Statement Concerning the Protection of Customer Proprietary Network

Information and Explanation of How the Companys Procedures Ensure

Compliance With FCC Rules
Mox Networks, LLC, ("Company") provides dark fiber and dedicated transport services
to other carriers and large enterprise customers on a customized, private service provider
basis. The Company does not provide dial-tone services, nor does it provide any services
on a common carrier basis.
The Company possesses limited information about its telecommunications customers,
namely: (i) the locations of their connections to the Companys network; and (ii) the
number or capacity of any leased dark fiber or transport service. Although the
Companys telecommunications customers may route retail telephone calls through the
Companys system, the Company cannot and does not receive any data about such calls.
The Company does not know the identity of any callers, telephone numbers, length of
call, or any other information about the data routed through its system.
The following summary describes the Companys policies of that are designed to protect
the confidentiality of Customer Proprietary Network Information (CPNI) and to assure
compliance with the rules of the Federal Communications Commission (FCC) set forth
in 47 C.F.R. Part 64, Subpart U, Section 2001 et seq. when and to the extent the
Company gains access to end user CPNI. CPNI is (A) information that relates to the
quantity, technical configuration, type, destination, location, and amount of use of a
telecommunications service subscribed to by any customer of a telecommunications
carrier, and that is made available to the carrier by the customer solely by virtue of the
carrier-customer relationship; and (B) information contained in the bills pertaining to
telephone exchange service or telephone toll service received by a customer of a carrier.
I. USE, DISCLOSURE OF, AND ACCESS TO, CPNI
The Company will use, disclose, or permit access to CPNI only in its provision of the
communications service from which such information is derived; for services necessary
to, or used in, the provision of such communications service, including activities to
initiate, render, bill and collect for telecommunications services; to protect the rights or
property of the Company, or to protect users or other carriers or service providers from
fraudulent, abusive or unlawful use of, or subscription to, such services; to market
services within the category or categories of services to which the customer already
subscribes; to provide installation, maintenance, or repair services; as required by law; or
as expressly authorized by the customer.
The Company does not use CPNI to market service offerings among the different
categories of service, or even within the same category of service, that it provides to
customers. Companys marketing department does not have access to customers CPNI.
Although current Company policy is not to use CPNI in marketing, if such use is
approved in the future, Company will modify these policies and conduct additional
training as needed to assure compliance with the FCCs rules.

Company does not use, disclose or permit access to CPNI to identify or track customers
that call competing service providers.
When Company receives or obtains proprietary information from another carrier for
purposes of providing a telecommunications service, it shall use such information only
for such purpose, and shall not use such information for its own marketing efforts.
The Company trains its personnel in relation to these privacy policies and procedures,
and, in particular, when personnel are and are not permitted to use CPNI. The Company
has established disciplinary procedures, including and up to termination, for violations of
these policies and procedures.
II. SAFEGUARDS AGAINST DISCLOSURE OF CPNI TO UNAUTHORIZED
PARTIES
The Companys services are provided exclusively to other carriers and enterprise
customers. All customers are served by a dedicated account representative and our
customer contracts contain confidentiality requirements for all customer confidential
information.
A. Inbound Calls requesting CPNI
The Company does not provide CPNI in response to requests from inbound callers. If the
Company should decide to offer such access in the future, it will comply with the FCC's
requirements for authentication of caller identity prior to disclosing CPNI, including Call
Detail Information.
B. Online Access to CPNI
The Company does not offer customers the ability to access CPNI by means of online
accounts. If the Company should decide to offer such access in the future, it will comply
with the FCC's requirements for password protection of such accounts.
C. In-Person Disclosure of CPNI at Retail Locations
The Company does not have any retail offices.
D. Notice of Account Changes
An address of record may only be changed in accordance with the legal notice provisions
in the customer contract.
E. Additional Safeguards
Above and beyond the specific FCC requirements, the Company will take reasonable
measures to discover and protect against attempts to gain unauthorized access to CPNI.

The FCC's rules require carriers on an ongoing basis to "take reasonable measures to
discover and protect against activity that is indicative of pretexting." If any employee
becomes aware of new methods that are being used or could be used by third parties to
attempt to obtain unauthorized access to CPNI, or of possible changes to the Companys
existing policies that would strengthen protection of CPNI, they should report such
information immediately to the company's executive officers so that the Company may
evaluate whether existing policies should be supplemented or changed.
III. REPORTING CPNI BREACHES TO LAW ENFORCEMENT
If a breach of CPNI occurs, as soon as practicable, and in no case later than seven (7)
business days upon learning of a breach, the Company will notify the U.S. Secret Service
and the FBI by electronic means, as required by FCC regulations. The Company will not
notify customers or disclose a breach to the public until seven (7) business days have
passed after notification to the U.S. Secret Service and the FBI, unless it believes there is
an extraordinarily urgent need to notify customers before seven (7) business days in order
to avoid immediate and irreparable harm. In that instance, it will only notify such
customers after consultation with the relevant investigating agency and will cooperate
with the agency's request to minimize any adverse effects of the customer notification. If
the Company receives no response from law enforcement after the seventh full business
day, it will promptly proceed to inform the customers whose CPNI has been disclosed of
the breach.
IV. RECORD RETENTION
The Company will maintain for at least two (2) years a record, electronically or in some
other manner, of any breaches discovered, notifications made to the U.S. Secret Service
and the FBI pursuant to these procedures, and notifications of breaches made to
customers. The record must include, if available, dates of discovery and notification, a
detailed description of the CPNI that was the subject of the breach, and the circumstances
of the breach.