Lawsuit: The Federal Government Must Secure The Grid
Why I have filed a lawsuit against the Federal Government.
Short answer: I filed a lawsuit because the Federal Government and the electric utility industry have failed and refused to secure the U.S. electric grid from known threats and are actively covering up their failure. This cover-up endangers every citizen and business in the U.S. In fact, it endangers the very survival of our nation. That’s the short answer.
The latest “SolarWinds” Russian hack of our government and critical infrastructure is exactly why we need transparency in the regulatory system that supposedly protects the electric grid. The system is not working and has not worked for years. Congress, the public and state regulators need to examine why – and fix it. After the SolarWinds hack was discovered, the Department of Homeland Security issued an Emergency Directive – but this directive only applies to federal government agencies. Believe it or not, the federal government has little or no authority to order the electric grid to protect itself. This regulatory failure is exactly why we are so vulnerable today.
DHS-CISA sums up the SolarWinds hack as follows:
CISA is aware of compromises, which began at least as early as March 2020, at U.S. government agencies, critical infrastructure entities, and private sector organizations by an APT actor. This threat actor has demonstrated sophistication and complex tradecraft in these intrusions. CISA expects that removing the threat actor from compromised environments will be highly complex and challenging. This adversary has demonstrated an ability to exploit software supply chains and shown significant knowledge of Windows networks. It is likely that the adversary has additional initial access vectors and tactics, techniques, and procedures (TTPs) that have not yet been discovered. CISA will continue to update this Alert and the corresponding indicators of compromise (IOCs) as new information becomes available.
Why was this allowed to happen? It actually shouldn’t be a surprise. Some in Congress have know for years that “the Russians are already in the grid.” Yet the electric utility industry and the government have failed and refused to protected the grid. Here is Senator Angus King (I-Maine) in February of 2019 grilling the regulators on the known cyber threat.
And yet, here we are in December of 2020 finding that the Russians are still residing comfortably in the grid.
Obviously, something is not working.
Believe it or not, the “bulk power system” (i.e., the “Electric Grid”) is largely self regulated. Prior to the Great Northeast Blackout of 2003 the reliability and security of the electric grid was not regulated at all. The energy sector is a designated critical infrastructure of the U.S. What is a critical infrastructure? Presidential Policy Directive-21 defines the term “critical infrastructure” as:
“Systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”
The electric grid is the most critical of the critical infrastructures. Why? Because every other critical infrastructure depends on the electric grid. If somebody shuts it off. People will die. If the electric grid is shut off for a long period of time, millions would die.
The electric grid fights efforts to protect (ahem) the electric grid?
As hard as it is to believe, protecting the electric grid against cyber attack, physical attack, EMP and GMD is not a unanimous action item. “The grid” itself, through its well-funded army of attorneys and lobbyists, is still trying to convince us that delay and a laissez-faire policy are the best course of action. In other words, according to “the grid,” the best course of action is inaction.
Many people – myself included – think this makes no sense. One would think that the opposite would be true. I’m going to try to explain why this is the case. When it comes to protecting the grid from known threats, there are 4 main stumbling blocks and one elephant in the room. I have written about all of these extensively:
- Stumbling Block #1: The FERC Commissioners
- Stumbling Block #2: North American Electric Reliability Corporation (NERC)
- Stumbling Block #3: Electric Power Research Institute (EPRI)
- Stumbling Block #4: Edison Electric Institute (EEI)
- Elephant in the room: Millions of Dollars in political contributions by the electric industry.
Let’s break it down.
Stumbling Block #1: The FERC Commissioners
FERC is a Failed Regulatory Agency
The Federal Energy Regulatory Commission (FERC) has failed to protect the American people, specifically from threats to the electric grid. We need a new breed of Commissioner. (Thomas Popik, Chairman of the New Hampshire based Foundation for Resilient Societies, is just who we need. Read why HERE.)
For the past 15 years, Federal Energy Regulatory Commissioners have been cut from the same piece of cloth. All but two were lawyers – and most go on to high power positions in huge law firms – representing the utility industry. Some actually go to the utility industry itself. In other words, for most past commissioners (and present ones, I’m sure) FERC is a stepping stone to a lucrative future position in the industry, or representing the industry.
Is is any wonder that FERC Commissioners don’t want to upset the industry by requiring them to protect the electric grid from hazards such as cyber attacks, electromagnetic pulse (EMP), geomagnetic disturbance (GMD), physical attacks and untrimmed foliage? The industry is fighting such efforts through it’s champion, the North American Electric Reliability Corporation (NERC) – if you are a FERC Commissioner, why would you annoy the industry that is going to give you a lucrative position when you leave FERC?
FERC Has Failed on Grid Security
The United States electric grid remains vulnerable to a variety of threats despite (and, in fact, partly because of) the advent of the current regulatory scheme. The industry lobbied to have a self regulatory body (NERC), they got it and have proceeded to avoid protecting the electric grid in any meaningful way. Moreover, the industry has engaged in a massive cover up of the identities of companies who violate Critical Infrastructure Protection (CIP) standards. FERC has just stood by and let this happen.
We have report after report from the Congressional EMP Commission, and other government agencieswarning that the electric grid is vulnerable to EMP, GMD, cyber threats, and physical attacks. In fact, We have two decades of hearings, reports and expert testimony and studies proving beyond any doubt that the grid is vulnerable.
Yet, the FERC Commissioners have literally done nothing.
I’m frequently asked why this is. Why does the industry refuse to harden itself from known threats? Why doesn’t FERC do anything to protect the grid? From my view:
The industry: The industry has crafted its own favorable (to the industry) regulatory scheme whereby it can do whatever protections are convenient and inexpensive to do – but it can avoid any actions that the industry deems too “burdensome.” Simply put, the security of the electric grid is optional – we depend on about 1500 electric utility industry entities to do the right thing – but there is no requirement that they do the right thing.
The FERC Commissioners: They have a cushy job waiting for them in the industry – or representing the industry if they just maintain the status quo and not step on any industry toes.
I have previously discussed in detail why the past 15 years of Federal Energy Regulatory Commission (FERC) Commissioners are part of the problem. (Read it HERE.) I have also discussed in detail the regulatory failings and coverups that have punctuated NERC’s reign as the alleged “Electric Reliability Organization” (ERO). (Read it HERE, HERE, and HERE… and there are oh so many more on the subject.) So let me expend a little ink now on stumbling blocks #2 (NERC) #3 (EPRI) and #4 (EEI).
Stumbling Block #2: North American Electric Reliability Corporation (NERC)
The North American Electric Reliability Corporation (NERC) is a not-for-profit corporation. It acts as the self-regulatory organization “whose mission is to assure the reliability of the bulk power system (BPS) in North America.”
Sounds great on paper.
In actuality, the electric utility industry wields an overwhelming influence on NERC. NERC’s annual funding is provided through assessments to the entities that it regulates. Moreover, although technically anybody can become a “member” of NERC, the membership structure stacks the deck in favor of the electric industry as far as the election of NERC’s “independent trustees” (the board that governs NERC). NERC accomplishes this shell-game by assigning all members to one of 12 groups. According to NERC rules:
“Each member will join only 1 of 12 industry sectors and be eligible for selection as a sector representative on the NERC Member Representatives Committee (MRC). The MRC elects NERC’s independent trustees, votes on amendments to the bylaws, and provides advice and recommendations to the Board with respect to the development of annual budgets, business plans and funding mechanisms, and other matters pertinent to the purpose and operations of NERC.”
So what are the “12 industry sectors?”
1. Investor-owned utility
2. State/municipal utility
3. Cooperative utility
4. Federal or provincial utility/Federal Power Marketing Administration
5. Transmission-dependent utility
6. Merchant electricity generator
7. Electricity marketer
8. Large end-use electricity customer
9. Small end-use electricity customer
10. Independent system operator/regional transmission organization
11. Regional entity
12. Government representatives
In other words, two sectors are customers and one is the government. The other nine are the electric industry. The electric industry gets 9 votes—the customers and the government get 3. If that is not a stacked deck, I don’t know what is. So NERC is literally funded, run and its leadership elected by the electric utility industry that it allegedly regulates. If the grid does not want to be regulated, it has means to resist being regulated.
Stumbling Block #3: The Electric Power Research Institute (EPRI)
The Electric Power Research Institute (EPRI) tries to pass itself off as a legitimate research institution when, in fact, it is a thinly veiled electric industry lobbying group. Here is EPRI’s description from their website:
The Electric Power Research Institute (EPRI) conducts research, development, and demonstration projects for the benefit of the public in the United States and internationally. As an independent, nonprofit organization for public interest energy and environmental research, we focus on electricity generation, delivery, and use in collaboration with the electricity sector, its stakeholders and others to enhance the quality of life by making electric power safe, reliable, affordable, and environmentally responsible.
From EPRI’s website “Our Business”: https://www.epri.com/#/about/epri?lang=en-US
Hmmm. This sounds legit! That is, until you dig deeper. Who are the members of EPRI and is it really “independent”?
EPRI has collaborated with the electricity sector and its stakeholders since 1972 and our membership has grown to represent approximately 90% of the electric utility revenue generated in the United States and extends to participation in more than 35 countries. The worldwide membership that supports our work comprises more than 1,000 organizations. While most members are electric utilities, others are businesses, government agencies, regulators and public or private entities engaged in some aspect of the generation, delivery, or use of electricity.
From EPRI’s website “Our Members”: https://www.epri.com/#/about/epri?lang=en-US
The by-laws of EPRI provide that members pay for their membership – nothing wrong with that, but remember that, according to EPRI, “most members are electric utilities.” So a good hunk of EPRI’s funding comes from – you guessed it – the electric utility industry.
This is a big problem. The electric industry holds EPRI up as legitimate and serves the government (e.g., FERC and the Department of Energy) this Kool-Aid – which the government drinks on behalf of the American public. EPRI’s “research” (funded by the industry) is then used to make policy decisions that impact the regulated industry (i.e., EPRI’s dues paying members). A great case study is EPRI’s fraudulent “study” on Electromagnetic Pulse. The industry had been fighting efforts to harden the grid against EMP and GMD. Not surprisingly, EPRI’s “research” severely downplayed the threat.
In fact, EPRI has been “low-balling” the EMP and GMD problem. According to Dr. George Baker:
There is no need to recalculate a standard EMP waveform. Note that current EPRI grid vulnerability assessment models are using low-bound recalculated E3 waveforms. Existing IEC and EMPC EMP waveforms are more than adequate. Use of the unclassified MIL-STD-188-125 test regimen will assure power grid survivability to both EMP and 100-year solar storms.
Moreover, Dr. William Graham, Chairman of the Congressional EMP Commission, noted:
In 2016, the Electric Power Research Institute (EPRI), which is funded by the electric power industry, published an erroneous report that significantly underestimates the nuclear E3 EMP threat to electric grids. EPRI and others have used the report to lobby against Federal and State initiatives to protect the electric grid against nuclear EMP attack.
Dr. William R. Graham. “Chairman’s Report.” (July 2017)
Stumbling Block #4: The Edison Electric Institute (EEI)
The Edison Electric Institute (EEI) also sounds like a legitimate institution. but caveat emptor. In their own words:
The Edison Electric Institute (EEI) is the association that represents all U.S. investor-owned electric companies. Our members provide electricity for about 220 million Americans, and operate in all 50 states and the District of Columbia. As a whole, the electric power industry supports more than 7 million jobs in communities across the United States. In addition to our U.S. members, EEI has more than 65 international electric companies with operations in more than 90 countries, as International Members, and hundreds of industry suppliers and related organizations as Associate Members.
Organized in 1933, EEI provides public policy leadership, strategic business intelligence, and essential conferences and forums.From EEI’s website “About EEI”: http://www.eei.org/about/Pages/default.aspx
In other words, EEI is an electric industry lobbying group!
For years EPRI and EEI have been proponents of “further study” when it comes to EMP and GMD. This is what Senator Ron Johnson refers to as “admiring this problem.” It has become more and more clear over the years that EPRI and EEI have been stumbling blocks to action on EMP and GMD.
For example, EEI Executive Director Scott Aaronson still advocates that we “admire the problem” of EMP threats to the grid (i.e., take no action now):
Because the effects of an EMP attack on the energy grid are not understood sufficiently or remain classified, crafting appropriate mitigations and making business-risk decisions to address EMP threats require more research to better understand how EMPs could impact the grid; inform the development of EMP-resistant grid components; and develop best practices to help limit the impact of these threats.
Testimony of Scott Aaronson, EEII: https://www.hsgac.senate.gov/imo/media/doc/Testimony-Aaronson-2019-02-27.pdf
Not understood? We have two decades of public studies, hearings and federal reports (click HERE for a list) bringing our “understanding” of these threats to a ridiculously high level. And the military has known about and studied EMP since 1962. It is simply negligence for anyone to advocate anything less than immediate action to protect our critical infrastructures from the very well-understood and existential threats of EMP and GMD. Is there anybody out there who will say that EMP and GMD are not a threat to the electric grid?
<crickets>
…well, actually, yes…there is: EEI.
In a paper dated February 2015, EEI made a number of representations about the phenomenon of electromagnetic pulse (EMP) and its implications for the grid that were dangerously misleading. In the interest of correcting what EEI characterizes as “myths and facts,” the Secure the Grid (STG) Coalition – a group of scientists, engineers, national security practitioners, legislators and other leaders in this field – offered a detailed and fact-checked rebuttal: Read it HERE.
Interestingly, since the Secure the Grid Coalition published it’s “fact check” rebuttal to EEI’s misinformation, they have since scrubbed their document from their website. Fear not, I have included the original document here: Misleading EEI Document.
Oh, by the way. Did you know that EEI, who lobbies against grid security, has members that are owned and controlled by the People’s Republic of China? What could possibly go wrong?
In sum, EPRI and EEI have been a big part of the problem. They have rationalized the electric industry’s desire to take a minimalist approach to grid protection through questionable “science” and, lobbying influence and delay tactics.
The Elephant in the Room – who pays for the lobby against grid security?
(Spoiler Alert: You are not going to like the answer to this question.)
The electric utility industry is fighting efforts to secure the grid from threats such as cyber attack, physical attack, electromagnetic pulse (EMP) attack and geomagnetic disturbance (GMD) – or “space weather.” But where does the money for the industry’s fight come from?
In its April 7, 2014 letter to the Senate Energy and Natural Resources Committee, the well-respected New Hampshire think-tank Foundation for Resilient Societies noted:
NERC operations are funded by fees imposed on electric utilities, which are in turn funded by ratepayers. Via Section 215 of the Federal Power Act the Congress has created the ironic situation of American ratepayers being forced to pay for lobbying against laws which could improve electric grid reliability and better protect the public.
Irony indeed.
If you are an electric customer and pay an electric bill, you are paying for NERC and thinly veiled industry lobbying groups like the Electric Power Research Institute (EPRI) and the Edison Electric Institute (EEI). Both of these groups are funded by the electric utility industry (which is funded by you) and both EPRI and EEI have been stumbling blocks in protecting the electric grid.
Put simply and bluntly, when you pay your electric bill, you are paying for an army of lawyers and lobbyists who are fighting against stricter grid security regulations and lobbying against protecting your family from a catastrophic national-scale power outage.
In fact, according to The Center for Responsive Politics, the electric utilities in 2020 (as of today):
- Spent $81,656,694 on lobbying
- Made total political contributions of $26,080,736 (including soft money and PACs)
- Made $10,840,428 in political contributions to members of the House
- Made $4,020,081 in political contributions to members of the Senate
- Total lobbying and contributions? over $107 Million
Where did all this money come from? Your electric bill. Congratulations. You are paying to lobby against your family’s safety. You are paying to support the electric utility industry’s lobbying efforts which continue to endanger the security of the United States.
Kinda makes you want to put in some solar panels, doesn’t it?
So, why I have filed a lawsuit against the federal government?
I gave you the short answer on why I filed the lawsuit at the beginning and the long answer throughout this article. I filed the lawsuit against the government to expose the failure of the regulatory system that is supposed to protect the grid. I filed the lawsuit to end the cover-up of the names of regulatory violators and the information Congress and the public need to expose the electric industry’s self-regulatory sham which endangers the American people and our country.
Somebody needed to put a put a stone in the sling. I filed this lawsuit to secure the grid.
For detailed information on the lawsuit and the underlying Freedom of Information Act requests, CLICK HERE.
[wpedon id=”5868″]