The U.S. Federal Communications Commission voted Wednesday along party lines to update 16-year-old privacy protection rules and expand breach notification requirements as part of an effort to provide law enforcement and the public with real-time information about harmful data breaches.
The new rule expands the scope of the FCC’s breach notification requirements to cover all personal identifiable information that carriers and telecommunications relay service providers maintain on their customers. Those organizations will be tasked with providing individual, per-breach notifications “no later than seven business days after reasonable determination of a breach” affecting 500 or more customers, according to the guidelines.