber activities 
     do not always require the exploitation of a technical 
     vulnerability, e.g. in the event of insider attack.''.
       (D) ``In order to increase the benefits of global 
     communication, States should adopt policies to enable 
     efficient and secure network data flows.''.
       (E) ``Stakeholders should take into consideration 
     technological changes accompanying 5G networks roll out, e.g. 
     use of edge computing and software defined network/network 
     function virtualization, and its impact on overall security 
     of communication channels.''.
       (F) ``Customer--whether the government, operator, or 
     manufacturer--must be able to be informed about the origin 
     and pedigree of components and software that affect the 
     security level of the product or service, according to state 
     of art and relevant commercial and technical practices, 
     including transparency of maintenance, updates, and 
     remediation of the products and services.''.
       (3) ``Economy''.--
       (A) ``A diverse and vibrant communications equipment market 
     and supply chain are essential for security and economic 
     resilience.''.
       (B) ``Robust investment in research and development 
     benefits the global economy and technological advancement and 
     is a way to potentially increase diversity of technological 
     solutions with positive effects on security of communication 
     networks.''.
       (C) ``Communication networks and network services should be 
     financed openly and transparently using standard best 
     practices in procurement, investment, and contracting.''.
       (D) ``State-sponsored incentives, subsidies, or financing 
     of 5G communication networks and service providers should 
     respect principles of fairness, be commercially reasonable, 
     conducted openly and transparently, based on open market 
     competitive principles, while taking into account trade 
     obligations.''.
       (E) ``Effective oversight on key financial and investment 
     instruments influencing telecommunication network development 
     is critical.''.
       (F) ``Communication networks and network service providers 
     should have transparent ownership, partnerships, and 
     corporate governance structures.''.
       (4) ``Security, privacy, and resilience''.--
       (A) ``All stakeholders including industry should work 
     together to promote security and resilience of national 
     critical infrastructure networks, systems, and connected 
     devices.''.
       (B) ``Sharing experience and best practices, including 
     assistance, as appropriate, with mitigation, investigation, 
     response, and recovery from network attacks, compromises, or 
     disruptions should be promoted.''.
       (C) ``Security and risk assessments of vendors and network 
     technologies should take into account rule of law, security 
     environment, vendor malfeasance, and compliance with open, 
     interoperable, secure standards, and industry best practices 
     to promote a vibrant and robust cyber security supply of 
     products and services to deal with the rising challenges.''.
       (D) ``Risk management framework in a manner that respects 
     data protection principles to ensure privacy of citizens 
     using network equipment and services should be 
     implemented.''.

  The SPEAKER pro tempore. Pursuant to the rule, the gentleman from 
Pennsylvania (Mr. Michael F. Doyle) and the gentleman from Ohio (Mr. 
Latta) each will control 20 minutes.
  The Chair recognizes the gentleman from Pennsylvania.


                             General Leave

  Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, I ask unanimous 
consent that all Members may have 5 legislative days in which to revise 
and extend their remarks and include extraneous material on H. Res. 
575.
  The SPEAKER pro tempore. Is there objection to the request of the 
gentleman from Pennsylvania?
  There was no objection.
  Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, I yield myself 
such time as I may consume.
  Madam Speaker, I rise in support of H. Res. 575. This bipartisan 
legislation was introduced by Mr. Flores and Mr. Soto, both of whom are 
members of the Communications and Technology Subcommittee, which I 
chair.
  The bill before us expresses the sense of the House of 
Representatives that all stakeholders in the deployment of 5G 
communications infrastructure should carefully consider and adhere to 
the recommendations adopted at the Prague 5G Security Conference in May 
2019 known as the Prague Proposals.
  These proposals serve as a cybersecurity framework for the adoption 
and deployment of 5G networks and were agreed upon last year in Prague 
at a meeting of over 30 Western-allied nations, as well as technical 
experts and equipment manufacturers. This framework acknowledges the 
risks posed by untrusted 5G network equipment offered by Chinese 
telecom providers such as Huawei.
  The Prague Proposals form the basis for a coordinated approach to 
shared security as we begin to transition to the next generation of 
wireless network technologies.
  The Communications and Technology Subcommittee has done extensive 
work this Congress on security implications of 5G technologies. I thank 
Mr. Flores and Mr. Soto for the good work they have done in bringing 
this important legislation to the floor. I also thank the Committee on 
Foreign Affairs and Chairman Engel for working with the Energy and 
Commerce Committee to advance this legislation.
  Madam Speaker, this is a good bill. I urge my colleagues to support 
it, and I reserve the balance of my time.
                                         House of Representatives,


                                 Committee on Foreign Affairs,

                                 Washington, DC, December 5, 2019.
     Hon. Frank Pallone, Jr.,
     Chairman, Committee on Energy and Commerce,
     House of Representatives, Washington, DC.
       Dear Chairman Pallone: In recognition of the desire to 
     expedite consideration of H. Res. 575, Expressing the sense 
     of the House of Representatives that all stakeholders in the 
     deployment of 5G communications infrastructure should 
     carefully consider and adhere to the recommendations of ``The 
     Prague Proposals,'' the Committee on Foreign Affairs agrees 
     to waive formal consideration of the bill as to provisions 
     that fall within the Rule X jurisdiction of the Committee on 
     Foreign Affairs.
       The Committee on Foreign Affairs takes this action with the 
     mutual understanding that we do not waive any jurisdiction 
     over the subject matter contained in this or similar 
     legislation, and the Committee will be appropriately 
     consulted and involved as the bill or similar legislation 
     moves forward so that we may address any issues within our 
     jurisdiction. I ask you to support the appointment of 
     Committee on Foreign Affairs conferees during any House-
     Senate conference convened on this legislation.
       Finally, thank you for agreeing to include a copy of our 
     exchange of letters in the Congressional Record during floor 
     consideration of H. Res. 575.
           Sincerely,
                                                   Eliot L. Engel,
     Chairman.
                                  ____

                                         House of Representatives,


                             Committee on Energy and Commerce,

                                  Washington, DC, January 6, 2020.
     Hon. Eliot Engel,
     Chairman, Committee on Foreign Affairs,
     Washington, DC.
       Dear Chairman Engel: Thank you for consulting with the 
     Committee on Energy and Commerce and agreeing to be 
     discharged from further consideration of H. Res. 575, 
     Expressing the sense of the House of Representatives that all 
     stakeholders in the deployment of 5G communications 
     infrastructure should carefully consider and adhere to the 
     recommendations of ``The Prague Proposals,'' so that the bill 
     may proceed expeditiously to the House floor.
       I agree that your forgoing further action on this measure 
     does not in any way diminish or alter the jurisdiction of 
     your committee or prejudice its jurisdictional prerogatives 
     on this measure or similar legislation in the future. I agree 
     that your Committee will be appropriately consulted and 
     involved as this bill or similar legislation moves forward so 
     that we may address any remaining issues within your 
     jurisdiction. I would support your effort to seek appointment 
     of an appropriate number of conferees from your Committee to 
     any House-Senate conference on this legislation.
       I will place our letters on H. Res. 575 into the 
     Congressional Record during floor consideration of the bill. 
     I appreciate your cooperation regarding this legislation and 
     look forward to continuing to work together as this measure 
     moves through the legislative process.
           Sincerely,
                                               Frank Pallone, Jr.,
                                                         Chairman.


[[Page H43]]


  

  Mr. LATTA. Madam Speaker, I yield myself such time as I may consume.
  Madam Speaker, I rise today in support of H. Res. 575, a resolution 
to encourage all stakeholders involved in the deployment of 5G 
communications technology to adhere to the Prague Proposals.
  The Prague Proposals resulted from the Prague 5G Security Conference 
earlier last year, where representatives from 32 countries met to 
discuss concerns about equipment supplied by certain vendors that pose 
a threat to national security. With 5G poised to support an array of 
critical functions and services over the next decade, it is imperative 
that we ensure the equipment used to build these networks is secure.
  By encouraging all stakeholders at home and abroad to abide by these 
principles, we are sending a strong message that we are taking the 
security of our networks seriously.
  Madam Speaker, I urge my colleagues to support this resolution, and I 
reserve the balance of my time.
  Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, I yield 2 
minutes to the gentleman from Florida (Mr. Soto), who is a valuable 
member of the Energy and Commerce Committee and who has done extensive 
work on this legislation.
  Mr. SOTO. Madam Speaker, I thank Chairman Doyle and Ranking Member 
Latta, as well as Representative Flores, for all of their work and the 
work of the Energy and Commerce Committee.
  It is essential that the United States be at the forefront of the 
deployment and development of 5G technologies. 5G is the infrastructure 
that will allow our country to be the leader in the 21st century 
economy.
  There is fundamental importance of internet connectivity across the 
country for both metropolitan and rural areas, highlighting both cities 
and rural areas, and this is a need that telecom technology must be 
developed in a practical but secure way. In a district like mine, we 
have urban, suburban, and rural, so we look out for all of these 
different areas.
  The equipment and services in U.S. communications networks provide 
critical infrastructure for 5G deployment, making them appealing 
targets for foreign adversaries. For these companies in particular, 
experts have noted that China has ``the means, opportunity, and motive 
to use telecommunications companies for malicious purposes.''
  We have seen this problem in Chinese telecom chips made by companies 
like Huawei and other supply chain security issues that have been 
making news as of late.
  We started local efforts in Florida's Ninth Congressional District, 
along with the University of Central Florida and others, to produce 
components that are tamper-resistant sensors developed at national 
foundries, like the BRIDG facility in central Florida. But we must do 
more.
  For these reasons, I am proud to be the Democratic colead on H. Res. 
575. This resolution provides a sense of the House of Representatives 
that developers of 5G technologies abide by wireless technology 
recommendations made at the Prague 5G Security Conference.
  Some of these Prague Proposals include communications networks and 
services be designed with resilience and security in mind, and every 
country is free, in accordance with international law, to have security 
requirements.
  The SPEAKER pro tempore. The time of the gentleman has expired.
  Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, I yield the 
gentleman from Florida an additional 2 minutes.
  Mr. SOTO. Policies governing 5G deployment should be guided by 
principles of transparency and equitability. Stakeholders should 
conduct regular vulnerability assessments and risk mitigation of 
products. And customers must be able to be informed about the origin of 
components in software that affect the security level of the products 
they use.
  Madam Speaker, I thank Chairman Doyle, Mr. Flores, Mr. Latta, and 
others for their great work, and I urge everyone to support H. Res. 
575.
  Mr. LATTA. Madam Speaker, I yield 3 minutes to the gentleman from 
Texas (Mr. Flores), and I applaud him on his hard work on this 
legislation.
  Mr. FLORES. Madam Speaker, I thank GOP leader Latta for yielding me 
time to support our bill.
  Madam Speaker, I rise in support of our resolution, H. Res. 575, 
which I introduced with my colleague Darren Soto from Florida, 
expressing strong support for the Prague Proposals, a set of 5G 
security recommendations agreed to by officials from the U.S. and 31 
other countries during a conference in May 2019.
  5G communication networks have the potential to transform the way we 
live. Collaboration with our international partners is paramount in the 
development of secure network architecture for the interconnected world 
of the future.
  5G networks will have the capacity to support innovative technologies 
such as telemedicine, remote surgery, interconnected devices on the 
Internet of Things, and, importantly, bring high-speed broadband to the 
far reaches of rural communities to close the digital divide.
  But if the underlying network that these services operate on is not 
properly secured, bad actors will be able to exploit vulnerabilities to 
disrupt critical infrastructure, harming public safety and jeopardizing 
national security. It is imperative that we secure our networks on the 
front end of deployment to avoid potentially catastrophic consequences 
down the road.
  Recognizing these risks, the U.S. and those 31 other countries came 
together with representatives from the EU and NATO to agree on a set of 
commonsense principles necessary to maintain a secure, resilient 
network for next-generation communication.
  These proposals urge 5G stakeholders across the global supply 
technology chain to institute practical, proven solutions to mitigate 
risks and to protect against security threats. Among these proposals, 
the conference of 32 countries recognized the need for information 
sharing and encouraged regular risk assessment tests to mitigate 
vulnerabilities, while taking into consideration technological changes 
that will address the risks we may encounter in the future.
  Our resolution expresses the House of Representatives' support for 
these recommendations as an encouragement for stakeholders, government 
entities, and our international partners to work together to secure our 
5G networks.
  Madam Speaker, I thank Mr. Soto for his work, and I urge my 
colleagues to support this important resolution.

                              {time}  1600

  Mr. LATTA. Madam Speaker, I am prepared to close.
  Madam Speaker, from the comments that we have heard on the floor 
today, it is so important that we pass this piece of legislation. It is 
a good piece of bipartisan legislation, and I urge its support from 
this House.
  Madam Speaker, I yield back the balance of my time.
  Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, in closing, I 
echo what my good friend, Mr. Latta, says. This is a good bill, and I 
urge my colleagues to support it.
  Madam Speaker, I yield back the balance of my time.
  The SPEAKER pro tempore. The question is on the motion offered by the 
gentleman from Pennsylvania (Mr. Michael F. Doyle) that the House 
suspend the rules and agree to the resolution, H. Res. 575, as amended.
  The question was taken; and (two-thirds being in the affirmative) the 
rules were suspended and the resolution, as amended, was agreed to.
  The title of the resolution was amended so as to read: ``Resolution 
expressing the sense of the House of Representatives that all 
stakeholders in the deployment of 5G communications infrastructure 
should carefully consider adherence to the recommendations of `The 
Prague Proposals'.''.
  A motion to reconsider was laid on the table.

                          ____________________