Академический Документы
Профессиональный Документы
Культура Документы
February4,2014 BYELECTRONICSUBMISSION MarleneH.Dortch,Secretary FederalCommunicationsCommission OfficeoftheSecretary 44512thStreet,S.W.,SuiteTWA325 Washington,DC20554 Subject:EBDocketNo.0636,CPNICertificationdueMarch1,2014(CY2013Operations) DearMs.Dortch: J.T.S.Communications(herebyreferredtoasthe"Company"),submitsthefollowing CPNICertification,regardingitsCalendarYear2013operations,incompliancewithSection 64.2001etseq.oftheCommission'srules. TheCompanyrespectfullyaskstheCommissiontoacceptthefollowingCertificationas timelyfiled,intermsoftheMarch1,2014filingdeadlinelistedin47C.F.R.64.2009(e). ________________________ AlonzoBeyene IndustryAssuranceConsulting,Inc. RegulatoryAnalyst
B. Use of CPNI (1)TheCompanymay,ifapplicable,use,disclose,orpermitaccesstoCPNIforthepurposeof providingormarketingserviceofferingsamongthecategoriesofservice(i.e.,local, interexchange,andCMRS)towhichthecustomeralreadysubscribesfromtheCompany, withoutcustomerapproval. (2)TheCompanydoesnotuse,disclose,orpermitaccesstoCPNItomarketserviceofferingsto acustomerthatrequireoptinoroptoutconsentofacustomerunder47C.F.R.64.2001et seq. (3)TheCompanydoesnotuse,discloseorpermitaccesstoCPNItoidentifyortrackcustomers thatcallcompetingserviceproviders. (4)Notwithstandingtheforgoing:ItistheCompanyspolicythattheCompanymayuse, disclose,orpermitaccesstoCPNItoprotecttherightsorpropertyoftheCompany,orto protectusersofthoseservicesandothercarriersfromfraudulent,abusive,orunlawfuluseof, orsubscriptionto,suchservices. C. Safeguards Required for the Use of CPNI (1)ItisthepolicyoftheCompanytotrainitsapplicablepersonnel,onthecircumstancesunder whichCPNImay,andmaynot,beusedordisclosed.ItisaviolationoftheCompanyspoliciesto discloseCPNIoutsideoftheCompany.Anyemployeethatisfoundtohaveviolatedthispolicy willbesubjecttodisciplinaryactionuptoandincludingtermination. (2)ItistheCompanyspolicytorequirethatarecordbemaintainedofitsownanditsaffiliates salesandmarketingcampaignsthatusetheircustomersCPNI.TheCompanymaintainsa recordofallinstanceswhereCPNIwasdisclosedorprovidedtootherthirdparties,orwhere thirdpartieswereallowedtoaccesssuchCPNI.Therecordincludesadescriptionofeach campaign,thespecificCPNIthatwasusedinthecampaign,andwhatproductsandservices wereofferedasapartofthecampaign.Suchrecordsareretainedforaminimumofoneyear.
(3)TheCompanyhasestablishedamandatorysupervisoryreviewprocessregarding compliancewithCPNIrulesforoutboundmarketing.Ifapplicable,salespersonnelmustobtain supervisoryapprovalofanyproposedoutboundmarketingrequestforcustomerapproval.The Companyspoliciesrequirethatrecordspertainingtosuchcarriercomplianceberetainedfora minimumperiodofoneyear. (4)IncompliancewithSection64.2009(e),theCompanywillprepareacompliancecertificate signedbyanofficeronanannualbasisstatingthattheofficerhaspersonalknowledgethatthe Companyhasestablishedoperatingproceduresthatareadequatetoensurecompliancewith 47C.F.R.64.2001etseq.Thecertificateistobeaccompaniedbythisstatementandwillbe filedinEBDocketNo.0636annuallyonMarch1,fordatapertainingtothepreviouscalendar year.Thisfilingwillincludeanexplanationofanyactionstakenagainstdatabrokersanda summaryofallcustomercomplaintsreceivedinthepastyearconcerningtheunauthorized releaseofCPNI.
D. Safeguards on the Disclosure of CPNI ItistheCompanyspolicytotakereasonablemeasurestodiscoverandprotectagainst attemptstogainunauthorizedaccesstoCPNI.TheCompanywillproperlyauthenticatea customerpriortodisclosingCPNIbasedoncustomerinitiatedtelephonecontactoronline access,asdescribedherein. (1)MethodsofAccessingCPNI. (a)TelephoneAccesstoCPNI.ItistheCompanyspolicytoonlydisclosecalldetaildata overthetelephone,basedoncustomerinitiatedtelephonecontact,ifthecustomerfirst providestheCompanywithapassword,asdescribedinSection(2),thatisnot promptedbythecarrieraskingforreadilyavailablebiographicaldata,oraccountdata.If thecustomerisabletoprovidecalldetaildatatotheCompanyduringacustomer initiatedcallwithouttheCompanysassistance,thentheCompanymaydiscussthecall detaildataprovidedbythecustomer.
(4)BusinessCustomerExemption TheCompanymaybinditselfcontractuallytoauthenticationregimesotherthanthose describedinthisSectionDforservicesitprovidestoitsbusinesscustomersthathavebotha dedicatedaccountrepresentativeandacontractthatspecificallyaddressestheCompany's protectionofCPNI. E. Notification of CPNI Security Breaches (1)ItistheCompanyspolicytonotifylawenforcementofabreachinitscustomers CPNIasprovidedinthissection.TheCompanywillnotnotifyitscustomersordisclosethe breachpubliclyuntilithascompletedtheprocessofnotifyinglawenforcementpursuantto paragraph(2). (2)Assoonaspracticable,andinnoeventlaterthanseven(7)businessdays,afterreasonable determinationofthebreach,theCompanywillelectronicallynotifytheapplicableUS governmentagenciessuchastheFederalBureauofInvestigation. (a)Notwithstandingstatelawtothecontrary,theCompanywillnotnotifycustomersor disclosethebreachtothepublicuntil7fullbusinessdayshavepassedafternotification toapplicableUSgovernmentagencies,exceptasprovidedinparagraphs(b)and(c). (b)IftheCompanybelievesthatthereisanextraordinarilyurgentneedtonotifyany classofaffectedcustomerssoonerthanotherwiseallowedunderparagraph(a),inorder toavoidimmediateandirreparableharm,itwillsoindicateinitsnotificationandmay proceedtoimmediatelynotifyitsaffectedcustomersonlyafterconsultationwiththe relevantinvestigationagency.TheCompanywillcooperatewiththerelevant investigatingagencysrequesttominimizeanyadverseeffectsofsuchcustomer notification.
(c)Iftherelevantinvestigatingagencydeterminesthatpublicdisclosureornoticeto customerwouldimpedeorcompromiseanongoingorpotentialcriminalinvestigation ornationalsecurity,theCompanywillcomplywithsuchagencyswrittendirectives, includingdirectivesnottosodiscloseornotifyforaninitialperiodofupto30days,and extendedperiodsasreasonablynecessaryinthejudgmentoftheagency. (3)AftertheCompanyhascompletedtheprocessofnotifyinglawenforcementpursuant toparagraph(2),itwillnotifyitscustomersofabreachofthosecustomersCPNI. (4)Recordkeeping.TheCompanywillmaintainarecord,electronicallyorinsomeother manner,ofanybreachesdiscovered,notificationsmadetotheUSSSandtheFBIpursuantto paragraph(2),andnotificationsmadetocustomers.Therecordwillinclude,ifavailable,dates ofdiscoveryandnotification,adetaileddescriptionoftheCPNIthatwasthesubjectofthe breach,andthecircumstancesofthebreach.TheCompanywillmaintaintherecordfora minimumof2years.