Charter Communications recently admitted to failing to report VoIP phone outages to 911 centers and the FCC, resulting in a $15 million fine. The company acknowledged that it failed to notify over 1,000 911 call centers about an outage caused by a denial-of-service attack and missed reporting deadlines for hundreds of planned maintenance outages.
The FCC emphasized that the failure to notify PSAPs of outages hinders public safety officials’ ability to mitigate the effects of an outage by informing the public of alternate ways to contact emergency services. Charter was required to notify all affected PSAPs as soon as possible, but due to a clerical error with email notifications, over 1,000 PSAPs were not contacted in a timely manner.
In addition to the civil penalty, Charter has agreed to implement a compliance plan that includes cybersecurity provisions related to the FCC’s 911 rules. The plan aims to ensure that the company promptly notifies 911 call centers after network outages and has agreed to automate the PSAP notification system to contact PSAPs following an outage that meets reporting thresholds.
The FCC investigation revealed that Charter also failed to report hundreds of planned maintenance events that met the criteria for filing a NORS report based on a misunderstanding of the FCC’s rules. The company downplayed the violations, stating that the fine was solely related to administrative notifications and not cybersecurity issues. Charter emphasized that there were no identified flaws in its cybersecurity practices and that it would continue following industry best practices.
As part of the settlement, Charter must maintain and evolve its overall cybersecurity risk management program in accordance with industry standards and best practices, along with applicable state and federal laws. The compliance plan also includes the application of cybersecurity measures such as network segmentation and vulnerability mitigation management related to 911 communications services and network outage reporting.
The requirements of the compliance plan will be in effect for three years to ensure Charter’s adherence to FCC rules and regulations. The company’s prompt notification of 911 call centers following network outages and the implementation of cybersecurity measures are crucial steps to prevent future disruptions and ensure network reliability.
