January 8, 2020 - Issue: Vol. 166, No. 4 — Daily Edition116th Congress (2019 - 2020) - 2nd Session
All in House sectionPrev40 of 88Next
EXPRESSING SENSE OF THE HOUSE THAT STAKEHOLDERS IN 5G COMMUNICATIONS INFRASTRUCTURE SHOULD CAREFULLY CONSIDER AND ADHERE TO ``THE PRAGUE PROPOSALS''; Congressional Record Vol. 166, No. 4
(House of Representatives - January 08, 2020)
Text available as:
Formatting necessary for an accurate reading of this text may be shown by tags (e.g., <DELETED> or <BOLD>) or may be missing from this TXT display. For complete and accurate display of this text, see the PDF.
[Pages H41-H43] From the Congressional Record Online through the Government Publishing Office [www.gpo.gov] EXPRESSING SENSE OF THE HOUSE THAT STAKEHOLDERS IN 5G COMMUNICATIONS INFRASTRUCTURE SHOULD CAREFULLY CONSIDER AND ADHERE TO ``THE PRAGUE PROPOSALS'' Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, I move to suspend the rules and agree to the resolution (H. Res. 575) expressing the sense of the House of Representatives that all stakeholders in the deployment of 5G communications infrastructure should carefully consider and adhere to the recommendations of ``The Prague Proposals'', as amended. The Clerk read the title of the resolution. The text of the resolution is as follows: H. Res. 575 Whereas 5G, the next generation (5th generation) in wireless technology, promises the next evolution of communications and information technology services, applications, and capabilities across every sector of business, government, entertainment, and communications; Whereas the United States, Europe, China, and others are racing toward 5G adoption and upgrading existing networks, which will drive subsequent advances in artificial intelligence, machine learning, smart homes, smart cities, robotics, autonomous vehicles, and quantum computers; Whereas 5G will make possible the automatization of everyday activities and the use of the full potential of the Internet of Things; Whereas these developments, while evolutionary, could include risks to important public interests, including privacy, data security, public safety, and national security; Whereas in a highly connected world, disruption of the integrity, confidentiality, or availability of communications or even the disruption of the communications service itself can seriously hamper everyday life, societal functions, the economy, and national security; Whereas the security of 5G networks is crucial for national security, economic security, and other United States national interests and global stability; Whereas operators of communications infrastructure depend on a complex supply chain of technology from a global market of suppliers and service providers; Whereas government security officials and experts from 32 countries came together in Prague in May of 2019 to work out guidelines for the deployment and security of 5G networks; Whereas representatives agreed that ``[m]ajor security risks emanate from the cross-border complexities of an increasingly global supply chain which provides [information and communications technology] equipment. These risks should be considered as part of the risk assessment based on relevant information and should seek to prevent proliferation of compromised devices and the use of malicious code and functions.''; and Whereas the Prague 5G Security Conference adopted security recommendations, which have come to be known as ``The Prague Proposals'': Now, therefore, be it Resolved, SECTION 1. SENSE OF THE HOUSE OF REPRESENTATIVES. The House of Representatives-- (1) urges all stakeholders in the deployment of 5G communications infrastructure to carefully consider adherence to the recommendations of ``The Prague Proposals'' (as described in section 2) as they procure products and services across their supply chain; and (2) encourages the President and Federal agencies to promote global trade and security policies that are consistent with ``The Prague Proposals'' and urge our allies to embrace the recommendations of ``The Prague Proposals'' for their 5G infrastructure. SEC. 2. PRAGUE PROPOSALS. The text of ``The Prague Proposals'' is as follows: (1) ``Policy''.-- (A) ``Communication networks and services should be designed with resilience and security in mind. They should be built and maintained using international, open, consensus- based standards and risk-informed cybersecurity best practices. Clear globally interoperable cyber security guidance that would support cyber security products and services in increasing resilience of all stakeholders should be promoted.''. (B) ``Every country is free, in accordance with international law, to set its own national security and law enforcement requirements, which should respect privacy and adhere to laws protecting information from improper collection and misuse.''. (C) ``Laws and policies governing networks and connectivity services should be guided by the principles of transparency and equitability, taking into account the global economy and interoperable rules, with sufficient oversight and respect for the rule of law.''. [[Page H42]] (D) ``The overall risk of influence on a supplier by a third country should be taken into account, notably in relation to its model of governance, the absence of cooperation agreements on security, or similar arrangements, such as adequacy decisions, as regards data protection, or whether this country is a party to multilateral, international or bilateral agreements on cybersecurity, the fight against cybercrime, or data protection.''. (2) ``Technology''.-- (A) ``Stakeholders should regularly conduct vulnerability assessments and risk mitigation within all components and network systems, prior to product release and during system operation, and promote a culture of find/fix/patch to mitigate identified vulnerabilities and rapidly deploy fixes or patches.''. (B) ``Risk assessments of supplier's products should take into account all relevant factors, including applicable legal environment and other aspects of supplier's ecosystem, as these factors may be relevant to stakeholders' efforts to maintain the highest possible level of cyber security.''. (C) ``When building up resilience and security, it should be taken into consideration that malicious cyber activities do not always require the exploitation of a technical vulnerability, e.g. in the event of insider attack.''. (D) ``In order to increase the benefits of global communication, States should adopt policies to enable efficient and secure network data flows.''. (E) ``Stakeholders should take into consideration technological changes accompanying 5G networks roll out, e.g. use of edge computing and software defined network/network function virtualization, and its impact on overall security of communication channels.''. (F) ``Customer--whether the government, operator, or manufacturer--must be able to be informed about the origin and pedigree of components and software that affect the security level of the product or service, according to state of art and relevant commercial and technical practices, including transparency of maintenance, updates, and remediation of the products and services.''. (3) ``Economy''.-- (A) ``A diverse and vibrant communications equipment market and supply chain are essential for security and economic resilience.''. (B) ``Robust investment in research and development benefits the global economy and technological advancement and is a way to potentially increase diversity of technological solutions with positive effects on security of communication networks.''. (C) ``Communication networks and network services should be financed openly and transparently using standard best practices in procurement, investment, and contracting.''. (D) ``State-sponsored incentives, subsidies, or financing of 5G communication networks and service providers should respect principles of fairness, be commercially reasonable, conducted openly and transparently, based on open market competitive principles, while taking into account trade obligations.''. (E) ``Effective oversight on key financial and investment instruments influencing telecommunication network development is critical.''. (F) ``Communication networks and network service providers should have transparent ownership, partnerships, and corporate governance structures.''. (4) ``Security, privacy, and resilience''.-- (A) ``All stakeholders including industry should work together to promote security and resilience of national critical infrastructure networks, systems, and connected devices.''. (B) ``Sharing experience and best practices, including assistance, as appropriate, with mitigation, investigation, response, and recovery from network attacks, compromises, or disruptions should be promoted.''. (C) ``Security and risk assessments of vendors and network technologies should take into account rule of law, security environment, vendor malfeasance, and compliance with open, interoperable, secure standards, and industry best practices to promote a vibrant and robust cyber security supply of products and services to deal with the rising challenges.''. (D) ``Risk management framework in a manner that respects data protection principles to ensure privacy of citizens using network equipment and services should be implemented.''. The SPEAKER pro tempore. Pursuant to the rule, the gentleman from Pennsylvania (Mr. Michael F. Doyle) and the gentleman from Ohio (Mr. Latta) each will control 20 minutes. The Chair recognizes the gentleman from Pennsylvania. General Leave Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, I ask unanimous consent that all Members may have 5 legislative days in which to revise and extend their remarks and include extraneous material on H. Res. 575. The SPEAKER pro tempore. Is there objection to the request of the gentleman from Pennsylvania? There was no objection. Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, I yield myself such time as I may consume. Madam Speaker, I rise in support of H. Res. 575. This bipartisan legislation was introduced by Mr. Flores and Mr. Soto, both of whom are members of the Communications and Technology Subcommittee, which I chair. The bill before us expresses the sense of the House of Representatives that all stakeholders in the deployment of 5G communications infrastructure should carefully consider and adhere to the recommendations adopted at the Prague 5G Security Conference in May 2019 known as the Prague Proposals. These proposals serve as a cybersecurity framework for the adoption and deployment of 5G networks and were agreed upon last year in Prague at a meeting of over 30 Western-allied nations, as well as technical experts and equipment manufacturers. This framework acknowledges the risks posed by untrusted 5G network equipment offered by Chinese telecom providers such as Huawei. The Prague Proposals form the basis for a coordinated approach to shared security as we begin to transition to the next generation of wireless network technologies. The Communications and Technology Subcommittee has done extensive work this Congress on security implications of 5G technologies. I thank Mr. Flores and Mr. Soto for the good work they have done in bringing this important legislation to the floor. I also thank the Committee on Foreign Affairs and Chairman Engel for working with the Energy and Commerce Committee to advance this legislation. Madam Speaker, this is a good bill. I urge my colleagues to support it, and I reserve the balance of my time. House of Representatives, Committee on Foreign Affairs, Washington, DC, December 5, 2019. Hon. Frank Pallone, Jr., Chairman, Committee on Energy and Commerce, House of Representatives, Washington, DC. Dear Chairman Pallone: In recognition of the desire to expedite consideration of H. Res. 575, Expressing the sense of the House of Representatives that all stakeholders in the deployment of 5G communications infrastructure should carefully consider and adhere to the recommendations of ``The Prague Proposals,'' the Committee on Foreign Affairs agrees to waive formal consideration of the bill as to provisions that fall within the Rule X jurisdiction of the Committee on Foreign Affairs. The Committee on Foreign Affairs takes this action with the mutual understanding that we do not waive any jurisdiction over the subject matter contained in this or similar legislation, and the Committee will be appropriately consulted and involved as the bill or similar legislation moves forward so that we may address any issues within our jurisdiction. I ask you to support the appointment of Committee on Foreign Affairs conferees during any House- Senate conference convened on this legislation. Finally, thank you for agreeing to include a copy of our exchange of letters in the Congressional Record during floor consideration of H. Res. 575. Sincerely, Eliot L. Engel, Chairman. ____ House of Representatives, Committee on Energy and Commerce, Washington, DC, January 6, 2020. Hon. Eliot Engel, Chairman, Committee on Foreign Affairs, Washington, DC. Dear Chairman Engel: Thank you for consulting with the Committee on Energy and Commerce and agreeing to be discharged from further consideration of H. Res. 575, Expressing the sense of the House of Representatives that all stakeholders in the deployment of 5G communications infrastructure should carefully consider and adhere to the recommendations of ``The Prague Proposals,'' so that the bill may proceed expeditiously to the House floor. I agree that your forgoing further action on this measure does not in any way diminish or alter the jurisdiction of your committee or prejudice its jurisdictional prerogatives on this measure or similar legislation in the future. I agree that your Committee will be appropriately consulted and involved as this bill or similar legislation moves forward so that we may address any remaining issues within your jurisdiction. I would support your effort to seek appointment of an appropriate number of conferees from your Committee to any House-Senate conference on this legislation. I will place our letters on H. Res. 575 into the Congressional Record during floor consideration of the bill. I appreciate your cooperation regarding this legislation and look forward to continuing to work together as this measure moves through the legislative process. Sincerely, Frank Pallone, Jr., Chairman. [[Page H43]] Mr. LATTA. Madam Speaker, I yield myself such time as I may consume. Madam Speaker, I rise today in support of H. Res. 575, a resolution to encourage all stakeholders involved in the deployment of 5G communications technology to adhere to the Prague Proposals. The Prague Proposals resulted from the Prague 5G Security Conference earlier last year, where representatives from 32 countries met to discuss concerns about equipment supplied by certain vendors that pose a threat to national security. With 5G poised to support an array of critical functions and services over the next decade, it is imperative that we ensure the equipment used to build these networks is secure. By encouraging all stakeholders at home and abroad to abide by these principles, we are sending a strong message that we are taking the security of our networks seriously. Madam Speaker, I urge my colleagues to support this resolution, and I reserve the balance of my time. Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, I yield 2 minutes to the gentleman from Florida (Mr. Soto), who is a valuable member of the Energy and Commerce Committee and who has done extensive work on this legislation. Mr. SOTO. Madam Speaker, I thank Chairman Doyle and Ranking Member Latta, as well as Representative Flores, for all of their work and the work of the Energy and Commerce Committee. It is essential that the United States be at the forefront of the deployment and development of 5G technologies. 5G is the infrastructure that will allow our country to be the leader in the 21st century economy. There is fundamental importance of internet connectivity across the country for both metropolitan and rural areas, highlighting both cities and rural areas, and this is a need that telecom technology must be developed in a practical but secure way. In a district like mine, we have urban, suburban, and rural, so we look out for all of these different areas. The equipment and services in U.S. communications networks provide critical infrastructure for 5G deployment, making them appealing targets for foreign adversaries. For these companies in particular, experts have noted that China has ``the means, opportunity, and motive to use telecommunications companies for malicious purposes.'' We have seen this problem in Chinese telecom chips made by companies like Huawei and other supply chain security issues that have been making news as of late. We started local efforts in Florida's Ninth Congressional District, along with the University of Central Florida and others, to produce components that are tamper-resistant sensors developed at national foundries, like the BRIDG facility in central Florida. But we must do more. For these reasons, I am proud to be the Democratic colead on H. Res. 575. This resolution provides a sense of the House of Representatives that developers of 5G technologies abide by wireless technology recommendations made at the Prague 5G Security Conference. Some of these Prague Proposals include communications networks and services be designed with resilience and security in mind, and every country is free, in accordance with international law, to have security requirements. The SPEAKER pro tempore. The time of the gentleman has expired. Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, I yield the gentleman from Florida an additional 2 minutes. Mr. SOTO. Policies governing 5G deployment should be guided by principles of transparency and equitability. Stakeholders should conduct regular vulnerability assessments and risk mitigation of products. And customers must be able to be informed about the origin of components in software that affect the security level of the products they use. Madam Speaker, I thank Chairman Doyle, Mr. Flores, Mr. Latta, and others for their great work, and I urge everyone to support H. Res. 575. Mr. LATTA. Madam Speaker, I yield 3 minutes to the gentleman from Texas (Mr. Flores), and I applaud him on his hard work on this legislation. Mr. FLORES. Madam Speaker, I thank GOP leader Latta for yielding me time to support our bill. Madam Speaker, I rise in support of our resolution, H. Res. 575, which I introduced with my colleague Darren Soto from Florida, expressing strong support for the Prague Proposals, a set of 5G security recommendations agreed to by officials from the U.S. and 31 other countries during a conference in May 2019. 5G communication networks have the potential to transform the way we live. Collaboration with our international partners is paramount in the development of secure network architecture for the interconnected world of the future. 5G networks will have the capacity to support innovative technologies such as telemedicine, remote surgery, interconnected devices on the Internet of Things, and, importantly, bring high-speed broadband to the far reaches of rural communities to close the digital divide. But if the underlying network that these services operate on is not properly secured, bad actors will be able to exploit vulnerabilities to disrupt critical infrastructure, harming public safety and jeopardizing national security. It is imperative that we secure our networks on the front end of deployment to avoid potentially catastrophic consequences down the road. Recognizing these risks, the U.S. and those 31 other countries came together with representatives from the EU and NATO to agree on a set of commonsense principles necessary to maintain a secure, resilient network for next-generation communication. These proposals urge 5G stakeholders across the global supply technology chain to institute practical, proven solutions to mitigate risks and to protect against security threats. Among these proposals, the conference of 32 countries recognized the need for information sharing and encouraged regular risk assessment tests to mitigate vulnerabilities, while taking into consideration technological changes that will address the risks we may encounter in the future. Our resolution expresses the House of Representatives' support for these recommendations as an encouragement for stakeholders, government entities, and our international partners to work together to secure our 5G networks. Madam Speaker, I thank Mr. Soto for his work, and I urge my colleagues to support this important resolution. {time} 1600 Mr. LATTA. Madam Speaker, I am prepared to close. Madam Speaker, from the comments that we have heard on the floor today, it is so important that we pass this piece of legislation. It is a good piece of bipartisan legislation, and I urge its support from this House. Madam Speaker, I yield back the balance of my time. Mr. MICHAEL F. DOYLE of Pennsylvania. Madam Speaker, in closing, I echo what my good friend, Mr. Latta, says. This is a good bill, and I urge my colleagues to support it. Madam Speaker, I yield back the balance of my time. The SPEAKER pro tempore. The question is on the motion offered by the gentleman from Pennsylvania (Mr. Michael F. Doyle) that the House suspend the rules and agree to the resolution, H. Res. 575, as amended. The question was taken; and (two-thirds being in the affirmative) the rules were suspended and the resolution, as amended, was agreed to. The title of the resolution was amended so as to read: ``Resolution expressing the sense of the House of Representatives that all stakeholders in the deployment of 5G communications infrastructure should carefully consider adherence to the recommendations of `The Prague Proposals'.''. A motion to reconsider was laid on the table. ____________________
All in House sectionPrev40 of 88Next