Let me cut to the epilogue to give you a flavor of how this ends:
I just called the number to get my SBC / AT&T phone number off “the list”, so to speak. While the number I called does say “AT&T” and leads me into an automated system to enter my phone number..
..it accepts my ten-digit phone number, repeats the entire ten digits, and then says that I have not entered a valid ten digit number!
AT&T, this ain’t looking good for you. I fully intend to try again over the next few days. Consider this the snowball that I just tossed down the great bloghill on the Internet.
So, there’s something called “CPNI” that you deserve the deets on. The (firm and) friendly folk over at EPIC have done a great job summarizing CPNI into one nice little paragraph. It reads;
[snip]
Customer proprietary network information (CPNI) is the data collected by telecommunications corporations about a consumer’s telephone calls. It includes the time, date, duration and destination number of each call, the type of network a consumer subscribes to, and any other information that appears on the consumer’s telephone bill.
Although telecommunications companies were previously able to sell this data to third party companies for marketing purposes, the Telecommunications Act of 1996 required telecommunications companies to obtain customers’ approval prior to sharing their CPNI with third parties. However, there was a difference of opinion on the interpretation of “approval.” EPIC and other privacy advocates and consumer rights groups argued that “approval” implied that a consumer had to give positive, express consent to the sharing of information: that is, to “opt-in” to the marketing scheme. Telecommunications companies argued that they could start from a presumption of approval, and allow customers the choice to “opt-out” of the marketing program by explicitly withdrawing their consent. In 1998, the Federal Communications Commission (FCC) instituted a rule requiring that customers “opt-in” to the marketing program for personal information contained in their CPNI to be shared or used for marketing purposes.
Local telephone service provider U.S. West Inc. challenged the FCC rule in the Federal Court of Appeals for the 10th Circuit. They argued for an opt-out approach, which they suggested would protect their commercial free speech right to market data they collect on customers, while allowing consumers the opportunity to opt-out of such marketing arrangements if they did not want to participate. The court found that the FCC had failed to provide adequate evidence to establish that the rule furthered a substantial government interest, that it materially advanced such an interest, and that it was narrowly tailored to serve that interest.
In September 2001, the FCC issued a clarification of their initial order, permitting carriers to rely on “opt-out” means to secure customer approval to use their CPNI for marketing as an interim measure. The FCC further requested comments from all parties on how it should proceed with the rulemaking proceeding, and to create “a more complete record” on the issues implicated.
In July 2002, the Commission officially adopted rules providing for opt-in–or express consent–customer approval for carriers’ release of customer information to third parties, but permitting opt-out consent for release of information to affiliated parties.
[/snip]
If the words in bold didn’t quite get your attention, here’s take two:
CPNI = your call data. This includes:
- Whom you called, and when, and at what phone number. Translated, your phone number, the other party’s phone number, the time at which the call was placed, and the duration of that call.
- What kind of network service you have. Translated; if you have DSL / cable / cell phone service. I guess cable TV and VoIP could be lurking around in the murky waters of telecom legalese around this one.
- Any other information that appears on your bill. Take a look at your bill. Its got a little “code” that uniquely identifies you. Its got your address. Its got the services you subscribe to. Its got the calls you made. Its got this, that and then some. Its the proverbial kitchen sink of all your telecom needs. It is the way it is because you were sold onto the whole concept of “convergence” by your telecom carrier – that whole “one bill for multiple services” thing. It made sense when you wanted to be on time with all the bills that powered your life, didn’t it?
Like I said, these are the details; and you know what / who one usually finds in the details, don’t you?
For the sake of stressing upon the sheer magnitude of this statement, here it is again:
“Although telecommunications companies were previously able to sell this data to third party companies for marketing purposes…”
Yes. Exactly.
In this day and age of identity theft and the sort, it would be really nice if that “previously” remained in the land of the erstwhile.
And that’s what this is all about. Verizon and SBC-Ameritech / AT&T [click each for a scan of their respective inserts, courtesy the EPIC write-up] have sent their customers a little, easy-to-miss opt-out clause in a recent statement that lets customers opt out of having their, um, “CPNI” be shared with third parties.
Technically, they are meeting the letter of the law. In fact, its almost exactly like the quick quasi-garbled legalese that spews from the squawk box after car commercials and the sort. They’re “educating” the consumer about what the law requires them to educate the consumer about – in a way that is most impractical for education.
There, that’s it. That’s all. If you want to keep your call data away from third parties that your telecommunications’ provider chooses to enter into relationships with, then get on the horn with the following two numbers as soon as you can tear your eyes off this page.
- Verizon customers wishing to opt-out: [(866) 483-9600]
- SBC-Ameritech customers wishing to opt-out: [(800) 303-7260]
I haven’t tried Verizon just yet, but SBC-Ameritech (a.k.a. AT&T) seems to think that my ten-digit phone number (that has been an SBC-served phone number for about 7 successive years now) isn’t a “valid ten digit phone number”.
Once again, kudos to the folks at EPIC for their write-up and resource pointers on everything around this issue…this issue that seems to have, curiously enough, evaded greater scrutiny in the great media blitz that we know as the the Internet.
Now go make that call, would you?
