WASHINGTON, D.C.—The Federal Communications Commission has announced a $15 million settlement with Charter Communications to resolve an Enforcement Bureau investigation into the company’s compliance with 911 and network outage notification rules.
As part of the settlement, Charter admits to violating the agency’s rules regarding notifications to public safety officials and the Commission in connection with three unplanned network outages and hundreds of planned, maintenance-related network outages that occurred last year.
“A 911 call is likely the most important call a person will ever make. Public safety officials need to be able to inform the public of alternate ways to reach emergency services in the event of an outage,” said chairwoman Jessica Rosenworcel in a statement. “We’ll keep doing our part to hold communications providers accountable and ensure the public has reliable 911 service.”
In one case, Charter failed to notify more than 1,000 emergency call centers of a service disruption impacting 911 service and failed to comply with the Commission’s outage reporting rules.
As part of the settlement, the FCC said that Charter will pay a $15 million civil penalty and implement a robust compliance plan, including cybersecurity provisions, to ensure network resiliency and future adherence to the Commission’s 911 and network reporting rules.
The settlement’s compliance plan includes the first-of-its-kind application of certain cybersecurity measures—including network segmentation and vulnerability mitigation management—related to 911 communications services and network outage reporting.
In addition, Charter agreed to maintain and evolve its overall cybersecurity risk management program in accordance with the voluntary National Institute of Standards and Technology (NIST) Cyber Security Framework, and other applicable industry standards and best practices, and applicable state and/or federal laws covering cybersecurity risk management and governance practices.
“The Enforcement Bureau takes any potential violations of the 911 rules extremely seriously, including outage notification requirements,” said Loyaan A. Egal, chief of the Enforcement Bureau. “We will continue working to ensure that communications providers abide by these critical public safety rules and to ensure that cybersecurity measures are implemented to provide resiliency to critical infrastructure communications networks and services.”
The FCC’s rules require interconnected voice over Internet protocol (VoIP) providers, such as Charter, to notify 911 call centers as soon as possible of outages longer than 30 minutes that potentially affect such call centers. Providers are also required to file by set deadlines in the FCC’s Network Outage Reporting System when outages reach a certain severity threshold, the FCC said.
The settlement concerns a network outage experienced by Charter on February 19, 2023, two additional outages on March 31, 2023, and April 26, 2023, and hundreds of planned maintenance related outages that Charter failed to report to the Commission. With regard to the February 19, 2023 outage, it was determined that Charter’s network was the target of a minor Denial of Service (DoS) attack, the FCC reported.
The settlement, formally called a Consent Decree, is available here.