FCC expands 16 year old data breach rules to hold telecoms accountable – Approov comments
According to a press release Wednesday, the FCC has officially adopted changes to its data breach notification rules to hold phone companies accountable for protecting sensitive customer information, while enabling customers to protect themselves in the event that their data is compromised.
The FCC order will broaden the commission’s scope of customers’ personally identifiable information that is collected and held by telecommunications carriers and expand the definition of “breach” to include “inadvertent access, use, or disclosure of customer information.”
Customers will now receive notice of a breach within 30 days of discovery unless law enforcement asks for a delay. In addition to contacting the FBI, carriers and providers will also be required to alert the FCC of breaches in addition to their current responsibilities.
The vote follows other new and controversial federal data breach reporting requirements from the SEC and FTC.
An expert with Approov offers comments:
Ted Miracco, CEO, Approov Mobile Security:
“Mobile devices hold a treasure trove of sensitive data, and the consequences of their compromise can be catastrophic, exposing personal, financial, and even medical information to potential misuse. This underscores the vital importance of the FCC’s updated regulations, which aim to strengthen data breach notifications and protect consumers in an era where safeguarding their information is paramount.”
Madison Alexander PR