This Article contends that the Federal Communications Commission’s (FCC) January 2018 repeal of net neutrality rules creates cybersecurity vulnerabilities for the energy sector and other critical infrastructure. Unbridled from enforceable net neutrality rules, Internet Service Providers (ISPs) create systemic supply chain risks as the Internet has become embedded into the energy sector’s distributed ecosystem. This Article argues that cybersecurity has been primarily viewed from a “hacker paradigm” that obscures systemic threats such as those posed by an ISP since firewalls and traditional cybersecurity techniques do not protect against ISP conduct. The Article contends that the FCC’s failure to consider the consequences of net neutrality repeal on public safety and critical infrastructure facilities and services constitutes arbitrary and capricious decision-making under the Administrative Procedures Act. The Article recommends that the D.C. Circuit vacate the FCC’s net neutrality repeal order and remand it to the FCC for analysis of cybersecurity, critical infrastructure protection, and public safety issues. To protect energy reliability, safety, resiliency, renewable integration, just and reasonable rates, and the environment, this article recommends that regulators and energy grid laboratories test the effect of ISP-induced communications delays on electric reliability, safety, and distributed energy generation. This article urges regulators, energy operators, and academics to address ISP and FCC-induced energy-sector cybersecurity risks.
Catherine J. K. Sandoval,
Cybersecurity Paradigm Shift, The RIsk of Net Neutrality Repeal to Energy Reliability, PUblic Safety, and Climate Change Solutions
, 10 San Diego Journal of Climate & Energy Law 91
Available at: https://digitalcommons.law.scu.edu/facpubs/970