1815 Electronic transaction auditing of telephone customer proprietary information; doc. no. L-00970123
Electronic Transaction Auditing of Telephone Customer Proprietary Information; Doc. No. L-00970123 [29 Pa.B. 5564] Commissioners Present: John M. Quain, Chairperson; Robert K. Bloom, Vice Chairperson; David W. Rolka; Nora Mead Brownell; Aaron Wilson, Jr.
Public Meeting held
September 30, 1999Order By the Commission:
On July 17, 1997, the Commission proposed regulations to require the maintenance of electronic transaction auditing records with respect to data processing records and the maintenance of detailed records in any instance where customer information was disclosed to persons outside the telephone company, any government entity, or the telephone company security department. The Commission has received numerous comments from the public. We take notice that, while these comments have been under consideration, the Commission received no further reports of abuse of customer information subsequent to the original reports which were the initiating cause of this proceeding.
Additionally, while this matter has been pending, the Federal Communication Commission has proposed rules covering the same subject matter at Telecommunications Carriers' Use of Customer Proprietary Network Information and Other Customer Information, CC Docket No. 96-115 (Orders Adopted May 16, 1996, February 19, 1998, May 21, 1998, September 23, 1998 and September 3, 1999). The FCC inquiry arose from a number of requests by local exchange carriers for clarification of their responsibilities to protect confidential customer proprietary network information (CPNI).
Section 702 of the Telecommunications Reform Act of 1996 adds a new section 222 to the Communications Act of 1934, as amended, 47 U.S.C. § 222, 110 Stat. 148. Section 222 enjoins a duty upon every telecommunications carrier to protect the confidentiality of proprietary information. We note that while Section 222 does not purport to preempt state authority to enforce laws, rules, or regulations with respect to customer privacy, the FCC's orders indicate that it may act in the future to preempt state regulations in the event that it perceives a conflict between its resolution of Section 222 CPNI issues and specific state regulations. Both the FCC's CPNI Order entered in 19981 and its Order on Reconsideration released September 3, 1999 declare that while no preemption is indicated at this time, Section 222 gives the FCC the power to preempt states with regard to local CPNI regulation ''where such regulation would negate the [Federal Communication] Commission's exercise of its lawful authority because regulation of the interstate aspects of the matter cannot be severed from the intrastate aspects.'' It should be noted that the United States Court of Appeals for the Tenth District vacated these regulations in a three judge opinion issued August 18, 1999. U.S. West v. F.C.C., 182 F.3d 1224; 1999 U.S. App. LEXIS 20785 (1999), a decision which we anticipate will be subject to additional appellate review by the courts of the United States.
It appears that the FCC has approached the same issues in a national context, and is working actively with all segments of the industry to implement customer protections similar to those proposed in our originally proposed rules.
Since the issuance of our original proposed rulemaking, there have been vast changes in technology and business organization that have changed the national telecommunications industry. Cellular, PCS, and switched packet systems, including the internet, carry an increasing share of voice communications. While the FCC, with authority based on the Federal Communications Act, may have jurisdiction to regulate all these modes of communication, we do not. We ought to and we do take heed of the changes wrought by technological progress and the FCC's ongoing rulemaking, along with the apparent lack of continuing local issues with regard to CPNI privacy. Prudence dictates that this proposed regulation be shelved pending resolution of CPNI issues at the federal level.
Should the FCC abandon its efforts to prescribe adequate safeguards for sensitive customer information, we may revisit this issue. However, it does not appear necessary at this time to promulgate these proposed rules and we will therefore direct that this proceeding be closed; Therefore, It Is Ordered That:
1. This proceeding shall be marked closed
2. This order shall be published in the Pennsylvania Bulletin.
3. A copy of this order shall be served upon the Office of Consumer Advocate, the Office of Small Business Advocate, the Office of Trial Staff, all telephone utilities and the Pennsylvania Telephone Association.
JAMES J. MCNULTY,
Secretary[Pa.B. Doc. No. 99-1815. Filed for public inspection October 22, 1999, 9:00 a.m.] _______
1 Implementation of the Telecommunications Act of 1996; Telecommunications Carriers' Use of Customer Proprietary Network Information and Other Customer Information, etc., CC Docket Nos. 96-115 and 96-149, Order and Further Notice of Proposed Rulemaking, 13 FCC Rcd 8061 (1998)