This is a reminder that all telecommunications and interconnected VoIP providers must file an annual Customer Proprietary Network Information (“CPNI”) certification for calendar year 2021 by March 1, 2022. The Enforcement Bureau released a detailed Public Notice this year, which contains frequently asked questions (FAQ), a draft CPNI certification template, and the full text of the CPNI rules.
The FCC’s CPNI rules protect the personal data that consumers disclose to their service providers as a result of their business relationships. The rules require providers to establish and maintain systems that protect this CPNI, among other notification and customer approval requirements. In addition, providers are required to file an annual certification that documents (1) their compliance with the rules, (2) complaints they received from consumers regarding CPNI, and (3) actions they took against data brokers. If a company fails to comply with the rules, including the certification requirement, then the Commission may impose a forfeiture of up to $220,213 for each violation and every day of a continuing violation, up to a maximum fine of $2,202,123.
Covered providers may file their certification online via the ECFS portal, under EB Docket No. 06-36. Filings must include the certification required under 47 CFR § 64.2009(e) (please see the FCC’s suggested template), a written statement explaining how the company’s operating procedures ensure that it is or is not in compliance with the CPNI rules, and a signed compliance certificate. If applicable, companies should also include an explanation of actions taken against data brokers and/or a summary of customer complaints.
Please Contact Us if you have any questions.