The amended rules follow the Biden Administration’s “whole of government” approach to maximizing notifications to executive agencies of cybersecurity events.

On December 21, 2023, a divided Federal Communications Commission (FCC or the Commission) released a Report and Order updating its data breach reporting rules for certain telecommunications providers. The updated rules require that providers of telecommunications services, interconnected Voice over Internet Protocol (VoIP), and telecommunications relay services (TRS) adequately safeguard sensitive customer information and report data breaches to the Commission. The rules will also likely apply to providers of broadband Internet access services when the Commission completes its recently initiated rulemaking proposing to reclassify broadband as a telecommunications service covered by the data breach rules.