This document has a comment period that ends in 29 days. (02/22/2023)
AGENCY:
Federal Communications Commission.
ACTION:
Proposed rule.
SUMMARY:
In this document, the Federal Communications Commission (Commission) begins the process to update and strengthen its data breach rule to provide greater protections to the public. We propose to expand the Commission’s definition of “breach” to include inadvertent disclosures of customer information and seek comment on adopting a harm-based trigger for breach notifications. We also propose to require carriers to notify the Commission, in addition to the Secret Service and FBI, as soon as practicable after discovery of a breach. We also propose to eliminate the mandatory waiting period before notifying customers and instead require carriers to notify customers of CPNI breaches without unreasonable delay after discovery of a breach unless requested by law enforcement. We also propose to make changes to our TRS data breach reporting rule consistent with those we propose to our CPNI breach reporting rule.
DATES:
Comments are due on or before February 22, 2023, and reply comments are due on or before March 24, 2023. Written comments on the Paperwork Reduction Act proposed information collection requirements must be submitted by the public, Office of Management and Budget (OMB), and other interested parties on or before March 24, 2023.
Printed version: PDF Publication
Date: 01/23/2023
Agency:Federal Communications Commission
Dates: Comments are due on or before February 22, 2023, and reply comments are due on or before March 24, 2023. Written comments on the Paperwork Reduction Act proposed information collection requirements must be submitted by the public, Office of Management and Budget (OMB), and other interested parties on or before March 24, 2023.
Comments Close: 02/22/2023
Document Type: Proposed Rule
Document Citation:88 FR 3953
Page: 3953-3965 (13 pages)
CFR: 47 CFR 64
Agency/Docket Numbers:WC Docket No. 22-21FCC 22-102FR 122866
Document Number:2023-00824