Kartikay Mehrotra reports:
A federal appeals court delivered a victory to the Federal Communications Commission on Wednesday by upholding new and controversial data breach reporting requirements for telecommunications companies targeted in cyberattacks.
The court rejected consolidated challenges, 2 to 1, from trade groups including the Ohio Telecom Association, Texas Association of Business and USTelecom. They argued the rules exceed the agency’s authority and violated congressional restrictions. Circuit Judge Jane Stranch found that the Communications Act of 1934’s prohibition on “unjust or unreasonable” practices provided adequate authority for the breach notification requirements by allowing the agency to “prescribe” regulations as necessary.
“There is a direct connection between a carrier’s failure to disclose breaches of customer’s ‘identifying information’ and its role in providing communication services,” read the opinion for the US Court of Appeals for the Sixth Circuit.
Read more at Bloomberg Law.