Annual 47 C.F.R. 64.

2009(e) CPNI Certification Template

EB Docket 06-36
Annual 64.2009(e) CPNI Certification for 2015 covering the prior calendar year
2014
1.

Date filed: February 28, 2015

2.
Name of company(s) covered by this certification: Government of the
District of Columbia, Office of the Chief Technology Officer, DC-Net
3.

Form 499 Filer ID: 828278

4.

Name of signatory: Don Johnson

5.

Title of signatory: Director of DC-Net

6.

Certification:

I, Don Johnson, certify that I am an officer of the company named above, and
acting as an agent of the company, that I have personal knowledge that the
company has established operating procedures that are adequate to ensure
compliance with the Commissions CPNI rules. See 47 C.F.R. 64.2001 et seq.
Attached to this certification is an accompanying statement explaining how the
companys procedures ensure that the company is in compliance with the
requirements (including those mandating the adoption of CPNI procedures,
training, recordkeeping, and supervisory review) set forth in section 64.2001 et
seq. of the Commissions rules.
The company has not taken actions (i.e., proceedings instituted or petitions filed
by a company at either state commissions, the court system, or at the
Commission against data brokers) against data brokers in the past year.
The company has not received customer complaints in the past year concerning
the unauthorized release of CPNI.

The company represents and warrants that the above certification is consistent
with 47 C.F.R. 1.17, which requires truthful and accurate statements to the
Commission. The company also acknowledges that false statements and
misrepresentations to the Commission are punishable under Title 18 of the U.S.
Code and may subject it to enforcement action.

Signed _____________________________

Attachments:

Accompanying Statement explaining CPNI procedures

Explanation of actions taken against data brokers (not
applicable & not included)
Summary of customer complaints (not applicable & not
included)

STATEMENT OF THE DISTRICT OF COLUMBIA

OFFICE OF THE CHIEF TECHNOLOGY OFFICER, DC-NET
EXPLAINING CUSTOMER PROPRIETARY NETWORK INFORMATION (CPNI)
PROCEDURES
This statement accompanies the District of Columbia, Office of the Chief
Technology Officer, DC-Nets (DC-Net) 2014 Customer Proprietary Network
Information (CPNI) certification, as required by section of the Federal
Communications Commissions (FCC) rules, for the purpose of explaining how
DC-Nets operating procedures ensure compliance with Part 64, Subpart U of the
FCCs rules (47 CFR 64.2001 et. seq.).
DC-Net provides telecommunications service to government entities and nonprofit organizations and my access, use, or store CPNI when providing services
to these entities and organizations. DC-Net takes the following steps to ensure
compliance with the FCCs rules.
USE OF CPNI
It is the policy of the DC-Net not to use CPNI for any activity other than permitted
by applicable law. Any disclosure of CPNI to other parties (such as vendors and
agents) occurs only if it is necessary to conduct a legitimate business activity
related to the services already provided by DC-Net to the customer. Except in
instances where the DC-Net is required by law to the disclose CPNI, such as
through subpoenas or other request by law enforcement officials, or the intended
use is permitted by FCC rules, the DC-Net will first obtain the customers consent
prior to using or sharing CPNI.
IDENTIFICATION OF CPNI
DC-Net has established procedures and trained employees that have access to,
or occasion to use customer data, to identify what data is CPNI, consistent with
the definition of CPNI under Section 64.2003(g) and Section 222(f)(1) of the
Communications Act of 1934, as amended (47 USC 222(f)(1)).
DISCLOSURE OF CPNI
Pursuant to the District of Columbia Freedom of Information Act (FOIA), DC
Official Code Section 2-534, the DC-Net does not release CPNI data as a
general principle.
EMPLOYEE TRAINING POLICIES AND DISCIPLINARY PROCEDURES
All employees of the DC-Net are trained as to when they are, and are not,
authorized to release CPNI data under Section 64.2005. Through this training the
DC-Net has informed employees and agents that it considers compliance with

the Communications Act and FCC rules regarding the use, disclosure, and
access to CPNI not to be of the highest importance. Violation by DC-Net
employees or agents of such CPNI requirement will lead to disciplinary action.
USE OF CPNI IN SALES AND MARKETING CAMPAIGNS
DC-Net does not have a sales or marketing campaign that utilizes CPNI
information. However, if DC-Net implements such a campaign, it will implement a
system to obtain prior approval and informed consent from its customer in
accordance with the rules. If DC-Net initiates use of CPNI for marketing with
corresponding launch of a notification and Opt-Out process, the Company will
develop and utilize a system for maintaining readily accessible record of whether
and how customer has responded to Opt-Out approval as required by Section
64.2009(a). DC-Net will also initiate a supervisory review process to ensure
compliance with Section 64.2009(d) of the FCCs Part 64, Subpart U CPNI rules,
as well as record-keeping under Section 64.2009(c).

PROTECTION AGAINST DISCLOSURE OF CPNI

DC-Net has implemented procedures for compliance with Section 64.2010,
including, but not limited to the following:

Authentication of customers for disclosing CPNI on customer initiated

telephone contacts or business office visits.

DC-Net provides customers with online access to customer account

information controlled by a password.

DC-Net has implemented procedures to provide immediate notification to

customers of account changes, including changes in address of record
and attempts at access to CPNI through use of back-up methods due to
forgotten password.

THIRD PARTY USE OF CPNI

To safeguard CPNI, prior to allowing independent contractors access to
customers individually identifiable CPNI, DC-Net requires all such third parties
enter into a Non-disclosure Agreements that ensures compliance with this
statement of policy. DC-Net requires the express written authorization from the
customer prior to dispensing CPNI to new carriers, except as otherwise required
by law.

LAW ENFORCEMENT NOTIFICATION OF UNAUTHORIZED DISCLOSURE

DC-Net has adopted procedures to comply with Section 64.2011 for notifying law
enforcement of CPNI security breaches, as well as record-keeping and deferred
notification of customers. If any on authorized disclosure of CPNI occurs, the DCNet provides notification of the breach to the Metropolitan Police Department
and/or the Federal Bureau of Investigation.
ACTIONS TAKEN AGAINST DATA BROKERS AND RESPONSES TO
CUSTOMER COMPLAINTS
Pursuant to Section 64.2009, DC-Net makes the following statement of any
actions taken against data brokers and a summary of all customer complaints
received in the past year concerning the unauthorized release of CPNI:
Not Applicable. No actions were taken against data-brokers and no customer
complaints were received.
CONTACT INFORMATION
Individuals or entities that have questions about CPNI certification or the use of
CPNI by DC-Net may contact the District of Columbia Office of the Chief
Technology Officer General Counsel and FOIA Officer, Christina Fleps, at 202727-0619 or Christina.Fleps@dc.gov.
ANNUAL CPNI CERTIFICATION
Pursuant to FCC regulations, 47 CFR Section 64.20089(e), the District of
Columbia will annually submit to the FCC, prior to March 1, a CPNI certification
of compliance and accompanying statement regarding the DC-Nets CPNI
policies and operating procedures. These documents certify that the DC-Net
complied with federal laws and FCC regulations regarding the protection of CPNI
throughout the prior calendar year.