- Customer proprietary network information
-
Customer proprietary network information (CPNI) is the data collected by telecommunications companies about a consumer's telephone calls. It includes the time, date, duration and destination number of each call, the type of network a consumer subscribes to, and any other information that appears on the consumer's telephone bill.
Telemarketers working on behalf of telephone companies, attempting to either win back a customer or upsell a customer with more services, must ask the customer's consent before accessing the billing information or before using that information to offer an upsell or any change of services. Usually this is done at the beginning of a call from the telemarketer to the telephone subscriber.
Description
The U.S. Telecommunications Act of 1996 granted the Federal Communications Commission (FCC) authority to regulate how customer proprietary network information (CPNI) can be used and to enforce related consumer information privacy provisions. The rules in the 2007 FCC CPNI Order further restrict CPNI use and create new notification and reporting requirements.
The rules in the 2007 CPNI Order include:
- limits the information which carriers may provide to third party marketing firms without first securing the affirmative consent of their customers
- defines when and how customer service representatives may share call details
- creates new notification and reporting obligations for carriers (including identity verification procedures)
Note that as long as an affiliate is "communications" related, the FCC has ruled that CPNI is under an opt-out approach (can be shared without your explicit permission). A phone company is permitted to sell all information on you, such as numbers you call, when you called them, where you were when you called them, or any other personally identifying information. CPNI would normally require a warrant for law enforcement agencies, but it can be freely sold to "communications" related companies. One can verify this by checking rule 64.2007(b)(1) and footnote 137 in the 2007 CPNI order. One can call up a phone company and opt out by requesting that they do not share CPNI information.
The 2007 CPNI Order does not revise all CPNI rules. For example, the rule revisions adopted in the Order do not limit a carrier's ability to use CPNI to perform billing and collections functions, restrict CPNI use to effect maintenance and repair activity, or impact responses to lawful subpoenas.
Fines for failure to comply with CPNI rules can be substantial. Since 2006, the FCC, focusing on one rule regarding internal annual compliance certificates, proposed over $1M in fines and those fines are not necessarily indicative of the fines the FCC could propose. The FCC is authorized to impose fines of up to $130,000 for each rule violation or each day of a continuing violation up to a maximum of $1.3M for each continuing violation. The rules adopted in the Order are effective either six months after the Order is published in the Federal Register or on receipt of OMB approval of the new rules depending on which event is later. (Order at ¶61)
See also
- Call detail record
- Telecommunications data retention
- Pen register
- Call accounting
- Internet Protocol Detail Record
- Electronic Communications Privacy Act
- Mobile identity management
External links
Categories:- Telecommunications
- Telemarketing
- Telecommunications terms
- Telecommunications economics
Wikimedia Foundation. 2010.
