Telecommunications carriers, including interconnected Voice over Internet Protocol (“VoIP”) providers, are required to establish and maintain systems designed to ensure they protect their subscribers’ Customer Proprietary Network Information (“CPNI”) and must file an annual CPNI compliance certification no later than Monday, March 1, 2021 (for data pertaining to the previous calendar year).

If a telecommunications provider fails to comply with the rules or the certification requirement, the Commission may impose a forfeiture. The certification filing can be electronically submitted in EB Docket No. 06-36 of the FCC’s Electronic Comment Filing System (“ECFS”) or by using the FCC’s online CPNI web page at: http://apps.fcc.gov/eb/CPNI/index.cfm. The 2-step CPNI template should be completed, and the following file attachments should also be uploaded:

· Accompanying Statement explaining CPNI procedures;
· A summary of customer complaints in the past year concerning unauthorized release of CPNI (if applicable);
· Proceedings instituted or petition filed against data brokers (if applicable).

Broadband Internet access service (“BIAS”) providers remain subject to the customer privacy provisions in Section 222 of the Communications Act, pursuant to the 2015 Open Internet Order and the FCC’s enforcement advisory. BIAS providers should continue to employ effective privacy protections in line with their privacy policies and the core tenets of basic privacy protections, but need not file a CPNI compliance certification.

If you would like assistance preparing and filing this annual CPNI compliance certification, or if you have any questions regarding CPNI compliance, please contact Greg Whiteaker at [email protected] or Robin Tuttle at [email protected].