Notices. Notice
816 words·~4 min read·
/register/2020/07/08/2020-14725A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
BILLING CODE 3510-22-P DEPARTMENT OF COMMERCE National Telecommunications and Information Administration Establishment of the Communications Supply Chain Risk Information Partnership AGENCY: National Telecommunications and Information Administration, U.S. Department of Commerce. ACTION: Notice. SUMMARY: The National Telecommunications and Information Administration
(NTIA)announces the establishment of the Communications Supply Chain Risk Information Partnership (C-SCRIP) in support of the requirements of Section 8 of the Secure and Trusted Communications Network Act of 2019 (Act). The Act directs NTIA, in cooperation with other designated federal agencies, to establish a program to share supply chain security risk information with trusted providers of advanced communications service and suppliers of communications equipment or services. DATES: Applicable on July 8, 2020. ADDRESSES: C-SCRIP, National Telecommunications and Information Administration, U.S. Department of Commerce, 1401 Constitution Avenue NW, Washington, DC 20230. FOR FURTHER INFORMATION CONTACT: Megan Doscher, National Telecommunications and Information Administration, U.S. Department of Commerce, 1401 Constitution Avenue NW, Room 4725, Washington, DC 20230; telephone
(202)482-2503; *mdoscher@ntia.gov.* Please direct media inquiries to NTIA's Office of Public Affairs,
(202)482-7002, or at *press@ntia.gov.* SUPPLEMENTARY INFORMATION: Section 8 of the Secure and Trusted Communications Network Act of 2019
(Act)directs NTIA, in cooperation with the Office of the Director of National Intelligence (ODNI), the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the Federal Communications Commission (FCC), to establish a program to share “supply chain security risk” information with trusted providers of “advanced communications service” and suppliers of communications equipment or services. 1 Through this Notice, NTIA is announcing the establishment of the Communications Supply Chain Risk Information Partnership (C-SCRIP), a partnership to share supply chain security risk information with trusted communications providers and suppliers. 1 Secure and Trusted Communications Network Act of 2019, Public Law 116-124, § 8, 134 Stat. 158, 168
(2020)(codified at 47 U.S.C. 1607). NTIA is collaborating with the ODNI, DHS, FBI, and FCC to establish the program. This program is aimed primarily at trusted small and rural communications providers and equipment suppliers, with the goal of improving their access to risk information about key elements in their supply chain. 2 C-SCRIP will allow for regularly scheduled informational briefings, with a goal of providing more targeted information for C-SCRIP participants as the program matures over time. NTIA will aim to ensure that the risk information identified for sharing under the program is relevant and accessible, and will work with its government partners to enable the granting of security clearances under established guidelines when necessary. 2 *See id.* § 8(a)(2)(A), (B). NTIA is using a phased approach to establish the C-SCRIP program, in cooperation with its government partners. In Phase 1, NTIA establishes the program and develops the required report to Congress on NTIA's plan to work with its interagency partners on:
(1)Declassifying material to help share information on supply chain risks with trusted providers; and
(2)expediting and expanding the provision of security clearances for representatives of trusted providers. 3 During Phase 1, NTIA will coordinate closely with its federal partners to take advantage of the existing processes and procedures in place for the processing of security clearances and the declassification of threat intelligence and to develop a strategic implementation plan for the C-SCRIP program to establish primary goals and operating principles for the partnership. The strategic implementation plan is intended to harmonize the C-SCRIP program with other government programs to ensure cohesion and to avoid overlap. 3 *See id.* § 8(a)(2)(C). In Phase 2, NTIA will operationalize the program, informed by public comments, and will establish the methods and means to initiate and sustain the partnership community of providers and suppliers that are eligible under the Act to receive supply chain security risk information. 4 Phase 2 will be driven by the strategic implementation plan. In particular, NTIA expects to establish partnership guidelines during Phase 2, as driven by the Act's requirements. NTIA will also initiate ad hoc briefings to trusted providers during Phase 2 on an as-needed basis. 4 *See* NTIA, Notice; request for public comments, *Promoting the Sharing of Supply Chain Security Risk Information Between Government and Communications Providers and Suppliers,* 85 FR 35919 (June 12, 2020), available at *https://www.ntia.doc.gov/federal-register-notice/2020/request-comments-promoting-sharing-supply-chain-security-risk.* In Phase 3, NTIA will refine its methods and means for generating and sharing information with the C-SCRIP partnership community to best secure U.S. communications networks against supply chain threats. NTIA also expects to formalize its process and schedule for briefings and alerts during this phase, and to establish mechanisms for ongoing coordination and communication. During Phase 4, NTIA will evaluate the initiation period of the program and make recommendations for adjustments or enhancements to advance the goal of diminishing supply chain risk among program participants. Dated: July 2, 2020. Douglas Kinkoph, Associate Administrator, Office of Telecommunications and Information Applications, performing the non-exclusive functions and duties of the Assistant Secretary of Commerce for Communications and Information. [FR Doc. 2020-14725 Filed 7-7-20; 8:45 am]
Connectionstraces to 2
Traces to 2 documents
1 reference not yet in our index
- 134 Stat. 158
Citation graph
cites case law
Cites 3Cited by 0 across 0 sources