The Federal Communications Commission has proposed stricter rules on how telecom carriers must report data breaches

The U.S. Federal Communications Commission is considering tougher rules requiring telecom carriers to report data breaches more quickly to customers and law enforcement.

Chairman Jessica Rosenworcel has written a document outlining the new proposal to strengthen the FCC’s powers to disclose data breaches and leaks to customers and federal agencies of “customer-proprietary network information.” The updated rules, released this week, would keep the FCC in compliance with other federal and state data breach laws, she said.

Currently, companies must wait seven business days before they can disclose a data breach to their customers. Under the new plan, the waiting period will be completely removed so people can be notified sooner.

These rules don’t just apply in cases of malicious data breaches. If the new proposal is adopted, carriers will also have to follow the same disclosure procedure for “inadvertent violations”, in the event of human error. Finally, the FCC wants telcos to also report these violations to the FBI and the Secret Service.

“Current law already requires telecom operators to protect the privacy and security of sensitive customer information. But these rules need to be updated to fully reflect the evolving nature of data breaches and the real-time threat they pose to affected consumers,” President Rosenworcel said in a statement. [PDF].

“Customers deserve to be protected from the increasing frequency, sophistication and scale of these data breaches, and the consequences that can last years after personal information is exposed. I look forward to my colleagues joining me in taking a fresh look at our data breach reporting rules to better protect consumers, increase security, and reduce the impact of future breaches.

Last year, T-mobile US confirmed The register that “unauthorized access to certain data has occurred”. Some 100 million customers were potentially affected by criminals selling information such as names, addresses, social security numbers and IMEI numbers on the dark web for six Bitcoins, worth around $280,000.

Mint Mobile was also hit by a data breach last year. A thief stole account information and transferred people’s phone numbers to another carrier. Other sensitive data such as the customer’s name, email address and passwords were also potentially accessed. ®

Aurora J. William