Justification Statement

JUSTIFICATION FOR EMERGENCY CLEARANCE

The Federal Communications Commission (Commission) is requesting OMB approval under the “emergency processing” provisions of the Paperwork Reduction Act of 1995, 44 U.S.C. § 3507, for the revised information collection requirements contained in 3060-0715, “Telecommunications Carriers’ Use of Customer Proprietary Network Information (CPNI) and Other Customer Information, CC Docket No. 96-115.”

On January 12, 2007, President George W. Bush signed into law the “Telephone Records and Privacy Protection Act of 2006,” which responded to the problem of “pretexting,” or seeking to obtain unauthorized access to telephone records, by making it a criminal offense subject to fines and imprisonment.¹  In particular, pretexting is the practice of pretending to be a particular customer or other authorized person in order to obtain access to that customer’s call detail or other private communications records.  The Telephone Records and Privacy Protection Act of 2006 Act found that such unauthorized disclosure of telephone records is a problem that “not only assaults individual privacy but, in some instances, may further acts of domestic violence or stalking, compromise the personal safety of law enforcement officers, their families, victims of crime, witnesses, or confidential informants, and undermine the integrity of law enforcement investigations.”

On April 2, 2007, the Commission released an order that responded to the practice of pretexting by strengthening its rules to protect the privacy of customer proprietary network information (CPNI) that is collected and held by providers of communications services.²  Section 222 of the Communications Act (Act) requires telecommunications carriers to take specific steps to ensure that CPNI is adequately protected from unauthorized disclosure.  Pursuant to section 222, the Commission adopted new rules focused on the efforts of providers of communications services to prevent pretexting.  These rules require providers of communications services to adopt additional privacy safeguards that, the Commission believes, will sharply limit pretexters’ ability to obtain unauthorized access to the type of personal customer information from carriers that the Commission regulates.  In addition, in furtherance of the Telephone Records and Privacy Protection Act of 2006, the Commission’s rules help ensure that law enforcement will have necessary tools to investigate and enforce prohibitions on illegal access to customer records. 

In light of the importance of this issue to the public interest, the Commission seeks to implement these rules within an aggressive amount of time.  To this end, the Commission identified six months after the CPNI Order’s effective date as a sufficient period of time for carriers and interconnected voice over Internet protocol (VoIP) providers to implement the internal systems changes, practices, and policies necessary to effectuate the new rules.  Implementation of the new anti-prexteting rules upon the expiration of that period on December 8, 2007, is crucial, given the important consumer and public safety considerations raised by pretexting that demand near immediate action.  The Commission cannot comply with the normal clearance procedures set forth in 5 C.F.R. § 1320 because the use of normal clearance procedures is likely to prevent the timely implementation of these critical safeguards to protect against the loss of CPNI through unlawful pretexting activity.  OMB emergency approval thus is vital to the timely implementation of those consumer protections and law enforcement tools, consistent with section 222 of the Act and the Telephone Records and Privacy Protection Act of 2006.  This request for emergency processing is consistent with section 1320.13(a)(2)(i) of OMB regulations, 5 C.F.R. § 1320.13(a)(2)(i), which states that requests for emergency processing shall be accompanied by a written determination that the agency cannot reasonably comply with the normal clearance procedures under this part because “[p]ublic harm is reasonably likely to result if normal clearance procedures are followed.”

To reiterate, the Commission is requesting that OMB approve these information collection requirements under the “emergency processing” provisions of the PRA by December 7, 2007, pursuant to 5 C.F.R. § 1320.13(b).