UL Seeks Feedback on Revised Guidelines

/in , /by

On March 16th, in response to a request from TMA, UL published a statement on Monitoring Station Certifications and continued operations as communities work to contain the impact of COVID-19. An initial set of guidelines for virtual workplaces was included for stations considering at-home operators as part of their contingency planning.

Since then, it’s become clear that health risk mitigation measures will likely be required for longer than any of us had anticipated. UL now seeks feedback  from industry stakeholders that rely on UL Certifications as part of their own risk management programs to review the updated Guideline revisions, which are intended to better define virtual workplace security measures.

Review the revised draft of Virtual Workplace Guidelines that incorporate these initial suggestions. Because this version of the Guidelines is more technically specific than the original, UL would welcome industry feedback prior to publication.

Please send any input you may have directly to Steve Schmit, Senior Staff Engineer, UL.

Steve will also discuss the revised Guidelines and UL’s direction in the COVID environment during TMA’s Virtual Town Hall on Monday, April 20th.

ESA, SIA & TMA Urge Public Safety Leaders to Consider Importance of Electronic Security, Fire, Life Safety & Monitoring Services

/in , /by

The Electronic Security and Life Safety Industry Associations call on state leadership to ensure that essential emergency services are not suspended or impacted by the COVID-19 crisis.

The Electronic Security Association (ESA), Security Industry Association (SIA), and The Monitoring Association (TMA) have partnered to circulate a letter drawing state public safety leaders’ attention to the essential emergency services provided by electronic security, fire, life safety and monitoring companies and ensure that those who depend on them are not adversely impacted during the evolving situation with the COVID-19 pandemic.

The letter, which has already garnered more than 450 signatures from industry CEOs, company owners and leaders, highlights the critical functions of alarm response centers for monitoring, saving first responder resources, alerting businesses to potential break-ins or troubles, monitoring and notifying customers of health emergencies, following industry standard best practices and more.

The letter’s two requests for state leaders are to:

  1. Ensure that government policy reflects that companies providing essential emergency services and field service and dispatch remain operational
  2. Provide an exemption for electronic security, monitoring and life safety services as essential services in any shelter-in-place, quarantine or similar order

[Note: TMA is continuing to collect signatures from executives at firms in the security industry. To add your firm to the letter, please provide your information online. If you have any other questions, email TMA Executive Director Celia T. Besore at cbesore@tma.us and affirm your consent to sign.]

DOWNLOAD

Urgent News From UL for Monitoring Centers

/in , , /by

UL Statement on Certifications to the US Alarm Monitoring Industry

As developments around the coronavirus COVID-19 continue to evolve, UL has been asked how health risk mitigation techniques might impact Alarm Service Certifications, especially those that involve quarantine, social distancing, work from home, and similar.

At UL, our driving mission is to help create safe living and working conditions for all of our constituencies. This value shapes our Standards and program policies. The emergence of the COVID-19 virus presents a new challenge, but by working together, we can find ways forward.

As in the past, after natural disasters such as hurricane Katrina, superstorm Sandy and others, actions taken to maintain monitoring operations may temporarily be out of sync with the current language of UL827, Central Station Services. In emergency situations like these, know that UL’s primary concern is for the health and safety of your staff and customers. If circumstances prevent you from complying with the written requirements of the Standard for staffing a station, we simply ask that for now, you document your station’s alternate procedure and when it went into/out of practice.

UL is working with industry to develop reasonable guidelines and alternative operating methods for scenarios such as the current COVID-19 outbreak. An initial draft is attached to this statement and will be updated as improvements are identified. These guidelines will eventually form the basis of revisions to UL827 to address pandemic-type scenarios better.

Please note that for US based stations monitoring National Industrial Security System accounts, any deviations from UL827 language need to be discussed with and approved by the relevant US federal security agency with jurisdiction.

UL’s current understanding is that due to the high risk nature of these systems, many Federal Security Agencies will not approve of monitoring outside a UL Certified Central Station operating room. If such monitoring is not available, it is likely defense contractors will have to react in the manner prescribed by the applicable security manual for instances where monitoring is not available or not employed.

At this time, we encourage monitoring stations to make contingency plans for operating in environments where operators are not able to physically come together to monitor signals in a central station operating room. There is a meaningful risk that the rapid spread of COVID-19 could trigger governmental movement and assemble recommendations/controls that would preclude normal station operation.

If you have questions or concerns, please contact Steve Schmit, steven.a.schmit@ul.com, 847-420-8032

In the current COVID-19 mitigation environment, central stations may be challenged to operate in strict compliance with UL Standards. UL expects that stations will make every reasonable effort to exercise options available in UL standards. However, in cases where delivering ongoing monitoring services requires alternate procedures, we request that stations document those procedures and be prepared to share them with UL if/when necessary as a basis for maintaining their UL Certification.

As a last resort, some stations may be considering use of home based operators to process signals. Based on input from industry, UL recommends considering the following guidelines.
Note – For US based stations monitoring National Industrial Security System accounts, any deviations from UL827 language need to be discussed with and approved by the relevant US federal security agency with jurisdiction.

UL’s current understanding is that many Federal Security Agencies will not approve of monitoring outside a UL Certified Central Station operating room. If such monitoring is not available, it is likely defense contractors will have to react in the manner prescribed by the applicable security manual for instances where monitoring is not available or not employed.

VIRTUAL WORKPLACE GUIDELINES

These guidelines are designed to provide procedural guidance to operators who perform job duties at alternative work sites, most specifically at home offices. The virtual work arrangement requires remote operators to be self-motivated and work well with minimal supervision. The following guidelines apply to the virtual environment:

  • Virtual workplace operators should be provided with a computer. Home/personal computers shall not be used.
  • Connections between virtual workplace computers and central station automation systems shall be made through a secure, encrypted virtual private network (VPN)
  • Internet speed may be affected by others in a home using the same internet. This may require an virtual workplace operators to suspend use of the internet by other individuals in the home.
  • Multifactor authentication should be required every 24 hours.
  • When not on shift, computer should be in shutdown and put in a secure place. This is to prevent any damage of theft of the computer.
  • When processing alarms the computer should be setup as not to allow others to view the monitoring screen or any other information.
  • When walking away from computer while on shift lock the screen so others cannot gain access to the monitoring window.
  • Virtual workplace operators are expected to have an appropriate workspace that is suitably designated for work and segregated in order to eliminate distraction and noise.
  • Due to the nature of virtual work arrangement, operators may not provide primary care for a child or dependent during the on duty hours except in the case of an emergency. The focus of an operator’s core working hours must remain on job performance and meeting business demands.
  • Virtual workplace operators are advised not to release their home address and telephone number to non-employees of the company.

Download PDFs:

  1. COVID-19 Statement & Guidelines for the Alarm Monitoring Industry in US
  2. COVID-19 Statement & Guidelines for the Alarm Monitoring Industry in Canada

Coronavirus Response Toolkit – U.S. Chamber of Commerce

/in , /by

The U.S. Chamber has compiled CDC’s coronavirus recommendations for businesses and workers across the country. American businesses are encouraged to follow data-based guidance from the CDC and state and local officials. Visit the link below to find a shareable graphics based on the CDC’s latest guidance for businesses and employees. Share these assets on social media, websites, and other channels, and send them to your colleagues and employees. 

ACCESS THE TOOLKIT

TMA Posts Pandemic Preparedness Resources for Members

/in , /by

The Center for Disease Control (CDC) is now urging businesses to begin planning for what may evolve into a pandemic, as the Coronavirus Disease 2019 (COVID-19) evolves in the United States.

To assist member companies and others in planning for the protection of their business, employees, and customers, TMA has compiled and posted several resources and posted them to our website.  

To stay up-to-date on COVID-19, please visit the CDC website often.

FCC Concludes Sharing of Consumers’ Real-Time Location Data Violates Federal Law

/in , , /by

After an extended investigation, the FCC Enforcement Bureau has concluded that at least one wireless carrier apparently violated U.S. law by improperly disclosing consumers’ location data.

FCC Chairman Ajit Pai announced the agency’s conclusion in a January 31 letter to Congress. While the letter did not identify any carriers by name, it confirmed that one or more Notice(s) of Apparent Liability for Forfeiture would be issued in the coming days in connection with the apparent violation(s). 

“I am committed to ensuring that all entities subject to our jurisdiction comply with the Communications Act and the FCC’s rules, including those that protect consumers’ sensitive information, such as real-time location data,” said Chairman Pai.

The security of consumers’ real-time location data is an issue that gained widespread attention in 2018 after press reports revealed that carriers including T-Mobile, Sprint and AT&T were selling phone geolocation services to outside companies.  While it is common knowledge that law enforcement agencies can track phones with a warrant to service providers or through the use of IMSI catchers (also known as “Stingrays”), what

journalists found was that data made available to asset tracking and other legitimate enterprise location service providers was being resold to a host of different private industries, ranging from car salesmen and property managers to bail bondsmen and bounty hunters, with little or no oversight.  Compounding this already highly unscrupulous business practice, this data was then being leaked and/or resold to black market data brokers. An investigation by Senator Ron Wyden (D-Ore.) into the commercial relationships between Verizon and a pair of obscure data vendors found that one of Verizon’s indirect corporate customers, a prison phone company called Securus, had used Verizon’s customer location data in a system that effectively let correctional officers spy on millions of Americans.

Shortly after the reports surfaced, Verizon, AT&T and Sprint announced that they would no longer share customers’ location data with third-party companies who failed to adequately protect the data. The FCC took up the matter in early 2019 after FCC Commissioner Jessica Rosenworcel sent letters to major phone companies to confirm whether they lived up to their commitments to end these location aggregation services.

Commissioner Rosenworcel criticized the agency for its delay in taking enforcement action in a written statement..

“For more than a year, the FCC was silent after news reports alerted us that for just a few hundred dollars, shady middlemen could sell your location within a few hundred meters based on your wireless phone data. It’s chilling to consider what a black market could do with this data. It puts the safety and privacy of every American with a wireless phone at risk.

Today this agency finally announced that this was a violation of the law. Millions and millions of Americans use a wireless device every day and didn’t sign up for or consent to this surveillance. It’s a shame that it took so long for the FCC to reach a conclusion that was so obvious.”

While the focus of this violation investigation is on provision of location information to third party aggregators, one can wonder whether the FCC’s crackdown will cause the cellular carriers to be more difficult to deal with on the new direct provision arrangement we understand alarm companies have worked out for location info.

Experienced Call Blocking? Tell us!

/in , /by

The FCC is seeking comment on any call blocking issues experienced by consumers, including central station alarm companies, in connection with the implementation and effectiveness of carrier opt-in and opt-out call blocking services.  Previously, we informed you that the FCC clarified in 2019 that carriers may block calls to consumers based on analytics, without the customer’s up-front consent, as long as customers can opt-out of such blocking.  We are aware that a number of carriers, including AT&T, Verizon and T-Mobile, are providing opt-out and/or opt-in call blocking to their customers and in some cases, calls from a central station have been blocked or mislabeled as fraud. 

We seek to provide information to the FCC concerning any issues alarm companies have experienced in connection with call blocking with the goal of ensuring that calls from central stations responding to an alarm are not blocked or mislabeled.  Accordingly, if calls made by your central station in response to an alarm to either the customer or the PSAP have been blocked or mislabeled, we ask that you send such information to us no later than February 12, 2020 to allow us to present this information to the FCC.

Contact:

Celia T. Besore
Executive Director, TMA
cbesore@tma.us

UL Releases Statement Addressing Industry Concerns

/in , , /by

In a statement from UL:

UL’s public mission is to promote safer working and living environments for all people. We make every effort to confirm that UL-certified products meet stringent safety requirements, including opening a Product Incident Report for any issue that comes to our attention.

Consistent with our usual policies regarding product safety matters, when UL received the alarm system claims, UL immediately opened a Product Incident Report and began an investigation.

During such investigations, certification documentation is reviewed, products are often re-tested, and if any issues are found, UL works with the product manufacturer to resolve the issues. In some instances, a public notice may be issued.

Based on the investigation completed thus far, no safety issues have been identified. The investigation is still ongoing.

UL sees no imminent hazard despite the assertions currently in the market. The current standards address reasonably foreseeable hazards, faults or misuse not intentional disablement of a life safety device. Those making claims have their own commercial interest in driving concern. The requirements being suggested around attack by fire and/or malicious intrusion are currently not mandated by the applicable standards or code. New suggested requirements could be brought to the attention of the Standard Technical Panel. Those making claims are part of the STP and have not brought suggested revisions to the STP’s attention to-date.

D.C. Circuit Court Upholds Most of 2017 Net Neutrality Order; Vacates State Preemption

/in , /by

On October 1, the United States Court of Appeals for the District of Columbia Circuit issued its per curiam decision on the appeal of the FCC’s 2017 net neutrality order, also known as the Restoring Internet Freedom Order. Although the court upheld the Order in large part, it vacated part and remanded part back to the FCC to address three issues in which it found the Order inadequate: “(1) The Order failed to examine the implications of its decisions for public safety; (2) the Order does not sufficiently explain what reclassification will mean for regulation of pole attachments; and (3) the agency did not adequately address Petitioners’ concerns about the effects of broadband reclassification on the Lifeline Program.” The court vacated that part of the Order pre-empting any state or local requirement that “would effectively impose rules or requirements that [the FCC] repealed or decided to refrain from imposing in this order or that would impose more stringent requirements for any aspect of broadband service that [the FCC] address[ed] in this order.”

The court upheld the FCC’s decisions to restore the classification of broadband Internet access service as a less regulated “information service;” reinstate the private mobile service classification of mobile broadband Internet access service; eliminate the Internet Conduct Standard and the Bright Line Rules; and adopt enhanced transparency requirements that mandated ISPs to disclose information about their practices to consumers, entrepreneurs, and the FCC.

Chairman Pai, alongside Commissioners O’Rielly and Carr, were pleased with the court’s decision to uphold the majority of the Order. Chairman Pai said, “Today’s decision is a victory for consumers, broadband deployment, and the free and open Internet. The court affirmed the FCC’s decision to repeal 1930s utility-style regulation of the Internet imposed by the prior Administration.” Commissioner O’Rielly said, “It is heartening to see a court get most of the decision correct. … At the same time, vacating the preemption provisions seems to misread precedent and ignores the technology’s structure, which cannot be segmented into intrastate portions. Inevitably, this will lead to Commission case-by-case preemption efforts and more litigation.” Commissioner Carr said, “Today’s decision is a big win for a free and open Internet and for U.S. leadership in 5G.”

Commissioners Rosenworcel said, “Today’s court decision vacates the FCC’s unlawful effort to block states and localities from protecting an open internet for their citizens. From small towns to big cities, from state houses to governors’ executive actions, states and localities have been stepping in because the FCC shirked its duties. In addition, the court took the agency to task for disregarding its duty to consider how its decision threatens public safety, Lifeline service, and broadband infrastructure.”

Commissioner Starks said, “Above all else, today’s decision breathes new life into the fight for an open internet. It confirms that states can continue to step into the void left by this FCC. To that end, it is a validation of those states that have already sought to protect consumers, and a challenge to those that haven’t yet acted to think hard about how to protect their citizens.”

Net Neutrality Fight Heads to States, Capitol Hill

/in , /by

The D.C. Circuit Court of Appeals dropped a long-awaited ruling Tuesday on the FCC’s rollback of the Obama-era net neutrality rules, largely upholding the Republican-led repeal. But the court knocked down the FCC’s attempt to broadly override state efforts to craft their own net neutrality rules. An FCC senior official told reporters the ruling leaves open the possibility of the FCC challenging state laws on a case-by-case basis. Goldstein & Russell partner Kevin Russell, who argued against the FCC’s repeal, said that would be a “difficult task.”

 No one thinks this fight is over, but the next battleground may be in California. Remember: The state passed its own net neutrality rules in 2018 but agreed to hold off on enforcing them while the FCC’s rules faced a legal challenge. California Attorney General Xavier Becerra hailed the D.C. court for rebuffing “the FCC’s effort to preempt state net neutrality laws through regulation,” but his office said it was still evaluating its next steps in light of the federal ruling (which could still be reconsidered by the full complement of D.C. Circuit judges and/or the Supreme Court), according to a dispatch from POLITICO California reporters Jeremy B. White and Katy Murphy. Full Color Future Chair Mignon Clyburn, who as a Democratic FCC commissioner voted to approve the repealed rules, told POLITICO that the ruling will “allow each state to determine its own net neutrality future.” She added, “Any state wishing to protect entrepreneurs should follow the lead of California, Colorado, and Vermont in enacting laws protecting entrepreneurs and people of color with strong net neutrality requirements.”

— Over on the Hill, the ruling renewed calls for federal net neutrality legislation. Rep. Greg Walden, ranking member of the House Energy and Commerce Committee, said Republicans in the chamber want to work on a “serious, bipartisan approach to creating a national standard.” Bipartisan legislation may prove as elusive as ever, though. Sen. Ed Markey (D-Mass.) marked Tuesday’s ruling by pushing his Save the Internet Act, urging Senate Majority Leader Mitch McConnell (R-Ky.) to bring it to a vote. That House-passed measure (H.R. 1644) would restore the Obama-era rules and has proven deeply unpopular with Republicans; McConnell previously declared it “dead on arrival” in the Senate.