FCC Reinstates CPNI Privacy Regulations (and Compliance Filing Obligations) for Telecom and VoIP Service Providers

K.C. Halm
Davis Wright Tremaine LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Davis Wright Tremaine LLP

In a recent order, the FCC has reinstated its customer proprietary network information (“CPNI”) rules governing the privacy obligations of voice service providers under Section 222. This action follows the Congressional repeal of the FCC’s 2016 Privacy Order that had extended CPNI regulations to broadband internet access services. As a result, telecom and VoIP providers must again file CPNI compliance certification at the beginning of each year (beginning again in 2018) in order to certify compliance with these regulations.
 
While the legislative and administrative history is somewhat complex, the upshot of these developments is not. These actions simply take the industry back to the position of having to comply with the CPNI regulations that were in effect prior to adoption of the 2016 Privacy Order. In practical terms, that means that following publication in the Federal Register providers of interstate telecommunications services or interconnected VoIP services will be required to comply with the FCC’s regulations governing the access, use and disclosure of CPNI.

In addition, in this order the FCC also affirmed that:

  • The reinstated CPNI regulations will not cover broadband internet access services. 
  • Although these regulations do not extend to broadband, broadband service providers remain subject to Section 222 for the time being, until the Commission adopts (as we expect) an order rolling back Title II obligations on broadband. The FCC’s order also reminds providers of the prior Enforcement Bureau guidance offered to broadband providers in May of 2015 explaining how the Commission would enforce the statute absent any effective regulations.
  • This action reinstates the annual compliance certification filing requirement on a prospective basis. Thus, covered providers of telecommunications and VoIP services must file a certification of compliance no later than March 1, 2018 (certifying compliance during calendar year 2017).

As we have advised previously, CPNI certifications must include specific information concerning the provider’s compliance with the regulations, including a written explanation of how the provider’s program ensures compliance, whether the provider has taken action against data brokers, and a summary of all consumer complaints received in the prior year concerning unauthorized release of CPNI, or a clear statement that there were no such complaints.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Davis Wright Tremaine LLP | Attorney Advertising

Written by:

Davis Wright Tremaine LLP
Davis Wright Tremaine LLP
Contact
more
less

Davis Wright Tremaine LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide