|
Cybertelecom
Federal Internet Law & Policy
An Educational Project
|
|
Notes:
CPNI
|
|
Notes
> Privacy
> CPNI Regulatory
Page
These notes are not complete and there is no guarantee
that they are accurate. They are presented simply as notes. Feel free to
use them but as with all material on the Internet Telecom Project, you
should consider them a beginning to your research and not an end.
Privacy
"The right to be left alone -the most comprehensive of rights, and the
most valued by a free people."
Olmstead v. U.S., 277 U.S. 438, 1928. Justice Brandeis
Privacy, particularly in the area of communications, is a well established
policy and objective of the Communications Act. Thus, any threatened or
potential invasion of privacy is cause for concern by the Commission and
the industry. In the past, the invasion of information privacy was rendered
difficult by the scattered and random nature of individual data. Now the
fragmentary nature of information is becoming a relic of the past."
--Notice of Inquiry, In the Matter of Regulatory and Policy Problems
Presented by the Interdependence of Computer and Communication Services
and Facilities, Docket No. 16979, 8 R.R. 2d 1567, 1572 (1966)
CPNI
47
CFR § 2001 et seq
Definition
CPNI
CPNI is defined as "(A) information that relates to the quantity, technical
configuration, type, destination, location, and amount of use of a telecommunications
service subscribed to by any customer of a telecommunications carrier,
and that is made available to the carrier by the customer solely by virtue
of the carrier customer relationship; and (B) information contained in
the bills pertaining to telephone exchange service or telephone toll service
received by a customer of a carrier."19 Practically speaking,
CPNI includes personal information such as the phone numbers called by
a consumer, the length of phone calls, and services purchased by the consumer,
such as call waiting.
1947 U.S.C. § 222(f)(1) and 47 U.S.C.
§ 222(h)(1)(A) (The 911 Act amended the definition of CPNI at
section 222(h) to include "location" among a customer's information that
carriers are required to protect under the privacy provisions of section
222)
-- In the Matter of Implementation of the Telecommunications Act of 1996
Telecommunications Carriers' Use of Customer Proprietary Network Information
and Other Customer Information; CC Docket No. 96-115, CC Docket No. 96-149,
CC Docket No. 00 257, Third Report and Order and Third Further Notice of
Proposed Rulemaking, para 7 (July 25, 2002)
9. On May 21, 1998, in response to a number of requests for clarification
of the CPNI Order, the Common Carrier Bureau released a Clarification Order.
This order addressed several issues. It concluded that independently-derived
information regarding customer premises equipment (CPE) and information
services is not CPNI and may be used to market CPE and information services
to customers in conjunction with bundled offerings. In addition,
it clarified that a customer's name, address, and telephone number are
not CPNI.
. . . . .
159. Section 222(c)(1) prohibits the use of CPNI only where it
is derived from the provision of a telecommunications service. Consequently,
we find that information that is not received by a carrier in connection
with its provision of telecommunications service can be used by the carrier
without customer approval, regardless of whether such information is contained
in a bill generated by the carrier. Therefore, consistent with the
Clarification Order, customer information derived from information services
that are held not to be telecommunications services may be used,
even if the telephone bill covers charges for such information services.
-- In Re Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information, CC Docket No. 96-115, 96-149,
Order On Reconsideration And Petitions For Forbearance (September 3, 1999)
Moreover, the Commission expressly noted that "customer information
derived from the provision of any non-telecommunications service, such
as CPE or information services, is not covered by section 222(c)(1), and
thus may be used to provide or market any telecommunications service regardless
of telecommunications service categories or customer approval."
4. The Bureau believes that further clarification of carriers'
obligations and rights in the context of bundled offerings will serve to
minimize any potential confusion regarding a carrier's ability to use CPNI
and other customer information to market new bundled offerings to existing
customers. Accordingly, we make clear that, when a customer purchases
CPE or information services from a carrier that are bundled with a telecommunications
service, the carrier subsequently may use any customer information independently
derived from the carrier's prior sale of CPE to the customer or the customer's
subscription to a particular information service offered by the carrier
in its marketing of new CPE or a similar information service that is bundled
with a telecommunications service. Neither CPE nor information services
constitute "telecommunications services" as defined in the Act.
Therefore, any customer information derived from the carrier's sale of
CPE or from the customer's subscription to the carrier's information service
would not be "CPNI" because section 222(f) defines CPNI in terms of information
related to a "telecommunications service." As a result, in situations
where the bundling of a telecommunications service with CPE, information
services, or other non-telecommunications services is permissible, a carrier
may use CPNI to target particular customers in a manner consistent with
the Second Report and Order, and it also may use the customer information
independently derived from the prior sale of the CPE, the customer's subscription
to a particular information service, or the carrier's provision of other
non-telecommunications offerings to market its bundled offering.
. . . . .
9. Although the definition of CPNI includes "information contained
in the bills pertaining to telephone exchange service or telephone toll
service received by a customer of a carrier," we do not interpret this
language to include every item that appears on a customer's bill.
Specifically, we do not consider a customer's name, address, and telephone
number to be "information pertaining to telephone exchange service or telephone
toll service." Rather, we consider this information to be part
of a carrier's business record or customer list that identifies the customer
and indicates how that customer can be contacted by the carrier.
Although such information generally appears on a customer's billing statement,
it does not pertain to the "telephone exchange service or toll service"
received by the customer, as specified by the statutory definition in section
222(f)(1)(B). If the definition of CPNI included a customer's name,
address, and telephone number, a carrier would be prohibited from using
its business records to contact any of its customers to market any new
service that falls outside the scope of its existing service relationship
with those customers. In fact, under such an interpretation,
a carrier would not even be able to contact a single customer in an effort
to obtain permission to use their CPNI for marketing purposes because the
carrier's mere use of its customer list to initiate contact with its customers
would constitute a violation of section 222. This anomalous result
was clearly not intended by section 222. Therefore, we clarify that
a carrier's use of its customers' name, address, and telephone number for
marketing purposes would not be subject to the CPNI restrictions in section
222(c)(1) because such information is not CPNI. Thus, under section
222 and the Commission's rules, a carrier could contact all of its customers
or all of its former customers, for marketing purposes, by using a customer
list that contains each customer's name, address, and telephone number,
so long as it does not use CPNI to select a subset of customers from that
list.
-- In Re Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information, CC Docket No. 96-115, Order
¶ 3 (May 21, 1998)
Subscriber List Info
Foot Note 25. 47 U.S.C. s 222(f)(3). "The term 'subscriber list information'
means any information (A) identifying the listed names of subscribers
of a carrier and such subscribers' telephone numbers, addresses or primary
advertising classifications (as such classifications are assigned at the
time of the establishment of such service), or any combination of such
listed names, numbers, addresses, or classifications; and (B) that the
carrier or an affiliate has published, caused to be published, or accepted
for publication in any directory format." Id.
-- In the Matter of Implementation of the Telecommunications Act of
1996 Telecommunications Carriers' Use of Customer Proprietary Network Information
and Other Customer Information; CC Docket No. 96-115, CC Docket No. 96-149,
CC Docket No. 00 257, Third Report and Order and Third Further Notice of
Proposed Rulemaking (July 25, 2002)
8. We clarify that a customer's name, address, and telephone
number do not fall within the definition of CPNI, set forth in section
222(f)(1). Section 222(f)(1) defines CPNI as:
(A) information that relates to the quantity, technical configuration,
type, destination, and amount of use of a telecommunications service subscribed
to by any customer of a telecommunications carrier, and that is made available
to the carrier by the customer solely by virtue of the carrier-customer
relationship; and (B) information contained in the bills pertaining to
telephone exchange service or telephone toll service received by a customer
of a carrier; except that such term does not include subscriber list information.
Subscriber list information includes a customer's name, address, and telephone
number so long as they have been published. Therefore, it is
clear that the definition of CPNI does not include a customer's name, address,
and telephone number that have been published, in the manner described
by section 222(f)(3)(B). The question remains, however, as to whether
such information that has not been published should be considered CPNI.
--In Re Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information, CC Docket No. 96-115, Order
(May 21, 1998)
FCC Implementation of
Section 222
47 C.F.R. § 64.2000 et seq.
5. This proceeding was initiated in 1996 to implement section
222 of the Act, which governs carriers' use and disclosure of CPNI.13 Section
222, entitled "Privacy of Customer Information," obligates carriers to
protect the confidentiality of certain information. Section 222(a) imposes
a general duty on telecommunications carriers to protect the confidentiality
of proprietary information.14 Carriers owe this duty to other carriers,
equipment manufacturers, and customers.15 Section 222(b) states that a
carrier that receives or obtains proprietary information of other carriers
in order to provide a telecommunications service can only use that information
for that purpose and cannot use that information for its own marketing
efforts.16 Finally, section 222(c) protects the confidentiality of customer
information and specifically delineates the exceptions to the general principle
of confidentiality.17
6. In section 222, Congress laid out a framework for carriers'
use of customer information based on the sensitivity of the information.
In particular, the statute allows easier dissemination of information beyond
the existing customer carrier relationship where information is not sensitive,
or where the customer so directs. Thus, section 222 establishes three categories
of customer information to which different privacy protections and carrier
obligations apply: (1) individually identifiable CPNI, (2) aggregate customer
information, and (3) subscriber list information. The Wireless Communications
and Public Safety Act of 1999 (911 Act) amended section 222 with respect
to privacy of wireless location information.18
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking, ¶ 8 (July 25, 2002).
On May 17, 1996, the Commission initiated a rulemaking, in response
to various formal requests for guidance from the telecommunications industry,
regarding the obligation of carriers under section 222 and related issues.
The Commission subsequently released the CPNI Order on February
26, 1998. The CPNI Order addressed the scope and meaning of section
222, and promulgated regulations to implement that section. It concluded,
among other things, as follows: (a) carriers are permitted to use CPNI,
without customer approval, to market offerings that are related to, but
limited by, the customers' existing service relationship; (b) before carriers
may use CPNI to market outside the customer's existing service relationship,
carriers must obtain express written, oral, or electronic customer approval;
(c) prior to soliciting customer approval, carriers must provide a one-time
notification to customers of their CPNI rights; (d) in light of the comprehensive
regulatory scheme established in section 222, the Computer III CPNI
framework is unnecessary; and (e) sections 272 and 274 impose no additional
CPNI requirements on the Bell Operating Companies (BOCs) beyond those imposed
by section 222. -- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, Order on Recon and Petitions for Forebearance, ¶ 8 (September
3, 1999).
158. In the Common Carrier Bureau's
Clarification
Order, the Bureau said that Acustomer
information derived from the provision of any non-telecommunications service,
such as CPE or information services . . . may be used to provide or market
any telecommunications service . . . .@
Omnipoint asks the Commission to clarify that section 222 does not prohibit
the use of customer information derived from non-telecommunications services
bundled with telecommunications services merely because charges for those
services appeared on a customer's telephone bill. Omnipoint contends that
its position logically follows from the statement in the Clarification
Order. U S WEST agrees with Omnipoint's position, but contends that
the statute is clear, and no clarification is required.
Section 222(c)(1) prohibits the use of CPNI
only where it is derived from the provision of a telecommunications service.
Consequently, we find that information that is not received by a carrier
in connection with its provision of telecommunications service can be used
by the carrier without customer approval, regardless of whether such information
is contained in a bill generated by the carrier. Therefore, consistent
with the Clarification Order, customer information derived from
information services that are held not to be telecommunications services
may be used, even if the telephone bill covers charges for such information
services. -- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, Order on Recon and Petitions for Forebearance, ¶ 159 (September
3, 1999).
We agree with the Bureau that carriers that have complied
with the Computer III notification and prior written approval requirements
in order to market enhanced services to certain large business customers
should be deemed in compliance with section 222 and the Commission's rules.
For the reasons stated in the Clarification Order, we agree that
the Computer III framework required carriers to provide these large
business customers with adequate notice and obtain express, affirmative
approval in material compliance with the form and content of those required
by section 222 and the Commission's rules. Although it is true that the
Computer
III consents were given prior to the advent of local competition, we
believe that the detailed notice and express, affirmative consent required
under that regime compensate for this deficiency. Moreover, we are not
persuaded by CompTel's assertion that the BOCs warnings that they may
have to change the customer's account representatives put undue pressure
on these business customers to relent. Finally, we also conclude that although
some of the Computer III annual notifications may not have been
"proximate to" the carrier solicitations as required by section 222, the
Computer
III regime's annual notification requirement and limitation to business
customers with more than 20 access linesCrequirements
that we note are more stringent than required by section 222Cmaterially
satisfy the concerns we intended to address by the proximate notification
requirement promulgated in the CPNI Order. As such, we agree with
the Bureau that the Computer III notifications are in material compliance
with section 222 and the Commission's rules, and adopt the reasoning and
conclusions of the Clarification Order as our own. -- In
the Matter of Implementation of the Telecommunications Act of 1996
Telecommunications Carriers' Use of Customer Proprietary Network Information
and Other Customer Information; CC Docket No. 96-115, CC Docket No. 96-149,
Order on Recon and Petitions for Forebearance, ¶ 98 (September 3,
1999).
46. We continue to exclude from this list, as the
Commission did in the CPNI Order, Internet access services. Despite
contrary claims from some petitioners, there is no convincing new evidence
on the record that shows that such services are necessary to, or used in,
the making of a call, even in the broadest sense. There is also no evidence,
currently, that customers expect to receive such services from their wireline
provider, or that they expect to use such services in the way that they
expect to receive or use the above-listed services.
47. We will, however, add protocol conversions to
the list of services that carriers may market using CPNI without customer
approval. In its petition, Bell Atlantic requests that we redefine protocol
conversion as a telecommunications service. A protocol conversion assists
terminals or networks operating with different protocols to communicate
with each other. Bell Atlantic asserts that protocol conversions that do
not alter the underlying information sent and received should not be defined
as information services. We do not believe that protocol conversions should
be redefined as a telecommunications service but because protocol conversions
are necessary to the provision of the telecommunications service, in the
instances where they are used, protocol conversions should be included
in the group of information services listed above. Accordingly, we grant
Bell Atlantic's request to use CPNI to market, without customer approval,
protocol conversions. -- In the Matter of Implementation
of the Telecommunications Act of 1996 Telecommunications Carriers' Use
of Customer Proprietary Network Information and Other Customer Information;
CC Docket No. 96-115, CC Docket No. 96-149, Order on Recon and Petitions
for Forebearance, ¶¶ 46-47 (September 3, 1999).
We grant, in part, the petitions for reconsideration which request that
we allow all carriers to use CPNI to market customer premises equipment
(CPE) and information services under section 222(c)(1) without customer
approval. We conclude that all carriers may use CPNI, without customer
approval, to market CPE. We further conclude that CMRS carriers may use
CPNI, without customer approval, to market all information services, while
wireline carriers may do so for certain information services. We deny the
petitions for forbearance on these issues. -- In the Matter of Implementation
of the Telecommunications Act of 1996 Telecommunications Carriers' Use
of Customer Proprietary Network Information and Other Customer Information;
CC Docket No. 96-115, CC Docket No. 96-149, Order on Recon and Petitions
for Forebearance, ¶ 7 (September 3, 1999).
On May 21, 1998, in response to a number of requests for clarification
of the CPNI Order, the Common Carrier Bureau released a Clarification
Order. This order addressed several issues. It concluded that independently-derived
information regarding customer premises equipment (CPE) and information
services is not CPNI and may be used to market CPE and information services
to customers in conjunction with bundled offerings. In addition, it clarified
that a customer's name, address, and telephone number are not CPNI. --
In the Matter of Implementation of the Telecommunications Act of
1996 Telecommunications Carriers' Use of Customer Proprietary Network Information
and Other Customer Information; CC Docket No. 96-115, CC Docket No. 96-149,
Order on Recon and Petitions for Forebearance, ¶ 9 (September 3, 1999).
On February 26, 1998, the Commission released a Second Report and
Order and Further Notice of Proposed Rulemaking (Second Report and
Order) interpreting and implementing, among other things, the portions
of section 222 of the Communications Act of 1934, as amended, that govern
the use and disclosure of, and access to, customer proprietary network
information (CPNI) by telecommunications carriers. Since the release of
the Second Report and Order, a number of parties have requested
that the Commission clarify various issues pertaining to that order. In
response to these requests, the Common Carrier Bureau issues this order
clarifying the Second Report and Order as follows:
(a) Independently-derived information regarding customer premises equipment
(CPE) and information services is not CPNI and may be used to market CPE
and information services to customers in conjunction with bundled offerings.
(b) A customer's name, address, and telephone number are not CPNI.
(c) A carrier has met the requirements for notice and approval under
section 222 and the Commission's rules where it has both provided annual
notification to, and obtained prior written authorization from, customers
with more than 20 access lines in accordance with the Commission's former
CPNI rules.
(d) Although a carrier must ensure that its certification of corporate
compliance with the Commission's CPNI rules is made publicly available,
it is not required to file this certification with the Commission.
--In the Matter of Implementation of the Telecommunications Act of 1996:
Telecommunications Carriers' Use of Customer Proprietary Network Information
and Other Customer Information, CC Docket No. 96-115, ¶ 1 (CCB May
21, 1998).
Accordingly, we make clear that, when a customer purchases CPE or information
services from a carrier that are bundled with a telecommunications service,
the carrier subsequently may use any customer information independently
derived from the carrier's prior sale of CPE to the customer or the customer's
subscription to a particular information service offered by the carrier
in its marketing of new CPE or a similar information service that is bundled
with a telecommunications service. Neither CPE nor information services
constitute "telecommunications services" as defined in the Act. Therefore,
any customer information derived from the carrier's sale of CPE or from
the customer's subscription to the carrier's information service would
not be "CPNI" because section 222(f) defines CPNI in terms of information
related to a "telecommunications service." As a result, in situations where
the bundling of a telecommunications service with CPE, information services,
or other non-telecommunications services is permissible, a carrier may
use CPNI to target particular customers in a manner consistent with the
Second
Report and Order, and it also may use the customer information independently
derived from the prior sale of the CPE, the customer's subscription to
a particular information service, or the carrier's provision of other non-telecommunications
offerings to market its bundled offering. --In the Matter of Implementation
of the Telecommunications Act of 1996: Telecommunications Carriers' Use
of Customer Proprietary Network Information and Other Customer Information,
CC Docket No. 96-115, ¶ 4 (CCB May 21, 1998).
Prior to the adoption of the Telecommunications Act of 1996, the framework
established under the Commission's Computer III regime governed
the use of CPNI by the BOCs, AT&T, and GTE to market CPE and enhanced
services. Two important components of this Computer III framework
were: (1) a carrier's obligation to provide an annual notification of CPNI
rights to multi-line customers regarding enhanced services, as well as
a similar notification requirement regarding CPE that applied only to the
BOCs, and (2) a carrier's obligation to obtain prior written authorization
from business customers with more than 20 access lines to use CPNI to market
enhanced services. We clarify that in circumstances where a carrier has
provided annual notification and received prior written authorization from
customers with more than twenty access lines, the requirements for notice
and approval under section 222, and the associated Commission rules, are
satisfied for those customers. --In the Matter of Implementation of the
Telecommunications Act of 1996: Telecommunications Carriers' Use of Customer
Proprietary Network Information and Other Customer Information, CC Docket
No. 96-115, ¶ 10 (CCB May 21, 1998).
Appellate Court Vacates
FCC Rules
20. On August 18, 1999, the Tenth Circuit issued an opinion vacating a
portion of the CPNI Order in U S WEST. 49 U S WEST (now Qwest) contended
that the opt in approach adopted by the Commission violated the First and
Fifth Amendments of the Constitution. 50 The Tenth Circuit struck down
the Commission's original customer approval rules, finding that the CPNI
rules impermissibly regulated protected commercial speech and thus violated
the First Amendment. 51 Specifically, the court found that the opt in regime
was not narrowly tailored because the Commission had failed to adequately
consider an opt out option. 52
. . . .
29. Importantly, the court did not find section 222 of the Act
unconstitutional. 86 As noted, U S WEST did not even challenge the constitutionality
of section 222. 87 Therefore, the task before the Commission remains the
same: to implement regulations that satisfy Congress' goal of protecting
consumer privacy by requiring carriers to obtain customer consent for certain
uses of CPNI. As required by the Tenth Circuit, any new regulations adopted
by the Commission in the instant proceeding must meet the standard articulated
by the Supreme Court in Central Hudson.
. . . . .
79. We affirm our previous determinations that the "Tenth Circuit
vacated only the specific portion of our CPNI rules relating to the opt
in mechanism." 173 As the Commission noted in seeking comment in the Clarification
Order Further NRPM, the Tenth Circuit's order was subject to interpretation
as to whether it vacated the entirety of the CPNI rules or just those related
to the opt in requirement. 174 However, as we have twice previously held,
substantial portions of the Commission's CPNI rules were not relevant to
the issue before the court and were beyond the scope of the court's constitutional
analysis. 175
-- In the Matter of Implementation of the Telecommunications Act of
1996 Telecommunications Carriers' Use of Customer Proprietary Network Information
and Other Customer Information; CC Docket No. 96-115, CC Docket No. 96-149,
CC Docket No. 00 257, Third Report and Order and Third Further Notice of
Proposed Rulemaking, para 20 f(July 25, 2002)
"After the Commission adopted the Order on Reconsideration, but prior
to its release, the Court of Appeals for the Tenth Circuit issued its opinion
vacating the Commission's CPNI rules. (U S WEST, Inc. v. FCC, 10th Circuit
No. 98-9518 (filed August 18, 1999)). The Court held that the Commission's
CPNI rules "must fall under the First Amendment." The Court's mandate has
not yet issued and further litigation remains a possibility. Once the Court's
mandate issues, the Commission will take appropriate steps to implement
the Court's final decision." -- Welcome To The FCC, Common Carrier Bureau's
Homepage For The CPNI Proceeding Last Updated 9/9/99 (accessed February
15, 2000) http://www.fcc.gov/ccb/ppp/Cpni/welcome.html
US West v. FCC, Docket 98-9518 (10th Cir. Aug 18, 1999),
cert. denied sub. Nom Competitive Policy Institute v. U.S. West Docket
99-1427 (S.Ct. June 2000) http://www.kscourts.org/ca10/cases/1999/08/98-9518.htm
We vacate the FCC's CPNI Order, concluding that the FCC failed to adequately
consider the constitutional ramifications of the regulations interpreting
§ 222 and that the regulations violate the First Amendment.
. . . . .
The FCC failed to adequately consider the constitutional implications
of its CPNI regulations. Even if we accept the government's proffered interests
and assume those interests are substantial, the FCC still insufficiently
justified its choice to adopt an opt-in regime. Consequently, its CPNI
regulations must fall under the First Amendment. At the very least, the
foregoing analysis shows that the CPNI regulations clearly raise a serious
constitutional question, invoking the rule of constitutional doubt. Accordingly,
we VACATE the FCC's CPNI Order and the regulations adopted therein.(15)
Background: Procedural
History
10. On May 17, 1996, the Commission initiated a rulemaking in response
to requests for guidance from the telecommunications industry regarding
the obligations of telecommunications carriers under section 222 of the
Act and related issues. 29 The Commission released the CPNI Order on February
26, 1998, in which it addressed the scope and meaning of section 222 and
promulgated implementing regulations.30
. . . .
15. On August 16, 1999, the Commission adopted the CPNI Reconsideration
Order in response to a number of petitions for reconsideration, forbearance,
and clarification of the CPNI Order.34 The CPNI Reconsideration Order was
adopted "to preserve the consumer protections mandated by Congress while
more narrowly tailoring [the CPNI] rules, where necessary, to enable telecommunications
carriers to comply with the law in a more flexible and less costly manner."35f
. . . . .
23. On August 28, 2001, the Commission adopted an order (CPNI
Clarification Order) clarifying the status of its CPNI rules in light of
the Tenth Circuit order and issuing a Further Notice of Proposed Rulemaking
(Clarification Order Further NPRM). 58 The Commission affirmed its previous
determination that the Tenth Circuit invalidated only the opt in rule,
not the entire CPNI Order. 59 The Commission sought comment on its interpretation
of the scope of the Tenth Circuit order, and on what type of approval (opt
in or opt out) would best serve the government's goals while respecting
constitutional limits. 60 In addition, the Commission noted that "the consent
mechanism that we eventually adopt in response to the Tenth Circuit's Order
could impact our previous findings regarding the interplay between [sections
222 and 272, and we therefore find it necessary to raise the relevant issues
here." 61
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking, para 10 (July 25, 2002)
2. On May 17, 1996, the Commission initiated a rulemaking, in
response to various informal requests for guidance from the telecommunications
industry, regarding the obligation of telecommunications carriers under
Section 222 of the Act and related issues. 5 The Commission subsequently
released the CPNI Order, on February 26, 198, which addressed the scope
and meaning of Section 222, and promulgated regulations to implement that
section. In the CPNI Order, the Commission determined that 'with Section
222, Congress expressly directs a balance of 'both competitive and consumer
privacy interests with respect to CPNI." 6 It found this conclusion to
be supported by the comprehensive statutory design, which expressly recognizes
the duty of all telecommunications carriers to protect customer information,
and embodies the principle that customers must be able to control information
they view as sensitive and personal from unauthorized use, disclosure,
and access by carriers. Where information is not sensitive, it found that
Section 222 permits the free flow of information beyond the customer-carrier
relationship, because in this situation, the customer's interest rests
more in choosing service with respect to a variety of competitors, thus
necessitating competitive access to the information. 7
3. In the CPNI Order, the Commission stated that Section
222(c)(1) of the Act allows a carrier to use, without the customer's prior
approval, the customer's CPNI derived from the complete service that the
customer subscribes to from that carrier and its affiliates, for marketing
purposes within the existing service relationship. 8 This is known as the
'total service approach.' The Commission also concluded that carriers must
notify the customer of the customer's rights under Section 222 and then
obtain express written, oral or electronic customer approval -- a 'notice
and opt-in' approach -- before a carrier may use CPNI to market services
outside the customer's existing service relationship with that carrier.
9 U S West appealed this order to the Tenth Circuit. On August 16, 1999,
the Commission adopted the CPNI Reconsideration Order 10 in response
to a number of petitions for reconsideration, forbearance, and clarification
of the CPNI Order. The CPNI Reconsideration Order, among other things,
further clarified the total service approach. 11 It also retained the opt-in
approach. 12
4. After the Commission adopted the CPNI Reconsideration Order,
the Tenth Circuit issued its decision in U S WEST v. FCC, vacating a portion
of the CPNI Order 'and the regulations adopted therein. 13 In U S WEST
V. FCC, U S WEST contended that the opt-in approach for customer approval
in the CPNI Order violated the First and Fifth Amendments of the Constitution.
14 The court declined to review the Commission's opt-in approach under
the traditional administrative law standards of *16509 Chevron, 15 in light
of what it perceived as the 'serious constitutional questions' raised by
the approach, and determined that it must be reviewed under the constitutional
standards applicable to regulations of commercial speech in Central Hudson
Gas & Elec. Corp. v. Public Service Commission. 16
5. Implementation of the Telecommunications
Act of 1996: Telecommunications Carriers' use of Customer Proprietary Network
Information and Other Customer Information, Notice of Proposed Rulemaking,
CC Docket No. 96-115, 11 FCC Rcd 12513 (1996) (NPRM).
6. CPNI Order, 13 FCC Rcd 8065, para. 3 (citing
the Joint statement of Mangers, S. Conf. Rep. No. 104-230, 104th Cong.,
2d Sess., 1 (1996).
7. CPNI Order,13 FCC Rcd at 8066, para. 3 ('Indeed,
in provisions governing use of aggregate customer and subscriber list information,
Sections 222(c)(3) and 222(e) respectively, where privacy of sensitive
information is by definition not at stake, Congress expressly required
carriers to provide such information to third parties on nondiscriminatory
terms and conditions.').
8. CPNI Order,13 FCC Rcd at 8080, 8083-84, 8087-88,
paras. 23-24, 30, 35.
9. Id. at 8127-45, paras. 86-107: see also U S WEST
v. FCC, 182 F. 3d at 1230. This approach is distinguished from an 'opt-out'
or negative option approach 'in shich approval would be inferred from the
customer-carrier relationship unless the customer specifically requested
that his or her CPNI be restricted.' U S WEST v. FCC, 182 F. 3d at 1230.
10. Implementation of the Telecommunications Act
of 1996: Telecommunications Carriers' use of Customer Proprietary Network
Information and Other Customer Information and Implementaiton of the Non-Accounting
Safeguards of Sections 271 and 272 of the Communications Act of 1934, as
amended, CC Docket Nos. 96-115 and 96-149, Order on Reconsideration and
Petitions for Forbearance, 14 FCC Rcd 14409 (1999) (CPNI Reconsideration
Order.). On November 1, 1999, MCI Communications Corp. filed a Petition
for Further Reconsideration. We will Address MCI's Petition in a separate
order.
11. CPNI Reconsideration Order, 14 FCC Rcd at 14464,
paras. 109-110. In particular, the Order expanded Section 64.2005 of the
Commission's rules, 47 C.F.R.§ 64.2005, which codifies the total
service approach, to include customer premises equipment and some information
services.
12. Only one carrier, Omnipoint Communications,
Inc., requested that we reconsider that the Commission 'opt-in' approach,
and limited its request ro CMRS carriers only. CPNI Reconsideration Order,
14 FCC Rcd at 14463-64, paras. 107-08. The Commission denied to reconsider
its original finding that 'the requirement of affirmative consent is consistent
with Congressional intent, as well as principles of customer control and
convenience.' Id.
13. U S West, Inc. v. FCC, 182 F. 3d 1240.
14. Id. at 1231.
15. See Chevron USA Inc. v. Natural Resources Defense
Council, Inc., 467 U.S. 837 (1984) (Chevron).
16. 447 U.S. 557 (1980) (Central Hudson).
---In Re Implementation Of The Telecommunications Act Of 1996; Telecommunications
Carriers' Use Of Customer Proprietary Network Information And Other Customer
Information; Implementation Of The Non-Accounting Safeguards Of Sections
271 And 272 Of The Communications Act Of 1934, As Amended CC Docket No.
96-149, CC Docket No. 96-115, Order (September 7, 2001)
Faced with the new CPNI restrictions, various telecommunications companies
and trade associations sought FCC guidance regarding their obligations
under § 222. See id. ¶ 6 & n.25. These requests, along with
a petition for a declaratory ruling regarding the interpretation of the
term "telecommunication service" under § 222(c)(1), prompted the FCC
to commence a rulemaking on May 17, 1996. See id. ¶ 6; In the Matter
of Implementation of the Telecommunications Act of 1996: Telecommunication
Carriers' Use of Customer Proprietary Network Information and Other Customer
Information, Notice of Proposed Rulemaking, 61 Fed. Reg. 26,483 (1996)
("CPNI NPRM"). The CPNI NPRM sought comment on, among other things: "(1)
the scope of the phrase 'telecommunications service,' as it is used in
section 222(c)(1) . . . ; (2) the requirements for customer approval; and
(3) whether the Commission's existing CPNI requirements should be amended
in light of section 222." CPNI Order ¶ 6 (citing CPNI NPRM ¶¶
20-33, 38-42). On February 26, 1998, the FCC released the CPNI Order we
now review. The CPNI Order addresses the meaning and scope of § 222
and adopts regulations to implement the statute's CPNI requirements. See
47 C.F.R. pt. 64, subpt. U (1998).
The regulations adopted by the CPNI Order interpret § 222(c)(1)
through a framework known as the "total service approach." That approach
divides the term "telecommunications service" into three service categories:
(1) local; (2) interexchange (which includes most long-distance toll service);
and (3) commercial mobile radio service ("CMRS") (which includes mobile
or cellular service). See 47 C.F.R. § 64.2005(a). Broadly stated,
the regulations permit a telecommunications carrier to use, disclose, or
share CPNI for the purpose of marketing products within a category of service
to customers, provided the customer already subscribes to that category
of service. See id. However, the carrier may not, without customer approval,
use, disclose, or permit access to CPNI for the purpose of marketing categories
of service to which the customer does not already subscribe. See id. §
64.2005(b).(2) For example, petitioner could use CPNI obtained through
the provision of local service to market other local service products,
but not cellular services. Moreover, if the customer subscribes to both
local and long-distance services, petitioner could use the CPNI to market
either service and could exchange the CPNI between affiliates that provide
such services, but petitioner could still not use the CPNI to market cellular
services. In addition, the regulations prevent telecommunications carriers
from using, without customer approval, CPNI gained from any of the three
categories described above to: (1) market customer premises equipment ("CPE")
or information services (such as call answering, voice mail, or Internet
access services); (2) identify or track customers that call competitors;
and (3) regain the business of customers who have switched to another carrier.
See id. § 64.2005(b)(1)-(3). The regulations also set forth some additional
narrow exceptions to the CPNI requirements, other than those stated in
§ 222(d). See id. § 64.2005(c).
The regulations also describe the means by which a carrier must obtain
customer approval. Section 222(c)(1) did not elaborate as to what form
that approval should take. The FCC decided to require an "opt-in" approach,
in which a carrier must obtain prior express approval from a customer through
written, oral, or electronic means before using the customer's CPNI. See
47 C.F.R. § 64.2007(b). The government acknowledged that the means
of approval could have taken numerous other forms, including an "opt-out"
approach, in which approval would be inferred from the customer-carrier
relationship unless the customer specifically requested that his or her
CPNI be restricted.
Petitioner challenges the FCC's chosen approval process, claiming it
violates the First Amendment by restricting its ability to engage in commercial
speech with customers. In addition, petitioner argues that the CPNI regulations
raise serious Fifth Amendment Takings Clause concerns because CPNI represents
valuable property that belongs to the carriers and the regulations greatly
diminish its value. The respondents assert that the FCC's CPNI regulations
raise no constitutional concerns, are reasonable, and are entitled to deference
under the Chevron U.S.A., Inc. v. Natural Resources
Defense Council, Inc., 467 U.S. 837 (1984).
. . . . .
CPNI Clarification Order
2001
23. On August 28, 2001, the Commission adopted
an order (CPNI Clarification Order) clarifying the status of its CPNI rules
in light of the Tenth Circuit order and issuing a Further Notice of Proposed
Rulemaking (Clarification Order Further NPRM). 58 The Commission affirmed
its previous determination that the Tenth Circuit invalidated only the
opt in rule, not the entire CPNI Order. 59 The Commission sought comment
on its interpretation of the scope of the Tenth Circuit order, and on what
type of approval (opt in or opt out) would best serve the government's
goals while respecting constitutional limits. 60 In addition, the Commission
noted that "the consent mechanism that we eventually adopt in response
to the Tenth Circuit's Order could impact our previous findings regarding
the interplay between [sections 222 and 272, and we therefore find it necessary
to raise the relevant issues here." 61
24. In the CPNI Clarification Order, the
Commission sought to obtain a more complete record on ways in which consumers
can consent to a carrier's use of their CPNI. 62 Taking into account the
Tenth Circuit's opinion, the Commission sought comment on what methods
of approval would serve the governmental interests at issue and afford
informed consent, while also satisfying the First Amendment's requirement
that any restrictions on speech be narrowly tailored. 63 Specifically,
the Commission sought comment on the interests and policies underlying
section 222 that are relevant to formulating an approval requirement, including
an analysis of the privacy interests that are at issue, and on the extent
to which we should take competitive concerns into account. 64 To the extent
that promoting competition is also a legitimate government interest under
section 222, the Commission sought comment on the likely difference in
competitive harms under opt in and opt out approvals.
25. In the CPNI Clarification Order, the Commission
also sought comment on whether adoption of an opt out mechanism is consistent
with the rationale for the total service approach set forth in the CPNI
Order. 65 Additionally, in the CPNI Reconsideration Order, the Commission
determined that carriers may use CPNI derived from the provision of a telecommunications
service to market CPE necessary to, or used in, the provision of that telecommunications
service in accordance with section 222(c)(1). 66 In a separate proceeding,
the Commission modified and clarified its bundling rules promulgated under
Computer II 67 to allow carriers to bundle CPE and enhanced services with
telecommunications services. 68 The Commission sought comment on whether
the issues raised in that proceeding should affect our interpretation of
section 222(c)(1) and the total service approach. 69 The Commission received
extensive comments and replies from commenters representing a broad cross
section of the industry and consumer interest groups in this proceeding.
70
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking, para 25 (July 25, 2002)
Aggregate Information
Aggregate customer information and subscriber
list information, in contrast, do not involve personal, individually identifiable
information, but nevertheless are valuable to competitors.23 Aggregate
customer information means "collective data that relates to a group or
category of services or customers, from which individual customer identities
and characteristics have been removed." 24 Subscriber list information
generally includes subscribers' names, addresses and telephone numbers.25
Accordingly, under sections 222(c)(3) and 222(e), aggregate customer information
and subscriber list information receive less protection from use and disclosure
in order to promote competition. In particular, aggregate customer information
which by definition has been stripped of individually identifiable information
may be used beyond the purposes identified in section 222(c)(1) for CPNI,
but local exchange carriers (LECs) must make aggregate customer information
available to competitors on reasonable and nondiscriminatory terms and
conditions.26
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking, para 9 (July 25, 2002)
Subscriber List Information
Subscriber list information which is generally
publicly available must be provided to third parties for the
purpose of publishing directories on a timely and unbundled basis, under
nondiscriminatory and reasonable rates, terms, and conditions.27 In addition,
subscriber listed and unlisted information must be disclosed to providers
of emergency service and emergency support services under the circumstances
set forth in section 222(g).28
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking, para 9 (July 25, 2002)
Purpose / Govt Interest
Not Competition
Section 222 is not the first time the government has placed restrictions
on telecommunications carriers' use or disclosure of CPNI. Prior to the
enactment of § 222, the FCC had imposed CPNI requirements on the enhanced
service operations of several major telecommunications carriers. See CPNI
Order ¶ 7. The FCC imposed these CPNI requirements primarily to prevent
large carriers from gaining a competitive advantage in the unregulated
enhanced services markets through the use of CPNI, thereby protecting smaller
carriers. See id. In contrast, Congress made § 222, which is much
broader in scope than previous CPNI requirements, applicable to all carriers,
not just the dominant ones. This suggests that Congress enacted §
222 for a substantially different purpose than previous FCC CPNI requirements.
. . . . .
We harbor different reservations about the government's
asserted interest in competition. While we afford agencies broad deference
in interpreting a statute they are charged to administer, they must obey
the dictates of Congress and administer the statute true to Congress' intent.
See Ernst & Ernst v. Hochfelder, 425 U.S. 185, 213-14 (1976). We are
not satisfied that the interest in promoting competition was a significant
consideration in the enactment of § 222.
While the broad
purpose of the Telecommunications Act of 1996 is to foster increased competition
in the telecommunications industry,(9) the language of § 222 reveals
no such concern.(10) Rather, the specific and dominant purpose of §
222 is the protection of customer privacy. Indeed, the FCC and members
of Congress characterize § 222 as "striv[ing] to balance both the
competitive and consumer privacy interests with respect to CPNI," Joint
Statement of Managers, S. Conf. Rep. No. 104-230, at 205 (1996) (emphasis
added), which suggests that § 222's purpose in fostering privacy may
even run counter to the broad pro-competition purpose of the Telecommunications
Act. In any event, three other considerations persuade us that Congress
did not intend for competition to be a significant purpose of § 222.
First, and most important, the plain language of the section deals almost
exclusively with privacy. Section 222 is entitled "Privacy of customer
information" and is replete with references to privacy and confidentiality
of customer information. In contrast, § 222 contains no explicit mention
of competition. Although § 222(c)(3) and § 222(e) impose nondiscrimination
requirements with respect to disclosure of aggregate customer and subscriber
list information which could be construed as pro-competition measures,
we find that these do not sufficiently indicate that increasing competition
was a purpose of § 222. Moreover, the provisions of § 222 relating
to CPNI which the challenged regulations interpret contain no reference
to nondiscrimination requirements and reflect solely a concern for customer
privacy. See 47 U.S.C. § 222(c)(1)-(2), (d). Second, § 222 differs
from previous CPNI restrictions designed to foster competition because
it applies to all telecommunications carriers, not just the dominant ones.
This indicates a different purpose for the new restriction. Finally, §
222 contains measures that will allow full use, disclosure, and access
to CPNI if customer approval is obtained. Assuming that a carrier is able
to obtain a high rate of customer approval, the alleged competitive effect
of § 222's CPNI restrictions is minimal and can perhaps even be nullified.
Consequently, we find that Congress' primary purpose in enacting §
222 was concern for customer privacy, not the broader purpose of increasing
competition.
Privacy
33. Government's Substantial Interest. The customer
approval requirement in section 222(c)(1) is designed to protect the interest
of telecommunications consumers in limiting unexpected and unwanted use
and disclosure of their personal information by carriers who must collect
such information in order to render bills and perform other services. Section
222(c)(1) thus assumes a minimum level of customer concern regarding certain
uses of CPNI by a carrier and its affiliates. This assumption has been
borne out by evidence in the record, including surveys indicating consumers'
desires regarding dissemination of CPNI and other personal information.
Notably, in one study, 55.5 percent of Cincinnati Bell Telephone (CBT)
customers expressed some level of concern with use of CPNI by CBT for targeted
marketing, including 17.2 percent that were "extremely concerned." 92 Likewise,
the Westin Study submitted by Pacific Telesis in the original CPNI proceeding
indicated that 36 percent of customers found it "not acceptable" for their
local telephone company to use CPNI for targeted marketing. 93 These concerns
show a sensitivity to use of CPNI, consistent with the very private nature
of the information collected by a telecommunications carrier, which includes,
at a minimum, the telephone numbers a subscriber calls, and the times,
dates, destinations and duration of those calls. 94 CPNI also includes
services that a subscriber purchases, the equipment and facilities used,
and it may also include personal/household usage patterns, among other
things. 95 Based on the record before us, we conclude that the government's
interest in limiting unexpected disclosure and use of consumers' CPNI is
a substantial one.
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking, para 33 (July 25, 2002)
Congress recognized, however, that the new competitive market forces
and technology ushered in by the 1996 Act had the potential to threaten
consumer privacy interests. Congress, therefore, enacted section
222 to prevent consumer privacy protections from being inadvertently swept
away along with the prior limits on competition. 3 Section 222 establishes
a new statutory framework governing carrier use and disclosure of customer
proprietary network information (CPNI) and other customer information obtained
by carriers in their provision of telecommunications services.
. . . . .
3. In contrast to other provisions of the 1996 Act that
seek primarily to "[open all telecommunications markets to competition,"
8 and mandate competitive access to facilities and services, the CPNI regulations
in section 222 are largely consumer protection provisions that establish
restrictions on carrier use and disclosure of personal customer information.
With section 222, Congress expressly directs a balance of "both competitive
and consumer privacy interests with respect to CPNI." 9 Congress'
new balance, and privacy concern, are evidenced by the comprehensive statutory
design, which expressly recognizes the duty of all carriers to protect
customer information, 10 and embodies the principle that customers must
be able to control information they view as sensitive and personal from
use, disclosure, and access by carriers. 11 Where information is not sensitive,
12 or where the customer so directs, 13 the statute permits the free flow
or dissemination of information beyond the existing customer-carrier relationship.
Indeed, in the provisions governing use of aggregate customer and subscriber
list information, sections 222(c)(3) and 222(e) respectively, where privacy
of sensitive information is by definition not at stake, Congress expressly
required carriers to provide such information to third parties on nondiscriminatory
terms and conditions. 14 Thus, although privacy and competitive concerns
can be at odds, the balance struck by Congress aligns these interests for
the benefit of the consumer. This is so because, where customer information
is not sensitive, the customer's interest rests more in choosing service
with respect to a variety of competitors, thus necessitating competitive
access to the information, than in prohibiting the sharing of information.
-- In Re In The Matter Of Implementation Of The Telecommunications
Act Of 1996, CC Docket No. 96-115, Second Report and Order and Further
Notice of Proposed Rulemaking ¶ 1 (February 26, 1998)
Under Computer II: Protect CPE and ESPs
7. Prior to the 1996 Act, the Commission had established CPNI
requirements applicable to the enhanced services 30 operations of AT&T,
the BOCs, and GTE, and the CPE operations of AT&T and the BOCs, in
the Computer II, 31 Computer III, 32 GTE ONA, 33 and BOC CPE Relief 34
proceedings. The Commission recognized in the Notice that it had
adopted these CPNI requirements, together with other nonstructural safeguards,
to protect independent enhanced services providers and CPE suppliers from
discrimination by AT&T, the BOCs, and GTE.35 The
Notice stated that the Commission's existing CPNI requirements were intended
to prohibit AT&T, the BOCs, and GTE from using CPNI obtained from their
provision of regulated services to gain a competitive advantage in the
unregulated CPE and enhanced services markets. 36 The Notice further stated
that the existing CPNI requirements also were intended to protect legitimate
customer expectations of confidentiality regarding individually identifiable
information. 37 The Commission concluded in the Notice that existing
CPNI requirements would remain in effect, pending the outcome of this rulemaking,
to the extent that they do not conflict with section 222. 38 On November
13, 1996, the Common Carrier Bureau (Bureau) waived the annual CPNI notification
requirement for multi-line business customers that had been imposed on
AT&T, the BOCs, and GTE under our pre-existing CPNI framework, pending
our action in this proceeding. 39
35. Notice at 12516, 4.
36. Notice at 12516, 12530, 4, 40.
37. Notice at 12516, 4.
38. Notice at 12515-16, 12529, 3, 38.
39. Petition for Exemption from Customer Proprietary Network Information
Notification Requirements, Order, CCB Pol 96-20, DA 96-1878, 12 FCC Rcd
15134. On December 16, 1997, the Policy and Program Planning Division
waived this requirement for 1997. In the Matter of Waiver from Customer
Proprietary Network Information Notification Requirements, CCB Pol 97-13,
DA 97-2599 (rel. Dec. 16, 1997).
174. In the Computer III, 595 GTE ONA, 596 and BOC CPE Relief
597 proceedings, the Commission established a framework of CPNI requirements
applicable to the enhanced services operations of AT&T, the BOCs, and
GTE and the CPE operations of AT&T and the BOCs (Computer III CPNI
framework).598 As we observed in the Notice, the Commission adopted
the Computer III CPNI framework, together with other nonstructural safeguards,
to protect independent enhanced services providers and CPE suppliers from
discrimination by AT&T, the BOCs, and GTE. 599 The framework
prohibited these carriers' use of CPNI to gain an anticompetitive advantage
in the unregulated CPE and enhanced services markets, while protecting
legitimate customer expectations of confidentiality regarding individually
identifiable information. 600 Alternatively, for those carriers that
maintain structurally separate affiliates in connection with their CPE
and enhanced services operations, our Computer II 601 rule 64.702(d)(3)
prohibits carriers from sharing CPNI with those affiliates unless it is
made publicly available. 602 We likewise prohibit the BOCs from providing
CPNI to their cellular affiliates unless they make the CPNI publicly available
on the same terms and conditions. 603
-- In Re In The Matter Of Implementation Of The Telecommunications
Act Of 1996, CC Docket No. 96-115, Second Report and Order and Further
Notice of Proposed Rulemaking ¶ 3 (February 26, 1998)
Harm
The government presents no evidence showing the harm
to either privacy or competition is real. Instead, the government relies
on speculation that harm to privacy and competition for new services will
result if carriers use CPNI. In Edenfield, the Supreme Court struck down
a Florida ban on CPA in-person solicitation because the state had presented
no evidence -- anecdotal or empirical -- that such solicitation created
the dangers of "fraud, overreaching, or compromised independence" that
the state sought to combat. See 507 U.S. at 771; cf. Florida Bar v. Went
For It, Inc., 515 U.S. 618, 626-27 (1995) (upholding restriction on solicitation
of accident victims within thirty days of accident, based on two-year study
and written report analyzing statistically and anecdotally the impacts
of such solicitation). The FCC faces the same problem here. While protecting
against disclosure of sensitive and potentially embarrassing personal information
may be important in the abstract, we have no indication of how it may occur
in reality with respect to CPNI. Indeed, we do not even have indication
that the disclosure might actually occur. The government presents no evidence
regarding how and to whom carriers would disclose CPNI. By its own admission,
the government is not concerned about the disclosure of CPNI within a firm.
See CPNI Order at ¶ 55, n.203 ("[W]e agree . . . that sharing of CPNI
within one integrated firm does not raise significant privacy concerns
because customers would not be concerned with having their CPNI disclosed
within a firm in order to receive increased competitive offerings."). Yet
the government has not explained how or why a carrier would disclose CPNI
to outside parties, especially when the government claims CPNI is information
that would give one firm a competitive advantage over another. This leaves
us unsure exactly who would potentially receive the sensitive information.
Similarly, the FCC can theorize that allowing existing
carriers to market new services with CPNI will impede competition for those
services, but it provides no analysis of how or if this might actually
occur. Beyond its own speculation, the best the government can offer is
that "[t]he vigor of US West's protests against the rules . . . indicates
that US West also believes that this restriction will be effective in promoting
Congress's competitive interest." Appellees Br. at 30. This is simply additional
conjecture, and it is inadequate to justify restrictions under the First
Amendment. See Edenfield, 507 U.S. at 770-71.
Total Service Approach
12. At the same time, the Commission adopted what is called the
"total service approach" allowing carriers and their affiliates to use
customers' CPNI, without notice or approval, to market services within
the package of services to which the customer already subscribes.32 The
total service approach recognized existing customer relationships for local,
interexchange, and wireless services. Under the total service approach,
a carrier that provides local service to a customer may use that customer's
local service CPNI to sell that customer other product offerings within
the existing local service relationship (e.g., caller ID) without customer
approval of the use of the CPNI. As service relationships expanded (e.g.,
the customer selected both local and wireless service), so too did the
parameters of the permissible use of CPNI to market new product offerings.
This approach recognizes that the customer may be fairly considered to
have given implied consent to the carrier's use of CPNI within the total
service package to which the customer subscribes.
13. Such sharing was intended to allow carriers with a pre existing
relationship with the customer to develop "packages" of services best tailored
to their customers' needs. The Commission noted that customers would reasonably
expect carriers with whom they dealt to review their CPNI to fashion service
packages tailored to their needs, and thus would not object to inter affiliate
sharing if each affiliate already has a relationship with the customer.
Because the order required express consent for any type of disclosures
beyond those permitted by section 222(c)(1), the order did not distinguish
between disclosure to an affiliate or other carrier for telecommunications
marketing purposes or disclosure to an unrelated third party for non telecommunications
purposes (e.g., divorce actions, insurance reviews, or random product marketing).
. . . . . .
83. We affirm the continued use of the total service approach
to define what carriers may do under section 222(c)(1) without notice to
customers. 184 Based on the language of section 222(c)(1), Congress intended
that a carrier could use CPNI without customer approval, but could only
do so depending on the service(s) to which the customer subscribes. 185
The total service approach defines the parameters of those services and
thus defines what carriers may do without the approval of the customer.
84. In reaching our conclusion, we note that every commenter
that addressed this issue save one 186 supports retaining the total service
approach, 187 largely because the original justification for its adoption
remains valid even if an opt out system is applied to some uses of CPNI.
Accordingly, today, as when we originally adopted it, the total service
approach is a reasonable implementation of section 222(c)(1) and remains
reasonable regardless of the mechanism we adopt in this Order to provide
for customer approval of other uses of CPNI. We also note that no better
alternative has been proposed. The sole commenter to question the approach,
CenturyTel, basically requests that we abandon the total service approach
and instead adopt the "single category approach." 188 The single category
approach was considered and rejected in the CPNI Order and again rejected
in the CPNI Reconsideration Order. 189 We again decline to adopt such an
approach because that would vitiate the total service approach and attendant
protection of customers' personal information. As the Commission has stated,
"[the hallmark of the total service approach is that the customer, whose
privacy is at issue, establishes the bounds of his or her relationship
with the carrier." 190 CenturyTel has provided no new evidence to convince
us to reconsider the total service approach and the benefits and protections
it affords to consumers and carriers alike. Finally, in the absence of
comments indicating that the total service approach is undermined by our
CPE bundling rules, we find no reason to modify our interpretation of section
222(c)(1) or the total service approach at this time. 191
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking, para12 (July 25, 2002)
17. After considering the record, statutory language, history,
and structure of section 222, we concluded that Congress intended that
a carrier's use of CPNI without customer approval should depend on the
service subscribed to by the customer. Accordingly, the Commission
adopted the "total service approach" which allows carriers to use a customer's
entire record, derived from complete service subscribed to from that carrier,
to market improved services within the parameters of the existing customer-carrier
relationship. The total service approach permits carriers to
use CPNI to market offerings related to the customer's existing service
to which the customer presently subscribes. Under the total service
approach, the customer retains ultimate control over the permissible marketing
use of CPNI, a balance which best protects customer privacy interests while
furthering fair competition. Presented with the opportunity to permit
or prevent a carrier from accessing CPNI for marketing purposes, the customer
has the ability to determine the bounds of the carrier's use of CPNI.
-- In Re Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information, CC Docket No. 96-115, 96-149,
Order On Reconsideration And Petitions For Forbearance (September 3, 1999)
2. Section 222(c)(1) establishes the limited circumstances in
which carriers can use, disclose, or permit access to CPNI without first
obtaining customer approval. In interpreting section 222(c)(1) in
the Second Report and Order, the Commission adopted an approach that allows
carriers to use CPNI, without first obtaining customer approval, to market
improvements or enhancements to the package of telecommunications services
the carrier already provides to a particular customer, which it referred
to as the "total service approach." The Commission determined, however,
that carriers may not use CPNI, without first obtaining customer approval,
to market offerings that fall outside the scope of the customer's existing
service relationship with the carrier. The Commission also concluded
that, as required by section 222(c)(1), carriers may not use CPNI, without
first obtaining customer approval, to market non-telecommunications offerings,
including CPE and information services. More specifically,
the Commission concluded that CPE and information services are not
"telecommunications services," and thus do not fall within the scope of
section 222(c)(1)(A). In addition, the Commission concluded
that neither CPE nor most information services fall within the meaning
of "services necessary to, or used in" the provision of telecommunications
service under section 222(c)(1)(B).
-- In Re Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information, CC Docket No. 96-115, Order
(May 21, 1998)
24. The language also suggests, however, that the carrier's
right under section 222(c)(1)(A) and (B) is a limited one, in that the
carrier "shall only " use, disclose, or permit access to CPNI "in the provision
of" the telecommunications service from which such CPNI is derived or services
necessary to, or used in, such telecommunications service. 97 Indeed,
insofar as the customer consent in sections 222(c)(1)(A) and (B) is inferred
rather than based on express customer direction, we conclude that Congress
intended that implied customer approval be restricted solely to what customers
reasonably understand their telecommunications service to include.
This customer understanding, in turn, is manifested in the complete service
offering to which the customer subscribes from a carrier. We are
persuaded that customers expect that CPNI generated from their entire service
will be used by their carrier to market improved service within the parameters
of the customer- carrier relationship. 98 Although most customers
presently obtain their service from different carriers in terms of traditional
categories of offerings -- local, interexchange, and commercial mobile
radio services (CMRS) -- with the likely advent of integrated and bundled
service packages, the "total service approach" accommodates any future
changes in customer subscriptions to integrated service. 99
25. For the reasons described below, we believe that the
total service approach best represents the scope of "the telecommunications
service from which the CPNI is derived." Under the total service
approach, the customer's implied approval is limited to the parameters
of the customer's existing service, and is neither extended to permit CPNI
use in marketing all of a carrier's telecommunications services regardless
of whether subscribed to by the customer, nor narrowed to permit use only
in providing a discrete service feature. In this way, the total service
approach appropriately furthers Congress' intent to balance privacy and
competitive concerns, and maximize customer control over carrier use of
CPNI.
. . . . .
32. The statutory language makes clear that Congress did
not intend for the implied customer approval to use, disclose, or permit
access to CPNI under section 222(c)(1)(A) to extend to all of the categories
of telecommunications services offered by the carrier, as proposed by advocates
of the single category approach. First, Congress' repeated use of
the singular "telecommunications service" must be given meaning.
Section 222(c)(1) prohibits a carrier from using CPNI obtained from the
provision of "a telecommunications service" for any purpose other than
to provide "the telecommunications service from which such information
is derived" or services necessary to, or used in, provision of "such telecommunications
service. " 110 We agree with many commenters that this language plainly
indicates that Congress both contemplated the possible existence of more
than one carrier service and made a deliberate decision that section 222(c)(1)(A)
not extend to all. 111 Indeed, Congress' reference to plural "telecommunications
services" in sections 222(a) and 222(d)(1) demonstrates a clear distinction
between the singular and plural forms of the term. 112 Under well-
established principles of statutory construction, "where Congress has chosen
different language in proximate subsections of the same statute," we are
"obligated to give that choice effect." 113 Consistent with this,
section 222(c)(1)'s explicit restriction of a carrier's "use" of CPNI "in
the provision of" service further evidences Congress' intent that carriers'
own use of CPNI be limited to the service provided to the particular customer,
and not be expanded to all the categories of telecommunications services
available from the carrier. 114
33. We therefore reject the single category approach as
contrary to the statutory language. In particular, we do not agree
with several parties' claim that the general definition of "telecommunications
service" found in Title I of the Act, which focuses on the offering of
"telecommunications ... regardless of the facilities used," 115 indicates
that Congress did not intend to differentiate among telecommunications
technologies or services in section 222(c)(1)(A). 116 We likewise
find U S WEST's reliance on the general plural reference included in the
definition of "telecommunications" misplaced. 117 Rather, we agree with
the California Commission, CompTel, MCI, and TRA that the single category
interpretation would render the specific limiting language in section 222(c)(1)(A)
meaningless. 118 Approval would be necessary, if at all, only if
a carrier wished to use CPNI to market non- telecommunications services.
119 Like Sprint, we conclude that, had Congress intended such a result,
the text could have been drafted much more simply by stating that carriers
may use CPNI, without customer approval, only for telecommunications-related
purposes, instead of the language of section 222(c)(1)(A), which expressly
limits carrier use to the "provision of the service from which [the CPNI
is derived." 120
. . . . .
37. The legislative history confirms our view that in
section 222 Congress intended neither to allow carriers unlimited use of
CPNI for marketing purposes as they moved into new service avenues opened
through the 1996 Act, nor to restrict carrier use of CPNI for marketing
purposes altogether. Specifically, although the general purpose of
the 1996 Act was to expand markets available to both new and established
carriers, the legislative history makes clear that Congress specifically
intended section 222 to ensure that customers retained control over CPNI
in the face of the powerful carrier incentives to use such CPNI to gain
a foothold in new markets. The Conference Report states that, through
section 222, Congress sought to "balance both competitive and consumer
privacy interests with respect to CPNI." 137 Congress further admonishes
that "[in new subsection 222(c) the use of CPNI by telecommunications carriers
is limited, except as provided by law or with the approval of the customer."
138 Contrary to Congressional intent as expressed in the legislative history,
the single category approach asserts a broad carrier right, affording customers
virtually no control over intra-company use of their CPNI. This approach
would undermine section 222's focus on balancing customer privacy interests,
139 and likewise would potentially harm competition. Carriers already
in possession of CPNI could leverage their control of CPNI in one market
to perpetuate their dominance as they enter other service markets. 140
In these respects, therefore, the legislative history wholly fails to support
the single category approach. On the other hand, the legislative
history makes no mention of any need or intention to restrict the carrier's
use of CPNI to market discrete offerings within the service subscribed
to by the customer. In this regard, therefore, the legislative history
likewise does not support the discrete offering approach.
-- In Re In The Matter Of Implementation Of The Telecommunications
Act Of 1996, CC Docket No. 96-115, Second Report and Order and Further
Notice of Proposed Rulemaking (February 26, 1998)
CPE
17. The Commission granted, in part, petitions
for reconsideration requesting that all carriers be allowed to use CPNI
to market customer premises equipment ("CPE") and information services
under section 222(c)(1) without customer approval. In particular, the Commission
allowed all carriers to use CPNI, without customer approval, to market
CPE. 41
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking (July 25, 2002)
Info Service
The Commission also allowed CMRS carriers to use, without
customer approval, CPNI to market all information services, while allowing
wireline carriers to do so for most information services. 42
42. Id. The Commission found
that CMRS providers historically have bundled CPE and information services
with the underlying telecommunications service, and therefore, due primarily
to customer expectations, those services fell within the meaning of "necessary
to, or used in" the provision of service. Id. While wireline carriers traditionally
have bundled CPE with wireline services, wireline carriers had not bundled
Internet access services with wireline services. As a result, the Commission
found that Internet access services are not "necessary to, or used in"
the provision of service. Id. at 14434, para. 46.
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking, para 17 (July 25, 2002)
39. Section 222(c)(1) states that, "[e]xcept
as required by law or with the approval of the customer, a telecommunications
carrier that receives or obtains [CPNI] by virtue of its provision of a
telecommunications service shall only use, disclose, or permit access to
individually identifiable [CPNI] in its provision of (A) the telecommunications
service from which such information is derived, or (B) services necessary
to, or used in, the provision of such telecommunications service, including
the publishing of directories.? In the CPNI Order, we concluded
that Congress intended that section 222(c)(1)(A) govern carriers' use of
CPNI for providing telecommunications services and that section 222(c)(1)(B)
governs carriers' use of CPNI for non-telecommunications services.
Based upon the language of section 222(c)(1), we further concluded that:
(1) inside wiring, CPE, and certain information services do not fall within
the scope of section 222(c)(1)(A) because they are not "telecommunications
services;" and (2) CPE and most information services do not fall
under section 222(c)(1)(B) because they are not "services necessary to,
or used in, the provision of such telecommunications service."
We now find that the phrase "services necessary to, or used in, the provision
of such telecommunications service" should be given a broader reading than
the one given in the CPNI Order. The record produced on reconsideration
persuades us that a different statutory interpretation is permissible,
and importantly, would lead to appropriate policy results consistent with
the statutory goals. Therefore, we conclude that section 222(c)(1)(B)
allows carriers to use CPNI, without customer approval, to separately market
CPE and many information services to their customers.
We further clarify that the tuning and retuning of CMRS units and repair
and maintenance of such units is a service necessary to or used in the
provision of CMRS service under section 222(c)(1)(B). Finally, we
deny petitioners' requests that we forbear from applying these restrictions
for related CPE and information services.
40. Customer Premises Equipment
and Information Services under Section 222(c)(1). We grant the petitions
for reconsideration that argue that CPE and certain information services
are "necessary to, or used in, the provision of" telecommunications services,
and therefore use of CPNI derived from the provision of a telecommunications
service, without customer approval, to market CPE and information services
would be permitted under section 222(c)(1)(B). Under
our previous interpretation, the exception was narrowly construed, resulting
in very few services for which CPNI could be shared. Indeed,
we rejected all CPE because it was not a "service" and most information
services because they were not necessary to or used in the carrier's
provision of the telecommunications service. While this interpretation
is not inconsistent with the statutory language, we are persuaded that
the better interpretation is that the exception includes certain products
and services provisioned by the carrier with the underlying telecommunications
service to comprise the customer's total service. This is because
those related services and products facilitate the underlying telecommunications
service and customers expect that they will be used in the provisioning
of that service offering. Our new interpretation accords with
the Commission's stated intention in the CPNI Order to revisit and if necessary
revise its conclusions regarding customer expectations as those expectations
changed in the marketplace with advancements in technology or as new evidence
of the evolution of customer expectations becomes available to the Commission.
Such evidence has now been made available to us by the record developed
on reconsideration.
. . . . .
43. In the wireless context, our regulation
of CMRS providers and the history of the industry has allowed the development
of bundles of CPE and information services with the underlying telecommunications
service. Thus, information services and CPE offered in connection
with CMRS are directly associated and developed together with the service
itself. Indeed, we are persuaded by the record and our observations
of the development of the CMRS market generally that the information services
and CPE associated with CMRS are reasonably understood by customers as
within the existing service relationship with the CMRS provider.
Customers expect to have CPE and information services marketed to them
along with their CMRS service by their CMRS provider. Accordingly,
we conclude that such CPE and information services come within the meaning
of "necessary to, or used in," the provision of service. In the CMRS
context, carriers should be permitted to use CPNI, without customer approval,
to market information services and CPE to their CMRS customers.
44. The wireline industry has developed
somewhat differently from CMRS and, while the analysis is the same, the
results concerning how carriers may use CPNI accordingly differ from the
wireless industry. The provision of CPE, like the publishing of directories,
is a service which is used in and generally necessary to the provision
of the telecommunications service. For at least the past ten years,
all wireline companies have been able to market CPE along with their telecommunications
service. Petitioners argue that by erecting a CPNI approval
requirement with respect to CPE, the Commission frustrates customers' one-stop
shopping expectations and stymies carriers' abilities to offer complete
service solutions that customers want and have come to expect.
Simply put, customers expect their carriers to market CPE to them.
No evidence has been produced on the record which shows that allowing wireline
carriers to market CPE to their customers, using CPNI without customer
consent, violates customers' expectations. We are convinced that
such usage by carriers would be beneficial to customers as new and advanced
products develop. Therefore, wireline carriers should be permitted
to use CPNI, without customer approval, to market CPE to their customers.
45. Within the broader reading of the
statute, we find that certain wireline information services should also
be considered necessary to, or used in, the provision of the underlying
telecommunications service. In the CPNI Order, the Commission listed
several information services that it believed should not be considered
necessary to, or used in, the underlying telecommunications service: call
answering, voice mail or messaging, voice storage and retrieval services,
and fax storage and retrieval services. Applying the broader
reading of the statute, along with the new evidence on the record, we now
believe that all of these services should be considered necessary to, or
used in, the provision of the underlying telecommunications service because
customers have come to depend on these services to help them make or complete
calls. The record indicates that customers have come to expect
that their service provider can and will offer these services along with
the underlying telecommunications service. Therefore, carriers
may use CPNI, without customer approval, to market call answering, voice
mail or messaging, voice storage and retrieval services, and fax storage
and retrieval services.
46. We continue to exclude from
this list, as the Commission did in the CPNI Order, Internet access
services.130 Despite contrary claims from some petitioners,
there is no convincing new evidence on the record that shows that such
services are necessary to, or used in, the making of a call, even in the
broadest sense. There is also no evidence, currently, that customers
expect to receive such services from their wireline provider, or that they
expect to use such services in the way that they expect to receive or use
the above-listed services.
47. We will, however, add protocol conversions
to the list of services that carriers may market using CPNI without customer
approval. In its petition, Bell Atlantic requests that we redefine
protocol conversion as a telecommunications service. A protocol
conversion assists terminals or networks operating with different protocols
to communicate with each other. Bell Atlantic asserts that
protocol conversions that do not alter the underlying information sent
and received should not be defined as information services.
We do not believe that protocol conversions should be redefined as a telecommunications
service but because protocol conversions are necessary to the provision
of the telecommunications service, in the instances where they are used,
protocol conversions should be included in the group of information services
listed above. Accordingly, we grant Bell Atlantic's request
to use CPNI to market, without customer approval, protocol conversions.
130. We note that the Internet access services being
addressed here are the dial-up services. We have previously determined
that xDSL services are telecommunications services. In the Matter
of Deployment of Wireline Services Offering Advanced Telecommunications
Capability, 13 FCC Rcd 24012, 24029-24030 (1998).
--In Re Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information, CC Docket No. 96-115, 96-149,
Order On Reconsideration And Petitions For Forbearance (September 3, 1999)
6. In contrast, where a particular customer has not purchased
CPE or information services from the carrier that is providing its telecommunications
services, the carrier would be subsequently prohibited from using CPNI,
without first obtaining customer approval, to market a bundled offering
of CPE or information services with telecommunications services to such
a customer. In this situation, absent customer approval, the carrier
would be using CPNI in violation of section 222(c)(1) to market CPE or
information services to a customer with whom they had no existing relationship
derived from the carrier's sale of CPE or the customer's subscription to
the carrier's information service. Similarly, the general knowledge
that all wireline customers have a telephone would not permit carriers
to use CPNI derived from wireline service to select those individuals to
whom to market the carrier's CPE offerings.
7. We also clarify that, only where CPE or an information service
is part of a bundled offering, including a telecommunications service,
and the carrier is the existing CPE or information service provider, could
the carrier use CPNI to market a new bundled offering that includes new
CPE or similar information services. For example, carriers cannot
use CPNI to select certain high usage customers to whom they also sold
telephones, and then market only new CPE that is not part of a new bundled
plan. Section 222(c)(1)(A) permits the use of CPNI, without
first obtaining customer approval, only "in the provision of the telecommunications
service from which such information is derived." Therefore, when
a carrier has identified a customer through the use of CPNI, but is not
offering a telecommunications service in conjunction with its marketing
of CPE or information services, that carrier would be using CPNI outside
the provision of the service from which it is derived, in violation of
section 222 and the Commission's rules.
--In Re Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information, CC Docket No. 96-115, Order
(May 21, 1998)
45. Non-Telecommunications Offerings. Several carriers
argue that certain non-telecommunications offerings, in addition to being
covered by section 222(c)(1)(B), also should be included within any service
distinctions we adopt pursuant to section 222(c)(1)(A), including inside
wiring, customer premises equipment (CPE), and certain information services.
168 Based on the statutory language, however, we conclude that inside
wiring, CPE, and information services do not fall within the scope of section
222(c)(1)(A) because they are not "telecommunications services." 169
More specifically, section 222(c)(1)(A) refers expressly to carrier use
of CPNI in the provision of a "telecommunications service." 170 In
contrast, the word "telecommunications" does not precede the word "services"
in section 222(c)(1)(B)'s phrase "services necessary to, or used in." 171
The varying use of the terms "telecommunications service" in section 222(c)(1)(A)
and "services" in section 222(c)(1)(B) suggests that the terms deliberately
were chosen to signify different meanings. Accordingly, we believe
that Congress intended that carriers' use of CPNI for providing telecommunications
services be governed solely by section 222(c)(1)(A), whereas the use of
CPNI for providing non-telecommunications services is controlled by section
222(c)(1)(B).
46. Commission precedent has treated "information services"
and "telecommunications services" as separate, non-overlapping categories,
so that information services do not constitute "telecommunications" within
the meaning of the 1996 Act. 172 Accordingly, we conclude that carriers
may not use CPNI derived from the provision of a telecommunications service
for the provision or marketing of information services pursuant to section
222(c)(1)(A). 173 We likewise conclude that inside wiring and CPE
do not fall within the definition of "telecommunications service," and
thus do not fall within the scope of section 222(c)(1)(A).
47. We recognize that the Commission has permitted CMRS
providers to offer bundled service, including various "enhanced services"
and CPE, prior to the 1996 Act. We disagree with PacTel, however,
that, consistent with section 222(c)(1)(A), CMRS providers should be able
to use CMRS-derived CPNI without customer approval to market these offerings
when they provide CMRS to a customer. 174 The 1996 Act defines "mobile
service" in pertinent part as a "radio communication service carried on
between mobile stations or receivers and land stations, and by mobile stations
communicating among themselves ...." 175 "Radio communication service,"
in turn, is defined in terms of "the transmission by radio of writings,
signs, signals, pictures, and sounds of all kinds, including all instrumentalities,
facilities, apparatus, and services (among other things, the receipt, forwarding,
and delivery of communications) incidental to such transmission." 176
These definitions do not include information services or CPE within the
meaning of CMRS. Accordingly, while nothing in section 222(c)(1)
prohibits CMRS providers from continuing to bundle various offerings consistent
with other provisions of the 1996 Act, 177 including CMRS-specific CPE
and information services, they cannot use CPNI to market these related
offerings as part of the CMRS category of service without customer approval,
because even when they are bundled with a CMRS service, they do not constitute
CMRS and are not telecommunications services.
. . . . .
68. Section 222(c)(1) of the Act provides that, "except
as required by law or with the approval of the customer, a telecommunications
carrier that receives or obtains [CPNI by virtue of its provision of a
telecommunications service shall only use, disclose, or permit access to
individually identifiable [CPNI in its provision of (A) the telecommunications
service from which such information is derived, or (B) services necessary
to, or used in, the provision of such telecommunications service, including
the publishing of directories." 250 In the Notice, the Commission
stated that CPNI obtained from the provision of any telecommunications
service may not be used to market CPE or information services without prior
customer authorization, and sought comment on which "services" should be
deemed "necessary to, or used in" the provision of such telecommunications
service. 251 The Commission also sought comment on whether carriers,
absent customer approval, may use CPNI derived from the provision of one
telecommunications service to perform installation, maintenance, and repair
for any telecommunications service, either under section 222(c)(1)(B) because
they are "services necessary to, or used in, the provision of such telecommunications
service," or under section 222(d)(1) because the CPNI is used to "initiate,
render, bill and collect for telecommunications services." 252
. . . . .
72. Second, we conclude that, while the information services
set forth in the record (e.g., call answering, 258 voice mail 259 or messaging,
260 voice storage and retrieval services, 261 fax store and forward, 262
and Internet access services 263) constitute non-telecommunications "services,"
they are not "necessary to, or used in" the carrier's provision of telecommunications
service. Rather, we agree with the observation of several commenters
that, although telecommunications service is "necessary to, or used in,
the provision of" information services, information services generally
are not "necessary to, or used in, the provision of" any telecommunications
service. 264 As ITAA notes, 265 telecommunications service is defined
under the Act in terms of "transmission," 266 and involves the establishment
of a transparent communications path. The transmission of information
over that path is provided without the carrier's "use" of, or "need" for,
information services. In contrast, information services involve the
"offering of a capability for generating, acquiring, storing, transforming,
processing, retrieving, utilizing, or making available information via
telecommunications." 267 Indeed, the statute specifically excludes
from the definition of information service "any use of any such [information
service capability for the management, control, or operation of a telecommunications
system or the management of a telecommunications service." 268 Because
information services generally, and in particular those few identified
in the record (i.e., call answering, voice mail or messaging, voice storage
and retrieval services, fax store and forward, and Internet access services),
269 are provided to consumers independently of their telecommunication
service, they neither are used by the carrier nor necessary to the provision
of such carrier's service.
-- In Re In The Matter Of Implementation Of The Telecommunications
Act Of 1996, CC Docket No. 96-115, Second Report and Order and Further
Notice of Proposed Rulemaking (February 26, 1998)
272 Share with LD Affiliate
19. The Commission also affirmed the conclusion
reached in the CPNI Order regarding the interpretation of the interplay
between sections 222 and 272 that "information," as defined in section
272, does not include CPNI. 47 As a result, Bell operating companies ("BOCs")
are not obligated by section 272 to make CPNI available to other carriers
on a non discriminatory basis when they share it with their long distance
affiliates.
. . . . .
78. ... Third, we reaffirm our conclusion
that the term "information" in section 272(c)(1) does not include CPNI
as defined under section 222, and we explicitly hold that this conclusion
is not impacted by the opt in/opt out mechanism we adopt today.
. . . . . .
135. We find that our adoption today of an
opt out customer approval mechanism for the use of CPNI by carriers and
their affiliates that provide communications related services does not
affect our prior statutory interpretation regarding the interplay between
sections 222 and 272, nor does it alter our ultimate conclusion that the
term "information" in section 272(c)(1) 310 does not include CPNI. 311
136. In the CPNI Clarification Order, the
Commission sought comment 312 on the interplay between sections 222 and
272 if the customer approval mechanism was revised in light of the Tenth
Circuit's opinion. 313 The Commission noted it might need to revisit its
conclusion if it adopted an opt out approach as a final rule in this
proceeding. 314 However, we decline to revisit our interpretation of the
interplay between sections 222 and 272 simply because we have amended our
customer approval mechanisms. 315 While the Commission addressed the interplay
of sections 222 and 272 in the context of an opt in mechanism, the Commission
did not rely on its adoption of the opt in method in reaching its conclusion.
316 Instead, its decision was based upon statutory analysis and application
of the terms used in the Act. 317 However, even if we were to review the
portion of analysis that discussed the opt in mechanism, we would still
reach the same conclusion, as discussed below.
137. We find that the legal basis for our
decision does not change with our modification of the customer approval
mechanism. In prior orders, the Commission found that in the context of
the 1996 Act, it is not readily apparent that the meaning of "information"
in section 272 necessarily includes CPNI. The Commission found that the
most reasonable interpretation of the interplay between sections 222 and
272 is that section 272 "does not impose any additional CPNI requirements
on BOCs' sharing of CPNI with their section 272 affiliates when they share
information with their section 272 affiliates according to the requirements
of section 222." 318 The Commission found this to be reasonable because,
as we have affirmed above, 319 section 222(c)(1) contemplates that, under
the total service approach, carriers have implied approval to market services
within the package of services to which the customer subscribes, and can
also share CPNI with their affiliates to do so. However, section 272(c)(1)
prohibits BOCs from discriminating against other parties in the provision
and procurement of "information." Thus, if "information" includes CPNI,
BOCs would be unable to share CPNI with their affiliates to the extent
contemplated by section 222, unless they also met the nondiscrimination
requirements of section 272. To meet these requirements, the BOC would
be required, under section 222, to seek express approval from its customers
to share CPNI with its affiliates and with any third parties. 320 Thus,
the Commission found that these requirements, in the context of an opt
in approach, "pose a potentially insurmountable burden because a BOC soliciting
approval to share CPNI with its affiliates would have to solicit approval
for countless other carriers as well, known or unknown." 321
138. This rationale is still applicable under
the Commission's new approval mechanism. First, because opt in is required
for third parties, a BOC would still need to obtain express approval for
sharing with its 272 affiliates and third parties to meet the nondiscrimination
requirements of 272. 322 Applying opt out to intracompany sharing would
not therefore alter the "potentially insurmountable burden" upon BOCs to
obtain customer approval either. Even in a completely opt out environment,
a BOC seeking to share CPNI with its affiliates would have to solicit approval
for countless other carriers as well, known or unknown. 323 We find that
this result is neither required by the statute nor is it necessary to protect
consumers' privacy interests. If we adopted AT&T's proposal to allow
competing carriers to obtain CPNI on the same basis as the BOCs' 272 affiliates
that is, using an opt out approval method under the rules adopted today
we would defeat our purpose in requiring opt in approval for third parties.
As described above, we have found that disclosure to and use of CPNI by
third parties requires greater assurance of a customer's knowing consent
to prevent unintentional disclosure of CPNI. Therefore, as in our previous
orders, we still find that our interpretation best furthers the goals of
Congress to protect customer privacy and to promote customer convenience
and control. 324
139. At any rate, the Commission has previously
concluded that section 222's customer privacy protections effectively preclude
the same anticompetitive behaviors as section 272, and this conclusion
is not altered by the Order we adopt today. 325 In the CPNI Reconsideration
Order, the Commission outlined three factors in section 222 that eliminate
the necessity for the application of section 272's nondiscrimination requirements
to prevent anticompetitive harms. 326 First, competitors are still afforded
access to customer CPNI through section 222(c)(2), which requires disclosure
of CPNI to "any person designated by the customer," upon affirmative written
request by the customer. 327 Changing the mechanism for obtaining customer
approval under section 222(c)(1) does not alter the ability of competitors
to obtain CPNI through section 222(c)(2). Second, section 222(c)(3) continues
to allow a LEC to use customer aggregate information only if it provides
that information to other carriers upon reasonable request. 328 Again,
changing section 222(c)(1)'s approval mechanism does not alter the ability
of competitors to obtain aggregate information through section 222(c)(3).
140. Third, the Commission stated that under
the opt in mechanism, BOCs could not share CPNI with their section 272
affiliates unless they either obtained express customer approval or the
customer is an existing subscriber of a service of that affiliate. 329
Under the opt in/opt out mechanisms established in this Order, BOCs are
allowed to share customer CPNI with their section 272 affiliates without
obtaining express customer approval. Under the opt out approval mechanism
we adopt today, BOCs must still provide customer notice and the opportunity
for customers to opt out for CPNI uses beyond the existing carrier customer
relationship prior to sharing CPNI with an affiliate. 330 However, as a
practical matter, it is likely that the BOCs will be able to share more
CPNI with their 272 affiliates under opt out than they would have been
able to share under opt in. As shown above, consumers typically will accept
whatever choice does not require any action on their part. 331 As a result,
when the default is opt out, carriers will be able to use more customer
CPNI. 332
141. The possibility that BOCs will share
more CPNI with their affiliates does not tip the scale to require application
of section 272 to CPNI. 333 First, section 222 applies to all "telecommunications
carriers" and does not single out any carriers for specific treatment,
signaling Congress' intent that all carriers should be treated alike in
the CPNI context. For example, an interexchange carrier with a significant
customer base can share CPNI, after receiving opt out approval, with its
local or wireless affiliates. Thus, under our rules, all carriers can share
CPNI with their affiliates. Accordingly, we decline to place additional
restrictions upon BOCs. Second, section 272(g) allows BOCs and their section
272 affiliates to market their services jointly. 334 A fair reading of
that section indicates that Congress did not intend to preclude BOCs and
their long distance affiliates from conducting joint marketing, which is
the primary intent behind CPNI use. 335 As we found in earlier orders,
we believe our conclusion is therefore consistent with the "regulatory
symmetry Congress intended for carrier marketing activities." 336
142. Finally, numerous commenters used the
Further NPRM as an opportunity to reargue the statutory and policy issues
that we have previously addressed and that are unrelated to the issue before
us. 337 AT&T and other commenters that request we reverse our holding
in the CPNI Order do not get yet another "bite at the apple." The Commission
has previously considered these arguments in both the CPNI Order and the
CPNI Reconsideration Order. 338 The Further NPRM did not request comment
on these issues, and commenters have not presented changed circumstances,
new evidence or additional arguments that would affect our prior decisions.
Therefore, we decline to address them again here.
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking, para 19 (July 25, 2002)
135. Section 272(c)(1) states that, "[i]n its dealings with its
[section 272 affiliates], a Bell operating company . . . may not discriminate
between the company or affiliate and any other entity in the provision
or procurement of goods, services, facilities, and information, or in the
establishment of standards." The Commission concluded in the
Non-Accounting Safeguards Order that: (1) the term "information" in section
272(c)(1) includes CPNI; and (2) the BOCs must comply with the requirements
of both sections 222 and 272(c)(1). The Commission, however,
declined to address the parties' other arguments regarding the interplay
between section 272(c)(1) and section 222 to avoid prejudging issues that
would be addressed in the CPNI Order. The Commission also declined
to address the parties' arguments regarding the interplay between section
222 and section 272(g), which permits certain joint marketing between a
BOC and its section 272 affiliate. The Commission emphasized,
however, that, if a BOC markets or sells the services of its section 272
affiliate pursuant to section 272(g), it must comply with the statutory
requirements of section 222 and any rules promulgated thereunder.
136. In the CPNI Order the Commission overruled the Non-Accounting
Safeguards Order, in part, concluding that the most reasonable interpretation
of the interplay between sections 222 and 272 is that the latter does not
impose any additional CPNI requirements on BOCs' sharing of CPNI with their
section 272 affiliates when they share information with their section 272
affiliates according to the requirements of section 222. The
Commission reached this conclusion only after recognizing an apparent conflict
between sections 222 and 272. We noted in the CPNI Order that,
on the one hand, certain parties argued that under the principle of statutory
construction the "specific governs the general," and that section 222 specifically
governs the use and protection of CPNI, but section 272 only refers to
"information" generally. As such, they claimed that section
222 should control section 272. On the other hand, under the
same principle of construction, other parties argued that section 272 specifically
governs the BOCs' sharing of information with affiliates, whereas section
222 generally relates to all carriers. Therefore, they asserted,
section 272 should control section 222. Because either interpretation
is plausible, it was left to the Commission to resolve the tension between
these provisions, and to formulate the interpretation that, in the Commission's
judgment, best furthers the policies of both provisions and the statutory
design. We determine that interpreting section 272 to impose
no additional obligations on the BOCs when they share CPNI with their section
272 affiliates according to the requirements of section 222 most reasonably
reconciles the goals of these two principles.
-- In Re Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information, CC Docket No. 96-115, 96-149,
Order On Reconsideration And Petitions For Forbearance (September 3, 1999)
Rural Exemption Sec 254
Finally, the Commission determined that section 254
does "not confer any special status on carriers seeking to use CPNI to
market enhanced services and CPE in rural exchanges to select customers."
48
-- In the Matter of Implementation of the Telecommunications
Act of 1996 Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information; CC Docket No. 96-115, CC Docket
No. 96-149, CC Docket No. 00 257, Third Report and Order and Third Further
Notice of Proposed Rulemaking, para 19 (July 25, 2002)
15. Still other carriers request that we treat rural and small
carriers differently. As we noted in the CPNI Order, however,
the Commission's CPNI rules apply to small carriers just as they apply
to other sized carriers "because we are unpersuaded that customers of small
businesses have less meaningful privacy interests in their CPNI."
Petitioners have not raised any new arguments or facts that persuade us
to reverse this conclusion with respect to these carriers. Thus,
we will not distinguish among carriers based upon the number or density
of lines they serve either.
. . . . .
151. We disagree with the arguments made by CenturyTel and NTCA.
As stated in Section V.A of this Order, we affirm the "total service approach"
for all carriers. We find no reason to impose different notification
requirements on large and small carriers. As we stated in the CPNI
Order, concerns regarding customer privacy are the same irrespective of
the carrier's size or identity. Further to the extent that
CenturyTel and NTCA are requesting to use CPNI, without customer approval,
to market CPE and certain information services, those requests have been
granted above. We also disagree with CenturyTel and NTCA?s
argument that section 254 requires the use of CPNI to allow rural
carriers to implement Congress? Universal Service standards. Section
254 envisions that rural carriers would introduce and make available new
technology to all of its customers. The CPNI rules in no way discourage
rural carriers from doing that. In fact, one could argue that some
of the CPNI rules require a carrier to make all of its customers aware
of such new technology rather than using CPNI to pick and choose which
customers to market the new technology to. The basis of CenturyTel
and NTCA?s arguments, however, is that they do not want to market the new
technology to all of its customers. They want to make it available
only to certain customers that they select by using their customers? CPNI.
We fail to see how section 254 requires this outcome.
--In Re Telecommunications Carriers' Use of Customer Proprietary Network
Information and Other Customer Information, CC Docket No. 96-115, 96-149,
Order On Reconsideration And Petitions For Forbearance (September 3, 1999)
50. We also decline to forbear from applying section 222(c)(1),
or any of our associated rules, to small or competitive carriers, as SBT
requests. 186 First, SBT has not explained adequately in its comments how
it meets the three statutory criteria for forbearance. 187 Second,
while SBT points out that competitive concerns may differ according to
carrier size, it does not persuade us that customers of small businesses
have less meaningful privacy interests in their CPNI. We thus disagree
with SBT that the three category approach gives large carriers flexibility
to develop and meet customers' needs, but may unnecessarily limit small
business as competition grows. 188 Even if, as SBT alleges, a large
carrier can base the design of a new offering on statistical customer data
and market widely, but a small business can best meet specialized subscriber
needs if it offers CMRS, local, and interexchange service tailored to the
specific subscriber, the total service approach allows tailored packages.
We likewise disagree, therefore, with USTA that small carriers could be
competitively disadvantaged in any interpretation of section 222(c)(1)(A)
other than the single category approach. 189 Rather, we are persuaded
that the total service approach provides all carriers, including small
and mid-sized LECs, with flexibility in the marketing of their telecommunications
products and services. In fact, if SBT's claims that small businesses
typically have closer personal relationships with their customers are accurate,
then small businesses likely would have less difficulty in obtaining customer
approval to market services outside of a customer's service existing service.
-- In Re In The Matter Of Implementation Of The Telecommunications
Act Of 1996, CC Docket No. 96-115, Second Report and Order and Further
Notice of Proposed Rulemaking (February 26, 1998)
Narrowly Tailored:
Opted Out
31. Although in 1999 the Commission concluded that the more stringent
opt in rule was necessary, in light of U S WEST we now conclude that an
opt in rule for intra company use cannot be justified based on the record
we have before us. Thus, we adopt a less restrictive alternative
an opt out rule which is less burdensome on commercial speech.
Applying the Central Hudson test to possible schemes for carriers to obtain
customer approval for use and disclosure of CPNI under section 222(c)(1),
we conclude that: (1) the government has a substantial interest in ensuring
that a customer be given an opportunity to approve (or disapprove) uses
of her CPNI by a carrier and a carrier's affiliates that provide communications
related services; 89 (2) opt out directly and materially advances this
interest by mandating that carriers provide prior notice to customers along
with an opportunity to decline the carrier's requested use or disclosure;
and (3) opt out is no more extensive than necessary to serve the government
interest in protecting privacy because it is less burdensome on carriers
than other alternatives such as opt in, while still serving the government's
interest in ensuring that consumers have an opportunity to exercise their
approval rights regarding intra company use and disclosure of CPNI. 90
32. We also conclude that opt out is an appropriate approval
mechanism for the sharing of CPNI with, and use by, a carrier's joint venture
partners and independent contractors in connection with communications
related services that are provided by the carrier (or its affiliates) individually,
or together with the joint venture partner. 91 That is, in these two contexts,
this form of consent directly and materially advances the government's
interest in ensuring that customers have an opportunity to approve such
uses of CPNI, while also burdening no more carrier speech than necessary.
. . . . .
34. Direct and Material Advancement. The next prong of Central
Hudson examines whether a regulation impacting commercial speech directly
and materially advances the government's interest, i.e., the restriction
is effective at promoting the government's interest. 96 We conclude that,
with respect to intra company uses, opt out directly and materially advances
the government's interest that a customer be given an opportunity to approve
(or disapprove) uses of her CPNI by mandating that carriers provide prior
notice to customers along with an opportunity to decline the carrier's
requested use or disclosure.
35. Although the record evidence demonstrat