China has equipment that can spy on us in our telecommunications networks. We must remove it now

Earlier this year a U.S. F-22 pilot shot down a massive balloon that had made its way across the American heartland with the ability to spy on American military installations. We join leaders across government in condemning the intrusion and in our call to hold the Chinese government accountable for its brazen violation of our airspace and sovereignty. But as the Chinese government’s spy balloon consumes our national attention, we cannot lose sight of the serious threat of espionage that already exists within our borders. Due to a shortfall in federal funding for a critical national security program under the Secure and Trusted Communications Act — commonly known as “rip and replace” — U.S. telecommunications networks remain riddled with insecure equipment manufactured by companies beholden to the government of China that can do everything from capture Americans’ data to disrupt critical communications at U.S. Strategic Command.

The potential consequences of the widespread infiltration of U.S. networks by Chinese state-connected companies Huawei Technologies Ltd. and ZTE Corporation have been documented by national security agencies since 2017, and they pose a much more immediate and invasive risk to national security than spy balloons. The findings of the U.S. intelligence and national security community are clear: this equipment provides the Chinese government with an entry point for capturing our conversations and harvesting the troves of data that we transmit over the airwaves each second, whether that data is traveling over a compromised network or another wireless system operating nearby. The equipment could also be used by the Chinese government to launch or amplify cyberattacks on civil, critical or military infrastructure. Worst of all, it could even be exploited to interfere with or interrupt U.S. military action, with the FBI finding that the technology’s positioning could impact U.S. Strategic Command’s communications regarding Intercontinental Ballistic Missiles — our nation’s nuclear arsenal.

The national security threat posed by Huawei and ZTE equipment in America’s networks is urgent. That’s why we and our colleagues in Congress and at the FCC acted to halt sales of this equipment to American telecommunications companies in 2019 and shortly thereafter enacted the Secure and Trusted Communications Networks Act and the Ensuring Network Security Act. Together, these laws created a reimbursement program for small, rural telecom providers to “rip and replace” compromised Chinese-made equipment from their networks.

Huawei and ZTE equipment is subsidized by the Chinese government, reducing the cost in exchange for its lack of security. This reimbursement program therefore is essential to ridding our networks of this insecure technology because it is overwhelmingly small, rural networks in underserved communities that have relied on the inexpensive Huawei and ZTE equipment to provide connectivity. Take Northern Michigan University’s Education Access Network, which serves students and families in Michigan’s rural and chronically underserved Upper Peninsula. These small networks — many placed close to sensitive military sites — are often operated by providers that can’t afford to replace this equipment on their own. That’s where Congress was supposed to come in. 

Unfortunately, when Congress provided the funding for this program, it based its $1.9 billion allocation on 2019 cost estimates that did not anticipate a global pandemic and the increased expense that came with it. The initial estimates also did not account for the cost to destroy the equipment and confirm its destruction — an essential step to prevent re-compromising the supply chain via secondary or black markets. The FCC now confirms that in 2022 dollars, rural providers will have to pay approximately $5 billion to fully remove, destroy, and replace Huawei and ZTE equipment in their networks.

That leaves a shortfall of about $3.1 billion, which no doubt is a significant expense. But the cost of failing to secure our networks is orders of magnitude higher. What happens if the shortfall goes unaddressed? Absent legislative action by July 15, 2023, the FCC will be required to reimburse rip and replace projects at only 40 cents on the dollar. That will mean in some cases indefinite delays in securing our networks and the rationing of wireless service across rural America. Compounding this issue is the fact that for providers who can’t afford to rip and replace without a higher subsidy, they will lose access to the Universal Service Fund, an essential lifeline for providers operating in underserved areas. In effect, turning a blind eye toward the program will force rural communities to live with a disastrous choice: insecure services ripe for surveillance or no service at all. That is unacceptable.

It’s why we are leading this call on behalf of rural communities and our national security: let China’s spy balloon incursion be the catalyst for us to eliminate the threat of Chinese government intelligence operations already imbedded in our telecommunications infrastructure once and for all. For the security of every American, Congress must act now to fully fund “rip and replace.”

Gary C. Peters is a United States Senator from Michigan, member of the Commerce Committee, Armed Services Committee, Appropriations Committee and Chairman of the Homeland Security and Governmental Affairs Committee. Geoffrey Starks is a Commissioner on the Federal Communications Commission.