Suma de memoria e historia Horizonte histórico

179. We seek comment on the timeframes in which the proposals in this NPRM, if adopted, could reasonably be implemented by EAS Participants. As discussed in greater detail below, we propose that EAS Participants must comply with our proposed rules that include new information collection requirements (i.e., the State EAS Plan rules, initial annual security certification, and security incident reporting requirements) within six months from the release of a Public Notice announcing Office of Management and Budget (OMB) approval of related information collection requirements, or within 60 days of a Public Notice announcing the availability of the Commission’s relevant database to receive such information, whichever is later; with subsequent annual certifications due by June 30th of each calendar year. We propose that EAS Participants must comply with proposed alert authentication and validation measures within one year of the rules’ publication in the Federal Register. We note that no action is required to comply with our live code test and PSA rules, and encourage EAS Participants to begin engaging in testing and outreach efforts pursuant to those rule amendments as soon as those rules become effective, thirty days from the date those rules are published in the Federal Register.302 _{We seek comment} on whether this framework appropriately balances the burdens of compliance with the need for rapid improvement of EAS organization, testing, outreach, and security. For ease of reference and comment, Figure 5, below, sets forth proposed timeframes for those instances where we propose specific

implementation deadlines. 301_{Supra Section III.D.2.}

302_{Thirty days from publication in the Federal Register is the soonest that newly adopted rules can become effective.}

PROPOSED RULE AMENDMENTS PROPOSED COMPLIANCE TIMEFRAMES

EAS Designations Rules would be effective within 30 days of publication in the Federal Register

State EAS Plan Contents Within six months of release of a Public Notice announcing OMB approval of related information collection requirements, or within 60 days of release of a Public Notice announcing the availability of SEPFI to receive State EAS Plans, whichever is later

Live Code Tests No action required; rules would be effective within 30 days of publication in the Federal Register

EAS PSAs No action required; rules would be effective within 30

days of publication in the Federal Register Annual Certification For the first certification: within six months of the

release of a Public Notice announcing OMB approval of related information collection requirements, or within 60 days of release of a Public Notice announcing the

availability of ETRS to receive such reports, whichever is later.

For subsequent annual certifications: by June 30th_of each calendar year.

Reporting False Alerts and Lockouts Within six months of the release of a Public Notice announcing OMB approval of related information collection requirements, or within 60 days of release of a Public Notice announcing the availability of ETRS to receive such reports, whichever is later

Authentication and Validation Measures Within 1 year of the rules’ publication in the Federal Register

Figure 5: Proposed Implementation Timeframes

180. State EAS Plan Rules. We propose that the new EAS Designations would take effect 30 days from the publication of final rules in the Federal Register, and to require compliance with our State EAS Plan rules within six months of the release of a Public Notice announcing OMB approval of related information collection requirements, or within 60 days of release of a Public Notice announcing the availability of SEPFI to receive State EAS Plans, whichever is later. States should already have State EAS Plans in place, and our proposed rules would not require that states adopt any particular alerting strategy or necessitate any changes in alerting implementation. We do anticipate, however, that producing State EAS Plans that include the new elements we propose would require additional discussion, strategic planning, and outreach. This discussion may entail a rigorous assessment of state preparedness along the axes discussed above.303 _{For example, SECCs may need to perform outreach in} order to ascertain the extent to which EAS Participants in their state are using alternative alerting

mechanisms such as the satellite-based monitoring sources, highway signs or social media, and the extent to which they are prepared to leverage available technologies to implement “one-to-many, many-to-one” alerting. SECCs may also need to engage with key EAS sources in their state in order to aptly apply our proposed EAS Designations. We seek comment on whether requiring compliance with our proposed State EAS Plan rules within this proposed timeframe would provide SECCs with sufficient time to

complete any required strategic planning, discussion and outreach necessitated by these proposed rules. Commenters are encouraged to specify an alternative timeline if compliance within six months is considered infeasible, or if compliance can be achieved earlier.

181. Alert Authentication and Validation Rules. We propose that EAS Participants should be required to comply with our alert authentication and validation rules within one year of the date of their publication in the Federal Register. In the Sixth Report and Order, we provided EAS Participants one year to develop, test, and deploy any necessary software updates to support the national location code and National Periodic Test (NPT) code, and to replace any EAS equipment that no was no longer supported by the manufacturer.304 _{We seek comment on whether the changes that may be necessitated by our} proposed alert validation and authentication requirements may be accomplished through a software update,305_{and reason similarly that EAS Participants may be expected to develop, deploy and test any} required software updates within a year’s timeframe. Alternatively, could compliance with some or all of the proposed rules be satisfied within a shorter timeframe? Given the importance to our nation’s safety of securing the EAS, we seek comment on the shortest practicable amount of time in which these measures could be implemented. To the extent an alternative timeframe would be more appropriate, we ask commenters to provide a detailed explanation.

182. Security Incident Reporting and Annual Security Certification. We propose to require initial compliance with our security incident reporting and annual security certification requirements within six months of the release of a Public Notice announcing OMB approval of related information collection requirements, or within 60 days of release of a Public Notice announcing that ETRS is capable of receiving such reports, whichever is later. With respect to subsequent annual certifications, we propose that this timeframe apply to the first certification, with subsequent certifications due by June 30 of each calendar year. We expect that EAS Participants are already complying with most, if not all, of the best practices described above, and to the extent additional time is necessary to ensure that best practices are fully implemented, we believe that 60 days provides a reasonable timeframe to accomplish that goal while also ensuring that security measures are taken as swiftly as possible. We seek comment on this proposed timeframe, and on our rationale.

183. Live Code Tests and EAS PSAs. We propose that our live code testing and PSA rules would become effective thirty days from the date of their publication in the Federal Register. We observe that no action is required in order for EAS Participants to comply with these proposed rules. Further, in the meantime, EAS Participants may continue to conduct live code tests as regularly scheduled pursuant to the guidance the Bureau provided in the Live Code Testing Public Notice.306 _{This proposed rule, if} adopted, would alleviate the burden on EAS Participants to seek waiver of our rules in order to engage in this common practice. With respect to EAS PSAs, we propose to expand the set of entities that are permitted to conduct EAS PSAs, and to allow them to include the EAS header codes and Attention Signal. This proposed rule, if adopted, would allow EAS PSAs to become more flexible tools for community public safety outreach. We believe it would serve the public interest for the proposed live code testing and PSA rules to become effective as soon as possible, and seek comment on our rationale.