United States:
FCC Adopts Updated Breach Notification Rules
20 December 2023
Foley & Lardner
To print this article, all you need is to be registered or login on Mondaq.com.
The Federal Communications Commission (FCC) is upping the game a
bit for data breaches incurred by telecommunications carriers,
coming closer to the requirements under most state breach
notification laws. For example, the new rules cover more types of
data and expands the definition of a "breach" to include
inadvertent access, use, or disclosure, as many state data breach
notification laws do.
Under the new rules, most telecommunications carriers will have
to notify the FCC as well as the U.S. Secret Service and FBI
through a central reporting facility. However, the new rules also
add an element of harm requirement for notice to consumers -
telecommunications carriers will not be required to notify
consumers if they reasonably determine that there will not be any
harm to the consumer or when the breach only involves encrypted
data (and the encryption key is still secure) - again mirroring
many state data breach notification laws. While the previous rules
required the telecommunications carriers to wait before notifying
affected consumers, notification now matches many state laws in
requiring notice to consumers "without unreasonable
delay" after notification to the FCC and law enforcement
agencies, and generally within 30 days of the reasonable
determination of the breach.
WASHINGTON, December 13, 2023—The Federal Communications
Commission today adopted rules to modify the Commission's
16-year-old data breach notification rules to ensure that providers
of telecommunications, interconnected Voice over Internet Protocol
(VoIP), and telecommunications relay services (TRS) adequately
safeguard sensitive customer information. Today's action would
hold phone companies accountable for protecting sensitive customer
information, while enabling customers to protect themselves in the
event that their data is compromised.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Media, Telecoms, IT, Entertainment from United States
Hiring A Name, Image, And Likeness Agent
McLane Middleton, Professional Association
I am a student-athlete and I want to hire an agent to negotiate NIL contracts for me. Is there anything I should be aware of when hiring an NIL agent?
What Is Third-Party Content?
Sideman & Bancroft
Generating content is crucial to business marketing, but it can be difficult to consistently produce unique content. In today's competitive digital landscape, embracing third-party content is essential.
CFPB Targeting Gaming Industry?
Klein Moynihan Turco LLP
On April 4, 2024, the Consumer Financial Protection Bureau ("CFPB") issued a report (the "Report") examining the potential risk to consumer assets and data in the online video game...