We have learned that the Federal Communications Commission (FCC) is in the process of developing additional rules that will affect how customer data can be stored by certain providers of communications services in the United States. It is not yet clear whether the rules would restrict the manner in which data held by these service providers can be stored and maintained abroad, restrict the manner in which data can be accessed by foreign entities, or both. It also is not yet clear whether the rules would apply only to telecommunications carriers, or whether they would apply more broadly.
The action would follow the FCC’s most recent revisions to its “Customer Proprietary Network Information” rules, which set requirements for the treatment of customer data by providers of telecommunications services in the United States. Those revisions, which followed in the wake of the Hewlett-Packard pretexting scandal, changed the FCC’s approach to protecting customer data and made it more difficult for third parties to secure access to certain data absent express customer consent. The FCC’s expected action on data storage will, to our knowledge, be the first instance in which the FCC is addressing this issue.
We are continuing to follow this development. In the meantime, please contact the Hogan & Hartson attorney with whom you work or the attorneys listed below if you have any questions or would like additional information.