Chairwoman Rosenworcel Circulates New Data Breach Reporting Requirements

Jan 12th '22

The Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel shared with her colleagues a Notice of Proposed Rulemaking (NPRM) that would begin the process of strengthening the Commission’s rules for notifying customers and federal law enforcement of breaches of customer proprietary network information (CPNI).  The updates would better align the Commission’s rules with recent developments in federal and state data breach laws covering other sectors.


“Current law already requires telecommunications carriers to protect the privacy and security of sensitive customer information.But these rules need updating to fully reflect the evolving nature of data breaches and the real-time threat they pose to affected consumers,” said Chairwoman Rosenworcel.  “Customers deserve to be protected against the increase in frequency, sophistication, and scale of these data leaks, and the consequences that can last years after an exposure of personal information.  I look forward to having my colleagues join me in taking a fresh look at our data breach reporting rules to better protect consumers, increase security, and reduce the impact of future breaches.”


The proposal outlines several updates to current FCC rules addressing telecommunications carriers’ breach notification requirements.  These include:


  • Eliminating the current seven business day mandatory waiting period for notifying customers of a breach;
  • Expanding customer protections by requiring notification of inadvertent breaches; and
  • Requiring carriers to notify the Commission of all reportable breaches in addition to the FBI and U.S. Secret Service.


The increasing frequency and severity of security breaches involving customer information can have lasting detrimental impacts on the economy and on consumers whose information has been improperly exposed.  To reduce the risk of this harm, in September, the FCC proposed rules targeting SIM swapping scams and port-out fraud.


The Notice of Proposed Rulemaking circulated today further advances the FCC’s efforts to ensure its rules keep pace with evolving cybersecurity threats and to protect consumers in the face of today’s challenges.  The proposal also aims to ensure that the Commission and other federal law enforcement agencies receive the information they need in a timely manner so they can mitigate and prevent harm due to the breach and take action to reduce the likelihood of future incidents.  Lastly, the Notice also seeks comment on whether the Commission should require customer breach notices to include specific categories of information to help ensure they contain actionable information useful to the consumer and proposes to make consistent revisions to the Commission’s telecommunications relay services (TRS) data breach reporting rule.


Source: FCC


About us

LS Consultancy are experts in Marketing and Compliance, and work with a range of firms to assist with improving their documents, processes and systems to mitigate any risk.


We provide a cost-effective and timely bespoke copy advice and copy development services to make sure all your advertising and campaigns are compliant, clear and suitable for their purpose.


Our range of innovative solutions can be tailored to suit your unique requirements, no matter whether you’re currently working from home, or are continuing to go into the office. Our services can be deployed individually or combined to form a broader solution to release your energies and focus on your clients.


Contact us today for a chat or send us an email to find out how we can support you in meeting your current and future challenges with confidence.


Explore our full range today.


Contact us



Why Not Download our FREE Brochures! Click here.


Call Us Today on 020 8087 2377 or send us an email.