FCC Offers Stricter Requirements for Reporting Data Breaches

The Federal Communications Commission is the next US regulator hoping to hold businesses more accountable for data breaches. President Jessica Rosenworcel has share a regulatory proposal that would introduce more stringent requirements for reporting data breaches. Specifically, the new rules would require notifications for customers affected by “inadvertent” breaches – businesses that leave data exposed would have to be just as communicative as victims of cyber attacks.

The requirements would also remove a mandatory one-week waiting period to notify customers. Carriers, meanwhile, should disclose reportable violations to the FCC in addition to the FBI and the Secret Service.

Rosenworcel argued that stricter rules were needed to take into account the “evolving nature” of the violations and the risks they posed to victims. People need to be protected from bigger and more frequent incidents, the FCC chairman said – that is, regulations need to catch up with reality.

The FCC did not say when the proposal could be put to a vote, although the next FCC public meeting is scheduled for Jan. 27. There can be no assurance that the Commission will give the green light to the new requirements. It will come as no surprise, however, that rule making progresses. While companies are now more likely to disclose breaches, there have been several high-profile incidents where these companies took too long to alert customers or failed to notify them at all. The new measures could reduce this wait time, giving people a better chance to secure their data and prevent fraud.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through any of these links, we may earn an affiliate commission.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

4 × one =