A recent court decision by the United States Sixth Circuit has upheld the Federal Communications Commission's (FCC) rules on data breach reporting, marking a significant development for the cybersecurity landscape.
The ruling means that telecommunications carriers are now explicitly required to report breaches involving both Customer Proprietary Network Information (CPNI) and Personally Identifiable Information (PII). The decision stems from a legal challenge brought by several industry groups,