Supporting Statement OMB 3060-xxxx VRS Reform (2013)

Supporting Statement OMB 3060-xxxx VRS Reform (2013).doc

Structure and Practices of the Video Relay Service Program; Telecommunications Relay Services and Speech-to-Speech Services for Individuals with Hearing and Speech Disabilities, CG Docket No. 10-51...

OMB: 3060-1201

Document [doc]
Download: doc | pdf

3060-XXXX August 2014


Structure and Practices of the Video Relay Service Program; Telecommunications Relay Services and Speech-to-Speech Services for Individuals with Hearing and Speech Disabilities, CG Docket No. 10-51 and 03-123; FCC 13-82



SUPPORTING STATEMENT

A. Justification

  1. Title IV of the Americans with Disabilities Act of 1990 (ADA), adding section 225 to the Communications Act of 1934, as amended (Act), requires that:

(a) The Commission ensures that telecommunications relay service (TRS)1 is available, to the extent possible and in the most efficient manner, to persons with hearing or speech disabilities in the United States;2 and

(b) TRS offers persons with hearing and speech disabilities telephone transmission services that are “functionally equivalent” to voice telephone services.3

Internet-based TRS services

Video Relay Service. In March 2000, the Commission recognized Video Relay Service (VRS) as a form of TRS. VRS requires the use of a broadband Internet connection between the VRS user and the communication assistant (CA), which allows the VRS user and the CA to communicate in sign language via the video link. During the call, the CA communicates in American Sign Language (ASL) with the deaf person and by voice with the hearing person. As a result, the conversation between the deaf and hearing end users follows in near real time.

Internet Protocol Relay Service. In April 2002, the Commission also recognized Internet Protocol Relay (IP Relay) service as a form of TRS. IP Relay permits an individual with a hearing or speech disability to communicate in text using an Internet Protocol-enabled device via the Internet, rather than using a text telephone (TTY) and the public switched telephone network (PSTN).

Internet Protocol Captioned Telephone Relay. In January 2007, the Commission added Internet Protocol Captioned Telephone Relay (IP CTS) as a form of Internet-based TRS service eligible for compensation from the Interstate TRS Fund. IP CTS is a form of captioned telephone relay service where the connection carrying the captions between the relay provider and the user is via the Internet, rather than the PSTN.

2010 VRS Reform NOI

On June 28, 2010, the Commission released the 2010 VRS NOI (FCC 10-111),seeking comment on the Commission’s VRS rules in order to ensure the program is effective, efficient, and sustainable. In the 2010 VRS NOI proceeding, the Commission sought comment on how to improve the program to ensure that it is available to and used by the full spectrum of eligible users, encourage innovation, and improve efficiency so as to be less susceptible to the waste, fraud, and abuse that plague the VRS program.

2011 VRS Reform FNPRM

On December 15, 2011, the Commission released the 2011 VRS Reform FNPRM (FCC 11-184), seeking comment on wide-ranging proposals to improve the structure and efficiency of the VRS program, to ensure that the program is as immune as possible from the waste, fraud, and abuse that threaten its long-term viability, and to revisit the rate methodology used for compensating VRS providers.

2012 VRS Reform and Rate PN

On October 15, 2012 the Commission released the 2012 VRS Reform and Rate PN (DA 12-1644), seeking comment on proposed structural reforms to the VRS program and modification to the VRS compensation rates.

New Information Collection Requirements Which Require OMB Review and Approval

VRS Reform Order

On June 10, 2013, the Commission released the VRS Reform Order (FCC 13-82), adopting further measures to improve the structure, efficiency, and quality of the VRS program, reducing the noted inefficiencies in the program, as well as reducing the risk of waste, fraud, and abuse, and ensuring that the program makes full use of advances in commercially-available technology.

The VRS Reform Order contains new information collection requirements with respect to the following 20 of its requirements.

(A) Reporting unauthorized and unnecessary use of VRS. Any Each VRS provider must report to the Commission or the TRS Fund administrator any of the following fraudulent activities: (1) false or unverified claims for TRS Fund compensation, (2) unauthorized use of VRS, (3) the making of VRS calls that would not otherwise be made, or (4) the use of VRS by persons who do not need the service in order to communicate in a functionally equivalent manner.

(B) VRS CA Service Provider Certification. Each VRS CA Service provider shall describe, in its application for certification, (1) how they provide connectivity to the Neutral Video Communication Service Platform; and (2) how they internally route calls to CAs and then back to the Neutral Video Communication Service Platform to obtain an eligibility status to receive compensation from the TRS Fund.

(C) Provider Certification Annual Compliance Plan. Each VRS provider shall include within its annual report a compliance plan describing the provider’s policies, procedures, and practices for complying with the requirements of preventing and reporting unauthorized and unnecessary use of VRS. Such compliance plan shall include, at a minimum: (i) identification of any officer(s) or managerial employee(s) responsible for ensuring compliance with the requirements of preventing and reporting unauthorized and unnecessary use of VRS; (ii) a description of any compliance training provided to the provider’s officers, employees, and contractors; (iii) identification of any telephone numbers, website addresses, or other mechanisms available to employees for reporting abuses; (iv) a description of any internal audit processes used to ensure the accuracy and completeness of minutes submitted to the TRS Fund administrator; and (v) a description of all policies and practices that the provider is following to prevent waste, fraud, and abuse of the TRS Fund.

(D) Provider Certification Inadequate Annual Compliance Plan Response. If, at any time, the Commission determines that a VRS provider’s compliance plan currently on file is inadequate to prevent waste, fraud, and abuse of the TRS Fund, the Commission shall so notify the provider, shall explain the reasons the plan is inadequate, and shall direct the provider to correct the identified defects and submit an amended compliance plan reflecting such correction within a specified time period not to exceed 60 days.

(E) TRS User Certification of Eligibility. Each VRS provider must certify the eligibility of VRS users by first obtaining written certification from the user containing specific attestations on a separate form, and must submit such certification for existing users and transferred users to the TRS User Registration Database. The certification of eligibility must contain user’s attestation that: (1) the user has a hearing or speech disability; and (2) the user understands that the cost of VRS calls is paid for by contributions from other telecommunications users to the TRS Fund.

(F) TRS User Registration. Each VRS provider shall collect and submit specific information for each new and existing user to the TRS User Registration Database, including the user’s name; address; telephone number assigned in the TRS numbering directory; last four digits of the social security or Tribal Identification number; date of birth; Registered Location; VRS provider name and dates of service; self-certification of eligibility for VRS and the date obtained by the provider; the date on which the user’s identification was verified; and (for existing users only) the date on which the registered Internet-based TRS user last placed a point-to-point or relay call. Each VRS provider must explain clearly the TRS User Registration Database to each user, collect consent from each user to transmit the user’s information to the TRS User Registration Database, and keep a record of such consent. These registration measures will be used by the TRS Fund to ensure the eligibility of users, to enhance the information available to public safety answering points (PSAPs), and to ensure that TRS services are not used for fraudulent or other purposes not authorized by the statute or by the Commission’s rules.

* Note: Each VRS provider is required to maintain the confidentiality of any registration and certification information obtained by the provider under sections (E) and (F) herein; and may not disclose such registration and certification information or the content of such registration and certification information except as required by law or regulation.

(G) TRS User Per-Call Validation. VRS providers will be required to validate the eligibility of the party on the video side of each call by querying the TRS User Registration Database on a per-call basis through a unique user identifier assigned by the administrator of the TRS User Registration Database.

(H) Removal from the TRS User Database. Each VRS provider shall request that the administrator of the TRS User Registration Database remove from the TRS User Registration Database user information for any registered user who no longer wants, or is no longer eligible to use a ten-digit number for TRS services. The administrator of the TRS User Registration Database shall remove the data of these users, and of any user that has neither placed nor received a VRS or point to point call in a one year period.

(I) Assignment of user’s unique identifier. The administrator of the TRS User Registration Database shall assign a unique identifier to each user in the TRS User Registration Database.

(J) Verification of orders for change of default iTRS providers. Prior to changing a user’s default iTRS provider must first obtain authorization from the iTRS user, and a prescribed verification of that authorization. Where a user is authorizing the iTRS provider as default provider for more than one type of TRS, that provider must obtain separate authorization from the iTRS user for each service, verified separately through the prescribed verification procedures. The prescribed verification procedures involve verification of the user’s authorization by an independent third party.

(K) Retention of authorization of orders for change of default iTRS providers. This authorization must be maintained and preserved by the new provider for a minimum period of five years, must be available to the Commission upon request. New requirements are set for the content and format of third party verifications, to ensure that the methods during such third party verifications are not misleading. The new default provider must implement the change order within 60 days of obtaining it.

(L) Notice of the transfer or sale of iTRS users. Acquiring iTRS providers must send advance notice to each affected iTRS user of the transfer or sale of iTRS users. This advance notice must be in American Sign Language to VRS users and in text to IP Relay users, in a manner conforming with the Commission’s rules regarding accessibility to blind and visually-impaired consumers, and must include specific information on the transfer. All iTRS users receiving the notice will be transferred to the acquiring iTRS provider, unless they have selected a different default provider before the transfer date.

(M) Proof of Verification of the Default Provider Change. Within 30 days of the complaint or other notification, the alleged unauthorized default provider shall provide to the Commission’s Consumer and Governmental Affairs Bureau a copy of any valid proof of verification of the default provider change.

(N) Identify TRS minutes attributable to unauthorized change. In addition, any allegedly unauthorized provider must identify to the TRS Fund all minutes submitted for reimbursement that are attributable to the iTRS user after the allegedly unauthorized change of default provider is alleged to have occurred. These “anti-slamming” requirements are established to further protect consumers of TRS services, and to ensure that providers that violate these requirements are not reimbursed for minutes attributable to unauthorized changes.

(O) Access to customer proprietary network information (CPNI). A TRS provider shall use, disclose, or permit access to CPNI upon request by the TRS Fund administrator or the Commission for administrative and investigative purposes.

(P) Approval required for use of customer proprietary network information. If a TRS provider wishes to use CPNI, such provider must first obtain approval from the user. A TRS provider must maintain records of approval for at least one year thereafter.

(Q) Notice required for use of customer proprietary network information. TRS providers are required to provide users notice of their right to deny or restrict use of, disclosure of, or access to their CPNI prior to any solicitation for customer approval to use, disclose, or permit access to their CPNI. The provider must maintain records of this notification during the time period that the approval is in effect and for at least one year thereafter. A TRS provider shall provide individual notice to customers when soliciting approval to use, disclose, or permit access to customers’ CPNI. TRS providers are given specific notice requirements on obtaining user opt-out approval, including notice requirements specific to one-time use of CPNI. These requirements are a consumer protection device to ensure that TRS consumers are adequately notified of their privacy rights relating to use of their CPNI, and to ensure that TRS consumers have privacy rights equivalent to other telephone users.

(R) Safeguards required for use of customer proprietary network information. TRS providers are required to maintain for a minimum of three years a record of marketing campaigns that use their customers’ CPNI, including a record of all instances where CPNI was disclosed to third parties. TRS providers shall establish a supervisory review process regarding TRS provider compliance with the rules in this subpart for outbound marketing situations. TRS providers are required to have an officer sign and file with the Commission a compliance certification on an annual basis, based on his or her personal knowledge, and including a statement accompanying the certification explaining how its operating procedures ensure that it is or is not in compliance with these rules, and an explanation of any actions taken against data brokers, a summary of all customer complaints in the past year concerning the unauthorized release of CPNI, and a report detailing all instances where the TRS provider used, disclosed, or permitted access to CPNI without complying with the required procedures. Instances where the opt-out mechanisms do not work properly, to such a degree that consumers’ inability to opt-out is more than an anomaly, must be reported. These requirements are a consumer protection device to ensure that TRS consumers are adequately notified of their privacy rights relating to use of their CPNI, and to ensure that TRS consumers have privacy rights equivalent to other telephone users.

(S) Safeguards on the disclosure of customer proprietary network information. TRS providers are required to take all reasonable measures, including those measures outlined in the rule, to discover and protect against attempts to gain unauthorized access to CPNI. TRS providers are required to notify customers immediately whenever a password, customer response to a back-up means of authentication for lost or forgotten passwords, online account, or address of record is created or changed. These requirements ensure that TRS consumers have privacy rights equivalent to other telephone users.

(T) Notification of customer proprietary network information security breaches. A TRS provider shall notify law enforcement of a breach of its customers’ CPNI. The TRS provider shall not notify its customers of disclose the breach publicly, whether voluntarily or under state or local law or these rules, until it has completed the process of notifying law enforcement. The TRS provider shall provide a copy of the notification with the Disability Rights Office of the Consumer and Governmental Affairs Bureau at the same time as when the TRS provider notifies the customers. After a TRS provider has completed the process of notifying law enforcement, the TRS provider shall notify its customers of a breach of those customers’ CPNI. All TRS providers shall maintain a record, electronically or in some other manner, of any breaches discovered.

This information collection affects individuals or households. The Commission is not collecting personally identifiable information (PII) for the purpose of populating in the database, the database is made available and accessible by the Commission.. Although TRS users are required to provide their personal information to register for using TRS service, such information is available only to a third-party independent vendor selected by the Commission’s Managing Director and the Commission. The third party vendor and the Commission are required to maintain all registered information, including personal information, in the registration database confidential in accordance to the directives under contract with the Commission’s Managing Director.

The FCC is completing the requirements for a new system of records notice (SORN), FCC/CGB-4, “Internet-based Telecommunications Relay Service-User Registration Database (ITRS-URD),” which will cover the personally identifiable information (PII) that may be collected, maintained, used, and stored, and disposed of when obsolete, and which are part of the information associated with these information collection requirements, i.e., the new SORN will ensure that the PII collected in this information collection will be handled in a manner consistent with the Privacy Act of 1974, as amended.

The statutory authority for these information collections can be found at section 225 of the Communications Act, 47 U.S.C. § 225. The law was enacted on July 26, 1990, as Title IV of the ADA, Public Law 101-336, 104 Stat. 327, 366-69.

2. The VRS Reform Order adopts several measures that contain information collection requirements designed to ensure that TRS is being offered in a manner that the functionally equivalent to a voice telephone service and, at the same time, is being immune from waste, fraud and abuse. These information collection requirements are necessary to protect the integrity of the TRS Fund which pays for the provision of TRS.

The VRS Reform Order adopts reporting and record keeping requirements on potential providers seeking to offer voluntary iTRS services such as VRS, IP Relay and IP CTS services.

3. The Commission encourages VRS providers to use information technology to whatever extent possible to reduce the burden of the information collections adopted in the VRS Reform Order.

Reporting Fraudulent Activity. VRS providers may use electronic means to report fraudulent activity to the Commission.

VRS CA Service Provider Certification. VRS CA Service providers may use electronic means to provide their description of the technology and equipment used to support their call center functions.

Provider Certification Annual Compliance Plan. VRS providers’ annual compliance plans may be submitted to the Commission electronically.

Provider Certification Inadequate Annual Compliance Plan Response. VRS providers’ responses to the Commission’s determination that their annual plan is inadequate may be submitted electronically.

TRS User Certification of Eligibility. VRS providers are specifically permitted to obtain electronic signatures, and maintain electronic records, to comply with these requirements. The Commission expects that a VRS provider’s collection of this information, and reporting of this information, will be performed electronically.

TRS User Registration. The Commission anticipates that an electronic means will be established for VRS providers to query the TRS User Registration Database for user registration. It is also anticipated that user removal from, and queries to, the User Registration Database will be performed electronically.

TRS User Per-Call Validation. Per-call validation will be conducted electronically so as to expedite the call process.

Verification of orders for change of default TRS providers. Authorizations required under this requirement may be electronically signed and preserved. Advance notice sent to users of default transfer may be made electronically, through pre-recorded sign language or textual messages.

Retention of authorization of orders for change of default TRS providers. This authorization may be maintained and preserved electronically by the new provider.

Notice of the transfer or sale of iTRS users. It is anticipated that advance notice will be sent out electronically by acquiring iTRS providers.

Identify TRS minutes attributable to unauthorized change. Provider communications with the TRS Fund are anticipated to be performed through electronic means.

Notice required for use of customer proprietary network information. TRS providers are specifically permitted to provide required notification through electronic means, including email.

Safeguards required for use of customer proprietary network information. Records of use of customers’ CPNI may be preserved electronically, and reporting for iTRS providers is to be included in their annual reports.

Safeguards on the disclosure of customer proprietary network information. The Commission anticipates that most of the safeguards required will be performed through electronic methods.

4. None of the information collected as a result of the VRS Reform Order will be duplicative of other information.

5. In the VRS Reform Order, the Commission has attempted to balance the economic interests of small businesses with the significant public interest in reforming the VRS program, and has taken several steps to minimize the information collection burden for small business concerns, including those with fewer than 25 employees.

Reporting Fraudulent Activity. VRS providers’ reports of fraudulent activity may be submitted to the Commission electronically.

VRS CA Service Provider Certification. VRS CA Service providers’ description of the technology and equipment used to support their call center functions may be submitted to the Commission electronically.

Provider Certification Annual Compliance Plan. VRS providers’ annual compliance plans may be submitted to the Commission electronically.

Internet-based TRS provider and TRS program certification inadequate annual compliance plan response. VRS providers’ responses to the Commission’s determination that their annual plan is inadequate may be submitted electronically.

Internet-based TRS registration. Any burdens associated with requirements relating to registering existing users will be time limited, and will ultimately reduce the record keeping burden on all providers, including small entities.

TRS User Registration Database and administrator. The establishment of the TRS User Registration Database will reduce the record keeping requirements that VRS providers, including small entities, would otherwise bear, and will ultimately simplify the process by which providers can ensure the eligibility of users.

Verification of orders for change of default TRS providers. Authorizations required under this requirement may be electronically signed and preserved. Advance notice sent to users of default transfer may be made electronically, through pre-recorded sign language or textual messages, relieving the burden on small entities and other providers.

Procedures for resolution of unauthorized changes in default provider. These procedures are anticipated to be performed and preserved electronically by the new provider.

Notice of the transfer or sale of iTRS users. It is anticipated that advance notice will be sent out electronically by acquiring iTRS providers.

Identify TRS minutes attributable to unauthorized change. Provider communications with the TRS Fund are anticipated to be performed through electronic means.

Notice required for use of customer proprietary network information. TRS providers are specifically permitted to provide required notification through electronic means, including email, relieving the impact of this requirement on providers, including small entities.

Safeguards required for use of customer proprietary network information. Records of use of customers’ CPNI may be preserved electronically, and reporting for iTRS providers is to be included in their annual reports, so that no additional reporting document will be required for these providers.

Safeguards on the disclosure of customer proprietary network information. The Commission anticipates that most of the safeguards required will be performed through electronic methods, many of which the providers may already have in place.

6. VRS Reform Order. Requiring VRS providers to report fraudulent activity helps to reduce waste, fraud and abuse. Absent this requirement, the waste, fraud, and abuse can drain the TRS Fund and thereby “threaten the availability of . . . relay services that are supported by the Fund for the benefit of legitimate users.”

Requiring VRS providers to provide annual compliance plans helps ensure providers prevent waste, fraud and abuse. Without it, the Commission’s ability to review and enforce its advisory requirements would be hampered.

The requirements that VRS providers must submit information to the new TRS User Registration Database will greatly enhance the ability of the Commission to monitor the eligibility of users, and to protect the TRS Fund from waste, fraud and abuse.

Further, if VRS providers were not required to validate the eligibility of the party on the video side of each call by querying the TRS User Registration Database on a per-call basis, there would be no means of assuring the eligibility of users, again posing a potential threat to the TRS Fund.

Requirements preventing iTRS providers from “slamming”, or unauthorized changes of users’ default providers, ensure that consumer protection policies are enhanced for TRS users, preventing them from being subjected to these unauthorized and unwanted changes. Moreover, it provides protections to TRS users that are consistent with those provided other telephone users, in furtherance of Federal policy.

Restricting the ability of providers that have violated these provisions from receiving reimbursement will advance the Commission’s ability to prevent unauthorized changes, in conformance with Commission policy for all telephone users.

The new requirements relating to notice to TRS users of their right to deny or restrict use of, disclosure of, or access to their CPNI are a consumer protection device to ensure that TRS consumers are adequately notified of their privacy rights relating to use of their CPNI, and to ensure that TRS consumers have privacy rights equivalent to other telephone users.

In addition, if TRS providers were not required to maintain a record of use of their customers’ CPNI, establish a procedure to ensure compliance with the Commission’s restrictions on use of customer information, and report on unauthorized use, the Commission’s ability to ensure compliance with these important consumer privacy requirements would be impaired.

Furthermore, the safeguards established on the disclosure of customer proprietary network information are reasonable, and augment the ability of the TRS providers, and the Commission, to ensure the protection of TRS user’s privacy, and ultimately to ensure that these users have privacy rights equivalent to other telephone users.

7. The collections are not being conducted in any manner inconsistent with the guideline of 5 CFR § 1320.5(d)(1).

8. Pursuant to 5 CFR 1320.8(d), the Commission published a notice in the Federal Register on November 8, 2013, at 78 FR 67146, seeking comments from the public on the information collection requirements contained in this supporting statement. Sorenson Communications, Inc. filed comments on January 7, 2014, raising the following objections: (1) the Internet-based Telecommunications Relay Service-User Registration Database (iTRS-URD) data collection of personally identifiable information (PII) raises privacy risks for consumers; (2) a monthly report of the user’s last VRS or point-to-point call is unduly burdensome; (3) per call validation prior to call set-up is unduly burdensome; and (4) rules are ambiguous in regard to persons with no Social Security numbers.

  1. PII collection raises privacy risks

Sorenson contends that the Section 64.611(a)(4) requirements to collect and submit to the iTRS-URD the user’s date of birth and last four digits of the Social Security number or Tribal identification number are unnecessary and create serious privacy risks for consumers. Sorenson adds that the collection of PII does not pass the “privacy by design” test limiting data collection to only that data which is necessary for a business purpose so as to ensure that the consumer’s private and sensitive information is protected from unauthorized access and theft. Sorenson believes that the collection does not serve a specific business purpose, and contrasts it to the Lifeline Program,4 where the collection of PII was necessary to enforce the one-account-per-household requirement. Sorenson argues that because VRS users are permitted to have multiple phone numbers, the justification for collecting PII in the Lifeline Program does not apply to VRS.

However, the VRS program has also been subject to fraud, abuse and waste for many years. The Commission concluded that, like the Lifeline Program, collection of user PII is necessary to prevent the registration of fraudulent users, thereby ensuring the compensability of VRS calls that are handled. Specifically, collection of PII is necessary to allow the iTRS-URD administrator and the Commission to cross-check and compare users’ submitted information for the purpose of verifying that the registrant is the person he or she claims to be. In the Internet age, an individual seeking to impersonate someone else can conveniently retrieve publicly available information such as name, telephone number and residential address. Collection of the last four digits of each user’s Social Security number (or a similar unique identifier) and date of birth, which are not as readily available publicly, will make it more difficult for individuals to register using someone else’s publicly available identifying information.

Although Sorenson is concerned that the iTRS-URD would be vulnerable to attack, the Commission’s rules limit access to the database to authorized entities and only for authorized purposes, and the Commission intends that all PII will be available for access and modification only through network connections using commercially reasonable encryption. The Order also directs that the iTRS-URD can be used only to authenticate and verify registered users’ information in the database and cannot be used for conducting lookups for marketing purposes. Pursuant to the Order, the iTRS-URD will limit the number of entities who can access the database as well as the data available to each provider to the minimum necessary for each circumstance.

In addition, the FCC intends to add a new Privacy Act system of records, (FCC/CGB-4, iTRS-URD), and notice of this proposal will be published in the Federal Register, inviting the public, including Congress, to submit comments. Once established, this system of records will provide additional safeguards to secure PII stored in the iTRS-URD. Specifically, it will require the iTRS-URD administrator to maintain compliance with the FCC’s computer and information security requirements, including the requirements of the Federal Information Security Management Act. The proposed system of records will contain policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system. The proposed system will designate certain divisions within the FCC to have authority to have access to the iTRS-URD to perform oversight, performance, auditing, and related management functions, duties, and responsibilities.

  1. Monthly report of the user’s last VRS or point-to-point call

Section 64.611(a)(4) of the rules requires VRS providers to collect and transmit to the iTRS-URD the date on which each registered user last placed a VRS or point-to-point call. Sorenson requests clarification of whether this requirement is a one-time obligation or a monthly obligation, arguing that it should be a one-time obligation. Sorenson claims that requiring each provider to submit a monthly update would be unduly burdensome and duplicative, arguing that the TRS Fund Administrator already has the requisite information on VRS calls, and any needed information on point-to-point calls can be provided to the Commission upon request.

The Commission intended that providers would collect and transmit data on the date of each user’s last VRS or point-to-point call to the iTRS-URD on a periodic basis. Specifically, footnote 175 of the VRS Reform Order states that this data will enable identification of individuals who are registered in the database but are no longer using VRS. Providing this critical information one-time only will not enable ongoing identification of such individuals who are no longer using VRS. Rather, the database needs to be updated periodically in order to allow the Commission and the TRS Fund administrator to ensure that each VRS user has a single default provider and that this user is still using the service. The iTRS-URD administrator will then be able to remove inactive registrants from the database. A monthly requirement to provide such data will satisfy the Commission’s intentions of periodic updating and will not be unduly burdensome since it can be accomplished through an automated process. Specifically, providers should, at least, be able to program their internal databases to automatically capture each user’s last VRS or point-to-point call as of the last day of each monthly reporting period and transmit this data to the iTRS-URD.

  1. Per call validation

Section 64.615(a) of the rules requires each provider to validate the eligibility of each user during the call set-up process, prior to the placement of each call. Sorenson claims that this requirement is unduly burdensome and does not enhance program integrity, arguing that there are other means for achieving program integrity. Sorenson suggests, for example, that providers should be allowed to validate the user’s eligibility prior to submission of a call for compensation.

In the VRS Reform Order, the Commission stated that one of the core goals of the Order was to ensure that the VRS program is as immune as possible from the waste, fraud, and abuse that threaten the long-term viability of the program. To that end, the Commission noted that unlawful practices artificially tie up Communications Assistants (CAs) and limit the availability of VRS to legitimate users. Thus, the Commission has determined that the provider’s obligation to validate the user’s eligibility should occur prior to a VRS call rather that after the call has taken place. This will ensure that each call is legitimate. Because the iTRS-URD can accomplish per call validation instantaneously in an automated fashion, we do not find it to be burdensome for providers or consumers.

  1. SSN requirement issue

Section 64.611(a)(4) of the rules requires VRS providers to collect the last four digits of each user’s Social Security number or Tribal identification number if the user has no Social Security number. Sorenson requests that the Commission provide guidance on how providers should handle persons wishing to register for VRS but who do not have Social Security numbers. Noting that Section 225(b)(1) of the Communications Act mandates that TRS be available to “hearing-impaired and speech-impaired individuals in the United States,” Sorenson stresses that this protection extends to individuals who do not have Social Security numbers, including persons who are naturalized citizens, foreign individuals traveling in the US, foreign students attending school in the US, Canadian citizens who reside in southern parts of the US during winter months, persons who have been issued green cards, and undocumented persons.

We take this opportunity to clarify that the Commission did not intend for the requirement that a provider obtain the last four digits of a person’s Social Security number or Tribal identification number to exclude individuals covered under Section 225 from registering to use VRS. Rather, the requirement is meant to ensure that VRS is not susceptible to fraudulent use by those who do not need the service. Therefore, the Commission will take under consideration the question of granting class waivers to specifically allow for alternative methods of demonstrating identity for individuals who do not have a Social Security number or Tribal identification numbers but are eligible to use VRS in the United States. The Commission will take under consideration the following alternative proofs of identity: 1) a valid state driver’s license or other identification issued by a state or local government; 2) for foreign individuals residing in the United States, a valid identification number issued by the individual’s home country; 3) copies of two different billing statements that verify the individual’s name and street address; or 4) Medicare or Medicaid or private health insurance identification card.

In addition, we are cognizant of the challenges with respect to the handling of registration for individuals who reside in the United States but do not have any form of physical identification to verify their identity. Because providers cannot accept registration information from an individual who does not have physical proof of identification, providers may, on behalf of such an individual, file with the Commission a request for waiver of the requirement to provide documentation of the individual’s identity. The Commission will evaluate each waiver request on a case by case basis. comments raising the following objections: (1) the Internet-based Telecommunications Relay Service-User Registration Database (iTRS-URD) data collection of personally identifiable information (PII) raises privacy risks for consumers; (2) a monthly report of the user’s last VRS or point-to-point call is unduly burdensome; (3) per call validation prior to call set-up is unduly burdensome; and (4) rules are ambiguous in regard to persons with no Social Security numbers.

  1. PII collection raises privacy risks

Sorenson contends that the Section 64.611(a)(4) requirements to collect and submit to the iTRS-URD the user’s date of birth and last four digits of the Social Security number or Tribal identification number are unnecessary and create serious privacy risks for consumers. Sorenson adds that the collection of PII does not pass the “privacy by design” test limiting data collection to only that data which is necessary for a business purpose so as to ensure that the consumer’s private and sensitive information is protected from unauthorized access and theft. Sorenson believes that the collection does not serve a specific business purpose, and contrasts it to the Lifeline Program,5 where the collection of PII was necessary to enforce the one-account-per-household requirement. Sorenson argues that because VRS users are permitted to have multiple phone numbers, the justification for collecting PII in the Lifeline Program does not apply to VRS.

However, the VRS program has also been subject to fraud, abuse and waste for many years. The Commission concluded that, like the Lifeline Program, collection of user PII is necessary to prevent the registration of fraudulent users, thereby ensuring the compensability of VRS calls that are handled. Specifically, collection of PII is necessary to allow the iTRS-URD administrator and the Commission to cross-check and compare users’ submitted information for the purpose of verifying that the registrant is the person he or she claims to be. In the Internet age, an individual seeking to impersonate someone else can conveniently retrieve publicly available information such as name, telephone number and residential address. Collection of the last four digits of each user’s Social Security number (or a similar unique identifier) and date of birth, which are not as readily available publicly, will make it more difficult for individuals to register using someone else’s publicly available identifying information.

Although Sorenson is concerned that the iTRS-URD would be vulnerable to attack, the Commission’s rules limit access to the database to authorized entities and only for authorized purposes, and the Commission intends that all PII will be available for access and modification only through network connections using commercially reasonable encryption. The Order also directs that the iTRS-URD can be used only to authenticate and verify registered users’ information in the database and cannot be used for conducting lookups for marketing purposes. Pursuant to the Order, the iTRS-URD will limit the number of entities who can access the database as well as the data available to each provider to the minimum necessary for each circumstance.

In addition, the FCC intends to add a new Privacy Act system of records, (FCC/CGB-4, iTRS-URD), and notice of this proposal will be published in the Federal Register, inviting the public, including Congress, to submit comments. Once established, this system of records will provide additional safeguards to secure PII stored in the iTRS-URD. Specifically, it will require the iTRS-URD administrator to maintain compliance with the FCC’s computer and information security requirements, including the requirements of the Federal Information Security Management Act. The proposed system of records will contain policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system. The proposed system will designate certain divisions within the FCC to have authority to have access to the iTRS-URD to perform oversight, performance, auditing, and related management functions, duties, and responsibilities.

  1. Monthly report of the user’s last VRS or point-to-point call

Section 64.611(a)(4) of the rules requires VRS providers to collect and transmit to the iTRS-URD the date on which each registered user last placed a VRS or point-to-point call. Sorenson requests clarification of whether this requirement is a one-time obligation or a monthly obligation, arguing that it should be a one-time obligation. Sorenson claims that requiring each provider to submit a monthly update would be unduly burdensome and duplicative, arguing that the TRS Fund Administrator already has the requisite information on VRS calls, and any needed information on point-to-point calls can be provided to the Commission upon request.

The Commission intended that providers would collect and transmit data on the date of each user’s last VRS or point-to-point call to the iTRS-URD on a periodic basis. Specifically, footnote 175 of the VRS Reform Order states that this data will enable identification of individuals who are registered in the database but are no longer using VRS. Providing this critical information one-time only will not enable ongoing identification of such individuals who are no longer using VRS. Rather, the database needs to be updated periodically in order to allow the Commission and the TRS Fund administrator to ensure that each VRS user has a single default provider and that this user is still using the service. The iTRS-URD administrator will then be able to remove inactive registrants from the database. A monthly requirement to provide such data will satisfy the Commission’s intentions of periodic updating and will not be unduly burdensome since it can be accomplished through an automated process. Specifically, providers should, at least, be able to program their internal databases to automatically capture each user’s last VRS or point-to-point call as of the last day of each monthly reporting period and transmit this data to the iTRS-URD.

  1. Per call validation

Section 64.615(a) of the rules requires each provider to validate the eligibility of each user during the call set-up process, prior to the placement of each call. Sorenson claims that this requirement is unduly burdensome and does not enhance program integrity, arguing that there are other means for achieving program integrity. Sorenson suggests, for example, that providers should be allowed to validate the user’s eligibility prior to submission of a call for compensation.

In the VRS Reform Order, the Commission stated that one of the core goals of the Order was to ensure that the VRS program is as immune as possible from the waste, fraud, and abuse that threaten the long-term viability of the program. To that end, the Commission noted that unlawful practices artificially tie up Communications Assistants (CAs) and limit the availability of VRS to legitimate users. Thus, the Commission has determined that the provider’s obligation to validate the user’s eligibility should occur prior to a VRS call rather that after the call has taken place. This will ensure that each call is legitimate. Because the iTRS-URD can accomplish per call validation instantaneously in an automated fashion, we do not find it to be burdensome for providers or consumers.

  1. SSN requirement issue

Section 64.611(a)(4) of the rules requires VRS providers to collect the last four digits of each user’s Social Security number or Tribal identification number if the user has no Social Security number. Sorenson requests that the Commission provide guidance on how providers should handle persons wishing to register for VRS but who do not have Social Security numbers. Noting that Section 225(b)(1) of the Communications Act mandates that TRS be available to “hearing-impaired and speech-impaired individuals in the United States,” Sorenson stresses that this protection extends to individuals who do not have Social Security numbers, including persons who are naturalized citizens, foreign individuals traveling in the US, foreign students attending school in the US, Canadian citizens who reside in southern parts of the US during winter months, persons who have been issued green cards, and undocumented persons.

We take this opportunity to clarify that the Commission did not intend for the requirement that a provider obtain the last four digits of a person’s Social Security number or Tribal identification number to exclude individuals covered under Section 225 from registering to use VRS. Rather, the requirement is meant to ensure that VRS is not susceptible to fraudulent use by those who do not need the service. Therefore, the Commission will take under consideration the question of granting class waivers to specifically allow for alternative methods of demonstrating identity for individuals who do not have a Social Security number or Tribal identification numbers but are eligible to use VRS in the United States. The Commission will take under consideration the following alternative proofs of identity: 1) a valid state driver’s license or other identification issued by a state or local government; 2) for foreign individuals residing in the United States, a valid identification number issued by the individual’s home country and copies of two proofs of residency in the United States that verify the individual’s name and residential address, which can include a current listing in a telephone directory, documentation evidencing current attendance at a college, university or other school located in the United States, a lease or rental agreement in the individual’s name, recent utility bills, credit card statements, or other billing statements; or 3) Medicare or Medicaid or private health insurance identification card.

In addition, we are cognizant of the challenges with respect to the handling of registration for individuals who reside in the United States but do not have any form of physical identification to verify their identity. Because providers cannot accept registration information from an individual who does not have physical proof of identification, providers may, on behalf of such an individual, file with the Commission a request for waiver of the requirement to provide documentation of the individual’s identity. The Commission will evaluate each waiver request on a case by case basis.

9. The Commission does not anticipate providing any payment or gift to any respondents. The Commission does not anticipate providing any payment or gift to respondents.

10. The Fund administrator keeps all data obtained from TRS providers confidential and does not disclose such information in company-specific form unless directed to do by the Commission. Further, the Commission takes several steps to specifically protect customer proprietary network information (CPNI). As noted in Question 1, the FCC is completing the requirements for a new system of records notice (SORN), FCC/CGB-4, “Internet-based Telecommunications Relay Service- User Registration Database (ITRS-URD),” which will cover the personally identifiable information (PII) that may be collected, maintained, used, and stored, and disposed of when obsolete, and which are part of the information associated with these information collection requirements. This new SORN should address any privacy concerns.

11. This information collection does not address any private matters of a sensitive nature. However, as noted in Questions 1 and 10, the FCC is completing the requirements for a new system of records notice (SORN), FCC/CGB-4, “Internet-based Telecommunications Relay Service-User Registration Database (ITRS-URD),” which will cover the personally identifiable information (PII) that may be collected, maintained, used, and stored, and disposed of when obsolete, and which are part of the information associated with these information collection requirements. This new SORN should address any privacy concerns.

12. The following represents estimates of the burden hours for the collection of information on the new rules adopted in the VRS Reform Order. The Commission estimates that there are approximately 206 potential TRS providers that would be affected by all of parts of this proposed collection.

COMPONENTS FOR REPORTING AND RECORD KEEPING REQUIREMENTS

Of the 39 potential TRS providers (respondents), the Commission estimates that:

  • Six (6) respondents provide a VRS service;

  • Fourteen (14) respondents provide a VRS CA Service using Neutral Video Communication Service Platform

  • Two (2) respondents provide IP Relay service;

  • Four (4) respondents provide traditional TTY TRS service;

  • Four (4) respondents provide Captioned Telephone Service;

  • Four (5) respondents provide IP Captioned Telephone Service;

  • Four (4) respondents provide Speech-to-Speech relay service

Below are the estimated burdens associated with the new information collections adopted in the VRS Reform Order:

(A) Reporting unauthorized and unnecessary use of VRS.

The Commission estimates that each respondent will require approximately .25 hour (15 minutes) to report to the Commission or the TRS Fund Administrator any of the following fraudulent activities: (1) false or unverified claims for TRS Fund compensation, (2) unauthorized use of VRS, (3) the making of VRS calls that would not otherwise be made, or (4) the use of VRS by persons who do not need the service in order to communicate in a functionally equivalent manner. The Commission estimates that each respondent will report to the Commission or the TRS Fund Administrator on the average of five times per quarter of the year (every 3 months).

Annual Number of Respondents: 20 (VRS and VRS CA Service providers)

Annual Number of Responses: 400 (5 responses per respondent per quarter x 20 respondents)

Annual Burden Hours: 100 hours (.25 hour per response x 400 responses)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to report fraudulent activities.

The Commission estimates respondents’ costs to be about $74.27 per hour to report:

Annual In-House Cost: 100 hours x $74.27 per hour = $7,427

(B) VRS CA Service Provider Certification.

The Commission estimates that each respondent will require approximately 40 hours to prepare and submit application for certification that describes the connectivity to the Neutral Video Communication Service Platform; and the internal routing of calls to CAs and then back to the Neutral Video Communication Service Platform in order to obtain an eligibility status to receive compensation from the TRS Fund. The Commission estimates that each respondent will submit application for certification on a one-time basis within the first year.

Annual Number of Respondents: 14 (VRS CA Service providers)

Annual Number of Responses: 14 (within the first year) (1 response per respondent x 14 respondents)

Annual Burden Hours: 560 hours (within the first year) (40 hour per response x 14 responses)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to prepare and submit application for certification to obtain an eligibility status as a VRS CA Service Provider.

The Commission estimates respondents’ costs to be about $74.27 per hour to prepare and submit application for certification:

Annual In-House Cost: 560 hours x $74.27 per hour = $41,591.20 (within the first year)

(C) Provider Certification Annual Compliance Plan.

The Commission estimates that each respondent will require approximately 80 hours to prepare and submit an annual report of a compliance plan describing the provider’s policies, procedures, and practices for complying with the requirements of preventing and reporting unauthorized and unnecessary use of VRS. Such compliance plan involves the following required information: (i) identification of any officer(s) or managerial employee(s) responsible for ensuring compliance with the requirements of preventing and reporting unauthorized and unnecessary use of VRS; (ii) a description of any compliance training provided to the provider’s officers, employees, and contractors; (iii) identification of any telephone numbers, website addresses, or other mechanisms available to employees for reporting abuses; (iv) a description of any internal audit processes used to ensure the accuracy and completeness of minutes submitted to the TRS Fund administrator; and (v) a description of all policies and practices that the provider is following to prevent waste, fraud, and abuse of the TRS Fund.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers)

Annual Number of Responses: 20 (1 response per respondent x 20 respondents)

Annual Burden Hours: 1,600 hours (80 hour per response x 20 responses)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to prepare and submit an annual compliance plan report.

The Commission estimates respondents’ costs to be about $74.27 per hour to prepare and submit an annual compliance plan report:

Annual In-House Cost: 1,600 hours x $74.27 per hour = $118,832

(D) Provider Certification Inadequate Annual Compliance Plan Response.

The Commission estimates that each respondent will require approximately 5 hours to prepare and submit an amended compliance plan correcting the identified defects upon the Commission’s request on an annual basis.

Annual Number of Respondents: 10 (VRS CA Service providers)

Annual Number of Responses: 10 (1 response per respondent x 10 respondents)

Annual Burden Hours: 50 hours (5 hour per response x 10 responses)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/15), plus 30% overhead) to prepare and submit an amended compliance plan report.

The Commission estimates respondents’ costs to be about $74.27 per hour to prepare and submit an amended compliance plan report:

Annual In-House Cost: 50 hours x $74.27 per hour = $3,713.50





(E) TRS User Certification of Eligibility.7

1. The Commission estimates that each respondent will require approximately .25 hour (15 minutes) to certify the eligibility of VRS users. Such certifying process require the respondent to first obtain written certification from the user containing specific attestations on a separate form, and must submit such certification for existing users and transferred users to the TRS User Registration Database. The certification of eligibility must contain user’s attestation that: (1) the user has a hearing or speech disability; and (2) the user understands that the cost of VRS calls is paid for by contributions from other telecommunications users to the TRS Fund. This is a one-time requirement that will be met within the first year.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers) will certify 275,000 existing potential users

Annual Number of Responses: 275,000 (within the first year) (1 response per VRS users x 275,000)

Annual Burden Hours: 68,750 (within the first year) (.25 hour per response x 275,000)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to certify the eligibility of VRS users.

The Commission estimates respondents’ costs to be about $74.27 per hour to certify the eligibility of VRS users:

Annual In-House Cost: $5,106,062.50 = $1,702,020.83 (within the first year) (68,750 x $74.27)

2. The Commission estimates that each respondent will require approximately .25 hour (15 minutes) to certify the eligibility of newly enrolled VRS users annually. Such certifying process require the respondent to first obtain written certification from the user containing specific attestations on a separate form, and must submit such certification for existing users and transferred users to the TRS User Registration Database. The certification of eligibility must contain user’s attestation that: (1) the user has a hearing or speech disability; and (2) the user understands that the cost of VRS calls is paid for by contributions from other telecommunications users to the TRS Fund.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers) will enroll 15,000 new users

Annual Number of Responses: 15,000 (1 response per new user x 15,000)

Annual Burden Hours: 3,750 (.25 hour per response x 15,000)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5, plus 30% overhead) to certify the eligibility of newly enrolled VRS users.

The Commission estimates respondents’ costs to be about $74.27 per hour to certify the eligibility of newly enrolled VRS users:

Annual In-House Cost: 3,750 hours x 74.27/hour = $278,512.50

(F) TRS User Registration.8

1. The Commission estimates that each respondent will require approximately .3 hour (18 minutes) to collect and submit specific information for each existing user to the TRS User Registration Database, including the user’s name; address; telephone number assigned in the TRS numbering directory; last four digits of the social security or Tribal Identification number; date of birth; Registered Location; VRS provider name and dates of service; self-certification of eligibility for VRS and the date obtained by the provider; the date on which the user’s identification was verified; and (for existing users only) the date on which the registered Internet-based TRS user last placed a point-to-point or relay call. Such procedure involves a clear explanation about the TRS User Registration Database to each user, collection of consent from each user to transmit the user’s information to the TRS User Registration Database. This is a one-time requirement that will be met within the first year.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers) will collect and submit information for 275,000 existing users

Annual Number of Responses: 275,000 (within the first year) (1 response per users x 275,000 users)

Annual Burden Hours: 82,500 hours (within the first year) (.3 hour per response x 275,000 responses)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to collect and submit the required information for each user to the TRS User Registration Database.

The Commission estimates respondents’ costs to be about $74.27 per hour to collect and submit the required information for each user to the TRS User Registration Database:

Annual In-House Cost: $6,127,275 (within the first year) (82,500 hours x $74.27 per)

2. The Commission estimates that each respondent will require approximately .3 hour (18 minutes) annually to collect and submit specific information for each newly enrolled user to the TRS User Registration Database, including the user’s name; address; telephone number assigned in the TRS numbering directory; last four digits of the social security or Tribal Identification number; date of birth; Registered Location; VRS provider name and dates of service; self-certification of eligibility for VRS and the date obtained by the provider; the date on which the user’s identification was verified; and (for new users only) the date on which the registered Internet-based TRS user last placed a point-to-point or relay call. Such procedure involves a clear explanation about the TRS User Registration Database to each user, collection of consent from each user to transmit the user’s information to the TRS User Registration Database.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers) will enroll 15,000 new users

Annual Number of Responses: 15,000 (1 response per new users x 15,000 new users)

Annual Burden Hours: 4,500 hours (.3 hour per response x 15,000 responses)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to collect and submit the required information for each newly enrolled user to the TRS User Registration Database.

The Commission estimates respondents’ costs to be about $74.27 per hour to collect and submit the required information for each newly enrolled user to the TRS User Registration Database:

Annual In-House Cost: $334,215 (4,500 hours x $74.27 per hour)

3. The Commission estimates that each respondent will require approximately .05 hour (3 minutes) to retain a record of consent from each user to transmit the user’s information to the TRS User Registration Database. This is a one-time requirement that will be met within the first year.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers) will retain consent records from 275,000 existing users

Annual Number of Responses: 275,000 (within the first year) (1 response per user x 275,000 users)

Annual Burden Hours: 13,750 (within the first year) (.05 hour per response x 275,000 responses)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to retain a record of consent from each user to transmit the user’s information to the TRS User Registration Database.

The Commission estimates respondents’ costs to be about $74.27 per hour to retain a record of consent from each user to transmit the user’s information to the TRS User Registration Database:

Annual In-House Cost: $1,021,212.50 (within the first year) (13,750 hours x $74.27)

4. The Commission estimates that each respondent will require approximately .05 hour (3 minutes) annually to retain a record of consent from each user to transmit the user’s information to the TRS User Registration Database.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers) will retain consent records from 15,000 new users

Annual Number of Responses: 15,000 (1 response per new user x 15,000 new users)

Annual Burden Hours: 750 (.05 hour per response x 15,000 responses)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to retain a record of consent from each user to transmit the user’s information to the TRS User Registration Database.

The Commission estimates respondents’ costs to be about $74.27 per hour to retain a record of consent from each user to transmit the user’s information to the TRS User Registration Database:

Annual In-House Cost: $55,702.50 (750 hours x $74.27 per hour)

(G) TRS User Per-Call Validation.9

The Commission estimates that each respondent will require approximately .005 hour (1/3rd of a minute) annually to validate the eligibility of the party on the video side of each call by querying the TRS User Registration Database on a per-call basis through a unique user identifier assigned by the administrator of the TRS User Registration Database. This is a one-time requirement for each call annualized over the course of 3 years.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers) will validate 275,000 existing users

Annual Number of Responses: 6,875,000 (25 responses (calls) per user x 275,000 users)

Annual Burden Hours: 34,375 hours (.005 hour per response x 6,875,000 responses)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to validate the eligibility of the party on the video side of each call by querying the TRS User Registration Database on a per-call basis through a unique user identifier assigned by the administrator of the TRS User Registration Database.

The Commission estimates respondents’ costs to be about $74.13 per hour to validate the eligibility of the party on the video side of each call by querying the TRS User Registration Database on a per-call basis through a unique user identifier assigned by the administrator of the TRS User Registration Database:

Annual In-House Cost: 34,375 hours x $74.27 per hour = $2,553,031.25

(H) Removal from the TRS User Database.

The Commission estimates that each respondent will require approximately .1 hour (6 minutes) annually to submit request that the administrator of the TRS User Registration Database remove from the TRS User Registration Database user information for any registered user who no longer wants, or is no longer eligible to use a ten-digit number for TRS services.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers)

Annual Number of Responses: 14,000 (700 responses per respondent x 20 respondents)

Annual Burden Hours: 1,400 hours (.1 hour per response x 14,000 responses)

The Commission assumes that respondents will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to submit request that the administrator of the TRS User Registration Database remove from the TRS User Registration Database user information for any registered user who no longer wants, or is no longer eligible to use a ten-digit number for TRS services.

The Commission estimates respondents’ costs to be about $74.27 per hour to submit request that the administrator of the TRS User Registration Database remove from the TRS User Registration Database user information for any registered user who no longer wants, or is no longer eligible to use a ten-digit number for TRS services:

Annual In-House Cost: 1,400 hours x $74.27 per hour = $103,978

(I) Assignment of user’s unique identifier.

1. The Commission estimates that the administrator of the TRS User Registration Database will require approximately .05 hour (3 minutes) to assign a unique identifier to each respondent in the TRS User Registration Database on a one-time basis within the first year.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers) will assign 275,000 existing users unique identifiers

Annual Number of Responses: 275,000 (within the first year) (1 response per user x 275,000 users)

Annual Burden Hours: 13,750 hours (within the first year) (.05 hour per response x 275,000 responses)

The Commission assumes that the administrator of the TRS User Registration Database will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to assign a unique identifier to each respondent in the TRS User Registration Database.

The Commission estimates the administrator’s costs to be about $74.27 per hour to assign a unique identifier to each respondent in the TRS User Registration Database:

Annual In-House Cost: 13,750 hours x $74.27 per hour = $1,021,212.50 (within the first year)

2. The Commission estimates that the administrator of the TRS User Registration Database will require approximately .05 hour (3 minutes) annually to assign a unique identifier to each user in the TRS User Registration Database.

Annual Number of Respondents: 20 (VRS and VRS CA Service providers) will assign 15,000 new users unique identifiers

Annual Number of Responses: 15,000 (1 response per user x 15,000 users)

Annual Burden Hours: 750 hours (.05 hour per response x 15,000 responses)

The Commission assumes that the administrator of the TRS User Registration Database will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to assign a unique identifier to each user in the TRS User Registration Database.

The Commission estimates the administrator’s costs to be about $74.27 per hour to assign a unique identifier to each respondent in the TRS User Registration Database:

Annual In-House Cost: 750 hours x $74.27 per hour = $55,702.50

(J) Verification of orders for change of default iTRS providers.

The Commission estimates that iTRS provider will require approximately .25 hour (15 minutes) on an on-going basis to process the verification of orders for change of default iTRS providers for each response which involves the verification of an independent third party.

Annual Number of Respondents: 22 providers (20 VRS and VRS CA Service providers, and 2 IP Relay providers)

Annual Number of Responses: 38,500 (1,750 responses per respondent x 22 respondents)

Annual Burden Hours: 9,625 hours (.25 hour per response x 38,500 responses)

The Commission assumes that the iTRS provider will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to process the verification of orders for change of default iTRS providers.

The Commission estimates the iTRS provider’s costs to be about $74.27 per hour to process the verification of orders for change of default iTRS providers:

Annual In-House Cost: 9,625 hours x $74.27 per hour = $714,848.75

(K) Retention of authorization of orders for change of default iTRS providers.

The Commission estimates that the new default provider will require approximately .1 hour (6 minutes) on an on-going basis to retain authorization of the change order for a minimum period of five years which must be available to the Commission upon request.

Annual Number of Respondents: 22 (20 VRS and VRS CA Service providers, and 2 IP Relay providers)

Annual Number of Responses: 38,500 (1,750 responses per respondent x 22 respondents)

Annual Burden Hours: 3,850 hours (.1 hour per response x 38,500 responses)

The Commission assumes that the new default provider will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to retain authorization of the change order for a minimum period of five years.

The Commission estimates the new iTRS provider’s costs to be about $74.27 per hour to retain authorization of the change order for a minimum period of five years:

Annual In-House Cost: 3,850 hours x $74.27 per hour = $285,939.50

(L) Notice of the transfer or sale of iTRS users.

The Commission estimates that each respondent will require approximately .15 hour (9 minutes) on an on-going basis to prepare and send advance notice to each affected iTRS user of the transfer or sale of iTRS users which such notice must be in American Sign Language to VRS users and in text to IP Relay users, in a manner conforming with the Commission’s rules regarding accessibility to blind and visually-impaired consumers, and must include specific information on the transfer.

Annual Number of Respondents: 22 (20 VRS and VRS CA Service providers, and 2 IP Relay providers)

Annual Number of Responses: 550,000 (25,000 responses per respondent x 22 respondents)

Annual Burden Hours: 82,500 hours (.15 hour per response x 550,000 responses)

The Commission assumes that each respondent will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to prepare and send advance notice to each affected iTRS user.

The Commission estimates the new iTRS provider’s costs to be about $74.27 per hour to prepare and send advance notice to each affected iTRS user:

Annual In-House Cost: 82,500 hours x $74.27 per hour = $6,127,275

(M) Proof of Verification of the Default Provider Change.

The Commission estimates that each respondent will require approximately .1 hour (6 minutes) on an on-going basis to prepare and send to the Commission’s Consumer and Governmental Affairs Bureau a copy of any valid proof of verification of the default provider change.

Annual Number of Respondents: 22 (20 VRS providers and 2 IP Relay providers)

Annual Number of Responses: 1,100 (50 responses per respondent x 22 respondents)

Annual Burden Hours: 110 hours (.1 hour per response x 1,100 responses)

The Commission assumes that each respondent will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5, plus 30% overhead) to prepare and send to the Commission’s Consumer and Governmental Affairs Bureau a copy of any valid proof of verification of the default provider change.

The Commission estimates that each respondent’s costs to be about $74.27 per hour to prepare and send to the Commission’s Consumer and Governmental Affairs Bureau a copy of any valid proof of verification of the default provider change:

Annual In-House Cost: 110 hours x $74.27 per hour = $8,169.70

(N) Identify TRS minutes attributable to unauthorized change.

The Commission estimates that each respondent (allegedly unauthorized provider) will require approximately .15 hour (9 minutes) on an on-going basis to identify to the TRS Fund administrator all minutes submitted for reimbursement that are attributable to the iTRS user after the allegedly unauthorized change of default provider is alleged to have occurred.

Annual Number of Respondents: 22 (20 VRS and VRS CA Service providers, and 2 IP Relay providers)

Annual Number of Responses: 550 (25 responses per respondent x 22 respondents)

Annual Burden Hours: 82.50 (83) hours (.15 hour per response x 550 responses)

The Commission assumes that each respondent will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to identify to the TRS Fund administrator all minutes submitted for reimbursement that are attributable to the iTRS user after the allegedly unauthorized change of default provider is alleged to have occurred.

The Commission estimates that each respondent’s costs to be about $74.27 per hour to identify to the TRS Fund administrator all minutes submitted for reimbursement that are attributable to the iTRS user after the allegedly unauthorized change of default provider is alleged to have occurred:

Annual In-House Cost: 83 hours x $74.27 per hour = $6,164.41

(O) Access to customer proprietary network information.

The Commission estimates that each respondent will require approximately .1 hour (6 minutes) on an on-going basis to prepare a response to the Fund administrator or the Commission’s request to disclose, or permit access to CPNI for administrative and investigative purposes.

Annual Number of Respondents: 39

Annual Number of Responses: 585 (15 responses per respondent x 39 respondents)

Annual Burden Hours: 58.50 (59) hours (.1 hour per response x 585 responses)

The Commission assumes that each respondent will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to prepare a response to the Fund administrator or the Commission’s request to disclose, or permit access to CPNI.

The Commission estimates that each respondent’s costs to be about $74.27 per hour to prepare a response to the Fund administrator or the Commission’s request to disclose, or permit access to CPNI:

Annual In-House Cost: 59 hours x $74.27 per hour = $4,381.93

(P) Approval required for use of customer proprietary network information.

The Commission estimates that each respondent will require approximately .1 hour (6 minutes) on an on-going basis to obtain approval from the user if the respondent wishes to use CPNI, and to maintain records of approval for at least one year thereafter.

The Commission assumes that each respondent will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to obtain approval from the user if the respondent wishes to use CPNI, and to maintain records of approval for at least one year thereafter.

Annual Number of Respondents: 39

Annual Number of Responses: 780,000 (20,000 responses per respondent x 39 respondents)

Annual Burden Hours: 78,000 hours (.1 hour per response x 780,000 responses)

The Commission estimates that each respondent’s costs to be about $74.27 per hour to obtain approval from the user if the respondent wishes to use CPNI, and to maintain records of approval for at least one year thereafter:

Annual In-House Cost: 78,000 hours x $74.27 per hour = $5,793,060

(Q) Notice required for use of customer proprietary network information.

The Commission estimates that each respondent will require approximately .2 hour (12 minutes) on an on-going to notify users of their right to deny or restrict use of, disclosure of, or access to their CPNI prior to any solicitation for customer approval to use, disclose, or permit access to their CPNI, including their right to opt-in or opt-out for using their CPNI, and to maintain records of such notification during the time period that the approval is in effect and for at least one year thereafter.

Annual Number of Respondents: 39

Annual Number of Responses: 409,500 (10,500 responses per respondent x 39 respondents)

Annual Burden Hours: 81,900 hours (.2 hour per response x 409,500 responses)

The Commission assumes that each respondent will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to notify users of their right to deny or restrict use of, disclosure of, or access to their CPNI prior to any solicitation for customer approval to use, disclose, or permit access to their CPNI, including their right to opt-in or opt-out for using their CPNI, and to maintain records of such notification for at least one year.

The Commission estimates that each respondent’s costs to be about $74.27 per hour to notify users of their right to deny or restrict use of, disclosure of, or access to their CPNI prior to any solicitation for customer approval to use, disclose, or permit access to their CPNI, including their right to opt-in or opt-out for using their CPNI, and to maintain records of such notification for at least one year:

Annual In-House Cost: 81,900 hours x $74.27 per hour = $60,827,130

(R) Safeguards required for use of customer proprietary network information.

The Commission estimates that each respondent will require approximately 40 hours to maintain for a minimum of three years a record of marketing campaigns that use their customers’ CPNI, including a record of all instances where CPNI was disclosed to third parties, to establish a supervisory review process regarding TRS provider compliance with the rules for outbound marketing situations, and to have its officer sign and file with the Commission a compliance certification on an annual basis, based on his or her personal knowledge, and including a statement accompanying the certification explaining how its operating procedures ensure that it is or is not in compliance with these rules, and an explanation of any actions taken against data brokers, a summary of all customer complaints in the past year concerning the unauthorized release of CPNI, and a report detailing all instances where the TRS provider used, disclosed, or permitted access to CPNI without complying with the required procedures. Such report must include instances where the opt-out mechanisms do not work properly, to such a degree that consumers’ inability to opt-out is more than an anomaly.

Annual Number of Respondents: 39

Annual Number of Responses: 39 (1 response per respondent x 39 respondents)

Annual Burden Hours: 1,560 hours (40 hours per response x 39 responses)

The Commission assumes that each respondent will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to maintain record of marketing campaigns that use their customers’ CPNI and to prepare and submit a report associated with marketing campaigns that that use their customers’ CPNI as described above.

The Commission estimates that each respondent’s costs to be about $74.27 per hour to maintain record of marketing campaigns that use their customers’ CPNI and to prepare and submit a report associated with marketing campaigns that that use their customers’ CPNI as described above:

Annual In-House Cost: 1,560 hours x $74.27 per hour = $115,861.20

(S) Safeguards on the disclosure of customer proprietary network information.

The Commission estimates that each respondent will require approximately .2 hour (12 minutes) on an on-going basis to notify customers immediately whenever a password, customer response to a back-up means of authentication for lost or forgotten passwords, online account, or address of record is created or changed.

Annual Number of Respondents: 39

Annual Number of Responses: 7,800 (200 responses per respondent x 39 respondents)

Annual Burden Hours: 1,560 hours (.2 hour per response x 7,800 responses)

The Commission assumes that each respondent will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) to notify customers immediately whenever a password, customer response to a back-up means of authentication for lost or forgotten passwords, online account, or address of record is created or changed.

The Commission estimates that each respondent’s costs to be about $74.27 per hour to notify customers immediately whenever a password, customer response to a back-up means of authentication for lost or forgotten passwords, online account, or address of record is created or changed:

Annual In-House Cost: 1,560 hours x $74.27 per hour = $115,861.20

(T) Notification of customer proprietary network information security breaches.

The Commission estimates that each respondent will require approximately 1 hour on an on-going basis to: (1) first notify law enforcement of a breach of its customers’ CPNI, (2) to notify its customers of the security breach (after completion of the process of notifying law enforcement), (3) to provide a copy of the notification with the Disability Rights Office of the Consumer and Governmental Affairs Bureau at the same time as when the TRS provider notifies the customers, and (4) to maintain a record, electronically or in some other manner, of any breaches discovered.

Annual Number of Respondents: 39

Annual Number of Responses: 585 (15 responses per respondent x 39 respondents)

Annual Burden Hours: 585 hours (1 hour per response x 585 responses)

The Commission assumes that each respondent will use “in-house” personnel whose pay is comparable to senior level federal employees (GS-14/5), plus 30% overhead) (1) to first notify law enforcement of a breach of its customers’ CPNI, (2) to notify its customers of the security breach (after completion of the process of notifying law enforcement), (3) to provide a copy of the notification with the Disability Rights Office of the Consumer and Governmental Affairs Bureau at the same time as when the TRS provider notifies the customers, and (4) to maintain a record, electronically or in some other manner, of any breaches discovered.

The Commission estimates that each respondent’s costs to be about $74.27 per hour (1) to first notify law enforcement of a breach of its customers’ CPNI, (2) to notify its customers of the security breach (after completion of the process of notifying law enforcement), (3) to provide a copy of the notification with the Disability Rights Office of the Consumer and Governmental Affairs Bureau at the same time as when the TRS provider notifies the customers, and (4) to maintain a record, electronically or in some other manner, of any breaches discovered:

Annual In-House Cost: 585 hours x $74.27 per hour = $43,447.95

TOTAL ANNUAL BURDENS ARE AS FOLLOWS:

Total Annual Number of Respondents: 39

Total Annual Number of Responses: 9,876,603

Total Annual Burden Hours: 486,417 hours

Total Annual “In-House” Costs: $87,466,565.92



13. The Commission estimates that iTRS providers will not incur any cost burden from the collection of information because iTRS providers will be compensated from the TRS Fund associated with the costs of compliance:

(a) Total annualized capital/start-up cost: $0

(b) Total annual costs (operation and maintenance): $0

(c) Total annualized cost requested: $0

14. The Commission believes that the costs to the Federal government emanating from these new proposed information collections will involve:

(a) initial staff review of the submissions of application for eligibility certification as a VRS CA service provider and annual compliance reports. Therefore, the Commission will use staff attorneys at the GS-14/5 level to review this information. The Commission estimates the time to review this information will be approximately 20 hours per month = 240 hours annually.

240 hrs x $57.13 = $13,711.20

(b) senior staff review of issues identified and escalated from the initial staff review of information contained in these submissions, Therefore, the Commission will use staff attorneys at the GS 15/5 level to review escalated issues and information. The Commission estimates the time to review this information will be approximately 15 hours per month = 180 hours annually.

180 hrs x $67.21 = $12,097.80

Total Cost to the Federal Government: $25,809

15. The Commission is submitting this collection as a new collection. Therefore, the following program changes will be added to OMB’s inventory upon its approval: +39 annual number of respondents, +9,876,603 annual number of responses, +486,417 annual burden hours; and $0 annual cost.

16. There are no plans to publish the results of the collection of information.

17. The Commission is not seeking approval not to display the expiration date for OMB approval of these collections of information.

18. There are not exceptions to Certification Statement.

B. Collections of Information Employing Statistical Methods

The Commission does not anticipate that the collection of information will employ statistical methods.





1 TRS is a telephone transmission service that allows persons with a hearing or speech disability to engage in communications by wire or radio with a hearing individual in a manner that is functionally equivalent to the ability of an individual who does not have a hearing or speech disability to communicate using voice communication services by wire or radio. See 47 CFR 64.601(21). TRS facilities are staffed by communications assistants (CAs) who relay conversations between people who use text telephone devices (TTY’s) or other devices and people who communicate by voice.

2 47 U.S.C. § 225(b)(1).

3 47 U.S.C. § 225(a)(3).

4 See Lifeline and Link Up Reform and Modernization, Lifeline and Link Up, Federal-State Joint Board on Universal Service, Advancing Broadband Availability Through Digital Literacy Training, WC Docket Nos. 11-42, 03-109, and 12-23, CC Docket No. 96-45, Report and Order and Further Notice of Proposed Rulemaking, 27 FCC Rcd 6656, 6709-12, ¶¶ 111-14, ¶ 120 (2012) (Lifeline & Link Up Reform and Modernization Order).

5 See Lifeline and Link Up Reform and Modernization, Lifeline and Link Up, Federal-State Joint Board on Universal Service, Advancing Broadband Availability Through Digital Literacy Training, WC Docket Nos. 11-42, 03-109, and 12-23, CC Docket No. 96-45, Report and Order and Further Notice of Proposed Rulemaking, 27 FCC Rcd 6656, 6709-12, ¶¶ 111-14, ¶ 120 (2012) (Lifeline & Link Up Reform and Modernization Order).

6 Collectively, there will be approximately 39 TRS providers affected by this information collection. However, there may be several instances where less than 39 TRS providers will be subjected to certain information collection requirements.

7 Although the TRS User Certification of Eligibility requirement applies to VRS, the Commission contemplates extending this requirement to other forms of TRS services in the future.

8 Although the TRS User Registration requirement applies to VRS, the Commission contemplates extending this requirement to other forms of TRS services in the future.

9 Although the TRS User Per-Call Validation requirement applies to VRS, the Commission contemplates extending this requirement to other forms of TRS services in the future

30

File Typeapplication/msword
File TitleIn the Notice released March 10, 2004, the Federal Communications Commission (“Commission”) asked, among other things, about
AuthorLisa E. Boehley
Last Modified ByCathy Williams
File Modified2014-08-14
File Created2014-08-09

© 2024 OMB.report | Privacy Policy