US Federal Communications Commission fines two phone companies $10 million
The US Federal Communications Commission (FCC) issued, on 24 October, a 10 million dollar fine for breaching consumer privacy and data security. The phone companies, TerraCom and its affiliate YourTel America, claimed in their privacy policies that they had appropriate security practices in place, but were found to have stored Social Security numbers, names, addresses, drivers' licenses, and other sensitive information on unprotected Internet servers.
“Consumers trust that when phone companies ask for their Social Security number, driver’s license, and other personal information, these companies will not put that information on the Internet or otherwise expose it to the world,” said Travis LeBlanc, Chief of the FCC’s Enforcement Bureau. “When carriers break that trust, the Commission will take action to ensure that they are held accountable for unjust and unreasonable data security practices.”
This is the FCC's first data security case and the largest privacy action in the Commission’s history. Last month, the FCC fined Verizon 7.4 million dollars for failing to secure consumers' consent for marketing. The FCC is becoming an increasingly active regulator having recently joined the privacy regulators' Global Privacy Enforcement Network. It remains to be seen what the synergies will be with the US Federal Trade Commission
See http://www.fcc.gov/document/fcc-plans-10m-fine-carriers-breached-consumer-privacy and http://www.fcc.gov/document/fcc-joins-global-privacy-enforcement-network