On March 24, 2016, the Federal Communications Commission (FCC or Commission) published in the Federal Register a Notice of Proposed Rulemaking (NPRM) seeking comment on a number of proposed changes to the infrastructure and rules supporting the Emergency Alert System (EAS) and the Wireless Emergency Alerts (WEA). Although many of the proposed changes relate to the organization of the systems themselves, others directly involve broadcasters, multichannel video programming distributors (MVPDs), and wireless providers. Comments on the proposed changes are due by May 9, 2016, and reply comments are due by June 7, 2016.
The NPRM divides the proposals into four categories: (1) improving alerting organization and the state and local levels; (2) building effective community-based public safety exercises; (3) ensuring that alerting mechanisms are able to leverage advancements in technology; and (4) securing the EAS against accidental misuse and malicious intrusion. Although the latter two categories are most relevant to broadcasters, MVPDs, and wireless providers, because all of the proposals could affect broadcast operations, we address them in turn.
Improving Alerting Organization at State and Local Levels
Under the FCC’s rules, EAS participants are supposed to be designated among one or more of the following categories: (1) Primary Entry Point (PEP) System; (2) National Primary (NP) Stations; (3) State Primary (SP) Stations; (4) State Relay (SR); (5) Local Primary (LP) Stations; and Participating National (PN) Sources. However, according to the FCC, State EAS plans are inconsistent in their implementation of these designations. The Commission proposes to streamline these designations by identifying in each state: (1) an NP entity that is responsible for delivering presidential alerts to the state’s EAS participants; and (2) an SP entity that is responsible for initiating the delivery of state EAS alerts. The NP and SP can be a single entity and may, but do not have to be, broadcast stations. The FCC proposes designating intermediary stations required to transmit alerts as “Relay Stations” and designating all other stations as PN and LP.
The FCC asks whether these designations are appropriate and whether additional designations are necessary—such as to initiate AMBER alerts—and whether non-broadcast sources such as satellites and MVPDs should be included. It also asks whether the monitoring of Common Alerting Protocol (CAP) feeds precludes the need for designations.
The FCC proposes to collect EAS plans using a secure, online process and asks whether to utilize a standardized online template and whether to require any additional components in State EAS Plans (including the use of social media alerting tools).
Building Effective Community-Based Public Safety Exercises
The FCC proposes to amend its rules to authorize EAS participants to conduct periodic testing using live event header codes as long as certain enumerated precautions are utilized to prevent consumer confusion. If this proposal is adopted, the FCC would amend Section 11.45 of its rules to exempt state-designated EAS live event code exercises from the prohibition against false or misleading use of the EAS Attention Signal. The FCC also asks whether it needs to take precautions to prevent “alert fatigue,” i.e., a situation in which consumers become desensitized to the EAS codes due to frequent use outside of actual emergencies.
The Commission also proposed amending Section 11.46 of the FCC’s Rules to allow federal, state, and local government entities to issue PSAs that use the EAS header codes or Attention Signal as long as they are used in a non-misleading and technically harmless manner. The NPRM seeks comment on how to implement this proposal while avoiding public confusion and alert fatigue. The FCC also asks about ways to address the needs of individuals with disabilities or limited English proficiency.
Leveraging Technological Advancements in Alerting
The FCC seeks comment on whether cable operators should be required to implement
“selective override” so instead of redirecting viewers to a channel carrying the required audio or video message, set top boxes would remain tuned to certain channels, including local broadcast channels, that participate in the EAS and provide emergency information. The NPRM also asks whether CAP-based alerting allows cable operators to provide more detailed EAS alert information than the EAS has provided in the past.
The NPRM also asks whether digital cable providers should be required to offer EAS messages on all channels (including channels used for interactive and data services) instead of just “programmed channels.” Similarly, the Commission seeks information about how entities other than broadcast and pay TV providers make EAS alerts available to consumers.
The NPRM also asks whether to expand WEA requirements to include tablets as “mobile devices” that distribute WEA messages.
Securing the EAS
The final section of the NPRM focuses on recent incidents involving hacked EAS equipment and inadvertent activations of the EAS and ways to prevent similar incidents in the future. The Commission notes that “[a]ll of these incidents involved a lack of built-in EAS user authentication and validation procedures, as well as weak implementation of other readily employable best practices.” Accordingly, the FCC proposed a series of new requirements to better secure the EAS, including:
- Requiring EAS participants to submit an annual reliability certification form that attests to performance of required security measures, including: (i) that their systems have been updated with the latest firmware and software patches; (ii) that they are following specific, common EAS user account management best practices (such as changing default passwords); (iii) that their EAS devices are not directly accessible through the Internet; and (iv) that their equipment is configured to validate digital signatures on CAP messages. The Commission estimates that it could cost up to an aggregate of $879,000 to implement this requirement (including necessary changes to participants’ EAS equipment).
- Requiring EAS participants to report the issuance or retransmission of a false EAS message within 30 minutes of identification and to provide a final report within some additional timeframe (the NPRM suggests 72 hours).
- Requiring EAS participants to report instances in which their EAS equipment causes, contributes to, or participates in a “lockout” (a message without the EOM code to return to regular programming) within fifteen minutes of identification and to provide a final report within some additional timeframe (the NPRM suggests 72 hours).
- Requiring that EAS participants process and validate digital signatures when handling CAP-formatted EAS alerts. Relatedly, the FCC asks whether all CAP-formatted messages should be digitally signed or whether to utilize a “Virtual Red Envelope” system to send authentication codes to EAS participants.
- Adding a year parameter in the time stamp of EAS alerts and requiring devices only to transmit valid alerts. The Commission also asks whether to require alert validation based on the station ID header code.
The NPRM also seeks comment on whether to treat reports submitted in accordance with the foregoing proposals as confidential and with whom the Commission should be able to share such reports.
Under the NPRM’s proposals, EAS participants would be required to comply with any new requirements by the later of: (i) six months from the public notice of approval by the Office of Management and Budget; or (ii) sixty days from the public notice that the Commission’s database to receive such information is available.