To direct the Assistant Secretary of Commerce for Communications and Information to submit to Congress a report examining the cybersecurity of mobile service networks, and for other purposes.
Summary
What This Bill Does
The Understanding Cybersecurity of Mobile Networks Act directs the Assistant Secretary of Commerce for Communications and Information, who leads NTIA, to submit a report within one year to the House Energy and Commerce Committee and the Senate Commerce, Science, and Transportation Committee. The report must examine the cybersecurity of mobile service networks and the vulnerability of mobile devices to cyberattacks and adversary surveillance. It must assess whether mobile service providers have addressed vulnerabilities identified by academic researchers, independent researchers, standards organizations, industry experts, NTIA, NIST, DHS, CISA, and the DHS Science and Technology Directorate. It must also discuss whether consumers, companies, and government agencies consider cybersecurity when buying mobile service or devices; whether tools and frameworks exist to evaluate cybersecurity risk and price tradeoffs; adoption of best practices and risk frameworks; encryption and authentication used in mobile service, equipment, phones, operating systems, software, and apps; barriers to stronger algorithms; authentication of legitimate network equipment; and prevalence, cost, availability, and adversary use of cell-site simulators. The report must consult FCC, NIST, the intelligence community, CISA, DHS Science and Technology Directorate, researchers, 3GPP, IETF, international stakeholders, the State Department, small and rural providers, equipment manufacturers, device makers, mobile operating-system developers, and other experts. It excludes 5G protocols and networks and focuses on real-world exploitable vulnerabilities or mitigated vulnerabilities.
Who Benefits and How
Mobile service customers, consumer device buyers, companies buying mobile service, government agency mobile users, congressional commerce committees, cybersecurity researchers, NIST, CISA, FCC, and standards bodies benefit from a consolidated federal assessment of legacy mobile-network risk, surveillance threats, encryption gaps, authentication tools, and provider practices. The report can help users and policymakers understand where mobile-network security is weak without waiting for a breach-specific investigation.
Who Bears the Burden and How
NTIA, the Department of Homeland Security, CISA, DHS Science and Technology Directorate, FCC, NIST, intelligence-community analysts, mobile service providers, rural mobile providers, small mobile providers, telecommunications equipment manufacturers, mobile device manufacturers, mobile operating-system developers, and communications software developers must provide technical input, document mitigation status, discuss barriers to stronger encryption and authentication, and respond to federal scrutiny of surveillance and interception risks.
Key Provisions
- Requires NTIA and DHS to report within one year on mobile-service network cybersecurity and adversary surveillance risks.
- Requires assessment of provider responses to vulnerabilities identified by researchers, standards bodies, industry experts, and federal agencies.
- Requires discussion of customer cybersecurity decision-making, risk tools, best practices, encryption, authentication, and cell-site simulators.
- Requires consultation with FCC, NIST, CISA, DHS Science and Technology Directorate, researchers, 3GPP, IETF, international stakeholders, providers, manufacturers, and software developers.
- Limits the report to mobile service networks, excludes 5G protocols and networks, and focuses on real-world exploitable or mitigated vulnerabilities.
Evidence Chain:
This summary is generated from the full bill text using AI analysis. Expand "Detailed Analysis" below for identified beneficiaries/burden bearers with clause-level evidence links.
At a Glance
What This Bill Does
Requires NTIA, in consultation with DHS, to report to congressional commerce committees within one year on mobile-service network cybersecurity, mobile-device vulnerabilities, adversary surveillance tools, encryption and authentication practices, provider adoption barriers, and stakeholder consultation, while excluding 5G protocols and networks.
Key Policy Areas
Cybersecurity, Telecommunications, Consumer Protection
Primary Purpose
Requires NTIA, in consultation with DHS, to report to congressional commerce committees within one year on mobile-service network cybersecurity, mobile-device vulnerabilities, adversary surveillance tools, encryption and authentication practices, provider adoption barriers, and stakeholder consultation, while excluding 5G protocols and networks.
Policy Domains
Substantive provisions
Identified Gains
- Mobile service customers
- Government agency mobile users
- Congressional commerce committees
- Cybersecurity researchers
- National Institute of Standards and Technology
- Cybersecurity and Infrastructure Security Agency
- Federal Communications Commission
Identified Costs
- National Telecommunications and Information Administration
- Department of Homeland Security
- Mobile service providers
- Rural mobile providers
- Telecommunications equipment manufacturers
- Mobile device manufacturers
- Mobile operating-system developers
Sponsors
Legislative Progress
Passed HouseReceived; read twice and referred to the Committee on Commerce, …
Passed House (inferred from eh version)
Additional sponsors: Mr. Fitzpatrick, Mrs. Houchin, and Mr. Nunn of …
Committed to the Committee of the Whole House on the …
Mr. Landsman (for himself and Mrs. Cammack) introduced the following …
Stakeholder Effects
cui bono?How this legislation distributes effects. Mention counts reflect frequency, not effect magnitude.
Cybersecurity and Infrastructure Security Agency, Department of Homeland Security, National Institute of Standards and Technology
Mobile service providers, Rural mobile providers
Mobile operating-system developers, Telecommunications equipment manufacturers
On Motion to Suspend the Rules and Pass
Understanding Cybersecurity of Mobile Networks Act
Bill Structure & Actor Mappings
Who is "The Secretary" in each section?
- "assistant_secretary"
- → Assistant Secretary of Commerce for Communications and Information, the head of NTIA.
We use a combination of our own taxonomy and classification in addition to large language models to assess meaning and potential beneficiaries. High confidence means strong textual evidence. Always verify with the original bill text.
Learn more about our methodology