Skip to main content

Telecom Alert: CPNI Certification Filings; Updated Data Breach Notification Rules; Multilingual Wireless Emergency Alerts; Robocall and Robotext Rules [Vol. XXI, Issue 8]

CPNI Compliance Certification Filings

The FCC issued a reminder to telecommunications carriers and interconnected VoIP providers of the obligation to file an annual certification confirming compliance with the FCC’s Customer Proprietary Network Information (“CPNI”) rules by March 1, 2024.  The CPNI rules require providers to protect CPNI from unauthorized access, use, or disclosure.  Certification filings can be made in the Commission’s Electronic Comment Filing System (“ECFS”) or the FCC’s web-based application.  Providers are reminded that failure to file could result in monetary forfeitures of up to $244,958 for each violation.  For more information, please contact Jim Baller (; 202.434.4175) or Wes Wright (; 202.434.4239).

Updated FCC Data Breach Notification Rules

The FCC adopted updated data breach notification rules last year to ensure that telecommunications carriers, interconnected VoIP providers, and telecommunications relay services (“TRS”) providers adequately safeguard sensitive customer information (Vol. XX, Issue 51).  The bulk of the updated rules will take effect on March 13.  The FCC updated the rules on account of an increase in the frequency and severity of data breaches, notably, by expanding the types of personal identification information subject to the rules and expanding the definition of “breach”.  Carriers and TRS providers must notify the Commission of breaches through the existing central reporting facility but are no longer required to notify customers if customers are not reasonably likely to be harmed or the breach only involves encrypted data and the encryption key was not also accessed, used, or disclosed.  For more information, please contact Tracy Marshall (; 202.434.4234).

Comments Sought on Multilingual Wireless Emergency Alerts

The FCC is seeking comment on mechanisms to implement multilingual Wireless Emergency Alerts (“WEA”), as required by the Commission’s rules.  Multilingual WEAs are meant to provide life-saving information to the millions of people living in the United States who do not primarily speak English or Spanish or have a disability and require accessible WEA formats.  The Commission proposes a set of pre-translated messages in English, the 13 most spoken languages in the United States, and American Sign Language (“ASL”), pre-installed and stored on devices offered by participating Commercial Mobile Service (“CMS”) providers, among other things.  Comments and reply comments will be due 30 and 60 days after publication of the Public Notice in the Federal Register, respectively.  For more information, please contact Wes Wright (; 202.434.4239).

Robocall and Robotext Rules Update

The FCC adopted rules to clarify and strengthen consumers rights under the Telephone Consumer Protection Act (“TCPA”) to grant and revoke consent to receive robocalls and robotexts.  The Commission reiterates that revocation of consent can be made in any reasonable manner, requires callers to honor do-not-call and consent revocation requests within a reasonable time not to exceed 10 business days, and limits text senders to a one-time text message confirming receipt of a consumer request that no further text messages be sent.  The Commission also confirmed that revocation of consent only applies to those robocalls and robotexts for which consent is required under the TCPA.  For more information, please contact Wes Wright (; 202.434.4239) or Tim Doughty (; 202.434.4271).

To sign up for our weekly alert, please send us an email at and provide us with your name and email.