Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security United States

FCC Wants Carriers To Notify You Sooner When There's a Data Breach (engadget.com) 9

The Federal Communications Commission isn't done dragging data breach policy into the modern era. From a report: The agency has proposed rules that would improve reporting for breaches at carriers. Most notably, the move would scrap a mandatory wait of seven business days before a telecom can warn customers about a security incident. Hackers would have a shorter window of opportunity to abuse your data without your knowledge, to put it another way.

The proposal would also clarify that carriers must notify the FCC, FBI and Secret Service of any reportable data breaches. Providers would likewise have to alert customers to inadvertent breaches, such as leaving account info exposed. The Commission is simultaneously asking for public input on whether or not breach alerts should include specific information to help people take action. such as the nature of the compromised data.

This discussion has been archived. No new comments can be posted.

FCC Wants Carriers To Notify You Sooner When There's a Data Breach

Comments Filter:
  • by BrendaEM ( 871664 ) on Friday January 06, 2023 @02:40PM (#63185754) Homepage
    The U.S. Federal government needs to step in, and limit the amount, length, and types of data collected. The companies who collect data and spy on U.S. citizens must have controls placed on it. Data breaches would not be such a problem--if the data wasn't there to begin with.
    • by Anonymous Coward

      That would be a federal law guaranteeing a right to privacy. Better yet, would be an amendment.

      First one might be a possibility with the right verbiage. The second one a non-starter as a lot of search & seizure rulings would need to be relitigated.

  • I want them to make the effort to stop the breacher or, preferably, to not collect all my personal data in the first place, just the required minimum.

  • I genuinely think that we need to move on to some sort of a data system where individual companies are not allowed to record your personal details into their system under any circumstances. Instead, we could have some sort of a centralised, government-run personal data storage system and 3rd party companies should only receive a uniquely generated, 3rd-party specific, cryptographically signed token to cofirm whether a particular customer meets criteria to be offered services.

    For example, where I live, whene

  • In Australia some firms like Optus and Medibank and State Govt had breaches. Because of a lack of full disclosure(Just general non-specific unverifiable un-detailed claims), other companies have also been hacked. Full disclosure is exactly that. How, why, who, when and what. Never got any of that. Directors kept their bonuses. There is still silence and deflection to protect why ex-customers data was retained. (It should have been archived). When stock exchange trading freezes are done in advance of press r

To be awake is to be alive. -- Henry David Thoreau, in "Walden"

Working...