The Federal Communications Commission (FCC) has called for more in-depth requirements for data breach reporting in the telecommunications industry. The proposal follows the recent increase of attacks seen in the telecommunications sector. The proposal was shared on Wednesday by the Chairwoman of the FCC, Jessica Rosenworcel, in a Notice of Proposed Rulemaking (NPRM). The proposal outlined that the first step the FCC intends to take will be to change the rules for alerting customers and federal agencies about a breach.
Chairwoman Jessica Rosenworcel said in the statement, “current law already requires telecommunications carriers to protect the privacy and security of sensitive customer information. But these rules need updating to fully reflect the evolving nature of data breaches and the real-time threat they pose to affected consumers. Customers deserve to be protected against the increase in frequency, sophistication, and scale of these data leaks, and the consequences that can last years after an exposure of personal information. I look forward to having my colleagues join me in taking a fresh look at our data breach reporting rules to better protect consumers, increase security, and reduce the impact of future breaches.”
The proposal also went on to outline several other changes which include: “Eliminating the current seven business day mandatory waiting period for notifying customers of a breach; Expanding customer protections by requiring notification of inadvertent breaches; and Requiring carriers to notify the Commission of all reportable breaches in addition to the FBI and U.S. Secret Service.”