{"abstract":"In this document, the Federal Communications Commission (Commission) begins the process to update and strengthen its data breach rule to provide greater protections to the public. We propose to expand the Commission's definition of \"breach\" to include inadvertent disclosures of customer information and seek comment on adopting a harm-based trigger for breach notifications. We also propose to require carriers to notify the Commission, in addition to the Secret Service and FBI, as soon as practicable after discovery of a breach. We also propose to eliminate the mandatory waiting period before notifying customers and instead require carriers to notify customers of CPNI breaches without unreasonable delay after discovery of a breach unless requested by law enforcement. We also propose to make changes to our TRS data breach reporting rule consistent with those we propose to our CPNI breach reporting rule.","action":"Proposed rule.","agencies":[{"raw_name":"FEDERAL COMMUNICATIONS COMMISSION","name":"Federal Communications Commission","id":161,"url":"https://www.federalregister.gov/agencies/federal-communications-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/161","parent_id":null,"slug":"federal-communications-commission"}],"body_html_url":"https://www.federalregister.gov/documents/full_text/html/2023/01/23/2023-00824.html","cfr_references":[{"chapter":null,"citation_url":null,"part":64,"title":47}],"citation":"88 FR 3953","comment_url":null,"comments_close_on":"2023-02-22","correction_of":null,"corrections":[],"dates":"Comments are due on or before February 22, 2023, and reply comments are due on or before March 24, 2023. Written comments on the Paperwork Reduction Act proposed information collection requirements must be submitted by the public, Office of Management and Budget (OMB), and other interested parties on or before March 24, 2023.","disposition_notes":null,"docket_ids":["WC Docket No. 22-21","FCC 22-102","FR 122866"],"dockets":[],"document_number":"2023-00824","effective_on":null,"end_page":3965,"executive_order_notes":null,"executive_order_number":null,"explanation":null,"full_text_xml_url":"https://www.federalregister.gov/documents/full_text/xml/2023/01/23/2023-00824.xml","html_url":"https://www.federalregister.gov/documents/2023/01/23/2023-00824/data-breach-reporting-requirements","images":{},"images_metadata":{},"json_url":"https://www.federalregister.gov/api/v1/documents/2023-00824?publication_date=2023-01-23","mods_url":"https://www.govinfo.gov/metadata/granule/FR-2023-01-23/2023-00824/mods.xml","not_received_for_publication":null,"page_length":13,"page_views":{"count":5139,"last_updated":"2026-04-03 12:15:04 -0400"},"pdf_url":"https://www.govinfo.gov/content/pkg/FR-2023-01-23/pdf/2023-00824.pdf","presidential_document_number":null,"proclamation_number":null,"public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2023-00824.pdf?1674222320","publication_date":"2023-01-23","raw_text_url":"https://www.federalregister.gov/documents/full_text/text/2023/01/23/2023-00824.txt","regulation_id_number_info":{},"regulation_id_numbers":[],"regulations_dot_gov_info":{"comments_count":0,"agency_id":"FCC","document_id":"FCC-2023-0024-0001","checked_regulationsdotgov_at":"2023-02-25T07:49:37Z"},"regulations_dot_gov_url":null,"significant":null,"signing_date":null,"start_page":3953,"subtype":null,"title":"Data Breach Reporting Requirements","toc_doc":"Data Breach Reporting Requirements","toc_subject":null,"topics":["Communications","Communications common carriers","Communications equipment","Individuals with disabilities","Reporting and recordkeeping requirements","Security measures","Telecommunications","Telephone"],"type":"Proposed Rule","volume":88}