FCC's CPNI rule limits telecoms

Share this content:

In the past year, pretexting, an illegal technique used to obtain sensitive information about people by accessing their accounts, has received significant media attention. This recent coverage raised concerns about the security of Customer Proprietary Network Information. In the context of telephone services, CPNI includes billing information, the types of services to which a customer subscribes and detailed records of all incoming and outgoing calls.

The Federal Communications Commission has imposed new regulations on how telephone companies use, maintain and safeguard CPNI. These regulations impose requirements on telephone companies' release of CPNI.

Some safeguards may help to protect CPNI from pretexting, other parts of the new rules could radically alter the relationship between telephone companies and their marketing partners.

In addition to the password requirement, the FCC's new rules require telephone companies to obtain opt-in consent from customers before sharing CPNI with their marketing partners. This rule, which is a major departure from existing CPNI rules, will apply to traditional telephone services such as local, long distance and wireless as well as to VoIP services.

Although the FCC suggests that the opt-in requirement is a "minor change" that will not have a "major effect on carriers because many carriers already do not disclose CPNI to third parties," this seems highly unlikely. Several telephone companies commented to the FCC that they use third-party vendors to assist with their marketing efforts and that these vendors have access to CPNI for legitimate uses.

Under the new rules, if a telephone company wishes to share CPNI with its marketing partners, it will have to obtain consent from each customer before sharing that customer's data.

There are several areas in which telephone companies may share CPNI with third parties without first obtaining opt-in consent. These include the use of vendors for billing and collections, fraud prevention, inbound marketing, customer service and emergency services.

Nothing in the record before the FCC suggests that CPNI was accessed inappropriately while in the possession of marketing vendors or that these vendors had any interaction with the public in terms of access to the data. Ironically, one area where third parties will continue to have access to CPNI without opt-in consent is in providing inbound call center services, which do have the potential for pretexting.

Telephone companies and their marketing partners have to develop solutions that enable information sharing within the scope of the new FCC rules. It is unlikely that people will provide the necessary opt-in consent for traditional data-sharing arrangements.

Sign up to our newsletters

Company of the Week

Since 1985, Melissa has helped thousands of companies clean, correct and complete contact data to better target and communicate with their customers. We offer a full spectrum of data quality solutions, including global address, phone, email, and name validation, identify verification - available for batch or real-time processes, in the Cloud or on-premise. Our service bureau provides dedupe, email/phone append and geographic/demographic append services for better targeting and insight. For direct mailers, Melissa offers easy-to-use address management/postal software, list hygiene services and 100s of specialty mailing lists - all with competitive pricing and excellent customer service.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above