USTelecom advocated on the FCC’s data breach Draft Order to substantially expand the agency’s existing data breach notification rules to cover all personally identifiable information, not just customer proprietary network information (CPNI). We stressed that a requirement like this could impose unnecessary costs and burdens on providers, and it could also mislead consumers about the security of their information. We also argued that the FCC’s planned approach exceeds the agency’s statutory authority and would require voice service providers to notify customers and law enforcement of numerous security incidents unlikely to cause consumer harm.

The post Opposing FCC Overreach on Data Breach Notification Rules appeared first on USTelecom.