"The FCC Wants Carriers to Notify You Sooner When There's a Data Breach"

The Federal Communications Commission (FCC) has recently proposed rules that would improve reporting for breaches at carriers.  Most notably, the move would scrap a mandatory wait of seven business days before a telecom can warn customers about a security incident.  The FCC noted that hackers would have a shorter window of opportunity to abuse one's data without their knowledge.  The proposal would also clarify that carriers must notify the FCC, FBI, and Secret Service of any reportable data breaches.  Providers would likewise have to alert customers to inadvertent breaches, such as leaving account info exposed.  The FCC is simultaneously asking for public input on whether or not breach alerts should include specific information to help people take action, such as the nature of the compromised data.  The FCC stated that the existing rules are more than 15 years old and are reportedly "out-of-step" at a time when it's frequently vital to notify victims and authorities as quickly as possible.  The FCC noted that, in theory, telecoms will warn users sooner and reduce the chances of identity fraud and follow-up hacks.  This won't guarantee timely alerts, but it could minimize the damage for both customers and the networks' bottom line.  The new proposal is also more consistent with other laws on breach reporting, particularly in states like California.  The FCC is also wondering whether or not there should be a ceiling on the notification period and whether smaller carriers should get more time to report intrusions.  Public comments (open 30 days after the proposal reaches the Federal Register) may help shape these rules, but there's no guarantee the end result will address every concern.

Engadget reports: "The FCC Wants Carriers to Notify You Sooner When There's a Data Breach"