Cable security goes regulatory: Washington and Brussels pick different levers in the same week
In four days, the FCC extended US cable licensing to onshore SLTE and the European Commission funded two Regional Hubs and a €40M repair call. One threat, two logics.
CEO, Sofia Connect EAD · Honorary Consul of Georgia in Bulgaria
The submarine cable industry has operated for most of the last decade under licensing regimes designed for the 1990s, when transatlantic capacity was scarce and hyperscaler ownership was negligible. That era ended in a single week. On 23 June 2026, the European Commission released €5.8M to stand up the first two Regional Cable Hubs and opened a €40M call for shared repair capacity. Two days later, the US Federal Communications Commission voted unanimously to extend the 1921 Cable Landing License Act onto onshore Submarine Line Terminal Equipment (SLTE) and to impose a country-of-origin ban on hardware and firmware from designated foreign adversaries. Both actions respond to the same threat surface — Baltic cable cuts, Red Sea damage, and SLTE supply-chain exposure. The policy logics, however, point in opposite directions.
What changed in Washington
The FCC's Second Report and Order, adopted 3-0 under Chairman Brendan Carr, is the first material rewrite of US submarine-cable licensing in a generation. Three changes matter most.
First, the rules extend Cable Landing License Act jurisdiction onshore for the first time. Until last week, the Act covered the cable system itself; the SLTE racks in the landing station — the equipment that actually terminates the optical signal and groomes it into the IP backbone — sat in a regulatory grey zone. The Second R&O closes that gap. Operators must now disclose SLTE vendors, maintain supply-chain risk maps, and file annual SLTE Foreign Adversary Reports.
Second, the FCC created a tiered licensing regime keyed to national-security posture. Operators that meet ten stringent standards — covering cybersecurity, physical security, personnel vetting, foreign control, and ongoing reporting — qualify for a Blanket License with a presumptive exemption from Team Telecom (the DOJ-DOD-DHS review group whose case load has historically pushed routine landing applications past 12 months). Operators that fail those standards, or that rely on equipment from entities on the FCC Covered List (Huawei, ZTE, HMN Tech), land on an Exclusion List with a presumptive denial.
Third — and this is the structural shift — the rules impose a country-of-origin ban on hardware and firmware from designated foreign adversaries. That is broader than the existing Covered List, which is entity-based. A country-of-origin trigger captures future suppliers regardless of corporate restructuring, joint ventures, or rebranding.
Chairman Carr framed the trade explicitly: "We presumptively exempt cable applications from extensive and time-consuming reviews, but only if such applicants can certify to stringent security standards and agree to ongoing oversight and monitoring." The Information Technology and Innovation Foundation, which tracks subsea licensing closely, called it "critical to enhancing the security of global communications networks." The immediate beneficiaries are predictable: Meta, Google, Amazon and Microsoft own or co-own the majority of new transpacific and transatlantic capacity, and all four already operate to security baselines that exceed what most independent carriers maintain. Rules become effective 30 days after Federal Register publication.
What changed in Brussels
The European Commission's response to the same threat surface arrived two days earlier and reads as a different document entirely. The Commission's Cable Security Action Plan under the Connecting Europe Facility (CEF-Digital) released €5.8M to fund the first two Regional Cable Hubs: €2.5M for the Baltic Sea Hub and €3.3M for the Mediterranean Hub. These are not landing stations. They are coordination centres — pooling situational awareness, surveillance data, and repair-vessel access across member states whose cable infrastructure shares geography but not ownership.
In parallel, the Commission opened CEF-DIG-2026-CABLE-REPAIR-CAPACITIES, a €40M call for modular repair capabilities that can be deployed on request of the Regional Hubs. The deadline is 8 October 2026, 17:00 CEST. This builds on a €20M Baltic pilot from spring 2026 and fits inside a wider €200M CEF-Digital 2026 envelope for high-capacity networks, which also funds the €137M Atlantic CAM project (3,700 km, six fibre pairs from mainland Portugal to the Azores and Madeira, with €55M EU contribution).
The contrast with Washington is exact. Where the FCC adds compliance perimeter around each operator, the EC pools physical-layer capacity that no single member state could economically maintain alone. There is no equivalent to the Covered List, no country-of-origin ban on SLTE, and no fast-track licensing — because submarine-cable landing licences are still a member-state competence in the EU.
Two policy logics, one threat surface
The same week also produced the operational case for both pivots. On 14 June 2026, the Syria Aletar cable went down for roughly 50 hours — not from a marine cut, but from a deliberate terrestrial fibre cut in the backhaul between the landing station and the wider network. Kentik's measurement data showed the outage propagating across multiple downstream networks. The episode is a useful reminder that SLTE and the short terrestrial spans behind it are now part of the threat model, not adjacent to it. The FCC's onshore extension is a direct response to that class of attack vector. So is the EC's funding for shared repair capacity that can be moved to a Mediterranean or Baltic incident within hours rather than weeks.
The two regimes will increasingly interact. A cable landing in Lisbon and transiting to a US peering point will fall under EU repair-capacity coordination on the wet plant side and FCC SLTE certification on the US landing. An operator that fails either side gets a slow application on one end and no Regional Hub support on the other.
What it means for the region
For carriers operating in the Balkans, Caucasus, and Black Sea basin, three implications are immediate.
The first is landing-side: any new submarine project landing on EU territory — including future Black Sea systems — should plan against the Regional Hub model. The Baltic and Mediterranean Hubs are first; a Black Sea Hub is the logical next step in a region where landings cluster around Varna, Constanța, Odesa and the Georgian coast, and where existing repair-vessel coverage is thin. The 8 October 2026 deadline for the €40M repair call is the practical opportunity for consortia that include Bulgarian, Romanian, or Georgian carriers.
The second is transit-side: any operator carrying east-west traffic that touches a US landing now operates under two cumulative compliance perimeters. SLTE vendor disclosures, supply-chain risk maps, and annual foreign-adversary reports become standing obligations rather than one-time filings. For regional carriers that buy capacity wholesale on US-landing systems, the practical effect is that upstream operators will increasingly require contractual representations about downstream equipment lineage — a clause type that did not exist in IRU contracts five years ago.
The third is investment-side: the EU pivot is the more interesting structural opportunity. Repair-capacity modules, surveillance assets, and Regional Hub support functions are CEF-eligible and need consortium partners. For a Bulgarian carrier with existing terrestrial backhaul into Black Sea landing points, contributing to a future Black Sea Hub bid is a far more accessible policy lever than chasing a Blanket License under a US framework that was written, in practice, for hyperscalers.
The Atlantic split this week was not between regulation and deregulation. Both sides regulated. The split was between certifying operators and funding shared infrastructure — and that is the choice the next generation of Black Sea and Caucasus projects will have to navigate.
Sources
- Submarine Networks — FCC SLTE fast-track process detail
- ITIF — analysis of new submarine cable licensing rules (25 June 2026)
- Broadband Communities — FCC approves rules to speed submarine cable deployments
- Telecompaper — FCC fast-track process for vetted subsea cable operators
- European Commission — CEF-Digital activities
- HaDEA — Connecting Europe Facility programme page
- Telecompaper — EU funds Baltic and Mediterranean hubs and €40M repair call
- European Sting — Commission funds first Regional Cable Hubs
- Kentik — Syrian subsea cable downed in latest act of telecom sabotage (14 June 2026)
Weekly analysis on regional telecom infrastructure
DWDM, submarine cables, IP transit, peering, regulation, M&A — one email per week, written for engineers and decision-makers. No marketing.
By subscribing you agree to receive emails from Sofia Connect EAD. You can unsubscribe at any time. Privacy.