Annual FCC CPNI Certification Due by March 1; FCC Issues Warning to All Carriers and VoIP Providers
As we have reported in previous advisories in 2007 and 2009, the Federal Communications Commission (FCC) requires every telecommunications and interconnected VoIP service provider (including wireless, cable telephony, and even paging and calling card providers) to execute and file an annual officer certification that it is in compliance with the FCC's Customer Proprietary Network Information (CPNI) regulations.
Last Friday, Jan.15, 2010, the FCC issued an “Enforcement Advisory” reminding providers that the annual CPNI certification for calendar year 2009 must be filed by March 1, 2010, but also admonishing all providers that it will subject non-filers to enforcement actions with penalties of up to $1.5 million. This is no empty threat: over the past 18 months the FCC initiated proceedings against thousands of providers, and has compelled several settlements involving penalties of $100,000 and higher. Last week’s Enforcement Advisory included detailed FAQs on the CPNI rules and provider obligations, as well as a template certification for the upcoming filing.
Following is a brief overview of key elements of the FCC's CPNI certification requirements:
- An officer of the company must sign the compliance certificate;
- The officer must affirmatively state in the certification that she/he has personal knowledge that the company has established operating procedures that are adequate to ensure compliance with the CPNI rules;
- The company must provide a written statement accompanying the certification explaining in detail how its operating procedures ensure that it is in compliance with the CPNI rules;
- The company must include a clear explanation of any actions taken against data brokers;
- The company must include a summary of all consumer complaints received in the prior year concerning unauthorized release of CPNI, or a clear statement that there were no such complaints; and
- The company must report any information in the company's possession regarding the processes that "pretexters" are using to attempt to gain access to CPNI, and what steps it is taking to safeguard customers' CPNI.
Note that all of this information must pertain to the past calendar year (2009).
Whether or not we prepared your filing last year, we would be happy to assist you in preparing and filing this annual FCC certification, or answer any questions you may have. We have assisted numerous clients in the creation of CPNI compliance plans and employee training materials, as well as in defending against FCC enforcement actions. If you have questions or require assistance, please contact one of the listed related attorneys or your primary Davis Wright Tremaine relationship attorney.