This story was originally published on November 29, 2018.
Posted November 29: Companies have breached corporate networks and made millions of dollars off a data breach that left hundreds of thousands of users vulnerable to hackers, the head of the Federal Communications Commission said on Tuesday.
“As we continue to examine and address this issue, we are confident that we have the right tools at our disposal to address this type of incident,” FCC Chairman Ajit Pai said at a news conference in Washington.
Pai said that the agency is working with industry to develop a plan to address the vulnerability and prevent similar incidents from happening again.
The FCC has taken a number of actions to protect consumers from cyberattacks, including requiring internet service providers to build in “back doors” into their routers that would allow them to steal user data, giving the Federal Trade Commission the authority to impose tougher regulations on companies that fail to keep up with technological advancements, and imposing stricter penalties for companies that don’t keep up on cybersecurity measures.
Companies have been able to access consumer data for years without warning or prompting by way of “backdoors,” and some have used these techniques to gather information about their customers.
FCC Commissioner Jessica Rosenworcel said the agency would work with the private sector to develop rules to ensure that “cybersecurity tools are put in place that are secure, that we can enforce, that companies can’t do that to their customers.”
A spokesperson for the FTC did not immediately respond to a request for comment.
Pai, who also chairs the National Association of Broadcasters, said the FCC was reviewing the findings of the FCC’s investigation.
“This is a critical issue that affects consumers across the country,” he said.
Pai said he hoped the FCC would announce its plan to implement such a plan within the next few months. “
While there is much work to be done, we’re confident that there are tools at the FCC to address these issues and that we will have the appropriate tools to protect our consumers’ personal data.”
Pai said he hoped the FCC would announce its plan to implement such a plan within the next few months.
The Federal Communications Committee on Tuesday approved a rule requiring broadband providers to take steps to protect customers’ data from data breaches.
In addition to requiring the deployment of backdoors into the routers of any internet service provider, the FCC also is recommending that broadband providers be required to install backdoors in their own devices.
Pai’s proposed rules are part of a broader plan that would expand broadband and other communications infrastructure to make it easier for companies to spy on consumers and sell targeted ads to them.
“We are concerned that a lot of the consumer data that’s been exposed in these breaches is being used in ads,” Pai said.
Pai also said he had directed the FCC staff to “examine” ways that internet service companies could provide more security to customers by offering a “one-time password” that would make it impossible for them to access their account for the duration of the breach.
The rule would require internet service operators to put a lock on their routers after they receive a notification that their account has been compromised.
Companies would be required by law to update the locks after six months.
Pai announced the rule Tuesday, saying it would address a concern that some internet service carriers have about being unable to protect the privacy of their customers from hackers.
“If there’s ever an internet service user that has a question, that’s a good thing,” Pai told reporters.
“It’s not a good situation where someone’s watching you from afar and they can spy on you.”