FCC Proposes New EAS Cybersecurity Rules, SCOTUS Upholds FCC Fines
The FCC has proposed new cybersecurity requirements for Emergency Alert System (EAS) participants, including mandates for strong passwords, security patching, and network firewalls for broadcast equipment. This follows a Supreme Court decision upholding the FCC's authority to impose monetary penalties for rule violations. Additionally, the U.S. House Communications and Technology Subcommittee held a hearing on Positioning, Navigation, and Timing (PNT) capabilities, specifically referencing ATSC 3.0-based Broadcast Positioning Systems.
Key Takeaways
- New EAS cybersecurity rules, if adopted, will require participants to change default passwords, use strong passwords, and apply security patches promptly.
- EAS participants will also need to implement network firewalls or segmentation for remote access to broadcasting equipment.
- The Supreme Court upheld the FCC's power to issue monetary penalties for rule violations, reversing a Fifth Circuit decision regarding a $57 million fine against AT&T.
- The House Communications and Technology Subcommittee held a hearing on Positioning, Navigation, and Timing (PNT) capabilities, including ATSC 3.0-based Broadcast Positioning Systems.
- FCC's Media Bureau issued a $50,000 fine and compliance plan to Texas FM translators for unauthorized programming, ownership changes, and equipment issues.
Why It Matters
Broadcasters face increased regulatory scrutiny and new compliance obligations. The FCC's proposed EAS cybersecurity rules indicate a proactive stance against vulnerabilities, directly impacting operational security and potentially raising compliance costs. The Supreme Court's ruling solidifies the FCC's enforcement power, reinforcing the need for strict adherence to regulations across the industry. Going forward, watch for the FCC's final cybersecurity rule adoption and how quickly broadcasters implement required changes.
Additional Context
The FCC's push for enhanced EAS cybersecurity stems from growing concerns over cyberattacks on critical infrastructure. InsideCyberSecurity reported in June 2026 that the FCC would vote on these new requirements at its June 25 meeting, emphasizing that the "Report and Order aims to preserve the public’s trust in EAS by requiring targeted cybersecurity improvements to protect the system from cybercriminals and our nation’s adversaries." This follows a November 2025 notice where the FCC urged broadcasters to follow cybersecurity best practices in response to a "recent string of cyberattacks" (FCC.gov). The proposed rules are part of a broader re-evaluation of the nation's alerting systems, as outlined in a Notice of Proposed Rulemaking from August 2025 (Federal Register). This re-examination aims to modernize EAS and Wireless Emergency Alerts (WEA) to be more effective, efficient, and secure, considering vulnerabilities like false alerts and the prevention of real alerts. The FCC's overarching goal, per its website (updated March 2026), is to ensure the security of public warning systems against cyber threats, recognizing their essential role in national security and public safety.
Read full article at broadcastlawblog.com