Nov 28, 2017The Federal Communications Commission (FCC) recently released an Order and Consent Decree, terminating an investigation into a manufacturer that marketed Unlicensed National Information Infrastructure (U-NII) devices in violation of the FCC's equipment authorization and marketing rules. The terms of the Consent Decree require the manufacturer to admit liability, pay a fine of $90,000, implement a strict compliance plan and provide periodic reports to the FCC on the implementation of that plan.
The crux of the investigation was that the equipment manufacturer apparently sold U-NII devices that could potentially allow users to disable the dynamic frequency selection (DFS) mitigation and sensitivity features contained in each device. The FCC cited to Section 15.407 of its rules, but did not specifically state how that rule was violated. The FCC was likely referring to rule Subsection 15.407(i)(1), which requires U-NII manufacturers to implement security features so that third parties are not able to reprogram the device to operate outside the parameters for which the device was certified.
While this specific case involves U-NII devices, the precedent applies to RFID equipment suppliers as well. A critical point is that nothing in the Order indicates that this enforcement proceeding resulted from a complaint against the manufacturer. Rather, the FCC proactively went after this company. The FCC's Office of Engineering and Technology (OET) requested a sample device from the manufacturer in order to determine compliance with the data provided by the manufacturer when it filed its certification application. FCC Rule 2.945 requires manufacturers and other responsible parties to provide samples of RF devices, including RFID devices (at their expense) to OET upon request. While not stated in the Order, this proceeding may have originated as part of the FCC's "post-market surveillance" rules, wherein FCC-approved testing labs are required to monitor the sales of at least 5 percent of the devices they certify, and to report apparent violations to the FCC.
As illustrated by this and other recent enforcement actions, the FCC is now aggressively prosecuting RF equipment manufacturers (and other responsible parties) suspected of rule violations. The FCC is not shy about imposing severe penalties on parties responsible for major and minor infractions of its RF equipment authorization and marketing rules. As stated in the Order, serious rule violations could result in the FCC rescinding RF equipment suppliers' authorizations, which would effectively ban them from marketing their products in the United States.
The FCC's now-routine threat of revoking manufacturers' authorizations is a new enforcement practice; it started appearing regularly in orders and consent decrees only during the past year. Another interesting aspect of this Order is that the FCC chose to enforce a potential modification vulnerability against the manufacturer. In the past, the FCC chose to enforce its existing rules concerning RF device modification against the parties that actually modified the devices—FCC rules state that parties that undertake major modifications to RF devices become the responsible parties for rule compliance concerning the modified devices.
Times are changing. The FCC's recent spate of enforcement actions against RF equipment suppliers underscores the importance of understanding and complying with all of the FCC's pertinent rules, and following the implementation of changes to those rules. The FCC, for example, recently promulgated new authorization and importation rules for RF devices. All RF equipment stakeholders should remain aware and informed of any and all such changes.
IoT attorney Ronald E. Quirk is the head of Marashlian & Donahue's Internet of Things and Connected Devices Practice Group. For more information about the FCC RF equipment rules and suggestions for best practices to ensure compliance with same, please contact Mr. Quirk at (703) 714-1305 or firstname.lastname@example.org.