Privacy  

CTIA Position:
CTIA – The Wireless Association® and the wireless industry recognize that safeguarding confidential information is one of the most important obligations providers have to their customers. CTIA and its members are leaders in developing guidance aimed at preserving the two pillars of customers’ privacy rights – notice and consent.

CTIA and its members consistently have been at the forefront of policy and legislative efforts to maintain the privacy of wireless customers while balancing the need for legitimate access to a customer’s location information in emergencies and for law enforcement purposes, and to preserve the ongoing business relationship between wireless carriers and their customers. 

Congress has wisely targeted the theft, illegal sale and purchase of customers’ information rather than imposing new rules that would harm wireless customers by making it harder for them to obtain information about their accounts. Federal regulators should be encouraged to maintain the industry’s flexibility to address new privacy issues as wireless technology evolves and new consumer use patterns emerge, including protecting children’s online privacy and consumers’ rights to informed consent for location-based wireless services.

Key Points:

• Wireless Carriers Have Extensive Security Measures in Place.  
  The wireless industry is committed to protecting the privacy of their most valuable assets—their customers—and wireless carriers have deployed a variety of practices to thwart unauthorized access of Customer Proprietary Network Information (CPNI).
  • Consumer Code for Wireless Service. Wireless carriers subscribing to CTIA’s "Consumer Code for Wireless Service" have adopted and published their privacy policies. Those policies explain the carrier’s information practices to consumers, in accordance with applicable federal and state laws.
  • Training. Carriers spend thousands of hours training their service representatives to be responsive to customers and to screen callers that might be trying to trick the carrier into disclosing call records.
  • Billing System Controls. Wireless carriers require several steps to verify a customer’s identity when they request account information over the phone and online access is password-restricted, using passwords sent only to the customer using contact information established when an account is opened.
  • Fraud Investigation Units. Wireless carriers maintain security and fraud departments that are responsible for protecting customers’ privacy and work with law enforcement to combat the theft of CPNI and other customer data.
• As Location-Based Services Expand, CTIA Unveils News Guidelines to Protect Privacy.  
  CTIA and the wireless industry developed the “Best Practices and Guidelines for Location-Based Services” designed to promote and protect privacy of wireless customers’ location information. Released in 2008, the Guidelines were revised in 2010 to reflect the dynamic and constantly innovative nature of the wireless ecosystem and the latest developments in Location-Based Services (LBS).
  • CTIA and other interested groups revised the Guidelines with the goal of ensuring that customers are fully informed and give proper consent to protect their privacy. What changed in less than two years? More open platforms and rapid consumer adoption of smart phones have combined with increased use of GPS-enabled location-based service applications that can be downloaded to a handset and enabled without any involvement by a wireless carrier.
  • The Guidelines recognize that multiple entities can play a role in the delivery of a single LBS application, and that the responsibility for providing customers’ notice and obtaining their consent rests on the LBS providers.
  • LBS providers can include wireless carriers, social networking services and application software developers such as mapping services. When device account holders download or use a LBS app, the LBS providers are obligated to inform them about the nature of the app and to obtain consumers’ consent to the collection, storage and use of their location information.
  • The Guidelines do not apply to location information used or disclosed as authorized or required by applicable law to respond to emergencies, such as E911, or legal process; to protect the rights and property of LBS providers and users, for testing and maintenance of normal network or LBS operations, and for aggregated or anonymous data collection.
• Privacy Concerns About Wireless Use by Children Are Addressed by FCC Oversight and Industry Efforts. 
  Wireless services now offer access to the public Internet and to websites whose content is covered by the FTC’s implementation of the Children’s Online Privacy Protection (COPPA) Rule. However, children’s privacy is already being addressed by active industry self-regulation and FCC oversight governing short message service (SMS) text messaging.
  • Wireless carriers already operate using consent requirements and opt-out provisions (which parents can utilize on their children’s devices under “family plans”) on commercial SMS text messaging under the Telephone Consumer Protection Act (TCPA), and those “calls” include text messages sent to wireless phone numbers.
• Privacy Rules Should Not Impede Communications Between Wireless Carriers and Their Customers. 
  CTIA fully supports the goal of preventing telemarketing calls to consumers, who do not wish to receive such calls. However, it is in consumers’ interests to maintain free-to-the-end-user autodialed calls or prerecorded messages from their wireless carriers to provide such important account information such as usage alerts about their voice, data and text services. In fact, restricting a carrier’s ability to contact customers regarding their service would contradict the FCC’s efforts to encourage consumer education about wireless services.

Last Updated: November 2010