Categories
cellphone Force

The FCC could force cellphone providers to report data breaches in a different way

The Federal Communications Commission (FCC) is considering new rules to update how telecommunications companies report on data breaches. Some of the additional steps FCC Chairwoman Jessica Rosenworcel shared in a notice Wednesday would require carriers to notify the FCC, as well as the Federal Bureau of Investigations and the US Secret Service, of any inadvertent…

The Federal Communications Commission is currently considering new rules that will update the way telecommunications companies report data breaches. FCC Chairwoman Jessica Rosenworcel explained that carriers must notify the FCC and the Federal Bureau of Investigations as well as US Secret Service of any unintentional or inadvertent breaches that could expose people’s personal data. It would also eliminate the seven-day waiting period that companies have to observe between notifying authorities about a breach and informing the public.

“The current law requires telecom carriers to protect the privacy of sensitive customer information,” Rosenworcel stated in a pressrelease regarding the proposal.

With data breaches increasing in frequency, sophistication and scale, and the consequences for consumers lasting long after leaks of personal information take place, I think it’s time for the FCC to modernize and clean up its data breach policies.

https://t.co/Yn2QJ6KOnz

— Jessica Rosenworcel (@JRosenworcel) January 12, 2022

While this proposal starts the process towards actually changing the rules, the FCC did not offer a timeline for when to expect the next steps, such as a vote. The Commission has proposed a number of now-pending rules for telecom companies in recent months, including one in September month that would target what’s known as “SIM swapping” (a form of identity theft in which attackers take over your phone, often to get around two-factor authentication) and another in October month that would implement various measures to curb spam texts.

[Related: The FCC is trying to crack down on those annoying spam texts]

Data breaches using these methods and others are happening more often and affecting more people, the FCC explained in its newest proposal. In 2021, multiple telecommunications companies reported significant breaches, including Syniverse, which provides services to large providers such as AT&T, Verizon, and T-Mobile. T-Mobile also reported two additional breaches of its own in August and December. These combined attacks were believed to have affected millions of customers.

Congress has taken note of the mounting data breaches this year, and on Thursday, a bipartisan coalition of lawmakers announced the Terms-of-serv

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *