Communications Litigation Today was a Warren News publication.
Not Network Equipment

Dahua, Hikvision Raise FCC Deference Issues in 'Covered List' Appeal

Dahua USA and Hikvision USA detailed their arguments for why the equipment they make and sell in the U.S. doesn’t belong on the FCC’s list of “covered equipment” deemed to pose a threat to U.S. security. The subsidiaries of larger Chinese companies appealed the FCC Nov. 25 order barring authorization of network equipment on the covered list (see 2304250043) in a pleading filed Thursday at the U.S. Court of Appeals for the D.C. Circuit (docket 23-1032).

The government is scheduled to respond July 31. The brief from Motorola, which is intervening on the FCC's behalf, is due Aug. 7. The FCC declined comment Friday.

The November FCC order implements the 2021 Secure Equipment Act, which required the regulator to deny new authorizations for covered gear (see 2111120058). In the past, the FCC had only barred purchase of covered equipment using the USF. The primary target was Huawei, which was working with many smaller carriers, selling them network gear, which now must be removed under FCC rules.

Dahua and Hikvision raise deference issues addressed by the Supreme Court last year in West Virginia v. EPA (see 2206300066), which emphasized the evolving major questions doctrine, which many SCOTUS watchers see as the new standard for evaluating deference (see 2305050038). SCOTUS “has repeatedly rebuffed agencies that, like the Commission here, ‘claimed to discover [in a long extant statute] an unheralded power representing a transformative expansion of [their] regulatory authority,’” the companies said.

Petitioners’ video equipment … does not belong on the Covered List,” Dahua and Hikvision said: “As its name suggests, the Secure Networks Act aims to protect the nation’s communications networks. The Act is thus tailored to focus on network equipment that is ‘essential to’ the provision of broadband telecommunications service.” The commission “did not even try to show that Petitioners’ equipment meets that definition,” they said. “Nor could it -- broadband networks plainly can function without these devices.” That was the same argument the companies made to the FCC before commissioners approved the November order (see 2211230065).

The Secure Equipment Act required that prohibited devices “possess specific capabilities posing a threat to broadband networks, such as being capable of misrouting or permitting visibility into user data, or otherwise posing an unacceptable risk to national security,” Dahua and Hikvision said. The FCC “did not try to show that Petitioners’ equipment satisfies” that requirement, they said.

Instead, the agency said petitioners’ video equipment belongs on the covered list because it falls under a different statute, Section 889 of the 2019 National Defense Authorization Act, Dahua and Hikvision assert. “That is wrong,” they said: “The Secure Networks Act does cross-reference Section 889, but that reference satisfies only the … requirement that Congress or a national security agency find that equipment produced by an entity poses risks.” Merely falling under Section 889 “does not satisfy the separate requirement that devices must have statutorily specified capabilities to be placed on the Covered List,” they said. “The Commission’s contrary conclusion reads whole provisions out of the statute.”

The FCC order also wrongly relies on a 1968 addition to the Communications Act, giving the commission authority to make regulations to prevent harmful interference to radio communications, Dahua and Hikvision said. “The Commission’s contrary conclusion plucks out a short phrase that qualifies this provision -- specifying that such regulation addressing interference must be ‘consistent with the public interest’ -- and treats that phrase as giving the Commission a free-standing power to make any rules it deems in the public interest,” the companies said: “Five decades after Section 302a’s enactment, the Commission claims to have discovered that the statute provides the agency with an essentially unbounded rulemaking power over all electronic devices sold in the United States.”

Petitioners’ products are not telecommunications network equipment -- they are not and cannot be used to provide broadband or other communications services,” Dahua and Hikvision argue. “Instead, these devices are peripheral, non-network devices known as ‘customer premises equipment,’ i.e., equipment bought by end users and used on their property,” they said.

Although the devices generally do not require internet connectivity to function, they can be connected directly to the internet, the companies said: “End users who select this approach can implement an array of cybersecurity best practices (which Petitioners encourage) to restrict unauthorized access to data flows from the cameras.” However the gear is used, the control and the features enabled “rests entirely with the end users and the independent professionals they hire to install the devices,” they said. The companies note they have no contact with users of their gear -- which is sold “through unaffiliated distributors and dealers that market primarily to small- and medium-sized businesses.”

The November order should be overturned because “it exceeds the commission’s statutory authority under the Secure Networks Act,” Dahua and Hikvision told the court. The order also “proposes a vast expansion of the Commission’s authority under Title III of the Communications Act,” they said. The order’s definition of critical infrastructure is “contrary to law,” they said: “Even assuming Petitioners’ equipment belongs on the Covered List at all, the Order sweeps far too broadly.”

The court shouldn’t allow the order to stand under the Chevron doctrine, which gives deference to agency decision-making, the companies said. “The text, statutory context, and ordinary meaning all support a narrow interpretation that comprises only truly vital infrastructure,” they said: “The Commission, however, went in the opposite direction. It wrongly conflated multiple definitions of ‘critical infrastructure’ from different sources, without considering how they fit together or apply here.”