The 6th U.S. Circuit Appeals Court’s recent decision upholding the FCC’s 2024 data breach notification rules (see 2508130068) will likely prove significant for regulated companies, lawyers at Davis Wright wrote in a blog post Thursday. “The most immediate implication is the introduction of yet another requirement to notify individuals and authorities of data breaches and other cybersecurity incidents.” As the dissent by Judge Richard Griffin noted, carriers are already “subject to multiple cyber incident reporting requirements at the federal level,” they said.

A recent decision by the 6th U.S. Circuit Appeals Court upholding the FCC's 2024 data breach notification rules (see 2508140052) likely has broader implications for the agency, lawyers at Cooley wrote Wednesday. “The decision’s expansive reading of Section 201(b) [of the Communications Act] suggests that the FCC’s power extends beyond the actual provision of service to cover all ‘practices’ in support of providing the service, which could lead to more aggressive regulation in the future,” they wrote.

Public Knowledge urged the FCC to safeguard the privacy of consumers as it considers rules for next-generation 911, in comments on a Further NPRM approved by commissioners in March. PK supports the FCC’s goals of making NG911 “more reliable and useful for consumers who require emergency services in critical times of need,” said a filing this week in docket 21-479. “However, these services do not come without risks,” it added.

The FCC’s efforts on the White House’s AI Action plan will involve a “team” principally run out of the Office of General Counsel, said Chairman Brendan Carr in a news conference Thursday. The agency will look at its authority to preempt state laws and proceed with “an open mind,” he added. The agency’s role will be “looking at ways that we can streamline or accelerate or potentially address barriers that may be in the way of the buildout of AI infrastructure.” Commissioner Anna Gomez said during her news conference Thursday that the Communications Act doesn't give the FCC authority over AI, and that the administration's actions against subsidizing the buildout of high-capacity fiber infrastructure will undermine the proliferation of AI. "What this administration is doing with the BEAD program is antithetical to the goals of this administration on AI," she said.

Public Knowledge and the Electronic Privacy Information Center urged the FCC to consider privacy as the agency looks at wireless location accuracy for calls to 911. Comments were posted at the FCC this week in docket 07-114.

In a unanimous vote, FCC commissioners approved Thursday a Further NPRM about improving wireless location accuracy for 911 calls. The draft FNPRM raises privacy issues.

The FCC’s new Council for National Security will focus on China, cybersecurity and emerging technologies like AI, Chairman Brendan Carr announced Thursday.

Verizon urged the 2nd Circuit U.S. Court of Appeals to overturn a $46.9 million penalty from the FCC for not adequately protecting subscribers’ real-time location information that commissioners approved on a 3-2 vote last year (see 2404290044). Last week, the 5th Circuit heard AT&T's oral argument against a $57 million fine the commission imposed (see 2502030050). The government defended the order in the 5th Circuit even though current FCC Chairman Brendan Carr and Republican Commissioner Nathan Simington had dissented.

The U.S. Court of Appeals for the D.C. Circuit said Thursday that judges will hear T-Mobile’s challenge of an $80 million penalty for allegedly not safeguarding data on customers' real-time locations (see 2501210036) on March 24, starting at 9:30 a.m. The composition of the panel that will hear the case will be revealed 30 days prior to oral argument, said a Thursday notice from the court. T-Mobile was also fined $12.2 million for violations by Sprint, which it later purchased.

Public interest groups filed in support of the FCC’s 3-2 April decision (see 2404290044) fining T-Mobile $80 million for allegedly failing to safeguard data related to customers' real-time locations. T-Mobile was also fined $12.2 million for violations by Sprint, which it later acquired. In the Telecom Act, “Congress entrusted [the FCC] with the responsibility of holding the nation’s largest telecommunications providers accountable when those carriers violate the privacy of their subscribers,” the groups said in an amicus brief. Congress intended that Section 222 "ensure that telecommunications providers would protect personal data collected from their customers, and intentionally included broad definitions and gave the Commission clear authority to interpret them as technologies evolved,” they added: “Decades later, it has become clear that one of the most sensitive categories of data that telecommunications providers collect about their customers is mobile location data.” The Electronic Privacy Information Center, the Center for Democracy & Technology, the Electronic Frontier Foundation, Privacy Rights Clearinghouse and Public Knowledge filed the brief. They urged the D.C. Circuit to "reject T-Mobile’s arguments and hold that the text and purpose of Section 222 clearly authorize the FCC orders under review.” If carriers prevail, “they will have successfully evaded virtually all means of legal accountability for violating their customers’ privacy, including data sold to bounty hunters.” Letting carriers avoid FCC authority “will mean that there is essentially no backstop to enforcing the privacy rights Congress guaranteed consumers under the Communications Act.”