Scribd Logo
Upload

Welcome to Scribd!

  • 102 views

    T-Systems CPNI Policy Statement - Final 022717 PDF

    Uploaded by

    Federal Communications Commission (FCC)
    This document outlines a Customer Proprietary Network Information (CPNI) Protection Policy for two telecommunications companies. [1] It defines CPNI as private customer information related to phone services. [2] The policy states that the companies value customer privacy and have safeguards to protect CPNI, only using it as allowed by law. [3] It describes training, oversight, and processes to ensure proper CPNI handling and respond to any issues.

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd

    T-Systems CPNI Policy Statement - Final 022717 PDF

    Uploaded by

    Federal Communications Commission (FCC)
    102 views2 pages
    This document outlines a Customer Proprietary Network Information (CPNI) Protection Policy for two telecommunications companies. [1] It defines CPNI as private customer information related to phone services. [2] The policy states that the companies value customer privacy and have safeguards to protect CPNI, only using it as allowed by law. [3] It describes training, oversight, and processes to ensure proper CPNI handling and respond to any issues.

    Original Description:

    FCC CPNI Submission

    Original Title

    T-Systems CPNI Policy Statement - Final 022717.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document outlines a Customer Proprietary Network Information (CPNI) Protection Policy for two telecommunications companies. [1] It defines CPNI as private customer information related to phone services. [2] The policy states that the companies value customer privacy and have safeguards to protect CPNI, only using it as allowed by law. [3] It describes training, oversight, and processes to ensure proper CPNI handling and respond to any issues.

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Download as pdf
    102 views2 pages

    T-Systems CPNI Policy Statement - Final 022717 PDF

    Uploaded by

    Federal Communications Commission (FCC)
    This document outlines a Customer Proprietary Network Information (CPNI) Protection Policy for two telecommunications companies. [1] It defines CPNI as private customer information related to phone services. [2] The policy states that the companies value customer privacy and have safeguards to protect CPNI, only using it as allowed by law. [3] It describes training, oversight, and processes to ensure proper CPNI handling and respond to any issues.

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Download as pdf
    You are on page 1of 2

    Customer Proprietary Network Information Protection Policy

    Federal law governs the use of Customer Proprietary Network Information (CPNI). This Policy is applicable to
    both T-Systems North America, Inc. (TSNA) and its wholly owned affiliate, Deutsche Telekom North America,
    Inc. (DTNA) (collectively, the Companies). This Policy provides a brief overview of federal law governing
    CPNI, identifies the purposes for which the Companies may use CPNI, and explains steps that the Companies have
    implemented to ensure compliance with their federal CPNI obligations. In addition to this statement, TSNA and
    DTNA each have implemented a CPNI manual, which addresses, among other things, the procedures each company
    has implemented to safeguard its customers CPNI.

    The Companies value customer privacy and have implemented protections designed to safeguard CPNI.

    Federal law defines CPNI as: 1

    Information that relates to the quantity, technical configuration, type, destination, and
    amount of use of a telecommunications service subscribed to by a customer of a
    telecommunications carrier, and is made available to the carrier by the customer solely by
    virtue of the carrier-customer relationship; and

    Information contained in the bills pertaining to a telephone exchange service or telephone


    toll service received by a customer of a carrier. 2

    For example, CPNI includes information such as the type of services that the customer purchases and the customers
    use of those services (e.g., call patterns, call volume, etc.). CPNI does not include information derived from non-
    telecommunications services offered to the customer. Your name, address and phone number are not CPNI.

    Under federal law, absent customer consent, the companies are permitted to use, disclose, or permit access to CPNI
    as follows:

    (1) to protect our rights and property, our customers, and other carriers from fraudulent, abusive, or unlawful use of,
    or subscription to, our services;

    (2) to provide or market service offerings among the categories of service to which the customer already subscribes;

    (3) for the provision of customer premises equipment;

    (4) for billing and rendering services to the customer; and

    (5) as required by law, such as in response to a validly issued subpoena.

    Currently, neither TSNA nor DTNA uses CPNI to market services to customers outside of the category of service to
    which the customer already subscribes. The Companies also do not share CPNI with their affiliates, including one
    another, or third parties for any marketing purposes. If, in the future, the Companies seek to use CPNI to market
    services to customers that are outside of the category of service to which the customer subscribes or to share CPNI
    with affiliates or third parties, TSNA and/or DTNA (as applicable) will provide notice to their customers advising
    them of their right to approve or disapprove of the proposed uses of CPNI. Each company will maintain a list of
    customer preferences.

    1
    See 47 U.S.C. 222 (establishing the duty of common carriers to protect privacy/proprietary information of
    customers).
    2
    See 47 U.S.C. 222(h)(1)(A), (B).
    All marketing campaigns using CPNI must receive prior approval and must be conducted in accordance with this
    Policy and the applicable CPNI manual. The Companies will maintain records of all marketing campaigns that use
    CPNI in accordance with the FCCs rules.

    Employees will be trained as to when they are, and are not, authorized to use CPNI.

    The Companies will take any necessary disciplinary action for violation of this policy, including potential
    termination.

    The Companies have implemented various safeguards designed to protect CPNI. As one example, each company
    has implemented authentication procedures applicable to incoming calls. Each company also has established
    detailed procedures for processing certain account changes, and requires applicable personnel to notify customers
    immediately of certain account changes. The Companies also prohibit the release of call detail information, a subset
    of CPNI, during any inbound call, even after authenticating the caller. The Companies also have implemented
    network safeguards, including, but not limited to, encrypting certain data.

    Protecting our customers privacy is an ongoing process, and we are committed to updating and enhancing our
    protections as is necessary and appropriate. To this end, employees are required to notify the legal department if
    they discover any activity that is indicative of pretexting or of any other activity designed to access our customers
    information. Employees also are required to notify their supervisor (who will notify the legal department)
    immediately if they discover a security breach that has resulted in the unauthorized use, disclosure, or access to
    CPNI. Each company will maintain a record of any CPNI breach that it discovers and will report that breach to the
    appropriate government agencies and to customers, as applicable.

    Each company will track any customer complaints it receives concerning the unauthorized release of CPNI. To
    assist our compliance with this obligation, each employee is required to notify his/her supervisor of any complaint
    alleging an unauthorized release of CPNI.

    Each company has a corporate officer who acts as agent for the company and signs a compliance certificate on an
    annual basis stating that the officer has personal knowledge that the company has established operating procedures
    that are adequate to ensure compliance with applicable CPNI rules. Each company provides a statement that
    accompanies this certificate explaining that its operating procedures are adequate to ensure compliance with CPNI
    regulations.

    If you have any questions regarding this Policy, your companys manual, or the appropriate use of CPNI, please
    contact David Friedman (david.friedman@t-systems.com) in the legal department.

    Updated February 27, 2017

    You might also like