DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

FCC Chairwoman Rosenworcel Circulates New Data Breach Reporting Requirements

Posted on January 12, 2022 by Dissent

 CHAIRWOMAN ROSENWORCEL CIRCULATES NEW DATA BREACH REPORTING REQUIREMENTS

Proposal is a Response to Recent Security Breaches in the Telecommunications Industry

  —

WASHINGTON, January 12, 2022—Today Federal Communications Commission Chairwoman Jessica Rosenworcel shared with her colleagues a Notice of Proposed Rulemaking (NPRM) that would begin the process of strengthening the Commission’s rules for notifying customers and federal law enforcement of breaches of customer proprietary network information (CPNI).  The updates would better align the Commission’s rules with recent developments in federal and state data breach laws covering other sectors.

 

“Current law already requires telecommunications carriers to protect the privacy and security of sensitive customer information.  But these rules need updating to fully reflect the evolving nature of data breaches and the real-time threat they pose to affected consumers,” said Chairwoman Rosenworcel.  “Customers deserve to be protected against the increase in frequency, sophistication, and scale of these data leaks, and the consequences that can last years after an exposure of personal information.  I look forward to having my colleagues join me in taking a fresh look at our data breach reporting rules to better protect consumers, increase security, and reduce the impact of future breaches.”

The proposal outlines several updates to current FCC rules addressing telecommunications carriers’ breach notification requirements.  These include:

  • Eliminating the current seven business day mandatory waiting period for notifying customers of a breach;
  • Expanding customer protections by requiring notification of inadvertent breaches; and
  • Requiring carriers to notify the Commission of all reportable breaches in addition to the FBI and U.S. Secret Service.

The increasing frequency and severity of security breaches involving customer information can have lasting detrimental impacts on the economy and on consumers whose information has been improperly exposed.  To reduce the risk of this harm, in September, the FCC proposed rules targeting SIM swapping scams and port-out fraud.

The Notice of Proposed Rulemaking circulated today further advances the FCC’s efforts to ensure its rules keep pace with evolving cybersecurity threats and to protect consumers in the face of today’s challenges.  The proposal also aims to ensure that the Commission and other federal law enforcement agencies receive the information they need in a timely manner so they can mitigate and prevent harm due to the breach and take action to reduce the likelihood of future incidents.  Lastly, the Notice also seeks comment on whether the Commission should require customer breach notices to include specific categories of information to help ensure they contain actionable information useful to the consumer and proposes to make consistent revisions to the Commission’s telecommunications relay services (TRS) data breach reporting rule.

###

This is an unofficial announcement of Commission action.  Release of the full text of a Commission order constitutes official action.  See MCI v. FCC, 515 F.2d 385 (D.C. Cir. 1974).

Category: FederalLegislationOf Note

Post navigation

← Who is the Network Access Broker ‘Wazawaka?’
Ca: Visalia Unified School District notifying employees and students about 2021 data breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them
  • Iranian Man Pleaded Guilty to Role in Robbinhood Ransomware
  • Developments surrounding data breach at Dutch police
  • Estonia launches international search for Moroccan citizen wanted over data theft
  • Now it’s Tiffany: Another LVMH luxury brand hit by hackers
  • Dutch Government: More forms of espionage to be a criminal offence from 15 May onwards
  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.