Privacy and the Commercial Use of Personal Information : The Case of Customer Proprietary Network Information

Recent efforts to regulate the use of Customer Proprietary Network Information (CPNI) attempt to address consumer concerns regarding privacy and possible fraudulent use of information. However, the FCC rulemaking issued earlier this year would do little to curtail illegal uses of CPNI. The FCC itself acknowledges that there is no evidence of unauthorized disclosures by the very entities it is regulating. Also, there is no evidence that the proposed security provisions improve on methods the telecom companies themselves already are using to prevent costumer data from being illegitimately obtained.Regulations restricting the sharing of CPNI with outside contractors or partners would impose substantial compliance costs. Businesses could be forced to in-source some functions, such as marketing, which could be more cheaply and effectively performed by a specialized firm. Some businesses may also choose to restructure or reorganize their companies in order to comply with the restrictions. The significant costs of restructuring would vary from company to company and could be unfairly influenced by existing discrepancies in regulation. This extra cost would ultimately be passed onto the consumer.Significant costs would also be incurred if businesses chose to make do with less information. Businesses would find it difficult to accurately tailor product marketing to consumers. Also, less information would be available for the successful development of new products to fit the needs of consumers. Consumers would lose out on these potential new services and would not be as informed about products already available. We conclude that the inefficiency created in the market by lack of free-flowing information would therefore harm businesses and consumers alike