- I opened up a cheap 600W charger to test its build, and found 'goo' inside
- How to negotiate like a pro: 4 secrets to success
- One of the cheapest Android tablets I've ever tested replaced my iPad with no sweat
- I use this cheap Android tablet more than my iPad Pro - and don't regret it
- The LG soundbar made my home audio sound like a theater - even though it's not the newest model
FCC Proposes Stricter Data Breach Reporting Requirements
The United States’ Federal Communications Commission (FCC) has proposed the introduction of stricter reporting requirements around data breaches.
On Wednesday, FCC chairperson Jessica Rosenworcel circulated a Notice of Proposed Rulemaking (NPRM) that kicked off the process of strengthening the Commission’s rules on notifying customers and federal law enforcement when customer proprietary network information (CPNI) is breached.
The Commission said the proposed updates would more closely align FCC data breach notification rules with federal and state data breach laws governing other sectors.
Rosenworcel said: “Current law already requires telecommunications carriers to protect the privacy and security of sensitive customer information. But these rules need updating to fully reflect the evolving nature of data breaches and the real-time threat they pose to affected consumers.”
Several updates to existing FCC rules around telecommunications carriers’ breach notification requirements are included in the proposal. Among these is the suggestion to eradicate the current seven business day mandatory waiting period for notifying customers of a breach.
The NPRM also proposes making it a requirement to notify customers of inadvertent breaches, and requiring carriers to notify the FCC, the FBI, and United States Secret Service of all reportable breaches.
“Customers deserve to be protected against the increase in frequency, sophistication, and scale of these data leaks, and the consequences that can last years after an exposure of personal information,” said Rosenworcel.
She added: “I look forward to having my colleagues join me in taking a fresh look at our data breach reporting rules to better protect consumers, increase security, and reduce the impact of future breaches.”
The FCC said that the new rules outlined in the NPRM would help to ensure that “the Commission and other federal law enforcement agencies receive the information they need in a timely manner so they can mitigate and prevent harm due to the breach and take action to reduce the likelihood of future incidents.”
Comments are now being sought by the FCC as to whether the Commission should require customer breach notices to include specific categories of information.
The suggestion to expand data breach reporting requirements follows the FCC’s September proposal to introduce new rules targeting SIM-swapping cybercrime and port-out fraud.
