The FCC proposes stricter requirements for reporting data breaches

The Federal Communications Commission is the next regulator in the US that hopes to hold companies more accountable for data breaches. President Jessica Rosenworsel shared a rule-making proposal that would introduce more stringent data breach reporting requirements. Notably, the new rules require notifications to customers affected by “unintended” breaches – companies that leave data exposed must be as communicative as victims of cyber-attacks.

The requirements will also eliminate a mandatory one-week waiting period to notify customers. Meanwhile, carriers are required to disclose violations that can be reported to the FCC as well as to the FBI and the Secret Service.

Rosenworsel argued that stricter rules were necessary to take into account the “evolving nature” of the abuses and the risks they posed to victims. The FCC chair said people should be protected from larger, more frequent accidents — that is, regulations need to keep up with reality.

The FCC has not said when the proposal will be put to a vote, although the FCC’s next open meeting is scheduled for January 27. There is no guarantee that the commission will green-light the new requirements. However, it wouldn’t be surprising if the rule-making process moved forward. While companies are now more likely to disclose violations, there have been several high-profile incidents where these companies took too long to alert customers or did not notify them at all. New measures can reduce this waiting time, giving people a better chance of securing their data and preventing fraud.

All products recommended by Engadget are handpicked by our editorial team, independently of the parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button