United States: Rules to Prevent Misuse of Information
In the United States, the Federal Communications Commission (FCC) has established strict rules for when, and under what circumstances, telecommunications network operators may “use, disclose or permit access to” information supplied by wholesale customers. (Such information is referred to customer proprietary network information or “CPNI”).
The FCC rules are intended to prevent undue violations of customer privacy, and prevent discrimination against competitors in favour of the network operator’s own operations or affiliates. The rules set limits on the sharing of CPNI between a network operator and its affiliates. To the extent that such sharing is permitted, the rules require the non-discriminatory sharing of information with affiliates and unaffiliated entities.
Specifically, the rules provide that:
– Use or disclosure (to any and all parties) of CPNI requires customers to give their prior consent or exercise their right to “opt out”
– Disclosure to unaffiliated third parties or affiliates that do not provide or maintain any form of telecommunications service (including customer premises equipment) requires customers to exercise their right to “opt in”
– A network operator may use CPNI without the customer’s express consent (that is, with implied approval alone) only if that use is restricted to existing service relationships and does not extend to the marketing of new or other services (to which the opt-in option continues to apply). Implied consent may thus be assumed only within the parameters of existing services purchased by customers.