As the United States scrambles to kick China out of its communications networks, Jessica Rosenworcel, the outgoing Democratic chairwoman of the Federal Communications Commission, says it is essential for her Republican successor to maintain strong oversight of the telecommunications industry.

The government is still reeling from the Chinese “Salt Typhoon” hacking campaign that penetrated at least nine US telecommunications companies and gave Beijing access to Americans’ phone calls and text messages and the wiretapping systems used by law enforcement. The operation exploited US carriers’ shockingly weak cybersecurity, including an AT&T administrator account that lacked basic security protections.

To prevent a repeat of the unprecedented telecom intrusion, Rosenworcel used the waning days of her FCC leadership to propose new cybersecurity requirements for telecom operators. The commission narrowly voted to approve her proposal on Thursday. But those rules face a bleak future, with President-elect Donald Trump preparing to take office and hand control of the FCC to Commissioner Brendan Carr, a Trump ally who opposes Rosenworcel’s regulatory plan voted.

In an interview days before Trump’s inauguration, Rosenworcel was adamant that regulation is part of the answer to America’s telecom security crisis. And she has a stern message for Republicans who think the solution is to police the telecoms themselves.

“We are grappling with what has been described as the worst telecommunications hack in our country’s history,” she says. “Either you take serious action or you don’t.”

“The right thing to do”

Rosenworcel’s plan consists of two steps. First, the FCC formally stated that the 1994 Communications Assistance for Law Enforcement Act (CALEA), which required telecommunications companies to design their phone and Internet systems to comply with eavesdropping, also required them to implement basic cyber defenses to prevent tampering. Next, the FCC proposed requiring a wider range of companies regulated by the commission to develop detailed cyber risk management plans and to testify annually about their implementation.

The outgoing chairman describes the rules as a common sense response to a devastating attack.

“In the United States in 2025, it will shock most consumers to know that our networks lack minimum cybersecurity standards,” says Rosenworcel. “We are asking the carriers to develop a plan and certify that they are following that plan. It’s the right thing to do.”

Lacking these standards, she adds, “our networks are not going to have the protection they need against nation-state threats like this in the future.”

But Republicans are unlikely to embrace the new regulations on telecom networks. The powerful telecom industry tends to strongly oppose any new regulations, and Republicans almost always side with the industry in these debates.

Senator Ted Cruz, a Texas Republican who is now chairman of the Commerce Committee, called Rosenworcel’s plan “a band-aid at best and a cover-up of a serious blind spot at worst” during a hearing in December.

Carr — who last month called Salt Typhoon “deeply troubling” — voted against Rosenworcel’s proposal, along with fellow Republican Commissioner Nathan Simington. Carr’s office did not respond to a request for comment on the new regulations. But he has repeatedly criticized Rosenworcel’s approach to enforcing rules on the telecom industry, accusing her of overreaching and warning that the FCC must rein itself in or face backlash from courts.