Categories
Changes wants

The FCC is looking to make big changes in data breach reporting

The Federal Communications Commission (FCC) has revealed its plan to change the rules regarding how businesses report both data breaches and data leaks to their customers and the federal government.FCC Chairwoman Jessica Rosenworcel has put forth a Notice of Proposed Rulemaking (NPRM) that would begin the process of changing the government agency’s rules for notification…

.

The Federal Communications Commission (FCC ) announced its plans to modify the rules for how businesses report data breach as well as data leaked to customers and the federal government.

FCC Chairwoman Jessica Rosenworcel has submitted a Notice Of Proposed Rulemaking. This would start the process to change the rules of the government agency for notifying customers and federal law enforcement regarding data breaches.

Rosenworcel explained in a press release that the increased frequency of breaches and leaks is why she shared her new NPRM with colleagues at the FCC, saying:

“Current law already requires telecommunications carriers to protect the privacy and security of sensitive customer information. These rules must be updated to reflect the changing nature of data breaches, and the immediate threat to consumers. Customers should be protected from the increasing frequency, sophistication, scale, and severity of data breaches, as well as the potential consequences that could last for years following the disclosure of personal information. I look forward to having my colleagues join me in taking a fresh look at our data breach reporting rules to better protect consumers, increase security, and reduce the impact of future breaches.”

Updated breach notification requirements

Rosenworcel’s proposal outlines several updates to the FCC’s current rules in regard to how businesses notify customers and government agencies about breaches.

The first of which and likely the most important is that the current seven business day mandatory waiting period for notifying customers of a breach would be eliminated. If the proposal is accepted, this would mean that consumers would have more time to change their passwords and even invest in identity theft protection services before those responsible for a breach could use their data against them. The proposal would also expand customer protections by requiring businesses that notify customers of data breaches or other potential threats to their security. This could put additional pressure on companies to properly secure their data as their business could be affected by the news that they left a database unsecured online. Finally, Rosenworcel’s proposal would require mobile carriers to notif

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *