Cybertelecom
Cybertelecom
Federal Internet Law & Policy
An Educational Project

Customer Proprietary Network Information (CPNI)

Navigation Links:
:: Home :: Feedback ::
:: Disclaimer :: Sitemap ::
- Internet over Telecom Service
- - Computer Inquiries
- - CPE Carterfone
- - CPNI
- - Info Service
- - Timeline
- Network Neutrality
- Common Carriage
- Internet over Cable
- - Open Access
- Internet over DSL
- Internet over Wireless
- Internet over Powerline

CPNI originated as a Computer Inquiry safeguard of competition in the information services market. The safeguard acknowledged that telephone company (monopolies), upon which information services depended for telecommunications, possessed certain sensitive customer information that could be used for unfair commercial benefit. The knowledge of what telecommunications a customer might be consuming gave the telephone companies an opportunity to market new products to customers. If the telephone company knew that a customer was ordering DSL, but not getting internet service from the telephone company, the telephone company (frequently through the guy who showed up at the door of the customer with a truck in order to install the service) could market the telephone company's service over the independent ISPs. The FCC concluded that this was anticompetitive, and indicated that telephone companies could use information acquired from the sale of telephone service only for the purpose of marketing telephone service; the telephone company could not use that information to market non-regulated information services.

CPNI was codified by the Telecommunications Act of 1996, but as with many things, not exactly as it had been in the Computer Inquiries. CPNI became privacy regulation - not for the benefit of competitive services - but for the benefit of the customer. While this is important, it is also outside the scope of Cybertelecom and we don't track it closely any more. A good source of information on CPNI is EPIC.

Oh but by the way, the safeguard which was designed to protect Internet services from anticompetitive behavior by telephone companies with market power - has now been imposed on Internet services in the form of VoIP!

Customer Information / Privacy

47 CFR Part 64

Note This information is out of date  See Below:A significant concern is the situation where non-affiliated ISPs order services from their telecommunications supplier BOC and, in the same act, provide sensitive proprietary customer information to their competitor BOC.  The Computer Inquiries recognized the problem that BOCs can use information gathered as a supplier to unfairly compete with ESP competitors.  Thus, the Commission created restrictions on the ability of the BOC to use that information. In Computer III, the Commission required BOCs and GTE

to (1) make CPNI available, upon customer request, to unaffiliated enhanced service vendors, on the same terms and conditions that are available to their own enhanced services personnel; (2) limit their enhanced services personnel from obtaining access to a customer's CPNI if the customer so requests; and (3) notify multi-line business customers annually of their CPNI rights.[1] 

In addition, the Commission prohibited BOCs and GTE from providing to its affiliated ESP "any customer proprietary information unless such information is available to any member of the public on the same terms and conditions." 47 C.F.R. § 64.702(d)(3).

In 1996, Congress passed the new Privacy of Customer Information provision, codified as Section 222 of the Communications Act.   47 U.S.C. § 222. Section 222 contains the restrictions on the use of customer information by all carriers, not just BOCs.   This includes Customer Proprietary Network Information and Carrier Information. 

The FCC concluded that Section 222 replaced "the Computer III CPNI framework in all material respects,"[2]  however, the Order where the FCC made that conclusion was vacated by a federal appeals court.[3]

Section 222 defines Customer Proprietary Network Information (CPNI) as

   (A) information that relates to the quantity, technical configuration, type, destination, and amount of use of a telecommunications service subscribed to by any customer of a telecommunications carrier, and that is made available to the carrier by the customer solely by virtue of the customer-carrier relationship; and 
   (B) information contained in the bills pertaining to telephone exchange service or telephone toll service received by a customer of a carrier.
Except that such term does not include subscriber list information. 

47 U.S.C. § 222(f)(1).

Subscriber list information (aka PII), essentially the information listed in a phone book, is defined as

Any information 
(A) identifying the listed names of subscribers of a carrier and such subscribers' telephone numbers, addresses, or primary advertising classifications (as such classification are assigned at the time of the establishment of such service), or any combination of such listed names, numbers, addresses, or classifications; and 
(B) that the carrier or an affiliate has published, caused to be published, or accepted for publication in any directory format. 

47 U.S.C. §  222(f)(3).   According to Section 222, 

Except as required by law or with the approval of the customer, a telecommunications carrier that receives or obtains customer proprietary network information by virtue of its provision of a telecommunications service shall only use, disclose, or permit access to individually identifiable customer proprietary network information in its provision of (A) the telecommunications service from which such information is derived, or (B) services necessary to, or used in, the provision of such telecommunications service, including the publishing of directories. 

47 U.S.C. § 222(c)(1).  In other words, information gathered in order to provide telecommunications service can be used only for the provision of that service.  A carrier could not use the information it has gathered from providing telephone service in order to market Internet services.[3]   The key exception is whether the carrier has the approval of the customer to use that information for other purposes.

It is important to understand that these rules only apply where information is derived from the provision of telecommunications services; it does not apply where the LEC is providing non-telecommunications services such as Internet services. 
Many ISPs are also Competitive Local Exchange Carriers (CLECs).  Another portion of Section 222 addresses customer information in the context of intercarrier relations.  It states

A telecommunications carrier that receives or obtains proprietary information from another carrier for purposes of providing any telecommunications service shall use such information only for such purpose, and shall not use such information for its own marketing efforts.

47 U.S.C. § 222(b). In 1998, the Commission promulgated rules implementing Section 222 of the Communication Act. See 47 C.F.R. § 64.2005.  U.S. West filed an appeal concerning the FCC rules with the Tenth Circuit Court of Appeals, which vacated the FCC rules as violating the First Amendment. U S WEST, Inc. v. FCC, 182 F.3d 1224 (10th Cir. 1999), cert. denied, 120 S.Ct. 2215 (2000).

Where does this leave CPNI?  The FCC rules implementing Section 222 have been vacated; Section 222 has not been vacated and remains binding.  Furthermore, since the FCC's Section 222 rules were vacated, the previous FCC's Computer III CPNI rules remain in place.

[1] Joint Petition, ¶ 46.  See also Ameritech's CEI Plan, ¶ 41; GTE ONA, Bell Atlantic's CEI Plan;ONA Review, ¶ 25, 398-447.

[2] In re Implementation of the Telecommunications Act of 1996; Telecommunications Carriers' Use of Customer Proprietary Network Information and Other Customer Information; CC Docket No. 96-115, CC Docket No. 96-149, Second Report And Order And Further Notice Of Proposed Rulemaking,   180 (February 19, 1998) (hereinafter CPNI)

[3] US West v. FCC, Docket 98-9518, 182 F.3d 1224 (10th Cir. Aug 18, 1999), cert. denied sub. nom Competition Policy Institute v. U.S. West, Docket 99-1427, 120 S. Ct. 2215  (S.Ct. June 2000).

[3] See CPNI, supra note 2; In re Implementation of the Telecommunications Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network Information and Other Customer Information; CC Docket No. 96-115, CC Docket No. 96-149, Order on Recon and Petitions for Forbearance,   46-47 (September 3, 1999) (hereinafter CPNI Recon) (concluding that the provision of Internet services is not necessary to the provision of telecommunications service).

[4]See CPNI Recon, supra note 3, ¶  159; In re Implementation of the Telecommunications Act of 1996: Telecommunications Carriers' Use of Customer Proprietary Network Information and Other Customer Information, CC Docket No. 96-115, Order ¶ 1 (CCB May 21, 1998).

See also EPIC's CPNI Overview

Regulatory Activity

(Dkt No. 96-115, 96-149) Awaiting Fed Reg Publication. . Original Rules were vacated by 10th Circuit Court of Appeals.  Supreme Court denied cert (will not review the case).  FCC has released new rules per court decision.
Customer Proprietary Network Information
7/25/02
Federal Communications Commission resolves several issues in connection with carriers' use of customer proprietary network information (CPNI) pursuant to section 222 of the Telecommunications Act of 1996.  Third Report and Order and 3rd Further Notice of Proposed Rulemaking: | Text | Acrobat
----
7/16/02
FCC Adopts Rules Resolving How Phone Companies Share and Market Customer Information
News Release: Word | Text | Acrobat
Chairman Powell's Statement: Word | Text | Acrobat
Commissioner Abernathy's Statement: Word | Text | Acrobat
Commissioner Martin's Statement: Word | Text | Acrobat
Commissioner Copps's Statement: Word | Text | Acrobat
----
  1. We resolve in this Order several issues in connection with carriers' use of customer proprietary network information ("CPNI") pursuant to section 222 of the Telecommunications Act of 1996.1 Through section 222, Congress recognized both that telecommunications carriers are in a unique position to collect sensitive personal information   including to whom, where and when their customers call   and that customers maintain an important privacy interest in protecting this information from disclosure and dissemination. The rules we adopt today focus on the nature of the customer approval needed before a carrier can use, disclose or permit access to CPNI. In formulating the required approval mechanism described below, we carefully balance carriers' First Amendment rights and consumers' privacy interests so as to permit carriers flexibility in their communications with their customers while providing the level of protection to consumers' privacy interests that Congress envisioned under section 222.
  2. More specifically, we adopt an approach that comports with the decision2 of the United States Court of Appeals for the Tenth Circuit ("Tenth Circuit") vacating the Commission's requirement that carriers obtain express customer consent for all sharing between a carrier and its affiliates, as well as unaffiliated entities.3 We adopt today an approach that is derived from a careful balancing of harms, benefits, and governmental interests. First, use of CPNI by carriers or disclosure to their affiliated entities providing communications related services4, as well as third party agents and joint venture partners providing communications related services, requires a customer's knowing consent in the form of notice and "opt out" approval.5 Second, disclosure of CPNI to unrelated third parties or to carrier affiliates that do not provide communications related services requires express customer consent, described as "opt in" approval.6 Finally, this Order affirms the finding that the Tenth Circuit vacated only those CPNI rules related to opt in and left intact the remainder of the Commission's rules, 7 including the "total service approach," which permits the carrier to use CPNI to market new product offerings within the carrier customer service relationship, on the basis of the customer's implied consent.8
  3. In this Order, we also further refine the rules governing the process by which carriers provide notification to customers of their CPNI rights. Specifically, we clarify the form, content and frequency of carrier notices.9 In addition, although we decline to reconsider our conclusion that customers' preferred carrier (PC) freeze information constitutes CPNI and thereby continue to accord it privacy protection pursuant to section 222, we choose to forbear from imposing the express consent requirements announced in this Order with respect to PC freezes. Through our limited exercise of forbearance, we balance customers' privacy concerns with carriers' meaningful commercial interests, resulting in PC freeze information being made more readily available among competing carriers, consistent with the public interest.10 We also affirm our previous determination that the word "information" in section 272 does not include CPNI, which is governed instead by section 222 of the Act.11
  4. Finally, we accompany this Order with a Further Notice of Proposed Rulemaking ("Further NPRM") to refresh the record on two issues raised in the CPNI Order Further NPRM: foreign storage of and access to domestic CPNI, and CPNI safeguards and enforcement mechanisms. We additionally request comment on what, if any, appropriate regulations should govern the CPNI held by carriers that go out of business, sell all or part of their customer base, or seek bankruptcy protection.12
Third Report and Order and 3rd Further Notice of Proposed Rulemaking: | Text | Acrobat		 FCC ADOPTS RULES RESOLVING HOW PHONE COMPANIES SHARE AND MARKET CUSTOMER INFORMATION. The FCC adopted rules focused on the nature of the customer approval required before a telecommunications carrier can use, disclose or permit access to customer proprietary network information (CPNI). News Release. (Dkt No 96-115, 96-149, 00-257). Adopted: 07/16/2002. News Media Contact: Mike Balmoris 0253 WCB. Contact Marcy Greene at 1580,

US West v. FCC, Docket 98-9518, 182 F.3d 1224  (10th Cir. Aug 18, 1999), cert. denied sub. nom Competitive Policy Institute v. U.S. West Docket 99-1427, 530 U.S. 1213 (S.Ct. June 2000).

47 USC § 222 Privacy of customer information (1998)

47 CFR § 64.2005 (1999) (vacated) Use of customer proprietary network information without customer approval.

Clarified the Status of our CPNI rules after the Tenth Circuit's opinion and explained how parties may obtain customer consent for use of their CPNI. Seek comments on what methods of customer consent would serve the governmental interests. Action by: By the Commission. Adopted: 08/28/2001 by NPRM. (FCC No. 01-247) Fed Reg Notice. FCC-01-247A1.doc

See FCC's current proceeding status.
  • Implementation of the Telecommunications Act of 1996; Telecommunications Carriers' Use of Customer Proprietary Network Information; and Implementation of the Non-Accounting Safeguards of Sections 271 and 272 of the Communications Act of 1934, as amended, Order on Reconsideration and Petitions for Forbearance, 14 FCC Rcd 14409 (1999) (CPNI Reconsideration Order).
    • "On September 3, 1999, the Commission released an Order on Reconsideration and Petitions for Forbearance [Text Version][Word Perfect Version] that simplified the rules that telecommunications carrie rs (both wireline and wireless companies) must follow to use customer proprietary network information (CPNI), while retaining the privacy protections for carriers' customers. CPNI is the information a telecommunications carrier obtains about a customer that relates to the quantity, technical configuration, type, destination, and amount of use of a telecommunications service subscribed to by that customer. In other words, information about whom you call, when you call, how long you talk and how you communicate.
    "Section 222 of the Communications Act of 1934, as amended, establishes CPNI privacy requirements by restricting all telecommunications carriers' use or disclosure of a customer's CPNI. To implement section 222, the FCC adopted regulations in the CPNI Second Report and Order on February 26, 1998. Some companies argued that these regulations were overly burdensome and requested that the FCC reconsider, clarify, and/or forbear from enforcing parts of those regulations. The Commission adopted the Order on Reconsideration to address those arguments.

    "The Order on Reconsideration lessened the regulatory burden of various CPNI safeguards, while continuing to require that carriers protect customer privacy. Specifically, the FCC reduced the restriction on telecommunications companies' use of CPNI to market services and equipment to their own customers. For example, telephone companies will be able to use CPNI to market to their customers equipment that is necessary to, or used in, the provision of their telephone service, such as telephones and caller ID units, without first obtaining customer permission. The FCC allowed wireline telephone carriers to use CPNI without customer approval to market related information services. Wireless carriers were awarded broader discretion to use CPNI without customer approval to market all information services that are necessary to, or used in, the provision of their telecommunications services. The FCC also allowed all telecommunications companies to use CPNI in their efforts to "win back" customers lost to competitors, reasoning that "winback" campaigns are good for competition and consistent with the Act.

    "The Commission also modified its requirement that carriers develop and implement software that indicates a customer's CPNI approval status within the first few lines of the first screen of a customer's service record. Now, carriers must clearly establish the status of a customer's CPNI approval prior to the use of CPNI, but the specific details of compliance are l eft to the carriers. In so doing, the FCC allowed the carriers the flexibility to adapt their record keeping systems in a manner most conducive to their individual size, capital resources, culture and technological capabilities. The FCC also eliminated the requirement that carriers maintain an electronic audit mechanism that tracks access to customer accounts. Instead, the FCC required carriers to maintain a record of their sales and marketing campaigns that use CPNI.

    "The FCC addressed various issues concerning a customer's approval to use CPNI consistent with section 222, including authorizations obtained by carriers from customers prior to the release of the FCC's CPNI rules. The FCC also eliminated that section of its rules that required a carrier's solicitation for approval, if written, to be on the same document as the carrier's notification. Further, the FCC affirmed its decision to exercise its preemption authority on a case-by-case basis for state rules that conflict with the FCC's rules.

    "After the Commission adopted the Order on Reconsideration, but prior to its release, the Court of Appeals for the Tenth Circuit issued its opinion vacating the Commission's CPNI rules. (U S WEST, Inc. v. FCC, 10th Circuit No. 98-9518 (filed August 18, 1999)). The Court held that the Commission's CPNI rules "must fall under the First Amendment." The Court's mandate has not yet issued and further litigation remains a possibility. Once the Court's mandate issues, the Commission will take appropriate steps to implement the Court's final decision. "  Common Carrier CPNI Page (accessed June 20, 2000)

    What Your Telephone Company Knows About You (And Controlling How They Use It)

    [FCC CGB Webpage (note how this has come to have almost no association with it origins of the Computer Inquiries)]

    What does your telephone company know about you?

    Your local, long distance, and cellular telephone company knows what numbers you call, how often you  call them, how much you pay to call them, what services you subscribe to, how you use those services, and other personal and sensitive information about your telephone usage. This information is called Customer Proprietary Network Information (CPNI). Under the law, telephone companies have a duty to protect this information.

    How can telephone companies use this information?

    A telephone company must obtain customer approval to use, or to share with its affiliates or third parties, CPNI to market to the customer services and products that the customer does not already receive from that company or third parties. A telephone company may use CPNI to market to the customer services and products that the customer currently receives from that company without additional approval from the customer.

    How can telephone companies obtain customer approval to use this information?

    There are two ways companies obtain customer approval. One is by sending the customer a notice telling him or her that the company will use (and/or share with its affiliates or third parties) his or her CPNI to market telecommunications- related products and services that the customer does not currently subscribe to - unless the customer tells the company not to do so. This is known as the "opt-out" method, because the customer's approval is assumed unless he or she "opts-out" of the company's use of the CPNI.

    The other method is known as the "opt-in" method. Under this method, the company will not use, or share with its affiliates or third parties, the customer's CPNI to market to the customer non-telecommunications-related products and services that the customer does not currently subscribe to, unless the customer expressly gives the company permission to do so. In that way, the customer "opts-in" to the company's use of his or her CPNI.

    How can I control the way telephone companies use this information?
     

    • Read your telephone bill and any other notices you receive from your telephone company.
    • Determine if your company is using the opt-in or opt-out method.
    • Decide if you want your telephone company to use, or to share with its affiliates, your CPNI to market to you services and products that you do not already receive from your telephone company.
    • Make your choice clear to your telephone company.
    Remember: These rules apply to all telephone companies: local, long distance and cellular. You will have to make your decision known to each company about how you want it to use your CPNI.

    For more information on telephone company issues, log-on to www.fcc.gov/cgb or call us at 1-888-CALL-FCC (1-888- 225-5322) (voice) and 1-888-TELL-FCC (1-888-835-5322) (TTY).

    Proceeding History:

    • 05/03/05 ORDER ON RECONSIDERATION : Implementation of the Telecommunications Act of 1996; Telecommunications Carriers' Use of Customer Proprietary Network Information and Other Customer Information; Implementation of the Local Competition Provisions of the Telecom Act of 1996; In this Order, the Commission addresses petitions seeking reconsideration of clarification of certain conclusions made by the Commission in the SLI/DA First Report and Order. FCC-05-93. Dkt. Nos. 96-115, 96-98, 99-273. Word | Acrobat

    • In the Matter of Implementation of the Telecommunications Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network Information and Other Customer Information; CC Docket No. 96-115, CC Docket No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further Notice of Proposed Rulemaking (July 25, 2002)
    • Implementation of the Telecommunications Act of 1996; Telecommunications Carriers' Use of Customer Proprietary Network Information and Other Customer Information; Implementation of the Non Accounting Safeguards of Sections 271 and 272 of the Communications Act of 1934, as Amended; Clarification Order and Second Further Notice of Proposed Rulemaking 16 FCC Rcd 16506 (2001)
    • AT&T Petition for Review, AT&T v. FCC, No. 99 1413 (D.C. Cir., July 25, 2000) .
    • In June 2000, the Supreme Court denied the Competitive Policy Institutes request to have the Supreme Court review the case.  Court Won't Limit Use of Phone Data NYT 6/5  US West v. FCC, Docket 98-9518 (10th Cir. Aug 18, 1999), cert. denied sub. Nom Competitive Policy Institute v. U.S. West Docket 99-1427 (S.Ct. June 2000)
    • 9/9/99 THIRD REPORT AND ORDER in CC Docket No. 96-115, SECOND ORDER ON RECONSIDERATION of the Second Report and Order in CC Docket No. 96-98, and NOTICE OF PROPOSED RULEMAKING in CC Docket No. 99-273 [Text Version] [Word Perfect Version]
    • 9/3/99 Implementation of the Telecommunications Act of 1996; Telecommunications Carriers' Use of Customer Proprietary Network Information; and Implementation of the Non Accounting Safeguards of Sections 271 and 272 of the Communications Act of 1934, as amended, Order on Reconsideration and Petitions for Forbearance, 14 FCC Rcd 14409 (1999) [Text Version][Word Perfect Version][PDF Version]
    • US West v. FCC, Docket 98-9518, 182 F.3d 1224 (10th Cir. Aug 18, 1999), cert. denied sub. Nom Competitive Policy Institute v. U.S. West Docket 99-1427 (S.Ct. June 2000)
    • 5/17/1999 CPNI EXTENSION ORDER -- Text Version ||| Word Perfect Version
      • On May 17, 1999, the Common Carrier Bureau issued an Order extending the date on which the petitions requesting forbearance filed shall be granted in absence of a Commission decision that petitions fail to meet the standards for forbearance under section 10(a) of the Act, until 8/16/1999.
    • 9/24/1998 CPNI EXTENSION ORDER -- Text Version ||| Word Perfect Version
      • On September 24, 1998, the Commission extended the deadline for implementation of electronic safeguards to protect against unauthorized access to CPNI until six months after release of a FCC order on reconsideration addressing this issue.
    • 5/21/1998 CPNI CLARIFICATION ORDER -- Text Version ||| Word Perfect Version
      • On May 21, 1998, the Common Carrier Bureau issued an Order clarifying that (1) independently-derived information regarding customer premises equipment and information services is not CPNI and may be used to market CPE and information services to customers in conjunction with bundled offerings; (2) a customer's name, address and telephone numbers are not CPNI; and (3) a carrier is deemed to have met the notice and approval requirements when it provided annual notification, and obtained prior written authorization, pursuant to the FCC's former CPNI rules.
    • 2/26/1998 CPNI SECOND REPORT AND ORDER AND FURTHER NOTICE OF PROPOSED RULEMAKING-- Text Version ||| Word Perfect Version
      • In an FNPRM released on February 26, 1998, the Commission asked for additional comment on three issues involving carrier duties and obligations established under sections 222: whether a customer may restrict carrier use of CPNI for all marketing purposes; the appropriate protections for carrier information and additional enforcement mechanisms the Commission may apply; and the foreign storage of, and access to, domestic CPNI. This phase of the proceeding remains pending.
    • 2/20/1997 PUBLIC NOTICE SEEKING FURTHER COMMENTS -- Text Version
    • Public Notice FCC CLARIFIES CUSTOMER PRIVACY PROVISIONS OF 1996 ACT; Customers To Control Use and Disclosure of Personal Information (CC Docket Nos. 96-115, 96-149) Feb 19, 1998 ("The Computer III CPNI framework, as well as other existing CPNI rules, are superseded by today's comprehensive Order.")
    • In the Matter of Implementation of the Telecommunications Act of 1996: Telecommunications Carriers' Use of Customer Proprietary Network Information and Other Customer Information, Notice of Proposed Rulemaking, 11 FCC Rcd 12513 (1996).
    • Amendment of Section 64.702 of the Commission's Rules and Regulations, CC Docket No. 20828, Final Decision, 77 FCC 2d 384 (1980).

    Legislation

    Legal Actions Based on CPNI and Sec. 222

    • Conboy v. AT&T Corp., 241 F.3d 242 (2nd Cir. 2001)

    Qwest and CPNI

  • Qwest Argues for Limit to Privacy in FCC Filing, Wash Tech 2/11/02
  • Your phone calls for sale?, CNET 1/30/02
  • Qwest Plan Stirs Protest Over Privacy, NYTimes 1/2/02
  • EPIC Letter to Qwest Jan 7, 2002
  • Wellstone Calls Qwest Announcement Positive First Step January 28, 2002
  • Qwest Letter to Washington State Attorney General Jan 25, 2002
  • Washington State Attorney General letter to Qwest Jan 14, 2002
  • Senator Wellstone Press Release about letter to the FCC on Qwest situation Jan 14, 2002

    • Links

    News

     
    Web services provided by
    Wyoming.com
    : Home : About Us : Contact Us : Sitemap : Discussion : Search : Newsletter : RSS :
    : ADA : Broadband : Crime : Copyright : DNS : ECommerce : EGovt : First Amendment : Digital Divide :
    : Network Neutrality : Intl : Privacy : Security : SPAM : Statistics : VoIP : Vote : And Much More! :
    :: Feedback : Disclaimer ::
    © Cybertelecom ::