https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


FCC Signals Seriousness of Data Protection by Imposing Record $10 Million Fine on TerraComm, YourTel America

  • Written by Channel
  • October 31, 2014
This decision should be a wake-up call for all telecom carriers to examine their own policies and operations immediately, as well as a heads-up for cloud services providers.

By Mark Del Bianco

In a notice of apparent liability (NAL) adopted on Oct. 24, the FCC imposed strict new requirements on telecom carriers to protect the personal information (PI) of their customers. The FCC found that sister companies TerraCom Inc. and YourTel America Inc. collected names, addresses, Social Security numbers, driver’s licenses and other PI and stored them on unprotected Internet servers that anyone in the world could access with a search engine and basic manipulation. The companies outsourced their back-office and data protection functions to an Indian company, which stored the PI in two publicly accessible folders on the Internet without password protection or encryption. By not employing appropriate or even reasonable security measures, the companies exposed their customers to an unacceptable risk of identity theft and other serious consumer harms.

The FCC concluded that the companies willfully and repeatedly violated Sections 201(b) and 222(a) of the Communications Act when they allegedly: (i) failed to properly protect the confidentiality of consumers’ PI they collected from applicants for the Companies’ wireless and wired Lifeline telephone services; (ii) failed to employ reasonable data security practices to protect consumers’ PI; (iii) engaged in deceptive and misleading practices by representing to consumers in the Companies’ privacy policies that they employed appropriate technologies to protect consumers’ PI when, in fact, they had not; and (iv) engaged in unjust and unreasonable practices by not fully informing consumers that their PI had been compromised by third-party access. The FCC proposed a forfeiture of $10,000,000, the largest in its history for violations related to data protection.

The companies’ woes are not over. The NAL makes clear that there are also ongoing state investigations of the companies’ actions.  We may soon see the other shoe drop as states impose punishments of their own.

The NAL is not an agency regulation applicable to all telecom carriers, but it certainly is an indication of the FCC’s new enforcement priorities. Since 2013, the FCC has hired a new Enforcement Bureau chief and a number of lawyers who are former assistant U.S. attorneys. They have brought a prosecutorial outlook to the Bureau and, to put it bluntly, are looking for scalps to hang on their walls. 

This decision should be a wake-up call for all telecom carriers to examine their own policies and operations immediately. They need to make understand what PI they collect and maintain, where and how it is stored and protected, and how it is used. They also need to make sure that their privacy policies are clear and are consistent with the way that they actually collect, protect and use PI data. Perhaps most importantly, they need to understand that outsourcing responsibility for any part of their data protection duties is impossible; they will be liable for whatever their contractors or partners do or fail to do. In most cases, analyzing all these risks will require the involvement of outside counsel experienced in privacy issues.

It is too early to say exactly what this NAL means for cloud services providers going forward. The companies involved here were telecom carriers, not cloud services providers. As carriers, they are subject to the Commission’s jurisdiction and to the privacy provisions of the Communications Act. Many cloud services providers are not telecom carriers and thus are not subject to the Act or the FCC’s jurisdiction.  However, they are subject to the jurisdiction and privacy rules of the Federal Trade Commission (FTC). The FTC, like the FCC, is developing its privacy rules through the enforcement process and on a case by case basis. The FTC has been even more aggressive than the FCC in its enforcement actions. It is very likely that in a future case involving a cloud services provider, the FTC will look to the standards developed by the FCC in this case. Thus, cloud services providers (and resellers who are white-labelling cloud services) would do well to conduct a similar audit of their practices and take immediate steps to minimize potential risk.

Mark Del Bianco, principal, Law Office of Mark C. Del Bianco, is based in the metropolitan Washington, D.C., area. His practice focuses on domestic and international telecom clients, particularly those implementing new technologies such as WiMAX, gigabit Ethernet and FTTH. Other clients include applications providers, channel sales agents and enterprise customers. Del Bianco was a member of the 2013-14 Channel Partners Advisory Board.

Tags: Agents Security

Most Recent


  • Joint selling
    Tanium Unveils New Technology Partner Program for Joint Solutions
    Access to real-time endpoint data promotes zero-trust security.
  • Must See
    IBM, F5, Appgate, Axonius, CyberGRX Among 'Must-See' Vendors at RSA
    EMA said these vendors provide products and solutions that are some of the best in the industry.
  • Business building block growth
    So You Want to Build a Microsoft Practice? Here's What It Will Take
    “It's a labor of love, and it didn't happen overnight," Jim Campbell of Opkalla said.
  • Compliance Issues
    ConnectWise Enhances Innovation, Partner Experience with Additions to Leadership Team
    Todd Hale becomes ConnectWise CIO and Ciaran Chu will lead the innovation business unit as general manager, ConnectWise Control.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • edge computing
    'Challenging Results' for MSPs in Channel Futures' Exclusive Quarterly Survey
  • White House
    White House Urges Companies to Take Ransomware Attacks More Seriously
  • Security shield on digital background
    VMware Security Connect Focused on Redefining Security, Increasing Threats
  • Fortune 500 2021 logo
    AT&T, Microsoft, Verizon, More Tech, Telco Companies Make Latest Fortune 500

Upcoming Events

View all

Channel Partners Europe

June 14, 2022 - June 15, 2022

MSP Summit

September 13, 2022 - September 16, 2022

Galleries

View all

IBM, F5, Appgate, Axonius, CyberGRX Among ‘Must-See’ Vendors at RSA

May 25, 2022

So You Want to Build a Microsoft Practice? Here’s What It Will Take

May 25, 2022

Cisco Hybrid Cloud Trends Report Indicates Important Uptake

May 25, 2022

Industry Perspectives

View all

Leverage Your MSP’s People Power

May 24, 2022

How SD-WAN Helps Secure the Expanding Network Perimeter

May 19, 2022

A Sneak Peek at the 2022 BrightCloud Threat Report

May 17, 2022

Webinars

View all

Simplifying SaaS Security for MSPs

April 27, 2022

How to Supercharge The Network to Support Your IT Superhero Moves

May 3, 2022

The 2022 MSP Challenge: Scale Service Delivery Despite the Talent Gap

April 21, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

Vonage Addresses Potential Partner Opportunity via Acquisition by Ericsson

May 5, 2022

Lumen Technologies ‘Built for Growth and Scale’

May 4, 2022

Twitter

ChannelFutures

Introducing the 2022 Channel Futures MSP 501: The best of the best. Register for the reveal webinar here.… twitter.com/i/web/status/1…

May 25, 2022
ChannelFutures

.@Tanium launches new Technology Partner Program. #endpointdata dlvr.it/SR3pvw https://t.co/5DL6gvTAhX

May 25, 2022
ChannelFutures

EMA's picks for must-see vendors at next month's @RSAConference: @AppGateSecurity, @AxoniusInc, @coalfire,… twitter.com/i/web/status/1…

May 25, 2022
ChannelFutures

Jim Campbell of @opkalla shared how the consultancy built a Microsoft gold partner CSP business in 18 months.… twitter.com/i/web/status/1…

May 25, 2022
ChannelFutures

.@Nable's new N-hanced Services empower partners to leverage N-able’s full breadth of experience and expertise, the… twitter.com/i/web/status/1…

May 25, 2022
ChannelFutures

Work Goes Remote – (and Other Top ITOps Trends) dlvr.it/SR3d06

May 25, 2022
ChannelFutures

.@ConnectWise adds two executives to its leadership team: Todd Hale as CIO and Ciaran Chu as GM of ConnectWise Cont… twitter.com/i/web/status/1…

May 25, 2022
ChannelFutures

.@Intuit vet joining @McAfee as its new president and CEO. #cybersecurity dlvr.it/SR3c0s https://t.co/GH5cJzTq8F

May 25, 2022

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X