Recommendation: The Chairman of FCC should track the growth in high bandwidth IoT devices, such as video-streaming devices and optical sensors. (Recommendation 1)

Agency: Federal Communications Commission
Status: Open

Comments: FCC said that it believes it is best to monitor growth of overall Internet traffic and will work with industry and its Technological Advisory Council to monitor growth and ensure that communications infrastructure is sufficient to support the needs of the growing Internet sector. As of October 2019, FCC has not changed its position.

Recommendation: The Chairman of FCC should track the growth in IoT devices relying on unlicensed spectrum. (Recommendation 2)

Agency: Federal Communications Commission
Status: Open

Comments: FCC said that it believes the best way to track growth in IoT devices using unlicensed spectrum it to monitor relevant information, such as published papers and conferences, and work with industry. As of October 2019, FCC has not changed its position and stated that it will be taking no further action.

Recommendation: To more fully address stakeholder concerns and help ensure FirstNet's resources reflect expected changes in responsibilities, FirstNet should request that the Public Safety Advisory Committee's Tribal Working Group fully explore tribal concerns and propose actions, as needed, to address those concerns.

Agency: Department of Commerce: National Telecommunications and Information Administration: First Responder Network Authority
Status: Open

Comments: As of March 2020, FirstNet had taken some action in response to this recommendation but had not fully implemented it. Once we confirm that FirstNet has taken additional action, we will provide updated information.

Recommendation: To ensure that the increasing risks of GPS disruptions to the nation's critical infrastructure are effectively managed, the Secretary of Homeland Security should increase the reliability and usefulness of the GPS risk assessment by developing a plan and time frame to collect relevant threat, vulnerability, and consequence data for the various critical infrastructure sectors, and periodically review the readiness of data to conduct a more data-driven risk assessment while ensuring that DHS's assessment approach is more consistent with the National Infrastructure Protection Plan (NIPP).

Agency: Department of Homeland Security
Status: Open

Comments: DHS officials had previously indicated that DHS's Office of Infrastructure Protection (IP) and Office of Cyber and Infrastructure Analysis (OCIA) have discussed an update of the GPS risk assessment. Additionally, information from DHS shows that DHS has continued other efforts to collect potentially relevant threat, vulnerability, and consequence data for various GPS equipment in use. For example, according to DHS officials, DHS has conducted visits to major maritime, finance, wireless communications, and electricity firms to gauge their understanding of GPS vulnerabilities and of technology- and strategy-based efforts to improve GPS resilience, and DHS documentation shows that DHS has held events to test GPS receivers as part of assessing vulnerabilities. In August 2020, DHS officials provided GAO with additional information regarding their progress on implementing the recommendation. We will update the status of this recommendation after we review the additional information from DHS.