Federal Communications Commission FCC 15-95 Before the Federal Communications Commission Washington, D.C. 20554 In the Matters of Improving 911 Reliability Reliability and Continuity of Communications Networks, Including Broadband Technologies ) ) ) ) ) ) PS Docket No. 13-75 PS Docket No. 11-60 ORDER ON RECONSIDERATION Adopted: July 29, 2015 Released: July 30, 2015 By the Commission: Commissioner O’Rielly issuing a separate statement. TABLE OF CONTENTS I. INTRODUCTION.................................................................................................................................. 1 II. BACKGROUND.................................................................................................................................... 3 A. 911 Reliability Order ....................................................................................................................... 3 B. Intrado Petition ................................................................................................................................ 5 C. Comments ........................................................................................................................................ 9 III. DISCUSSION ...................................................................................................................................... 10 A. Network Reliability During the Transition to Next Generation 911 (NG911) .............................. 10 B. Clarification of Certification Requirements................................................................................... 14 1. Circuit Auditing....................................................................................................................... 14 2. Network Monitoring................................................................................................................ 19 IV. PROCEDURAL MATTERS................................................................................................................ 21 A. Paperwork Reduction Act .............................................................................................................. 21 B. Supplemental Final Regulatory Flexibility Analysis ..................................................................... 23 C. Congressional Review Act............................................................................................................. 25 V. ORDERING CLAUSES....................................................................................................................... 26 I. INTRODUCTION 1. In December 2013, the Federal Communications Commission (Commission) adopted rules requiring 911 communications providers to take reasonable measures to provide reliable service, as evidenced by an annual certification. 1 Covered entities must certify whether they have implemented specified best practices or reasonable alternative measures with respect to critical 911 circuit diversity, central office backup power, and diverse network monitoring. 2 These rules responded to “significant, but avoidable, vulnerabilities in 911 network architecture, maintenance, and operation,” revealed during a June 2012 derecho storm that left 3.6 million people in six states without 911 service for several hours to 1 Improving 911 Reliability; Reliability and Continuity of Communications Networks, Including Broadband Technologies, PS Docket Nos. 13-75, 11-60, Report and Order, 28 FCC Rcd 17476 (2013), available at http://transition.fcc.gov/Daily_Releases/Daily_Business/2013/db1212/FCC-13-158A1.pdf (911 Reliability Order). 2 47 C.F.R. § 12.4(c). Federal Communications Commission FCC 15-95 2 several days. 3 In light of these preventable failures, the Commission determined that “the discharge of our statutory responsibility for promoting the safety of life and property no longer justifies relying solely on the implementation of key best practices on a voluntary basis.” 4 The Commission added, however, that by adopting a mandatory certification approach, “we seek to maximize flexibility and account for differences in network architectures without sacrificing 911 service reliability.” 5 2. In this Order on Reconsideration, we revise the rules to clarify certain 911 reliability certification requirements in response to a “Motion for Clarification or, in the Alternative, Petition for Partial Reconsideration” filed by Intrado, Inc. 6 In so doing, we rely on two guiding principles from the 911 Reliability Order. First, ensuring reliability of 911 service is a critical aspect of our statutory mandate to act “for the purpose of promoting safety of life and property.” 7 Second, “while all Americans have an expectation of reliable 911 service, appropriate actions to improve and maintain reliability may vary by service provider and location.” 8 Specifically, we clarify that under section 12.4 of the Commission’s rules, Covered 911 Service Providers may implement and certify an alternative measure for any of the specific certification elements, as long as they provide an explanation of how such alternative measures are reasonably sufficient to mitigate the risk of failure. 9 We believe that this should include an explanation of how the alternative will mitigate such risk at least to a comparable extent as the measures specified in our rules. While it may be possible that an alternative measure that cannot be shown to be comparable in reducing the risk of failure could be deemed reasonably sufficient in a particular case, a provider advancing such an alternative measure will face a heavy burden in demonstrating why comparability cannot be achieved, how the risk of failure has been reduced, and why, given the level to which the risk has been reduced, the measure taken to achieve this result should be regarded as reasonably sufficient to address the vulnerabilities at issue. II. BACKGROUND A. 911 Reliability Order 3. The 911 Reliability Order adopted section 12.4 of our rules, which defines the scope of Covered 911 Service Providers 10 and sets forth the elements for an annual certification requirement with 3 911 Reliability Order, 28 FCC Rcd at 17477 ¶ 2, 17482 ¶ 17. 4 Id. at 17486 ¶ 28; see also 47 U.S.C. § 151 (directing the Commission to “make available, so far as possible, to all people of the United States, . . . a . . . wire and radio communication service . . . for the purpose of promoting safety of life and property”). 5 Id. at 17477 ¶ 3. 6 Intrado, Inc., Motion for Clarification or, in the Alternative, Petition for Partial Reconsideration, PS Docket Nos. 13-75, 11-60 (Feb. 18, 2014) (Intrado Petition). 7 See 911 Reliability Order, 28 FCC Rcd at 17484 ¶ 23, quoting 47 U.S.C. § 151. 8 Id. at 17488 ¶ 35. 9 Accordingly, we revise our rules to eliminate ambiguities arising from the instructions in sections 12.4(c)(1)(ii) and 12.4(c)(3)(ii) for making the alternative certification for the circuit auditing and network monitoring requirements, respectively. As discussed in greater detail below, for each of these two requirements, the applicable set of instructions describes the use of an alternative to only one of the specified elements for the requirement as the trigger for mandating the alternative certification, thereby raising the question of whether a Covered 911 Service Provider can use alternative measures in lieu of the other elements specified for the circuit auditing and network monitoring requirements. 10 Covered 911 Service Providers are defined as entities that provide 911, E911, or NG911 capabilities such as call routing, automatic location information (ALI), automatic number identification (ANI), or the functional equivalent of those capabilities, directly to a public safety answering point (PSAP), or that operate one or more central offices that directly serve a PSAP. See 47 C.F.R. § 12.4(a)(4)(i); 911 Reliability Order, 28 FCC Rcd at 17488-89, ¶ 36. Federal Communications Commission FCC 15-95 3 respect to circuit auditing, backup power, and network monitoring. 11 As pertinent here, under the “circuit auditing” portion of the certification, the elements specified by the rules require Covered 911 Service Providers to certify annually whether they have (1) audited the physical diversity of critical 911 circuits 12 or equivalent data paths to any public safety answering point (PSAP) served, (2) tagged such circuits to reduce the probability of inadvertent loss of diversity between audits, 13 and (3) eliminated all single points of failure in critical 911 circuits or equivalent data paths serving each PSAP. 14 If a Covered 911 Service Provider has not implemented the third element (i.e., the elimination of all single points of failure), it must certify “[w]hether it has taken alternative measures to mitigate the risk of critical 911 circuits that are not physically diverse or is taking steps to remediate any issues that it has identified with respect to 911 service to the PSAP.” 15 Respondents also may certify that the circuit auditing requirement is not applicable because they do not operate any critical 911 circuits. 16 The “network monitoring” portion of the overarching certification requirement contains a similar approach with respect to its elements (i.e., conducting audits of aggregation points for gathering network monitoring data, conducting audits of monitoring links, and implementing physically diverse aggregation points and links). 17 The “backup power” portion of the certification – which is not at issue here – requires Covered 911 Service Providers to indicate whether they provide at least 24 hours of backup power at any central office that directly serves a PSAP or at least 72 hours at any central office that hosts a selective router, and whether they have implemented certain design and testing procedures for backup power equipment. 18 4. The elements that comprise the certification requirement are designed to reinforce the core responsibility imposed by section 12.4(b) of our rules, which is to “take reasonable measures to provide reliable 911 service with respect to circuit diversity, central-office backup power, and diverse network monitoring.” 19 Section 12.4(b) provides, however, that “[i]f a Covered 911 Service Provider cannot certify that it has performed a given element, the Commission may determine that such provider 11 See 47 C.F.R. § 12.4(c). An Initial Reliability Certification of substantial progress toward meeting each certification requirement is due October 15, 2015, one year after approval by the Office of Management and Budget (OMB) of the associated information collection, with full annual certifications following each year thereafter. See 47 C.F.R. § 12.4(d)(1); Public Safety and Homeland Security Bureau Announces Effective Dates of 911 Reliability Certification and PSAP Outage Notification Requirements, Public Notice, DA 14-1664 (rel. Nov. 18, 2014), available at https://apps.fcc.gov/edocs_public/attachmatch/DA-14-1664A1.pdf. 12 Critical 911 circuits are defined as “911 facilities that originate at a selective router or its functional equivalent and terminate in the central office that serves the PSAP(s) to which the selective router or its functional equivalent delivers 911 calls, including all equipment in the serving central office necessary for the delivery of 911 calls to the PSAP(s).” They also include automatic location information (ALI) and automatic number information (ANI) facilities that originate at the ALI or ANI database and terminate in the central office that serves the PSAP. See 47 C.F.R. § 12.4(a)(5). 13 The rules define tagging as “[a]n inventory management process whereby critical 911 circuits are labeled in circuit inventory databases to make it less likely that circuit rearrangements will compromise diversity.” Covered 911 Service Providers may use any system they wish to tag circuits so long as it tracks whether those circuits are physically diverse and identifies changes that would compromise such diversity. See 47 C.F.R. § 12.4(a)(11). 14 See 47 C.F.R. § 12.4(c)(1)(i). 15 47 C.F.R. § 12.4(c)(1)(ii)(A). 16 For example, small or rural local exchange carriers (LECs) may provide administrative lines to PSAPs but do not typically operate selective routers or control the facilities that connect selective routers to the central offices serving each PSAP. In such cases, they could respond that the circuit auditing element of the certification is not applicable. 17 See 47 C.F.R. § 12.4(c)(3). 18 See 47 C.F.R. § 12.4(c)(2)(i). 19 47 C.F.R. § 12.4(b). Federal Communications Commission FCC 15-95 4 nevertheless satisfies the requirements of this subsection (b) based upon a showing in accordance with subsection (c) that it is taking alternative measures with respect to that element that are reasonably sufficient to mitigate the risk of failure, or that one or more certification elements are not applicable to its network.” 20 The Commission intended this certification approach to be “more flexible than uniform standards,” while providing assurance to PSAPs and the public that known vulnerabilities in 911 networks will be identified and corrected promptly. 21 B. Intrado Petition 5. The Intrado Petition seeks clarification or reconsideration of certification requirements under sections 12.4(c)(1) and 12.4(c)(3) to the extent that they would require all Covered 911 Service Providers to audit and tag 911 circuits, and audit network monitoring links, without the option of certifying reasonable alternative measures in lieu thereof. 22 Intrado, which provides services such as call routing and location information over an Internet protocol (IP)-based network, argues that “[a]uditing and tagging are concepts derived from the traditional 911 architecture of the [incumbent local exchange carriers (ILECs)], where the ILEC 911 service provider presumably controls the physical path of the circuit from the selective router to the serving wire center and knows whether it is diverse at any given moment.” 23 Intrado’s network, by contrast, “disperses critical functions into geographically diverse and redundant locations and uses dual paths and different network providers to transmit its Critical 911 Circuits.” 24 6. Intrado observes that the structure and numbering of section 12.4(c) can be interpreted to require that all Covered 911 Service Providers must audit and tag critical 911 circuits and audit network monitoring links, and may rely on alternative measures only with respect to eliminating single points of failure in those facilities. 25 Read in isolation, certain statements in the 911 Reliability Order may also suggest that the option of certifying alternative measures applies only to remedial actions – i.e., how to cure an absence of complete physical diversity identified through audits and tagging. 26 Intrado argues that this interpretation would appear inconsistent with section 12.4(b), which provides that if a Covered 911 Service Provider “cannot certify that it has performed a given element,” it may nevertheless satisfy the “reasonable measures” requirement through a certification of alternative measures. 27 7. Intrado argues that two issues may prevent it and other IP-based providers from being able to audit and certify the precise path of their circuits or equivalent data paths for 911 call traffic at any given time. First, “the underlying carriers could conflate their respective physical paths so that they are 20 Id. 21 911 Reliability Order, 28 FCC Rcd at 17499 ¶ 68. 22 Intrado Petition at 2-3. 23 Id. at 9. 24 Id. 25 See Intrado Petition at 6; 47 C.F.R. § 12.4(c)(1)(ii) (opportunity to demonstrate alternative measures applicable to subsection (c)(1)(i)(C), omitting subsections (c)(1)(i)(A) and (B)); 47 C.F.R. § 12.4(c)(3)(ii) (similar citation to subsection (c)(3)(i)(C), omitting subsections (c)(3)(i)(A) and (B)). 26 See Intrado Petition at 6, n.18; 911 Reliability Order, 28 FCC Rcd at 17503, ¶ 80 (“Under these rules, all Covered 911 Service Providers must conduct annual audits of the physical diversity of their critical 911 circuits and tag those circuits to prevent rearrangement, but they may take a range of corrective measures most appropriate for their networks and PSAP customers.”); Id. at 17509, ¶ 97 (“In lieu of eliminating single points of failure, providers also may certify that they have taken specific, alternative measures reasonably sufficient to mitigate the risk of insufficient physical diversity.”). 27 Intrado Petition at 5-7; 47 C.F.R. § 12.4(b) (emphasis added). Federal Communications Commission FCC 15-95 5 combined on one of their networks or on the network of a third-party carrier for one or more segments,” in which case “Intrado has no way of ensuring that the underlying provider informs Intrado if such conflation occurs.” 28 Second, “a significant portion of Intrado’s facilities rely on multiprotocol label switching (MPLS) technology, which does not permit the underlying provider – let alone Intrado – to track its circuit path at any given moment.” 29 8. Intrado cites the apparent conflict between sections 12.4(b) and 12.4(c) as a basis for requesting clarification of those rules such that “[p]roviders may take reasonable alternative measures to meet the Commission’s standards in lieu of implementing any of the best practices adopted by the Order.” 30 It adds that “[t]his would include confirming that Providers may take reasonable alternative measures instead of conducting Diversity Audits, tagging Critical 911 Circuits, or auditing Monitoring Links.” 31 Intrado argues that “a narrow interpretation of the rules could require Providers to focus on form over substance and divert resources away from implementing innovative alternative measures that improve network reliability to focus on complying with a ‘one-size-fits-all’ certification obligation.” 32 C. Comments 9. In response, the Commission received one comment and one reply comment, both in support of Intrado’s position. Texas 911 Entities “support[s] the Commission . . . providing additional clarification or interpretation regarding the Order in the context of more modern 9-1-1 network designs,” including MPLS networks and situations “where the network provided by a subcontractor or commercial vendor may be one component of a larger governmental entity solution.” 33 AT&T “fully supports the Intrado Petition as a broad request for clarification and reconsideration of the 911 Reliability Order and accompanying proposed rules” but argues that any relief should extend to “all Covered 911 Service Providers,” not just to IP-based providers similarly situated to Intrado. 34 III. DISCUSSION A. Network Reliability During the Transition to Next Generation 911 (NG911) 10. As discussed in greater detail below, we first clarify that the certification framework adopted in the 911 Reliability Order was intended to allow flexibility for all Covered 911 Service Providers to rely on reasonable alternative measures in lieu of any given element of the certification set forth in section 12.4(c). The overarching purpose of the certification, including the attestation of a responsible corporate officer, is to “hold service providers accountable for decisions affecting 911 reliability.” 35 We agree with Intrado that “[t]he Commission did not intend the certification process to be prescriptive, but adopted a certification mechanism that provides Covered 911 Service Providers with flexibility and a means of demonstrating that they are taking reasonable measures to ensure the reliability of their 911 service.” 36 Inflexible insistence on specified actions as part of each certification despite 28 Intrado Petition at 9. 29 Id. 30 Id. at 3 (emphasis in original). 31 Id. 32 Id. 33 Texas 911 Entities Comments at 3-4. Texas 911 Entities represents the combined views of the Texas 911 Alliance, a group of 25 Texas emergency communication districts, and the Texas Commission on State Emergency Communications (CSEC), the state 911 agency. 34 AT&T Reply Comments at 2-3. 35 911 Reliability Order, 28 FCC Rcd at 17495-96 ¶ 54, 59; 47 C.F.R. § 12.4(a)(3). 36 Intrado Petition at 4 (internal quotation marks omitted). Federal Communications Commission FCC 15-95 6 technical considerations that show those actions may not be appropriate in all cases would undermine this principle of flexibility without advancing the Commission’s goal of improving 911 reliability. 11. Moreover, flexibility is essential to support and encourage the transition to NG911. In the 911 Reliability Order, the Commission stated that “we intend today’s rules to apply to current 911 networks, as well as NG911 networks to the extent they provide functionally equivalent capabilities to PSAPs.” 37 At that time, the Commission was “not persuaded that NG911 technologies have evolved to the point that reliability certification rules should apply to entities beyond those that offer core services functionally equivalent to current 911 and E911 capabilities” but it noted that it may “revisit this distinction in the future as technology evolves.” 38 Accordingly, the 911 Reliability Order contemplated a review of the certification rules in five years, noting that such a review should “include consideration of whether [the rules] should be revised or expanded to cover new best practices or additional entities that provide NG911 capabilities, or in light of our understanding about how NG911 networks may differ from legacy 911 service.” 39 12. Events since the adoption of the 911 Reliability Order have underscored that the NG911 transition is well underway in many parts of the Nation. 40 In recognition of this transition, the Commission intended its 911 reliability rules to be technology-neutral and made clear that functionally equivalent 911 capabilities should be treated consistently for purposes of the certification. 41 We reaffirm that principle here. Accordingly, we do not intend to create disparate certification standards for IP-based providers, or to discourage the implementation of NG911 by imposing certification requirements that would not be appropriate for IP-based networks. Rather, we clarify that the certification framework adopted in the 911 Reliability Order allows flexibility for all Covered 911 Service Providers – legacy and IP-based – to certify reasonable alternative measures to mitigate the risk of failure in lieu of specified certification elements, and we amend our rules to eliminate any ambiguity on this point. 42 In keeping with the Commission’s statement in the 911 Reliability Order that reliability certification requirements should be “consistent with current best practices but also flexible enough to account for differences in 911 and NG911 networks,” 43 we believe that our implementation of the certification should be guided by these same principles. 13. To be clear, this flexibility is limited by the substantive standard in Section 12.4(b) of requiring “reasonable measures” to provide reliable 911 service, and is not an invitation for any Covered 911 Service Provider to avoid certification obligations. As provided in the 911 Reliability Order, if a 37 911 Reliability Order, 28 FCC Rcd at 17479 ¶ 9. 38 Id. at 17491 ¶ 42. 39 Id. at 17533 ¶ 159. 40 See 911 Governance and Accountability; Improving 911 Reliability, PS Docket Nos. 14-193 and 13-75, Policy Statement and Notice of Proposed Rulemaking, 29 FCC Rcd 14208 (2014), available at https://apps.fcc.gov/edocs_public/attachmatch/FCC-14-186A1.pdf (911 Governance NPRM). Among other things, the 911 Governance NPRM proposed to adopt additional certification requirements for NG911 providers regarding software and database configuration and testing, as well as situational awareness and information sharing. We do not address those proposals here and emphasize that our response to the Intrado Petition is limited to clarification of existing certification obligations adopted in the 911 Reliability Order. 41 See 911 Reliability Order, 28 FCC Rcd at 17489 ¶ 37 (“To minimize the risk of unintended effects, we describe covered entities in terms of the core 911 capabilities they provide rather than the technology they employ or how they are currently classified under our rules.”). 42 See AT&T Reply Comments at 1-2 (seeking to “insure that the Intrado Petition is not inadvertently misconstrued to limit the requested relief (i.e., clarification or reconsideration) to only Covered 911 Service Providers similarly situated to Intrado”). 43 911 Reliability Order, 28 FCC Rcd at 17496 ¶ 58. Federal Communications Commission FCC 15-95 7 Covered 911 Service Provider certifies that it has taken alternative measures to mitigate the risk of failure, or that a certification element is not applicable to its network, its certification is subject to a more detailed Bureau review. 44 If the Bureau’s review indicates that a provider’s alternative measures are not reasonably sufficient to ensure reliable 911 service, the Bureau should first engage with the provider and other interested stakeholders (e.g., affected PSAPs) to address any shortcomings. To the extent that such a collaborative process does not yield satisfactory results, the Bureau may order remedial action consistent with its delegated authority. 45 We intend this process to allow flexibility to employ alternative – but reliable – network designs and technologies, not to create an exception that would swallow the rule. B. Clarification of Certification Requirements 1. Circuit Auditing 14. We clarify that Covered 911 Service Providers responding to the circuit auditing portion of the certification under section 12.4(c)(1) may certify their implementation of reasonable alternative measures in lieu of auditing and tagging critical 911 circuits, provided that they include an explanation of such alternative measures and why they are reasonable under the circumstances. Accordingly, we amend section 12.4(c)(1)(ii) to make clear that this option applies to all of the elements of section 12.4(c)(1)(i) and not just subsection 12.4(c)(1)(i)(C). 46 15. The circuit auditing requirement adopted in the 911 Reliability Order was based upon a CSRIC best practice urging network operators to “periodically audit the physical and logical diversity called for by network design of their network segment(s) and take appropriate measures as needed.” 47 As Intrado argues, however, appropriate measures to preserve physical and logical diversity may differ between circuit-switched time division multiplexing (TDM) and IP-based networks because IP-based routing and, in the event of an outage, re-routing can occur dynamically over many possible paths. 48 Further, as the Texas 911 Entities observe, “the ability of an underlying MPLS technology provider to track its circuit paths at any given moment may not be technically feasible, or what the Commission intended in the context of that technology.” 49 As discussed above, the certification process is intended to be flexible to account for these types of technical considerations and to allow for alternative measures where appropriate. Our assessment of whether such measures are reasonably sufficient to mitigate the risk of failure may be informed by, but not limited to, the question whether the measures specified in our rules are technically feasible. 16. As the Intrado Petition acknowledges, the option to certify alternative measures allows the Commission to “maintain oversight because Providers would still be required to disclose to the agency what steps were taken to accomplish these reliability goals.” 50 Such information will help 44 See 47 C.F.R. § 0.392(j); 911 Reliability Order, 28 FCC Rcd at 17497 ¶ 62 (“The Bureau will consider a number of factors in determining whether the particular alternative measures are reasonably sufficient to ensure reliable 911 service. Such factors may include the technical characteristics of those measures, the location and geography of the service area, the level of service ordered by the PSAP, and state and local laws (such as zoning and noise ordinances).”). 45 See 911 Reliability Order, 28 FCC Rcd at 17497 ¶ 63. 46 See infra, Appendix. We also harmonize the language of section 12.4(c)(1)(ii) with that of section 12.4(c)(2)(ii) and 12.4(c)(3)(ii). 47 See 911 Reliability Order, 28 FCC Rcd at 17504 ¶ 82; CSRIC Best Practice 9-9-0532, available at https://www.fcc.gov/nors/outage/bestpractice/DetailedBestPractice.cfm?number=9-9-0532. 48 See Intrado Petition at 9. 49 Texas 911 Entities Comments at 2. 50 Intrado Petition at 7. Federal Communications Commission FCC 15-95 8 demonstrate whether the alternative measures chosen by the Covered 911 Service Provider constitute a reasonable approach for addressing the risks that the circuit auditing and tagging elements are designed to ameliorate. While technical infeasibility is not a prerequisite to the use of alternative measures, explanations of alternative measures with respect to circuit audits and tagging should nevertheless include an assessment of the technical feasibility of circuit audits and tagging in light of the respondent’s network architecture. We also expect such explanations to describe affirmative steps in lieu of audits and tagging to mitigate the risk of a service disruption due to a lack of physical diversity; we will not consider it sufficient or reasonable to respond that no circuit diversity measures are necessary under the circumstances. Technology transitions have already resulted in a variety of hybrid 911 network architectures in which some functions are provided over legacy TDM circuits and others are provided over IP-based infrastructure. 51 In such cases, our rules as revised will permit the provider to certify reasonable alternative measures with respect to either portion of the network. 17. The Intrado Petition also reflects a shift in 911 network architecture from facilities owned and operated by a single provider to a combination of network transport and data processing elements that may be provided by multiple entities. Intrado states that “in contrast to legacy ILEC providers that own and control the transport facilities over which 911 calls and data are transported, Intrado procures transport services for the delivery of 911 calls and for ALI/ANI from third party transport providers.” 52 Our rules as revised in this Order on Reconsideration will account for such arrangements while preserving accountability for reliable service. The 911 Reliability Order briefly addressed auditing of critical 911 circuits leased from third parties, stating that “[i]n cases where a party provides 911 services directly to a PSAP (pursuant to contract or tariff) over leased facilities, the auditing obligation would apply to that party, and not to the facilities lessor.” 53 The Commission also suggested that Covered 911 Service Providers could contract with facilities lessors, if necessary, to audit and tag leased circuits, but that the entity providing 911 service under a direct contractual relationship with each PSAP would remain responsible for certifying compliance with those requirements. 54 We reaffirm those principles here, but clarify that Covered 911 Service Providers (i.e., the entities with direct contractual relationships with PSAPs) that rely on such contracts may implement and certify reasonable alternative measures as set forth above. We emphasize, however, that the contracting out of certain functions, or the determination of a PSAP to contract with more than one entity for various aspects of 911 service, does not absolve individual entities of their respective obligations for reliable 911 service. 55 While respondents may certify reasonable alternative measures to mitigate the risk of failure due to insufficient physical diversity of leased circuits, we will not consider it reasonable or sufficient to indicate that such circuits are 51 See Multistate Outage Report at 3 (software “was designed to keep track of the trunk assignment for 911 calls assigned to numerous PSAPs around the nation that (at some point in the architecture) relied on centralized automatic messaging accounting (CAMA) trunking, a legacy TDM type of trunk”). 52 Intrado Petition at 8 53 911 Reliability Order, 28 FCC Rcd at 17506 ¶ 90. 54 Id. 55 “[T]he Commission has long held that licensees and other Commission regulatees are responsible for the acts and omissions of their employees and independent contractors.” Eure Family Limited Partnership, Memorandum Opinion and Order, 17 FCC Rcd 21861, 21863-64 ¶ 7 (2002). See also 47 U.S.C. § 217 (“[T]he act, omission, or failure of any officer, agent, or other person acting for or employed by any common carrier or user, acting within the scope of his employment, shall in every case be also deemed to be the act, omission, or failure of such carrier or user as well as that of the person.”); Telcordia Technologies, Inc. Petition to Reform Amendment 57 and to Order a Competitive Bidding Process for Number Portability Administration, Order, 30 FCC Rcd 3082, 3137 ¶ 126 (2015) (noting that a local number portability administrator’s (LNPA’s) security commitments “will apply to any subcontracted and supported elements of LNP service, which is proper, as we will hold [the LNPA] liable for all actions of its subcontractors and agents”). Federal Communications Commission FCC 15-95 9 not a Covered 911 Service Provider’s responsibility because they belong to a third party. 56 18. Where Covered 911 Service Providers are leasing or subcontracting for critical 911 circuits, the Commission’s assessment of whether alternative measures in lieu of circuit audits or tagging are reasonable under the circumstances will be informed, in part, by certification responses identifying the parties involved, as well as details about the contractual provisions – or lack thereof – governing such relationships. For example, do IP-based Covered 911 Service Providers increase the diversity of their networks by dividing traffic among two different MPLS service providers? 57 In cases where a PSAP depends on IP network access for its 911 services, Covered 911 Service Providers might also promote reliability of each PSAP’s IP network access by ordering redundant access for the PSAP from multiple providers (such as ILEC, cable, and wireless providers). In addition, for cases where MPLS is used to provide 911 services, MPLS service level agreements, reliability objectives, and remedies specified for failure to meet such requirements and/or objectives may also ensure accountability for reliable service. We will expect Covered 911 Service Providers that provide critical 911 circuits to PSAPs in partnership with other service providers or that share responsibility for circuit diversity with another service provider to include a description of such arrangements and the identity of such third parties as part of their explanation of alternative measures. 58 Descriptions of alternative measures may also include references to any services provided under contract where circuit diversity is not expressly defined, but is instead achieved through a service level agreement providing comparable assurances of resiliency. These and other affirmative steps, in lieu of circuit audits and tagging, may demonstrate reasonable measures to provide reliable service, depending on individual circumstances, while improving the Commission’s situational awareness regarding NG911 deployment and resiliency. Explanations submitted through the annual certification process will have the added benefit of providing the Commission with up-to-date, empirical information about the transition to NG911 throughout the Nation. 2. Network Monitoring 19. Finally, and for the reasons discussed above, we clarify that Covered 911 Service Providers responding to the network monitoring portion of the certification under section 12.4(c)(3) may certify their implementation of reasonable alternative measures in lieu of conducting diversity audits of monitoring links and aggregation points for network monitoring data, provided that they include an explanation of such alternative measures and why they are reasonable under the circumstances. Accordingly, we amend the text of section 12.4(c)(3)(ii) to make clear that this option applies to all of the elements of section 12.4(c)(3)(i) and not just subsection 12.4(c)(3)(i)(C). 59 56 As Intrado observes, “[w]hen Intrado places its Critical 911 Circuits on the networks of other carriers, those circuits are not the underlying carriers’ Critical 911 Circuits. As such, the reliability rule does not require the underlying carrier to audit or tag those circuits on its own behalf.” Intrado Petition at 9. We agree but emphasize that Covered 911 Service Providers that provide service directly to PSAPs over the networks of other carriers must still take reasonable measures to provide reliable 911 service with respect to circuit diversity, see 47 C.F.R. § 12.4(b), and comply with annual certification requirements or reasonable alternative measures with respect to circuit audits, tagging, and elimination of single points of failure, see 47 C.F.R. § 12.4(c)(1). 57 See Intrado Petition at 8 (“Whenever possible … diversity is obtained by procuring diverse paths through separate carriers.”). 58 For example, a Covered 911 Service Provider that operates over leased circuits might have an agreement requiring the lessor to audit such circuits or provide some other assurance of physical diversity. Or, a Covered 911 Service Provider might indicate that it has an arrangement with a third-party broadband provider to deliver redundant network access to a PSAP whose critical 911 circuits cannot be made physically diverse for purposes of the certification. This option is intended to account for alternative measures involving multiple service providers and to give respondents an opportunity to clearly indicate such arrangements. 59 See infra, Appendix. Federal Communications Commission FCC 15-95 10 20. Intrado argues that “[b]ased on the text of the [911 Reliability Order], it appears that the Commission intended to permit Providers either to implement . . . best practices or take reasonable alternative measures with respect to . . . network monitoring elements, just as Providers may do for backup power.” 60 We agree. As the Commission observed in the 911 Reliability Order, “it is a sound engineering practice to design network monitoring architectures with visibility into the network through physically diverse aggregation points and monitoring links interconnecting to [network operations centers (NOCs)] to help avoid single points of failure.” 61 This requirement was based, however, on a CSRIC best practice recommending more generally that network operators “should monitor their network to enable quick response to network issues.” 62 Intrado argues that “it would be exceedingly difficult and may not be possible in all cases” for an IP-based service provider to “audit its Monitoring Links as those functions are defined in the Commission’s rules” without the option of certifying reasonable alternative measures. 63 At least one other commenter in the 911 reliability proceeding indicated plans to “route network monitoring traffic on a more resilient IP-enabled network,” 64 suggesting that many of the same technical limitations on circuit auditing discussed above with respect to critical 911 circuits may also extend to network monitoring facilities. We therefore amend our rules to clarify that the certification framework allows flexibility for Covered 911 Service Providers to implement and certify alternative measures, as long as they demonstrate that those alternative measures are reasonably sufficient under the circumstances to mitigate the risk of a network monitoring failure as set forth above. IV. PROCEDURAL MATTERS A. Paperwork Reduction Act 21. This document contains a non-substantive and non-material modification of information collection requirements that were previously reviewed and approved by the Office of Management and Budget (OMB). 65 In addition, we note that pursuant to the Small Business Paperwork Relief Act of 2002, Public Law 107-198, see 44 U.S.C. 3506(c)(4), we previously sought specific comment on how the Commission might further reduce the information collection burden for small business concerns with fewer than 25 employees. 22. In this present document, we have assessed the effects of various requirements adopted in the 911 Reliability Order and clarified the effect of certain recordkeeping, retention, and reporting requirements for Covered 911 Service Providers. We find that these actions are in the public interest because they reduce the burdens of these recordkeeping, retention, and reporting requirements without undermining the goals and objectives behind the requirements. The amendments we adopt today will reduce the burden on businesses with fewer than 25 employees. 60 Intrado Petition at 2. 61 911 Reliability Order, 28 FCC Rcd at 17524 ¶ 134. 62 See id.; CSRIC Best Practice 9-9-0401, available at https://www.fcc.gov/nors/outage/bestpractice/DetailedBestPractice.cfm?number=9-9-0401 63 Intrado Petition at 9. 64 911 Reliability Order, 28 FCC Rcd at 17525 ¶ 136 (citing AT&T Comments at 20-21, PS Docket Nos. 13-75, 11- 60 (2013)). 65 See OMB Control No. 3060-1202; 5 C.F.R. § 1320.5(g) (only substantive or material modification requires supplemental OMB approval). Federal Communications Commission FCC 15-95 11 B. Supplemental Final Regulatory Flexibility Analysis 23. As required by the Regulatory Flexibility Act of 1980 (RFA), 66 the Commission has prepared the following Supplemental Final Regulatory Flexibility Analysis (FRFA) relating to this Order on Reconsideration. As discussed in the initial FRFA in this proceeding, 67 the Commission sought comment on alternatives for small entities including: 1) the establishment of different compliance and reporting requirements; 2) clarification, consolidation, or simplification of compliance or reporting requirements for small entities; 3) the use of performance, rather than design, standards; and 4) an exemption from coverage of the rule, or any part thereof, for small entities. As the Commission stated in the FRFA, “[w]hile we acknowledge that small or rural service providers may have limited resources or operate in remote areas, 911 is no less a critical public service in any part of the nation, and we decline to establish two tiers of 911 reliability based on economics or geography.” 68 Accordingly, we intend our 911 reliability certification requirements – including the clarifications set forth in this Order on Reconsideration – to apply to all Covered 911 Service Providers without exceptions based on size or location, and we also decline to create a specific waiver procedure for entities to seek exemption from the rules. 24. That said, the Commission’s certification approach to 911 reliability continues to “allow[] flexibility for small or rural providers to comply with our rules in the manner most appropriate for their networks, and certain requirements will, by their nature, only apply to larger providers.” 69 In contrast to more prescriptive reliability requirements, the option to certify reasonable alternative measures in lieu of specified best practices minimizes regulatory burdens on small entities by recognizing a variety of acceptable approaches to providing reliable 911 service. If anything, the clarifications provided above offer additional flexibility to small entities by making clear that they may certify reasonable alternative measures in lieu of circuit audits and tagging depending on their individual circumstances and network architecture. Thus, the rules as clarified in this Order on Reconsideration continue to take into account the unique interests of small entities as required by the RFA. C. Congressional Review Act 25. The Commission will send a copy of this Order on Reconsideration to Congress and the Government Accountability Office pursuant to the Congressional Review Act. 70 V. ORDERING CLAUSES 26. Accordingly, IT IS ORDERED, pursuant to sections 1, 4(i), 4(j), 4(o), 201(b), 214(d), 218, 251(e)(3), 301, 303(b), 303(g), 303(r), 307, 309(a), 316, 332, 403, 405, 615a-1, and 615c of the Communications Act of 1934, as amended, 47 U.S.C. §§ 151, 154(i)-(j) & (o), 201(b), 214(d), 218, 251(e)(3),301, 303(b), 303(g), 303(r), 307, 309(a), 316, 332, 403, 405, 615a-1, and 615c, and sections 1.108 and 1.429 of the Commission’s rules, 47 C.F.R. §§ 1.1, 1.429, that this Order on Reconsideration IS ADOPTED. 27. IT IS FURTHER ORDERED that Part 12 of the Commission’s rules, 47 C.F.R. Part 12, IS AMENDED as set forth in the Appendix, and that such rule amendments SHALL BE EFFECTIVE 30 days after publication in the Federal Register. 66 See 5 U.S.C. § 604. The RFA, see 5 U.S.C. §§ 601-612, has been amended by the Small Business Regulatory Enforcement Fairness Act of 1996 (SBREFA), Pub. L. No. 104-121, Title II, Stat. 857 (1996). The SBREFA was enacted as Title II of the Contract with America Advancement Act of 1996. 67 911 Reliability Order, 28 FCC Rcd at 17546, Appendix C. 68 Id. at 17550, Appendix C. 69 Id. 70 See 5 U.S.C. § 801(a)(1)(A). Federal Communications Commission FCC 15-95 12 28. IT IS FURTHER ORDERED that the Motion for Clarification or, in the Alternative, Petition for Partial Reconsideration of Intrado, Inc., IS GRANTED to the extent described herein. 29. IT IS FURTHER ORDERED that the Commission SHALL SEND a copy of this Order on Reconsideration to Congress and to the Government Accountability Office pursuant to the Congressional Review Act, see 5 U.S.C. § 801(a)(1)(A). 30. IT IS FURTHER ORDERED that the Commission’s Consumer and Governmental Affairs Bureau, Reference Information Center, SHALL SEND a copy of this Order on Reconsideration, including the Supplemental Final Regulatory Flexibility Analysis, to the Chief Counsel for Advocacy of the Small Business Administration. FEDERAL COMMUNICATIONS COMMISSION Marlene H. Dortch Secretary Federal Communications Commission FCC 15-95 13 APPENDIX Final Rules For the reasons set forth above, 47 CFR part 12 is amended as follows: PART 12 – RESILIENCY, REDUNDANCY AND RELIABILITY OF COMMUNICATIONS 1. The authority citation for part 12 is revised to read as follows: Authority: Sections 1, 4(i), 4(j), 4(o), 5(c), 201(b), 214(d), 218, 219, 251(e)(3), 301, 303(b), 303(g), 303(j), 303(r), 307, 309(a), 316, 332, 403, 405, 615a-1, 615c, 621(b)(3), and 621(d) of the Communications Act of 1934, as amended, 47 U.S.C. §§ 151, 154(i), 154 (j), 154 (o), 155(c), 201(b), 214(d), 218, 219, 251(e)(3), 301, 303(b), 303(g), 303(j), 303(r), 307, 309(a), 316, 332, 403, 405, 615a-1, 615c, 621(b)(3), and 621(d) unless otherwise noted. 2. Amend §12.4 by revising paragraphs (c)(1)(ii) and (c)(3)(ii) to read as follows: § 12.4 Reliability of Covered 911 Service Providers * * * * * (c) * * * (1) * * * (ii) If a Covered 911 Service Provider does not conform with all of the elements in paragraph (c)(1)(i) of this section with respect to the 911 service provided to one or more PSAPs, it must certify with respect to each such PSAP: * * * (3) * * * (ii) If a Covered 911 Service Provider does not conform with all of the elements in paragraph (c)(3)(i) of this section, it must certify with respect to each such 911 Service Area: * * * * * * * Federal Communications Commission FCC 15-95 14 STATEMENT OF COMMISSIONER MICHAEL O’RIELLY Re: Improving 911 Reliability, PS Docket No. 13-75; Reliability and Continuity of Communications Networks, Including Broadband Technologies, PS Docket No. 11-60 Matters regarding reliable emergency communications are too important to be taken lightly or be handled in haste. Throughout this proceeding, I have been asking the Commission to think things through and do our best to get it right the first time. Unfortunately, we have not shown such necessary restraint. The philosophy seems to be act now, fix later. Since releasing the initial 911 reliability order a little over a year and a half ago, 1 we have already issued a notice of proposed rulemaking (“2014 Notice”) seeking to build upon and expand the needlessly- burdensome requirements. 2 I dissented to both of these items and specifically expressed concern that, in adopting these reliability rules, we should not have “rushed forward without greater thought and effort.” 3 And now we have today’s Order on Reconsideration clarifying aspects of the certification requirements adopted in the original order. Since the comment cycle for the 2014 Notice closed in the end of April, 4 it will not be long before we are presented with yet another item to modify these rules. Although the Commission should act as swiftly as possible, we cannot do so at the expense of quality and clarity. We must keep in mind that providers do not have infinite resources, they only have so many experts working on these issues, and they need time to meet the requirements under our rules. And, for industry to comply, these rules must be relatively stable, not stuck in a continuous cycle of being reconsidered or altered. Putting in place rules that are not fully cooked burdens providers, results in costs that are passed on to consumers, and hurts the Commission’s credibility. Regardless, I can support today’s order, because the clarification provides necessary flexibility when it comes to certifying compliance with the 911 reliability requirements. By permitting entities to show that they have implemented “alternative measures” for any of the prescriptive certification elements (e.g., circuit diversity auditing and network monitoring), entities will be able to implement reliability measures tailored to their individual networks. This should promote innovation, adoption of NG911 capabilities and, most importantly, resilient emergency communications systems that will ensure that Americans can reach first responders in times of need. 1 Improving 911 Reliability, Reliability and Continuity of Communications Networks, Including Broadband Technologies, PS Docket Nos. 13-75, 11-60, Report and Order, 28 FCC Rcd 17476 (2013). 2 911 Governance and Accountability, Improving 911 Reliability, PS Docket Nos. 14-193, 13-75, Policy Statement and Notice of Proposed Rulemaking, 29 FCC Rcd 14208 (2014). 3 Id. at 14265. 4 911 Governance and Accountability, Improving 911 Reliability, PS Docket Nos. 14-193, 13-75, Order, 30 FCC Rcd 2085 (2015) (extending the comment filing date to March 23, 2015 and the reply filing date to April 21, 2015).