Regulatory Updates
On September 20, 2018, President Donald J. Trump and his Administration released a National Cyber Strategy outlining the White House plan to strengthen the cybersecurity of the United States. The President provides a preface to the Strategy, explaining the commitment of the Administration to securing and preserving cyberspace. The Administration then goes on to organize the cyber strategy under four pillars: protect the homeland; promote American prosperity; preserve peace by strengthening the United States; and advance American influence. Within each pillar, the Administration identifies particular goals and priority actions to achieve those goals. This summary does not list each of the numerous action items, but rather provides an overview of the most prevalent themes of the Strategy.
Read more ...
On August 3, 2018, the United States Court of Appeals for the District of Columbia Circuit (D.C. Circuit or Court) found that the Federal Energy Regulatory Commission (FERC) acted arbitrarily and capriciously in approving a PJM Interconnection, L.L.C. (PJM) tariff amendment that proposed to exclude from regional cost sharing, high-voltage transmission projects undertaken to satisfy an individual utility’s planning criteria.[1] The Court found FERC failed to justify its departure from the cost-causation principle, a long-standing rule that requires FERC to make some reasonable effort to match costs to benefits in order to ensure just and reasonable rates.
Read more ...
The Department of Homeland Security (“DHS”) and the National Cybersecurity and Communications Integration Center (“NCCIC”) joined together to host an unclassified webinar to brief on Russian government cyber activity against critical infrastructure. The webinar series is offered in response to Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. The webinar presentation included an overview of recent attack and various common techniques used to infiltrate targets.
The presentation focused its discussion on the penetration of corporate networks and the targeting of control systems. NCCIC emphasized that often threat actors will first attack a “staged target” that has a preexisting relationship with the “intended target.” This strategy is undertaken in order to lay the groundwork for sending phishing emails from what seems like a trusted source, but which actually contains malware. If not careful, clicking on links or opening attachments from these sources can provide threat actors access to the credentials that could open the entire corporation, along with their customers, to a cyberattack.
Read more ...
On June 12, 2018, the Federal Energy Regulatory Commission (FERC) issued an order that implicates the scope of environmental review in pipeline permitting decisions under section 7 of the Natural Gas Act. See Tennessee Gas Pipeline Co., LLC, Docket No. CP15-77-001, order denying reh’g and dismissing clarification. The June 12 Order applied a new policy announced in a May 2018 pipeline certificate proceeding, which limits FERC’s review and disclosure of upstream and downstream greenhouse gas emissions as part of FERC’s National Environmental Policy Act responsibility and public interest determination under the Natural Gas Act. See Dominion Transmission – New Market Project, Docket No. CP14-497. Specifically, a majority of Commissioners found that the environmental effects of natural gas production are neither caused by a proposed pipeline nor reasonably foreseeable consequences of FERC’s approval of a proposed pipeline. In the absence of record evidence showing that the project’s specific adverse consequences are against the public interest, FERC limited its environmental review to exclude consideration of greenhouse gas emissions. FERC distinguishes Sierra Club v FERC, where the D.C. Circuit ordered FERC to determine downstream usage, asserting that downstream use of the gas was foreseeable in that particular case due to the pipeline project delivering natural gas to identifiable gas-fired electric generating plants.
Read more ...
On June 22, 2018, the California Public Utilities Commission (“CPUC”) and California Energy Commission (“CEC”) convened an En Banc hearing on the recently released, Draft Green Book which details the evolving framework of California Customer Choice. The agencies held the En Banc in light of the explosive growth of Community Choice Aggregators (“CCAs”) in California and growing options for retail Direct Access, and to discuss possible changes to be considered with respect to California’s regulatory framework. The panel discussions included representatives from CCAs, Investor Owned Utilities (“IOUs”), elected officials, Electricity Service Providers (“ESPs”), trade organizations and academia. Significant parts of the discussion involved the question of, in loosening state regulatory control, how California could avoid unintended outcomes and breakdowns in services as had occurred in the 2000-2001 Energy Crisis.
Read more ...
On May 16, 2018, Moody’s Investors Service, a financial and economic rating agency, issued its first ever credit rating to a Community Choice Aggregator (CCA). Marin Clean Energy, founded in 2008 pursuant to a Joint Exercise of Powers Act, is the first California CCA, and the first ever to receive a credit rating, Baa2, subject to moderate risk. CCAs are administered by local government authorities with a mission to provide competitive retail electric alternatives to Investor Owned Utility providers. CCAs have built new, local renewable generable facilities led by early efforts from Marin Clean Energy. CCAs also allow for communities to join together to purchase electricity on behalf of their community members, typically to provide access to carbon-free resources.
Moody’s credit rating highlights Marin Clean Energy’s 2017 upward growth in retail sales which accounts for 62% of renewable energy and its customer base currently stands at more than 400,000 customers.
Read more ...
On April 16, 2018, the Department of Commerce’s National Institute of Standards and Technology (NIST) issued an updated version of its Framework for Improving Critical Infrastructure Cybersecurity, commonly referred to as the Cybersecurity Framework. The new version, Cybersecurity Framework, Version 1.1, was published following a public comment period, stakeholder workshops, and two draft versions released in 2017. The Cybersecurity Framework was first introduced in February 2014, when Version 1.0 was first published. The current update, available here, includes updates on risk self-assessment, identity and authentication, vulnerability assessments, and standardized terminology to better manage supply chain cyber risks.
The Cybersecurity Framework is intended to be an ongoing public-private effort to address cybersecurity risks in a wide range of technology environments and businesses that utilize critical infrastructure. The Cybersecurity Framework was first envisaged by Presidential Executive Order No. 13636 in 2013, available here, which directed NIST to produce a set of voluntary standards for physical and cyber critical infrastructure assets that would establish standards that are cost-effective, risk-based, and replicable.
Read more ...
The Senate Energy and Natural Resources Committee will hold a hearing on May 25, 2017 to decide on whether to recommend the confirmation of two presidential appointees to serve on the Federal Energy Regulatory Commission (FERC or Commission). On May 10, 2017, the President nominated Neil Chatterjee and Robert Powelson to serve as FERC commissioners.
Read more ...
