H.R. 1709: Understanding Cybersecurity of Mobile Networks Act
This bill, known as the Understanding Cybersecurity of Mobile Networks Act, aims to improve the understanding of cybersecurity issues related to mobile service networks in the United States. Here’s a more detailed summary of what the bill entails:
Report Requirement
Within one year of the bill becoming law, the Assistant Secretary of Commerce for Communications and Information must prepare and submit a report to specific congressional committees that examines:
- The overall cybersecurity of mobile service networks.
- The vulnerabilities of these networks and associated mobile devices to cyberattacks and surveillance by adversaries.
Key Contents of the Report
The report is required to include several specific items:
- An assessment of how well mobile service providers have addressed cybersecurity vulnerabilities identified by various entities, including:
- Academic and independent researchers.
- Industry standards organizations.
- Relevant federal agencies like the National Telecommunications and Information Administration.
- The National Institute of Standards and Technology.
- The Department of Homeland Security.
- A discussion on how much customers, including individuals and businesses, consider cybersecurity when choosing mobile services and devices, as well as the resources available to assist them in understanding cybersecurity risks.
- An evaluation of how mobile service providers implement cybersecurity best practices and risk assessment frameworks.
- An estimate of the prevalence and effectiveness of encryption and authentication techniques in mobile services, devices, operating systems, and applications.
- Barriers that mobile service providers face in adopting effective encryption and authentication methods and eliminating the use of outdated technologies.
- An estimate of technologies available that authenticate legitimate mobile services and equipment.
- A discussion of technologies used by adversaries for mobile service surveillance, such as cell site simulators.
Consultation Process
In preparing the report, the Assistant Secretary is encouraged to consult with a range of stakeholders, including:
- The Federal Communications Commission.
- The National Institute of Standards and Technology.
- The intelligence community.
- The Cybersecurity and Infrastructure Security Agency.
- Industry representatives, including those from smaller or rural mobile service providers.
- Experts in various technological and cybersecurity fields.
Scope Limitations
The report will focus solely on mobile service networks and will explicitly exclude 5G protocols from consideration. It will assess vulnerabilities that have demonstrated real-world exploitation or have the potential for practical exploitation.
Report Format
The report will be published in a generally unclassified format but may contain a classified annex for sensitive information. Certain unclassified details that could expose vulnerabilities will be redacted from the public report.
Definitions
Definitions provided in the bill clarify terms used throughout, such as:
- Adversary: Refers to unauthorized hackers and foreign entities posing risks to national security.
- Mobile service: Encompasses commercial mobile services provided to customers in the United States.
Responsibilities
The Assistant Secretary is tasked with ensuring the report adheres to the above guidelines and sufficiently covers the essential areas of concern regarding mobile network cybersecurity.
Relevant Companies
- VZ (Verizon Communications Inc.): As a major mobile service provider, Verizon would need to address the vulnerabilities identified and report findings to comply with the bill’s research requirements.
- T (AT&T Inc.): Similar to Verizon, AT&T may be impacted by the need to enhance its cybersecurity measures in response to findings from the report.
- S (Sprint Corporation): Although Sprint is now part of T-Mobile, previous corporate practices might still be under scrutiny regarding mobile network security vulnerabilities.
This is an AI-generated summary of the bill text. There may be mistakes.
Sponsors
5 bill sponsors
Actions
15 actions
| Date | Action |
|---|---|
| Jul. 15, 2025 | Received in the Senate and Read twice and referred to the Committee on Commerce, Science, and Transportation. |
| Jul. 14, 2025 | At the conclusion of debate, the Yeas and Nays were demanded and ordered. Pursuant to the provisions of clause 8, rule XX, the Chair announced that further proceedings on the motion would be postponed. |
| Jul. 14, 2025 | Considered as unfinished business. (consideration: CR H3230-3231: 4) |
| Jul. 14, 2025 | Considered under suspension of the rules. (consideration: CR H3209-3211: 7) |
| Jul. 14, 2025 | DEBATE - The House proceeded with forty minutes of debate on H.R. 1709. |
| Jul. 14, 2025 | Motion to reconsider laid on the table Agreed to without objection. |
| Jul. 14, 2025 | Mr. Latta moved to suspend the rules and pass the bill. |
| Jul. 14, 2025 | On motion to suspend the rules and pass the bill Agreed to by the Yeas and Nays: (2/3 required): 360 - 10 (Roll no. 191). (text: CR H3209-3210: 7) |
| Jul. 14, 2025 | Passed/agreed to in House: On motion to suspend the rules and pass the bill Agreed to by the Yeas and Nays: (2/3 required): 360 - 10 (Roll no. 191). |
| Jun. 30, 2025 | Placed on the Union Calendar, Calendar No. 143. |
| Jun. 30, 2025 | Reported by the Committee on Energy and Commerce. H. Rept. 119-177. |
| Mar. 04, 2025 | Committee Consideration and Mark-up Session Held |
| Mar. 04, 2025 | Ordered to be Reported by Voice Vote. |
| Feb. 27, 2025 | Introduced in House |
| Feb. 27, 2025 | Referred to the House Committee on Energy and Commerce. |
Corporate Lobbying
0 companies lobbying
None found.
* Note that there can be significant delays in lobbying disclosures, and our data may be incomplete.
