FCC Privacy Rules Updated for Smartphone Era

By Nickolas Milonas, Marc Martin, and Marty Stern

The Federal Communications Commission adopted a Declaratory Ruling that updates and broadens the scope of the FCC’s customer proprietary network information (CPNI) rules applicable to customer information stored on mobile devices.  Specifically, the ruling clarifies that wireless carriers have the same obligations to protect CPNI collected and stored on mobile devices using carrier software tools, as they do for CPNI collected through network facilities.  The Declaratory Ruling does not apply to third-party app developers, apps that customers download from an app store, nor to device manufacturers or operating system developers.  Commissioner Jessica Rosenworcel noted that the rules were in need of updating because the last time they were, the iPhone did not yet exist.

Under the existing rules, wireless carriers may use wireless devices to collect information regarding network use.  This type of information can include phone numbers of calls made and received, duration of calls, and the location of the device during the call.  Carriers use this information to monitor network congestion and improve network performance.  The FCC specifically recognized these benefits of carriers collecting CPNI on mobile devices and made clear that it was not barring carriers from doing so.  The Declaratory Ruling found, however, that when this information is stored on the mobile device of a customer, it may be vulnerable to unauthorized access and should be subject to similar protections as customer information maintained on carrier networks.  Consequently, the Declaratory Ruling requires wireless carriers to take “reasonable precautions” to safeguard that data, just as if the carrier was collecting the information from its network facilities, provided that the data is collected at the carrier’s direction and the carrier or its designee has access to or control over the information.  The Declaratory Ruling does not mandate a specific set of precautions or safeguards, but instead leaves it to each carrier to determine its own means of appropriate protection.

Tweet Like Email
Trackbacks (0) Links to blogs that reference this article Trackback URL
http://www.tmtlawwatch.com/admin/trackback/302303
Comments (0) Read through and enter the discussion with the form at the end
Post A Comment / Question Use this form to add a comment to this entry.







Remember personal info?
Send To A Friend Use this form to send this entry to a friend via email.