Senate Republicans Say FCC Lacks Authority To Tighten Data Breach Rules

Republicans in the Senate are urging the Federal Communications Commission to abandon a proposal that would tighten rules regarding telecoms' obligations to notify consumers about data breaches.

In a letter sent Tuesday to FCC Chair Jessica Rosenworcel, lawmakers say the FCC shouldn't move forward with the proposed rules, arguing they're “substantially similar” to regulations that were passed by the FCC in 2016 but revoked by Congress the following year.

“In this case, the FCC is defying clear and specific direction not to issue requirements that are substantially similar to parts of a rule disapproved by Congress,” Senators Ted Cruz (Texas), John Thune (South Dakota), Mitch McConnell (Kentucky) and Marsha Blackburn (Tennessee) wrote.

The FCC is scheduled to vote on the proposed rules Wednesday at its monthly meeting. The lawmakers are asking Rosenworcel to remove the proposal from the agenda.

The proposed data breach rules include provisions that would require telecoms to notify consumers, federal law-enforcement agencies and the Commission itself about all data breaches, including “inadvertent” ones. Rosenworcel first floated those rules last year. In January, the FCC unanimously voted to move forward with the proposal.

The 2016 data regulations -- which were revoked by Congress -- are best known for requiring broadband providers to obtain subscribers' opt-in consent before harnessing their web browsing data for targeted advertising. But those rules also included some provisions relating to security.

The Congressional Review Act, which dates to the 1990s, allows federal lawmakers to repeal some agency regulations, and also provides that agencies can't replace those regulations with “substantially similar” ones.

The meaning of “substantially similar” in this situation is unclear, and hasn't been tested in court, advocacy group Public Knowledge has previously said.

Next story loading loading..