According to sources at the Federal Communications Commission, the Commission plans to vote at its June 27, 2013 meeting about the potential expansion of existing privacy and security rules to customer information that is stored on users’ mobile devices. Last year, the FCC issued a Public Notice seeking comment on these issues noting that since the Commission had last explored these subjects in 2007, “technologies and business practices have evolved dramatically” and wireless carriers have been collecting information about particular consumers’ use of the carriers’ networks without informing consumers of such practices.
In 2007, when the Commission last revised its CPNI Rules, it was focused on a wireless carrier’s duty to erase customer information on mobile devices prior to refurbishing such equipment. Since that time, wireless carriers have acknowledged using software embedded or preinstalled on wireless devices to collect information about the performance of the device and the provider’s network. The Commission, however, is concerned that its existing rules may not directly address privacy and security issues associated with the collection, transmission and storage of this information.
The Commission received almost 50 filings from a wide swath of parties, including the four major U.S. wireless carriers: Verizon Wireless, AT&T, Sprint and T-Mobile; the leading consumer privacy regulator, the Federal Trade Commission; and consumer privacy groups, like the Center for Democracy and Technology and the Electronic Frontier Foundation. Moreover, a number of parties have been actively lobbying the Commission on these issues recently.
We are closely following this proceeding and will update our blog if/when the Commission issues a ruling.