The U.S. Federal Communications Commission (FCC or Commission) released a Notice of Proposed Rulemaking (NPRM) seeking to update and strengthen its rules requiring telecommunications carriers and interconnected Voice over Internet Protocol (VoIP) providers to notify customers and federal law enforcement of breaches of customer proprietary network information (CPNI) in the carriers’ possession.
This proceeding reinforces that the FCC under Chairwoman Jessica Rosenworcel is focused on regulating cybersecurity issues and considers its authority in this area to be expansive. While telecommunications carriers and VoIP providers are already subject to CPNI disclosure rules, the proposed rule would expand the types of incidents that carriers must report and add new notification requirements. These new requirements would add complexity to incident response, as the FCC requirements would be layered on top of other cyber incident reporting requirements under various federal and state frameworks. Interested parties in the telecom and technology sector should consider submitting comments on the FCC’s proposal.
The NPRM:
Hogan Lovells’ experienced team of Communications and Cybersecurity attorneys are tracking developments in this space and happy to brief clients on this proposal, assist in preparing advocacy materials, and develop compliance strategies if new rules are adopted.
Are you sure want to delete comment ?
Scan this QR Code to share this content