Customer Proprietary Network Information (“CPNI”) Certifications must be filed with the FCC by March 1.
Under the FCC’s rules, all providers of telecommunications and interconnected VoIP services must file a CPNI Certification with the Federal Communications Commission (FCC) which describes, in detail, the policies and procedures a service provider has instituted to safeguard CPNI and any instance of a CPNI-related breach that occurred over the past year.
Last year, the Enforcement Bureau emphasized, “failure to file a timely and complete certification calls into question whether a company has complied with the rules requiring it to protect the privacy and security of customers’ sensitive information.”
Before filing the CPNI Certification, all affected service providers must ensure that they are in full compliance with the FCC’s CPNI rules. This includes adopting stringent internal procedures safeguarding the use of and access to CPNI, among other things.
In anticipation of the March 1st deadline, our firm advises all clients providing telecommunications and interconnected VoIP services to review internal policies regarding the protection of CPNI. Since CPNI Certifications must be signed by an officer of the company, under penalty of perjury, all clients are advised to conduct an internal review to validate compliance with the FCC’s CPNI rules before executing and filing a CPNI Certification with the FCC.
Since CPNI Certifications must be signed by an officer of the company, under penalty of perjury, all clients are advised to conduct an internal review to validate compliance with the FCC’s CPNI rules before executing and filing a CPNI Certification with the FCC.
Because the CPNI rules provide important consumer protections, the FCC has been relentless in its enforcement action against telecommunications carriers and interconnected VoIP providers that failed to comply with the requirements. Failure to comply with the CPNI rules, including the annual certification requirement, may subject companies to enforcement action, including monetary forfeitures of up to $237,268 for each violation or each day of a continuing violation, up to a maximum of $2,372,677. False statements or misrepresentations to the Commission may be punishable by fine or imprisonment under Title 18 of the U.S. Code.
To avoid the hassle of an investigation or enforcement action, even those telecommunications service providers who lacked access to and/or did not use CPNI during the past year are advised to file a CPNI Certification with the FCC. If a service provider is registered with the FCC, i.e., possesses either an FCC Filer ID or FCC Registration Number, remittance of a compliant CPNI Certification is highly recommended.
The CommLaw Group Can Help!
To ensure your company is prepared to fully and truthfully satisfy the Annual CPNI Certification deadline, our firm is urging you to consult with one of our experienced attorneys to initiate a CPNI Compliance Review.
In addition to CPNI Compliance Reviews, our firm can provide custom-tailored compliance documents necessary to manage internal CPNI compliance and to support CPNI certification before the FCC. These documents include a custom-tailored Policies & Procedures Manual which outlines the steps your company has adopted to ensure full compliance with CPNI regulations. Clients can also purchase customizable CPNI compliance document templates for a reduced price.
| If your company is unfamiliar with the FCC’s CPNI Rules or the obligation to file an annual certification documenting compliance with those rules, we invite you to join our very own Linda McReynolds and Diana Bikbaeva for a webinar on CPNI-compliant solutions on January 25 at 12 p.m. Eastern! |
If you need assistance or have further questions, contact the attorney assigned to your account or directly contact members of The CommLaw Group’s Information, Privacy, Data Security, and Consumer Protection practice group:
Linda McReynolds, CIPP/US, at lgm@commlawgroup.com or 703-714-1318
Diana Bikbaeva, at dab@commlawgroup.com or 703-663-6757
