According to a press release from Wednesday, the FCC has officially adopted changes to its data breach notification rules to hold phone companies accountable for protecting sensitive customer information, while enabling customers to protect themselves in the event that their data is compromised.
The FCC order will broaden the commission’s scope of customers’ personally identifiable information that is collected and held by telecommunications carriers and expand the definition of “breach” to include “inadvertent access, use, or disclosure of customer information.”
Customers will now receive notice of a breach within 30 days of discovery unless law enforcement asks for a delay. In addition to contacting the FBI, carriers and providers will also be required to alert the FCC of breaches in addition to their current responsibilities.
The vote follows other new and controversial federal data breach reporting requirements from the SEC and FTC.
Ted Miracco, CEO, Approov Mobile Security had this comment:
“Mobile devices hold a treasure trove of sensitive data, and the consequences of their compromise can be catastrophic, exposing personal, financial, and even medical information to potential misuse. This underscores the vital importance of the FCC’s updated regulations, which aim to strengthen data breach notifications and protect consumers in an era where safeguarding their information is paramount.”
The key thing here is accountability. You shouldn’t be able to sweep a data breach under the rug. Nor should you be able to drag your feet in terms of when you notify the public. Thus it’s positive that these rules are being changed to match the times that we live in.
Related
This entry was posted on December 16, 2023 at 8:40 pm and is filed under Commentary with tags FCC. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
FCC Expands 16y/o Data Breach Rules To Hold Telcos Accountable
According to a press release from Wednesday, the FCC has officially adopted changes to its data breach notification rules to hold phone companies accountable for protecting sensitive customer information, while enabling customers to protect themselves in the event that their data is compromised.
The FCC order will broaden the commission’s scope of customers’ personally identifiable information that is collected and held by telecommunications carriers and expand the definition of “breach” to include “inadvertent access, use, or disclosure of customer information.”
Customers will now receive notice of a breach within 30 days of discovery unless law enforcement asks for a delay. In addition to contacting the FBI, carriers and providers will also be required to alert the FCC of breaches in addition to their current responsibilities.
The vote follows other new and controversial federal data breach reporting requirements from the SEC and FTC.
Ted Miracco, CEO, Approov Mobile Security had this comment:
“Mobile devices hold a treasure trove of sensitive data, and the consequences of their compromise can be catastrophic, exposing personal, financial, and even medical information to potential misuse. This underscores the vital importance of the FCC’s updated regulations, which aim to strengthen data breach notifications and protect consumers in an era where safeguarding their information is paramount.”
The key thing here is accountability. You shouldn’t be able to sweep a data breach under the rug. Nor should you be able to drag your feet in terms of when you notify the public. Thus it’s positive that these rules are being changed to match the times that we live in.
Share this:
Like this:
Related
This entry was posted on December 16, 2023 at 8:40 pm and is filed under Commentary with tags FCC. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.