October 25, 2023 FCC FACT SHEET* Supporting Survivors of Domestic and Sexual Violence Report and Order – WC Docket Nos. 22-238, 11-42, 21-450 Background: This Report and Order, if adopted, would establish rules implementing the Safe Connections Act of 2022, taking significant steps to improve access to communications services for survivors of domestic abuse and related crimes. Reliable, safe, and affordable connectivity is critical to survivors in, or leaving, a relationship involving domestic violence and other related crimes or abuse. It can assist them in leaving their abusers and finding and maintaining contact with safe support networks, without fear of sensitive information being revealed to their abusers. Survivors whose devices and associated telephone numbers are part of multi-line or shared plans with their abuser, however, can face difficulties separating lines from such plans and maintaining affordable service. What the Report and Order Would Do: • Adopt rules to implement the line separation provisions in the Safe Connections Act that allow survivors to separate a mobile phone line from an abuser. The rules largely track the statutory language, with key additions and clarifications to address privacy, account security, fraud detection, and operational or technical infeasibility. The Report and Order would also: o Establish requirements regarding the information that survivors must submit to request a line separation and the options providers must offer when survivors are making a line separation request; o Set requirements regarding communications with consumers and survivors, and provide restrictions on various practices in connection with line separation requests; o Require covered providers to train employees who may interact with survivors on how to assist them or direct them to other employees who have received such training; and o Delineate the financial responsibilities for the monthly service costs and mobile device following a line separation, and establish a compliance date six months after the effective date of the Report and Order. • To protect the privacy of calls and texts to hotlines, require covered providers and wireline, fixed wireless, and fixed satellite providers of voice service to: (1) omit from consumer-facing logs of calls and text messages any records of calls or text messages to covered hotlines in the central database established by the Commission; and (2) maintain internal records of calls and text messages excluded from consumer-facing logs of calls and text messages. Providers are generally given 12 months to comply with these requirements, except that small service providers are given 18 months. • Designate the Lifeline program to support emergency communications service for survivors that have pursued the line separation process and are suffering a financial hardship. The Report and Order would direct the FCC’s administrator of the Lifeline program, the Universal Service Administrative Company, to develop processes to allow survivors experiencing financial hardship to apply for and enroll in the Lifeline program, and to transition survivors from emergency communications support at the end of the six-month emergency support period mandated by the Safe Connections Act. * This document is being released as part of a “permit-but-disclose” proceeding. Any presentations or views on the subject expressed to the Commission or its staff, including by email, must be filed in WC Docket Nos. 22-238, 11- 42, 21-450, which may be accessed via the Electronic Comment Filing System (https://www.fcc.gov/ecfs/). Before filing, participants should familiarize themselves with the Commission’s ex parte rules, including the general prohibition on presentations (written and oral) on matters listed on the Sunshine Agenda, which is typically released a week prior to the Commission’s meeting. See 47 CFR § 1.1200 et seq. Federal Communications Commission FCC-CIRC2311-02 Before the Federal Communications Commission Washington, D.C. 20554 In the Matter of ) ) Supporting Survivors of Domestic and Sexual ) WC Docket No. 22-238 Violence ) ) Lifeline and Link Up Reform Modernization ) WC Docket No. 11-42 ) Affordable Connectivity Program ) WC Docket No. 21-450 REPORT AND ORDER* Adopted: [] Released: [] By the Commission: TABLE OF CONTENTS I. INTRODUCTION .................................................................................................................................. 1 II. BACKGROUND .................................................................................................................................... 2 III. DISCUSSION ........................................................................................................................................ 6 A. Separation of Lines from Shared Mobile Service Contracts ............................................................ 6 1. Definitions ................................................................................................................................. 7 2. Submission of Line Separation Requests ................................................................................ 26 3. Requirement to Separate Lines Upon Request ........................................................................ 50 4. Notice to Consumers ............................................................................................................... 80 5. Prohibited Practices in Connection with Line Separation Requests ........................................ 83 6. Financial Responsibilities and Account Billing Following Line Separations ......................... 89 7. Effects on Other Laws and Regulations .................................................................................. 96 8. Implementation ...................................................................................................................... 102 B. Ensuring the Privacy of Calls and Text Messages to Domestic Abuse Hotlines ......................... 105 1. Creating an Obligation to Protect the Privacy of Calls and Text Messages to Covered Hotlines ................................................................................................................................. 106 2. Definitions ............................................................................................................................. 117 3. Creating and Maintaining the Central Database of Hotlines ................................................. 131 4. Using the Central Database of Hotlines ................................................................................ 137 C. Emergency Communications Support for Survivors ................................................................... 150 * This document has been circulated for tentative consideration by the Commission at its November open meeting. The issues referenced in this document and the Commission’s ultimate resolution of those issues remain under consideration and subject to change. This document does not constitute any official action by the Commission. However, the Chairwoman has determined that, in the interest of promoting the public’s ability to understand the nature and scope of issues under consideration, the public interest would be served by making this document publicly available. The FCC’s ex parte rules apply and presentations are subject to “permit-but-disclose” ex parte rules. See, e.g., 47 C.F.R. §§ 1.1206, 1.1200(a). Participants in this proceeding should familiarize themselves with the Commission’s ex parte rules, including the general prohibition on presentations (written and oral) on matters listed on the Sunshine Agenda, which is typically released a week prior to the Commission’s meeting. See 47 CFR §§ 1.1200(a), 1.1203. Federal Communications Commission FCC-CIRC2311-02 1. The Designated Program for Emergency Communications Support .................................... 151 2. Defining Financial Hardship ................................................................................................. 159 3. Program Application and Enrollment .................................................................................... 166 4. Additional Program Concerns ............................................................................................... 173 IV. PROCEDURAL MATTERS .............................................................................................................. 181 V. ORDERING CLAUSES ..................................................................................................................... 187 APPENDIX A – FINAL RULES APPENDIX B – FINAL REGULATORY FLEXIBILITY ANALYSIS I. INTRODUCTION 1. Today we take action to protect survivors of domestic violence and ensure they are able to maintain critical access to reliable, safe, and affordable connectivity. Such connectivity permits survivors to contact family and friends, and seek help through services such as domestic abuse hotlines without fear of reprisals. These measures will help survivors whose devices and associated telephone numbers are shared with abusers and who can face difficulties separating lines from such plans and maintaining affordable service. At the same time, survivors may be reluctant to call support services such as hotlines for fear of the call log exposing the call to an abuser. Survivors may also experience financial hardship as a result of leaving a relationship with an abuser. By this Report and Order, we work to relieve these challenges and implement the Safe Connections Act of 2022 (Safe Connections Act or SCA).1 We believe that the measures we adopt today will aid survivors who need meaningful support and communications options when establishing independence from an abuser.2 II. BACKGROUND 2. Domestic violence remains a significant safety and public health issue that results in individual harm and societal costs, affecting not just survivors but also their families, friends, and colleagues.3 More than one in three women and one in four men in the United States will experience some form of domestic violence during their lifetimes,4 and every year, domestic violence will affect more than 12 million people.5 3. Multi-line shared mobile service contracts present unique challenges for survivors of domestic violence seeking to maintain essential connectivity while distancing themselves from their abusers.6 Such plans can allow the account holder (who may be the abuser) to monitor a survivor’s calls and text messages, including to domestic abuse hotlines or other lines of support, and the precise location of the device that the survivor uses.7 It can sometimes be difficult for a survivor to separate a mobile 1 Safe Connections Act of 2022, Pub. L. No. 117-223, 116 Stat. 2280 (Safe Connections Act or SCA). 2 See Safe Connections Act § 3. 3 See Lifeline and Link Up Reform and Modernization; Affordable Connectivity Program; Supporting Survivors of Domestic and Sexual Violence, WC Docket Nos. 11-42, 21-450, 22-238, Notice of Inquiry, 37 FCC Rcd 8964, 8965-67, paras. 4-7 (2022) (Notice of Inquiry); Safe Connections Act § 3(1) (noting that “[d]omestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have last and harmful effects on individuals, families, and entire communities”); N.Y. State Off. for the Prevention of Domestic Violence (NYS OPDV) Comments at 2. 4 National Domestic Violence Hotline, Domestic Violence Statistics, https://www.thehotline.org/stakeholders/domestic-violence-statistics (last visited Aug. 22, 2023). 5 Id. 6 Supporting Survivors of Domestic and Sexual Violence et al., WC Docket Nos. 22-238 et al., Notice of Proposed Rulemaking, FCC 23-9, at 3, para. 5 (Feb. 17, 2023) (Safe Connections Notice). 7 See, e.g., AT&T, Access Digital Home Phone Call History, https://www.att.com/support/article/u-verse- voice/KM1001418 (last visited Aug. 22, 2023); AT&T, Location Tracking with AT&T Secure Family, (continued….) 2 Federal Communications Commission FCC-CIRC2311-02 service line (and associated device) from a shared mobile service plan, particularly when that shared plan is controlled by the abuser.8 Furthermore, if a domestic violence survivor is considering initiating a communications service of their own, or leaving a family plan controlled by their abuser, affordability may be a key factor. Personal safety and economic security are often closely tied for survivors.9 One survey found that 83% of survivors of intimate partner violence reported that their abusive partners disrupted their ability to work.10 In that same survey, 70% of survivors reported not being able to have a job when they wanted or needed one, and 53% lost at least one job as a result of the abuse.11 4. Safe Connections Act. In recognition of the fact that communications services are vital to survivors’ efforts to maintain essential connections with family, social safety networks, employers, and support services,12 Congress enacted the Safe Connections Act in November of 2022 to ensure survivors can separate from abusers without losing independent access to their mobile service plan.13 The SCA amends the Communications Act of 1934 (Communications Act) to require mobile service providers to separate the line of a survivor of domestic violence (and other related crimes and abuse), and any individuals in the care of the survivor, from a mobile service contract shared with an abuser within two business days after receiving a request from the survivor.14 The SCA also directs the Commission to issue rules, within 18 months of the statute’s enactment, implementing the line separation requirement.15 Additionally, the SCA requires the Commission to designate either the Lifeline program16 or Affordable (Continued from previous page) https://www.att.com/support/article/wireless/KM1299008 (last visited Aug. 22, 2023); Comcast, View and Download Xfinity Voice Call History, https://www.xfinity.com/support/articles/check-voicemail-xfinity-connect (last visited Aug. 22, 2023); Ooma, Call Logs, https://support.ooma.com/home/call-logs (last visited Aug. 22, 2023); T-Mobile, T-Mobile FamilyWhere App, https://www.t-mobile.com/support/plans-features/t-mobile-familywhere-app (last visited Aug. 22, 2023); Verizon, Verizon SmartFamily FAQs, https://www.verizon.com/support/verizon-smart- family-faqs (last visited Aug. 22, 2023). 8 Safe Connections Act § 3(2)-(3). 9 Safe Connections Notice at 4, para. 7. 10 See Cynthia Hess & Alona Del Rosario, Dreams Deferred: A Survey on the Impact of Intimate Partner Violence on Survivors’ Education, Careers, and Economic Security at 23 (2020), https://iwpr.org/wp- content/uploads/2020/09/C475_IWPR-Report-Dreams-Deferred.pdf. 11 Id. 12 NYS OPDV Comments at 2 (“[A]ccess to safe technology is a primary means for survivors to attain and maintain economic and financial stability. . . . Connectivity is critical to survivors in need of accessing emergency responders, and mental health support for themselves and their children while planning for futures free from abuse. The lack of connectivity greatly diminishes a survivor’s ability to apply for jobs, find affordable housing, access public benefits, attend virtual court hearings and receive telehealth services.”); Network of Victims Recovery of DC (NVRDC) Notice of Inquiry Comments at 2 (noting that “the ability to privately access external service providers and support organizations, or law enforcement, can be the critical determining factor in whether a survivor is able to break free from the cycle-of-abuse”). 13 Safe Connections Act § 3(4) (finding that “independent access to a wireless phone plan can assist survivors in establishing security and autonomy”). 14 Safe Connections Act § 4 (adding section 345 to the Communications Act, 47 U.S.C. § 345). 15 Safe Connections Act § 5(b)(1)(A). 16 The Lifeline program currently offers qualifying low-income consumers discounts on fixed or mobile voice or broadband Internet access service, as well as on bundled service. 47 CFR § 54.401. Qualifying low-income consumers can receive a $9.25 monthly discount on Lifeline-supported broadband Internet access service or a $5.25 monthly discount on Lifeline-supported voice service. See 47 CFR § 54.403(a)(1)-(2). Lifeline consumers residing on qualifying Tribal lands can receive up to a $34.25 monthly discount on Lifeline-supported service. 47 CFR § 54.400(e); 47 CFR § 54.403(a)(3). 3 Federal Communications Commission FCC-CIRC2311-02 Connectivity Program (ACP)17 as the vehicle for providing survivors suffering financial hardship with emergency communications support for up to six months.18 Further, the legislation requires the Commission to open a rulemaking within 180 days of enactment to consider whether to, and how the Commission should, establish a central database of domestic abuse hotlines to be used by service providers and require such providers to omit, subject to certain conditions, any records of calls or text messages to the hotlines from consumer-facing call and text message logs.19 5. Safe Connections Notice of Proposed Rulemaking. On February 16, 2023, the Commission adopted a Notice of Proposed Rulemaking (Safe Connections Notice) to begin the process of implementing the SCA, which provides important statutory support for specific measures to benefit survivors. The Safe Connections Notice sought comment on proposed rules that would help survivors separate service lines from accounts that include their abusers, protect the privacy of calls made by survivors to domestic abuse hotlines, and support survivors that pursue line separation requests and face financial hardship through the Commission’s affordability programs. The Commission received comments from a wide range of parties, including governmental entities, domestic violence survivor advocacy organizations, consumer groups, and voice service providers. III. DISCUSSION A. Separation of Lines from Shared Mobile Service Contracts 6. We adopt rules to codify and implement the line separation provisions in the SCA.20 Our rules largely track the statutory language, with key additions and clarifications to address privacy, account security, and fraud detection; operational or technical infeasibility; implementation timelines; and compliance with other laws. 1. Definitions 7. In order to implement the SCA’s line separation requirements, we adopt definitions for the terms listed in new section 345 of the Communications Act, as added by the SCA, including “covered act,” “survivor,” “abuser,” “covered provider,” “shared mobile services contract,” and “primary account holder.” We discuss each definition below. 8. Covered Act. As proposed in the Safe Connections Notice, we define “covered act” as conduct that constitutes (1) a crime described in section 40002(a) of the Violence Against Women Act of 1994 (34 U.S.C. § 12291(a)), including, but not limited to, domestic violence, dating violence, sexual assault, stalking, and sex trafficking; (2) an act or practice described in paragraph (11) or (12) of section 103 of the Trafficking Victims Protection Act of 2000 (22 U.S.C. § 7102) (relating to severe forms of trafficking in persons and sex trafficking, respectively); or (3) an act under State law, Tribal law, or the Uniform Code of Military Justice that is similar to an offense described in clause (1) or (2) of this paragraph.21 17 The ACP offers eligible low-income households a monthly discount for broadband service of up to $30 per household or up to $75 for households on qualifying Tribal lands, and a one-time discount on a connected device. See Affordable Connectivity Program, Emergency Broadband Benefit Program, WC Docket Nos. 21-450 and 20- 445, Report and Order and Further Notice of Proposed Rulemaking, 37 FCC Rcd 484 (2022) (ACP Order); 47 CFR § 54.1803(a). For the purposes of the ACP, a connected device is defined as a laptop, desktop computer, or a tablet, and excludes cellular phones, smartphones, and tablets with cellular calling capabilities. ACP Order, 37 FCC Rcd at 538-39, paras. 110-12. 18 Safe Connections Act § 5(b)(1), (2). 19 Safe Connections Act § 5(b)(3). 20 47 U.S.C. § 345(b)(1). 21 Safe Connections Notice at 9, para. 20; Appx. A, § 64.6400(e). No commenter objected to our proposal. 4 Federal Communications Commission FCC-CIRC2311-02 9. As we noted in the Safe Connections Notice, this definition is identical to the statutory definition, except that we add the phrase “but not limited to” in describing the crimes covered by the first clause.22 Although the SCA defines “covered act” as “a crime described” in section 40002(a) of the Violence Against Women Act “including domestic violence, dating violence, sexual assault, stalking, and sex trafficking,”23 it does not say that only those listed crimes may be included. Section 40002(a) of the Violence Against Women Act of 1994 describes a number of additional crimes and abuses beyond those enumerated in the SCA’s definition, including abuse in later life, child abuse and neglect, child maltreatment, economic abuse, elder abuse, female genital mutilation or cutting, forced marriage, and technological abuse.24 We find that the best reading of the definition of “covered act” in the SCA includes all crimes listed in section 40002(a); we see no reason why Congress would choose to protect only a subset of survivors of these crimes. We further find that the second clause of the definition of “covered act” in the SCA, which identifies specific subsections (“an act or practice described in paragraph (11) or (12) of section 103 of the Trafficking Victims Protection Act of 2000”) also supports our analysis because in contrast, the first clause of the definition of “covered act” does not limit the definition to specific subsections of section 40002(a) of the Violence Against Women Act. 10. Consistent with the SCA, we conclude that a criminal conviction or any other determination of a court is not required for conduct to constitute a covered act.25 The SCA separately addresses the evidence needed to establish that a covered act has been committed or allegedly committed. We address those requirements below. 11. Survivor. We track the statutory language and define “survivor” as an individual who is not less than 18 years old and either (1) against whom a covered act has been committed or allegedly committed; or (2) who cares for another individual against whom a covered act has been committed or allegedly committed (provided that the individual providing care did not commit or allegedly commit the covered act).26 Although we share the concerns raised by Asian Pacific Institute on Gender-Based Violence (API-GBV) and the National Domestic Violence Hotline (NDVH) that emancipated minors would not be covered by the statutory definition because they are neither age 18 or older nor likely to be in the care of an individual age 18 or older,27 the term “survivor” is unambiguously defined by the SCA to 22 Id. 23 See 47 U.S.C. § 345(a)(2). 24 We note that API-GBV recommended that the Commission clarify that the term “covered act” is not limited to criminal behavior, asserting that the “referenced provisions are not only crimes, but include or [sic] ‘acts’ or ‘behavior’ similar to mentioned crimes, and severe forms of trafficking, which can include crimes as well as acts that do not constitute a crime.” API-GBV Comments at 2. Apart from API-GBV’s comments, the record lacks any further input on this issue. Because no industry commenter raised concerns with implementing this provision of the SCA, we find it unnecessary to provide further guidance or clarification at this time. 25 47 U.S.C. § 345(a)(2)(B); see Safe Connections Notice at 10, para. 22; see also API-GBV Comments at 2 (“API- GBV applauds guidance that specifies that a criminal conviction or any other determination of a court not be required for conduct to constitute a covered act.”); Knight Comments at 2 (“Any provision requiring [a criminal conviction or court determination] for any portion of this act would tend to exclude a large population the Act intends to protect as majority of survivors never seek legal intervention.”); NYS OPDV Comments at 3 (“We also agree that a criminal conviction should not be required for conduct to constitute a covered act.”). 26 47 U.S.C. § 345(a)(6); Appx. A, § 64.6400(m). 27 See National Domestic Violence Hotline Comments at 1 (“Not considering the needs of those experiencing abuse and under the age of 18 creates a significant void, and without options for cellular services may in fact reinforce a dependency on the abusive partner.”); API-GBV Comments at 3 (recommending inclusion of individuals who are less than 18 years old by are emancipated under state, territorial, or Tribal law who have experienced harm in the definition of “survivor”). Emancipated minors may generally legally engage in actions typically reserved for adults without parental consent or notice, including but not limited to consenting to personal healthcare, entering into contracts, bringing suit and being sued, establishing residency, purchasing and selling property, and marrying. See, (continued….) 5 Federal Communications Commission FCC-CIRC2311-02 only include “individual[s] who [are] not less than 18 years old,” and we do not believe that the SCA otherwise provides us with the authority to extend the scope of that definition.28 Regardless, we strongly encourage covered providers to treat legally emancipated minors as though they are survivors if they meet the SCA’s criteria but for their age, and offer them the full scope of protections under the SCA. 12. As we observed in the Safe Connections Notice, the statutory language describing a survivor as an individual “who cares for another individual” against whom a covered act has been committed or allegedly committed is broad.29 We conclude that this phrase should be understood to encompass: (1) any individuals who are part of the same household, as defined in section 54.400 of the Commission’s rules30; (2) parents or guardians of minor children even if the parents and children live at different addresses; (3) those who care for another individual by valid court order or power of attorney; and (4) an individual who is the parent, guardian, or caretaker of a person over the age of 18 upon whom an individual is financially or physically dependent.31 The record generally supports a broad interpretation of the phrase “who cares for,” while noting the need to provide clear and certain guidance to providers.32 We disagree with the NDVH’s assertion that our proposed interpretation would have prevented a person who does not live in the same household from claiming survivor status if a covered act were not directly committed against them,33 but we nonetheless make explicit that we interpret this provision to include those individuals who are the parent, guardian, or caretaker of a person over the age of 18 upon whom an individual is financially or physically dependent (e.g., a non-minor child financially dependent on his or her parents or guardians, but who no longer lives at the same address). We find that this interpretation appropriately balances the needs of survivors to have meaningful access to line separations and clarity for providers for administrability and fraud deterrence. (Continued from previous page) e.g., Va. Code § 16.1-334; Cal. Fam. Code § 7050; Tex. Fam. Code § 31.006. Legally emancipated minors have many of the same rights and responsibilities as individuals who are 18 or older, including the ability to legally contract for telecommunications services, and in that regard, the status of such individuals is akin to “an individual who is not less than 18 years old.” Safe Connections Act § 3(2). 28 47 U.S.C. § 345(a)(6). 29 See Safe Connections Notice at 10, para. 24; 47 U.S.C. § 345(a)(6)(B). 30 47 CFR § 54.400(h) (“A ‘household’ is any individual or group of individuals who are living together at the same address as one economic unit. A household may include related and unrelated persons. An ‘economic unit’ consists of all adult individuals contributing to and sharing in the income and expenses of a household. An adult is any person eighteen years or older. If an adult has no or minimal income, and lives with someone who provides financial support to him/her, both people shall be considered part of the same household. Children under the age of eighteen living with their parents or guardians are considered to be part of the same household as their parents or guardians.”). 31 See API-GBV Comments at 3 (supporting the Commission’s proposed determination of what circumstances cover “care for”). 32 See NDVH Comments at 2 (“We support a broad statutory interpretation of the legislative text. Upon consulting with our partners at the National Resource Center on Domestic Violence we believe the definition of “care for” should not be narrowed and should be allowed to be survivor centered.”); CCA Comments at 3 (noting that “the best solution is for the Commission to provide clear guidance for all carriers to follow”). In the Safe Connections Notice, we tentatively concluded that “the Safe Connections Act contemplates that an individual who is the parent, guardian, or caretaker of a person over the age of 18 qualifies as someone who provides care for another person and, thus, as a “survivor” when a covered act is committed against the person for whom the individual cares.” Safe Connections Notice at 10-11, para. 25. 33 Id. 6 Federal Communications Commission FCC-CIRC2311-02 13. We decline, however, to adopt NDVH’s proposal to include emotional care within the meaning of “care for”34 as we find that doing so would be difficult to administer and could raise account security risks.35 The record does not evince any examples of laws or regulations in which the phrase “cares for” is used to connote emotional caring, and as such we have no basis for finding that Congress intended this provision to be interpreted to include such circumstances. 14. We decline to mandate that covered providers establish a process for individuals age 18 or older who are considered in the care of another person to object to a line separation request made on their behalf.36 We agree with Verizon that an objection process could “hinder a wireless provider’s ability to timely effectuate [a line separation request] within the two-business day period, put the wireless provider in an untenable position of uncertainty as to whether an otherwise valid line separation request should move forward, or both.”37 15. Abuser. As proposed in the Safe Connections Notice, we define “abuser” for purposes of our rules as an individual who has committed or allegedly committed a covered act against (1) an individual who seeks relief under section 345 of the Communications Act and the Commission’s implementing rules; or (2) an individual in the care of an individual who seeks relief under section 345 of the Communications Act and the Commission’s implementing rules,38 mirroring the substance of the SCA.39 No commenters objected to our proposed definition. As we explained in the Safe Connections Notice, we do not intend our definition to serve as independent evidence of, or establish legal liability in regards to, any alleged crime or act of abuse, and adopt this definition only for purposes of implementing the SCA.40 16. Covered Provider. Consistent with the SCA, we define “covered provider” as a provider of “a private mobile service or commercial mobile service, as those terms are defined in 47 U.S.C. 332(d).”41 No commenters objected to the Safe Connections Notice’s proposal to adopt such a definition.42 Section 332(d) defines “commercial mobile service” as “any mobile service (as defined in [47 U.S.C. § 153]) that is provided for profit and makes interconnected service available (A) to the public or (B) to such classes of eligible users as to be effectively available to a substantial portion of the public, as specified by regulation by the Commission,”43 and defines “private mobile service” as “any mobile 34 NDVH Comments at 2 (proposing that “care for” mean “an individual who provides physical, emotional, or financial care to another individual, which supports that person’s ability to sustain or perform tasks related to their physical or household well-being and care”) (emphasis added). 35 See Safe Connections Act § 5(b)(1)(B)(ii), (xii) (directing the Commission to consider, among other things, account security and fraud detection and ensuring covered providers have the necessary account information to comply with the rules). 36 See Safe Connections Notice at 10-11, para. 25 (seeking comment whether certain persons over the age of 18 who are in the care of another individual should be permitted to object to a line separation request that is made by a survivor who cares for them on their behalf). 37 Verizon Comments at 6-7. 38 47 U.S.C. § 345(a)(1); Appx. A, § 64.6400(a). 39 Safe Connections Notice at 9, paras. 20-21. For clarification purposes, we changed “under subsection (b)” in both clauses to “under section 345 of the Communications Act and the Commission’s implementing rules.” 40 See API-GBV Comments at 2; NY Office for the Prevention of Domestic Violence Comments at 4 (concurring with the proposed definition and agreeing that the definition is not intended to create legal liability). 41 Appx. A, § 64.6400(g); see 47 U.S.C. § 345(a)(3). 42 Safe Connections Notice at 11, para. 27. 43 47 U.S.C. § 332(d)(1). Section 3 of the Communications Act defines “mobile service” as “a radio communication service carried on between mobile stations or receivers and land stations, and by mobile stations communications among themselves, and includes (A) both one-way and two-way radio communications services, (B) a mobile (continued….) 7 Federal Communications Commission FCC-CIRC2311-02 service (as defined in [47 U.S.C. § 153]) that is not a commercial mobile service or the functional equivalent of a commercial mobile service, as specified by regulation by the Commission.”44 We find that the line separation obligations apply to all providers of commercial mobile service or private mobile service, as the Commission might interpret and apply those definitions, regardless of the underlying technology used to provide the service (e.g., whether provided through land, mobile, or satellite stations).45 17. Consistent with the Commission’s proposal, we conclude that covered providers include both facilities-based mobile network operators and resellers/mobile virtual network operators (MVNOs).46 No commenters objected to this proposal, and several concurred.47 The record indicates that for some MVNOs, the underlying facilities-based provider may have control over some parts of, or all of, the systems and infrastructure necessary to effectuate line separations.48 Therefore, we find that to the extent that an MVNO relies upon an underlying facilities-based provider to effectuate line separations, the (Continued from previous page) service which provides a regularly interacting group of base, mobile, portable, and associated control and relay stations (whether licensed on an individual, cooperative, or multiple basis) for private one-way or two-way land mobile radio communications by eligible users over designated areas of operation, and (C) any service for which a license is required in a personal communications service established pursuant to the proceeding entitled ‘Amendment to the Commission’s Rules to Establish New Personal Communications Services’ (GN Docket No. 90– 314; ET Docket No. 92–100), or any successor proceeding.” 47 U.S.C. § 153(33). Section 332(d) defines “interconnected service” as “service that is interconnected with the public switched network (as such terms are defined by regulation by the Commission) or service for which a request for interconnection is pending pursuant to [section 332(c)(1)(B)].” 47 U.S.C. § 332(d)(2). 44 47 U.S.C. § 332(d)(1). The Commission has forborne in whole or in part from applying sections 203, 204, 205, 211, 212 and 214 of Title II of the Communications Act to any service classified as commercial mobile radio service under section 332, but declined to forbear from other sections of the Act that it found were necessary to protect consumers. 47 CFR § 20.15; see Implementation of Sections 3(n) and 332 of the Communications Act; Regulatory Treatment of Mobile Services, GN Docket No. 93-252, Second Report and Order, 9 FCC Rcd 1411, 1475-90, paras. 164-213 (1994) (CMRS Second Report and Order). 45 47 U.S.C. § 345(a)(3); Safe Connections Notice at 12, para. 28. For example, as technological capabilities evolve, mobile service providers are seeking ways to leverage satellite communications to provide expanded coverage to consumer handsets. See Single Network Future: Supplemental Coverage from Space, GN Docket No. 23-65, Notice of Proposed Rulemaking, FCC 23-22 (2023) (proposing a framework that would facilitate collaboration between satellite operators and terrestrial networks). 46 See CMRS Second Report and Order, 9 FCC Rcd at 1425, para. 37 (finding that “mobile resale service is included within the general category of mobile services as defined by Section 3(n) and for purposes of regulation under Section 332” and that “there is no indication in the statute or the legislative history that resellers are not ‘mobile service’ providers or exempt from the Section 332 regulatory classification”). Mobile virtual network operators do not necessarily own any network facilities, but instead purchase mobile wireless services wholesale from facilities- based providers and resell these services to consumers. See Communications Marketplace Report, GN Docket No. 22-203, 2022 Communications Marketplace Report, FCC 22-203, at 50, para. 62 (Dec. 30, 2022) (2022 Communications Marketplace Report). 47 See CTIA Comments at 7 (agreeing with the Commission’s proposed definition of “covered providers”); National Lifeline Association Comments at 3 (agreeing with the Commission that covered providers should include” both facilities-based mobile network operators as well as resellers/MVNOs since either could be called upon to separate lines of service for an abuser or a survivor”); Verizon Comments at 4, 7 (“The term ‘covered provider’ necessarily includes resellers of wireless services (MVNOs); otherwise, hundreds of thousands of wireless consumers would be ineligible to invoke the Safe Connections Act’s protections and the Commission would create an unfair competitive environment.”). 48 See CTIA Comments at 7 (noting that “some MVNOs may depend on their underlying facilities-based providers for systems necessary to effectuate line separations, screen call logs, or both”); Verizon Comments at 7 (suggesting that MVNOs may be reliant on the underlying facilities-based provider for certain actions, such as number ports or number changes). 8 Federal Communications Commission FCC-CIRC2311-02 MVNO should fulfill its obligations under the SCA and our rules through its contractual relationship with the underlying facilities-based provider and may satisfy its obligations by utilizing the same procedures and processes the facilities-based provider makes available to its own customers.49 However, to the extent an MVNO controls any facilities or systems (for example, customer care or billing), the obligations imposed by the SCA fall entirely upon the MVNO and not the underlying facilities-based provider.50 18. Additionally, we conclude that the statutory definition of “covered provider” includes a provider of mobile broadband-only or mobile text service that does not also offer mobile voice service, if such provider assigns a telephone number to a device.51 Because the SCA defines a “covered provider” to include any provider offering private mobile service or commercial mobile service, we conclude that providers offering data-only mobile service or text-only mobile services (i.e., no voice services) are “covered providers.” We therefore disagree with National Lifeline Association’s suggestion that mobile broadband providers who do not offer mobile voice service should not be considered covered providers,52 as such providers are statutorily covered by the SCA as providers of private mobile service. 19. Shared Mobile Service Contract. Consistent with the Commission’s proposal in the Safe Connections Notice,53 we define “shared mobile service contract” as a mobile service contract for an account that includes not less than two lines of service and does not include enterprise services offered by a covered provider, mirroring the definition set forth in the SCA,54 except that we interpret “2 consumers” to mean “two lines of service.”55 As the Commission explained in the Safe Connections Notice, “[i]t is our understanding that mobile service contracts are typically structured around the number of lines of 49 See CTIA Comments at 7 (suggesting that in cases where the MVNO relies upon the underlying facilities-based provider, “the MVNO’s obligations should be limited to the capabilities that the facilities-based provider makes available to its own customers.”); Verizon Comments at 7 (“Where an MVNO requires a wholesale provider’s support to implement aspects of the new rules, such as a number port or number change relating to an LSR, those matters are appropriately left to the parties’ contractual relationships.”); CCA Reply at 5 (citing support for both CTIA’s and Verizon’s comments on MVNO responsibilities); cf. EPIC et al. Reply at 4-5 (urging the Commission to ensure that the responsibilities of the MVNO/reseller and the underlying facilities-based provider are clear). 50 CTIA Comments at 7 (“To the extent MVNOs control their own systems relevant to the new rules, compliance obligations would fall solely on the MVNO.”); Verizon Comments at 7 (“Compliance with any new requirements relating to customer care, training, billing and other matters, however, relates to an MVNO’s direct customer relationships and to the billing and care systems it controls.”); CCA Reply at 5 (supporting Verizon’s comments). 51 In prior Orders, the Commission has at different times classified mobile broadband Internet access service as either a private mobile service or a commercial mobile service. See Protecting and Promoting the Open Internet, Report and Order on Remand, Declaratory Ruling, and Order, GN Docket No. 14-28, 30 FCC Rcd 5601, 5778-90, paras. 388-408 (2015) (2015 Open Internet Order) (classifying mobile broadband Internet access service as commercial mobile service); Restoring Internet Freedom, WC Docket No. 17-108, Declaratory Ruling, Report and Order, and Order, 33 FCC Rcd 311, 352-62, paras. 65-85 (2017) (2017 RIF Order) (reclassifying mobile broadband Internet access service as private mobile service), aff’d in part and remanded in part, Mozilla Corp. v. FCC, 940 F.3d 1 (D.C. Cir. 2019), on remand, Order on Remand, 35 FCC Rcd 12328 (2020), pets. for recon. pending, pet. for review pending, Cal. Pub. Utils. Comm’n v. FCC, No. 21-1016 (D.C. Cir.). See also Petitions for Declaratory Ruling on Regulatory Status of Wireless Messaging Service, WT Docket No. 08-7, Declaratory Ruling, 33 FCC Rcd 12075 (2018) (discussing regulatory classification of Short Message Service and Multimedia Messaging Service under the Communications Act), pet. for recon. pending, Rept. No. 3011 (Feb. 5, 2019). 52 National Lifeline Association Comments at 3 (asserting that “voice service is of primary importance for survivors who would generally be better off with a separate voice and data line . . . than splitting off a data-only line from a shared mobile service contract”). 53 Safe Connections Notice at 12-13, paras. 29-32. 54 47 U.S.C. § 345(a)(5). 55 Appx. A, § 64.6400(k). 9 Federal Communications Commission FCC-CIRC2311-02 service associated with an account rather than the number of consumers.”56 As a result of this contract structure, providers may not have information about any users other than the primary account holder and are therefore unlikely to be able to determine whether an account is a shared mobile service contract (i.e., has two or more consumers).57 Our interpretation, however, resolves this issue without requiring providers to collect additional information about each user of a multi-line account, and the record supports our approach. CTIA commented that our definition “will help enable program success because it generally aligns with providers’ customer service and billing systems” and that “adopting a definition focused on ‘lines of service’ rather than ‘consumers’ will avoid impediments to survivors’ ability to obtain line separations,” particularly when providers do not know the identity of each consumer associated with an account.58 Notably, there were no objections to this proposed definition in the record. Furthermore, we find that the operational language of the SCA supports our interpretation, as it requires providers to separate particular lines rather than particular consumers from shared mobile service contracts.59 Consistent with the tentative conclusion in the Safe Connections Notice, we also find that “shared mobile service contract” includes both prepaid and post-paid mobile service contracts.60 This tentative conclusion was also unopposed and supported by CTIA.61 20. We also conclude that a “line of service” under a shared mobile service contract is one that is associated with a telephone number,62 even if that line of service does not include voice services, and includes all of the mobile services associated with that line under the shared mobile service contract, regardless of classification, including voice, text, and data services. There is nothing in the statutory text to suggest that Congress intended to permit survivors to separate only certain services associated with their line but not others. Each service—voice, text, or data—could play a vital role in addressing survivors’ communications needs. For example, although a device may lack voice service or capability over commercial mobile radio service, if a phone number is associated with the device, a survivor may use the number with certain over-the-top (OTT) services to send and receive messages or make voice calls by utilizing VoIP technology using data services or data messaging services.63 Permitting separation of such lines may help avoid complications that could arise from disassociating with an existing number for these services. Had Congress wanted to limit line separations to only those lines with voice service, it could have done so explicitly in the statutory text. Congress, however, noted that “perpetrators of violence and abuse increasingly use technological and communications tools to exercise control over, monitor, and abuse their victims.”64 Clearly, Congress recognized that abusers might try to exercise 56 Safe Connections Notice at 12-13, paras. 29-30. 57 See Advanced Methods to Target and Eliminate Unlawful Robocalls Fourth Report and Order, 35 FCC Rcd 15221, paras. 32-34 (requiring providers to “know their customers,” but does not require providers to identify each individual user or a line or even that each line on shared mobile service contract has its own discrete user). 58 CTIA Comments at 6. 59 See Safe Connections Act § 4(b) (requiring covered providers to separate certain lines rather than certain consumers and entitled “Separation of Lines From Shared Mobile Service Contract”) (emphasis added). 60 Safe Connections Notice at 13, para. 31. 61 See CTIA Comments at 6 (agreeing that “the scope of a mobile service contract may include all services, regardless of classification, as well as pre- and post-paid plans”). 62 See, e.g., 47 U.S.C. § 345(b)(5) (“[B]eginning on the date on which a covered provider transfers billing responsibilities for and use of a telephone number or numbers to a survivor under paragraph (1)(A) in response to a line separation request. . .”); id. § 345(b)(6) (discussing responsibility for transferred telephone numbers from a survivor’s account); id. § 345(b)(7) (discussing responsibility for mobile devices after a covered provider “transfers billing responsibilities for and rights to a telephone number or numbers . . . in response to a line separation request”) (emphasis added). 63 Such OTT services may include, for example, applications like WhatsApp, Signal, Messenger, and Telegram. 64 Safe Connections Act § 3(3). 10 Federal Communications Commission FCC-CIRC2311-02 control over survivors not only by limiting access to or monitoring devices with voice services but also by controlling other technological and communications tools. Because Congress sought to promote “reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services,”65 we see no reason to limit the definition of “line of service” to only those lines with voice service when so doing could impede a survivor’s access to certain devices and hamper their ability to gain support and services they need. 21. We disagree with Verizon’s assertion that “it is far from clear that Congress intended certain other devices,” such as tablets with no mobile capability, which only “nominally” have a line associated with a customer account, to be covered by the SCA.66 Denying a survivor the ability to separate a line simply because it is “nominally” associated with a device could allow an abuser to maintain control over or monitor the line and the device associated with line and inhibit a survivor’s ability to break free from an abusive situation. For example, a survivor may want to separate a line for a device in order to protect his or her location information from an abuser with access to the shared mobile account information. Had Congress wanted to limit line separations in the manner Verizon suggests, Congress could have explicitly done so. However, Congress defined a shared mobile service contract as a mobile service contract that includes not less than two “consumers”—it did not in any way cabin “consumer” to a particular type of mobile service. Therefore, rather than “being far from clear,” it would seem counter to congressional intent to disallow a survivor’s line separation request because the line at issue is only “nominally” associated with a device. 22. We also disagree with Verizon’s assertion that covered providers are not statutorily required to (but may voluntarily) separate more than one line per survivor on the basis that Congress intended to limit separations to one line per survivor because “the statute uses the term ‘line’ in the singular, not plural.”67 As an initial matter, we read the statutory language in subsection (b) as framing the process to address each discrete line separation request, which grammatically requires the use of “line” in the singular, and in no way limits the number of lines for which a survivor may seek separation. Furthermore, limiting a survivor to one line separation request could potentially allow an abuser to maintain control over or monitor the survivor’s other lines (or devices connected to other lines) that remain on the shared contract. We believe this would be contrary to Congress’s goals, particularly of helping survivors establish “independent access to a wireless phone plan.”68 We also believe that had Congress intended to allow only one line separation per survivor (and one line per each individual in the care of a survivor), it would have made this limitation clear in the text. For example, instead of using the term “the line,” Congress could have said that a provider must “separate one line of the survivor, and one line of any individual in the care of the survivor.”69 Alternatively, Congress could have expressly limited the number of separations by stating that “a survivor is entitled to one line separation for the survivor and one line separation for each individual in the care of the survivor.” Moreover, the statute uses the exact same term “the line” when discussing the separation of an abuser’s line as it does when discussing the separation of a survivor’s line. Accepting Verizon’s statutory interpretation would mean that a survivor is limited to separating only one line of the abuser’s from the shared account. We do not believe that Congress intended to limit a survivor’s ability to completely remove an abuser from a shared mobile 65 Safe Connections Act § 3(2). 66 Verizon Comments at 7-8 (asserting that a “tablet with Wi-Fi but not ‘mobile’ capability, for example, is not used for either a CMRS or PMRS offering covered by the Safe Connections Act, even if it nominally has a ‘line’ associated with it in the customer account”). 67 Verizon Comments at 4, 7-8. 68 Safe Connections Act § 3(4) (“Communications law can play a public interest role in the promotion of safety, life, and property with respect to the types of violence and abuse described in paragraph (1). For example, independent access to a wireless phone plan can assist survivors in establishing security and autonomy.”). 69 47 U.S.C. § 345(b). 11 Federal Communications Commission FCC-CIRC2311-02 service contract when so doing would likely impair the survivor’s ability to establish independent wireless communications and leave the abusive situation. For all these reasons, we disagree with Verizon’s assertion and conclude that covered providers must separate multiple lines, when applicable. 23. The SCA’s definition of “shared mobile service contract” explicitly excludes “enterprise services.”70 Consistent with the Commission’s proposal in the Safe Connections Notice, we conclude that enterprise services are those products or services that are not ordinarily available to mass market customers and are primarily offered to entities to support and manage business operations, which may provide greater security, integration, support, or other features than are ordinarily available to mass market customers, and excludes services marketed and sold on a standardized basis to residential customers and small businesses.71 Our conclusion is consistent with the Commission’s past findings that mass market services are those that are generally “marketed and sold on a standardized basis to residential customers [and] small businesses” whereas enterprise services are “typically offered to larger organizations through customized or individually negotiated arrangements.”72 24. Although we appreciate industry concerns over fraud,73 we decline to create a presumption that wireless accounts listing a business entity as the primary account holder are “enterprise” accounts.74 We find the concerns of NCTA that business accounts will be greater targets for fraud without a presumption that all accounts with a business listed as the primary account holder are enterprise accounts or a presumption that any account for which a party has subscribed to a “business wireless service” is an enterprise account to be overstated.75 The SCA includes adequate safeguards against the type of potential enterprise account fraud raised by NCTA by requiring survivors to submit documentation along with a line separation request demonstrating that an “abuser” who uses a line under the shared mobile service contract has committed or allegedly committed a covered act against the survivor (i.e., the person requesting the line separation) and an affidavit that the survivor is the user of the specific line.76 In practical terms, we expect that it would be challenging for a bad actor to make this required showing where the account holder is a business, and not an individual, unless the abuser’s name is also the business name on the account. We believe this required showing will minimize the potential for fraud on business accounts. As such, we decline to adopt the CTIA and NCTA suggested presumptions. 70 47 U.S.C. § 345(a)(5). 71 Safe Connections Notice at 13, para. 32. 72 Accord Preserving the Open Internet, GN Docket No. 09-191, WC Docket No. 07-52, Report and Order, 25 FCC Rcd 17905, 17932, para. 45 (2010) (2010 Open Internet Order), aff’d in part, vacated and remanded in part sub nom. Verizon v. FCC, 740 F.3d 623 (D.C. Cir. 2014); 2015 Open Internet Order, 30 FCC Rcd at 5683, para. 189; RIF Order, 33 FCC Rcd at 318, n.58. 73 See NCTA Reply at 2-3 (“Indeed, bad actors may be particularly likely to prey on business lines since taking over a business line under false pretenses would present an attractive opportunity for lucrative financial gain or to otherwise damage the business. For example, bad actors could separate or port a business telephone number and use it to impersonate the business or intercept its customers. Even a legitimate employee of a business with authorization to use the line might seek to separate it under false pretenses, for example, if they are moving to a new company and trying to take customers with them.”). 74 See CTIA Comments at 6-7 (requesting that the Commission “establish a presumption that wireless service accounts where the account holder is a business, not an individual, are ‘enterprise’ accounts unless the business has subscribed to a plan that is also available to individual subscribers”); NCTA Reply at 3 (noting that its request “builds upon CTIA’s recommendation” and asks the Commission to find that any “party that enters into a contract for a business wireless service has an ‘enterprise’ account”). 75 See CTIA Comments at 3; NCTA Comments at 2-3. 76 47 U.S.C. § 345(c)(1)(A). 12 Federal Communications Commission FCC-CIRC2311-02 25. Primary Account Holder. Finally, as proposed in the Safe Connections Notice, we define “primary account holder” as “an individual who is a party to a mobile service contract with a covered provider,”77 mirroring the definition in the SCA.78 While no commenters opposed this proposal, Verizon noted that “accounts typically have one named account owner,” and explained that “the possibility that ‘more than a single individual [may be] a party to a mobile service contract’ should not affect how the SCA is implemented in practice.’”79 As such, we see no need to depart from the statutory definition of primary account holder. 2. Submission of Line Separation Requests 26. In this section, we adopt rules to clarify the requirements for submission of a line separation request under section 345 of the Communications Act. We largely codify the requirements set out in the SCA for how survivors submit line separation requests while adopting some measures that clarify those requirements pursuant to the SCA’s command that we consider various factors when enacting regulations for the line separation requirement.80 Our aim is to maximize survivors’ ability to obtain line separations by ensuring that covered providers have clear direction on their obligations related to the submission of line separation requests.81 Specifically, we establish requirements regarding the information that survivors must submit to request a line separation and the options providers must give survivors when survivors are making a line separation request, taking into account flexibility for survivors wherever possible. a. Information Required to Submit Line Separation Requests 27. The rules we adopt concerning the information that survivors must submit to make a line separation request are closely aligned with the requirements set out in the SCA.82 Specifically, we require that a survivor’s line separation request: (1) state that the survivor is requesting relief from the covered provider under section 345 of the Communications Act and our rules; (2) identify each line that should be separated using the phone number associated with the line; (3) regardless of which lines will be separated, identify which line(s) belong to the survivor and state that the survivor is the user of those lines; (4) when 77 Appx. A, § 64.6400(j). 78 47 U.S.C. § 345(a)(4); Safe Connections Notice at 13, para. 33. 79 Verizon Comments at 8. 80 In particular, the SCA requires the Commission to consider, among other things, privacy protections; account security and fraud detection; the requirements for remote submission of line separation requests, including submission of verification information; feasibility of remote options for small covered providers; compliance with CPNI requirements; and ensuring covered providers have the necessary account information to comply with the SCA and our rules. See Safe Connections Act § 5(b)(1)(B). 81 See Electronic Privacy Information Center (EPIC), National Network to End Domestic Violence (NNEDV), Cyber Civil Rights Initiative, Cline to End Tech Abuse, Electronic Frontier Foundation, Iowa Coalition Against Domestic Violence, National Consumer Law Center, The National Domestic Violence Hotline, National Resource Center on Domestic Violence, Ohio Domestic Violence Network, Pennsylvania Coalition Against Domestic Violence, The Pennsylvania Utility Law Project, Thomas Kadri Comments at 4 (EPIC et al. Comments) (“We support the Commission’s proposals that prioritize program accessibility and utilization by minimizing the burdens and barriers that might prevent or discourage survivors from engaging in programs authorized by the Safe Connections Act.”); CTIA Comments at 14 (asserting that “the Commission’s rules should enable covered providers to protect against fraud and identity theft by bad actors attempting to exploit the SCA requirements as a security vulnerability”); CCA Comments at 4 (“Where the Commission creates additional requirements regarding matters like documentation of survivor status, security and navigability for remote submissions of line-separation requests, and the options a carrier must make available to a survivor submitting a request, CCA urges the Commission to make its expectations as clear and simple as possible.”) (footnotes omitted). 82 See 47 U.S.C. § 345(c)(1)(B), (C); see also Safe Connections Notice at 16, para. 41 (proposing to codify the SCA’s requirements and seeking comment on alternative approaches); Appx. A, § 64.6401(a). 13 Federal Communications Commission FCC-CIRC2311-02 a survivor is seeking separation of the line(s) of any individual under the care of the survivor, include an affidavit setting forth that any such individual is in the care of the survivor and is the user of the specific line; (5) when a survivor is seeking separation of the abuser’s line, state that the abuser is the user of that specific line;83 and (6) include documentation that verifies that an individual who uses a line under the shared mobile service contract (i.e., an “abuser”) has committed or allegedly committed a covered act against the survivor or an individual in the survivor’s care.84 We also require that a line separation request include the name of the survivor and the name of the abuser that is known to the survivor, which may assist covered providers’ fraud detection efforts.85 While some commenters generally expressed that we should ensure the process for requesting line separations is not cumbersome,86 none specifically addressed our proposed approach. We find that these requirements are consistent with the statutory requirements set forth in the SCA and properly balance the needs of survivors and covered providers’ interest in preventing fraudulent line separations. 28. Affidavits Regarding an Individual in the Care of a Survivor. When a survivor is seeking a line separation for an individual in the care of a survivor, we require the survivor to submit an affidavit that is signed by the survivor and dated near the time of submission.87 We decline to adopt Verizon’s suggestion, however, that we require such affidavits include the name of the individual being cared for, relationship of the survivor to the cared-for individual, or other information for fraud deterrence purposes.88 We conclude that requiring information about such individuals raises privacy concerns that are not outweighed by the potential fraud deterrence benefits, particularly given covered providers may not have this information documented in the shared mobile account in the first place. In addition, we agree with the New York City Mayor’s Office to End Domestic and Gender-Based Violence (NYC ENDGBV) that there should not be a notarization requirement for affidavits, as such a requirement would be burdensome for survivors because they “may not have access to a form of identification to verify their identity to a notary and may not have the resources to find, travel to, or acquire a notary public.”89 83 We recognize that there may be some instances in which a survivor may wish to separate an abuser’s line but is not able to identify the phone number of the abuser that is associated with the account. See EPIC et al. Comments at 18 & n.68 (advocating that survivors should still be permitted to obtain line separations in instances when they cannot identify the specific phone number of the abuser, such as when the abuser uses multiple lines or has only provided the survivor with a virtual phone number (e.g., a Google Voice number)). We expect that in these instances, covered providers will work with survivors to separate the lines of the survivor and those in the survivor’s care from the account. 84 Appx. A, § 64.6401(a). 85 Appx. A, § 64.6401(a). See Verizon Comments at 12 (“Accurate identification information in the affidavit is critical for purposes of authentication and fraud prevention, given that providers’ standard authentication processes may not be available or appropriate in these circumstances and that similar state laws may impose less stringent documentation standards.”). While covered providers cannot deny requests if the names do not match, mismatched names may serve as a “red flag” that could form the basis for a reasonable belief that a request is fraudulent. See infra para. 34 (discussing denials of requests for survivors whose identities cannot be authenticated). 86 See, e.g., EPIC et al. Comments at 16 (“The Commission should strive to avoid a cumbersome stressful process for applicants to its programs, and as a result, we encourage the Commission to address additional unnecessary barriers so more survivors will benefit from the Commission’s programs.”); NYPSC Comments at 2 (“[T]he FCC should ensure that its rules are broad and flexible to make it relatively easy for survivors to seek the help they may need.”); Rose Marie Vegara Comments at 2-3 (“It is important to streamline policies and procedures to provide immediate and respectful assistance to the survivors who are still fearful of the abuser, undergoing a stressful life change, navigating various systems, and trying to re-build their lives.”). 87 Appx. A, § 64.6401(a)(4); see also Safe Connections Notice at 16-17, para. 41 (proposing to require that affidavits be signed and dated). 88 See Verizon Comments at 13. 89 NYC ENDGBV Comments at 1. 14 Federal Communications Commission FCC-CIRC2311-02 29. Documentation Demonstrating Survivor Status. Consistent with the SCA,90 we require survivors seeking a line separation to submit documentation that verifies that an individual who uses a line under the shared mobile service contract has committed or allegedly committed a covered act against the survivor or an individual in the survivor’s care (i.e., is an “abuser”).91 To meet the requirement for demonstrating survivor status, survivors must submit one or more of the eligibility documents prescribed by the SCA: (1) a copy of a signed affidavit from a licensed medical or mental health care provider, licensed military medical or mental health care provider, licensed social worker, victim services provider, licensed military victim services provider, or an employee of a court, acting within the scope of that person’s employment; or (2) a copy of a police report, statements provided by police, including military police, to magistrates or judges, charging documents, protective or restraining orders, military protective orders, or any other official record that documents the covered act.92 The documentation provided should clearly indicate a known name for the abuser and the survivor, as well as include some kind of affirmative statement that constitutes an indication that the abuser actually or allegedly committed an act that qualifies as a covered act against the survivor or an individual in the care of a survivor. No commenter opposed our establishment of such requirements.93 Consistent with the Commission’s proposal,94 we also codify the proviso in the SCA stating that nothing in our rules under section 345(c) “shall affect any law or regulation of a State providing communications protections for survivors (or any similar category of individuals) that has less stringent requirements for providing evidence of a covered act,”95 which was unopposed in the record.96 30. We interpret the phrase “any other official record that documents a covered act” to mean records from any governmental entity.97 We find that this is the best interpretation of this phrase because the documents listed preceding this phrase are records from government entities, and although they are specifically records from law enforcement entities,98 Congress did not limit the scope of the phrase by qualifying it with “any other official law enforcement record that documents a covered act.” We also find that this reading is most consistent with the goals of the SCA as it permits survivors to submit official records from other government entities not listed in the statute that might commonly assist survivors, such as child and family service agencies. No commenter urged us to interpret the phrase narrowly, and for the 90 47 U.S.C. § 345(c)(1)(A). 91 Appx. A, § 64.6401(a)(9); see Safe Connections Notice at 19-20, para. 48. 92 47 U.S.C. § 345(c)(1)(A); Appx. A, § 64.6401(a)(9); Safe Connections Notice at 20, para. 48; see Verizon Comments at 12 (explaining that the “documentation requirements appropriately incorporate the statute’s clear requirements, and serve Congress’s twin goals of expediting and standardizing the [line separation request] process while deterring and mitigating the risk of fraud and abuse of the new rules”). 93 We clarify, in response to NYC ENDGBV’s concerns, that the SCA, and the rule we adopt, does not require survivors to submit “police reports, court documents, or any other legal records as a prerequisite for separating a survivor’s line.” NYC ENDGBV Comments at 1. While police reports or court documents would be sufficient to meet the documentation requirements in the SCA and our rules, the statute and our rules offer many alternative ways to satisfy the documentation requirement. 94 See Safe Connections Notice at 21, para. 51. 95 47 U.S.C. § 345(c)(3); Appx. A, § 64.6401(e). 96 NYS OPDV Comments at 4 (“[W]e are pleased with the inclusion of language in the proposed rules that would allow covered providers to comply with state or local laws that provide greater protections than those set out in the federal rules.”). 97 See, e.g., 15 U.S.C. § 6602(3) (defining “government entity” as “an agency, instrumentality, or other entity of Federal, State, or local government (including multijurisdictional agencies, instrumentalities, and entities)”); 18 U.S.C. § 2711(4) (defining “governmental entity” as “a department or agency of the United States or any State or political subdivision thereof”). 98 47 U.S.C. § 345(c)(1)(A)(ii). 15 Federal Communications Commission FCC-CIRC2311-02 reasons discussed below, we decline to interpret this clause more broadly to allow survivors to submit self-certification of survivor status. We also decline to interpret the “other official record” phrase to include records of domestic violence services organizations, or medical or mental health records that describe treatment for injuries, without the need to obtain a signed affidavit from the provider, as the New York State Office for the Prevention of Domestic Violence requests99 as the first clause of the SCA’s documentation provision specifically requires that such records be accompanied by a signed affidavit from the care provider100 and we find there is no basis for interpreting the “other official record” phrase to directly contradict that requirement. 31. Although we are sympathetic to concerns raised in the record that some survivors may have difficulty securing the documents specified by the SCA to demonstrate survivor status, or doing so in a timely manner,101 we find that there is no valid basis for interpreting the statute to allow self- certification of survivor status. Several commenters urge us to permit self-certification,102 but none explain how the SCA provides the Commission with the authority to do so, or how doing so is consistent with congressional intent. On the contrary, we find that doing so would contradict congressional intent. As the Commission explained in the Safe Connections Notice, when Congress adopted the SCA, it was not unaware that self-certification could be an option for survivors to demonstrate survivor status, as the Commission had sought comment on allowing self-certification in its Notice of Inquiry.103 We expect that Congress also likely knew of the option for survivors to self-certify their status given that a similar New York law already permitted it as an option.104 Congress nevertheless excluded self-certification from its detailed list of permissible documentation.105 Presumably recognizing that the documentation requirements it set were more stringent than those that already existed in New York, Congress included a savings clause in the statute that specifically preserves states’ ability to adopt less stringent certification requirements in state laws or regulations.106 Although EPIC et al. cites this provision as a reason why the Commission should conclude that the list of permitted documentation is non-exhaustive and that self- certification should be permitted,107 it is precisely because the SCA sets out a list of permitted 99 NY Office for the Prevention of Domestic Violence Comments at 4. 100 47 U.S.C. § 345(c)(1)(A)(i). 101 See API-GBV Comments at 4 (discussing the challenges survivors may face in providing documentation); Boston College Law School Student Reply at 7-8 (discussing reasons survivors may not seek assistance from health care providers or law enforcement entities in the first place); NYS OPDV Comments at 4 (similar); EPIC et al. Comments at 2-3 (explaining that survivors may not be in a position to request documentation from third parties and that they may not be able to access services offered by third parties without first having an independent means of communication). 102 See API-GBV Comments at 4; EPIC et al. Comments at 2-3; NYC ENDGBV Comments at 1. 103 See Safe Connections Notice at 20-21, para. 49. 104 2022 N.Y. Laws ch. 578 (enacted Oct. 18, 2022) (requiring utility corporations and providers of wireless telephone service to permit a person to opt-out of a shared contract without fee, penalty, or charge, when such a person “is a victim of domestic violence and provides an attestation in writing of their eligibility as a victim of domestic violence”). 105 47 U.S.C. § 345(c)(1)(A). 106 See 47 U.S.C. § 345(c)(3) (stating that the SCA “shall not affect any law or regulation of a State providing communications protections for survivors (or any similar category of individuals) that has less stringent requirements for providing evidence of a covered act (or any similar category of conduct) than this subsection”) (emphasis added). 107 EPIC et al. Comments at 13 (“Because Congress explicitly preserved the rights of states to set less stringent requirements for line separation, the Commission should similarly be explicit with communications services providers that the lists of affidavits and of records offered in § 345(c)(1)(A) are non-exhaustive.”) (footnote omitted). 16 Federal Communications Commission FCC-CIRC2311-02 documentation and preserves states’ rights to set less stringent requirements in separate state laws that we conclude the Commission is restricted in its ability to expand the scope of permitted documentation to include self-certification. We likewise conclude that self-certification does not fit into the phrase permitting survivors to submit “any other official record that documents a covered act,”108 given our conclusion that Congress intended that clause to be limited to records created by government entities. We also find that the best reading of “official record” is a “record created by, received by, sanctioned by, or proceeding from an individual acting within their designated capacity,”109 which would not include self- certification. For many of the reasons discussed in this paragraph, we also conclude that the SCA does not permit us to allow survivors to submit any other forms of documentation of survivor status besides those already discussed.110 32. Next, we do not require that such documentation be dated or that the date be within a certain time period before the survivor submits the line separation request. We agree with API-GBV that we should “provide flexibility to allow people to disclose victimization or to apply for protections at their own pace, given the risks that survivors face as they plan for their safety.”111 We also anticipate that many survivors may have sought assistance years before the effective date of the SCA and our implementing rules, and we do not want to deter those survivors from taking advantage of the new benefit that is available to them or require them to seek assistance again just for the purpose of having newer documentation created. We likewise do not require that the documentation show that the covered act occurred within a certain time period prior to the request. We are cognizant of how difficult it may be for survivors to seek assistance112 and expect there may be instances where a survivor reported a covered act years ago but has not done so again recently despite ongoing abuse. 33. Assessing the Authenticity of Documentation. The record reflects broad agreement from stakeholders that we should not require covered providers to assess the authenticity of the documentation that survivors submit,113 and therefore we decline to adopt such a requirement. We find this approach is appropriate given concerns that many covered providers may not have the expertise to accurately evaluate the authenticity of documentation and could mistakenly deny legitimate requests.114 We conclude, however, that the SCA does not prohibit covered providers from attempting to assess the authenticity of documentation and from denying line separation requests based on a reasonable belief the request is or 108 47 U.S.C. § 345(c)(1)(A)(ii); see also EPIC et al. Comments at 13 (suggesting that the “official record” phrase leaves room for the Commission to interpret it to include self-certification). 109 See Official Record, Dictionary of Archives Terminology, https://dictionary.archivists.org/entry/official- record.html (last visited Sept. 6, 2023). 110 See API-GBV Comments at 4 (strongly recommending that survivors be permitted to provide other documentation if they cannot provide the documentation specifically identified in the Safe Connections Act and strongly discouraging an absolute requirement that survivors submit “official documentation”). 111 API-GBV Comments at 4-5 (further explaining that many survivors “may face significant trauma in sharing information about the harm they have experienced”). 112 See, e.g., Rose Marie Vegara Comments at 2-3 (describing the challenges for survivors seeking to leave their abusers); NYPSC Comments at 2 (“[E]ach survivor seeking to leave their abuser experiences challenging and unique circumstances . . . .”). 113 See, e.g., CTIA Comments at 6 (arguing that the Commission’s rules should not create an expectation or requirement that covered providers confirm the authenticity of documents survivors submit with their line separation requests to show survivor status); NCTA Reply at 3-4 (“[T]he record is clear that the Commission should not require providers to verify the documentation a survivor submits demonstrating that a covered act was committed.”); NYC ENDGBV Comments at 1 (asserting that covered providers should not authenticate documentation). 114 NCTA Reply at 3-4 (“Put simply, communications service providers are ill-equipped to accurately assess the validity of these materials and attempts to verify the information would risk retraumatizing the survivor.”). 17 Federal Communications Commission FCC-CIRC2311-02 may be fraudulent,115 and we therefore permit them to do so.116 Such authentication might include confirming the documentation is from an entity that actually exists, assessing whether the documentation has identifiers that demonstrate the documentation is actually a record of that entity, and comparing any identifying information in the documentation about the abuser and survivor with information in the covered provider’s records to confirm that it matches.117 However, to protect survivor privacy, we prohibit covered providers from directly contacting entities that created any documentation to confirm its authenticity.118 To mediate concerns about the accuracy of covered providers’ assessments, we emphasize that covered providers must first form a reasonable belief that a request is or may be fraudulent before denying the request, and urge covered providers to consider possible legitimate reasons for why submitted documentation may not pass a provider’s standard authentication checks. For example, mismatched identifying information could result from a document’s use of nicknames or other names that would not match providers’ records. We find that allowing, but not requiring, a covered provider to attempt to authenticate submitted documentation balances the public interests of fraud prevention and ensuring survivors’ ability to obtain legitimate line separations.119 34. Assessing the Veracity of Evidence of Survivor Status. We prohibit covered providers from assessing the veracity of the evidence of survivor status contained within the submitted documents, or relying on third parties to do so.120 We expect that, in most cases, survivors will not be in a position to control what information other entities include in the documentation to ensure it clearly establishes survivor status. Thus, allowing covered providers to evaluate the truthfulness of the information provided and potentially use it as a basis for denying requests could limit legitimate line separations. We also make clear that the prohibition on assessing the veracity of survivor status evidence means that covered providers may not contact survivors to interrogate them about their experience, which “can be retraumatizing for survivors,” particularly since “providers are likely not trained in trauma-informed engagement.”121 The record affirms our belief that many covered providers may not have the expertise to 115 See Safe Connections Notice at 17, para. 43; EPIC et al. Comments at 12 (explaining that the Commission should interpret the SCA’s prohibition on making line separations contingent on other requirements “to mean that a covered provider may reject a line separation request that is not accompanied by any verification of survivor status or of the phone line to be separated, but not to mean that each individual provider is entitled to narrow what constitutes adequate verification” beyond what is established in the Commission’s rules). 116 Appx. A, § 64.6401(b). 117 Safe Connections Notice at 20, para. 48 (seeking comment on whether covered providers should be required to confirm that identifying information in submitted documentation matches the providers’ records). See Verizon Comments at 13 (explaining that employees will need to ensure the completeness of the information in survivors’ documentation, including by confirming that the basic information in the documentation is consistent with their account records and the affidavit). 118 See NYC ENDGBV Comments at 1. 119 Accordingly, we decline NYC ENDGBV’s suggestion to altogether prohibit covered providers from attempting to authenticate documents submitted by survivors. See NYC ENDGBV Comments at 1; see also EPIC et al. Comments at 11-12 (stating that the SCA does not permit covered providers “to put their own processes in place (e.g., verification) on top of the Commission’s own rules”). 120 EPIC et al. Comments at 11-12 (explaining that covered providers’ ability to verify documentation should be restricted); CTIA Comments at 12 (“CTIA agrees with survivor advocacy and support groups and members of Congress that the Commission’s rules should not place providers and their front-line customer service representatives in the position of evaluating the veracity of abuse survivors’ claims or documents and mediating domestic or other abusive situations.”); Verizon Comments at 4 (arguing that the Commission should avoid creating rules that incentivize wireless providers to second-guess a user’s “survivor” status); Rose Marie Vegara Comments at 2-3 (“If the survivor is making a fraudulent claim, law enforcement and the Courts should be the entities making that determination.”). 121 NYC ENDGBV Comments at 1. 18 Federal Communications Commission FCC-CIRC2311-02 accurately evaluate the veracity of the documentation survivors submit.122 We find that it would undermine the goals of the SCA if a covered provider denied a line separation based on an incorrect determination about the veracity of the evidence presented.123 We agree with Verizon and CTIA that the SCA’s liability limitation clause124 provides protections for covered providers if they reasonably rely on the documentation survivors provide to demonstrate survivor status and approve line separation requests that turn out to be fraudulent.125 35. Other Information. We do not, at this time, require a survivor who is not the primary account holder to submit other information, including passwords, about the account or the primary account holder,126 as the record does not show that such additional information is needed to address fraud and could be unnecessarily burdensome for survivors.127 No commenter advocated that we require such information. Rather, consistent with the concern raised in the Safe Connections Notice,128 Verizon noted that “survivors may have little if any visibility into account information such as PINs, billing addresses, and primary numbers that an abuser may keep private.”129 We do, however, permit a covered provider to request the account number, primary phone number, full or partial address, and PIN or password associated with the account, as long as the covered provider makes clear to the survivor that such information is not required to process the line separation request and that the request will not be denied if the information is not provided or is inaccurate.130 We acknowledge Verizon’s assertion that such information, if available, “could help a provider to process the [line separation request] more quickly in some cases, and to investigate and remedy transactions that later turn out to have been fraudulent or unauthorized.”131 36. Assistance with Completing Line Separation Requests. To maximize survivors’ ability to pursue line separation requests, we conclude that survivors may rely on assistance from other individuals, including the survivor’s designated representative, to prepare and submit line separation requests.132 We 122 See Safe Connections Notice at 21, para. 50; CTIA Comments at 12-13 (discussing providers’ inconsistent practices for verifying subscriber eligibility for the Lifeline program as evidence that providers are also unprepared to evaluate the documentation submitted by survivors). 123 See Safe Connections Notice at 21, para. 50. 124 47 U.S.C. § 345(g) (“A covered provider or any officer, director, employee, vendor, or agent thereof shall not be subject to liability for any claims deriving from an action taken or omissions made with respect to compliance with this section and the rules adopted to implement this section.”). 125 See Verizon Comments at 7-8; CTIA Reply at 13-14. 126 Safe Connections Notice at 19, para. 47. 127 See EPIC et al. Comments at ii (“We support the Commission’s inquiry regarding waiting and weighing whatever evidence of fraud, waste, and misuse may or may not ultimately present itself, rather than pre-emptively introducing barriers that might inhibit survivor utilization of its programs.”). 128 Safe Connections Notice at para. 47 (stating that “we appreciate that many survivors may have limited information about the abuser and the account associated with the mobile service contract”). 129 Verizon Comments at 13; see also EPIC et al. Comments at 18 (“[I]t is conceivable that an abuser uses an address the survivor is not aware of for their phone bills. Even if it is the same address as their residence, the survivor might not have access to the abuser’s account number, PIN, or password. If an abuser has multiple phones, a survivor may not know the phone number designated as the primary account owner’s.”). 130 Verizon Comments at 13 (“A provider may request additional information if known, such as account information, but it may not refuse to process or otherwise deny a line separation request if the survivor does not or cannot provide it.”). 131 Verizon Comments at 13. 132 See EPIC et al. Notice of Inquiry Comments at 5, n.17 (rec. Aug. 18, 2022) (highlighting one study showing that “[m]ore than 50% of advocates surveyed indicated that at least half of the victims they work with need assistance in (continued….) 19 Federal Communications Commission FCC-CIRC2311-02 agree with commenters that this approach maximizes survivor self-determination and agency, and that it could be particularly useful for individuals with disabilities or whose first language is not English.133 No commenter opposed this approach. While the SCA requires covered providers to effectuate line separations after receiving a completed line separation request from a survivor,134 it also permits survivors to indicate a designated representative for communications regarding line separation requests,135 which we find signifies Congress’s expectation that survivors might rely on other individuals in relation to line separation requests. To ensure that covered providers have the means to identify the individuals who survivors select to assist with line separation requests, we require providers to request the name and relationship to the survivor for individuals who assist survivors and we require those assisting survivors to provide that information, along with a statement that the person assisted the survivor with the line separation request.136 We expect that any added cost for requiring covered providers to request this information will be negligible. 37. Confidential Treatment and Secure Disposal of Personal Information. We adopt our proposal137 to require a covered provider, including any officer, director, and employee—as well as a covered provider’s vendors, agents, or contractors that receive or process line separation requests with the survivor’s consent, or as needed to effectuate the request—to treat the fact of the line separation request as well as any documentation or information a survivor submits as part of a line separation request as confidential, and securely dispose of the information not later than 90 days after receiving the information, consistent with the SCA.138 The record supports adoption of this requirement, including our proposed clarification that a “vendor,” as used in the SCA,139 includes a “contractor” who may receive a line separation request in its provision of services to a covered provider, on the basis that this interpretation reflects the business practices of covered providers and will mitigate privacy risks to (Continued from previous page) accessing public benefits, due to factors including difficulty understanding the application process, documentation and other requirements that are burdensome for victims, and shifting rules for program compliance”). 133 EPIC et al. Comments at 2 (“We support the Commission’s proposals that maximize survivor self-determination and agency. Such proposals include assistance with line separation requests from supportive services providers . . . .”); API-GBV Comments at 6 (“[T]he final rule should provide maximum flexibility allowing survivors to seek the assistance of designated representatives to submit line separation requests, especially in instances where the survivor’s primary language is not English (or Spanish), or the survivor has disabilities that limit her or his ability to submit the requests.”). 134 47 U.S.C. § 345(b)(1). 135 47 U.S.C. § 345(c)(2)(A) (indicating that covered providers must notify survivors or the survivors’ designated representatives). 136 Appx. A, § 64.6401(a)(8); API-GBV Comments at 6 (“When a third party submits a line separation request, they should be required to indicated, at a minimum, their name and/or organization name, and relationship to the survivor.”). 137 See Safe Connections Notice at 22, para. 53. 138 47 U.S.C. § 345(d)(1); Appx. A, § 64.6401(d). 139 47 U.S.C. § 345(d)(1), (g)(1). 20 Federal Communications Commission FCC-CIRC2311-02 survivors.140 We note that covered providers must abide by this requirement even if they are unable to process a line separation request.141 38. We conclude that treating the line separation request itself, as well as documentation and information a survivor submits as part of a line separation request, as confidential means not disclosing or permitting access to such information unless subject to a valid court order, except: (1) to the individual survivor submitting the line separation request; (2) to anyone that the survivor specifically designates; (3) to those third parties necessary to effectuate the request (i.e., vendors, contractors, and agents); and (4) to the extent necessary, to the Commission and the Universal Service Administrative Company (USAC) to process emergency communications support through the designated program or address complaints or investigations.142 We disagree with CTIA that the Commission should not afford protections to survivors (and alleged abusers) from the misuse of their data by law enforcement on the basis that doing so is outside the scope of the SCA and the Safe Connections Notice.143 The SCA directs the Commission to adopt regulations concerning the line separations requirements,144 which includes the confidentiality requirements,145 and thus we find that addressing this issue is within the scope of the SCA. Given concerns expressed by EPIC et al.,146 we find that requiring law enforcement to obtain a court order to access information about a line separation request is a necessary protection for survivors (and alleged abusers). We do not anticipate that this requirement will be burdensome for providers to implement given that they already have a duty to protect the confidentiality of proprietary information of customers,147 including a duty to prevent access to customer proprietary network information (CPNI) “[e]xcept as required by law or with the approval of the customer.”148 Additionally, requiring a court order prevents covered providers from being placed in a position of having to assess whether a law enforcement official may be misusing their official authority.149 39. We limit providers from using, processing, or disclosing the line separation request—or any documentation or information submitted with line separation request—for purposes unrelated to 140 See Safe Connections Notice at 22, para. 53; API-GBV Comments at 5 (“We further appreciate the provisions in the proposed rule relating to the treatment of personal information submitted by a survivor, especially the provisions that cover vendors and contractors.”); EPIC et al. Comments at 20 (“For those reasons, we support the Commission’s proposals to require disposal of survivor information not later than 90 days after receiving it, treating that data as confidential throughout its lifecycle, and applying the same requirements to vendors, contractors, etc. whom carriers task with handling this data.”). No commenter opposed this interpretation. 141 See Rose Marie Vegara Comments at 1 (explaining that the confidentiality and secure disposal rules must apply even if a covered provider’s systems prevent the provider from effectuating a line separation). 142 See Safe Connections Notice at 23, para. 55; Appx. A, § 64.6401(d); API-GBV Comments at 5 (asserting that the Commission should limit disclosure of personally identifiable information to government agencies, including law enforcement agencies, unless there is a judicial order to do so); EPIC et al. Reply at 9-10 (supporting restricted access to line separation information without judicial or grand jury order). We conclude that a survivor’s initiation of a line separation request gives covered providers consent to share necessary information with necessary third parties to effectuate the request. See NYC ENDGBV Comments at 2 (arguing that covered providers should not be permitted to share information submitted with line separation requests with third parties, except where required by law, without the consent of the survivor). 143 CTIA Reply at 7. 144 See Safe Connections Act § 5(b)(1)(A). 145 47 U.S.C. § 345(d). 146 EPIC et al. Comments at 25-27. 147 47 U.S.C. § 222(a). 148 47 U.S.C. § 222(c)(1). 149 See NCTA Reply at 11. 21 Federal Communications Commission FCC-CIRC2311-02 implementing the request, providing services, or otherwise managing the survivor’s account.150 We also conclude that the requirement to “treat” information submitted in connection with a line separation request as “confidential” prohibits covered providers from using, processing, or disclosing (e.g., to joint- venture partners) such information for marketing purposes.151 40. We confirm our tentative conclusion152 that to the extent that any information a survivor submits as part of a line separation request would be considered CPNI153 and therefore subject to disclosure to the customer or a designee, the SCA’s confidentiality requirement nevertheless requires that such information (along with any information submitted by a survivor that would not be considered CPNI) be treated confidentially and disposed of securely. We conclude that this is the best reading of the SCA’s language requiring confidential treatment “[n]otwithstanding section 222(c)(2)” of the Communications Act. EPIC et al. agrees with this reading, and no commenter offered an alternative interpretation.154 Thus, although section 222(c)(2) normally requires telecommunications carriers to “disclose customer proprietary network information, upon affirmative written request by the customer, to any person designated by the customer,”155 when such CPNI is submitted by survivors as part of a line separation request, covered providers must follow the SCA’s heightened requirements for confidentiality and secure disposal. 41. We decline to find that the identity of the abuser and the reason for the line separation (i.e., the alleged abuse) should be treated as CPNI for the purpose of protecting the personal information of abusers, as requested by EPIC et al.156 Neither data element fits logically within the categories of 150 See EPIC et al. Comments at 20; API-GBV Comments at 5. 151 See Safe Connections Notice at 23, para. 55; API-GBV Comments at 5 (arguing that covered providers should not be permitted to use personally identifying information for marketing purposes); EPIC et al. Comments at 20 (same). 152 Safe Connections Notice at 22, para. 54. 153 The Communications Act defines CPNI as “information that relates to the quantity, technical configuration, type, destination, location, and amount of use of a telecommunications service subscribed to by a customer of a telecommunications carrier, and that is made available to the carrier by the customer solely by virtue of the carrier- customer relationship,” and “information contained in the bills pertaining to telephone exchange service or telephone toll service received by a customer of a carrier,” but does not include subscriber list information. 47 U.S.C. § 222(h)(1). While the Commission has not provided an exhaustive list of what constitutes CPNI, it has explained that CPNI includes, but is not limited to: the phone numbers called by a consumer; the frequency, duration, and timing of such calls; and any services purchased by the consumer, such as call waiting. Implementation of the Telecommunications Act of 1996: Telecommunications Carriers’ Use of Customer Proprietary Network Information and Other Customer Information; IP-Enabled Services, CC Docket No. 96-115, WC Docket No. 04-36, Report and Order and Further Notice of Proposed Rulemaking, 22 FCC Rcd 69927, 6930, para. 5 (2007) (2007 CPNI Order); see also AT&T, Inc., File No.: EB-TCD-18-00027704, Notice of Apparent Liability for Forfeiture and Admonishment, 35 FCC Rcd 1743, 1757, paras. 33-35 (2020) (finding that customer location information is CPNI under the Communications Act). 154 EPIC et al. Comments at 20 (expressing support for applying the confidential and secure disposal requirements to both CPNI and to data that might not otherwise qualify as CPNI). 155 47 U.S.C. § 222(c)(2). 156 See EPIC et al. Comments at 23-24 (“We urge the Commission to treat the reason for line separation (i.e., alleged abuse) as CPNI for alleged abusers as well as for survivors. The Safe Connections Act prioritizes the safety and stability of the survivor, not actions against the alleged abuser. For this reason, and especially because we are advocating for self-attestation of survivor status rather than requiring certified proof of abuse, it would be inappropriate for a survivor’s participation in the Commission’s programs to have repercussions for the alleged abuser beyond phone line separation.”). EPIC et al. cite to paragraph 179 of the Safe Connections Notice, which sought comment on what the Commission could do to protect the personal information of abusers when that information is disclosed to the Commission or USAC. The CPNI requirements in section 222 of the Communications Act and the Commission’s CPNI rules apply to carriers. See 47 U.S.C. § 222(c); 47 CFR §§ 64.2001-64.2011. 22 Federal Communications Commission FCC-CIRC2311-02 information that constitute CPNI,157 and it need not for those data to benefit from the SCA’s confidential and secure disposal protections, which protect the privacy of both survivors and alleged abusers. The confidentiality obligation itself, that is, requires that such information be protected.158 42. To help ensure confidential treatment and secure disposal of information submitted with line separation requests, we also require covered providers to follow data security measures commensurate with the sensitivity of line separation requests, as well as the information and documentation submitted with line separation requests. Specifically, we require covered providers to implement policies and procedures governing confidential treatment and secure disposal of this information, train employees on those policies and procedures, and restrict access to databases storing such information to only those employees who need access to that information.159 We believe these baseline requirements will create the foundation for covered providers to treat line separation information confidentially and dispose of it securely. We conclude that these requirements will not be burdensome for most covered providers given that all telecommunications carriers and interconnected Voice over Internet Protocol (VoIP) providers must already train employees to protect the confidentiality of proprietary information of, and relating to, other telecommunication carriers, equipment manufacturers, and customers and that we have specific rules governing the protection of CPNI,160 and we expect that most providers already have data security policies and procedures to limit access to certain information. In all cases, we anticipate that covered providers will only need to modify their practices and systems to include treatment of line separation information. 43. Understanding that covered providers may need flexibility to comply with the confidentiality and disposal requirements,161 we otherwise decline to prescribe specific measures that covered providers must use to treat information submitted with a line separation request as confidential and securely dispose of it. We conclude, however, that unauthorized disclosure of, or access to, information survivors submit as part of a line separation request will be considered evidence in an investigation by the Commission that a covered provider has not adopted sufficient measures to protect against such disclosure or access.162 This approach aligns with our expectations for carriers’ treatment of 157 See 47 U.S.C. § 222(h)(1). 158 See 47 U.S.C. § 222(a). 159 See Safe Connections Notice at 23, para. 55; NYS OPDV Comments at 4 (“Given the confidential nature of these requests and the documentation that survivors must provide to be eligible for a line separation, we believe that covered providers should be required to restrict employee access to these requests to those who need access to effectuate requests, and to keep these records in a secure location to prevent unauthorized access or disclosure of the documentation. Additionally, employees handling these requests should receive training to prevent the misuse of survivor data and to learn how to evaluate and handlee [sic] requests for access to data from law enforcement.”); EPIC et al. Reply at 10 (“We also agree with commenters who call for restricting employee access to information about line separation requests, and for providing extensive training to employees who need access.”); Rose Marie Vegara Comments at 1 (asserting that covered providers must have policies and procedures in place to protect the confidentiality and privacy of the survivor and dependents making line separation requests and that employees should receive training for these purposes). 160 See 47 U.S.C. § 222(a), (c); 47 CFR §§ 64.2009-64.2010. 161 Verizon Comments at 14 (“[T]he confidentiality and security requirements for these documents are also largely self-executing and do not require prescriptive regulations. Wireless providers will have different methods for handling these requests, and different methods (and combinations of methods) for storing, maintaining and ultimately disposing of the information and documentation, which may or may not include encryption.”). 162 See Safe Connections Notice at 23, para. 55; EPIC et al. Comments at 20 (“We support the Commission’s proposal to treat unauthorized disclosure of or access to information submitted by survivors as evidence that a provider did not treat information confidentially.”). 23 Federal Communications Commission FCC-CIRC2311-02 CPNI.163 The SCA’s confidentiality and disposal requirements demonstrate that Congress thought the privacy of information related to line separation requests is paramount,164 and we anticipate that our approach will incentivize covered providers to adopt best practices as they evolve over time to ensure the confidentiality and secure disposal of such information.165 Indeed, a covered provider may be able to overcome evidence related to a breach of survivor information if the provider is able to show that it used industry best practices at the time of the breach. We are also concerned that prescribing specific data security practices might result in the rules becoming obsolete over time.166 We make clear that the liability protections in the SCA167 do not shield covered providers, or their vendors, agents, and contractors, from enforcement actions that may result from their failure to adopt adequate practices to treat line separation information as confidential and securely dispose of it. Additionally, we emphasize that covered providers subject to section 222 have an independent responsibility to protect such confidential information and will therefore be subject to potential enforcement action for failures by their vendors, agents, and contractors to adopt sufficient confidentiality and secure disposal measures.168 44. We also clarify the limited instances in which a covered provider may retain information about a line separation request beyond the 90-day disposal deadline established by the SCA.169 First, consistent with the SCA,170 we permit a covered provider to maintain a record that verifies that a survivor fulfilled the conditions of a line separation request for longer than 90 days, but prohibit providers to retain, as part of this record, the affidavit, documentation of survivor status, or other original records a survivor submits with the request, as that information is deemed confidential and subject to secure disposal within 90 days.171 Second, we permit a covered provider to retain any confidential record related to the line separation request, including an affidavit and documentation of survivor status, for longer than 163 See 2007 CPNI Order, 22 FCC Rcd at 6959, para. 63 (“[W]e hereby put carriers on notice that the Commission henceforth will infer from evidence that a pretexter has obtained unauthorized access to a customer’s CPNI that the carrier did not sufficiently protect that customer’s CPNI.”). 164 47 U.S.C. § 345(d); see also NDVH Comments at 2 (“When supporting victims/survivors ensuring consistent privacy and confidentiality is paramount.”). 165 Such best practices might include encryption, masking, data minimization (i.e., only collecting data necessary for the intended purpose and deleting data when it is no longer necessary), access controls, secure password policies, traffic monitoring, and internal firewalls. See EPIC et al. Comments at 19-20 (advocating that carriers be required to implement data security best practices, such as these); NYC ENDGBV Comments at 2 (“All information related to service or other actions under the Safe Connections Act should be treated as sensitive and should be protected and secured in accordance with appropriate cybersecurity standards.”). 166 See Safe Connections Notice at 23, para. 55. 167 47 U.S.C. § 345(g). 168 See, e.g., 47 U.S.C. §§ 217, 222(a), 345(d). 169 See Safe Connections Notice at 23, para. 56. We also decline BRETSA’s suggestion that we require covered providers to deliver a 911 call placed by a survivor over the survivor’s separated line with “some indication to the PSAP that the call is from service assigned to an individual escaping an abusive relationship.” BRETSA Comments at 3. We agree with commenters that such a requirement falls outside the scope of the SCA and our implementing rules. See, e.g., CCA Reply at 1 n.2; CTIA Reply at 7; EPIC et al. Reply at 11; NCTA Reply at 10; see also id. at 11 (arguing that implementing BRETSA's proposal would “undoubtedly complicate and likely delay compliance for providers and . . . is not feasible with current 911 systems.”). 170 See 47 U.S.C. § 345(d)(2). 171 See 47 U.S.C. § 345(d)(1); cf. Verizon Comments at 14 (“Accounts subject to [a line separation request] will need to be flagged to ensure that compliance with the rules is memorialized and that customer care and billing systems and employees manage the accounts consistent with the new rules, well after the 90-day document retention period.”); CTIA Reply at 6 (“[T]the retention of some data is necessary to . . . establish and maintain a customer account for wireless service.”). 24 Federal Communications Commission FCC-CIRC2311-02 90 days upon receipt of a legitimate law enforcement request.172 In both cases, we require a covered provider to treat the records it retains as confidential,173 and dispose of such records securely.174 b. Required Options Covered Providers Must Offer to Survivors 45. We now adopt requirements regarding basic categories of information covered providers must make available to, or request from, survivors when granting a line separation request.175 These requirements are intended to streamline the line separation process for covered providers and to maximize the simplicity with which survivors can obtain line separations in a timely manner. First, we codify in our rules the SCA’s requirement that a covered provider inform the survivor, through remote means,176 at the time the survivor submits a line separation request, that the provider may contact the survivor, or the survivor’s designated representative, to confirm the line separation or inform the survivor if the provider is unable to complete the line separation.177 As explained in the Safe Connections Notice, we find that this approach will allow survivors to make an informed choice regarding which contact information and manner of communication is best given their particular circumstances.178 No commenter opposed this approach. 46. Second, for line separation requests submitted by a survivor through remote means, we require covered providers to “allow the survivor to elect in the manner in which the covered provider may—(i) contact the survivor, or designated representative of the survivor, in response to the request, if necessary; or (ii) notify the survivor, or designated representative of the survivor, of the inability of the covered provider to complete the line separation,” which mirrors the SCA.179 We conclude that this requirement simply obligates a covered provider to allow a survivor to select, at the time the survivor submits a line separation request through remote means, the manner the provider must use to communicate with a survivor after the survivor submits the request.180 Among the communication options offered to the survivor, we require a covered provider to include at least one means of 172 See Verizon Comments at 14 (“The systems and processes used to secure and dispose of survivor documentation will need to account for both the statutory 90-day period as well as law enforcement requests that may require retention for a longer period.”). While we permit a covered provider to retain these records for longer than 90 days in response to a legitimate law enforcement request, it still may not provide any records to law enforcement without a valid court order. 173 To be clear, even though the record that verifies that a survivor fulfilled the conditions of a line separation request is not an original record submitted with a request, it must nonetheless be treated as a confidential record. 174 EPIC et al. Comments at 20 (advocating the confidential and secure disposal requirements “apply to any data that a provider has chosen to retain”). 175 See Safe Connections Notice at 25, paras. 62-63; EPIC et al. Comments at 16 (“The Commission should strive to avoid a cumbersome stressful process for applicants to its programs, and as a result, we encourage the Commission to address additional unnecessary barriers so more survivors will benefit from the Commission’s programs.”); id. at 12 (advocating that the Commission “establish parameters to ensure carriers do not frustrate program accessibility and utilization”). 176 We discuss “remote means” below, infra Section III.A.3.b. 177 Safe Connections Notice at 28, para. 72; 47 U.S.C. § 345(c)(2)(A)-(B). 178 Safe Connections Notice at 28, para. 72. We received no comment on these proposals. 179 See Safe Connections Notice at 21, para. 52; 47 U.S.C. § 345(c)(2)(C); see also API-GBV Comments at 5 (expressing support for these provisions, explaining that they will “help survivors maximize their ability to plan for their safety” because it allows them to “know where to check for communications regarding their line separation”); EPIC et al. Comments at 2 (“We support the Commission’s proposals that maximize survivor self-determination and agency, including “survivors designating their preferred means of communication.”). 180 See Safe Connections Notice at 21-22, para. 52. 25 Federal Communications Commission FCC-CIRC2311-02 communication that is a “remote means.”181 We also require covered providers to allow survivors to indicate their preferred language for future communications from among those in which the covered provider currently advertises,182 and deliver any such future communications in the survivor’s preferred language if it is one in which the provider currently advertises.183 Additionally, we require covered providers to ask survivors to provide the appropriate contact information with their requests.184 We decline Verizon’s suggestion that we require a survivor to submit a telephone number and email address with its request for use in contacting the survivor.185 The SCA permits survivors to select the means that covered providers must use to communicate with them, which may or may not be both phone and email. To prevent covered providers from attempting to contact survivors using any other means, we only require survivors to provide contact information for the means they select, unless it is otherwise necessary to provide documentation of a completed line separation request for Lifeline purposes, as discussed below.186 We also prohibit providers from engaging in communications that are not directly related to the line separation request, such as marketing and advertising communications that are not related to assisting survivors with understanding and selecting service options.187 No commenter opposed adoption of these requirements. 47. Third, we require covered providers to allow a survivor submitting a line separation request to indicate their service choices when they are submitting a line separation request. Specifically, we require covered providers to allow a survivor to indicate the service plan a survivor chooses from among all commercially available plans the covered provider offers for which the survivor may be eligible, including any prepaid plans,188 as well as whether the survivor intends to retain possession (and therefore take financial responsibility) of any device associated with a separated line. API-GBV and CCA both supported such a requirement, and no commenter opposed it.189 181 Id. at 29, para. 73. As discussed further below, a “remote means” are those that do not require the survivor to interact in person with an employee of the covered provider at a physical location. 182 See id. at 25, para. 62; API-GBV Comments at 6-7 (recommending that covered providers have the capacity to engage with applicants in the languages they speak). 183 Safe Connections Notice at 29, para. 73; see also EPIC et al. Comments at 14 (supporting a requirement that covered providers “communicate in the survivor’s preferred language if the provider has published marketing materials or conduct[ed] marketing outreach in that language”); Verizon Comments at 15 (“The NPRM’s interpretation of the term ‘remote means,’ with respect to initiating a[ line separation request] and when engaging in follow-up discussions and notifications (including an infeasibility notification), makes sense.”). 184 See Safe Connections Notice at 22, para. 52. 185 See Verizon Comments at 12. 186 See infra Section III.A.3.d. 187 See Safe Connections Notice at 30, para. 76; API-GBV Comments at 7 (supporting our proposal to require covered providers to limit their communications with survivors to those directly related to the line separation request, observing that “unsolicited communications from unknown entities may increase [the survivor’s] anxiety or fear.”); EPIC et al. Comments at 2 (supporting our proposal to prohibit covered providers from subjecting survivors to marketing efforts, explaining that it “support[s] survivors’ self-determination and agency” and “give[s] survivors the ability to take what assistance they need, in the manner they need it, when they need it.”); Appx. A, § 64.6402(j). 188 In the Safe Connections Notice, we tentatively concluded that the full scope of service options includes the ability to “move the line to an existing account of another person with service from the covered provider.” Notice at 25, para. 63. We maintain that covered providers should permit survivors to do this, if feasible, but we find that this is outside the scope of the SCA’s goals and therefore that covered providers are not required to allow survivors to indicate their desire to do this when submitting a line separation request. 189 See API-GBV Comments at 6 (“To maximize the ability of survivors to plan for their safety as it relates to lines of service, API-GBV recommends that covered providers provide all available options for ongoing or new service (continued….) 26 Federal Communications Commission FCC-CIRC2311-02 48. Fourth, as mandated by the SCA,190 we require a covered provider to inform the survivor of the existence of the Lifeline program as a source of support for emergency communications for qualifying survivors, and to include a description of who might qualify for the program and how to participate.191 We require covered providers to provide this information to survivors as part of the line separation request mechanism as we anticipate that having this information may help survivors determine which service plan may suit them best.192 We require covered providers, at a minimum, to inform survivors that their participation in the Lifeline program and the ACP based on their status as survivors will be limited to six months unless they can qualify to participate in Lifeline and/or ACP under the programs’ general eligibility requirements.193 We decline to adopt standardized language regarding the content of this communication as we do not find it necessary at this time.194 We find that our approach provides sufficient guidance to covered providers regarding what information they must include in their communications. We also require covered providers to allow survivors to indicate whether they intend to apply for emergency communications support through the designated program, if available through the provider. 49. Finally, to the extent that a covered provider cannot operationally or technically effectuate certain types of line separations in all instances, we require a covered provider to identify—in a contemporaneous communication to the survivor—which types of line separations the provider cannot perform and state that it cannot perform those separations due to operational or technical limitations. 3. Requirement to Separate Lines Upon Request 50. We codify the SCA’s requirement195 that, for a shared mobile service contract under which a survivor and abuser each use a line, a covered provider must, not later than two business days after receiving a completed line separation request from a survivor, (1) separate the line(s) of the survivor, and the line(s) of any individual in the care of the survivor, from the shared mobile service contract, or (2) separate the line(s) of the abuser from the shared mobile service contract.196 We conclude, as proposed,197 (Continued from previous page) for survivors who’ve submitted a line separation request.”); CCA Comments at 4 (urging the Commission to provide clarity to covered providers regarding the options they must make available to a survivor submitting a request). 190 47 U.S.C. § 5(b)(2)(E). 191 Safe Connections Notice at 29, para. 74; see also infra Section III. C. Because those that enroll in Lifeline are also eligible for the Commission’s other affordability program, the ACP, we require providers to inform survivors that enrolling in Lifeline will enable them to also receive ACP benefits from an ACP provider. 192 Safe Connections Notice at 29, para. 74. 193 See 47 U.S.C. § 5(b)(2)(A)(ii)(II). 194 See NYC ENDGBV Comments at 1-2. 195 See Safe Connections Notice at 13-14, para. 34; 47 U.S.C. § 345(b)(1). 196 We acknowledge the seriousness of concerns raised in the records about dangers to survivors from spyware applications or software installed on a survivor’s device that could remain after a line separation. EPIC et al. Comments at 27-29 (“Stalkerware—phone apps that abusers can use as a tool for invasive monitoring of cell phone or tablet activity—are an increasingly pervasive attack vector favored by abusers.”); NVDH Comments at 2 (“It is also important for victims and survivors to know that their information could still be tracked even after the line separation depending on the cellular device itself or applications that have been downloaded to the device (separate from the wireless carrier).”); Rose Marie Vegara Comments at 3 (noting that abusers will use access to a device’s GPS signal to track survivors and others in the care of the survivor). We find, however, that regulation of such third-party applications and software is beyond the scope of the SCA. We further note providers’ assertions that removal of such applications and software may not be within the control of the covered provider. See, e.g., NCTA Reply at 11 (asserting that “[p]roviders are not stalkerware experts and should not be put in position of managing a customer’s device”); CTIA Reply at 7 (noting that “advising survivors on device setting and third-party applications will, in many instances, be outside service provider representative’s expertise; engagement with additional stakeholders, including device manufacturers and app developers, on this idea or alternative ways to ensure (continued….) 27 Federal Communications Commission FCC-CIRC2311-02 that because the SCA requires covered providers to implement line separation requests from survivors for shared mobile service contracts “under which the survivor and the abuser each use a line,”198 neither the abuser nor the survivor must be the primary account holder for a line separation to be effectuated, regardless of whose line is separated from the account.199 We also find that a person who does not use a line on an account—but is a “survivor” under the statute because the person is someone who cares for another individual against whom a covered act has been committed or allegedly committed—would be able to request a line separation because the definition of “survivor” allows that person to stand in for the individuals in their care.200 51. Below, we clarify covered providers’ obligations under this requirement, and in doing so, we emphasize the importance of survivors’ ability to obtain the line separations of their choosing in a timely manner while recognizing the practical challenges that covered providers may face in effectuating those separations. a. Identity Authentication 52. We first require that covered providers attempt to authenticate, using multiple authentication methods if necessary, that a survivor, or a person in the care of the survivor, requesting a line separation is a user of a specific line or lines,201 and permit covered providers to deny line separation requests when the survivor cannot be authenticated or the provider has a reasonable belief that the request is or may be fraudulent.202 Specifically, when the survivor is the primary account holder or a user designated to have account authority by the primary account holder (designated user), we require covered providers to attempt to authenticate survivors just as they would any other primary account holder or designated user. This means that requests coming from primary account holders and designated users must comply with any other Commission rules that apply to authentication of such individuals, including those related to access to CPNI and the Commission’s rules adopted to address Subscriber Identity (Continued from previous page) survivors are informed, may be warranted.”). However, with respect to carrier-branded apps and software on devices that may enable shared mobile plan account owners to track users’ devices or provide access to customer information through online accounts, we expect covered providers to take all steps necessary to ensure that such apps and software do not enable an abuser to retain access to information about a survivor’s line or device post- separation. See EPIC et al. Reply at 5 (urging the Commission to “investigate “dual-use” apps (e.g. apps that are designed to be used as a family tracker but which abusers could leverage as functional equivalents to stalkerware), especially carrier-branded apps. Each of the three largest carriers offer this functionality, with varying degrees of notice and control to the phone subscriber who is being tracked by the “parental” account. Survivor advocates have observed that these carrier-branded apps can be even harder to remove or disable than third-party stalkerware apps.”). See Safe Connections Notice at 34-35, para. 104 (seeking comment on what steps covered providers might be able to take to remove, or assist survivors with removing, any spyware that an abuser may have installed on devices of the survivor or individuals in the care of the survivor). 197 See Safe Connections Notice at 14, para. 35. 198 Id. (emphasis added). 199 See EPIC et al. Comments at 6 (“We also support the Commission’s proposed interpretation that neither the abuser nor the survivor must be the primary account holder on a group plan for the survivor to be eligible to request a line separation under the Safe Connections Act. An alternative interpretation might exclude survivors whom Congress intended to protect through these programs.”) (footnote omitted); Verizon Comments at 8 (“The Safe Connections Act is designed to ensure that a survivor can quickly separate their or the abuser’s line, regardless of his or her status on the account.”). 200 See Safe Connections Notice at 14, para. 35. 201 See Safe Connections Notice at 18, para. 45. 202 Appx. A, § 64.6402(b). 28 Federal Communications Commission FCC-CIRC2311-02 Module (SIM) swap and port-out fraud.203 When the survivor is not the primary account holder or a designated user, we require covered providers to attempt to authenticate their identity using methods that are reasonably designed to confirm the survivor, or a person in the care of the survivor, is actually a user of the specified line(s) on the account, and that such authentication shall also be sufficient for requesting a SIM change when made in connection with a line separation request.204 We agree with CTIA and CCA that providers may need flexibility to authenticate and therefore we decline to specify or otherwise limit the methods that covered providers can use to authenticate the identity of survivors who are not primary account holders.205 Although we acknowledge that some authentication methods may be less secure than others,206 the record demonstrates that certain methods, such as verification using phone calls or text messages delivered to a survivor’s number or knowledge-based checks using call detail information, may be the only practical means in some instances to authenticate survivors who are not the primary account holder and about whom covered providers have no other information.207 53. Our approach balances our twin goals of maximizing survivors’ ability to obtain legitimate line separations and of preventing fraud.208 On this issue, industry commenters agreed that covered providers should be given flexibility on how to authenticate survivors and their ability to deny individuals who cannot be authenticated.209 Conversely, EPIC et al. asserted that the Commission should 203 See 47 CFR § 64.2010; see Public Release, Protecting Consumers from SIM Swap and Port-Out Fraud, WC Docket No. 21-341, Report and Order and Further Notice of Proposed Rulemaking, FCC 23-XX (rel. Oct. 25, 2023) (Publicly Released Draft SIM Swap and Port-Out Fraud Order); Press Release, FCC, FCC Privacy Task Force Announces Proposed Rules to Protect Consumers’ Cell Phone Accounts (July 11, 2023). 204 To the extent this requirement differs from other authentication requirements, see, e.g., 47 CFR § 64.2010, the line separation authentication requirement we adopt today to implement 47 U.S.C. § 345 serves as an exception to those other requirements. 205 See CTIA Comments at 14 (“[T]he Commission should permit covered providers the flexibility to use any reasonable means to verify the requestors’ authority to separate a line and avoid an overly proscriptive approach.”); CCA Comments at 5-6 (advocating against the Commission adopting a one-size-fits-all approach on the basis that carriers should have flexibility to authenticate identities in the ways that best suit their needs and the needs and expectations of their customer bases). 206 See Safe Connections Notice at 18, para. 45. 207 Verizon Comments at 12 (noting that “providers’ standard authentication processes may not be available or appropriate” for line separation requests); CCA Comments at 6 (explaining that MVNOs, in particular, “may not have information on the identities of all plan members beyond the account holder” and that they therefore “may be working with limited information when it comes to verifying information to authenticate a survivor’s identity”); NCTA Reply at 4 (highlighting authentication by calling or texting a line as successful authentication measures because bad actors would not be able to respond to confirm the separation request); EPIC et al. Comments at 12 (“[P]roviders should be empowered to offer alternative methods of certification in the interest of promoting accessibility and utilization. If providers want to offer additional methods of verification that they believe balance survivor accessibility and consumer protections against fraud, the providers should be free to do so—so long as any one method is sufficient to fulfill a line separation request . . .”). 208 Safe Connections Notice at 17-18, paras. 44-45; see also Implementation of the Telecommunications Act of 1996: Telecommunications Carriers’ Use of Customer Proprietary Network Information and Other Customer Information; IP-Enabled Services, CC Docket No. 96-115, WC Docket No. 04-36, 22 FCC Rcd 6927, 6936-41, 6945-46, paras. 13-22, 33-36 (2007); 47 CFR § 64.2010(b)-(c); see also CCA Comments at 5-6 (“Authentication is important for deterring fraud and abuse, as the Commission has recognized.”). 209 See CCA Comments at 5-6 (“One area where flexibility is especially important for CCA’s members is authentication of the identity of survivors submitting line-separation requests.”); CTIA Comments at 14 (“A covered provider should not be obligated to separate a subscriber’s line if there is no reasonable means to verify the requestor’s authority over the service plan or telephone number. Otherwise, covered providers would be unable to protect the security of subscriber accounts from SIM swap and port-out fraud. Thus, the Commission should permit covered providers the flexibility to use any reasonable means to verify the requestors’ authority to separate a line and avoid an overly proscriptive approach.”) (footnotes omitted); NCTA Reply at 4 (“Providers should have the (continued….) 29 Federal Communications Commission FCC-CIRC2311-02 prioritize survivors’ ability to access and use the line separations process over speculative concerns that the line separations process will be used for fraud.210 We find that the rule we adopt is sufficiently supported by the record and therefore we disagree with CTIA that it is necessary to find a consensus before establishing authentication requirements.211 We also find that the authentication requirement preserves account security by helping to prevent fraudulent account takeovers, protects privacy by preventing unauthorized access to account information, and ensures covered providers have the necessary account information to comply with our rules and the SCA, consistent with the issues the SCA requires the Commission to consider when adopting line separation rules.212 54. We decline NCTA’s request to permit covered providers to call or text lines of those in the care of the survivor that are the subject of the line separation request to confirm that the non-abuser individual “approves the separation request” or otherwise “confirm that the request is valid before approving it.”213 NCTA argues that covered providers “should be permitted to decline to process the line separation request if this verification is not completed (e.g., because the abuser has taken the device associated with the line) and, instead, give the party requesting the separation the option of creating a new account with a new telephone number.”214 As an initial matter, the SCA contemplates that a survivor would be able to separate a line even when the abuser is in possession of the device associated with that line, and therefore we disagree that we should approve of covered providers denying separation requests for those lines in all instances. More significantly, we are concerned that allowing covered providers to attempt verification on other lines may alert abusers about the survivor seeking a line separation at an early stage in the process. This might occur, for example, if the abuser is near to or in possession of the devices associated with those lines, such as if the abuser is with children who are in the care of the survivor while the survivor is elsewhere seeking a separation that includes those children’s lines. We therefore find that these potential threats to survivors and those in their care outweigh the potential fraud prevention benefits of NCTA’s proposed verification process. b. Establishing “Secure Remote Means” for Line Separation Request Submissions 55. We codify the SCA’s requirement that covered providers “offer a survivor the ability to submit a line separation request . . . through secure remote means that are easily navigable, provided that remote options are commercially available and technically feasible.”215 No commenter opposed this requirement, and we elaborate on the various aspects of this requirement below. 56. Secure Means. Consistent with the SCA’s goals to protect the confidentiality of survivor information,216 we adopt requirements regarding the secure submission of line separation requests. First, we conclude that any means a covered provider offers survivors to submit a line separation request, including non-remote means, must be secure. Second, we find that, at a minimum, secure means are (Continued from previous page) ability under the Commission’s rules to implement procedures that are designed to minimize fraud by ensuring that the party requesting the separation is the user of the line to be separated. For this purpose, covered providers should be permitted to use any reasonable authentication measure, such as calling or texting the line to be separated, to confirm that the separation request is authorized.”). 210 EPIC et al. Comments at 15 (“[U]ntil evidence demonstrates the need for stronger fraud prevention to authenticate the identity of a survivor, the appropriate balance is to err on the side of accessibility and utilization.”). 211 CTIA Reply at 2. 212 See Safe Connections Act § 5(b)(1)(B)(i), (ii) & (xiii). 213 NCTA Comments at 7. 214 Id. 215 Appx. A, § 64.6403(a); see Safe Connections Notice at 23, para. 57; 47 U.S.C. § 345(b)(4). 216 See 47 U.S.C. § 345(d). 30 Federal Communications Commission FCC-CIRC2311-02 those that prevent unauthorized disclosure of, or access to, the fact of the line separation request or the information and documentation submitted with the line separation request during the submission process.217 Third, as with the Commission’s CPNI rules218 and the rules we adopt above for confidential treatment and secure disposal of the records survivors submit to covered providers with a line separation request, we conclude that unauthorized disclosure of, or access to, the fact of the line separation request or the information and documentation submitted with a line separation request will be considered evidence in an investigation by the Commission that a covered provider did not provide a “secure” means for submitting the request. We otherwise decline to prescribe specific requirements for what constitutes “secure” with respect to the means of submitting line separation requests,219 but as with our rules governing treatment of line separation records, we expect our approach will incentivize covered providers to adopt best practices for security as they evolve over time. No commenter opposed our adoption of any such requirements.220 57. Remote Means. Although the SCA does not define what constitutes “remote means,” we interpret that phrase in a manner that maximizes survivor flexibility for submitting line separation requests.221 First, we conclude that a “remote means” for submitting a line separation request is a mechanism that does not require the survivor to interact in person with an employee of the covered provider at a physical location.222 No commenter opposed this interpretation. We agree with API-GBV that this interpretation “is particularly important for survivors in remote areas, or in communities in which physically going to a single location might jeopardize a survivor’s safety or confidentiality.”223 As such, requiring survivors to visit a brick and mortar store would not constitute remote means. Conversely, a form on a covered provider’s website with the ability to input required information and attach necessary documents would constitute remote means.224 We also find that submissions via email, a form on a provider’s mobile app, a chat feature on a provider’s website, interactive voice response (IVR) phone calls, fax, and postal mail would constitute remote means.225 Additionally, we conclude that a live telephone interaction, text message communication, or video chat with a customer service representative 217 NYPSC Comments at 2 (“NYPSC . . . urges the FCC to ensure that any information a survivor shares remotely during a line separation request is kept secure and confidential.”). 218 See, e.g., 2007 CPNI Order, 22 FCC Rcd at 6959, para. 63 (“[W]e hereby put carriers on notice that the Commission henceforth will infer from evidence that a pretexter has obtained unauthorized access to a customer’s CPNI that the carrier did not sufficiently protect that customer’s CPNI.”). 219 Verizon Comments at 15 (asserting that prescriptive requirements for line separation request information are unnecessary). 220 See Safe Connections Notice at 24, para. 60. 221 See EPIC et al. Comments at 2 (expressing support for providing survivors with flexibility with the means of submitting line separation requests); NYPSC Comments at 2 (“[T]he FCC should ensure that its rules are broad and flexible to make it relatively easy for survivors to seek the help they may need.”); Rose Marie Vegara Comments at 2-3 (expressing the importance of streamlining policies and procedures to for line separation requests). 222 See Safe Connections Notice at 23, para. 58. 223 API-GBV Comments at 5; see also NYPSC Comments at 2 (agreeing that survivors should be able “to make line separation requests remotely (i.e., not at a physical store location)”); Verizon Comments at 15 (expressing support for the Notice’s interpretation of the term “remote means”); Accessibility Advocacy Organizations Reply at 7 (AAO) (expressing support for the proposed interpretation of remote means). 224 NYS OPDV Comments at 5-6 (expressing that remote means includes submissions via a covered provider’s website). 225 NYS OPDV Comments at 5-6 (asserting that a chat feature, a mobile application, or email constitute remote means); Verizon Comments at 15 (expressing that Verizon considers email and fax to be remote means for its purposes). 31 Federal Communications Commission FCC-CIRC2311-02 would constitute remote means.226 We do not intend this list to be exhaustive as there may be other methods currently available or developed in the future that would not require a survivor to interact in person with an employee of a covered provider at a physical location. Furthermore, to maximize survivor choice, we conclude that covered providers can offer survivors means that are not considered remote as long as the provider does not require survivors to use those non-remote means or make it more difficult for survivors to access remote means than to access non-remote means.227 58. Second, consistent with API-GBV and NYC ENDGBV's requests,228 we require covered providers to offer survivors more than one remote means of submitting a line separation request, and encourage them to offer several means.229 We are concerned that certain remote means may be so obsolete or so novel that they would be difficult for some survivors to access, and that if those means are the only ones a covered provider offers, they would deter survivors from pursuing a line separation. We also anticipate that offering alternative remote means will make line separations more accessible to survivors who may be using different technologies or have different levels of digital literacy.230 We conclude that when Congress directed covered providers to “offer a survivor the ability to submit a line separation request . . . through secure remote means,” the word “means” in this context is ambiguous as to whether providers must offer one or more than one means. Given this ambiguity, and the lack of the singular article “a” before the phrase “secure means,” we interpret “means” as a plural noun. 59. Third, we conclude that the remote means a covered provider offers must allow survivors to submit any necessary documentation, but we permit providers to offer means that allow or require survivors to initiate a request using one method (such as an IVR phone call) and submit the documentation through another method (such as via email). This approach received support in the record and was otherwise unopposed.231 Fourth, we require covered providers to accept documentation in any common format, including, for example, pictures of documents or screenshots.232 We find that this approach will minimize difficulty for survivors seeking line separations. 60. Additionally, consistent with existing statutory and regulatory requirements, we make clear that a covered provider must offer alternative remote means that are accessible by individuals with 226 See Verizon Comments at 15 (listing “live call” as among the means it considers remote); Accessibility Advocacy Organizations Reply at 7 (supporting this conclusion with respect to communications between a person who is deaf, hard of hearing, or DeafBlind and a customer service representative). 227 The SCA seems to contemplate that survivors may submit line separation requests through non-remote means. See 47 U.S.C. § 345(f)(2) (stating that “[i]f a covered provider cannot operationally or technically effectuate a line separation request,” it must “notify the survivor who submitted the request of that infeasibility . . . at the time of the request,” but specifying that, if the survivor submitted the request using remote means, this notification may not be later than two business days after the request is made). 228 API-GBV Comments at 5 (asserting that “[i]deally, covered providers would allow for multiple methods to remotely submit a request”); NYC ENDGBV Comments at 2 (asserting that “[p]roviders should accept requests for line separation in as many forms as possible”). 229 See Safe Connections Notice at 23, para. 57 (seeking comment on how to implement the SCA’s requirement that covered providers offer a survivor the ability to submit a line request through secure remote means that are easily navigable). 230 See id. at 25, para. 62. 231 See Verizon Comments at 15 (specifying that survivors may submit line separation requests using several means, “or some combination thereof”); Accessibility Advocacy Organizations Reply at 7 (supporting a requirement that covered providers offer a means that allows an individual who is deaf, hard of hearing, or DeafBlind to initiate a request using one method and submit documentation through another method). 232 See NY Office for the Prevention of Domestic Violence Comments at 5-6 (“Covered providers should accept documentation in a variety of electronic formats.”). 32 Federal Communications Commission FCC-CIRC2311-02 different types of disabilities.233 The Accessibility Advocacy Organizations highlight the importance of such a requirement, explaining that such individuals are often at increased risk of domestic violence, and therefore that it is critical that they be able to access the protections afforded by the SCA.234 We decline, however, to require that covered providers offer direct video calling (DVC) as a means of submitting line separation requests, as the Accessibility Advocacy Organizations request.235 Although we appreciate that DVC may have benefits for survivors with disabilities who are seeking line separation requests,236 we decline at this time to impose any specific technology given the wide variety of providers and accessible technologies available.237 We instead strongly encourage covered providers to offer the “most accessible and effective services available,”238 such as DVC, whenever feasible. 61. Technically Feasible and Commercially Available Means. No commenter addressed whether secure remote means for submitting line separation requests are currently “technically feasible” and “commercially available,”239 and if not, how long it would take them to be.240 CTIA noted that the Safe Connections Notice appropriately incorporated into the proposed rules the “commercial availability” and “technical feasibility” limitations that apply to certain requirements.241 We observe that the remote 233 See Safe Connections Notice at 25, para. 62; 47 CFR § 14.20(a)(2) (requiring manufacturers of equipment and software used for advanced communications services to ensure that such equipment and software is accessible to, and usable by, individuals with disabilities); 47 CFR §§ 6.3(a)(1)(i), 14.21(b)(1)(i) (requiring carriers to “[p]rovide at least one mode that does not require user vision” to operate a phone or use an account); 47 CFR §§ 6.3(a)(1)(iv), 14.21(b)(1)(iv) (requiring carriers to “[p]rovide at least one mode that does not require user auditory perception” to operate a phone or use an account); 47 CFR §§ 6.3(a)(1)(ix), 14.21(b)(1)(ix) (requiring carriers to “[p]rovide at least one mode that does not require user speech” to operate a phone or use an account); see also Accessibility Advocacy Organizations Reply at 8 (“[T]he Commission already requires the provision of [advanced communications services (ACS)] and telecommunications services to be accessible and usable under its corresponding rules in Part 14 and Part 6 implementing the provisions of Section 716 and Section 255, respectively. Thus, to the extent the means of submitting a line separation request qualifies as either ACS or a telecommunications service, Section 716 and Section 255 provide the Commission ample supplementary authority, in addition to the Safe Connections Act, to ensure that people with disabilities have accessible means for submitting such requests.”); see also Accessibility Advocacy Organizations Reply at 3-4 (explaining that “direct means of text messaging services regularly used by these communities” include “SMS, real-time text, RCS, iMessage for Business, as well as TRS, including video relay service (VRS), IP Relay, IP captioned telephone service, TTY-to-voice, and speech-to-speech relay”). 234 See Accessibility Advocacy Organizations Reply at 2-3 (explaining that “the need for line separation requests disproportionally impacts individuals who are deaf, hard of hearing and DeafBlind more than it does for hearing individuals” and providing statistics showing that individuals who are deaf or hard of hearing are more likely to be victims of sexual harassment, sexual assault, psychological abuse, and physical abuse). 235 See Accessibility Advocacy Organizations Reply at 3-4. Direct Video Calling is a point-to-point video call between two fluent American Sign Language (ASL) users that “enables callers with hearing or speech disabilities to engage in real-time direct video communication in ASL with ASL speakers in a call center operation.” 47 CFR § 64.601(a)(16). Further information on DVC is available at https://www.fcc.gov/direct-video-calling-dvc. 236 See Accessibility Advocacy Organizations Reply at 4-6. 237 The Accessibility Advocacy Organizations submit that many other communications technologies besides DVC exist and are used by deaf, hard of hearing, and deafblind consumers. See Accessibility Advocacy Organizations Reply at 4 (mentioning “TRS, including video relay service (VRS), IP Relay, IP captioned telephone service, TTY- to-voice, and speech-to-speech relay”). We also anticipate that allowing survivors to obtain assistance with completing line separation requests from persons of their choosing may allow survivors with disabilities to rely on individuals with whom they are comfortable and can communicate effectively to complete the request. 238 Accessibility Advocacy Organizations Reply at 3. 239 47 U.S.C. § 345(b)(4). 240 See Safe Connections Notice at 24, para. 59. 241 CTIA Comments at 10-11. 33 Federal Communications Commission FCC-CIRC2311-02 means we identify above are commonly used by commercial entities to interact with consumers and there are technological processes available to make each of those means secure. We also anticipate that many, if not all, of these mechanisms can be modified by covered providers to be used for line separation requests. Accordingly, we find that secure remote means for submitting line separation requests are currently both technically feasible and commercially available, and we anticipate that covered providers will be able to update their systems and procedures to implement use of more than one means before the rules go into effect. 62. Easily Navigable. We next address how the means to submit line separation requests must be “easily navigable.”242 To give covered providers flexibility and ensure they are positioned to request all the information they need to process line separations in a way that is most suitable for their systems, we decline to prescribe the specific format, process, or form covered providers must use for survivors to submit line separation requests, and instead allow covered providers to develop their own mechanisms.243 However, consistent with the record,244 to ensure consistency and predictability for survivors and the individuals and entities that assist them, reduce difficulty for survivors, and give covered providers clarity regarding their obligations, we establish several requirements for the mechanisms that covered providers develop to ensure they are easily navigable for survivors submitting line separation requests. Specifically, we require that the mechanisms: (1) use wording that is simple, clear, and concise; (2) present the information requests in a format that is easy to comprehend and use; (3) generally use the same wording and format on all platforms available for submitting a request; and (4) clearly identify the information and documentation that survivors must include with their requests, including clearly listing what survivors should have on hand when contacting the provider, and allow survivors to easily provide that information. We decline to create or mandate the use of a standardized form as requested by NYC ENDGBV245 as we find that allowing covered providers the flexibility to develop their own approaches while establishing requirements to ensure those mechanisms are easily navigable better balances providers’ expertise with the need to streamline the process for survivors. 242 47 U.S.C. § 345(b)(4); see also Safe Connections Notice at 24-25, paras. 61-62. 243 See CCA Comments at 2 (urging that the Commission “allow flexibility to account for the variations among carriers’ internal systems and resources”); CTIA Comments at 17 (“By adopting outcome-oriented rules, the Commission can support the needs of survivors and the goals of the SCA while ensuring that providers have sufficient flexibility to implement the necessary modifications across their diverse operations.”); NCTA Comments at 1 (“[T]he Commission should give providers the time and flexibility necessary to ensure that the new procedures required by the Act will work as intended to support survivors.”). 244 See API-GBV Comments at 5-6 (“With respect to making the means of request submission ‘easily navigable,’ API-GBV recommends that the final rule include standard elements to be developed across covered providers to provide consistency and predictability about requirements, allowing for improved safety planning with survivor advocates.”); EPIC et al. Comments at 16 (“The Commission should enact regulations designed to reduce friction caused by things like bothersome distractions, lengthy forms, and unnecessary data collection. Prospective program participants in any program are less likely to engage if there is friction in the process of achieving their goal.”); id. at 12 (advocating that the Commission “establish parameters to ensure carriers do not frustrate program accessibility and utilization”); Rose Marie Vegara Comments at 2-3 (“It is important to streamline policies and procedures to provide immediate and respectful assistance to the survivors who are still fearful of the abuser, undergoing a stressful life change, navigating various systems, and trying to re-build their lives.”); CCA Comments at 4 (urging that the Commission make its expectations as clear and simple as possible for such matters as the means for submitting line separation requests, which will help carriers update systems and process effectively and efficiently); NYS OPDV Comments at 5-6 (“We agree with the Commission’s determination that secure, remote means of submitting line separation requests should include an easily accessible form and submission process.”); Verizon Comments at 12 n.23 (“To simplify the [line separation request] process for its customer care representatives and customers, Verizon would endeavor to maintain a single intake format that meets all requirements while deterring fraudulent requests.”); Accessibility Advocacy Organizations Reply at 9-10 (expressing support for provisions to ensure the means for submitting line separation requests are easily navigable). 245 NYC ENDGBV Comments at 1. 34 Federal Communications Commission FCC-CIRC2311-02 Nevertheless, we encourage stakeholders to work together to develop such a standardized mechanism, to the extent one would be useful for covered providers. 63. We also require that the means through which a covered provider permits survivors to submit line separation requests must be available in all the languages in which the covered provider currently advertises its services as well as all formats (e.g., large print, braille, etc.) in which the provider makes its service information available to persons with disabilities.246 We agree with EPIC et al. that a “lack of meaningful language access can further isolation created by an abuser,”247 and conclude that requiring language availability for the means of submitting requests will help alleviate that isolation. We decline, however, to adopt API-GBV’s recommendation that covered providers offer “translated forms and instructions in a minimum of the 10 most commonly used languages in the provider’s covered service area, as well as any other languages (if any) that the provider advertises its services in.”248 We find that such a requirement would be unreasonably burdensome on covered providers, particularly smaller providers, but we encourage all providers to know the predominant languages used in their respective communities and translate their materials into as many different languages as is feasible. At the same time, because we permit survivors to rely on assistance from designated representatives and others to pursue line separations, we anticipate that survivors who speak languages other than those in which a covered provider advertises its services can seek interpretation assistance if necessary.249 c. Processing of Line Separation Requests 64. Implementing Survivors’ Election of Line Separation. Consistent with the statutory language, we interpret the line separation requirement as granting survivors the flexibility to pursue line separations in the manner that is best for their circumstances. We thus conclude, as proposed,250 that the SCA gives survivors discretion to request separation from the account of either the line(s) of the survivor (and the line(s) of any individuals in the survivor’s care) or the line(s) of the abuser, regardless of whether the survivor is the primary account holder.251 We decline to prescribe the circumstances in which 246 See Safe Connections Notice at 25, para. 62; cf. EPIC et al. Comments at 14 (urging the Commission to extend the SCA’s requirement that a covered provider notify survivors in “clear and accessible” language that the provider may contact the survivor about the line separation to any communications between providers and survivors and to interpret the “clear and accessible” language to require that providers communicate in the survivor’s preferred language if the provider has published marketing materials or conducts marketing outreach in that language); NCTA Reply at 11 (“Finally, to the extent the Commission adopts language availability requirements in implementing the Safe Connections Act, the Commission should begin by taking the same approach as in the broadband labeling proceeding. In that proceeding, the Commission required providers to ‘display online and printed labels in English’ and ‘make labels available in any other languages in which the ISP markets its services in the United States.’”). 247 EPIC et al. Comments at 14. 248 API-GBV Comments at 5-6; see NCTA Reply at 10-11 (urging the Commission to eschew API-GBV’s proposal, among others, on the basis that they are “beyond the scope of the SCA and this proceeding”). 249 Cf. API-GBV Comments at 6 (supporting survivors’ ability to rely on assistance from designated representatives to submit line separation requests in part on the basis that survivors whose primary language is not English may need to seek language translation assistance to submit such requests). 250 See Safe Connections Notice at 14, para. 35. 251 The SCA indicates that the survivor can choose whether to request separation of the lines of the survivor (and the lines of any individuals in the survivor’s care) or the line of the abuser. See 47 U.S.C. § 345(c)(1) (“In the case of a survivor seeking to separate a line from a shared mobile service contract the survivor shall submit to the covered provider a line separation request that— . . . (B) in the case of relief sought under subsection (b)(1)(A), with respect to—(i) a line used by the survivor that the survivor seeks to have separated, states that the survivor is the user of that specific line; and (ii) a line used by an individual in the care of the survivor that the survivor seeks to have separated, includes an affidavit setting forth that the individual—(I) is in the care of the survivor; and (II) is the user of that specific line; and (C) requests relief under subparagraph (A) or (B) of subsection (b)(1) and identifies each line that should be separated.”) (emphasis added); see also API-GBV Comments at 3-4 (“Ultimately the decision as (continued….) 35 Federal Communications Commission FCC-CIRC2311-02 survivors may pursue each type of line separation, as CTIA and NCTA request.252 The industry trade groups specifically ask the Commission to dictate that when a survivor is a primary account holder, the abuser’s line must be separated from the shared mobile service contract and that covered providers can process such line separations by canceling the abuser’s line.253 NCTA makes a second request that the Commission stipulate that when a survivor is not a primary account holder, their lines (and the lines of individuals in the survivor’s care) must be separated from the shared mobile service contract.254 In both circumstances, the industry groups assert that they are trying to avoid situations where they have to establish new accounts in the name of the abuser, which they say cannot be done without the abuser’s knowledge and consent, thereby potentially compromising survivors’ safety.255 65. As an initial matter, we find that the industry groups’ requested approaches are contrary to the text of the SCA and disincentivizes covered providers from developing solutions that will allow survivors to obtain the line separations of their choosing, thereby limiting the SCA’s benefits to survivors.256 If Congress had intended to limit the types of line separations a survivor could request in a given circumstance, it could have easily said so. We are particularly unmoved by the suggestion that Congress intended that survivors who are primary account holders must separate the line of the abuser and that the abuser’s line would then be canceled, as this outcome is no different than what primary account holder survivors can achieve now, and would therefore make the SCA’s benefit in this regard superfluous.257 We do not presume to understand all the reasons why a survivor might choose to separate an abuser’s line or their lines and the lines of those in their care, but Congress chose not to limit survivors’ choices and neither do we. (Continued from previous page) to whether to separate the line of the survivor or the line of the abuser will likely depend on future safety and cost considerations for a survivor, and should be left at the discretion of the consumer seeking line separation.”); Verizon Comments at 11 (“Verizon also agrees that survivors have ‘discretion to request separation from the account of either the line of the survivor (and the lines of any individuals in the survivor’s care) or the line of the abuser.’”) (emphasis in original) (quoting Safe Connections Notice at 14, para. 35). 252 See CTIA Comments at 9; NCTA Reply at 6. 253 See CTIA Comments at 9; NCTA Comments at 3-4. 254 See NCTA Comments at 4. 255 See CTIA Comments at 9; NCTA Comments at 4; NCTA Reply at 6. NCTA also expresses concern that in instances when an abuser who is the primary account holder is separated from the shared mobile service contract and the survivor becomes the primary account holder, “the abuser likely would know details about the account such as the PIN or account number that could be used to compromise the survivor’s service after the line separation.” NCTA Comments at 4. However, NCTA does not explain why the covered provider would not allow the survivor, as the primary account holder, to change the PIN to prevent the abuser from accessing the account or use other measures to prevent the abuser from accessing the account. 256 For the same reasons, we decline to find that covered providers have the discretion to determine whether to separate the line of the abuser or the lines of the survivor (and those in the survivor’s care). See Safe Connections Notice at 14, para. 35. 257 See CTIA Comments at 9 (acknowledging that “[w]here the survivor is the account holder, the abuser can be removed from the account at any time with the survivor’s authorization”); CTIA Reply at 6-7 (stating that “in cases where the survivor is the account holder . . . a survivor can already and most effectively separate an abuser’s line from the survivor’s account by simply removing the abuser’s line from the account.”); NCTA Comments at 3-4 (“In most cases, account holders likely already have the ability to cancel a service line on their account without needing to submit a line separation request under the Safe Connections Act.”). The industry groups’ solution effectively forces survivors to cancel their abuser’s service, and could potentially result in the abuser losing their phone number, which may aggravate their abuser at a time when there is already substantial risk of retribution to the survivor from the abuser. See Rose Marie Vegara Comments at 2 (“Survivors are at greatest risk for lethality (i.e., at risk of being murdered by their abuser) when they attempt to separate from or leave their intimate partner.”); Knights Comments at 2 (“[S]tudies show that survivors are at significantly increased risk of harm by their abusers after seeking help.”). 36 Federal Communications Commission FCC-CIRC2311-02 66. Additionally, while we appreciate the practical challenges of effectuating line separations precisely as survivors request, we anticipate that covered providers will be able to address these situations without compromising survivor safety. For instance, covered providers may be able to create a temporary placeholder account and contact the abuser after the line separation has been completed (and the survivor has been notified) to request consent and the necessary information to establish a permanent account.258 Alternatively, covered providers could give survivors advance notice that the provider would need to contact the abuser prior to effectuating the line separation to request the abuser’s consent and necessary account information, and survivors could then choose whether to proceed or select another line separation or account change option.259 Absent these or other solutions that providers may develop, a third option is that covered providers can rely on the operational and technical infeasibility exception established by the SCA and discussed further below.260 NCTA suggests that the Commission dictating survivors’ line separation options is a better approach than allowing covered providers to deny line separations due to operational or technical infeasibility because “[s]urvivors who chose the incorrect option or required further guidance to complete the separation would be forced to engage in additional communications with the covered provider at a time when it may be difficult or even dangerous for a survivor to be involved in such exchanges.”261 While we acknowledge NCTA’s concern, we believe that our requirement that a covered provider state in a contemporaneous communication which types of requests it cannot complete due to operational or technical infeasibility should address the concern. We nevertheless strongly encourage covered providers to strive to develop the means to allow survivors to separate lines as they see fit. 67. We also address the circumstances under which an individual who is “in the care of” a survivor may receive a line separation. As proposed,262 we adopt the same approach for determining who qualifies as “in the care of” the survivor for the purposes of line separation requests as we do for who may be considered someone “who cares for another individual” in the definition of “survivor.”263 Specifically, we conclude that phrase encompasses: (1) any individuals who are part of the same household, as defined 258 Because temporarily suspended numbers are not permanently disconnected numbers, they are not “aging numbers” under the Commission’s rules. See 47 CFR § 52.15(f)(1)(ii) (“Aging numbers” are disconnected numbers that are not available for assignment to another end user or customer for a specified period of time.”); Advanced Methods to Target and Eliminate Unlawful Robocalls, CG Docket No. 17-59, Second Report and Order, 33 FCC Rcd 12024, 12030, para. 15 (2018). Covered providers must ensure that telephone numbers assigned to a user of a shared mobile account and which are the subject of a line separation request remain available to be assigned to the user of that number (i.e., a survivor, an individual in the care of a survivor, or an abuser). 259 Verizon argues that “[i]f a survivor requests that an account owner abuser be removed from an account, in practice this may technically or operationally require the latter to consent to establishment of a new account, undermining Congress’s objective of ensuring the line separation is not visible to the abuser,” and that “[t]he Safe Connections Act envisions that the wireless provider would create a new account for the survivor(s) in those circumstances.” Verizon Comments at n.19. We recognize that in situations where the survivor is not the account holder, it is more likely than not that the survivor will elect to establish a new account (rather than separate the line of the abuser from the existing account) because such a choice will delay notice to the abuser, and in some cases may be the only technical or operational solution available for the covered provider. But, contrary to Verizon’s claim, the SCA does not contemplate that the line separation will be invisible to the abuser in all cases. Rather, the statute expressly contemplates that the primary account holder, who may be the abuser, may be notified about the line separation. See 47 U.S.C. § 345(b)(8). Therefore we disagree with Verizon that the SCA envisions that covered providers would create a new account for survivors who might otherwise seek to separate an abuser who is the primary account holder just so that the separation is not visible to the abuser. 260 See infra paras. 70-74; 47 U.S.C. § 345(f)(1). 261 NCTA Reply at 6. 262 See Safe Connections Notice at 14, para. 36. 263 See supra para. 72. No commenters objected to, or even addressed, our proposed approach and analyses, and we therefore find there is no reason to depart from it. 37 Federal Communications Commission FCC-CIRC2311-02 in section 54.400 of the Commission’s rules;264 (2) minor children of parents or guardians who are survivors even if the parents and children live at different addresses; (3) individuals who are cared for by a survivor by valid court order or power of attorney; (4) and a person over the age of 18 who is financially or physically dependent upon a parent, guardian, or caretaker (e.g., a non-minor child financially dependent on his or her parents or guardians, but who no longer lives at the same address).265 We further find that, unlike the definition of “survivor,” for the purposes of line separation requests, an individual “in the care” of a survivor need not be someone against whom a covered act has been committed or allegedly committed. As we explained in the Safe Connections Notice,266 the SCA defines “survivor” as including an individual at least 18 years old who “cares for another individual against whom a covered act has been committed or allegedly committed,” but it requires covered providers to separate the lines of both the survivor and “any individual in the care of the survivor,” upon request of the survivor.267 As such, we interpret these provisions to mean that covered providers must separate the lines, upon request, of any individual in the care of a survivor without regard to whether a covered act has been committed or allegedly committed against the individual in the care of the survivor.268 Some commenters expressed support for our interpretation and none objected.269 68. Timeline for Processing Line Separation Requests. Recognizing the urgency with which survivors may be seeking line separation requests, we adopt a rule that clarifies the SCA’s requirement that covered providers effectuate line separations not later than two business days after receiving a completed line separation request from a survivor.270 No commenters opposed this approach, although Verizon expressed opposition to a more stringent approach, such as requiring processing “48 hours after receipt.”271 Specifically, we require covered providers to process line separation requests as soon as feasible, but not later than close of business two business days after the day the provider 264 47 CFR § 54.400(h) (A ‘household’ is any individual or group of individuals who are living together at the same address as one economic unit. A household may include related and unrelated persons. An ‘economic unit’ consists of all adult individuals contributing to and sharing in the income and expenses of a household. An adult is any person eighteen years or older. If an adult has no or minimal income, and lives with someone who provides financial support to him/her, both people shall be considered part of the same household. Children under the age of eighteen living with their parents or guardians are considered to be part of the same household as their parents or guardians.”). 265 Appx. A, § 64.6400(m). 266 See Safe Connections Notice at 14, para. 36. 267 47 U.S.C. § 345(a)(6) (defining “survivor”); id. § 345(b)(1)(A) (requiring covered providers to separate the line of the survivor and the line of any individual in the care of the survivor). 268 See Safe Connections Notice at 14, para. 36; Verizon Comments at 9 (“The proposed rules and the NPRM correctly follow the statutory language, including the proposed broad application of the terms ‘survivor’ and ‘individual in the care of a survivor’ eligible to benefit from [a line separation request]”); EPIC et al. Comments at 4 (expressing support for the Commission’s proposal because it “avoid[s] excluding eligible survivors from program participation by . . . including caretakers of survivors among those who can initiate line separation”). 269 See Verizon Comments at 9 (“The proposed rules and the NPRM correctly follow the statutory language, including the proposed broad application of the terms “survivor” and “individual in the care of a survivor” eligible to benefit from an LSR.”); API-GBV Comments at 3 (noting that it “supports the NPRM’s proposal that ‘this phrase should be understood to encompass any individuals who are part of the same household, including adult children, as well as adults who are older, and those who are in the care of another individual by valid court order or power of attorney’”). 270 47 U.S.C. § 345(b)(1). 271 See Verizon Comments at 11-12. We recognize that in some instances, the two-business day standard we adopt will require the line separation to be completed within 48 hours, but that will not always be the case. For instance, when submissions are made on Fridays or during the weekend, a carrier will have longer than 48 hours to effectuate the line separation, though we would encourage them to effectuate it sooner whenever possible. 38 Federal Communications Commission FCC-CIRC2311-02 receives a completed request.272 For example, requests received before midnight at the end of a Monday must be processed no later than close of business on Wednesday. Under our rule, covered providers must take all steps to effectuate line separation requests within the two business day timeframe, including reviewing the request to determine if it is complete and effectuating or rejecting the request.273 We conclude that our rule is consistent with the text and goals of the SCA.274 We define business days as Monday-Friday, 8:00 AM to 5:00 PM, excluding provider holidays, which fulfills requests from industry commenters275 that we incorporate the same definition for business hours that make up a business day as is used in the Commission’s porting rules.276 Notwithstanding the two-business day requirement, we clarify that our “rules do not undermine the Safe Connections Act’s strong incentives for wireless providers to accommodate [line separation requests].”277 Therefore, “[i]f effectuating [a line separation request] is technically infeasible for a particular provider in two business days, but three days is feasible,” the covered provider can rely on the technical infeasibility exception to delay completion of the request rather than denying the request and requiring survivors to start the entire process again,278 as long as the provider notifies the survivor of the status of their request and the expected completion timeline within two business days of receiving the request. 69. We decline to require that covered providers process line separation requests in less than two business days in cases of emergency or extreme hardship for the survivor, as the National Domestic Violence Hotline requests.279 Although we appreciate that some survivors may experience increased urgency for their line separation requests, we agree with NCTA that Congress was likely aware of the hardship that survivors may be facing when it explicitly gave covered providers up to two business days 272 Appx. A, § 64.6402(a); see Safe Connections Notice at 15, para. 37; API-GBV Comments at 3 (“API-GBV strongly supports the NPRM’s clear guidance about the obligation to timely separate a survivors’ line, or an abuser’s line, from shared mobile service contracts within a specific timeline.”). 273 See Verizon Comments at 10-11 (“Once the two business day period is triggered by a complete [line separation request], this will generally ensure that customer care employees have sufficient time to authenticate the survivor’s account status and ensure that the request documentation is complete, in order to timely complete the request or notify the requester of the rejection.”) (emphasis added); CTIA Comments at 15 (“[T]he Commission’s line separation rule should make clear that providers’ two business days’ deadline to implement a line separation request or notify the subscriber of technical infeasibility runs from the date that the provider ‘receiv[es] a completed line separation request from a survivor pursuant to subsection (c),’ which specifies the documentation required for such requests.”); Knights Comments at 1 (expressing support for clarifying the timeline covered providers have to determine whether a request is complete and suggesting short timelines for covered providers to notify requesters of deficiencies in their requests). 274 If the request is complete when it is received, the SCA requires covered providers to effectuate the line separation within two business days and does not contemplate that a provider will have additional time to determine whether the request is complete. See 47 U.S.C. § 345(b)(1). If covered providers must determine whether a request is complete and effectuate it within two business days, we see no reason why they cannot determine whether a request is incomplete and reject it within two business days. 275 CTIA Comments at 15 (“[T]he Commission should incorporate a reasonable rule regarding business hours that make up the business day, as it did for the mandatory number porting interval.”); Verizon Comments at 10-11 (“The Commission should generally apply the term ‘two business days’ similarly to how it has applied the term in the context of number portability, to match a wireless provider’s customer care business hours”); NCTA Reply at 8 (expressing support for CTIA and Verizon’s requested approach and stating that adopting this approach “would provide clarity as well as an additional measure of certainty to both survivors and providers”). 276 See 47 CFR § 52.35(a). 277 Verizon Comments at 10. 278 See id. 279 NDVH Comments at 2. 39 Federal Communications Commission FCC-CIRC2311-02 to complete requests,280 and we otherwise anticipate that it would be difficult for covered providers to accurately determine which requests qualify as emergencies or extreme hardship.281 However, we expect that requiring providers to complete all requests as soon as feasible will prevent undue delay in completion of requests. 70. Operational and Technical Infeasibility. We codify the SCA’s provision that covered providers who cannot operationally or technically effectuate a line separation request are relieved of the obligation to effectuate line separation requests.282 Additionally, we conclude that any line separation a covered provider can complete within two business days under its existing capabilities, as those may change over time, does not qualify as operationally or technically infeasible.283 We conclude that because this provision specifies that covered providers are only relieved of the “requirement to effectuate a line separation request,”284 providers are generally obligated to offer survivors the ability to submit requests for line separations described in the statute, even if the provider may not be able to effectuate such separations in some instances. However, to avoid survivor confusion and minimize the need for communications between covered providers and survivors,285 if a covered provider cannot operationally or technically effectuate certain types of line separations in all instances, we require the covered provider to clearly notify the survivor in its Notice to Consumers286 and through whatever mechanisms survivors are permitted to use to request line separations, which types of line separations the provider cannot perform and state that it cannot perform those separations due to operational or technical limitations. 71. We require covered providers to take reasonable steps to be able to effectuate all types of line separations permitted by the statute, but decline to prescribe when a provider can rely on the operational or technical infeasibility exception.287 We find that the intent and spirit of the SCA’s line separation requirement is that survivors be able to obtain the line separations of their choosing, and the record indicates that covered providers intend to and will be capable of effectuating most line separation requests.288 We therefore think it is appropriate that all covered providers be required to take reasonable 280 For the same reason, we decline requests to require that covered providers process line separation requests within two calendar days. See Rose Marie Vegara Comments at 2; Knights Comments at 1; Boston College Law School Student Reply at 5. 281 See NCTA Reply at n.23 (“[T]here is no basis for mandating an accelerated time frame for ‘emergency’ requests. . . . Congress plainly was aware that customers requesting a line separation likely are facing difficult circumstances, but there is nothing in the statute that requires, or even suggests, that Congress intended for the Commission to adopt distinct requirements for ‘emergency’ situations, nor is there any basis in the legislation for identifying what type of situations would qualify for such treatment.”). 282 Appx. A, § 64.6402(d); see Safe Connections Notice at 15, para. 39; 47 U.S.C. § 345(f)(1); see also CTIA Comments at 10-11 (“In recognition of [] technical and operational challenges, the SCA recognizes that certain requirements should be tied to ‘commercial availability’ and ‘technical feasibility.’ In the NPRM, the Commission appropriately incorporates these standards into its proposed line separation rules.”) (footnote omitted). 283 See Safe Connections Notice at 15-16, para. 40; NCTA Reply at 9 (expressing support for this standard). 284 47 U.S.C. § 345(f)(1). 285 See NCTA Reply at 6 (explaining that survivors could be confused or forced to engage in additional communications with covered providers if they are given line separation options that are not feasible for the covered provider). 286 See infra Section III.A.4. 287 See Safe Connections Notice at 15, para. 39. A suggestion that covered providers could receive a tax credit for upgrading their systems is outside the scope of this proceeding. See Rose Marie Vegara Comments at 3. 288 See Safe Connections Notice at 15-16, para. 40; CCA Comments at 6-7 (“CCA’s members generally expect that it will be feasible for them to effect line separations . . .”); NCTA Comments at 3 (“NCTA’s members want to perform line separations when requested consistent with the spirit and intent of the Act.”); Verizon Comments at 14 (continued….) 40 Federal Communications Commission FCC-CIRC2311-02 steps to be able to effectuate all types of line separations. However, given the significant differences in covered providers’ processes and systems, we conclude that we cannot categorically define which types of line separations qualify as operationally or technically infeasible and that the better course of action is to give providers flexibility to make such determinations.289 We nevertheless expect that all covered providers will be able to effectuate at least some types of line separations.290 72. We also codify the SCA’s requirement that a covered provider that cannot operationally or technically effectuate a line separation request must: (1) notify the survivor who submitted the request of that infeasibility, and (2) provide the survivor with information about alternatives to submitting a line separation request, including starting a new account for the survivor.291 We require covered providers to explain in the notification the nature of the operational or technical limitations that prevent the provider from completing the line separation as requested and any available alternative options that would allow the survivor to obtain a line separation.292 Consistent with the SCA, we require a covered provider to notify a survivor of any rejection of a line separation request as a result of operational or technical infeasibility at the time of the request, or for a request made using remote means, not later than two business days after the covered provider receives the request.293 Covered providers shall deliver these (Continued from previous page) (“Verizon expects that its existing practices will achieve compliance with the statute for many [line separation requests . . .”). 289 See Verizon Comments at 4 (“Flexible, non-prescriptive rules for processing [line separation requests] will best serve survivors’ and Congress’s interests; the Commission should not attempt to exhaustively define technical or operational infeasibility given the different IT systems, billing and number management practices in the industry.”); NCTA Reply at 9 (“The Commission’s rules should not attempt to define technical or operational infeasibility. Different IT systems, billing systems and policies, and number management practices are used by different companies across the industry. Accordingly, allowing each covered provider to reasonably determine what constitutes infeasibility with respect to line separation requests would be the best policy.”) (footnote omitted); CTIA Comments at 2 (arguing that because the line separation requirement “will require wireless providers to make significant changes to their existing and unique systems, processes, and training programs,” the Commission should “[a]void overly prescriptive obligations by incorporating the SCA’s “commercial availability” and “technical feasibility” standards” for the line separation obligation); id. at 10 (asserting that a “one-size-fits-all” approach would undermine rather than support providers’ ability to efficiently and effectively meet survivors’ needs); CCA Comments at 5 (“The Safe Connections Act recognizes in multiple sections that not all carriers will have the same technical and operational capabilities, and it directs the Commission to consider those issues in its rulemaking.”) (footnote omitted). 290 As we noted in the Safe Connections Notice, there is evidence that covered providers already have some ability to effectuate line separations. See Safe Connections Notice at 15-16, para. 40 (citing T-Mobile, Transfer account or line ownership, https://www.t-mobile.com/support/account/transfer-account-or-line-ownership (last visited Feb. 13, 2023) (“[A]ccount holders can let another person take ownership of an existing T-Mobile line or account.”); AT&T, Transfer billing responsibility, https://www.att.com/support/article/wireless/KM1045265/ (last visited Feb. 13, 2023) (“You can transfer one line or multiple lines on the same account.”); Verizon, Transfer mobile numbers between Verizon accounts FAQs, https://www.verizon.com/support/transfer-your-service/ (last visited Feb. 13, 2023) (“Learn how to transfer a line of service between Verizon mobile accounts.”); Republic Wireless, How to Split Your Account, https://help.republicwireless.com/hc/en-us/articles/4413579144599-How-to-Split-Your-Account (last visited Feb. 13, 2023) (“Keep one or more existing service line(s) on a Legacy plan and upgrade other existing service lines (s) to a 5.0 plan”)). 291 47 U.S.C. § 345(f)(2); Safe Connections Notice at 29-30, para. 75; Appx. A, § 64.6402(d); see generally API- GBV Comments at 7 (supporting the Commission’s proposed approach). The SCA uses the phrase “starting a new line of service” which is ambiguous. A new line, if made on the same shared account with the abuser, would not accomplish Congress’s goal of ensuring survivors “establish[] independence from . . . abuser[s].” Safe Connections Act of 2022, Pub. L. No. 117-223, § 3(2), 136 Stat. 2280, 2280 (2022). We thus understand this phrase to describe starting a new account for the survivor, which we believe accords with Congress’s intent. 292 Safe Connections Notice at 30, para. 75; Appx. A, § 64.6402(d). 293 Safe Connections Notice at 30, para. 75. 41 Federal Communications Commission FCC-CIRC2311-02 notifications in the manner of communication selected by the survivor at the time of the request and in the language selected by the survivor, if applicable.294 Verizon encourages the Commission to permit providers to give “short plain-English explanations” regarding the nature of a operational or technical limitation preventing the processing of a line separation.295 While we agree with Verizon that covered providers should not overwhelm survivors with technical explanations, we do require providers to give survivors as much information about the operational or technical limitation as will allow them to make informed decisions about what to do next, such as, e.g., revise their request, initiate a new request, or seek other options.296 73. We conclude that covered providers must offer, allow survivors to elect, and effectuate any available alternative options that would allow survivors to obtain a line separation. This proposal was unopposed in the record. For example, if a covered provider is not able to separate an abuser’s line from an account because the abuser is the primary account holder, but can separate the survivor’s line from the account, the provider must offer that alternative. Likewise, if a covered provider is not capable of processing a line separation request in the middle of a billing cycle but can do so at the end of the billing cycle, the provider must offer that.297 This approach maximizes the benefits of the line separation requirement and helps prevent survivors from being forced into a less desirable alternative. We find that the approach we take here achieves the goals of the SCA without placing undue costs and burdens on covered providers. 74. Finally, we also require covered providers to deliver a clear and concise notification to survivors, within two business days after receiving the request, if a line separation request is rejected for any other reason, and such notification must include the basis for the rejection and information about how the survivor can either correct any issues, submit a new line separation request, or select alternative options to obtain a line separation, if available.298 75. Resubmissions. To ensure that survivors making legitimate line separation requests can receive timely relief, we conclude that any corrections, resubmissions, or selected alternatives for obtaining a line separation submitted by survivors following a denial should be treated as new requests and therefore must be processed by covered providers as soon as feasible, but not later than close of business two business days after the provider receives the request.299 We agree with EPIC et al. that “[t]ime may be of the essence when a survivor initiates the line separation request, and there is no reason a provider expected to respond within two days of the initial submission cannot respond within two days for subsequent submissions.”300 76. Measures to Stop Abusers from Preventing Survivors from Obtaining Line Separations. We are concerned that some abusers may take preemptive steps to prevent survivors from obtaining line 294 See infra Section III.A.2.b. 295 Verizon Comments at 17-18. 296 We find insufficient, for example, Verizon’s proposed approach that covered providers merely state that “Approach #1 won’t work,” without giving more information as to the cause. Verizon Comments at 17-18. 297 Verizon explains that “in some cases, a wireless provider may not be able to create a new account for a survivor without initially applying certain financial obligations as part of the account setup” and argues that “as long as those obligations are promptly waived by the system or the customer service employee after the new account is created, Congress’s objective is met.” Verizon Comments at 10. We agree; however, in such instances survivors must not be required to take additional steps for such financial obligations to be waived; the wavier must be automatic. 298 Appx. A, § 64.6402(e); Safe Connections Notice at 30, para. 75; see API-GBV Comments at 7 (supporting this approach). 299 See Appx. A, § 64.6402(f); Safe Connections Notice at 15, para. 38; EPIC et al. Comments at 14. 300 EPIC et al. Comments at 14. 42 Federal Communications Commission FCC-CIRC2311-02 separations, particularly if an abuser becomes aware of a survivor’s attempt to separate a line.301 We reiterate our conclusion in the Safe Connections Notice that the SCA requires covered providers to complete non-fraudulent line separations as long as the request provides the information required or permitted by the statute and our implementing rules, subject to operational and technical feasibility. Accordingly, we implement rules to ensure survivors can obtain line separations notwithstanding abusers’ efforts to prevent them from doing so. First, to stop an abuser or other user from removing the survivor’s access to the line before the request is processed, we require covered providers to lock an account to prevent all SIM changes, number ports, and line cancellations (other than those requested as part of the line separation request pursuant to section 345 and our rules) as soon as feasible after receiving a completed line separation request from a survivor, and until a request is processed or denied.302 Second, given evidence in the record that abusers may seek to exert control over survivors303 and to ensure that account locks do not become an avenue for perpetuating abuse and other crimes, we require covered providers to effectuate line separations, and any number port304 and SIM change requests made by the survivor as part of the line separation request, regardless of whether an account lock is activated on the account. There is some evidence in the record that stalkerware apps and spyware can be used to further endanger survivors, and we think it is reasonable to conclude that some survivors may request a SIM change so they can keep their separated number, but use a new device, for safety reasons.305 Finally, in situations where any customer other than the survivor requests that the covered provider stop or reverse a line separation on the basis that the line separation request was fraudulent, covered providers must complete or maintain any valid line separation request and make a record of the customer’s complaint in the customer’s existing account and, if applicable, the customer’s new account, in the event further evidence shows that the request was in fact fraudulent.306 We conclude that our approach here best balances the importance of account protection measures to prevent fraud with the goal of ensuring survivors can obtain legitimate line separations.307 301 See Safe Connections Notice at 34-35, para. 104; see also NDVH Comments at 1 (“Those who choose to cause harm will use anything, including technology, within their reach to further isolate, harass, control and abuse their victims. The pervasive issue of domestic violence, and the fact that technology, especially wireless communication, and smart phones, continues to become a larger part of our daily life and activities, means that abusive partners are going to misuse technology to cause harm.”). 302 Appx. A, § 64.6402(k); API-GBV Comments at 8 (“API-GBV further agrees that covered providers should lock an account to prevent all SIM changes, number ports, and line cancelations as soon as possible and no more than 12 hours after receiving a line separation request from a survivor, to prevent the abuser or other users from removing the survivor’s access to the line before the request is processed.”). 303 NDVH Comments at 1 (explaining that abusers “will use anything, including technology, within their reach to further isolate, harass, control and abuse their victims.”); EPIC et al. Comments at 3 (“An abusive partner can attempt to exert control over a survivor in various ways”); Rose Marie Vegara Comments at 2 (describing how abusers exert control over survivors); Boston College Law Student Reply at 2 (“Through manipulation, threats, and stalking behaviors, abusers can exert an extreme amount of control to keep survivors from leaving.”). 304 As a practical matter, we anticipate that covered providers will need to complete number ports after the line separation is effectuated, and therefore account locks that existed prior to the separation may not apply to those requests. See infra Section III.A.7. 305 See EPIC et al. Comments at 26-30; EPIC et al. Reply at 8-9; see also Written Testimony of Thomas E. Kadri, U.S. House Committee on Energy and Commerce, Subcommittee on Communications and Technology, Hearing on “Strengthening our Communications Networks: Legislation to Connect and Protect,” May 24, 2022, at 5 (Kadri Testimony) (“Stalkerware and other apps that reveal communications or location data usually require abusers to gain physical access to a device for their installation or activation. . . .”). 306 Appx. A, § 64.6402(m). 307 No industry commenters raised any technical, operational, or other concerns with implementing these procedures. 43 Federal Communications Commission FCC-CIRC2311-02 77. Notification to Primary Account Holders and Abusers. As contemplated by the SCA, we require a covered provider to inform a survivor who has submitted a line separation request, but who is not the primary account holder, of the date on which the covered provider intends to give any formal notification to the primary account holder.308 We also require covered providers to inform survivors of the date the covered provider will inform the abuser of a line separation, cancellation, or suspension of service, involving the abuser’s line to the extent such notification is necessary.309 We require covered providers to give such notice to the survivor as soon as is feasible after receiving a completed line separation request.310 As API-GBV notes, by informing survivors of the date the abuser will learn of the line separation, covered providers will give survivors an opportunity to “do relevant and timely safety planning.”311 We prohibit a covered provider from notifying an abuser who is not the primary account holder when the lines of a survivor or an individual in the care of a survivor are separated from a shared mobile service contract.312 By limiting the scope of when covered providers may notify abusers of line separations, we acknowledge the concerns of multiple commenters who stress that “[o]ne of the most dangerous times for a victim is when they are attempting to leave an abusive situation and the abuser becomes aware of their intent.”313 We also prohibit a covered provider from notifying a primary account holder, or an abuser who is not a primary account holder, of a survivor’s request for a SIM change when made in connection with a line separation request pursuant to section 345. We decline to require covered providers to further delay notification to a primary account holder or abuser whose line is being separated, as proposed by some commenters,314 though we permit and encourage covered providers to do so if operationally feasible. As some commenters have noted, a line separation request involving the separation of the abuser’s line may require the abuser to become financially responsible for the line immediately following the separation, or to give consent to open a new account.315 In such situations, the covered provider may need to inform the abuser immediately upon or before separating the abuser’s line, making a notification delay infeasible.316 In implementing processes to ensure that primary account holders and, when necessary, abusers, are not notified about line separations until the date that the covered provider has provided to the survivor, we emphasize that covered providers should be mindful of their existing internal systems and processes that may cause some or all account users to receive automatic notifications about account activity, which may serve as de facto notifications about the line separation request. 308 47 U.S.C. § 345(b)(8); id. § 5(b)(1)(B)(iv); Appx. A, § 64.6402(g); Safe Connections Notice at 31, para. 78. 309 Appx. A, § 64.6402(g); Safe Connections Notice at 31, para. 78. 310 Appx. A, § 64.6402(g). 311 API-GBV Comments at 7; NDVH Comments at 2 (explaining that giving the survivor “an exact timeline for when that notification [to an abuser] will take place is critical in ensuring the safety of a survivor”). 312 Appx. A, § 64.6402(h). 313 NDVH Comments at 2; Boston Coll. L. Student Comments at 8 (“If [survivors] act on their desire to leave, even just by taking the initial step of reaching out for help, survivors may be hurt or killed by their abuser, their kids or other family members and friends may be hurt or killed, they may be ruined financially, or any other of a multitude of outcomes could occur.”). 314 See API-GBV Comments at 7-8 (suggesting that we require covered providers to wait 21 to 30 days after the approval of a line separation request to give notice to abusers of changes to an abuser’s service or billing so that survivors may have sufficient time to plan for their safety); EPIC et al. Comments at 18-19 (suggesting a notification delay, and recommending requiring covered providers to permit survivors to decide the timeframe). 315 See CTIA Comments at 9; Verizon Comments at 11 n.19. Indeed, as previously mentioned, the SCA prohibits covered providers from holding survivors financially responsible for the abuser’s line once the covered provider has separated it from the shared account. 47 U.S.C. § 345(b)(6); see also id. § 5(b)(1)(B)(x). 316 See 47 U.S.C. § 345(b)(1). 44 Federal Communications Commission FCC-CIRC2311-02 d. Documentation of Completed Line Separation Request Submission 78. We require covered providers to provide a survivor with documentation that clearly identifies the survivor and shows that the survivor has submitted a legitimate line separation request under section 345(c)(1) and the Commission’s rules317 upon completion of the providers’ line separation request review process.318 The SCA limits access to “emergency communications support” in the designated program to those survivors that meet the requirements of section 345(c)(1) and that are experiencing financial hardship, regardless of their ability to otherwise participate in the designated program.319 As such, survivors will require documentation demonstrating their submission of a legitimate line separation request to enroll in Lifeline, as the designated program, and receive support. Although no commenter offered specific suggestions about the type of information that should be included in this documentation to process a request for Lifeline support, we rely on the Commission’s substantial experience managing its affordability programs to determine an appropriate approach. Specifically, regarding survivor identity, we require that the documentation include the survivor’s full name and confirmation that the covered provider authenticated the survivor as a user of the line(s) subject to the line separation request.320 We further require that covered providers give survivors this documentation even if the line separation request could not be processed due to operational or technical infeasibility, as long as the survivor submitted a completed request in accordance with the requirements of section 345(c)(1) and the Commission’s rules. We observe that entry into the emergency communications program is not limited to only those survivors who successfully obtain a line separation, but rather to those who satisfy the requirements of section 345(c)(1) and are experiencing financial hardship.321 Finally, we require covered providers to provide this documentation to survivors in a manner that would allow the survivor to share that documentation with USAC when the survivor seeks Lifeline support pursuant to the SCA.322 Accordingly, covered providers must provide the documentation in a written format that can be easily saved and shared by a survivor, such as an electronic notice delivered over email, information in a survivor’s new account that can be easily downloaded or captured via a screenshot, some method of text messaging that can be easily captured via screenshot, or regular mail delivered to an address designated in the request. Telephonic delivery of this notice is insufficient, as it will not allow the survivor to confirm that they complied with the requirements of the line separation process. Covered providers should deliver this documentation via the means selected by the survivor for communications regarding the line separation request,323 to the extent such means satisfy both requirements. We acknowledge, however, that depending on the methods a survivor chooses for communications with a covered provider regarding the line separation request, covered providers may not have contact information that would allow them to send certain written documentation, and we permit providers to request contact information only for the purpose of providing this documentation for Lifeline enrollment under the SCA. 317 See 47 U.S.C. § 345(c)(1); supra Section III.A.2.a. 318 Appx. A, § 64.6402(n); see Safe Connections Notice, at 58, paras. 163-64. 319 Safe Connections Act § 5(b)(2)(A)(ii). 320 Appx. A, § 64.6402(n). 321 Safe Connections Act § 5(b)(2)(A)(ii). 322 Appx. A, § 64.6402(n). 323 See supra Section III.A.2.b (discussing implementation of the SCA’s requirement that covered providers to “allow the survivor to elect in the manner in which the covered provider may—(i) contact the survivor, or designated representative of the survivor, in response to the request, if necessary; or (ii) notify the survivor, or designated representative of the survivor, of the inability of the covered provider to complete the line separation,” which mirrors the SCA”). 45 Federal Communications Commission FCC-CIRC2311-02 e. Employee Training 79. We conclude that all covered provider employees who may interact with survivors regarding a line separation request must be trained on how to assist them or on how to direct them to other employees who have received such training.324 Industry commenters stressed the need for flexibility regarding employee training requirements to account for differences in provider resources, customer bases, and systems.325 Moreover, NCTA noted that “avoiding prescriptive rules also would reduce the implementation burdens associated with the new requirements.”326 We believe that a flexible approach to training and customer service will best allow providers, particularly small providers, to account for differences in operational capabilities, resources, service models, and customer bases, and as such, we decline to adopt more prescriptive requirements regarding training of employees. Verizon noted that it “maintains a group of customer care employees specially trained to handle the sensitivities surrounding [line separation requests] from domestic violence survivors and to walk the survivors through the secure process of documenting the abuse, establishing a new account (or removing an alleged abuser from an existing account), selecting a service plan and, where requested, facilitating a number change or port out.”327 While we applaud Verizon’s efforts and urge covered providers to consider a similar approach, we decline to mandate that every covered provider maintain specialized staff to address survivor line separation requests, as API-GBV suggests.328 The record reflects that not all providers, particularly small providers, may have the operational capabilities or resources to establish specialized units of staff.329 4. Notice to Consumers 80. As proposed in the Safe Connections Notice,330 we require covered providers to provide a “Notice to Consumers” with information about the options and process for a line separation request made readily available to all consumers through the provider’s public-facing communication avenues. We specifically incorporate the SCA’s requirement that covered providers “make information about the options and process” regarding line separations “readily available to consumers: (1) on the website and the mobile application of the provider; (2) in physical stores; and (3) in other forms of public-facing consumer communication”331 for this “Notice to Consumers.”332 The record reflects that the Notice to Consumers should be available in an “easy to find,” “prominent,” or “obvious” place on provider 324 Appx. A, § 64.6408. 325 CCA Reply at 4 (“Flexible rules will enable wireless providers to comply and make necessary technical and operational updates in a manner best adapted to their service model, customer base, and available resources.”); Verizon Comments at 18-19 (urging that “[t]his same flexibility should extend to any training requirements so that wireless providers can adapt their training policies and practices for the LSR process to their own business and customer care models”); NCTA Reply at 10 (“Providers should be able to craft employee training and customer notification and outreach programs that are tailored to their operations and customer bases. Affording providers such flexibility would benefit survivors by enabling service providers to customize their materials and programs in ways that experience has taught will be most effective in providing clear communications to consumers.”). 326 NCTA Reply at 10. 327 Verizon Comments at 2-3. 328 See API-GBV Comments at 6 (suggesting that covered providers be required to have “specialized units of staff that survivors and their representatives can access”). 329 CCA Reply at 3-4 (noting that “not all carriers will have the same technical and operational capabilities, and that the FCC should consider those differences in developing implementing rules with a particular emphasis on what is feasible for smaller carriers”). 330 Safe Connections Notice at 26, para. 66. 331 47 U.S.C. § 345(e); see also Safe Connections Notice at 26-28, paras. 66-71. 332 Appx. A, § 64.6406. 46 Federal Communications Commission FCC-CIRC2311-02 websites and applications,333 and as such, we require covered providers to place the Notice to Consumers, or a prominent link to it, on a support-related page of the website and mobile application of the provider, such as a customer service page.334 We agree with Verizon and NCTA that adopting a flexible, rather than a one-size-fits-all, requirement for the placement of the Notice to Consumers on provider websites and applications enables the wide variety of covered providers to display it in the way that is most suitable to their customers,335 and find that our approach here strikes the right balance between being minimally prescriptive and ensuring that there is some consistency between covered providers’ practices. In physical stores, we permit covered providers to make the Notice to Consumers readily available via flyers, signage, or other handouts,336 and require covered providers, at a minimum, to ensure that any materials containing the Notice to Consumers in-store are clearly visible to consumers and accessible.337 We also require covered providers to provide the Notice to Consumers in-store in all languages in which the provider advertises within that particular store and on its website in all languages in which the provider advertises on its website, and in all formats (large print, braille, etc.) that the provider uses to make its service information available to persons with disabilities.338 Commenters take no direct issue with this approach for the in-store or website Notice to Consumers.339 81. We decline at this time to provide more specific guidance regarding the SCA’s requirement that covered providers make the Notice to Consumers readily available “in other forms of public-facing consumer communication.”340 We received no comment regarding what other forms of communication covered providers employ and how such providers should make the Notice to Consumers readily available through those avenues.341 Given the wide variety of communication methods that could fall within this category, and the lack of record received from industry and consumer stakeholders, we conclude the best approach is to preserve the flexibility of covered providers to determine how best to communicate the Notice to Consumers beyond their websites and stores. We may revisit this approach in the future should we determine that covered providers are not doing enough to apprise consumers of their rights under the SCA. 333 See API-GBV Comments at 7 (“A prominent link on a covered provider’s customer service page or support section . . . should be sufficient to meet the SCA’s requirements.”); NYC ENDGBV Comments at 2 (“[I]nformation about line separation should be easy to find on a provider’s website and mobile application . . . .”); Verizon Comments at 15 (suggesting that a “Support” or “Customer Service” page may be a more obvious—and thus appropriate—place than the home page for a link to line separation-related information). 334 Appx. A, § 64.6406; see Safe Connections Notice at 27, para. 67. API-GBV suggests that we require providers to include links to other victim-related resources, such as the National Domestic Violence Hotline, or National Sexual Assault Hotline. See API-GBV Comments at 7. We decline to do so as this is outside the scope of the requirements of the SCA. 335 Verizon Comments at 15; NCTA Reply at 10. 336 See Verizon Comments at 16 (asserting that because many brick-and-mortar retail stores “are neither owned by service providers nor staffed directly by company employees,” and “may offer services and plans for multiple providers,” the Commission should permit providers to be flexible with regard to how the Notice is given in-store). 337 Appx. A, § 64.6406; Safe Connections Notice at 27, para. 68; 47 U.S.C. § 345(e)(2). 338 Appx. A, § 64.6406; Safe Connections Notice at 27, para. 68. 339 NYC ENDGBV Comments at 2 (“Information should be available in as many languages as possible.”); NCTA Reply at 11 (suggesting that covered providers should make communications regarding the Safe Connections Act “available in [English and] any other languages in which the [provider] markets its services . . .”). 340 47 U.S.C. § 345(e)(3). 341 Safe Connections Notice at 27, para. 69. 47 Federal Communications Commission FCC-CIRC2311-02 82. Consistent with the SCA,342 we require covered providers to include in the Notice to Consumers, at a minimum, an overview of the line separation process that we adopt today; a description of survivors’ service options that may be available to them;343 a statement that the SCA does not permit covered providers to make a line separation conditional upon the imposition of penalties, fees, or other requirements or limitations;344 and at least basic information concerning the availability of the Lifeline support for qualifying survivors.345 We decline to adopt the suggestion of the NYC ENDGBV that we “require standardized language to explain the entire process of line separation to survivors,”346 as we find it is most appropriate to allow covered providers to tailor the Notice to Consumers to their services, operations, and systems. By permitting some flexibility in how covered providers communicate the Notice to Consumers, covered providers may give detail regarding how their particular customers may request a line separation. Additionally, given the variety of platforms and media on which the Notice to Consumers will be published, this flexibility will give covered providers the leeway to optimally design the notice for each communication method. 5. Prohibited Practices in Connection with Line Separation Requests 83. We adopt our proposal to codify the provisions of the SCA prohibiting covered providers from making line separations contingent on: (1) payment of a fee, penalty, or other charge; (2) maintaining contractual or billing responsibility of a separated line with the provider; (3) approval of separation by the primary account holder, if the primary account holder is not the survivor; (4) a prohibition or limitation, including payment of a fee, penalty, or other charge, on number portability, provided such portability is technically feasible, or a request to change phone numbers; (5) a prohibition or limitation on the separation of lines as a result of arrears accrued by the account; (6) an increase in the rate charged for the mobile service plan of the primary account holder with respect to service on any remaining line or lines; or (7) any other requirement or limitation not specifically permitted by the SCA.347 We agree with Verizon that the SCA’s “restrictions on various rates, terms, and conditions of service are largely self-executing and self-explanatory,” and commenters generally support our approach in interpreting these provisions of the SCA.348 We provide further guidance on these prohibitions, as necessary, below. 84. Fees, Penalties, and Other Charges. We adopt the SCA’s prohibition on making a line separation contingent on payment of a fee, penalty, or other charge.349 As explained in the Safe Connections Notice, and supported by the record,350 we conclude that this clause would prohibit covered providers from enforcing any contractual early termination fees triggered by the line separation request, if the line separation request was made pursuant to section 345, regardless of whether a survivor continues 342 47 U.S.C. § 345(e). 343 See API-GBV Comments at 7. 344 Safe Connections Notice at 27, para. 70. 345 Appx. A, § 64.6406; Safe Connections Notice at 28, para. 71; see generally API-GBV Comments at 7 (recommending that the Notice to Consumers should at least “generally describe survivors can request a line separation, and explain alternative options that survivors can choose to obtain a line separation”). We discuss our designation of the Lifeline program for emergency communications support for qualifying survivors below, see infra Section III.C. 346 NYC ENDGBV Comments at 1-2, 16-17. 347 Safe Connections Notice at 31, paras. 79-89; 47 U.S.C. § 345(b)(2). 348 See API-GBV Comments at 6; Verizon Comments at 20 (“The Safe Connections Act’s restrictions on various rates, terms and conditions of service are largely self-executing and self-explanatory.”). 349 47 U.S.C. § 345(b)(2)(A); Appx. A, § 64.6404(a). 350 See API-GBV Comments at 8; Verizon Comments at 20. 48 Federal Communications Commission FCC-CIRC2311-02 to receive service from the provider as part of a new arrangement upon a line separation or ceases to receive service from the provider. We make this explicit in our rule implementing this provision. 85. Number Portability and Number Changes. We incorporate into our rules the SCA’s prohibition on conditioning a line separation on the customer maintaining service with the provider (provided that such portability is technically feasible).351 We interpret the SCA’s prohibition on number portability restrictions and fees in relation to a line separation request as requiring covered providers to permit both the party remaining on an account and the party separating from an account to port their numbers, without fees or penalties, provided such portability is technically feasible.352 Likewise, we incorporate into our rules the SCA’s provision that prevents a covered provider from prohibiting or limiting a survivor’s ability to request a phone number change as part of a line separation request, as proposed.353 As we explained in the Safe Connections Notice, a survivor who is the primary account owner requesting separation of an abuser’s line from the account might want to keep the account to maintain any promotional deals, complete device pay-off, or avoid early termination fees, but change a telephone number for safety purposes.354 We conclude that this provision of the SCA bars covered providers from prohibiting such telephone number change requests or attaching a fee or penalty for doing so. 86. Rate Increases. We incorporate in our rules the SCA’s provision that prohibits covered providers from making line separations contingent on a rate increase for the primary account holder’s plan with respect to service on any remaining line or lines,355 although a covered provider is not required to provide a rate plan for the primary account holder that is not otherwise commercially available.356 As proposed in the Safe Connections Notice, we interpret this provision to prohibit covered providers from denying a survivor’s line separation request if the primary account holder for the remaining lines does not agree to a rate increase, or from forcing the remaining primary account holder to switch to a service plan that has a higher rate, although the person may elect to switch to a rate plan that has a higher or lower rate from among those that are commercially available.357 We also find this provision does not require covered providers to offer survivors or remaining parties a specialized rate plan that is not commercially available if the party does not choose to continue the existing rate plan.358 We agree with Verizon that beyond this guidance, “it would be unnecessary and counterproductive to micromanage or prescriptively regulate how wireless providers implement” these duties, given their wide variety of “different service plans and business models.”359 Accordingly, we decline NCTA’s suggestion to make explicit in our rules “that it is permissible for accounts affected by a line separation to remain eligible for multi-line discounts based on the number of lines active on each account after the separation has been implemented,”360 351 47 U.S.C. § 345(b)(2)(D); Safe Connections Notice at 31, para. 81; Appx. A, § 64.6404(a). 352 Safe Connections Notice at 32, para. 81; see also EPIC et al. Comments at 2 (“We support the Commission’s proposals that maximize survivor self-determination and agency [by, for example,] providing flexibility in terms of . . . number portability . . . .”); Verizon Comments at 20 (“Verizon will continue to support a survivor’s request to port out or change a number once the line separation process is completed . . . .”). 353 47 U.S.C. § 345(b)(2)(D); Safe Connections Notice at 32, para. 82. 354 See Safe Connections Notice at 32, para. 82. We received no comments on our proposed analysis. 355 47 U.S.C. § 345(b)(2)(F); Appx. A, § 64.6404(a). 356 47 U.S.C. § 345(b)(3); Appx. A, § 64.6404(a). 357 Safe Connections Notice at 32, para. 83. 358 Id. 359 Verizon Comments at 20. 360 NCTA Comments at 9; CCA Reply at 2-3 (“CCA also agrees that the FCC should confirm that the [Safe Connections] Act allows providers to apply . . . multi-line discounts based on post-separation lines to line separations involving grandfathered plans or multi-line offerings.”). 49 Federal Communications Commission FCC-CIRC2311-02 though we note that such a practice would not be prohibited under the SCA or our implementing rules, as long as the line separation was not contingent on the acceptance by the account holder of a new plan. 87. Contractual and Billing Responsibilities. We incorporate in our rules the SCA’s prohibition on making a line separation contingent upon “maintaining contractual or billing responsibility of a separated line” with the covered provider.361 As proposed in the Safe Connections Notice, we interpret this provision as requiring covered providers to give the party with the separated line the option to select any commercially available prepaid or non-contractual service plan offered by the covered provider, whether that party is a survivor or abuser. We also conclude that this provision prohibits covered providers from requiring a survivor who separates a line to maintain the same contract, including any specified contract length or terms, as the account from which those lines were separated (i.e., continuing a contract for the remainder of the time on the original account for the new account or requiring the survivor to maintain all previously-subscribed services (voice, text, data) under the new account). 88. Credit Checks. Consistent with the record,362 we adopt our proposal to specify that covered providers may not make line separations contingent on the results of a credit check or other proof of a party’s ability to pay.363 We likewise adopt our proposal to prohibit covered providers from relying on credit check results to determine the service plans from which a survivor is eligible to select and whether a survivor can take on the financial responsibilities for devices associated with lines used by the survivor or individuals in the care of the survivor.364 As Congress explained, “[s]urvivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity,”365 and survivors may thus not be able to demonstrate their financial stability as a result of their abusive situation.366 As such, we find it consistent with the SCA to prohibit covered providers from making line separations contingent on the results of a credit check or other proof of a party’s ability to pay. Consistent with our tentative findings in the Safe Connections Notice, however, we find that these restrictions would not impact the ability of a covered provider to perform credit checks that are part of its routine sign-up process for all customers as long as the covered provider does not take the results of the credit check into account when determining whether it can effectuate a line separation.367 361 47 U.S.C. § 345(b)(2)(B); Appx. A, § 64.6404(a). 362 See EPIC et al. Comments at 6 (“[W]e support the Commission’s prohibition of making line separation contingent upon a survivor credit check or other estimation of survivor’s ability to pay, and the Commission’s presuming financial hardship.”); Knights Comments at 2 (“[A] credit check requirement could be seen as an ‘other limitation’ under 345(b)(1)(G). It would go against the [Safe Connections] Act’s finding that survivors face financial insecurity.”); Verizon Comments at 20 (“The Safe Connections Act ensures that a provider may not condition a[ line separation request] on a particular rate plan or credit check . . . .”). CTIA supports this approach, but adds that we should permit covered providers to engage in credit checks as a method of authenticating a survivor’s identity. CTIA Comments at 14-15. We discuss how covered providers may authenticate survivor’s identity above. 363 Safe Connections Notice at 33-34, paras. 87-88 (seeking comment whether the SCA’s general prohibition of making line separations contingent on practices not specifically permitted by the SCA would prohibit covered providers from making a line separation request contingent on the results of a credit check or other proof of a party’s ability to pay); Appx. A, § 64.6404(a). 364 Id. 365 Safe Connections Act § 3(2). 366 See Notice of Inquiry at 3, para. 5. Commenters support this finding. See, e.g., Asian Pac. Inst. Gender-Based Violence Comments at 5 (rec. Aug. 18, 2022) (“[A]busive partners . . . will isolate survivors and try to prevent or sabotage them from attaining economic independence or stability by[, for example,] ruining credit . . . .”). 367 Safe Connections Notice at 33-34, paras. 87-88. We believe this approach addresses NCTA’s suggestion that the Commission not prohibit covered providers from “requir[ing] other proof of ability to pay or other verification (continued….) 50 Federal Communications Commission FCC-CIRC2311-02 6. Financial Responsibilities and Account Billing Following Line Separations 89. We adopt our proposal to codify the SCA’s statutory requirements for financial responsibilities and account billing following line separations.368 Specifically, unless otherwise ordered by a court, when survivors separate their lines and the lines of individuals in their care from a shared mobile service contract, they must assume the financial responsibilities, including monthly service costs, for the transferred numbers beginning on the date on which a covered provider transfers the billing responsibilities for and use of the transferred numbers to those survivors.369 Covered providers may not require survivors to assume financial responsibility for mobile devices associated with those separated lines unless the survivor purchased the mobile devices, affirmatively elected to maintain possession of the mobile devices, or are otherwise ordered to by a court.370 When survivors separate an abuser’s line from a shared mobile service contract, a covered provider may not impose on survivors any further financial responsibilities to the transferring covered provider for the services and mobile devices associated with the telephone number of the separated line.371 To ensure that providers can implement processes and procedures that work with their particular IT, billing, and other administrative systems, we decline to implement more prescriptive rules governing covered providers’ administration of the financial responsibility and account billing requirements. Given the complexities and uniqueness of each provider’s systems, we agree with CCA that “flexible rules will enable wireless providers to comply and make necessary technical and operational updates in a manner best adapted to their service model, customer base, and available resources.”372 Although we decline to implement more prescriptive rules beyond those established in the SCA, in consideration of the record, and pursuant to the SCA’s charge that we consider account billing procedures and financial responsibilities in adopting rules governing line separations,373 we clarify how providers apply those obligations below. 90. Lines. Although the SCA contemplates that survivors will not be financially responsible for the abuser’s line the moment the line separation is processed, we recognize that there may be instances when a covered provider cannot practically prorate those financial responsibilities.374 In such instances, we make clear that a covered provider can rely on the operational and technical infeasibility exception to process the request without prorating the financial responsibilities for the abuser’s line, as long as the provider releases the survivor from financial responsibility for the abuser’s line at the start of the next billing cycle, which we expect will not be more than one month following the date the request is processed.375 (Continued from previous page) information” as part of “applying their standard payment terms to separated accounts . . . .” NCTA Comments at 9- 10. Stated another way, we permit covered providers to use credit checks in the generally applicable account sign- up process after they have effectuated the line separation for survivors. 368 See Safe Connections Notice at 34-35, para. 90. 369 47 U.S.C. § 345(b)(5); Appx. A, § 64.6405(a). 370 47 U.S.C. § 345(b)(7). 371 47 U.S.C. § 345(b)(6). 372 CCA Reply at 4; see also CCA Comments at 3; CTIA Comments at 14; Verizon Comments at 20. 373 Safe Connections Act § 5(B)(1)(B)(iii), (x)-(xi). 374 See Verizon Comments at n.46 (explaining that the line separation process for a prepaid plan, for example, “will necessarily occur at some period of time after payment is submitted during the month in which the line separation occurs” and arguing that “a true-up for that monthly period that might be available to the abuser under a postpaid plan is not required under Section 345(b)(5) (and may not even be feasible in) the prepaid context, where prepaid airtime is typically nonrefundable at the outset”). 375 See also Safe Connections Notice at 16, n.100 (recognizing that it may be operationally or technically infeasible for a covered provider to separate a line in the middle of a billing cycle). 51 Federal Communications Commission FCC-CIRC2311-02 91. Similarly, we understand, as Verizon explains, that “in some cases, a wireless provider may not be able to create a new account for a survivor without initially applying certain financial obligations as part of the account setup.”376 We agree that, “as long as those obligations are promptly waived by the system or the customer service employee after the new account is created, Congress’s objective is met.”377 We stress, however, that covered providers must waive these fees without requiring survivors to follow up or take additional steps. 92. Devices. We clarify how the obligations for device financial responsibilities apply when a third party is involved with the financing or sale of the device. NCTA states that “some providers offer device financing through a third party, and it is the third party that has a contractual relationship with the customer.”378 In that scenario, NCTA asserts, “the provider may not have the ability to waive device costs and it should not be required to bear such costs.”379 We observe that, in most cases, a contract to finance a device through a third party is an agreement to “purchase” the device, and as such, a survivor may be financially responsible for the financed device associated with the separated line under the provisions of the SCA.380 In any event, neither the SCA nor our rules require covered providers to bear device costs. If, however, a covered provider offers a device for sale on its website, in a retail store, or through some other means, we conclude that it is the provider’s responsibility to ensure that the financial responsibilities for any devices are assigned to the appropriate party following a line separation, including when the device is purchased using third-party financing offered by the provider. We find that this approach most closely aligns with the goals of the SCA. 93. We agree with Verizon, however, that when a device is offered and financed by a third party, such as a big-box retailer or directly from the device manufacturer, the covered provider does not have an obligation to ensure that third party complies with the SCA’s device financial responsibility obligations. In this scenario, the covered provider was not involved with the sale or financing of the device and has no relationship with the seller or financier, so there is no means by which the covered provider can compel the third party to comply with the obligations the SCA places on the provider. 94. Payment Terms and Conditions. We conclude that the SCA permits covered providers to apply their standard payment or contract terms and conditions to separated lines and devices, to the extent that such terms are consistent with the SCA’s limitations on penalties, fees, and other requirements.381 We agree with NCTA that the statute “is not intended to upend the customer-provider relationship,” and that requiring different terms and conditions in service agreements for survivors could “increase the incidence of fraud.”382 In this regard, NCTA noted that “some providers may require a credit card to secure the device, require or incentivize enrollment in monthly auto-pay programs, or require other proof of ability to pay or other verification information, such as billing address or the last four digits of the social security number.”383 These provider practices do not appear to run afoul of the SCA’s limitations. Providers, however, should be keenly aware that some survivors may lack access to credit, may be in a transitory state and temporarily lack a permanent address, or be otherwise unable to satisfy some other 376 Verizon Comments at 10. 377 Id. 378 NCTA Comments at 10. 379 Id. 380 47 U.S.C. § 345(b)(7) (requiring that “unless otherwise ordered by a court, a survivor shall not assume financial responsibility for any mobile device associated with the separated line, unless the survivor purchased the mobile device, or affirmatively elects to maintain possession of the mobile device”) (emphasis added). 381 Appx. A, § 64.6405(b); Safe Connections Notice at 33, para. 86; Verizon Comments at 20; CCA Reply at 2-3. 382 NCTA Comments at 7, 9. 383 Id. at 9-10. 52 Federal Communications Commission FCC-CIRC2311-02 standard provider requirements.384 In such cases, providers should work closely with survivors by either helping them gather the necessary payment and verification documentation or by providing information on how they can otherwise satisfy provider requirements, such as by applying to the Lifeline program for financial assistance. If a survivor is ultimately unable to satisfy the provider’s standard terms, the provider should also be prepared to inform the survivor of alternative communications service options the provider may offer, such as prepaid or postpaid plans, or the ability to port a number to another provider who may offer service to those in similar circumstances. Though not required by the SCA or by our rules, providers should consider waiving certain terms and conditions some survivors may be temporarily unable to satisfy due to extenuating circumstances. Congress’s findings note the key role communications services can play in helping survivors establish autonomy and safety from abusers, but provider terms and conditions that are too onerous on survivors could unnecessarily impede survivor access to the SCA’s benefits, including the ability to establish independent wireless service.385 95. Arrears. We adopt our proposal that any previously accrued arrears on an account following a line separation must stay with the person who was the primary account holder prior to the separation.386 For example, if the abuser’s line is separated and the abuser was the primary account holder, the arrears would be reassigned to the abuser’s new account. Similarly, if the survivor was the primary account holder and separates the abuser’s line, the arrears would stay with the survivor’s account. Conversely, if the survivor’s line is separated and the abuser was the primary account holder, the arrears would stay with the abuser’s account. No commenters raised any concerns about the administrability of this approach. 7. Effects on Other Laws and Regulations 96. Number Porting. We conclude that the Commission’s current telephone number porting rules apply for lines that have been separated pursuant to section 345 of the Communications Act. As explained in the Safe Connections Notice,387 we do not believe, and the record provides no indication, that there is anything unique about number ports associated with line separations that would make such ports more or less technically feasible than under other circumstances. Accordingly, we conclude that any ports covered providers are currently required to complete, and technically capable of completing, are technically feasible under the SCA.388 We also conclude that should the requirements or capabilities for number porting change in the future, any newly feasible ports will also be considered technically feasible when sought in connection with a line separation under the SCA. 97. We also find that, as a practical matter, although survivors may indicate as part of their line separation request that they intend to port out the separated (or remaining) telephone numbers to a 384 See Safe Connections Act § 3(2) (stating that “[s]urvivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity and limited access to reliable communications tools to maintain essential connections with family, social safety networks, employers, and support services”). 385 Safe Connections Act § 3(4). 386 See Safe Connections Notice at 36, para. 93; Appx. A, § 64.6405(c). 387 Safe Connections Notice at 36, para. 95. 388 The Commission’s current rules require wireless carriers to port numbers to other wireless carriers upon request without regard to proximity of the requesting carrier’s switch to the porting-out carrier’s switch and to port numbers to wireline carriers within the number’s originating rate center. See 47 U.S.C. § 251(b)(2); Telephone Number Portability, CC Docket No. 95-116, Memorandum Opinion and Order and Further Notice of Proposed Rulemaking, 18 FCC Rcd 23697, 23706, para. 22 (2003) (wireless carriers must port numbers to wireline carriers within a number’s originating rate center); Telephone Number Requirements for IP-Enabled Services Providers et al., WC Docket No. 07-243 et al., Report and Order, Declaratory Ruling, Order on Remand, and Notice of Proposed Rulemaking, 22 FCC Rcd 19531, 19535, 19540, 19549-50, paras. 8, 16, 34-35 & n.114 (2007), aff’d sub nom. National Telecomms. Cooperative Ass’n v. FCC, 563 F.3d 536 (D.C. Cir. 2009) (VoIP LNP Order). 53 Federal Communications Commission FCC-CIRC2311-02 new provider, a covered provider must complete a line separation request prior to effectuating a number port pertaining to that line. As the Commission explained in its Safe Connections Notice, customers who want to port a number to a new provider currently must provide the telephone number, account number, ZIP code, and any passcode on their existing account to the new provider.389 Survivors who are not primary account holders, however, may have limited access to the necessary account information. However, once a line separation is completed, a survivor will have a new account and presumably have access to all the information needed to port a number to a new provider. Furthermore, as Verizon noted and as NCTA echoed, completing the line separation process and then porting a number will “enable providers to leverage their existing porting processes, to apply appropriate porting fraud prevention measures, and to manage their number inventories in a manner that facilitates continued compliance with the number aging and Reassigned Number Database (RND) reporting requirements.”390 And, because simple wireless-to-wireless ports typically happen within a few hours, there would be little time saved by requiring providers to concurrently separate lines and process ports.391 As such, we find that providers should process and complete line separation requests before completing number ports, which will allow them to leverage their existing systems and processes that port numbers “routinely and reliably.”392 To the extent that a survivor initiates a port-out request with a new service provider for a line that is the subject of an in-process line separation request, we prohibit the current service provider from notifying the account holder of the request to port-out that number until after the line separation request has been completed, to avoid situations where an abuser who is the account owner is notified of a survivor’s pending line separation or port-out request on an account shared by an abuser and a survivor. 98. Compliance with Privacy Protections and Other Law Enforcement Requirements. In adopting rules to implement the SCA, Congress directed the Commission to consider, among other things, privacy protections and compliance with the Commission’s CPNI rules or any other legal or law enforcement requirements.393 The Commission’s CPNI rules implement section 222 of the Communications Act, which obligates telecommunications carriers to protect the privacy and security of information about their customers to which they have access as a result of their unique position as network operators.394 Section 222(a) requires carriers to protect the confidentiality of proprietary 389 See Safe Connections Notice at 19 and 34-35, paras. 47 and 96. 390 Verizon Comments at 20; see also NCTA Reply at 5. 391 See Local Number Portability Interval and Validation Requirements; Telephone Number Portability, WC Docket No. 07-244, CC Docket No. 95-116, Report and Order, 25 FCC Rcd 6953, 6956-62, para. 59 (2010) (noting that “the wireless industry has established a voluntary standard of two and one-half hours for wireless-to-wireless ports”). 392 Verizon Comments at 14, n.29 (stating that “requiring a port-out number change to occur concurrently with the LSR process, rather than sequentially after the line separation is complete—as is routinely and reliably done today— would require integration of number porting and telephone number management databases and systems into the LSR process, with little if any practical improvement to the LSR process or benefit to survivors”). 393 Safe Connections Act § 5(b)(1)(B)(i), (xii) (requiring the Commission to consider “privacy protections” and “compliance with subpart U of part 64 of title 47, Code of Federal Regulations, or any success regulations (relating to customer proprietary network information) of any other legal or law enforcement requirements”). 394 47 U.S.C. § 222; see also Implementation of the Telecommunications Act of 1996: Telecommunications Carriers’ Use of Customer Proprietary Network Information and Other Customer Information, et al., CC Docket Nos. 96-115, et al., Order on Reconsideration and Petitions for Forbearance, 14 FCC Rcd 14409, 14419-20, paras. 12-14 (1999) (denying petitions for reconsideration and forbearance seeking different treatment for wireless providers under the Commission’s CPNI rules, concluding that “there is nothing in the statute or its legislative history to indicate that Congress intended the CPNI requirements in section 222 should not apply to wireless carriers”); accord 2007 CPNI Order, 22 FCC Rcd at 6954-6957, paras. 54-59 (extending CPNI requirements to providers of interconnected VoIP service). 54 Federal Communications Commission FCC-CIRC2311-02 information of and relating to their customers.395 Subject to certain exceptions, section 222(c)(1) specifically provides that a carrier may use, disclose, or permit access to CPNI that it has received by virtue of its provision of a telecommunications service only: (1) as required by law; (2) with the customer’s approval; or (3) in its provision of the telecommunications service from which such information is derived or its provision of services necessary to or used in the provision of such telecommunications service.396 The Commission’s rules implementing section 222 are designed to ensure that telecommunications carriers establish effective safeguards to protect against unauthorized use or disclosure of customers’ proprietary information. Among other things, the rules require carriers to appropriately authenticate customers seeking access to CPNI.397 The Commission’s CPNI rules also require carriers to take reasonable measures to both discover and protect against attempts to gain unauthorized access to CPNI398 and to notify customers immediately of certain account changes, including whenever a customer’s password, response to a carrier-designed back-up means of authentication for lost or forgotten passwords, online account, or address of record is created or changed.399 99. We provide additional guidance regarding the treatment of historical CPNI and notification of account changes related to lines subject to a line separation request pursuant to section 345.400 In particular, we make clear that historical CPNI shall remain with the original account, though we permit covered providers to move CPNI associated with a separated line if feasible. We agree with NDVH that retroactively separating historical CPNI by each line on an account and then transferring it along with the separated line to a new account may not be technically feasible or practical for providers.401 Therefore, we conclude that covered providers are not required to move historical CPNI associated with a separated line to a new account, although we encourage providers to do so to the extent possible. 100. We also modify the Commission’s rule requiring telecommunications carriers to notify customers “immediately” whenever a password, customer response to a back-up means of authentication for lost or forgotten passwords, online account, or address of record is created or changed”402 to clarify that this rule does not apply when such changes are made in connection with a line separation request made pursuant to the SCA.403 101. Finally, we make clear that except for any enhanced protections provided to survivors 395 47 U.S.C. § 222(a). 396 47 U.S.C. § 222(c)(1); see also 47 U.S.C. § 222(h)(1) (defining CPNI). 397 See 47 CFR § 64.2010(b)-(e). The Commission’s CPNI rules define a “customer” as “a person or entity to which the telecommunications carrier is currently providing service.” 47 CFR § 64.2003(f). 398 See 47 CFR § 64.2010(a). 399 See 47 CFR § 64.2010(f). In the Commission’s SIM Swap and Port-Out Fraud Report and Order, the Commission also adopted rules requiring wireless providers to notify a customer immediately after receiving a SIM change or port-out request, except as required otherwise by the Commission’s rules implementing the SCA. See Publicly Released Draft SIM Swap and Port-Out Fraud Order, FCC 23-XX. 400 See CCA Comments at 4-5 (noting the importance of clarifying for providers who should be allowed access to historical CPNI after a line separation). 401 See NVDH Comments at 21-22 (asserting that “[r]etroactively segregating the call detail information associated with the abuser and survivor would be extremely difficult and unnecessary to meet Congress’s goals”). 402 47 CFR § 65.2010(f). 403 Appx. A, § 64.2010(f). 55 Federal Communications Commission FCC-CIRC2311-02 under state law as described in section 345(c)(3),404 compliance with the line separation provisions of the SCA and the rules we have adopted in this Order to implement those provisions supersede and preempt any conflicting obligations under state law, Commission rules, or state rules.405 Commenters did not raise concerns regarding conflicts with any law enforcement provisions regarding line separations. 8. Implementation 102. Compliance Timeframe. Consistent with prior Commission actions,406 and in light of the urgency of this issue to survivors’ safety, we require covered providers to comply with our rules implementing the SCA’s line separation provisions within a short period of time, six months after the effective date of this Order or after review of the rules by the Office of Management and Budget (OMB) is completed, whichever is later. The SCA states that the line separation requirements in the statute “shall take effect 60 days after the date on which the Federal Communications Commission adopts the rules implementing” those requirements,407 but also directs the Commission, in adopting rules, to consider “implementation timelines, including those for small covered providers.”408 We find the SCA’s direction that the Commission consider “implementation timelines” in adopting rules to implement new section 345 of the Communications Act provides the Commission with discretion to establish an appropriate compliance timeframe as necessary based on the record.409 Further, because many of the rules we adopt to implement new section 345 of the Communications Act contain information collections that are subject to review by the Office of Management and Budget (OMB) under the Paperwork Reduction Act (PRA) and the SCA provides no stated exception to the PRA, we have an independent statutory obligation to comply with the PRA in adopting rules to implement the SCA. We therefore require covered providers to comply with the rules implementing the line separation provisions of the SCA six months after the effective date of this Order, or after OMB completes review of the rules, whichever is later. We direct the Wireline Competition Bureau to issue a Public Notice announcing the compliance date for the rules implementing section 345 once OMB completes its review. 404 47 U.S.C. § 345(c)(3) (“This subsection shall not affect any law or regulation of a State providing communications protections for survivors (or any similar category of individuals) that has less stringent requirements for providing evidence of a covered act (or any similar category of conduct) than this subsection.”). 405 See Safe Connections Notice at 38, para. 100 (seeking comment on what other legal or law enforcement requirements may be impacted by line separations or the rules discussed in the NPRM); Safe Connections Act § 5(B)(1)(B)(xii); CCA Reply at 3 (agreeing that “the truth-in-billing rules, state privacy laws and regulations, and the like are also areas of liability concern that the FCC should clarify in terms of preemption with regard to compliance with the Safe Connections Act”); CTIA Reply at 5 (urging the Commission to “make clear that a covered provider’s compliance with the SCA rules takes priority over, and preempts, any otherwise applicable obligations that are inconsistent, such as the provisions of 47 U.S.C. section 222 or state laws”). 406 See, e.g., Implementation of the Telecommunications Act of 1996: Telecommunications Carriers’ Use of Customer Proprietary Network Information and Other Customer Information; IP-Enabled Services, CC Docket No. 96-115, WC Docket No. 04-36, Report and Order and Further Notice of Proposed Rulemaking, 22 FCC Rcd 6927, 6958, para. 61 (2007) (requiring carriers to implement new rules to protect customers against pretexting six months after the Order’s effective date “in light of the importance of this issue to the public interest” and “because of the important consumer and public safety considerations raised by pretexting that demand near immediate action”); see also CCA Comments at 8 (noting that the Commission adopted a nine month compliance date for small providers and a six month compliance date for other providers for compliance with the Mandatory Disaster Response Initiative). 407 Safe Connections Act § 6. We will publish a summary of this Report and Order in the Federal Register not later than thirty days prior to the effective date. 408 Safe Connections Act § 5(b)(1)(B)(ix). 409 Because we establish a compliance timeframe for our implementing rules that is after the effective date of new section 345 of the Communications Act, we will delay enforcement of those rule provisions until after the compliance date of the rules. 56 Federal Communications Commission FCC-CIRC2311-02 103. The record demonstrates that implementing the line separation provisions of the SCA will require providers to make significant changes to their systems and processes.410 As NCTA explains, “providers will need time to build internal systems to meet the requirements of the Commission’s rules, to test, deploy, and train. There are a number of unknown variables that make it difficult to fully build out a provider’s compliance system until the Commission adopts the final rules.”411 We agree with CTIA that “[g]iven the highly sensitive nature of supporting survivors, it is vitally important that providers have sufficient time to implement the necessary changes to their systems and processes accurately and effectively.”412 We are also concerned that, absent sufficient time to modify and test their systems, a significant number of covered providers will employ the technical and operational infeasibility exception to deny line separation requests, leading to widespread survivor confusion.413 For these reasons, we require covered providers to comply with the rules implementing the statutory line separation requirements six months after the effective date of this Report and Order, or after OMB review of those rules that involve information collections under the PRA, whichever is later. We find, however, that permitting a more extended compliance timeframe414 for implementing the line separation provisions would be inconsistent with the urgency Congress demonstrated with the underlying statutory obligation415 as well as with the critical wireless communications needs of survivors well-documented in the record.416 410 See CCA Comments at 6-7 (“CCA’s members generally expect that it will be feasible for them to effect line separations and omit domestic-abuse-hotline information from newly created call logs and other customer-facing records, but building those systems after the Commission adopts rules will take significant time.”); Verizon Comments at 3 (“Implementation of the proposed line separation and call data privacy requirements will require some of the most significant reassessment, re-programming and upgrades of customer billing, online account, and customer care systems and practices since the Commission promulgated the original CPNI rules in 1998 and 1999.”); CTIA Reply at 4 (arguing that “compliance deadlines for the new rules should provide sufficient time for covered providers, including small, regional providers, to implement the requirements, test their systems, and train customer service representatives”); CTIA Comments at 10-11. 411 Letter from Pamela Arluk, Vice President & Assoc. General Counsel, NCTA to Marlene H. Dortch, Secretary, FCC, WC Docket No. 21-450, at 2 (filed Oct. 11, 2023) (NCTA Oct. 11 Ex Parte Letter). 412 CTIA Comments at 3; see also id. at 11 (noting the critical importance of ensuring that “all changes to systems and training are carefully and fully implemented and validated”). 413 See 47 U.S.C. § 345(f)(1); see also NCTA Comments at 17 (asserting that for at least 10 months following the initial 60-day period, “many providers would need to invoke the technical and operational infeasibility provision of the statute and offer requesting survivors the option of transferring a line to a new account”). 414 See, e.g., Verizon Comments at 17 (“[I]mplementing the [SCA’s] line separation requirements is a complicated task that will require most providers at least one year to implement after rules are adopted.”); NCTA Oct. 11 Ex Parte Letter at 2 (requesting that the Commission provide a minimum of one year for providers to implement line separation requirements). 415 See Safe Connections Act § 5(b)(1)(A) (requiring the Commission to adopt rules to implement section 345 of the Act within 18 months of the SCA’s enactment); Safe Connections Act § 6 (stating that the requirements under section 345 of the Act “shall take effect 60 days after the date on which the . . . Commission adopts the rules implementing that section”); Safe Connections Act § 3(4) (“[I]ndependent access to a wireless phone plan can assist survivors in establishing security and autonomy.”). 416 See, e.g., NY Office for the Prevention of Domestic Violence Comments at 2 (noting that “the need for safe, reliable communication for survivors can literally be a lifeline towards achieving safety” and can be “critical to survivors in need of accessing emergency responders, and mental health support for themselves and their children while planning for futures free from abuse”); CTIA Comments at 3 (“Wireless services and devices are essential tools for survivors escaping domestic violence, sexual violence, dating violence, intimate partner violence, human trafficking, or stalking to access emergency services and helplines and gain the financial independence to protect themselves from their abusers. With the wide availability of wireless services and devices, survivors can call or text 9-1-1, seek mental health support by calling or texting 9-8-8, and utilize increasingly affordable service plans to access educational, health, and occupational services.”); CCA Comments at 2 (noting support for the Commission’s (continued….) 57 Federal Communications Commission FCC-CIRC2311-02 We anticipate that most covered providers will be equipped to effectuate line separations within six months of the effective date of this Order, given the steps that the industry has already taken to advance this important process,417 and we encourage covered providers to implement the rules we adopt today as expeditiously as possible given the urgency of the concerns at issue. We also remind covered providers that given the urgency expressed by Congress in the SCA, they should be sensitive to survivors that may need assistance during the six-month implementation and compliance timeframe, and strongly encourage covered providers not to subject survivors to fees or other restrictions in conjunction with setting up a new account or cancelling an existing account while the line separation process is technically or operationally infeasible. 104. The SCA directs the Commission to consider implementation timelines for small covered providers,418 and after examination of the record, we decline to adopt a different compliance timeframe for small providers.419 First, given the critical and potentially lifesaving importance of independent communications for survivors escaping abusive circumstances, we think it self-evident that survivors who receive service from small covered providers are no less entitled to the protections made available by the SCA than survivors who receive service from other covered providers. Second, we find that adopting inconsistent timelines for small and large providers may make it difficult for stakeholders to carry out effective messaging campaigns touting the availability of line separations. This inconsistency may confuse survivors and ultimately dissuade them from further pursuing a line separation if they are told that their current carrier does not offer the ability despite having been informed of the SCA’s features by a stakeholder messaging campaign. Third, we believe that Congress included the technical and operational infeasibility provisions to account for differences in the capabilities of providers (among other reasons), particularly between large and small providers, and to incentivize and protect providers while they work to update or develop systems and processes capable of fully effectuating the SCA’s requirements and our rules within the compliance timeframe. B. Ensuring the Privacy of Calls and Text Messages to Domestic Abuse Hotlines 105. The SCA directs the Commission to consider (i) whether and how to “establish, and update on a monthly basis, a central database of covered hotlines to be used by a covered provider or a wireline provider of voice service,” and (ii) whether and how to “require a covered provider or a wireline provider of voice service to omit from consumer-facing logs of calls or text messages any records of calls or text messages to covered hotlines in [such a] central database, while maintaining internal records of (Continued from previous page) statement that communications services are “vital to survivors’ efforts to maintain essential connections with family, social safety networks, employers, and support services”). 417 See Verizon Comments at 2 (“Verizon and many other wireless providers already have line separation capabilities and processes upon which to build. Verizon, for example, maintains a group of customer care employees specially trained to handle the sensitivities surrounding LSRs from domestic violence survivors and to walk the survivors through the secure process of documenting the abuse, establishing a new account (or removing an alleged abuser from an existing account), selecting a service plan, and where requested, facilitating a number change or port out.”); CTIA Comments at 2, 4-5 (explaining that the “wireless industry is continuing to step up to achieve the goals of the SCA through a multi-year partnership with the National Domestic Violence Hotline;” among other things, the Hotline “expects to provide training materials that can help customer service representatives to understand what survivors go through when they are trying to escape traumatic experiences like domestic violence, stalking, or human trafficking”); Press Release, National Domestic Violence Hotline, National Domestic Violence Hotline and Wireless Industry Enter Into Multi-Year Partnership to Support Survivors (Feb. 16, 2023), https://www.thehotline.org/news/national-domestic-violence-hotline-and-wireless-industry-enter-into-multiyear- partnership-to-support-survivors/. 418 See Safe Connections Act § 5(b)(1)(B)(ix). 419 See CCA Comments at 6-7 (requesting that the Commission extend the compliance deadline for 24 months, “at least for smaller carriers”). 58 Federal Communications Commission FCC-CIRC2311-02 those calls and messages.”420 As discussed below, we find it is in the public interest to establish such a central database and adopt a process for doing so. We begin our discussion with the requirement for covered providers to exclude calls or text messages to covered hotlines from consumer-facing call logs, and the definitions of key terms. 1. Creating an Obligation to Protect the Privacy of Calls and Text Messages to Covered Hotlines 106. We adopt our proposal to require covered providers and wireline providers of voice service to exclude from consumer-facing logs of calls or text messages any records of calls or text messages to covered hotlines that appear in a central database (discussed further below), and to retain internal records of the omitted calls and text messages.421 Congress determined that “perpetrators of [sexual] violence and abuse . . . increasingly use technological and communications tools to exercise control over, monitor, and abuse their victims,” and that “[s]afeguards within communications services can serve a role in preventing abuse and narrowing the digital divide experienced by survivors of abuse.”422 These findings are supported by, among other things, field work with domestic violence survivors demonstrating the risk of abusers’ accessing domestic abuse survivors’ digital footprint, particularly call logs.423 The record in this docket also reflects concerns raised regarding call and text logs. For example, the New York State Office for the Prevention of Domestic Violence notes that “[r]isk to survivors escalates when they are seeking to leave their abuser and calls to hotlines often precede separation from one’s abuser,” and the NVRDC observes that “[c]all and text records to and from covered organizations would likely tip off an abuser who is closely monitoring all communications.”424 We are concerned that survivors may be deterred in seeking help by the threat of an abuser using access to call and text logs to determine whether the survivor is in the process of seeking help, seeking to report, or seeking to flee.425 We therefore conclude that protecting the privacy of calls and text messages to covered hotlines, as described by the SCA, is in the public interest. This proposal received broad support and no opposition.426 107. The SCA specifically requires the Commission to consider certain matters when determining whether to adopt a requirement for protecting the privacy of calls and text messages to hotlines. Specifically, section 5(b)(3)(B) of the SCA requires us to consider the technical feasibility of such a requirement—that is, “the ability of a covered provider or a wireline provider of voice service to . . 420 See Safe Connections Act § 5(b)(3)(A)(ii). 421 Safe Connections Notice at 41, para. 110. We make clear that the use of the word “omit” in our rule provision regarding this requirement (Appx. A, section 64.6408(a) (“All covered providers, wireline providers of voice service, fixed wireless providers of voice service, and fixed satellite providers of voice service shall . . . [o]mit from consumer-facing logs of calls and text messages any records of calls or text messages to covered hotlines in the central database established by the Commission”)), should be understood to mean “completely exclude,” not merely redact identifying detail. 422 Safe Connections Act § 3(3), (5). 423 See Safe Connections Notice at 41, para. 110; Diana Freed, Jackeline Palmer, Diana Minchala, Karen Levy, Thomas Ristenpart & Nicola Dell, “A Stalker’s Paradise”: How Intimate Partner Abusers Exploit Technology, Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, Paper No. 667, 4-6 (2018) (Freed et al. 2018), https://dl.acm.org/doi/pdf/10.1145/3173574.3174241. 424 NYS OPDV Comments at 5; NVRDC Notice of Inquiry Comments at 10; 1075, Student, Boston College Law School Reply at 4-5, 8-9. 425 See also Safe Connections Notice at 41, para.110; Section II, supra. 426 API-GBV Comments at 8; CTIA Comments at 15; EPIC et al. Comments at 30; NCTA Comments at 10; New York City Mayor’s Office to End Domestic and Gender-Based Violence Comments at 2 (NYC Mayor’s Office); New York State Dep’t of Pub Serv. Comments at 2-3 (NYC DPS); NYS OPDV Comments at 3; USTelecom Comments at 2; 1075, Student, Boston College Law School Reply at 7-8. 59 Federal Communications Commission FCC-CIRC2311-02 . identify logs that are consumer-facing . . . and . . . omit certain consumer-facing logs, while maintaining internal records of such calls and text messages,” as well as “any other factors associated with the implementation of [such requirements], including factors that may impact smaller providers.”427 Section 5(b)(3)(B) also requires us to consider “the ability of law enforcement agencies or survivors to access a log of calls or text messages in a criminal investigation or civil proceeding.”428 108. The Commission tentatively concluded in the Safe Connections Notice that covered providers and wireline providers of voice service are able to identify consumer-facing call and text logs,429 and no commenter disputed this assertion. Nor did any commenter contend that excluding calls and text messages to covered hotlines from consumer-facing call logs was technically infeasible, or that it was technically infeasible to retain internal records of such calls while excluding such calls from consumer-facing call logs. Indeed, none of the trade associations representing substantially different segments of covered providers and/or providers of wireline voice service raises specific issues relating to selectively omitting calls and text messages from call and text logs in their discussion of implementation.430 109. We also adopt our proposal to require providers that remove calls and text messages to covered hotlines from consumer-facing call logs to retain an internal record of such calls for as long as they normally retain internal records of calls.431 Retaining such internal records is necessary to ensure some record remains available if disputes or criminal investigations or civil or criminal legal proceedings arise. Further, records of calls and text messages do not appear to exist solely in the form of call logs, but, rather, are independent records—that is, some processing must be applied to the records to create call logs.432 As a result, as proposed,433 we require service providers to maintain internal records of calls and text messages that they exclude from consumer-facing logs when such records are required for any criminal or civil enforcement proceeding, or for any other reason.434 No commenter opposed this proposal. 110. Extension of Obligation to Fixed Wireless and Fixed Satellite Providers of Voice Service. The Commission observed in the Safe Connections Notice that subscribers to fixed wireless and fixed satellite voice service may expect that the privacy of their calls and text messages to hotlines are also 427 Safe Connections Act § 5(b)(3)(B)(ii), (iii). 428 Safe Connections Act § 5(b)(3)(B)(i). 429 Safe Connections Notice at 41, para. 112. 430 See CTIA Comments at 10-11 (stating that rules should “enable providers to consider technical feasibility,” but not identifying specific technical feasibility issues); NCTA Comments at 10-11 (discussing the call log requirement but not addressing technical feasibility); USTelecom Comments at 4-6 (stating that covered providers will need time to implement system upgrades and address unforeseen complexities, but not identifying specific technical feasibility issues); CCA Reply at 7 (emphasizing need for time to implement call log requirements, but not identifying specific issues of technical feasibility); CTIA Reply at 3-4 (discussing the call log requirement but not addressing technical feasibility); NCTA Reply at 13-14 (discussing the call log requirement but not addressing technical feasibility); USTelecom Reply at 3-4 (stating that providers need “sufficient flexibility to help minimize instances of technical or operational feasibility, but not identifying specific issues of technical feasibility). 431 Appx. A, section 64.6408(a)(2); Safe Connections Notice at 41-42, paras. 110, 112-14. 432 See, e.g., Sumco Panama SA et al., File No. EB-TCD-21-00031913, Notice of Apparent Liability for Forfeiture, FCC 22-99, at 17, para. 28 n.102 (Dec. 23, 2022). 433 Safe Connections Notice at 42, para. 113. 434 See Safe Connections Act § 5(b)(3)(B)(ii)(II). We use the term “service provider” to refer all types of providers to which we apply the obligation to protect the privacy of calls and text messages to hotlines—covered providers, wireline providers of voice service, and, as discussed below, fixed wireless and fixed satellite providers. We discuss specifically who such providers may be below in Section III.A.2, below. 60 Federal Communications Commission FCC-CIRC2311-02 protected, despite the providers of the service likely being neither “covered provider[s]” or wireline providers, and sought comment on whether we should therefore extend related obligations to such providers.435 No party responded to our request for comment on factors that would prevent such providers from complying with our rules in any respect. We believe that subscribers to such services should be afforded such protections, a matter that no party disputes, and that we should seek to meet survivor expectations regarding the privacy of their calls and text messages to hotlines. We therefore extend our related obligations to fixed wireless and fixed satellite providers of voice service. 111. We conclude that we have direct authority to adopt this requirement under Titles II and III of the Communications Act, and we independently assert our ancillary authority to that end as well. We have direct authority to extend our rules protecting the privacy of calls and texts to hotlines to fixed wireless and fixed satellite providers of voice. Section 201(b) of the Communications Act requires that all charges, practices, classifications, and regulations in connection with common carrier service be just and reasonable, and authorizes the Commission to prescribe rules as necessary in the public interest to carry out this requirement.436 If fixed wireless and fixed satellite providers of voice service were not subject to our rule, they could continue to include calls to hotlines in their call logs. That practice would be unjust and unreasonable, particularly in instances in which the abuser established and controls the household account, and survivors in that household may not know that the relevant service in that account is provided over fixed wireless or fixed satellite rather than wireline facilities. In that situation, the survivors might believe, incorrectly, that their calls to hotlines would be omitted from call logs to which the abuser has access. Further, even if the survivors knew that the household service was fixed wireless or fixed satellite, they often would not appreciate the legal nicety that the Commission’s rules shielded only certain types of calls to hotlines (mobile wireless or wireline) but did not shield two other types of calls (fixed wireless and fixed satellite) that were functionally indistinguishable from the survivor’s point of view. In either of those situations, the safety, even the lives, of survivors would be threatened.437 For instance, if a survivor wrongly assumed that a fixed wireless hotline call to a hotline was shielded and then placed such a call, the abuser could readily discover that call and, in retribution, threaten or harm the survivor or prevent the survivor from separating his or her line or fleeing to safety. Such consequences would not be just and reasonable, and we therefore assert our authority under section 201(b) to require common-carrier providers of fixed wireless and fixed satellite voice to comply with new section 64.6408 of our rules. To the extent these providers are wireless or satellite licensees, we also have authority to impose these obligations pursuant to sections 301, 303, and 316 of the Communications Act. 112. As a separate and independent basis, we assert our ancillary authority, which may be employed, at the Commission’s discretion, when the Communications Act “covers the regulated subject”438 and the assertion of jurisdiction is “reasonably ancillary to the effective performance of [the Commission’s] various responsibilities.”439 Section 1 of the Communications Act grants the Commission authority over, among other things, “radio communication,”440 which fixed wireless and fixed satellite 435 Safe Connections Notice at 44, para. 122. 436 47 U.S.C. § 201(b). 437 Notice of Inquiry, 37 FCC Rcd at 8965-67, paras. 4-7; Safe Connections Act § 3(1) (noting that “[d]omestic violence, dating violence, stalking, sexual assault, human trafficking, and related crimes are life-threatening issues and have last and harmful effects on individuals, families, and entire communities”); NYS OPDV Comments at 2. 438 American Library Ass’n v. FCC, 406 F.3d 689, 691 (D.C. Cir. 2005); see also United States v. Southwestern Cable Co., 392 U.S. 157, 177-78 (1968) (Southwestern Cable); United States v. Midwest Video Corp., 406 U.S. 649, 667-68 (1972); American Library Ass’n v. FCC, 406 F.3d 689, 691-93 (D.C. Cir. 2005). 439 American Library Ass’n, 406 F.3d at 692; Southwestern Cable, 392 U.S. at 178. 440 47 U.S.C. § 151. 61 Federal Communications Commission FCC-CIRC2311-02 providers of voice services provide when processing originating calls and text messages.441 The duty to protect the privacy of calls and text messages to hotlines is reasonably ancillary to the Commission’s duty to enable survivors safely to obtain line separations under section 4 of the SCA, and its duty under section 5(b)(3)(A) of the SCA to consider whether and how to adopt rules to establish a central database of domestic violence hotlines and to require covered providers and wireline providers of voice service to omit from consumer-facing logs of calls or text messages any records of calls or text messages to such hotlines.442 As explained above, if our new rule protecting the privacy of calls and text messages to hotlines were to apply to wireline providers of voice service but not fixed wireless or fixed satellite providers of voice,443 survivors often would not know whether their calls and text messages to hotlines would be omitted from the pertinent call logs. And that uncertainty likely would have devastating consequences for the safety of survivors, which in turn would defeat the purpose of the line-separation and protection of privacy of calls and texts to hotlines provisions of the SCA and, more generally, would undermine the SCA’s overall goal of establishing “safeguards within communications services [that] can serve a role in preventing abuse . . . experienced by survivors of abuse.”444 Accordingly, we assert our ancillary authority to prevent those harms and ensure that new section 64.6408 works efficaciously. 113. Technical Feasibility and Exceptions. Consistent with the statutory directive, the Commission sought comment in the Safe Connections Notice on the technical feasibility of imposing an obligation to protect the privacy of calls and text messages to hotlines on certain types of services providers and relating to certain calls.445 The Commission received requests relating to two matters in addition to a request pertaining to the compliance deadline for small service providers, which we discuss below. First, USTelecom seeks clarification that the rules that the Commission adopts do not apply to calls placed by, and any logs created in association with, (wireline) enterprise and similar multi-line telephone system (MLTS) customers.446 USTelecom argues that logs relating to such services are not consumer-facing logs and that these systems are managed, maintained, and controlled by the customer rather than the service provider.447 USTelecom’s proposal was unopposed. We agree that both the SCA and the proposed rules are directed to consumer-facing logs and recognize that applying our rules to call logs that are not controlled by the service provider would complicate our implementation of the SCA. In addition, in the event that a survivor were to use an enterprise system to place a call to a hotline, we believe that the large number of users of such enterprise systems, as compared to consumer accounts, creates more anonymity for survivors. As a result, we clarify that the rules we adopt pertaining to protecting the privacy of calls and text messages to hotlines do not apply to non-consumer accounts, such as for enterprise and MLTS service. 114. Second, commenters also raise undisputed concerns about the extent to which resellers, such as MVNOs, that “depend on their underlying facilities-based providers for systems necessary to . . . 441 The Act defines “radio communication” as “transmission by radio of writing, signs, signals, pictures, and sounds of all kinds, including all instrumentalities, facilities, apparatus, and services (among other things, the receipt, forwarding, and delivery of communications) incidental to such transmission.” 47 U.S.C. § 153(40). 442 Safe Connections Act § 5(b)(3)(A). 443 This is more likely to be the case when the abuser controls (and was therefore more likely to have established) the account, which is a common fact pattern when a survivor would be concerned about their abuser being able to see calls and text messages to hotlines on call logs. See Freed et al. 2018 at 4-6. 444 Safe Connections Act §§ 3(1), (5). 445 Safe Connections Act § 5(b)(3)(B)(ii); Safe Connections Notice at 41-43, paras. 112-17. 446 USTelecom Comments at 4-5. An MLTS is comprised of common control units, telephone sets, control hardware and software and adjunct systems, including network and premises based systems, such as Centrex and VoIP, as well as PBX, Hybrid, and Key Telephone Systems, and includes systems owned or leased by governmental agencies and non-profit entities, as well as for profit businesses. See 47 CFR § 9.3. 447 USTelecom Comments at 4-5. 62 Federal Communications Commission FCC-CIRC2311-02 screen call logs” should be expected to comply, arguing that such resellers’ obligations should be “limited to the capabilities that the facilities-based provider makes available to its own customers.”448 We conclude that it is not practical for service providers that do not create their own call logs but, instead, rely on their underlying facilities-based provider to create such call logs, to comply with our rules for protecting the privacy of calls and text messages to hotlines. We therefore exempt such service providers from these obligations. At the same time, however, we conclude that the underlying facilities-based service provider that produces the call logs for its wholesale customers (that is, the call logs that are “consumer-facing” toward the wholesale customers’ end user customers) is obligated to comply with our rules. The definitions we adopt for “covered provider,” “wireline provider of voice services,” “fixed wireless provider of voice services,” and “fixed satellite provider of voice services” are not limited to retail services. And the definition we adopt for “consumer-facing logs of calls and text messages” does not state that the consumer at issue has to be a customer of the pertinent covered provider, wireline provider of voice service, fixed wireless provider of voice services, or fixed satellite provider of voice services. Accordingly, the definitions we adopt have the effect of imposing the same duty on wholesale providers that create call logs for their wholesale customers as imposed on providers that produce their own consumer-facing call logs.449 Imposing this duty also furthers the overall goal of removing calls and text messages to covered hotlines from consumer-facing call logs in the most comprehensive manner possible. Further, we expect resellers that do not control their own call logs to make good faith efforts, such as through their contracts, to ensure that their wholesale providers are complying with our rules.450 115. Third, we decline to adopt CTIA’s proposal to create a general technical infeasibility exception.451 While the SCA requires the Commission to consider “the ability of a covered provider or wireline provider of voice service” to identify consumer-facing logs and omit calls from consumer facing logs while retaining internal records of such calls,452 in contrast to the provisions relating to line separations,453 the SCA does not contain an explicit technical infeasibility exception. As previously discussed, the record demonstrates that service providers generally have these technical abilities. Furthermore, we find that survivor safety, which is promoted through the uninhibited use of domestic violence hotlines, weighs against leaving technical infeasibility standards to the subjective determination of service providers. Should service providers encounter specific technical feasibility issues in their implementation of the rules we adopt that they believe warrant an exception to those rules, they may use the Commission’s general process for requesting waiver of a Commission rule.454 We delegate consideration of such waiver requests to the Wireline Competition Bureau. 116. Access to Retained Internal Call Records. As noted above, we require providers to retain internal records of the calls and text messages they omit from consumer-facing call logs as a result of the new rules. We do so recognizing, among other things, that section 5(b)(3)(C) of the SCA states that the Commission cannot “limit or otherwise affect” the ability of law enforcement to access call logs “in a criminal investigation” or “alter or otherwise expand provider requirements” under the Communications Access for Law Enforcement Act (CALEA).455 Although no commenter opposed our 448 CTIA Comments at 7; see also National Lifeline Association (NaLA) Comments at 25-26; CCA Reply at 5. 449 See Safe Connections Notice at 44, para. 122 (seeking comment on what type of providers should be required to remove calls and text messages to hotlines from consumer-facing call logs). 450 Verizon appears to envision such efforts. See Verizon Comments at 22. 451 CTIA Comments at 10-11 (“the Commission should also enable providers to consider technical feasibility” in the rules on the call-log removal duty). 452 Safe Connections Act § 5(b)(3)(B). 453 See 47 U.S.C. § 345(f). 454 See 47 CFR § 1.3. 455 CALEA is Public Law 103-414, 108 Stat. 4279 and its amendments. 63 Federal Communications Commission FCC-CIRC2311-02 proposal to adopt this retention requirement, EPIC et al. proposed that we limit law enforcement’s access to such records to instances where the survivor requests that law enforcement be given access, and to require a judicial order or grand jury subpoena before a provider could disclose the internal call or text records to law enforcement.456 We decline this request. The SCA prohibits us from “limit[ing]or otherwise affect[ing] the ability of a law enforcement agency to access a log of calls or text messages in a criminal investigation[],”457 and EPIC et al.’s request would appear to “affect” law enforcement’s access as it would add constraints on law enforcement’s access ability to call logs during a criminal investigation, especially in instances where speed is essential or where a survivor is unavailable to give consent. At the same time, we emphasize that while our rules neither limit or otherwise affect the ability of a law enforcement agency to access a log of calls or text messages in a criminal investigation, they are also not intended to enhance such access. They merely preserve the status quo by ensuring that service providers maintain the same records that the maintain today. 2. Definitions 117. How we define certain critical terms in the SCA significantly affects which service providers are subject to the call-log removal obligations discussed above and hotline-database obligations discussed below, the extent of such obligations, and to which hotlines the obligations apply. We adopt definitions of “covered provider,” “voice service,” “call,” “text message,” “covered hotline,” and “consumer-facing logs of calls and text messages.”458 118. Covered Provider. We conclude that all “covered provider(s),” as defined in the SCA, should be obligated to protect the privacy of calls and text messages to covered hotlines.459 We therefore adopt the same definition of covered provider used for the purpose of applying line separation obligations under section 345(a)(3) of the Communications Act, as added by the SCA. EPIC et al. supported this proposal, which received no opposition.460 119. The National Lifeline Association argues that “covered providers should not include mobile broadband providers that do not offer mobile voice service.”461 To the extent that a covered provider does not actually have consumer-facing logs of calls, as the National Lifeline Association seems to assert some covered providers do not,462 then there is no obligation for omitting certain calls and text messages with which such covered provider must comply. This reasoning applies equally to covered providers that do not actually have consumer-facing logs of text messages. It is therefore unnecessary for us to create an exception for these situations within the definition of “covered provider.” 120. Voice Service. In addition to covered providers, we apply the call-log removal duty to all “wireline providers of voice service,” as suggested by the SCA, as well as “fixed wireless providers of voice service” and “fixed satellite providers of voice service.”463 These definitions require defining “voice service,” which we base on the definition in section 5 of the SCA.464 That provision references section 4(a) of the TRACED Act, which defines “voice service” as “any service that is interconnected with the public switched telephone network and that furnishes voice communications to an end user using 456 EPIC et al. Comments at 25-27 and Appx. 2; EPIC et al. Reply at 9-10. 457 Safe Connections Act § 5(b)(3)(C)(i). 458 See generally Safe Connections Act § 5(b)(3). 459 47 U.S.C. § 345(a)(3); Safe Connections Notice at 43, para. 119. 460 Appx. A, § 64.6400(f). EPIC et al. Comments at 6. 461 NaLA Reply at 10. 462 Id. 463 Appx. A, section 64.6400(o). Safe Connections Act § 5(a)(8); Safe Connections Notice at 43-44, para. 120. 464 Safe Connections Act § 5(a)(8); Safe Connections Notice at 44, para. 120. 64 Federal Communications Commission FCC-CIRC2311-02 resources from the North American Numbering Plan,” including transmissions from facsimile machines and computers and “any service that requires internet protocol-compatible customer premises equipment . . . and permits out-bound calling, whether or not the service is one-way or two-way voice over internet protocol.”465 No commenter opposed this proposal. We also note that the Commission interpreted the TRACED Act definition when implementing that Act’s requirements, and chose to mirror the definition in its rules.466 121. Call. The SCA does not define the term “call,” nor does the Communications Act. Consistent with our proposal in the Safe Connections Notice, solely for purposes of implementing section 5(b)(3) of the SCA, we elect to define a “call” as a voice service transmission, regardless of whether such transmission is completed.467 Given the expansive definition of “voice service,” which we define without regard to whether the service is wireline or wireless, this term sufficiently captures the means by which survivors would use the public switched telephone network to reach covered hotlines.468 Although we suspect that only completed transmissions would appear on call logs, out of an abundance of caution in deference to the safety concerns of survivors, we will include completed and uncompleted transmissions in the definition of “call.” No commenter opposed this proposal. 122. Text Message. Section 5(a)(7) of the SCA defines “text message” as having the same meaning as in section 227(e)(8) of the Communications Act, and we adopt the same definition consistent with our proposal in the Safe Connections Notice.469 Section 227(e)(8) defines “text message” as “a message consisting of text, images, sounds, or other information that is transmitted to or from a device that is identified as the receiving or transmitting device by means of a 10-digit telephone number” and includes short message service (SMS) and multimedia message service (MMS) messages.470 This definition explicitly excludes “message[s] sent over an IP-enabled messaging service to another user of the same messaging service” that do not otherwise meet the general definition, as well as “real-time, two- way voice or video communication.”471 When the Commission previously interpreted section 227(e)(8) for purposes of implementation, it adopted a rule that mirrors the statutory text,472 and we do the same here, as proposed in the Safe Connections Notice.473 No commenter opposed adoption of this definition. Similar to our analysis with respect to uncompleted calls, out of an abundance of caution in deference to the safety concerns of survivors, we will include delivered and undelivered text messages in the definition of “text message.” 123. Covered Hotline. The SCA defines the term “covered hotline” to mean “a hotline related to domestic violence, dating violence, sexual assault, stalking, sex trafficking, severe forms of trafficking 465 See Safe Connections Act § 5(a)(8), in turn referring to section 4(a) of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, Pub. L. No. 116-105, 133 Stat. 3276 (TRACED Act) (codified at 47 U.S.C. § 227b(a)). 466 Call Authentication Trust Anchor, Implementation of the TRACED Act Section 6(a) Knowledge of Customers by Entities with Access to Numbering Resources, WC Docket Nos. 17-97, 20-67, Report and Order and Further Notice of Proposed Rulemaking, 35 FCC Rcd 3241, 3259-61, paras. 37-40 (2020) (Second ID Authentication Report and Order); 47 CFR § 64.6300(n). 467 Safe Connections Notice at 44-45, para. 123. 468 Appx. A, § 64.6400(b); Safe Connections Notice at 44-45, para. 123. 469 Safe Connections Act § 5(a)(7); Safe Connections Notice at 45, para. 124. 470 Safe Connections Act § 5(a)(7); 47 U.S.C. § 227(e)(8). 471 47 U.S.C. § 227(e)(8)(C)(iii). 472 Implementing Section 503 of RAY BAUM’S Act, WC Docket No. 18-335, Second Report and Order, 34 FCC Rcd 7303, 7309-11, paras. 15-19 (2019); 47 CFR § 64.1600(o). 473 Appx. A, § 64.6400(n); Safe Connections Notice at 45, para. 124. 65 Federal Communications Commission FCC-CIRC2311-02 in persons, or any other similar act.”474 We adopt this definition, and further clarify what constitutes a “hotline” and how much of the counseling services and information provided on the “hotline” must relate to “domestic violence, dating violence, sexual assault, stalking, sex trafficking, severe forms of trafficking in persons, or any other similar act[s]” for the “hotline” to be a “covered hotline.”475 124. As an initial matter, we note that in providing these clarifications, we strive to meet the broadest reasonable expectations of a survivor seeking to place calls and send text messages without fear that they will appear in logs. Commenters uniformly supported this approach.476 Turning to the specific definition, we conclude that a “covered hotline” need not exclusively provide counseling and information to serve domestic violence survivors; for instance, the hotline could provide services to individuals in need of other types of support unrelated to domestic violence or other related issues under the SCA.477 Such a single subject requirement would be overly restrictive and potentially exclude some hotlines that provide essential services to domestic violence survivors. Accordingly, we define “covered hotline” as any hotline that provides counseling and information on topics described in the SCA’s definition of “covered hotline” as more than a de minimis portion of the hotline’s operations. No commenter opposed this approach. 125. We next conclude that the counseling service associated with the pertinent telephone number must be a “hotline.” Given the SCA’s definition of “covered hotline,” as well as the potential use of a central database of “covered hotlines” (calls and text messages which would be omitted from customer-facing logs), we interpret “hotline” generally to mean a telephone number from which counseling and information is provided.478 We suspect, however, that certain telephone numbers may serve as “hotlines” and also be used for other purposes, such as the main telephone number for the organization providing the counseling and/or information service. We conclude that telephone numbers should not be excluded from being “covered hotlines” merely because they do not serve exclusively as “hotlines.”479 We find that we can best achieve the goal of minimizing hotline hesitancy by interpreting “hotline” as broadly as possible, and therefore interpret it to include numbers on which an organization provides anything more than a de minimis amount of counseling service and will use this standard as a component in our definition of “covered hotline.” No commenter opposed this approach and several supported it.480 126. The Commission proposed in the Safe Connections Notice to delegate to the Bureau the task of providing further clarification, as necessary, of the scope and definition of “covered hotline,” in light of the novelty of overseeing a central database of covered hotlines, and to maximize the efficiency in resolving future matters of interpretation under these provisions of the SCA.481 We adopt this unopposed proposal. 127. Consumer-Facing Logs of Calls and Text Messages. The SCA does not define the term 474 Safe Connections Act § 5(b)(3)(A)(ii). 475 Appx. A, § 64.6400(e); Safe Connections Notice at 45, para. 125; Safe Connections Act § 5(a)(4). 476 API-GBV Comments at 8; EPIC et al. Comments at 6; NDVH Comments at 3; NYC Mayor’s Office Comments at 2; NYS OPDV Comments at 3. 477 Safe Connections Notice at 46, para. 128. 478 The SCA appears to acknowledge this by equating the adjective “covered” to the topics, which, in this case are “domestic violence, dating violence, sexual assault, stalking, sex trafficking, severe forms of trafficking in persons, [and]. . . other similar act[s].” Safe Connections Act § 5(a)(4). 479 See Safe Connections Notice at 46, para. 128. 480 API-GBV Comments at 8; EPIC et al. Comments at 30; National Domestic Violence Hotline Comments at 3; NYC Mayor’s Office Comments at 2; NYS OPDV Comments at 3. 481 Safe Connections Notice at 46, para. 129. 66 Federal Communications Commission FCC-CIRC2311-02 “consumer-facing logs of calls or text messages.”482 In light of our goal of minimizing any hesitancy by survivors to contact hotlines by preventing abusers from being made aware of survivors’ calls and text messages to hotlines, we seek to define the term as broadly as possible.483 We therefore define such logs, consistent with the proposal in the Safe Connections Notice,484 as any means by which a service provider presents to a consumer a listing of telephone numbers to which calls or text messages were directed, regardless of, for example, the medium used (such as by paper, online listing, or electronic file), whether the calls were completed or the text messages were successfully delivered, whether part of a bill or otherwise, and whether requested by the consumer or otherwise provided.485 In addition, our definition includes both oral disclosures of call and text message information that would appear in consumer-facing logs of calls and text messages (likely through customer service representatives) and written disclosures by service providers of individual call or text message records.486 We exclude from this definition any logs of calls or text messages stored on consumers’ wireless devices or wireline telephones, such as recent calls stored in the mobile device’s phone app or lists of recently dialed numbers on cordless wireline handsets.487 No commenter opposed this approach and several supported it.488 128. Wireline Provider of Voice Service. As discussed above, we conclude that we should extend the obligation to protect the privacy of calls and text messages to hotlines to fixed wireless providers of voice service and to fixed satellite providers of voice service, in addition to “covered providers” and “wireline providers of voice service” as identified in the SCA. Because including such providers in our rules requires new definitions, we conclude that to maintain maximum clarity, we should also define the term “wireline provider of voice service.”489 Such term is defined neither in the Safe Connections Act nor the Communications Act. We adopt as our definition, solely for purposes of our rules implementing the Safe Connections Act, as “a provider of voice service that connects customers to its network primarily by wire.”490 We believe that this definition captures what is ordinarily considered to 482 Safe Connections Act § 5(b)(3)(A)(ii). 483 Safe Connections Notice at 46-47, para. 130. 484 Id. 485 Appx. A, § 64.6400(c). 486 Safe Connections Notice at 46-47, para. 130. 487 Id. See, e.g., Apple, View and delete the call history on your iPhone, https://support.apple.com/en-us/HT207729 (last visited Oct. 4, 2023); AT&T, 2-Handset Expandable Cordless Phone with Unsurpassed Range, Bluetooth Connect to Cell™, Smart Call Blocker and Answering System, DL72210, https://telephones.att.com/pd/4380/2- Handset-Expandable-Cordless-Phone-with-Unsurpassed-Range-Bluetooth-Connect-to-Cell-Smart-Call-Blocker- and-Answering-System-DL72210 (last visited Oct. 4, 2023) (“[l]ast 10 number redial” for cordless phone handset). The provisions of the SCA regarding the protection of calls and text messages to hotlines appear to apply to call logs under the control of pertinent service providers, not logs that might be generated by or stored on the wireline or wireless device. Thus, the obligation to protect the privacy of calls and text messages to hotlines would still apply to call and text logs accessed on a smart phone or other device through service provider apps or websites. See, e.g., Verizon, How to view & download mobile bill statements & bill history, https://www.verizon.com/support/view- latest-bill/ (last visited Oct. 4, 2023). 488 API-GBV Comments at 8; EPIC et al. Comments at 6; NDVH Comments at 3; NYC Mayor’s Office Comments at 2; NYS OPDV Comments at 3. 489 In the Safe Connections Notice, in which the Commission merely sought comment on whether to apply the duty to protect the privacy of calls and text messages to hotlines to fixed wireless and fixed satellite providers, the Commission proposed that it need not define “wireline provider” given what it considered to be its plain meaning when used in conjunction with “of voice service,” as the latter term was proposed to be defined. Safe Connections Notice at 44, para. 121. 490 Appx. A, § 64.6400(p). 67 Federal Communications Commission FCC-CIRC2311-02 be a “wireline provider,” allowing for intermediate legs of wireless transport, such as by microwave.491 129. Fixed Wireless Provider of Voice Service. Solely for purposes of our rules implementing the Safe Connections Act, we define the term “fixed wireless provider of voice service” to mean “a provider of voice service to customers at fixed locations that connects such customers to its network primarily by terrestrial wireless transmission.”492 130. Fixed Satellite Provider of Voice Service. Solely for purposes of our rules implementing the Safe Connections Act, we define the term “fixed satellite provider of voice service” to mean “a provider of voice service to customers at fixed locations that connects such customers to its network primarily by satellite transmission.”493 3. Creating and Maintaining the Central Database of Hotlines 131. The SCA directs the Commission to consider whether and how to establish a central database of hotlines related to domestic violence, dating violence, stalking, sexual assault, human trafficking, and other related crimes, which could be updated monthly and used by providers to determine the covered hotline for which they must remove records from their customer-facing logs.494 Commenters strongly supported establishing a central database.495 Establishing a central database will provide certainty as to which call-log records are to be suppressed, thus fulfilling the SCA’s objective to protect survivors while also clarifying service providers’ compliance obligations.496 132. The record supports either the Commission’s or a third party’s creating and administering the database,497 but no commenters addressed how the costs incurred by a third party administrator would be recovered.498 Parties have made a variety of suggestions for engaging with stakeholders, and have noted the complexity of the process.499 We believe that these decisions are worthy of further consideration, and we therefore delegate to the Bureau, working in conjunction with the Office of the Managing Director (including the Office of the Chief Information Officer (OCIO)) and the Office of General Counsel (including the Senior Agency Official for Privacy (SAOP)), the matter of determining 491 See, e.g., Connect America Fund et al., WC Docket No. 10-90 et al., Report and Order and Further Notice of Proposed Rulemaking, 31 FCC Rcd 1013 (2016) (describing the use of microwave transmission in Alaska). 492 Appx. A, § 64.6400(h). 493 Appx. A, § 64.6400(i). 494 Safe Connections Act § 5(b)(3)(A)(i). 495 NCTA Comments at 11; CTIA Reply at 4; NaLA Reply at 11. 496 Safe Connections Notice at 47, para. 131. See NCTA Reply at 2 (explaining that this approach will provide certainty for all parties regarding which records are to be suppressed). 497 USTelecom Comments at 3 (recommending the database be administered by either the Commission or a third party); Verizon Comments at 23 (same); NCTA Reply at 13-14 (same). 498 Safe Connections Notice at 49, para. 139. 499 CTIA Comments at 17 (“The Commission should seek guidance from the North American Numbering Council (‘NANC‘) on the likely costs and technical criteria necessary to create and maintain the central hotline database.”); Verizon Comments at 23 (“The Commission should work with industry stakeholders to ensure that any database— whether administered by the Commission or a third party—maintains the information in a format (or formats) compatible with wireless providers’ billing and other systems.”); USTelecom Reply at 2-3 (“[T]he Commission should engage voice service providers—the ultimate users of the database—on the database’s design, which will help ensure that hotline data in the database is in a format that is compatible with providers’ systems. For example, to obtain input on the database’s design the Commission could, through the Wireline Competition Bureau, issue a public notice specifically seeking comment on the design of the database or task an advisory committee, such as the North American Numbering Council, to make recommendations. The agency also could hold informal discussions with industry stakeholders for information sharing and collaboration.”). 68 Federal Communications Commission FCC-CIRC2311-02 the administrator for the database consistent with the determinations we make in this Order. We direct the Bureau to announce the administrator details, and adopt any necessary rules, through a Public Notice or other appropriate means. The Bureau should not select an option that would require recovering costs for the administrator through an assessment on service providers, as we find that such an option would unnecessarily delay establishing the database. We also decline at this time to refer technical details of the database to the North American Numbering Council (NANC), as suggested by CTIA.500 The Bureau should work with stakeholders as it manages the process of selecting an administrator (whether it be self- provisioned, through a third party, or some combination thereof) and establishing the database. If the Bureau later concludes that input from the NANC is warranted, it will seek out such input. 133. In addition, the Commission also delegates authority to the Bureau, working in conjunction with the Office of the Managing Director (including OCIO) and the Office of General Counsel (including the SAOP), to address all administrative and technical matters relating to the creation and maintenance of the database that are not prescribed in this Order. We expect the implementation process could involve complex legal, administrative, or technical questions, and we find that it is important to retain flexibility to address such issues as they arise. This is consistent with the approach the Commission has taken in other areas when overseeing the implementation of new programs such as the Broadband Data Collection and Robocall Mitigation Database.501 134. We find that the database should always be as comprehensive and accurate as possible so as to best fulfill the expectations of survivors that their calls and text messages to hotlines will not appear in service provider’s consumer-facing call logs.502 In this regard, we direct the Bureau to work with experienced stakeholders to help in identifying hotlines for the database administrator to include in the database, and developing procedures for updating the database; we direct the Bureau to establish procedures that will enable submissions by both operators of hotlines and from third parties.503 We likewise direct the Bureau to consider how best to verify the accuracy of submissions while balancing administrative concerns such as the need to initiate use of the database as soon as possible. Should the Bureau elect to use a third party to serve as the database administrator, the Bureau, not the third party, will have final authority over determining whether particular potential database entries are “covered hotlines.” 135. While we recognize that comprehensiveness and accuracy are key elements in database design and administration, the safety of survivors of domestic violence is paramount and should be taken into account in all database-related decisions and administration. As a result, we conclude that the database should not be made publicly available, as proposed in the Safe Connections Notice.504 As the NDVH argues, providing convenient public access to such a large database of telephone numbers through which all manner of domestic violence survivor assistance is made available provides opportunities for abusers to interfere with survivors’ ability to place calls and send texts to hotlines in the database by a variety of means, thereby undermining the purpose for which we are establishing the database (to enable 500 CTIA Comments at 17. 501 Establishing the Digital Opportunity Data Collection; Modernizing the FCC Form 477 Data Program, WC Docket Nos. 19-195, 11-10, Second Report and Order and Third Further Notice of Proposed Rulemaking, 35 FCC Rcd 7460, 7488-89, 7494, paras. 66-68, 82 (2020); Call Authentication Trust Anchor, WC Docket No. 17-97, Second Report and Order, 36 FCC Rcd 1859, 1877-82, para. 83 (2020) (Second Caller ID Authentication Order). 502 See Safe Connections Notice at 45-46, paras. 126-30. 503 EPIC et al. Comments at 30-31; NDVH Comments at 3; NYC Mayor’s Office Comments at 2; Rose Marie Vergara Comments at 4; USTelecom Comments at 3; Verizon Comments at 23; see Safe Connections Notice at 48, para. 137 (proposing that the database administrator take update submissions from third parties, subject to verification by the administrator). 504 Safe Connections Notice at 48, para. 134. 69 Federal Communications Commission FCC-CIRC2311-02 protection of the privacy of calls and text messages to hotlines).505 While we acknowledge, as the Safe Connections Notice did,506 that making the database publicly available could potentially improve the accuracy of the list and be a resource for survivors, we find the benefits of making the database publicly available are outweighed by the potential harms to survivors as identified by the NDVH. 136. Consistent with our concerns regarding the sensitivity of the database, we direct the Bureau to ensure that access to the full database file is available only to covered providers, wireline providers of voice service, fixed wireless providers of voice service, and fixed satellite providers of voice service through secure means. Recognizing the potential value of the database to governmental agencies with general subject matter jurisdiction (law enforcement and health and human service-type agencies), however, we direct the Bureau to also permit such agencies access to the full database file through secure means as long as an administratively reasonable method of determining eligibility for access can be arranged. Moreover, although the database itself will not be publicly accessible, survivors still will be able to view the administrator’s public website, and we therefore direct the Bureau to consider a means by which the administrator’s website could identify, for survivors’ benefit, any covered service provider that has been granted a technical-infeasibility exception from the call-log obligation, as well as any service providers that have been granted an extension of the compliance deadline. More generally, we encourage the Bureau to consider the possibility of designing a limited form of access for survivors to determine whether a call that they are about to make or a text that they are about to send to a hotline will not appear in a call log. To this end, we direct the Bureau to explore creating a web-based lookup feature that would allow survivors to determine if a particular number appears in the database while, at the same time, preventing such a lookup feature being exploited by bad actors to reverse-engineer the full list of hotlines. Such a feature may also permit operators of hotlines to determine if their number has been properly included. 4. Using the Central Database of Hotlines 137. Service Provider Compliance Deadline.507 The record reflects the urgency of issues faced by survivors of domestic abuse.508 Survivors need to place calls and send text messages to hotlines without fear of discovery (and potential reprisal) by their abuser as soon as possible as such calls and text messages save lives.509 Further, no party claims that the implementation challenges faced by service providers, which in some cases appear to be complex,510 are insurmountable. At the same time, there are 505 Letter from Marium Durrani, Vice President of Policy, The National Domestic Violence Hotline, to Marlene H. Dortch, Secretary, FCC, WC Docket No. 21-450 et al. (filed Oct. 17, 2023); see also Diana Freed, Sam Havron, Emily Tseng, Andrea Gallardo, Rahul Chatterjee, Thomas Ristenpart, and Nicola Dell, Is My Phone Hacked? Analyzing Clinical Computer Security Interventions with Survivors of Intimate Partner Violence, 3 Proceedings of the ACM on Human-Computer Interaction 202 (2019), https://dl.acm.org/doi/pdf/10.1145/3359304 (Freed et al. 2019). We do not detail these multiple methods in the interest of preventing advertising their availability. We have consulted with Commission engineers who describe similar potential methods. 506 Safe Connections Notice at 48, para. 134. 507 For ease of discussion, we use the term “compliance deadline” to refer to the effective date of our rules regarding the protection of the privacy of calls and text messages to hotlines. 508 EPIC et al. Comments at 3; NDVH Comments at 1; NVRDC Comments at 10; Rose Marie Vergara Comments at 2-4; NYS OPDV Comments at 2, 5; 1075, Student, Boston College Law School Reply at 4-5, 8-9. 509 See generally Section II, supra. 510 CTIA Comments at 10 (“Covered providers may need to revise and update their existing IT and operational systems for billing, account access, and account management. Covered providers may also need sufficient time to develop, implement, and test technical solutions, required systems and processes to receive, store, and discard the required information from survivors.”); id. at 11-12 (“Given the substantial operational challenges involved in implementing the line separation and call log screening requirements, covered providers will need a substantial period of time to implement the requirements, test the systems, and train customer service representatives.”); USTelecom Comments at 5-6 (“Ultimately, providers will need sufficient time to make the updates and upgrades (continued….) 70 Federal Communications Commission FCC-CIRC2311-02 important administrative milestones on which a successful database rollout depends. Although the Commission sought comment in the Safe Connections Notice on how long service providers would take to implement the requirements that it proposed,511 the record has only one specific proposal, a request for at least 24 months for smaller carriers.512 Balancing the immediate need to provide help to survivors of domestic violence with the potential complexity of implementing systems to comply with our consumer- facing call log rules, we believe that 12 months from the date of publication of this Order in the Federal Register is a reasonable timeline for all but the smaller service providers, particularly because the record lacks evidence that it would take such providers longer. We therefore adopt a 12-month compliance deadline.513 138. We delegate to the Bureau the responsibility of implementing this compliance deadline and communicating with all stakeholders about progress towards completing the database, associated milestones, and service provider requirements, consistent with the decisions in this Order. In establishing this timeline, we recognize the need for service providers to have the necessary detail as early as possible for designing their systems and to be able to test the database files in such systems prior to full implementation.514 In this regard, we also establish two milestones affecting the final compliance deadline. First, the compliance deadline will be no earlier than eight months after the Bureau has published the database download file specification, which should be the final detail necessary for service providers to complete design of their systems.515 Second, the compliance deadline will be no earlier than two months after the Bureau announces that the database administrator has made the initial database download file available for testing.516 To the extent that the date of either announcement causes the deadline to be later than 12 months after Federal Register publication, the Bureau should provide notice of the new compliance deadline for implementation based on the date of the announcement.517 Given the (Continued from previous page) necessary to comply with the rule, as well as fully address any complexities that arise as implementation work begins.”); Verizon Comments at 3 (“Implementation of the proposed line separation and call data privacy requirements will require some of the most significant reassessment, re-programming and upgrades of customer billing, online account, and customer care systems and practices since the Commission promulgated the original CPNI rules in 1998 and 1999.”); CCA Reply at 6-7 (“The need for sufficient time is especially important for smaller carriers, with limited staff and resources needed to work with vendors, plan the upgrades/solutions, and test and deploy them.”). 511 Safe Connections Notice at 50, para. 142. 512 CCA Comments at 7 (“CCA requests that the Commission establish compliance deadlines for both line- separation requests and omission of calls and texts to domestic abuse hotlines that are at least 24 months from the effective date of the Commission’s rules, at least for smaller carriers.”). 513 Appx. A, § 64.6408(b). 514 USTelecom Comments at 5-6. 515 Appx. A, § 64.6408(b). Although we delegate such details to the Bureau, we observe that the most likely form of the database file would be comma separated value (CSV) formatted with three fields for each database record: (1) a seven-digit integer representing a unique record identifier; (2) a ten-digit integer representing the hotline telephone number; and (3) the date, in yyyy/mm/dd format, representing the vintage of database file in which the hotline was added to the database. 516 Appx. A, § 64.6408(b). See USTelecom Comments at 5-6 (“[T]he Commission should allow time for providers to come into compliance after the database is established. This will enable providers to finish deployments, which are dependent on the new database, and test new mechanisms to ensure that they successfully suppress records of calls to covered hotlines in consumer logs[.]”). In light of the compliance deadline being no less than two months after the availability of the initial database file for download, we do not condition such deadline on any approval by OMB review under the PRA of any data collection necessary to create the database. This is because any necessary approval would have to occur prior to creation of the initial database file. 71 Federal Communications Commission FCC-CIRC2311-02 potential unpredictability of the implementation process, including development of the database, we delegate authority to the Bureau to extend the compliance deadline as necessary. 139. For smaller service providers, we adopt a compliance deadline of 18 months from the date of publication of this Order in the Federal Register to comply with our new rules on consumer-facing call logs.518 We find that granting smaller providers extra implementation time is appropriate, given that they may face more resource challenges than larger providers in complying with the new rules,519 and consistent with the SCA’s charge to the Commission to consider “factors that may impact smaller providers.”520 The 18-month period is less than the 24 months sought by CCA,521 but we find that our 18-month compliance deadline for small providers properly balances the significance of the risks faced by domestic abuse survivors, and the benefits of them being able to call hotlines and seek help without fear of the abuser accessing their call records, against the implementation challenges faced by smaller providers. 140. We define a small provider as “a provider that has 100,000 or fewer voice service subscriber lines (counting the total of all business and residential fixed subscriber lines and mobile phones and aggregated over all of the provider's affiliates).”522 While no commenter proposed a definition of a small provider in this proceeding, we find it appropriate to adopt the definition of “small voice service provider” that the Commission adopted for the purpose of creating a delayed deadline for such providers to implement the Commission’s call authentication rules stemming from the TRACED Act and in defining which small service providers are exempt from certain rural call completion rules.523 In both cases, the Commission was establishing rules relating to service providers’ processing of calls, which is relevant to the rules for protecting the privacy of calls and text messages to hotlines, and the Commission considered the 100,000-line threshold to appropriately balance the need for implementation with the rules (Continued from previous page) 517 Thus, for example, if the Bureau’s announcement of the availability of the initial download file for testing were not to come until 11 months after publication of this Order in the Federal Register, the Bureau would announce that the compliance deadline has become 13 months after Federal Register publication – in this example, continuing to ensure that service providers have two months to test the file. We note that this second database implementation milestone cannot be met without a database administrator having been selected and well-established. Service providers will be assured at least an eight-month period between the availability of the database download file specification and their compliance deadline. As a result, service providers will not be prejudiced by any potential delay introduced by deferring the determination of who should administer the database to a later decision by the Bureau. 518 Appx. A, § 64.6408(c). 519 CCA Comments at 6-7; CCA Reply at 6-7. We acknowledge that our decision to create a separate compliance deadline for small carriers in the case of protecting the privacy of calls and text messages to hotlines differs from our decision with respect to line separations. See supra Section II.A.8. Through stating that the line separation requirements in the statute “shall take effect 60 days after the date on which the Federal Communications Commission adopts the rules implementing” those requirements, the SCA provides what amounts to a presumptive compliance deadline of 60 days. Id.; Safe Connections Act § 6. There is no similar provision in the SCA regarding protecting the privacy of calls and text messages to hotlines differs from our decision with respect to line separations. See Safe Connections Act § 5. 520 Safe Connections Act § 5(b)(3)(ii)(II)-(III). 521 CCA Comments at 7. 522 Appx. A, § 64.6400(l). No commenter proposed a definition of small service provider for purposes of creating a longer compliance period. Safe Connections Notice at 50, para. 142. 523 47 CFR § 64.6304(a)(2); Second Caller ID Authentication Order, 36 FCC Rcd at 1877-82, paras. 40-48; Rural Call Completion, WC Docket No. 13-39, Report and Order and Further Notice of Proposed Rulemaking, 28 FCC Rcd 16154, 16168, para. 27 (2013) (First Rural Call Completion Order). 72 Federal Communications Commission FCC-CIRC2311-02 with burdens on small service providers.524 We believe that for the same reasons, a 100,000-line threshold is appropriate here.525 141. We recognize that in extending the compliance deadline for small service providers, we need to ensure that this translates to additional system development time after the data file specification is announced. As a result, the compliance deadline for small service providers will in no case be earlier than 14 months after the Bureau has published the database download file specification, ensuring that small service providers will have sufficient time to complete design of their systems.526 Further, exercising an abundance of caution, the compliance deadline for small service providers will be no earlier than two months after the Bureau announces that the database administrator has made the initial database download file available for testing for larger service providers.527 142. Creating a later compliance deadline for small service providers, however, will lead to a six-month period in which some survivors’ calls and text messages to hotlines will be omitted from call logs (those served by non-small providers) while calls and text messages of other survivors (those served by small providers, likely the vast minority of survivors) will not. To minimize confusion, we direct the Bureau to consider creating a means by which survivors can determine on the database administrator’s website whether their service provider is currently (at the time of inquiry) required to comply with the obligation to protect the privacy of calls and text messages to hotlines. 143. We also provide clarity regarding the relationship between compliance deadlines and the dates of particular calls and text messages that may be subject to our rules. We recognize that service providers may maintain two kinds of relevant call logs: (1) online consumer-facing logs, and (2) consumers’ bills (whether electronic or paper), which we also consider to be logs. We also recognize that, as of a service provider’s compliance deadline, the service provider’s online consumer-facing logs will include records of calls and text messages from prior to the compliance deadline – and, in the ordinary course of business, such service provider may continue to make such online logs of pre- compliance deadline calls and text messages available for potentially multiple months.528 These online call logs may be difficult to retroactively revise. Similarly, we acknowledge that consumers’ bills that pertain exclusively to periods before the compliance deadline may remain available on service providers’ websites on and after the compliance deadline.529 Not only might it be difficult for service providers to retroactively revise such bills, but such bills may have already been e-mailed or physically mailed to the account holder. 524 Second Caller ID Authentication Order, 36 FCC Rcd at 1877-82, paras. 40-48; First Rural Call Completion Order, 28 FCC Rcd at 16168, para. 27. 525 In adopting the 100,000 voice subscriber line threshold in the First Rural Call Completion Order, the Commission noted a review of fixed and mobile subscription counts reported to the Commission via FCC Form 477 revealed that the 100,000-subscriber-line threshold would leave as much as 95% of callers served by providers subject to the full obligations. First Rural Call Completion Order, 28 FCC Rcd at 16168, para. 27. A recent similar review has determined that such a threshold should leave nearly 98% of callers served by providers subject to the 12-month compliance deadline. FCC staff analysis of FCC Form 477 data as of June 30, 2022. 526 Appx. A, § 64.6408(c). 527 Id. 528 See, e.g., Doralia Creamer, How To Get My T-Mobile Call Log (Sept. 20, 2023), https://cellularnews.com/mobile-phone/how-to-get-my-t-mobile-call-log/; AT&T, Access Digital Home Phone Call History, https://www.att.com/support/article/u-verse-voice/KM1001418 (last visited Oct. 4, 2023) (referring to call logs with up to 60 days of history). 529 See, e.g., T-Mobile, T-Mobile app > Billing and Payments – View Bill History, https://www.t- mobile.com/support/tutorials/device/app/ios/topic/t-mobile-app/billing-and-payments-view-bill-history (last visited Oct. 4, 2023); (Lumen, Viewing an Invoice, https://www.lumen.com/help/en-us/control-center/billing/viewing-an- invoice.html (last visited Oct. 4, 2023). 73 Federal Communications Commission FCC-CIRC2311-02 144. Balancing these considerations, we establish the following requirements. With respect to online consumer-facing logs, we clarify that, after a service provider’s compliance deadline, such logs may continue to display records of calls and text messages to hotlines that were placed or sent prior to a service provider’s compliance deadline. That same service provider’s online consumer-facing logs, however, must omit calls and text messages to hotlines that were placed or sent on or after the compliance deadline. With respect to consumers’ bills, we clarify that bills for periods exclusively before the compliance deadline need not omit calls placed to and text messages sent to hotlines omitted. For bills that include calls and text messages both before and after the compliance deadline, service providers need only omit calls placed to and text messages sent to hotlines on or after the compliance deadline.530 Bills exclusively for periods on or after the compliance deadline must fully comply with our rules. With regard to other written and oral disclosures of information regarding calls placed to and text messages sent to hotlines, our rules apply only to such calls and text messages placed or sent on or after the compliance deadline. 145. Database Updates. As proposed in the Safe Connections Notice and consistent with the SCA,531 we require service providers to download the central database once it is established, and thereafter to download updates from the central database once per calendar month.532 This is necessary to ensure service providers stay up to date on the covered hotlines in order to abide by their call-log removal duties. We anticipate new covered hotlines will be added to, and potentially removed from, the central database on an ongoing basis, so regular downloading of the updated database will be necessary. Commenters broadly supported a monthly download requirement, which strikes a balance between requiring providers to stay current but not requiring constant updates.533 To make updates easier, we direct the Bureau to work with the database administrator to set a fixed date each month (for example, the 1st or 15th of the month) when it will update the database, so providers can schedule their monthly downloads of the updated database accordingly.534 Service providers will be required to download and implement their monthly downloaded updates in their systems within 15 days of the release of these new monthly updates.535 146. Penalties, Safe Harbor, and Interplay With Other Laws and Regulations. We conclude that we should not establish special penalties for violations of our rules pertaining to protecting the privacy of calls and text messages to hotlines.536 We believe that the relative novelty of the requirements that we establish make appropriate penalties difficult to assess in advance and are likely, at least initially, to be best assessed on a case-by-case basis. Thus, we conclude that, contrary to EPIC et al.’s suggestion,537 we should rely on pre-existing penalties and enforcement mechanisms,538 but will revisit this topic in the future if such mechanisms prove to be insufficient. 147. Some service providers have raised concerns about facing civil liability for unintentional errors or failures in removing calls and text messages to covered hotlines from their call logs, and 530 Service providers are also welcome to voluntarily omit such calls and texts for all days in such bills. 531 See Safe Connections Act § 5(b)(3)(A)(i). 532 Safe Connections Notice at 49, para. 136. 533 EPIC et al. Comments at 30; NaLA Comments at 26; NaLA Reply at 11; NCTA Reply at 14. 534 See CTIA Comments at 16 (suggesting monthly updates be on a date certain). 535 Appx. A, § 64.6408(a)(3). 536 Safe Connections Notice at 50, paras. 144-45. 537 EPIC et al. Comments at 24. 538 See, e.g., 47 U.S.C. § 503(b)(2)(B); 47 CFR § 1.80(b)(2). 74 Federal Communications Commission FCC-CIRC2311-02 recommended the Commission establish a “safe harbor” in this area.539 As an initial matter, we note that the SCA already establishes a safe harbor from civil liability for providers that update their databases every 30 days to match the Commission’s central database.540 The rules that we establish make clear that covered providers, wireline providers of voice service, fixed wireless providers of voice service, and fixed satellite providers of voice service need omit from consumer-facing call and text logs only calls and text messages to numbers that appear in the database. Thus, as long as these providers are faithfully downloading updates to the database and have properly implemented systems for redacting calls and text messages to such numbers from consumer-facing call logs, they will not be in violation of our rules. Put another way, such providers will not have an independent duty to authenticate and verify the accuracy of the central database.541 148. Commenters have raised examples of laws and regulations that service providers might arguably violate through their compliance with the privacy rules that we establish for the protection of calls and text messages to hotlines.542 In response, and consistent with the principle that subsequent, more specific statutes control in the event of a conflict with earlier broader statutes,543 we make clear our intent that the rules we adopt here to implement the SCA supersede any conflicting requirements in the Communications Act, other Commission rules, or state requirements. This would include the requirement in section 222(c)(2) of the Act that a telecommunications carrier disclose CPNI to the customer upon request.544 However, we remind parties that pursuant to section 5(b)(3)(C) of the SCA, the rules that we adopt in this Order pertaining to the protection of calls and text messages to hotlines do not alter service provider obligations under CALEA.545 149. We decline to adopt a number of requests and recommendations put forth by EPIC et al. pertaining to matters that extend beyond implementation of the SCA. For example, EPIC et al. asks that we require providers to help survivors detect/delete stalkerware from phones and investigate dual-use tracking apps that can double as stalkerware, compile list sources of Commission authority over stalkerware.546 We decline to adopt these proposals, which fall outside the scope of the SCA and Safe 539 CTIA Comments at 16 (“the Commission should establish a safe harbor from enforcement for failure to omit information about calls and text messages to hotlines from consumer facing logs if the covered provider relies upon the most recent information accessed from the central hotline database”); NaLA Comments at 26 (“[T]he Commission should establish a safe harbor to shield providers from liability if providers does not meet the requirement to omit calls and texts from consumer-facing logs but reasonably rely on the most recent information provided in the database.”); Verizon Comments at 23 (“Providers should only be responsible for accurately and timely applying the hotline numbers in the database to their SCA-covered systems.”); NCTA Reply at 14 (“[T]he Commission should also adopt a safe harbor provision for providers that block records of calls based on numbers in the database.”); USTelecom Reply at 4. 540 See Safe Connections Act § 5(b)(3)(D). 541 See Verizon Comments at 25; USTelecom Reply at 4. 542 See Safe Connections Notice at 50, para. 145. Parties specifically raise CPNI and equivalent state obligations (CTIA Comments at 7-8, CTIA Reply at 7, Verizon Comments at 24-25) and truth in billing requirements (CTIA comments at 8, NCTA Comments at 11, Verizon Comments at 25). CTIA generally requests that “the Commission . . . make clear that the Commission’s rules adopted to implement the SCA supersede any conflicting provisions of the Commission’s rules or state requirements.” CTIA Comments at 7-8. 543 See Food & Drug Admin. v. Brown & Williamson Tobacco Corp., 529 U.S. 120, 143 (2000) (later statute may control where “the scope of the earlier statute is broad but the subsequent statute[] more specifically addresses the topic at hand”). 544 47 U.S.C. § 222(c)(2). 545 Safe Connections Act § 5(b)(3)(C) (with respect to id. § 5(b)(3)(A)); see also Section III.B.1, supra. 546 EPIC et al. Reply at 5-11. 75 Federal Communications Commission FCC-CIRC2311-02 Connections Notice and raise complex issues on which we have no record other than EPIC et al.’s request. C. Emergency Communications Support for Survivors 150. designate the Lifeline program as the program that will provide emergency communications support for survivors. As further detailed below, we also define financial hardship to allow survivors to receive this support, establish the application and enrollment processes for qualifying survivors, and address additional implementation challenges. 1. The Designated Program for Emergency Communications Support 151. The SCA requires the Commission to designate either the Lifeline program or the Affordable Connectivity Program to provide emergency communications support547 to survivors who have pursued the line separation process and are suffering from financial hardship, regardless of whether the survivor might otherwise meet the designated program’s eligibility requirements.548 Given this requirement and the record before us, we designate the Lifeline program to provide emergency communications support to impacted survivors.549 The Lifeline program allows participants to receive discounts on voice-only service, broadband service, or bundled service.550 The ACP does not allow consumers to receive a discount on voice-only services.551 We believe the flexibility offered by the Lifeline program to support voice-only services makes the program uniquely valuable for survivors, who may be experiencing significant disruption in their lives and need the ability to choose a voice-only service to help them reach other social support services. 152. Particularly in light of the SCA’s focus on enabling survivors to establish connections independent from their abusers,552 we recognize the importance of allowing qualifying survivors to 547 While “emergency communications support” is not defined by the SCA, we construe the Act’s references to emergency communications support to be the time-limited support offered to survivors suffering financial hardship through the designated program. See Safe Connections Act § 5(b)(2). We note that one commenter suggested that the Commission allow survivors to choose either the ACP or Lifeline. EPIC et al. Comments at 2. We do not believe we have the authority to pursue that option given the SCA’s specific direction to designate a “single program.” Safe Connections Act § 5(b)(2)(A)(i). 548 See Safe Connections Act § 5(b)(2)(A). The Safe Connections Act directs that the designated program serve survivors suffering from financial hardship and meet the requirements of the newly added section 345(c)(1) of the Communications Act of 1934, as amended. That section details ways in which a survivor can substantiate their status as a survivor and references how survivors should request line separation relief. See Safe Connections Act § 5(b)(2)(A); 47 U.S.C. § 345(c)(1). 549 See New York State Public Service Commission (NYPSC) Comments at 3 (remarking that Lifeline should be the designated program); National Lifeline Association (NaLA) Comments at 2 (recommending that “the Commission should designate the Lifeline program to provide emergency communications support to survivors because it is a permanent solution reliably funded through the Universal Service Fund” and suggesting that “Lifeline subscribers are also automatically eligible for ACP”). In its comments, NaLA also advocated for additional Lifeline reforms including increasing the Lifeline support amount, acting on pending Lifeline compliance plans and petitions for ETC designation, eliminating minimum service standards for Lifeline service, expanding Lifeline to support consumer devices, limiting Lifeline subscribers’ ability to transfer their benefit, and limiting provider liability for noncompliance with our rules. NaLA Comments at 2. As these issues are not the focus of this proceeding and were not raised in the Safe Connections Notice, we decline to address them in this Report and Order. 550 See 47 CFR § 54.403; see also Lifeline and Link Up Reform and Modernization et al., Order, WC Docket No. 11- 42, DA 23-589, at 4, para. 10 (WCB 2023) (extending the pause of the phase-out of Lifeline support for voice-only service until December 1, 2024). 551 47 CFR § 54.1802. 552 See Safe Connections Act § 3(4) (finding that “independent access to a wireless phone plan can assist survivors in establishing security and autonomy”). 76 Federal Communications Commission FCC-CIRC2311-02 choose to apply their emergency communications support benefit to a voice-only option. Voice services are ubiquitous and provide reliable access for reaching necessary support services and, if necessary, accessing emergency services.553 Additionally, real-time human voice communications can provide connection, comfort, and reassurance to the survivor during a time of upheaval and new challenges. By designating Lifeline as the emergency communications support program under the SCA, we enable survivors to maintain their voice-only service connection if they so choose. 153. In addition to voice services, Lifeline also provides discounts on broadband services, which may be equally essential in different ways to many survivors as they research support services for assistance as they flee their abusers.554 While both Lifeline and the ACP allow consumers to receive bundled support, the Lifeline program offers the greatest flexibility for survivors.555 As such, by selecting the Lifeline program, we are providing survivors with the option to access either or both of these crucial communications services, broadband and voice, giving survivors the security and autonomy we believe that Congress intended with the Safe Connections Act. 154. The maximum Lifeline discount for voice-only services is currently set at $5.25, and further phasedown in that support level is currently paused.556 To ensure the designated program best serves qualifying survivors, we believe that the Lifeline program should offer survivors the maximum base Lifeline discount,557 even for voice-only services. As noted in the Safe Connections Notice, we also believe that survivors receiving emergency communications support should be able to benefit from the Lifeline program’s enhanced Tribal benefit if they reside on qualifying Tribal lands.558 As such, we modify our rules at section 54.403 to allow survivors to receive support of up to $9.25 per month for all qualifying Lifeline services and up to a $34.25 monthly discount on Lifeline-supported services for survivors residing on qualifying Tribal lands. Regardless of any future changes to the reimbursement amount for voice-only services in the Lifeline program, we believe that survivors’ needs present a unique situation that should permit survivors choosing voice-only plans to receive the full Lifeline reimbursement amount for which they are eligible. This level of support will be limited to the survivor’s six-month emergency communications support period. If a survivor is eligible to participate in the Lifeline program beyond their initial emergency support period, and they choose to subscribe to a voice- only plan, then they will receive the voice-only discount applicable for all non-Tribal Lifeline subscribers, which is currently $5.25.559 553 NaLA Comments at 8 (noting that “voice service is important for survivors of domestic and sexual violence, so that they can reach emergency services as well as support services”). 554 See NYS OPDV Comments at 3 (quoting a discouraged survivor who lacked the communications resources to find a food bank, housing, and remote employment as she lamented “All survivors should have access to the internet so they can survive and not have to go back to their abuser. I’m close to having to do that because I can’t get my needs met without the ability to connect.”). 555 NaLA Comments at 2 (stating that “Lifeline would be especially useful for survivors of domestic and sexual violence because Lifeline service plans generally include bundles of broadband and voice service, which would allow survivors to dial 911 when necessary and the ability to call shelters and other support services”); see also NaLA Comments at 17 (opining that “[w]hen an emergency arises, survivors need access to a device with both voice and data services and functionality to make the necessary calls to get to safety or research available support services on the internet.”). 556 See Lifeline and Link Up Reform and Modernization et al., Order, WC Docket No. 11-42, DA 23-589, at 1, para. 2 (WCB 2023). 557 See 47 CFR § 54.403(a)(1)-(2). NaLA Comments at 9 (commenting that “qualified survivors should be eligible for the full Lifeline discount which should be increased to be consistent with the ACP”). 558 Safe Connections Notice at 53, para. 151. 559 Survivors on qualifying Tribal lands still qualify for the enhanced Tribal benefit. See Universal Service Administrative Company, Lifeline Rules and Requirements: Minimum Service Standards, (continued….) 77 Federal Communications Commission FCC-CIRC2311-02 155. We note that some commenters expressed support for the ACP as the designated program because it offers a higher monthly benefit amount.560 While we certainly recognize that as an advantage of the ACP, we believe that the Lifeline program overall offers the better longer-term solution for survivors because of its ability to support voice-only services and because of its stable funding source. We also believe that our efforts to expand the Lifeline benefit amount for voice-only support help to address the concerns raised by these commenters regarding the difference in the program benefit amounts. 156. In addition to being unable to support voice-only services, the ACP has a finite source of funds and its continuation is dependent upon additional congressional appropriations. Therefore, the ACP does not present the same long-term funding stability as the Lifeline program.561 Consumers eligible for the Lifeline program are also eligible to participate in the ACP, pursuant to the Infrastructure Investment and Jobs Act (Infrastructure Act), and the amendments to the Lifeline rules that we make in this Order preserve that option for survivors enrolling in Lifeline pursuant to the SCA as well.562 We believe it is appropriate, however, to limit this combined Lifeline and ACP support to the emergency communications support period of six months because adhering to the time limitation is consistent with both the language and intent of the SCA.563 This will protect program integrity and target limited funding where it is most needed. Survivors will have the opportunity to confirm their eligibility to participate in Lifeline and/or ACP under each respective program’s existing eligibility criteria as they approach the end of their emergency support periods, as detailed below.564 157. Some commenters identified the Lifeline program’s requirement that service providers be designated as Eligible Telecommunications Carriers (ETC) as a drawback of designating the Lifeline program for emergency communications support, with one commenter briefly suggesting that the Commission exempt carriers from the ETC requirement to allow more service providers to support survivors in the emergency communications period.565 The ETC requirement is a statutory requirement (Continued from previous page) https://www.usac.org/lifeline/rules-and-requirements/minimum-service-standards/ (noting that “[t]he up to $25 enhanced Tribal benefit remains available to eligible residents of Tribal lands. Additionally, continued voice support of up to $5.25 per month (or $5.25 plus up to $25 for the enhanced Tribal benefit) will still be available in areas with only one Lifeline provider in the Census block.”). 560 CCA Comments at 9-10; NCTA Comments at 12. 561 See FCC, Affordable Connectivity Program, https://www.fcc.gov/affordable-connectivity-program (explaining that the Infrastructure Investment and Jobs Act provided $14.2 billion to modify and extend the Emergency Broadband Benefit Program (EBB Program) to a longer-term broadband affordability program called the Affordable Connectivity Program (ACP)); see also Benton Institute for Broadband and Society, When Will Affordable Connectivity Program Funding Run Out?, https://www.benton.org/headlines/when-will-affordable-connectivity- program-funding-run-out-0 (last visited October 10, 2023). 562 Our rules adopted today revise 47 CFR § 54.409(a), allowing entry into the ACP. See 47 CFR § 54.1800(j)(1); 47 U.S.C. § 1752(a)(6)(A). See Comments of the New York State Office of Prevention of Domestic Violence (NYOPDV) at 5 (supporting the Commission allowing participation in the Lifeline program during the emergency communications period to qualify a survivor to also participate in the ACP). 563 See Safe Connections Act §§ 5(b)(2)(A)(ii)(II) and 5(b)(2)(D). 564 See supra Section III.C.4. 565 See NCTA Comments at 12-13 (advocating for carriers that participate in ACP and would like to provide emergency communications services through the Lifeline program to receive an exemption/waiver from the ETC designation requirement for Lifeline program participation or allow non-ETC ACP providers to offer customers the option of porting their line to an ETC Lifeline provider). Providers participating in the ACP are not required to be ETCs. See 47 CFR § 54.1801(d). Because we permit survivors that qualify for emergency communications support through Lifeline to enroll in ACP, survivors benefitting from emergency communications support through ACP can receive ACP service from non-ETCs in addition to Lifeline service from an ETC. 78 Federal Communications Commission FCC-CIRC2311-02 and cannot be waived.566 The ETC requirement is also a critical oversight component of the Communications Act, and the record here does not include the level of analysis required for us to consider whether forbearance would be appropriate or warranted.567 Furthermore, as we discussed above regarding line separations, the Safe Connections Act prohibits providers from limiting or preventing survivors from porting their line to another service provider.568 Therefore, survivors have the ability to port their line to a service provider that is designated as an ETC. Survivors will be able to receive the intended emergency support by receiving service from ETCs in the Lifeline program. Any service provider that is not currently an ETC but wishes to support survivors eligible for benefits under the SCA can do so by obtaining designation as a Lifeline-only ETC from the relevant state commission or the Commission, as applicable, and we encourage providers to do so. 158. In the Safe Connections Notice we sought comment on the impact of the designated program’s benefit as it pertains to survivors’ access to devices.569 There was limited discussion of this issue among commenters, but some commenters advocated for support for devices through the SCA designated program or suggested that the Commission take steps to incentivize service providers to provide devices to survivors.570 Historically, the Lifeline program has not generally supported devices,571 and on balance here, we believe it would be appropriate to continue focusing Lifeline funding on the subscriber’s service offering. This approach is consistent with the Commission’s long-standing approach in other universal service programs, which also do not fund end-user devices.572 One commenter 566 47 U.S.C. §§ 214(e), 254(e). 567 See, e.g., NaLA Reply at 6 (acknowledging the possibility of forbearance from ETC requirement, but suggesting that the Commission not undergo the extensive section 10 forbearance analysis in this context and instead allow non-ETCs to port lines to ETCs that do provide Lifeline-supported services). 568 Safe Connections Act § 4. 569 Safe Connections Notice at 54, para. 153. 570 See, e.g., NaLA Comments at 17 (suggesting that survivors receiving services from Lifeline ETCs be provided either deeply discounted or free mobile devices and recommending that the Commission incentivize such a program); EPIC et al. Reply at 3 (suggesting that the Commission explore ways that survivors can be provided functional and safe phones if the survivor does not feel safe using their existing device); NYS OPDV Comments at 5 (indicating that a benefit for devices may expand access for survivors). 571See Lifeline and Link Up Reform and Modernization et al., WC Docket No. 12-23, Report and Order and Further Notice of Proposed Rulemaking, 27 FCC Rcd 6656, 6805, para. 349 (2012) (2012 Lifeline Order) (“However, in keeping with the Commission’s historic approach to using the Fund, we will not subsidize equipment purchases as part of the pilot program.”); Lifeline and Link Up Reform and Modernization et al., WC Docket Nos. 11-42, 09-197, 10-90, Third Report and Order, Further Report and Order, and Order on Reconsideration, 31 FCC Rcd 3962, 4005- 4006, para. 125 (2016) (2016 Lifeline Order) (“Past Commission precedent makes it clear that Lifeline, with the exception of a brief period after Hurricane Katrina, has been used to fund services, and not equipment. At this time, we see no reason to deviate from that approach.”). 572 See Rural Health Care Support Mechanism, WC Docket No. 02-60, Report and Order, 27 FCC Rcd 16678, 16754, para. 167 & n.455 (2012) (Healthcare Connect Fund Order) (“The Universal Service Fund historically has not supported end user devices.”); see also id. at 16754, para. 157 & n.435 (“The Commission previously has concluded that it lacked statutory authority to support telemedicine equipment.”); 47 CFR § 54.617 (listing end user devices, telemedicine equipment, applications and software as examples of ineligible expenses); Modernizing the E- rate Program for Schools and Libraries, Order, DA 22-1313, Appendix B, Eligible Service List for Funding Year 2023 (WCB 2022) (“Examples of items that are ineligible components of Internet access services include applications . . . and end-user devices and equipment such as computers, laptops, and tablets.”). The RHC Pilot Program also did not fund end-user devices, medical equipment or telemedicine applications. See Rural Health Care Support Mechanism, WC Docket No. 02-60, Order, 22 FCC Rcd 20360, 20398, para. 75 (2012) (RHC Pilot Program Selection Order). In addition, the Connected Care Pilot Program did not provide support for end-user devices such as smartphones, tablets, or computers. See Promoting Telehealth for Low Income Consumers et al., (continued….) 79 Federal Communications Commission FCC-CIRC2311-02 suggested that the Commission should create a pilot device program for survivors,573 but we believe that the limited duration of emergency communications support cautions against funding devices. We are aware that certain providers and community organizations have provided survivors with access to free devices,574 and we are supportive of those efforts, but we do not believe it would be appropriate to support devices for survivors through the Lifeline program.575 2. Defining Financial Hardship 159. As proposed in the Safe Connections Notice,576 we define “financial hardship” to largely mirror the ACP’s eligibility requirements as outlined in the Infrastructure Act. Defining financial hardship in this way gives survivors greater flexibility to confirm their status, and we hope that this more expansive definition for financial hardship will enable greater participation for survivors. Consumers can qualify to participate in the ACP if they participate in certain federal assistance programs or if their household income is at or below 200% of the Federal Poverty Guidelines.577 These eligibility standards are more expansive than the standards used by the Lifeline program, which allows consumers to qualify for the program through participation in fewer federal assistance programs or if their household income is at or below 135% of the Federal Poverty Guidelines.578 We believe that adopting this more expansive approach in our definition of financial hardship allows the emergency communications support effort to reach a wider range of survivors, as contemplated by the SCA.579 Indeed, Congress noted in its findings that survivors often face significant financial insecurity.580 In adopting this approach, however, we decline to allow survivors who participate in a provider’s existing low-income program, which are based on the provider’s own eligibility criteria, to use that participation as a basis for demonstrating financial (Continued from previous page) WC Docket No. 18-213, Report and Order, 35 FCC Rcd 3366, 3402, para. 65 (2020) (Connected Care Pilot Program Order). 573 See NaLA Comments at 17 (suggesting the creation of a pilot device support program for survivors); EPIC et al. Reply at 3 (supporting NaLA’s pilot program idea). 574 See, e.g., CTIA Comments at 4 (citing the efforts of the CTIA Wireless Foundation to provide free recycled cell phones to victims of domestic violence). 575 Although the Lifeline program does not offer support for devices, if survivors who qualify for the Lifeline program use that qualification to enroll in the ACP, then they may avail themselves of the connected device benefit available under the ACP. See 47 CFR § 54.1803(b). 576 See Safe Connections Notice at 56-57, para. 160. 577 See 47 CFR § 54.1800(j); ACP Order, 37 FCC Rcd at 509, para. 49 (explaining qualifying income and eligibility programs for the ACP, specifically, “pursuant to the Infrastructure Act, a household may qualify for the Affordable Connectivity Program if at least one member of the household: (1) meets the qualifications for participation in the Lifeline program (with the modification that the qualifying household income threshold is at or below 200 percent of the Federal Poverty Guidelines for a household of that size); (2) has been approved to receive school lunch benefits under the free and reduced price lunch program under the Richard B. Russell National School Lunch Act, or the school breakfast program under section 4 of the Child Nutrition Act of 1966; (3) has received a Federal Pell Grant under section 401 of the Higher Education Act of 1965 in the current award year; (4) meets the eligibility criteria for a participating provider’s existing low-income program, subject to approval by the Commission and any other requirements deemed by the Commission to be necessary in the public interest; or (5) receives assistance through the WIC Program, established by section 17 of the Child Nutrition Act of 1996 (42 U.S.C. § 1786)”). 578 See 47 CFR § 54.409 (permitting applicants to qualify for the Lifeline program if they participate in Medicaid, Supplemental Nutrition Assistance Program, Supplemental Security Income, Federal Public Housing Assistance, Veterans and Survivors Pension Benefit, or reside on Tribal lands and participate in certain Tribal benefit programs). 579 See Safe Connections Act § 5(b)(2)(A)(ii) (allowing survivors to enroll in the designated program “without regard to whether the survivor meet the otherwise applicable eligibility requirements of the designated program”). 580 See Safe Connections Act § 3(2) (finding that “survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity . . . .”). 80 Federal Communications Commission FCC-CIRC2311-02 hardship.581 The Lifeline program has not historically relied on provider-specific eligibility criteria, and the record does not provide a basis for concluding that such programs are prevalent among Lifeline providers, or that these programs would be a predominant qualifying program for survivors given the other expansive qualifying criteria. 160. With the definition of financial hardship that we adopt today, we believe that we are aligning with the spirit of the congressional findings in the SCA and commenter concerns in our record. We also note that in addition to demonstrating financial hardship, survivors are also required by the SCA to meet the requirements of section 345(c)(1), which details the process for a survivor completing a line separation request.582 We anticipate that the documentation confirming submission of a valid and completed line separation request as detailed above583 will be sufficient to satisfy the requirement that survivors seeking to receive emergency communications support must have pursued a line separation request and, when paired with some substantiation of financial hardship, will allow us to ensure compliance with the SCA’s limitations for receiving emergency communications support. 161. Though there are no significant comments in the record offering a specific definition of financial hardship, there is some support among commenters for the Commission implementing an approach that would presume that all survivors suffer financial hardship.584 We decline to implement this approach. Although (as noted) Congress found in the SCA that “survivors often lack meaningful support and options when establishing independence from an abuser, including barriers such as financial insecurity,”585 that finding indicates that not all survivors face financial hardship. A presumption of financial hardship for all survivors for purposes of qualifying for emergency communications support would be inconsistent with this finding. In addition, and most critically, the SCA specifically states that survivors may qualify for emergency communications support if the survivor attempts a line separation request with their communications service provider and they are suffering financial hardship.586 A presumption of financial hardship for all consumers applying for the Lifeline benefit through the SCA would fail to give effect to the second qualification prong established by the statute, and would also pose an unacceptable risk to the program’s integrity. We therefore do not adopt such a presumption, but we take steps to streamline the application process for survivors seeking to qualify for emergency communications support. 162. As further discussed below,587 we believe that the use of the National Verifier for all applications for emergency communications support will allow for the most streamlined process for survivors and will best protect program integrity by ensuring a unified review process. As our definition of financial hardship will largely align with the eligibility standards for the ACP, the National Verifier 581 47 CFR § 54.1800(j)(5). 582 Safe Connections Act § 5(b)(2)(A). 583 See supra Section III.A.3.d. 584 See EPIC et al. Comments at 6, 15 (supporting the Commission presuming that survivors experience financial hardship); NYPSC Comments at 3 (asserting that survivors should be considered automatically eligible for support when requesting a line separation); API-GBV Comments at 9 (recommending that the “final rule provide that documentation of domestic violence sufficiently demonstrates financial hardship, given the prevalence of economic abuse, as well as the likelihood that survivors will experience financial instability due to increased expenses or reducing economic dependence on abusive partners”); BRETSA Comments at 2-3 (suggesting that “individuals certifying that they are seeking Lifeline Service in connection with escaping a relationship they consider abusive, should be provided Lifeline Service without demonstration or certification of financial qualification for the service”). 585 Safe Connections Act § 3(2) (emphasis added). 586 Safe Connections Act § 5(b)(2)(A). 587 See infra Section III.C.3. 81 Federal Communications Commission FCC-CIRC2311-02 and its connections to relevant state databases may allow for automatic confirmation of a survivor’s financial hardship status.588 In instances where an individual’s eligibility cannot be determined through these database connections, however, we believe that it is appropriate to allow survivors to self-certify their financial hardship.589 By allowing self-certification of financial hardship, we recognize that survivors often lack access to financial documentation to verify their financial hardship and could place themselves in danger if they made an attempt to access such documentation.590 Currently, if a consumer cannot automatically confirm their participation in a qualifying federal assistance program through USAC’s database checks, then they must submit appropriate documentation to USAC that demonstrates their participation in the relevant program.591 The SCA, however, requires that the Commission allow survivors’ entrance into the designated program regardless of their ability to otherwise participate in the program.592 With a self-certification approach, we offer that greater flexibility and also protect program integrity by securing a self-certification under penalty of perjury from the survivor. By combining a self- certification approach with the use of the National Verifier, we can reduce the barriers of participation for survivors and help survivors access the benefits of the designated program “as quickly as is feasible.”593 To implement this process, we direct the Bureau to work with USAC to develop standardized self- certification documentation594 and implement changes to USAC’s application workflows to allow for survivors from across the United States to easily enter the program through the National Verifier. 163. We believe that concerns about the risks of a self-certification approach to program integrity595 are mitigated by the statutory limitation of emergency communications support to survivors who are seeking to separate a line from a shared mobile service contract and meet the line separation requirements discussed above, and the temporary nature of the emergency communications support benefit. First, the SCA mandates that survivors seeking to receive emergency communications support 588 See USAC, National Verifier, https://www.usac.org/lifeline/national-verifier/ (last visited Oct. 10, 2023) (detailing state and federal database connections that the National Verifier can rely upon to confirm eligibility to participate in qualifying federal assistance programs). 589 See EPIC et al. Comments at 7-10 (supporting a self-certification approach and detailing the concerns with third- party certification of financial hardship). 590 See, e.g., BRETSA Comments at 2 (warning that “accessing financial documents in the abuser’s possession may place the person fleeing the relationship in peril”). 591 See USAC, Resolve Application Errors, https://www.usac.org/lifeline/national-verifier/how-to-use-nv/resolve- application-errors/ (last visited Oct. 10, 2023) (detailing the documentation requirements for consumers who cannot confirm their eligibility to participate in the Lifeline program through automated database checks). 592 See Safe Connections Act § 5(b)(2)(A)(ii) (requiring the Commission to adopt rules that will allow a survivor to enroll in the designated program “without regard to whether the survivor meets the otherwise applicable eligibility requirements of the designated program”). 593 See Safe Connections Act § 5(b)(2)(A)(ii)(I). 594 In implementing the application and certification process, we direct the Bureau and USAC to ensure that those processes are appropriately accommodating and user-friendly for survivors while still protecting program integrity. See API-GBV Comments at 9 (remarking that “[i]n self-certifying, survivors should be able to submit a financial declaration, signed under penalty of perjury”); see also EPIC et al. Comments at 7 (commenting that, if the Commission adopts a self-certification approach instead of a presumption of financial hardship approach, the Commission should model its policies after the Department of Housing and Urban Development’s self-certification policies, which help survivors maintain housing subsidy and occupancy); Verizon Comments at 12 (explaining that wireless providers will require accurate identification information on survivor affidavits for purposes of authentication and to prevent fraud and abuse). 595 See NaLA Comments at 3; see also NaLA Reply at 9 (remarking “while self-certification would be good for survivors of domestic and sexual violence, and would undoubtedly reduce barriers to needed communications services, the Commission’s history with self-certification should cause any participating provider to run screaming from any self-certification recommendations.”). 82 Federal Communications Commission FCC-CIRC2311-02 through the designated program also demonstrate that they have met the line separation requirements of section 345(c)(1).596 That statutory requirement means that survivors will have to compile and submit documentation of their abuse in order to pursue a line separation request. Satisfying such an obligation will protect Lifeline program integrity, as survivors should be a small subset of the overall population, and those receiving emergency communications support will be an even smaller subset of those survivors as these survivors would have to pursue a line separation request and be suffering financial hardship. Second, the SCA limits survivor participation in the designated program to six months, also limiting the potential impact on the Lifeline program’s resources.597 Between these two requirements for receiving emergency communications support, we believe that permitting self-certification for the financial hardship component strikes the best balance between program integrity concerns and ensuring that survivors have access to vital connectivity services. 164. One commenter suggested that if the Commission adopted a self-certification approach for survivors documenting their financial hardship, then the Commission should determine that National Verifier review of such documentation provides an “ironclad safe harbor for service providers.”598 We decline to adopt this approach. The National Verifier relies on the information it receives from service providers, and while it is an important tool for protecting program integrity, to say that approval by the National Verifier creates a safe harbor for provider activity would open the program to potential service provider abuse. Service providers remain responsible for implementing policies that ensure compliance with the Lifeline program’s rules,599 and this includes, among other things, implementing policies that ensure that information received by the National Verifier is accurate. The Commission has never intended for the National Verifier to be a safe harbor,600 and we do not believe that it would be appropriate to implement such an approach here. If service provider policies, when implemented in conjunction with the National Verifier, are found to be inadequate for ensuring that a subscriber is eligible to receive Lifeline service, then such service provider may be subject to recovery action from USAC or forfeiture efforts from the Commission’s Enforcement Bureau. 165. In the Safe Connections Notice, we sought comment on how we might be able to address survivors with a temporary financial hardship.601 These are survivors who might have a reliable source of income that would otherwise not qualify them to meet our definition of financial hardship but may be facing a short-term, acute financial strain as a result of experiencing or escaping domestic violence or abuse. We received no specific comments on how we might treat survivors suffering temporary financial hardship. While we understand the challenges that these individuals might encounter, we do not believe it would be appropriate to allow entry into the program based only on a position of temporary financial hardship. In the case of a temporary financial hardship, a benefit that extends for six months could significantly outlast the subscriber’s actual financial hardship and see the program supporting an individual with significant financial resources. Making the emergency communications support available in that situation would be inconsistent with the conditions established in the SCA and would be an ineffective use of limited USF funding. We also do not have a reliable way of confirming temporary financial hardship, so implementing such an approach would raise significant program integrity concerns. For these reasons, we decline to define financial hardship to include temporary financial hardship. 596 See Safe Connections Act § 4 (enacting survivor’s option to request line separation from their abuser). 597 See Safe Connections Act § 5(b)(2)(A)(ii)(II). 598 NaLA Reply at 9. 599 See 47 CFR § 54.410(a). 600 Lifeline Providers Remain Liable for Ensuring the Eligibility of Their Subscribers to Receive Lifeline Services, Enforcement Advisory No. 2019-07, DA 19-1211 (EB 2019) (reminding service providers of their compliance obligations, even after the launch of the Lifeline National Verifier). 601 Safe Connections Notice at 56, para. 159. 83 Federal Communications Commission FCC-CIRC2311-02 3. Program Application and Enrollment 166. In the Safe Connections Notice, we proposed that survivors entering the designated program be required to use the National Verifier to have their eligibility to participate in the program confirmed by USAC.602 We adopt this proposal and direct USAC to allow for such an approach for survivors living in all states, including the NLAD opt-out states of California, Texas, and Oregon.603 There was limited discussion of this issue in the record, but NaLA and USTelecom both supported such an approach.604 We believe that this approach will create a more streamlined application and enrollment experience for survivors. It will also allow USAC to better protect program integrity. USAC will be able to develop a greater understanding of the material provided by service providers after an attempted line separation request,605 and, therefore, is in the best position to verify the validity of line separation request documentation. USAC will also be able to act as a centralized repository for this information, minimizing the potential for data leakages compared to having this information reviewed by both USAC and a state administrator. As noted above, survivors will be able to leverage the database connections that the National Verifier uses to confirm program participation when seeking to confirm their financial hardship status. Finally, by requiring survivors to apply through the National Verifier, we ensure more consistent messaging to survivors and review standards for all documentation.606 To this end, we direct USAC to explore avenues for ensuring that application information and materials are made available to survivors in a variety of different formats and languages.607 167. In applying for emergency communications support through the National Verifier, we believe that the current amount of personal information collected for enrollment into the Lifeline program is generally appropriate.608 This information allows USAC to confirm that individuals are who they say they are—and by collecting the last four digits of an applicant’s or subscriber’s Social Security number or Tribal Identification number, that process can often be completed automatically. That automated confirmation often allows subscribers to provide less documentation than if they were required to confirm 602 See Safe Connections Notice at 61-62, para. 169. 603 In California, Texas, and Oregon, subscribers’ eligibility is determined through their respective state administrators. See Wireline Competition Bureau Announces the Launch of the National Lifeline Eligibility Verifier in California, WC Docket No. 11-42, Public Notice, 35 FCC Rcd 13029 (WCB 2020); Wireline Competition Bureau Announces the Launch of the National Lifeline Eligibility Verifier in Oregon and Texas, WC Docket No. 11-42, Public Notice, 35 FCC Rcd 11721 (WCB 2020). 604 NaLA Comments at 23 (suggesting that the National Verifier and NLAD are the best option for survivors’ eligibility verification and enrollment in the Lifeline program and are likely the best option for all Lifeline providers in all states); USTelecom Comments at 3-4 (supporting the “use of USAC’s National Verifier to verify eligibility and facilitate enrollment of survivors experiencing financial hardship, whether the Commission ultimately designates the Lifeline or the ACP program”). 605 See supra Section III.A.3.d. 606 In adopting this approach, we do not remove any of the existing channels by which consumers can be supported in their Lifeline application process. See, e.g., USAC, Account Types, https://www.usac.org/lifeline/national- lifeline-accountability-database-nlad/how-to-use-nlad/account-types/#State (last visited Oct. 10, 2023) (detailing how state and Tribal organizations can gain access to the NLAD and National Verifier to support applicants to the Lifeline program). 607 See API-GBV Comments at 10 (encouraging outreach to survivors in multiple languages). 608 See, e.g., 47 CFR § 54.404(b)(6) (indicating that ETCs are obligated to transfer to the NLAD a subscriber’s full name, their full residential address, their data of birth, and the last four digits of the subscriber’s Social Security number or Tribal Identification number, if the subscriber is a member of a Tribal nation and does not have a Social Security number); see also USAC, Eligibility Verification, https://www.usac.org/lifeline/national-verifier/eligibility- verification/# (last visited Oct. 10, 2023). 84 Federal Communications Commission FCC-CIRC2311-02 their identity through a manual review process.609 Some survivor advocates called for either omitting survivor identifiers or using alternative identifiers, and to avoid using Social Security numbers whenever possible.610 We find that requiring only the last four digits of an applicant’s Social Security number will balance the legitimate interests in protecting the safety and security of survivors while also adequately verifying survivors’ identities.611 Given the similar program integrity concerns and significant administrative challenges, we also decline to modify the information collected from survivors to permit alias names as EPIC suggests.612 168. We understand, however, that current address information is extremely sensitive information for survivors escaping domestic violence or abuse. Unlike a survivor’s name or the last four digits of their Social Security number, if address information is disclosed it could imminently allow an abuser to locate a survivor, and because of this risk, survivors may not reside at one location or have a fixed address. A survivor also may be hesitant to seek emergency communications support if they believe doing so could risk disclosing their location to an abuser. In light of these unique risks, we will allow survivors to submit prior address information from within the last six months on their Lifeline applications, thereby giving survivors the opportunity to shield their current address information and to confirm their identity automatically.613 By requiring a survivor’s name, the last four digits of their Social Security Number, and a relatively recent address, we may have enough information to allow USAC to automatically confirm the survivor’s identity without further information. At the same time, by allowing survivors to submit prior address information where possible, we acknowledge and accommodate the critical privacy and safety concern of survivors and survivor advocacy organizations in protecting the current location information of survivors.614 However, if it is not possible to confirm the survivor’s identity in this manner, then the survivor will need to submit their documentation manually and should rely on their current address in such instances. 169. Having current address information better allows USAC to conduct consumer outreach and prevent against duplicate household enrollment, but we believe that affording flexibility to apply with prior address information is appropriate for survivors. We confirm, however, that USAC should not modify its practices for protecting the program against enrolling duplicate households. In instances where the survivor’s submitted address indicates a potential duplicate enrollment, that survivor will need to complete the Lifeline program’s Household Worksheet.615 This approach should allow for authentication 609 See USAC, Third Party Identity Verification (TPIV) Resolution, https://www.usac.org/lifeline/national-lifeline- accountability-database-nlad/subscriber-management/dispute-resolution/third-party-identity-verification-tpiv- failure-resolution/ (last visited Oct. 10, 2023) (detailing the document submission requirements for confirming identity when an applicant can be confirmed through USAC’s automated database process). 610 See API-GBV Comments at 5-6 (urging the use of alternate identifiers or completely omitting use of identifiers). 611 USAC complies with federal privacy requirements when handling all consumer information, does not sell or rent personal information, and significantly limits any disclosure of such information. See, e.g., USAC, Privacy Policies, https://www.usac.org/about/privacy-policies/ (Feb. 11, 2022). 612 See EPIC et al. Comments at 24 (supporting the use of alias names). 613 EPIC et al. Comments at 6 (supporting survivors providing alternative information address privacy and security concerns). 614 See BRETSA Comments at 2 (citing the need for survivors to shield their location information from their abuser); see also EPIC et al. Comments at 4 (remarking about survivors’ elevated need to keep their location information private); Rose Marie Vergara Comments at 1 (noting that “passage of this [Safe Connections] Act will keep confidential the locations and activities of survivors of domestic/intimate partner violence (“survivors”), including their children and their families, and will allow them to be in safer environments as they piece their lives back together after the violence they have been enduring”). 615 See USAC, Consumer Eligibility, https://www.usac.org/lifeline/consumer-eligibility/#Household (last visited Oct. 10, 2023). 85 Federal Communications Commission FCC-CIRC2311-02 of a survivor’s identity, while also speaking to concerns of commenters related to protecting program integrity.616 Finally, during the emergency communications support period, enrolled survivors will not be required to comply with the current requirement in the Lifeline program’s rules that subscribers must update their address within 30 days of moving.617 170. In the Safe Connections Notice, we sought comment on how we might collect information from survivors when they are applying or enrolling in the designated program.618 It does not appear that the Commission’s forms and other documents require significant changes to account for survivors, and we did not receive any specific feedback from commenters suggesting changes to the forms. However, we do believe that there will need to be some minor refinements to account for survivors’ entry into the emergency communications support program. To that end, we direct the Bureau and USAC, in coordination with the Office of General Counsel, as necessary, to consider and adopt appropriate revisions to the relevant forms. We expect that the Bureau and USAC will work to update the forms to request confirmation of a survivor’s line separation request, consistent with the documentation that service providers will give to survivors.619 We also expect similar updates regarding the submission of material to demonstrate financial hardship. Finally, we direct the Bureau and USAC to include in appropriate program forms information soliciting communications preferences, so that survivors can make clear how USAC should contact them in the future. This may be particularly helpful for survivors who do not wish to receive mail at their address. Survivors should be given options for such outreach such as physical mail, email, text messaging, and Interactive Voice Response (IVR). 171. We also do not believe that any significant changes need to be made to the enrollment process and the information that is provided to survivors to share with their service provider for enrolling in the program or the information that is shared between USAC’s systems and service providers through any API connections that might exist. We direct USAC to make the necessary system changes to flag survivor entries in its systems so that service providers are aware of a survivor’s status and treat such information with heightened sensitivity. While we decline to prescribe specifics at this time, we also direct the Bureau and USAC to implement enhancements as they deem appropriate to protect survivor information that is shared with service providers. We strongly encourage service providers to take steps similar to those taken today around address submission in their systems, and we remind service providers of their obligations under the confidentiality rules we adopt in this order, as well as Section 222 of the Communications Act and the Commission’s Customer Proprietary Network Information (CPNI) rules when it comes to survivor privacy.620 172. General Program Requirements. As proposed in the Safe Connections Notice,621 the Lifeline program’s general rules and requirements will remain largely in effect for survivors and service providers. Any areas where there might be confusion between the existing Lifeline program’s general 616 See Verizon Comments at 2 (referencing the requirement of the Safe Connections Act to consider “account security and fraud detection”); see also NYPSC at 3 (recognizing the need to mitigate waste, fraud, and abuse); NCTA Comments at 5-6; CTIA Comments at 14 (remarking that “the Commission’s rules should enable covered providers to protect against fraud and identity theft by bad actors attempting to exploit the SCA requirements as a security vulnerability”); CCA Comments at 5-6 (stressing the importance of authentication in deterring fraud and abuse); but see NYC ENDGBV at 1 (remarking that “a survivor’s access to safety should be prioritized over a fear of fraud”); EPIC et al. Reply at 2 (noting that “to the extent that fraud, waste, and abuse concerns were raised by commenters, these were addressed by our observation that the fraud was committed by service provider staff incentivized to commit fraud and not by subscribers themselves”). 617 47 CFR § 54.410(d)(3). 618 See Safe Connections Notice at 60-61, paras. 167-68. 619 See supra Section III.A.3.d. 620 47 CFR § 64.2001 et seq. 621 Safe Connections Notice at 62, para. 171. 86 Federal Communications Commission FCC-CIRC2311-02 rules and the rules meant to implement the SCA have been specifically addressed in our amendments to the Lifeline program’s rules.622 Perhaps most significantly, we do not modify any of the Lifeline program’s usage requirements for survivors receiving emergency communications support.623 We do not believe that the rationale for those requirements, namely ensuring that limited program resources go to individuals that truly need the service,624 is less compelling when applied to survivors.625 We also decline to change the Lifeline program’s limit of one benefit per household. While “survivor” is defined as inclusive of an individual caring for another individual against whom a covered act has been committed,626 we view such a situation as inclusive of our current definition of household.627 We did not receive significant comments expressing concerns with this portion of the Lifeline rules or identifying any potential challenges that survivors might encounter were we to continue to adhere to the one per household limitation. Finally, allowing survivors to enter the Lifeline program the program’s existing record retention or audit rules. We have not received any specific concerns indicating how tensions might arise from the need to adhere to these requirements while serving survivors.628 4. Additional Program Concerns 173. In the Safe Connections Notice, we raised a number of concerns dealing with how survivors can take advantage of the benefit and how low-income survivors might be transitioned to longer-term participation in the program after their emergency support runs its course.629 As proposed in 622 There were no commenters that addressed this concern specifically in the context of the designated program for emergency communications support. However, several commenters had more open-ended statements suggesting that the Commission should clearly articulate that rules meant to implement the SCA should supersede existing program rules. See CTIA Comments at 7-8 (remarking that “the Commission should make clear that the Commission’s rules adopted to implement the SCA supersede any conflicting provisions of the Commission’s rules or state requirements”); USTelecom Comments at 6 (stating that “the Commission should make clear that a service provider’s compliance with the Safe Connections Act rules takes priority over, and preempts, any other applicable obligations that are inconsistent”). Because we amend our Lifeline program rules to incorporate our actions today taken pursuant to the SCA, we do not need to issue such a blanket statement to address provider concerns. Where we have not acted to specifically address the SCA changes adopted today, we expect that the Lifeline program’s rules remain appropriate as applied to survivors seeking emergency communications support, and Lifeline providers should continue to comply with the program rules, including the amendments we make through this Order. 623 See 47 CFR § 54.405(e)(3) (detailing service provider de-enrollment obligations for subscriber non-usage); 47 CFR § 54.407(c) (detailing reimbursement limitations for service providers providing no-cost service to subscribers who do not use their service). 624 2012 Lifeline Order, 27 FCC Rcd at 6768-69, para. 257. 625 NaLA urges the Commission to eliminate the program’s usage requirement and contends that survivors may value any communications access they receive as an “emergency phone,” which we interpret to mean a phone or device that may not be used by the survivor. NaLA Comments at 21; EPIC et al. Reply Comments at 3 (supporting NaLA’s request to not implement the non-usage rule for survivors). As explained above, we do not believe that adopting such an understanding would result in the best usage of the limited financial resources available to the Lifeline program. 626 Safe Connections Act § 4 (codified at 47 U.S.C. § 345(a)(6)). 627 See 47 CFR § 54.400(h) (defining household as an individual or group of individuals who are living together as one economic unity). 628 NaLA Comments at 20 (indicating at a very high level that the Commission should modify the Lifeline program’s audit and record retention rules, without offering explanation as to how those rules might be negatively impacted by allowing survivors to enter the program). 629 See Safe Connections Notice at 63-64, paras. 173-76. We note that EPIC et al. seem to indicate that we should offer emergency communications support to survivors for up to three years. EPIC et al. Comments at 10-11. We do not believe that is with the Act, which specifically limits support before the customer can transition into the (continued….) 87 Federal Communications Commission FCC-CIRC2311-02 the Safe Connections Notice, we will permit survivors receiving emergency communications support to receive six monthly benefits from the Lifeline program and by extension the ACP in accordance with the SCA.630 While we expect that this support will largely be provided in a single six-month time frame, we do not believe it would be appropriate to limit survivors to such a requirement. As such, we direct USAC to implement processes and procedures for tracking the emergency communications support provided to survivors to ensure that they do not receive more than six months of emergency communications support tied to a single line separation, even if that support is not provided in a single six-month block of time. We also do not believe that we need to place any limitations on the ability of survivors to change their service, as available to any other Lifeline subscriber,631 during this time period. 174. The SCA is silent on whether emergency communications support can be received more than once in a survivor’s lifetime, but survivor advocates expressed support for allowing survivors to participate in the program beyond an initial six-month period if appropriate.632 To best support survivors, we allow a survivor to receive multiple periods of emergency communications support through the designated program if each period is paired with proof of completion of a new line separation process.633 With the SCA silent on this exact issue, we believe that the requirement that any further emergency support be paired with a new line separation request, as adopted here, is consistent with the statute and sufficiently supports survivors who need to leave abusive situations more than once in their lives while ensuring the benefits are not unjustifiably expanded beyond the six-month period prescribed by the SCA. We believe that this approach reflects the realities of survivors’ situations while also ensuring the protection of the designated program and adhering to the requirements of the SCA. Any process established by USAC to ensure survivors’ compliance with the six-month period of support should account for situations where a survivor may need to re-enter the designated program for a new emergency support period tied to a new line separation request and demonstration of financial hardship, in accordance with the rules adopted today. 175. The SCA specifically contemplates that survivors may wish to continue to receive support from the designated program beyond their initial support period if they can qualify for the underlying program.634 Because USAC will process initial applications and enrollments into the emergency support program, we believe that USAC will be well-positioned to handle this transition for survivors eligible to continue to receive Lifeline and/or ACP benefits after their emergency communications support period has finished. We therefore adopt a process to allow survivors who wish to continue in the program to demonstrate their eligibility to do so.635 We note that survivors going through this process must meet the standard eligibility requirements for participation in Lifeline and/or (Continued from previous page) designated program if they can meet that program’s eligibility standards. See Safe Connections Act §§ 5(b)(2)(A)(ii)(II), 5(b)(2)(D). 630 Safe Connections Act § 5(b)(2)(A)(ii)(II). 631 See Bridging the Digital Divide for Low-Income Consumers et al., Fourth Report and Order, Order on Reconsideration, Memorandum Opinion and Order, Notice of Proposed Rulemaking, and Notice of Inquiry, 32 FCC Rcd 10475, 10487, para. 33 (2017) (eliminating the Lifeline port freeze for voice and broadband Internet access service) (2017 Lifeline Order). 632 EPIC et al. Comments at 10 (opining “it would be contrary to the goals of the Safe Connections Act to limit survivors to only one period of support.”). EPIC et al. notes research that evidence from the University of Missouri- St. Louis found that “24% of relentlessly stalked women report 16 or more prior attempts before they were able to successfully leave the relationship”. EPIC et al. Comments at 10, n.55. 633 BRETSA suggests that there should be limitations on the amount of times a survivor can receive emergency support. BRETSA Comments at 3. 634 Safe Connections Act § 5(2)(D). 635 See NYPSC Comments at 3-4 (endorsing an approach similar to our current recertification efforts). 88 Federal Communications Commission FCC-CIRC2311-02 the ACP. 176. To support longer-term low-income survivor enrollment and to ease customer transition efforts, we direct USAC to notify a survivor receiving emergency communications support approximately 75 days before the period of emergency support is meant to expire. Prior to this notification, USAC will attempt to verify the survivor’s eligibility through its automated eligibility database check process. If the survivor’s eligibility can be automatically confirmed through this process, USAC’s outreach to the survivor will notify them that they are eligible to continue receiving the Lifeline benefit and will continue to do so with their current provider unless they de-enroll or transfer their benefit to a different Lifeline provider. If USAC cannot confirm a survivor’s eligibility through its automated database checks, then USAC will notify the survivor that they can continue to participate in the program if they meet the Lifeline program’s eligibility requirements and submit documentation to confirm their eligibility to participate. USAC will notify the survivor of this change in status through written communication, either through e-mail, written letter, text messaging, or other automated process as appropriate. Where possible, this outreach should also align with a survivor’s expressed contact preferences. USAC’s communication will also make the survivor aware of any changes in their benefit amount that might result from the transition from emergency communications support, in which a survivor may receive the full base Lifeline support for a voice-only plan, to the standard Lifeline support amounts for voice-only service. Any potential change to the voice-only support from the survivor option of $9.25 to the standard Lifeline reimbursement amount of $5.25 should be communicated to survivors so they are aware of the change and can pursue an alternative plan if so desired. For survivors who take advantage of their Lifeline participation to enroll in the ACP, this outreach will also provide information on qualifying for ACP longer-term, and the general differences between the programs in eligibility requirements and features. 177. In responding to this outreach for continued support, survivors must confirm their eligibility in accordance with the existing requirements for entry into the Lifeline program636—that is, a self-certification of financial hardship will not be sufficient to confirm long-term eligibility to participate in Lifeline. This approach is consistent with the SCA.637 Throughout this process, service providers may contact survivors as they might through the regular continued eligibility or recertification process, in addition to USAC-led outreach. Similarly, survivors that rely on their enrollment in Lifeline through the emergency communications support process to qualify for ACP will also be required to demonstrate that they are eligible to remain in ACP. We encourage such outreach to be respectful of survivors’ communications preferences and the sensitive nature of their personal information. Finally, consistent with our standard processes, survivors who are unable to confirm their eligibility to continue to participate in the Lifeline program should have their de-enrollment from the Lifeline program processed by USAC within five business days of the end of their six-month period of emergency participation. This de- enrollment requirement also applies where a survivor used their Lifeline enrollment through emergency communications support processes to qualify for and enroll in the ACP. 178. Privacy Concerns. Under the Privacy Act of 1974,638 the Federal Information Security Modernization Act of 2014 (FISMA),639 and applicable guidance,640 the Commission and USAC have 636 USAC largely follows the documentation requirements applied by our rules to service providers when assessing documentation used for enrollment and recertification in the Lifeline program. See 47 CFR § 54.410(b)-(d), (f); see also USAC, Eligibility Verification, https://www.usac.org/lifeline/national-verifier/eligibility- verification/#:~:text=Manual%20Eligibility%20Verification&text=Submitting%20supporting%20documentation%2 0to%20the,online%20is%20reviewed%20within%20minutes (last visited Oct. 10, 2023). 637 Safe Connections Act § 5(b)(2)(D). 638 Pub. L. No. 93-579, 88 Stat. 1896 (codified at 5 U.S.C. § 552a). 639 Pub. L. No. 113-283, 128 Stat. 3073 (codified at 44 U.S.C. § 3501 et seq.). 89 Federal Communications Commission FCC-CIRC2311-02 strong privacy protections in place for the information collected in the administration of the Commission’s programs. However, we believe that handling survivor data may present some unique challenges. As such, we direct the Bureau to work with USAC, in coordination with the Office of Managing Director (OMD) (and specifically Office of Chief Information Officer (OCIO)) and the Commission’s Senior Agency Official for Privacy, to consider ways in which USAC might further limit access to data tied to survivors. The Bureau and USAC should consider, for the USAC-run call center, requiring call center supervisor review before the release of any survivor personal information from a USAC (or its contractor’s) call center, developing and delivering specific training on handling survivor data for all support center staff, and limiting the type of survivor data shared with service providers outside of more routine system interactions. With oversight from the Bureau, USAC should implement responsive changes that cause minimal burdens on consumers and service providers. 179. The systems that USAC uses to manage the Lifeline program and the ACP collect only data elements that have been prescribed by the Commission to allow for the effective management of the programs and to protect program integrity. We direct USAC to pay particular attention to whether inclusion of survivor enrollments in USAC reports could reveal sensitive information about enrollees. For example, if a survivor is the only enrollee, or one of a few enrollees, in a geographic region for which there is a report, then a savvy analyst, perhaps with local knowledge, might be able to deduce the survivor’s identity. In cases in which inclusion of survivor enrollments could reveal sensitive information, USAC should utilize privacy enhancing technologies or methodologies (e.g., excluding data, masking data, or employing differential privacy641) to avoid doing so. We also direct service providers to protect the privacy of both the survivor and the alleged abuser consistent with the standards we adopt above regarding covered provider obligations for handling survivor information.642 180. Program Evaluation. The SCA requires the Commission to complete a program evaluation within two years of the Commission completing its rulemaking.643 The evaluation is meant to examine the impact and effectiveness of the support offered to survivors suffering from financial hardship and to assess the detection and reduction of risks to program integrity with respect to the support offered.644 To this end, the Commission directs USAC, under the oversight of the Bureau and either directly or with the support of a vendor, to complete an evaluation of the effectiveness of the support offered to survivors. This evaluation should be completed and approved by the Bureau no later than two years after the Order adopted today is published in the Federal Register, and the Commission will share the completed evaluation with the appropriate congressional committees. 645 To develop this evaluation, USAC, operating under the guidance of the Bureau and the Office of Economics and Analytics, with coordination from the Senior Agency Official for Privacy, should develop surveys that can be sent to stakeholder groups that work directly with survivors, inclusive of service providers, for program evaluation input. These surveys should be ready to be shared with relevant stakeholder groups no later than sixteen months after the adoption of this Order, a time frame we believe will properly accommodate (Continued from previous page) 640 See, e.g., Office of Management and Budget (OMB) Circular A-130, Managing Information as a Strategic Resource (2016), https://www.whitehouse.gov/wp- content/uploads/legacy_drupal_files/omb/circulars/A130/a130revised.pdf. 641 See U.S. Census Bureau, Press Release, Census Bureau Sets Key Parameters to Protect Privacy in 2020 Census Results (June 9, 2021), https://content.govdelivery.com/accounts/USCENSUS/bulletins/2e32ea9. 642 See supra Section III.A.2.a. 643 Safe Connections Act § 5(b)(2)(C)(i). 644 Safe Connections Act § 5(b)(2)(C)(i)-(ii). 645 See Safe Connections Act §§ 5(a)(2), 5(b)(2)(C)(iii) (requiring that the Commission share the program evaluation with the Committee on Commerce, Science and Transportation of the Senate and the Committee on Energy and Commerce of the House of Representatives). 90 Federal Communications Commission FCC-CIRC2311-02 the necessary Paperwork Reduction Act646 and Privacy Act timelines that may accompany such outreach. By working with stakeholder groups we avoid going directly to survivors, who may have privacy and safety concerns. Information developed through the survey process can be supplemented by any data that USAC is able to develop through its general maintenance of survivor data in USAC’s systems. In response to the Safe Connections Notice, no commenter provided significant feedback regarding program evaluations. IV. PROCEDURAL MATTERS 181. Paperwork Reduction Act Analysis. This Report and Order may contain new or modified information collection requirements subject to the Paperwork Reduction Act of 1995 (PRA), Public Law 104-13. All such requirements will be submitted to OMB for review under Section 3507(d) of the PRA. OMB, the general public, and other Federal agencies will be invited to comment on any new or modified information collection requirements contained in this proceeding. In addition, we note that pursuant to the Small Business Paperwork Relief Act of 2002, Public Law 107-198, see 44 U.S.C. § 3506(c)(4), we previously sought specific comment on how the Commission might further reduce the information collection burden for small business concerns with fewer than 25 employees. 182. In this Report and Order, we adopt rules, pursuant to Congress’s direction in the SCA, that have an impact on all covered providers, including covered providers that are small entities. We impose certain obligations regarding communications with consumers and survivors. We also establish a compliance date six months after the effective date of the Report and Order, finding that the countervailing public interest in ensuring survivors have access to line separations regardless of their provider outweighs an extended compliance deadline for small covered providers. Further, staggered compliance deadlines could cause confusion for consumers, and we believe that the SCA’s operational and technical infeasibility provisions we codify in our rules will account for differences in the capabilities between large and small covered providers regarding information collection requirements. Regarding protecting the privacy of calls and texts to hotlines, we require covered providers and wireline providers of voice service, within 12 months, subject to certain conditions that may extend this time, (1) omit from consumer-facing logs of calls and text messages any records of calls or text messages to covered hotlines in the central database established by the Commission; and (2) maintain internal records of calls and text messages excluded from consumer-facing logs of calls and text messages. Covered providers and wireline providers of voice service that are small service providers are given 18 months, subject to certain conditions that may extend this time, to comply with the same obligations. We received comments requesting that smaller providers be afforded 24 months to comply with such obligations. Recognizing that the SCA contains no language regarding specific timeframes with respect to this obligation, we found that granting smaller providers extra implementation time is appropriate, given that they may face more resource challenges than larger providers in complying with the new rules. We acknowledged that this 18-month period is less than the requested 24-month period, but we found that our 18-month compliance deadline for small providers properly balances the significance of the risks faced by domestic abuse survivors, and the benefits of them being able to call hotlines and seek help without fear of the abuser accessing their call records, with the implementation challenges faced by smaller providers. Third, regarding emergency communications support for survivors, we designate the Lifeline program as the program that will support emergency communications efforts for survivors with financial hardship. This will have an impact on eligible telecommunications carriers designated to provide Lifeline support, but we expect any new regulatory impacts to be minor and consistent with our existing rules. As the SCA has no definition for financial hardship we adopt a definition that is more expansive than the current Lifeline eligibility standards, and we adopt an approach for documenting that financial hardship that allows for self-certification. We also direct USAC to prepare for a program evaluation of our efforts to provide emergency communications support to survivors. This evaluation will require surveys of relevant 646 See 44 U.S.C. §§ 3501 et seq. 91 Federal Communications Commission FCC-CIRC2311-02 stakeholder groups that USAC will develop under the oversight of the Bureau and the Office of Economics and Analytics. 183. Regulatory Flexibility Act. The Regulatory Flexibility Act of 1980, as amended (RFA)647 requires that an agency prepare a regulatory flexibility analysis for notice and comment rulemakings, unless the agency certifies that “the rule will not, if promulgated, have a significant economic impact on a substantial number of small entities.”648 Accordingly, the Commission has prepared a Final Regulatory Flexibility Analysis (FRFA) concerning the potential impact of the rule and policy changes adopted in this Report and Order on small entities. The FRFA is set forth in Appendix B. 184. Congressional Review Act. [The Commission will submit this draft Report and Order to the Administrator of the Office of Information and Regulatory Affairs, Office of Management and Budget, for concurrence as to whether this rule is “major” or “non-major” under the Congressional Review Act, 5 U.S.C. § 804(2).] The Commission will send a copy of this Report and Order to Congress and the Government Accountability Office pursuant to 5 U.S.C. § 801(a)(1)(A). 185. People with Disabilities. To request materials in accessible formats for people with disabilities (Braille, large print, electronic files, audio format), send an e-mail to fcc504@fcc.gov or call the FCC’s Consumer and Governmental Affairs Bureau at (202) 418-0530 (voice). 186. Additional Information. For additional information on this proceeding, contact Melissa Kirkel, Wireline Competition Bureau, Competition Policy Division, at melissa.kirkel@fcc.gov or Nicholas Page, Wireline Competition Bureau, Telecommunications Access Policy Division, at Nicholas.Page@fcc.gov. V. ORDERING CLAUSES 187. Accordingly, IT IS ORDERED that, pursuant to the authority contained in sections 1, 4(i), 4(j), 201, 251, 254, 301, 303, 316, 332, 345, and 403 of the Communications Act of 1934, as amended, 47 U.S.C. §§ 151, 154(i), 154(j), 201, 251, 254, 301, 303, 316, 332, 345, and 403, section 5(b) of the Safe Connections Act of 2022, Pub. L. No. 117-223, 136 Stat. 2280, and section 904 of Division N, Title IX of the Consolidated Appropriations Act, 2021, Pub. L. No. 116-260, 134 Stat. 1182, as amended by the Infrastructure Investment and Jobs Act, Pub. L. No. 117-58, 135 Stat. 429, this Report and Order in WC Docket Nos. 22-238, 11-42, and 21-450 IS ADOPTED and that Parts 54 and 64 of the Commission’s Rules, 47 CFR Parts 54, 64, are AMENDED as set forth in Appendix A. 188. IT IS FURTHER ORDERED that this Report and Order SHALL BE EFFECTIVE January 14, 2024. Compliance with the rule changes adopted in this Report and Order, except for § 64.6408, shall not be required until the later of: i) six months after the effective date of this Report and Order; or ii) after the Office of Management and Budget (OMB) completes review of any information collection requirements associated with this Report and Order that the Wireline Competition Bureau determines is required under the Paperwork Reduction Act. The Commission directs the Wireline Competition Bureau to announce the compliance date for these rule changes by subsequent Public Notice and to cause Part 54, Subpart E, § 54.1800, § 64.2010, and Part 64, Subpart II to be revised accordingly. Compliance with § 64.6408 shall be required as described in paragraphs 138-145 of this Report and Order. The Wireline Competition Bureau is delegated authority to extend the dates upon which compliance with the provisions of § 64.6408 shall be required, consistent with paragraphs 138-145 of this Report and Order, and to revise § 64.6408 accordingly. 189. IT IS FURTHER ORDERED that the Commission’s Office of the Secretary, Reference Information Center, SHALL SEND a copy of this Report and Order, including the Final Regulatory 647 5 U.S.C. § 603. The RFA, 5 U.S.C. § 601 et seq., has been amended by the Small Business Regulatory Enforcement Fairness Act of 1996 (SBREFA), Pub. L. No. 104-121, Title II, 110 Stat. 857 (1996). 648 5 U.S.C. § 605(b). 92 Federal Communications Commission FCC-CIRC2311-02 Flexibility Analysis and Initial Regulatory Flexibility Analysis, to the Chief Counsel for Advocacy of the Small Business Administration. 190. IT IS FURTHER ORDERED that the Office of the Managing Director, Performance Evaluation and Records Management, SHALL SEND a copy of this Report and Order in a report to be sent to Congress and the Government Accountability Office pursuant to the Congressional Review Act, see 5 U.S.C. § 801(a)(1)(A). FEDERAL COMMUNICATIONS COMMISSION Marlene H. Dortch Secretary 93 Federal Communications Commission FCC-CIRC2311-02 APPENDIX A Final Rules The Federal Communications Commission amends 47 CFR parts 54 and 64 to read as follows: Part 54—UNIVERSAL SERVICE 1. The authority citation for part 54 continues to read as follows: AUTHORITY: 47 U.S.C. 151, 154(i), 155, 201, 205, 214, 219, 220, 229, 254, 303(r), 403, 1004, 1302, 1601–1609, and 1752, unless otherwise noted 2. Amend § 54.400 to add paragraphs (q) through (s) to read as follows: § 54.400 Terms and definitions. * * * * * (q) Survivor. Survivor has the meaning given such term at 47 CFR § 64.6400(m). (r) Emergency Communications Support. “Emergency communications support” means support received through the Lifeline program by qualifying survivors pursuant to the Safe Connections Act of 2022, Pub. Law. 117-223. (s) Financial Hardship. A survivor is suffering from “financial hardship” when the survivor’s household satisfies the requirements detailed at § 54.409(a)(1)-(2) or is a household in which -- (1) The household’s income as defined in § 54.400(f) is at or below 200% of the Federal Poverty Guidelines for a household of that size; (2) At least one member of the household has applied for and been approved to receive benefits under the free and reduced price lunch program under the Richard B. Russell National School Lunch Act (42 U.S.C. 1751 et seq.) or the school breakfast program under section 4 of the Child Nutrition Act of 1966 (42 U.S.C. 1773), or at least one member of the household is enrolled in a school or school district that participates in the Community Eligibility Provision (42 U.S.C. 1759a); (3) At least one member of the household has received a Federal Pell Grant under section 401 of the Higher Education Act of 1965 (20 U.S.C. 1070a) in the current award year, if such award is verifiable through the National Verifier or National Lifeline Accountability Database or the participating provider verifies eligibility under § 54.1806(a)(2); (4) At least one member of the household receives assistance through the special supplemental nutritional program for women, infants and children established by section 17 of the Child Nutrition Act of 1996 (42 U.S.C. 1786). 3. Amend § 54.403 to add paragraph (a)(4) and paragraph (a)(5) as follows: § 54.403 Lifeline Support Amount (a) * * * 94 Federal Communications Commission FCC-CIRC2311-02 (4) Emergency communications support amount. Emergency communications support in the amount of up to $9.25 per month will be made available to eligible telecommunications carriers providing service to qualifying survivors. An eligible telecommunications carrier must certify to the Administrator that it will pass through the full amount of support to the qualifying survivor and that it has received any non-federal regulatory approvals necessary to implement the rate reduction. (i) This base reimbursement can be applied to survivors receiving service that meets either the minimum service standard for voice service or broadband Internet access service, as determined in accordance with § 54.408. (ii) Additional federal Lifeline support of up to $25 per month will be made available to an eligible telecommunications carrier providing emergency communications support to an eligible survivor resident of Tribal lands, as defined in § 54.400(e), to the extent that the eligible telecommunications carrier certifies to the Administrator that it will pass through the full Tribal lands support amount to the qualifying eligible resident of Tribal lands and that it has received any non-federal regulatory approvals necessary to implement the required rate reduction. (5) Compliance Date. Paragraph (a)(4) of this section may contain an information-collection and/or recordkeeping requirement. Compliance with paragraph (a)(4) will not be required until this paragraph (a)(5) is removed or contains a compliance date, which will not occur until the later of: i) [INSERT DATE SIX MONTHS AFTER THE EFFECTIVE DATE OF THIS REPORT AND ORDER]; or ii) after OMB completes review of any information collection requirements in this paragraph (a)(4) that the Wireline Competition Bureau determines is required under the Paperwork Reduction Act or the Wireline Competition Bureau determines that such review is not required. The Commission directs the Wireline Competition Bureau to announce a compliance date for paragraph (a)(5) by subsequent Public Notice and to cause this section 54.403 to be revised accordingly. 4. Amend § 54.405 to add paragraph (e)(6) and paragraph (e)(7) to read as follows: § 54.405 Carrier obligation to offer Lifeline. * * * * * (e) * * * * * * * * (6) De-enrollment from emergency communications support. Notwithstanding paragraph (e)(1) of this section, upon determination by the Administrator that a subscriber receiving emergency communications support has exhausted the subscriber’s six months of support and has not qualified to participate in the Lifeline program as defined by § 54.409 of this subpart, the Administrator must de- enroll the subscriber from participation in the Lifeline program within five business days. An eligible telecommunications carrier shall not be eligible for Lifeline reimbursement for any de-enrolled subscriber following the date of that subscriber’s de-enrollment. (7) Compliance Date. Compliance with paragraph (e)(6) will not be required until this paragraph (e)(7) is removed or contains a compliance date, which will not occur until the later of: i) [INSERT DATE SIX MONTHS AFTER THE EFFECTIVE DATE OF THIS REPORT AND ORDER]; or ii) after OMB completes review of any information collection requirements in Subpart E, section 54.403(a)(4), section 54.410(d)(2)(ii), section 54.410(i), and section 54.424 that the Wireline Competition Bureau determines is required under the Paperwork Reduction Act or the Wireline 95 Federal Communications Commission FCC-CIRC2311-02 Competition Bureau determines that such review is not required. The Commission directs the Wireline Competition Bureau to announce a compliance date for the requirements of paragraph (e)(6) by subsequent Public Notice and to cause this section 54.405 to be revised accordingly. 5. Amend § 54.409 to add paragraph (a)(3) and paragraph (a)(4) as follows: § 54.409 Consumer qualification for Lifeline. * * * * * (a) ***** (3) Consumers that are survivors can qualify to receive emergency communications support from the Lifeline program without regard to whether the survivor meets the otherwise applicable eligibility requirements of the Lifeline program, if: (A) the survivor suffers from financial hardship as defined by section 54.400(s), and (B) the survivor requested a line separation as required under 47 U.S.C. 345(c)(1) of the Communications Act of 1934. (4) Compliance Date. Compliance with paragraph (a)(3) will not be required until this paragraph (a)(4) is removed or contains a compliance date, which will not occur until the later of: i) [INSERT DATE SIX MONTHS AFTER THE EFFECTIVE DATE OF THIS REPORT AND ORDER]; or ii) after OMB completes review of any information collection requirements in Subpart E, section 54.403(a)(4), section 54.410(d)(2)(ii), section 54.410(i), and section 54.424 that the Wireline Competition Bureau determines is required under the Paperwork Reduction Act or the Wireline Competition Bureau determines that such review is not required. The Commission directs the Wireline Competition Bureau to announce a compliance date for the requirements of paragraph (a)(3) by subsequent Public Notice and to cause this section 54.409 to be revised accordingly. 6. Amend § 54.410 to revise paragraph (d) and add paragraph (i) and paragraph (j) to read as follows: § 54.410 Subscriber eligibility determination and certification. * * * * * (d) ***** (2) ***** (ii) The subscriber's full residential address, or, for a subscriber seeking to receive emergency communications support from the Lifeline program, a prior billing or residential address from within the past six months; * * * * * (i) Survivors of Domestic Violence. All survivors seeking to receive emergency communications support from the Lifeline program must have their eligibility to participate in the program confirmed through the National Verifier. The National Verifier will also transition survivors approaching the end of their six- month emergency support period in a manner consistent with the requirements applied to eligible 96 Federal Communications Commission FCC-CIRC2311-02 telecommunications carriers at 54.410(f), and the National Verifier will de-enroll survivors whose continued eligibility to continue to participate in the Lifeline program cannot be confirmed, consistent with § 54.405(e)(6). (j) Compliance Date. Paragraph (d)(2)(ii)(B) and paragraph (i) of this section may contain information- collection and/or recordkeeping requirements. Compliance with paragraph (d)(2)(ii)(B) and paragraph (i) will not be required until this paragraph (j) is removed or contains a compliance date, which will not occur until the later of: i) [INSERT DATE SIX MONTHS AFTER THE EFFECTIVE DATE OF THIS REPORT AND ORDER]; or ii) after OMB completes review of any information collection requirements in this paragraph (d)(2)(ii)(b) and paragraph (i) that the Wireline Competition Bureau determines is required under the Paperwork Reduction Act or the Wireline Competition Bureau determines that such review is not required. The Commission directs the Wireline Competition Bureau to announce a compliance date for paragraph (d)(2)(ii)(B) and paragraph (i) by subsequent Public Notice and to cause this section 54.410 to be revised accordingly. 7. Add § 54.424 to subpart E to read as follows: § 54.424 Emergency Communications Support for Survivors. (a) Confirmation of subscriber eligibility. All eligible telecommunications carriers must implement policies and procedures for ensuring that subscribers receiving emergency communications support from the Lifeline program are eligible to receive such support. An eligible telecommunications carrier must not seek reimbursement for providing Lifeline service to a subscriber, based on that subscriber’s eligibility to receive emergency communications support, unless the carrier has received from the National Verifier: (1) Notice that the prospective subscriber meets the eligibility criteria set forth in § 54.409(a)(3); (2) A copy of the subscriber’s certification that complies with the requirements set forth in § 54.410(d). (3) An eligible telecommunications carrier must securely retain all information and documentation provided by the National Verifier or received from the survivor to document their line separation request as required by § 54.417. (b) Emergency communications support duration. Qualified survivors shall be eligible to receive emergency communications support for a total of no more than six months. The Administrator will inform eligible telecommunications carriers when participating survivors have reached their limit of allowable emergency communications support. A survivor may seek and receive further emergency communications support if that request is related to a new line separation request and a showing of financial hardship completed by the survivor and confirmed by the National Verifier. (c) Compliance Date. Paragraph (a) and paragraph (b) of this section may contain information-collection and/or recordkeeping requirements. Compliance with paragraph (a) and paragraph (b) will not be required until this paragraph (c) is removed or contains a compliance date, which will not occur until the later of: i) [INSERT DATE SIX MONTHS AFTER THE EFFECTIVE DATE OF THIS REPORT AND ORDER]; or ii) after OMB completes review of any information collection requirements in this paragraph (a) and paragraph (b) that the Wireline Competition Bureau determines is required under the Paperwork Reduction Act or the Wireline Competition Bureau determines that such review is not required. The Commission directs the Wireline Competition Bureau to announce a compliance date for paragraph (a) and paragraph (b) by subsequent Public Notice and to cause this section 54.424 to be revised accordingly. 97 Federal Communications Commission FCC-CIRC2311-02 8. Amend § 54.1800(j) to read as follows: (j) *** (1) At least one member of the household meets the qualifications in § 54.409(a)(2), (a)(3) or (b) (or any successor regulation); *** (7) Compliance with paragraph (j)(1) will not be required until this paragraph (j)(7) is removed or contains a compliance date, which will not occur until the later of: i) [INSERT DATE SIX MONTHS AFTER THE EFFECTIVE DATE OF THIS REPORT AND ORDER]; or ii) after OMB completes review of any information collection requirements in Subpart E, section 54.403(a)(4), section 54.410(d)(2)(ii), section 54.410(i), and section 54.424 that the Wireline Competition Bureau determines is required under the Paperwork Reduction Act or the Wireline Competition Bureau determines that such review is not required. The Commission directs the Wireline Competition Bureau to announce a compliance date for the requirements of paragraph (j)(1) by subsequent Public Notice and to cause this section 54.1800 to be revised accordingly. PART 64 – MISCELLANEOUS RULES RELATING TO COMMON CARRIERS 1. The authority citation for Part 64 is revised to read as follows: AUTHORITY: 47 U.S.C. 151, 152, 154, 201, 202, 217, 218, 220, 222, 225, 226, 227, 227b, 228, 251(a), 251(e), 254(k), 255, 262, 276, 301, 303, 316, 345, 403(b)(2)(B), (c), 616, 620, 716, 1401-1473, unless otherwise noted; Pub. L. 115-141, Div. P, sec. 503, 132 Stat. 348, 1091; Pub. L. No. 117-223, § 5, 136 Stat 2280, 2285-88. 2. Add subpart II as follows: Subpart II—Communications Service Protections for Victims of Domestic Violence, Human Trafficking, and Related Crimes Sec. 64.6400 Definitions. 64.6401 Line Separation Request Submission Requirements. 64.6402 Processing of Separation of Lines from a Shared Mobile Service Contract. 64.6403 Establishment of Mechanisms for Submission of Line Separation Requests. 64.6404 Prohibitions, Limitations, and Financial Responsibility for Line Separation Requests. 64.6405 Notice of Line Separation Availability to Consumers. 64.6407 Employee Training. 64.6408 Protection of the Privacy of Calls and Text Messages to Covered Hotlines. 64.6409 Compliance Date. § 64.6400 Definitions. For purposes of this subpart: (a) Abuser. “Abuser” means an individual who has committed or allegedly committed a covered act, as defined in 47 U.S.C. 345 and this subpart, against (1) an individual who seeks relief under 47 U.S.C. 345 98 Federal Communications Commission FCC-CIRC2311-02 and this subpart; or (2) an individual in the care of an individual who seeks relief under 47 U.S.C. 345 and this subpart. (b) Business day. “Business day” means the traditional work week of Monday through Friday, 8 a.m. to 5 p.m., excluding the covered provider’s company-defined holidays. (c) Call. “Call” means a voice service transmission, regardless of whether such transmission is completed. (d) Consumer-facing logs of calls and text messages. “Consumer-facing logs of calls and text messages” means any means by which a covered provider, wireline provider of voice service, fixed wireless provider of voice service, or fixed satellite provider of voice service presents to a consumer a listing of telephone numbers to which calls or text messages were directed, regardless of, for example, the medium used (such as by paper, online listing, or electronic file), whether the call was completed or the text message was delivered, whether part of a bill or otherwise, and whether requested by the consumer or otherwise provided. The term includes oral and written disclosures by covered providers, wireline provider of voice service, fixed wireless provider of voice service, and fixed satellite provider wireline providers of voice service of individual call and text message records. (e) Covered act. “Covered act” means conduct that constitutes (1) a crime described in section 40002(a) of the Violence Against Women Act of 1994 (34 U.S.C. 12291(a)), including, but not limited to, domestic violence, dating violence, sexual assault, stalking, and sex trafficking; (2) an act or practice described in paragraph (11) or (12) of section 103 of the Trafficking Victims Protection Act of 2000 (22 U.S.C. 7102) (relating to severe forms of trafficking in persons and sex trafficking, respectively); or (3) an act under State law, Tribal law, or the Uniform Code of Military Justice that is similar to an offense described in clause (1) or (2) of this paragraph. A criminal conviction or any other determination of a court shall not be required for conduct described in this paragraph to constitute a covered act. (f) Covered hotline. “Covered hotline” means a hotline related to domestic violence, dating violence, sexual assault, stalking, sex trafficking, severe forms of trafficking in persons, or any other similar act. Such term includes any telephone number on which more than a de minimis amount of counseling and/or information is provided on domestic violence, dating violence, sexual assault, stalking, sex trafficking, severe forms of trafficking in persons, or any other similar acts. (g) Covered provider. “Covered provider” means a provider of a private mobile service or commercial mobile service, as those terms are defined in 47 U.S.C. 332(d). (h) Fixed wireless provider of voice service. For purposes of this subpart, “fixed wireless provider of voice service” means a provider of voice service to customers at fixed locations that connects such customers to its network primarily by terrestrial wireless transmission. (i) Fixed satellite provider of voice service. For purposes of this subpart, “fixed satellite provider of voice service” means a provider of voice service to customers at fixed locations that connects such customers to its network primarily by satellite transmission. (j) Primary account holder. “Primary account holder” means an individual who is a party to a mobile service contract with a covered provider. 99 Federal Communications Commission FCC-CIRC2311-02 (k) Shared mobile service contract. “Shared mobile service contract” means a mobile service contract for an account that includes not less than two lines of service, and does not include enterprise services offered by a covered provider. For purposes of this subpart, a “line of service” shall mean one that is associated with a telephone number, and includes all of the services associated with that line under the shared mobile service contract, regardless of classification, including voice, text, and data services. (l) Small service provider. For purposes of this subpart, “small service provider” means a covered provider, wireline provider of voice service, fixed wireless provider of voice service, or fixed satellite provider of voice service that has 100,000 or fewer voice service subscriber lines (counting the total of all business and residential fixed subscriber lines and mobile phones and aggregated over all of the provider's affiliates). (m) Survivor. “Survivor” means an individual who is not less than 18 years old and (1) against whom a covered act has been committed or allegedly committed; or (2) who cares for another individual against whom a covered act has been committed or allegedly committed (provided that the individual providing care did not commit or allegedly commit the covered act). For purposes of this subpart, an individual who “cares for” another individual, or individual “in the care of” another individual, shall encompass: (1) any individuals who are part of the same household, as defined in § 54.400 of this chapter; (2) parents, guardians, and minor children even if the parents and children live at different addresses; (3) those who care for, or are in the care of, another individual by valid court order or power of attorney; and (4) an individual who is the parent, guardian, or caretaker of a person over the age of 18 upon whom an individual is financially or physically dependent (and those persons financially or physically dependent on the parent, guardian or caretaker). (n) Text message. “Text message” has the meaning given such term in section 227(e)(8) of the Communications Act of 1934, as amended (47 U.S.C. 227(e)(8)). (o) Voice service. “Voice service” has the meaning given such term in section 4(a) of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (47 U.S.C. 227b(a)). (p) Wireline provider of voice service. For purposes of this subpart, “wireline provider of voice service” means “a provider of voice service that connects customers to its network primarily by wire.” § 64.6401 Line Separation Request Submission Requirements. (a) A survivor seeking to separate a line from a shared mobile service contract pursuant to 47 U.S.C. 345 and this subpart, or a designated representative of such survivor, shall submit to the covered provider a line separation request that: (1) requests relief under 47 U.S.C. 345 and this subpart; (2) identifies each line that should be separated, using the phone number associated with the line; (3) identifies which line(s) belong to the survivor and states that the survivor is the user of those lines; (4) in the case of a survivor seeking separation of the line(s) of any individual in the care of a survivor, includes a signed and dated affidavit that states that the individual is in the care of the survivor and is the user of the specific line(s) to be separated; 100 Federal Communications Commission FCC-CIRC2311-02 (5) in the case of a survivor seeking separation of the abuser’s line(s), states that the abuser is the user of that specific line; (6) includes the name of the survivor and the name of the abuser that is known to the survivor; (7) provides survivor’s preferred contact information for communications regarding the line separation request; (8) in the case of a designated representative assisting with or submitting the line separation request on behalf of a survivor, provides the name of that designated representative and the designated representative’s relationship to the survivor, and states that the designated representative assisted the survivor; (9) includes evidence that verifies that an individual who uses a line under the shared mobile contract has committed or allegedly committed a covered act against the survivor or an individual in the survivor’s care. Such evidence shall be either: (i) a copy of a signed affidavit from a licensed medical or mental health care provider, licensed military medical or mental health care provider, licensed social worker, victim services provider, or licensed military victim services provider, or an employee of a court, acting within the scope of that person’s employment; or (ii) a copy of a police report, statements provided by police, including military police, to magistrates or judges, charging documents, protective or restraining orders, military protective orders, or any other official record that documents the covered act. (b) A covered provider may attempt to assess the authenticity of the evidence of survivor status submitted pursuant to paragraph (a)(9) of this section, and may deny a line separation request if the covered provider forms a reasonable belief of fraud from such an assessment, but in any case shall not directly contact entities that created any such evidence to confirm its authenticity. (c) A covered provider shall not assess the veracity of the evidence of survivor status submitted pursuant to paragraph (a)(9) of this section. (d) Notwithstanding 47 U.S.C. 222(c)(2), and except as provided in paragraphs (d)(1) through (3) of this section, a covered provider; any officer, director, or employee of a covered provider; and any vendor, agent, or contractor of a covered provider that receives or processes line separation requests with the survivor’s consent or as needed to effectuate the request, shall treat the fact of the line separation request and any information or documents a survivor submits under this subpart, including any customer proprietary network information, as confidential and securely dispose of the information not later than 90 days after receiving the information, except as provided in subparagraphs (2) and (3) below. (1) A covered provider may only disclose or permit access to information a survivor submits under this subpart pursuant to a valid court order; to the individual survivor submitting the line separation request; to anyone that the survivor specifically designates; to those third parties necessary to effectuate the request (i.e., vendors, contractors, and agents); or, to the extent necessary, to the Commission or the Universal Service Administrative Company for processing of emergency communications support through the Lifeline program for qualifying survivors, as provided in § 54.424 of this chapter. 101 Federal Communications Commission FCC-CIRC2311-02 (2) A covered provider may retain any confidential record related to the line separation request for longer than 90 days upon receipt of a legitimate law enforcement request. (3) A covered provider may maintain a record that verifies that a survivor fulfilled the conditions of a line separation request under this subpart for longer than 90 days after receiving the information as long as the covered provider also treats such records as confidential and securely disposes of them. This record shall not contain the documentation of survivor status described in paragraph (a)(9) of this section or other original records a survivor submits with a request under this subpart. (4) A covered provider shall implement data security measures commensurate with the sensitivity of the information submitted with line separation requests, including policies and procedures governing confidential treatment and secure disposal of the information a survivor submits under this subpart, train employees on those policies and procedures, and restrict access to databases storing such information to only those employees who need access to that information. (5) A covered provider shall not use, process, or disclose the fact of a line separation request or any information or documentation provided with such a request to market any products or services. (e) Nothing in this section shall affect any law or regulation of a State providing communications protections for survivors (or any similar category of individuals) that has less stringent requirements for providing evidence of a covered act (or any similar category of conduct) than this section. § 64.6402 Processing of Separation of Lines from a Shared Mobile Service Contract. (a) Subject to the requirements of this section, as soon as feasible, but not later than close of business two businesses days after receiving a completed line separation request from a survivor submitted pursuant to § 64.6401, a covered provider shall, consistent with the survivor’s request: (1) separate the line(s) of the survivor, and the line(s) of any individual in the care of the survivor, from the shared mobile service contract; or (2) separate the line(s) of the abuser from the shared mobile service contract. (b) A covered provider shall attempt to authenticate, using multiple authentication methods if necessary, that a survivor requesting a line separation is a user of the specific line(s). (1) If the survivor is the primary account holder or a user designated to have account authority by the primary account holder, a covered provider shall attempt to authenticate the identity of the survivor in accordance with the covered provider’s authentication measures for primary account holders or designated users. (2) If the survivor is not the primary account holder or a designated user, the covered provider shall attempt to authenticate the identity of the survivor using methods that are reasonably designed to confirm the survivor is actually a user of the specified line(s) on the account. (c) At the time a survivor submits a line separation request, a covered provider shall: (1) inform the survivor, through remote means established in § 64.6403, that the provider may contact the survivor (or the survivor’s designated representative) to confirm the line separation or inform the survivor if the provider is unable to complete the line separation; 102 Federal Communications Commission FCC-CIRC2311-02 (2) inform the survivor of the existence of the Lifeline program as a source of support for emergency communications for qualifying survivors, as provided in § 54.424 of this chapter, including a description of who might qualify for the Lifeline program, how to participate, and information about the Affordable Connectivity Program, or other successor program, for which the survivor may be eligible due to their survivor status; (3) if the line separation request was submitted through remote means, allow the survivor to elect the manner in which the covered provider may contact the survivor (or designated representative of the survivor) in response to the request, if necessary, which must include at least one means of communications that does not require a survivor to interact in person with an employee of the covered provider at a physical location; (4) if the line separation request was submitted through remote means, allow a survivor to select a preferred language for future communications from among those in which the covered provider advertises, and deliver any such future communications in the language selected by the survivor; and (5) allow a survivor submitting a line separation request to indicate the service plan the survivor chooses from among all commercially available plans the covered provider offers for which the survivor may be eligible, including any prepaid plans; whether the survivor intends to retain possession of any device associated with a separated line; and whether the survivor intends to apply for emergency communications support through the Lifeline program, as provided in § 54.424 of this chapter, if available through the covered provider. (d) If a covered provider cannot operationally or technically effectuate a line separation request after taking reasonable steps to do so, the covered provider shall, at the time of the request (or for a request made using remote means, not later than two business days after receiving the request) notify the survivor (or designated representative of the survivor) of that infeasibility. The covered provider shall explain the nature of the operational or technical limitations that prevent the provider from completing the line separation as requested and provide the survivor with information about available alternative options to obtain a line separation and alternatives to submitting a line separation request, including starting a new account for the survivor. The covered provider shall deliver any such notification through the manner of communication and in the language selected by the survivor at the time of the request. (e) If a covered provider rejects a line separation request for any reason other than operational or technical infeasibility, the covered provider shall, not later than two business days after receiving the request, notify the survivor (or designated representative of the survivor), through the manner of communication and the language selected by the survivor at the time of the request, of the rejection. The covered provider shall explain the basis for the rejection, describe how the survivor can either correct any issues with the existing line separation request or submit a new line separation request, and, if applicable, provide the survivor with information about available alternative options to obtain a line separation and alternatives to submitting a line separation request, including starting a new account for the survivor. (f) A covered provider shall treat any correction, resubmission, or alternatives selected by a survivor following a denial as a new request. (g) As soon as feasible after receiving a legitimate line separation request, a covered provider shall notify a survivor of the date on which the covered provider intends to give any formal notification of a line separation, cancellation, or suspension of service: 103 Federal Communications Commission FCC-CIRC2311-02 (1) to the primary account holder, if the survivor is not the primary account holder; and (2) to the abuser, if the line separation involves the abuser’s line. (h) A covered provider shall not notify an abuser who is not the primary account holder when the covered provider separates the line(s) of a survivor or an individual in the care of a survivor from a shared mobile service contract. (i) A covered provider shall not notify a primary account holder of a request by a survivor to port-out a number that is the subject of a line separation request. A covered provider shall not notify a primary account holder of a survivor’s request for a SIM change when made in connection with a line separation request pursuant to 47 U.S.C. 345 and this subpart. (j) A covered provider shall only communicate with a survivor as required by this subpart or as necessary to effectuate a line separation. A covered provider shall not engage in marketing and advertising communications that are not related to assisting the survivor with understanding and selecting service options. (k) As soon as feasible after receiving a legitimate line separation request from a survivor, a covered provider shall lock the account affected by the line separation request to prevent all SIM changes, number ports, and line cancellations other than those requested as part of the line separation request pursuant to 47 U.S.C. 345 and this subpart until the request is processed or denied. (l) A covered provider shall effectuate a legitimate line separation request submitted pursuant to this subpart, and any associated number port and SIM change requests, regardless of whether an account lock is activated on the account. (m) A covered provider receiving a request from any customer other than the survivor requesting that the covered provider stop or reverse a line separation on the basis that the line separation request was fraudulent shall make a record of the request in the customer’s existing account and, if applicable, the customer’s new account, in the event further evidence shows that the line separation request was in fact fraudulent. (n) A covered provider shall provide a survivor with documentation that clearly identifies the survivor and shows that the survivor has submitted a legitimate line separation request under 47 U.S.C. 345(c)(1) and this subpart upon completion of the provider’s line separation request review process. The documentation shall include: (1) the survivor’s full name; (2) confirmation that the covered provider authenticated the survivor as a user of the line(s) subject to the line separation request; and (3) a statement that the survivor has submitted a legitimate line separation request under 47 U.S.C. 345(c)(1). The covered provider shall provide this documentation to survivors in a written format that can be easily saved and shared by a survivor. § 64.6403 Establishment of Mechanisms for Submission of Line Separation Requests. (a) A covered provider shall offer a survivor the ability to submit a line separation request through secure remote means that are easily navigable, provided that remote options are commercially available and technically feasible. A covered provider shall offer more than one remote means of submitting a line separation request and shall offer alternative means to accommodate individuals with different disabilities. A covered provider may offer means of submitting a line separation request that are not 104 Federal Communications Commission FCC-CIRC2311-02 remote if the provider does not require a survivor to use such non-remote means or make it more difficult for survivors to access remote means than to access non-remote means. For purposes of this subpart, remote means are those that do not require a survivor to interact in person with an employee of the covered provider at a physical location. (b) The means a covered provider offers pursuant to this section must allow survivors to submit any information and documentation required by 47 U.S.C. 345 and this subpart. A covered provider may offer means that allow or require survivors to initiate a request using one method and submit documentation using another method. A covered provider shall permit a survivor to submit any documentation required by 47 U.S.C. 345 and this subpart in any common format. (c) Any means that a covered provider offers pursuant to this section shall: (1) use wording that is simple, clear, and concise; (2) present the information requests in a format that is easy to comprehend and use; (3) generally use the same wording and format on all platforms available for submitting a request; (4) clearly identify the information and documentation that a survivor must include with a line separation request and allow survivors to provide that information and documentation easily; (5) be available in all the languages in which the covered provider advertises its services; and (6) be accessible by individuals with disabilities, including being available in all formats (e.g., large print, braille)in which the covered provider makes its service information available to individuals with disabilities. § 64.6404 Prohibitions and Limitations for Line Separation Requests. (a) A covered provider may not make separation of a line from a shared mobile service contract under this subpart contingent on any limitation or requirement other than those described in section 64.6405 of this subpart, including, but not limited to: (1) payment of a fee, penalty, or other charge; (2) maintaining contractual or billing responsibility of a separated line with the provider; (3) approval of separation by the primary account holder, if the primary account holder is not the survivor; (4) a prohibition or limitation, including payment of a fee, penalty, or other charge, on number portability, provided such portability is technically feasible; (5) a prohibition or limitation, including payment of a fee, penalty, or other charge, on a request to change phone numbers; (6) a prohibition or limitation on the separation of lines as a result of arrears accrued by the account; 105 Federal Communications Commission FCC-CIRC2311-02 (7) an increase in the rate charged for the mobile service plan of the primary account holder with respect to service on any remaining line or lines; (8) the results of a credit check or other proof of a party’s ability to pay; or (9) any other requirement or limitation not specifically permitted by the Safe Connections Act of 2022, Pub. L. No. 117-223, 47 U.S.C. 345. (b) Nothing in paragraph (a) shall be construed to require a covered provider to provide a rate plan for the primary account holder that is not otherwise commercially available or to prohibit a covered provider from requiring a survivor requesting a line separation to comply with the general terms and conditions associated with using the covered provider’s services, as long as those terms and conditions do not contain the enumerated prohibitions in 47 U.S.C. 345(b)(2) and this section, and do not otherwise hinder a survivor from obtaining a line separation. § 64.6405 Financial Responsibility Following Line Separations. (a) Beginning on the date on which a covered provider transfers billing responsibilities for and use of telephone number(s) to a survivor following a line separation under § 64.6402(a), the survivor shall assume financial responsibility, including for monthly service costs, for the transferred telephone number(s), unless ordered otherwise by a court. Upon the transfer of the telephone number(s) under § 64.6402(a) to separate the line(s) of the abuser from a shared mobile service contract, the survivor shall have no further financial responsibilities to the transferring covered provider for the services provided by the transferring covered provider for the telephone number(s) or for any mobile device associated with the abuser’s telephone number(s). (b) Beginning on the date on which a covered provider transfers billing responsibilities for and rights to telephone number(s) to a survivor following a line separation under § 64.6402(a), the survivor shall not assume financial responsibility for any mobile device(s) associated with the separated line(s), unless the survivor purchased the mobile device(s), or affirmatively elects to maintain possession of the mobile device(s), unless otherwise ordered by a court. (c) Following a line separation under § 64.6402(a), a covered provider shall maintain any arrears previously accrued on the account with the subscriber who was the primary account holder prior to the line separation. § 64.6406 Notice of Line Separation Availability to Consumers. (a) A covered provider shall make information about the line separation options and processes described in this subpart readily available to consumers: (1) on a support-related page of the website and mobile application of the provider in all languages in which the provider advertises on the website; (2) in physical stores via flyers, signage, or other handouts that are clearly visible and accessible to consumers, in all languages in which the provider advertises in that particular store and on its website; 106 Federal Communications Commission FCC-CIRC2311-02 (3) in a manner that is accessible to individuals with disabilities, including all formats (e.g., large print, braille) in which a covered provider makes its service information available to individuals with disabilities; and (4) in other forms of public-facing consumer communication. In providing this information to consumers, a covered provider shall include, at a minimum, an overview of the line separation process; a description of survivors’ service options that may be available to them; a statement that the Safe Connections Act does not permit covered providers to make a line separation conditional upon the imposition of penalties, fees, or other requirements or limitations; basic information concerning the availability of the Lifeline support for qualifying survivors; and a description of which types of line separations the provider cannot perform in all instances due to operational or technical limitations, if any. § 64.6407 Employee Training. A covered provider must train its employees who may interact with survivors regarding a line separation request on how to assist them or on how to direct them to other employees who have received such training. § 64.6408 Protection of the Privacy of Calls and Text Messages to Covered Hotlines. (a) All covered providers, wireline providers of voice service, fixed wireless providers of voice service, and fixed satellite providers of voice service shall: (1) Omit from consumer-facing logs of calls and text messages any records of calls or text messages to covered hotlines in the central database established by the Commission. (2) Maintain internal records of calls and text messages omitted from consumer-facing logs of calls and text messages pursuant to subparagraph (a)(1) of this section. (3) Be responsible for downloading the initial database file and subsequent updates to the database file from the central database established by the Commission. Updates must be downloaded and implemented by covered providers, wireline providers of voice service, fixed wireless providers of voice service, and fixed satellite providers of voice service no later than 15 days after such updates are made available for download. (b) With respect to covered providers, wireline providers of voice service, fixed wireless providers of voice service, and fixed satellite providers of voice service that are not small service providers, compliance with paragraph (a) of this section shall be required [INSERT DATE ONE YEAR AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER]. In the event the Wireline Competition Bureau has not released the database download file specification by [INSERT DATE 4 MONTHS AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER], or in the event the Wireline Competition Bureau has not announced that the database administrator has made the initial database download file available for testing by [INSERT DATE 10 MONTHS AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER], the compliance deadline set forth in this paragraph shall be extended consistent with the delay, and the Wireline Competition Bureau is delegated authority to revise this § 64.6408 accordingly. (c) With respect to small service providers that are covered providers or wireline providers of voice service, compliance with paragraph (a) of this section shall be required [INSERT DATE 18 MONTHS 107 Federal Communications Commission FCC-CIRC2311-02 AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER]. In the event the Wireline Competition Bureau has not released the database download file specification by [INSERT DATE 10 MONTHS AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER], or in the event the Wireline Competition Bureau has not announced that the database administrator has made the initial database download file available for testing by [INSERT DATE 16 MONTHS AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER], the compliance deadline set forth in this paragraph shall be extended consistent with the delay, and the Wireline Competition Bureau is delegated authority to revise this § 64.6408 accordingly. § 64.6409 Compliance Date. Sections 64.6400 – 64.6407 of this Subpart II may contain information-collection and/or recordkeeping requirements. Compliance with sections 64.6400 – 64.6407 will not be required until this section 64.6409 is removed or contains a compliance date, which will not occur until the later of: i) [INSERT DATE SIX MONTHS AFTER THE EFFECTIVE DATE OF THIS REPORT AND ORDER]; or ii) after the Office of Management and Budget completes review of any information collection requirements in sections 64.6400 – 64.6407 of this Subpart II that the Wireline Competition Bureau determines is required under the Paperwork Reduction Act or the Wireline Competition Bureau determines that such review is not required. The Commission directs the Wireline Competition Bureau to announce a compliance date for sections 64.6400 – 64.6407 by subsequent Public Notice and to cause this Subpart II to be revised accordingly. 3. Amend § 64.2010 to read as follows: § 64.2010 Safeguards on the disclosure of customer proprietary network information. * * * * * (f) Notification of Account Changes. (1) Telecommunications carriers must notify customers immediately whenever a password, customer response to a back-up means of authentication for lost or forgotten password, online account, or address of record is created or changed. This notification is not required when the customer initiates service, including the selection of a password at service initiation. This notification may be through a carrier-originated voicemail or text message to the telephone number of record, or by mail to the address of record, and must not reveal the changed information or be sent to the new account information. (2) Paragraph (f)(1) of this section does not apply to a change made in connection with a line separation request under 47 U.S.C. 345 and Subpart II of this chapter. *** (h) Compliance with the provision in paragraph (f) applicable to line separation requests under 47 U.S.C. 345 and Subpart II of this chapter will not be required until this paragraph (h) is removed or contains a compliance date, which will not occur until the later of: i) [INSERT DATE SIX MONTHS AFTER THE EFFECTIVE DATE OF THIS REPORT AND ORDER]; or ii) after OMB completes review of any information collection requirements in Subpart II of this Part 64 that the Wireline Competition Bureau determines is required under the Paperwork Reduction Act or the Wireline Competition Bureau determines that such review is not required. The Commission directs the Wireline Competition Bureau to announce a compliance date for the requirements of paragraph (f) by subsequent Public Notice and to cause this section 64.2010 to be revised accordingly. * * * * * 108 Federal Communications Commission FCC-CIRC2311-02 APPENDIX B Final Regulatory Flexibility Analysis 1. As required by the Regulatory Flexibility Act of 1980, as amended (RFA),1 an Initial Regulatory Flexibility Analysis (IRFA) was incorporated in the Supporting Survivors of Domestic and Sexual Violence; Lifeline and Link Up Reform and Modernization; Affordable Connectivity Program Notice of Proposed Rulemaking (Safe Connections Notice), released in February 2023.2 The Commission sought written public comment on the proposals in the Safe Connections Notice, including comment on the IRFA. No comments were filed addressing the IRFA. This present Final Regulatory Flexibility Analysis (FRFA) conforms to the RFA.3 A. Need for and Objectives of the Report and Order 2. Congress enacted the Safe Connections Act of 20224 (Safe Connections Act or SCA) in November of 2022 to ensure survivors of domestic violence can separate from abusers without losing independent access to their mobile service plan.5 The SCA amends the Communications Act of 1934 (Communications Act) to require mobile service providers to separate the line of a survivor of domestic violence (and other related crimes and abuse), and any individuals in the care of the survivor, from a mobile service contract shared with an abuser within two business days after receiving a request from the survivor.6 The SCA also directs the Commission to issue rules, within 18 months of the statute’s enactment, implementing the line separation requirement.7 Additionally, the SCA requires the Commission to designate either the Lifeline program or Affordable Connectivity Program (ACP) as the vehicle for providing survivors suffering financial hardship with emergency communications support for up to six months.8 Further, the legislation requires the Commission to open a rulemaking within 180 days of enactment to consider whether to, and how the Commission should, establish a central database of domestic abuse hotlines to be used by service providers and require such providers to omit, subject to certain conditions, any records of calls or text messages to the hotlines from consumer-facing call and text message logs.9 3. The Report and Order implements the SCA, adopting measures we believe will aid survivors who lack meaningful support and communications options when establishing independence from an abuser.10 We take action to ensure that survivors of domestic violence are able to maintain critical access to reliable, safe, and affordable connectivity. Such connectivity permits survivors to contact family and friends, and seek help through services such as domestic abuse hotlines. Survivors 1 5 U.S.C. § 603. The RFA, 5 U.S.C. §§ 601–612, was amended by the Small Business Regulatory Enforcement Fairness Act of 1996 (SBREFA), Pub. L. No. 104-121, Title II, 110 Stat. 857 (1996). 2 See Supporting Survivors of Domestic and Sexual Violence; Lifeline and Link Up Reform and Modernization; Affordable Connectivity Program, WC Docket Nos. 22-238, 11-42, 21-450, Notice of Proposed Rulemaking, FCC 23-9 (Feb. 17, 2023) (Safe Connections Notice). 3 5 U.S.C. § 604. 4 Safe Connections Act of 2022, Pub. L. No. 117-223, 116 Stat. 2280 (Safe Connections Act or SCA). 5 Safe Connections Act § 3(4) (finding that “independent access to a wireless phone plan can assist survivors in establishing security and autonomy”). 6 Safe Connections Act § 4 (adding section 345 to the Act). 7 Safe Connections Act § 5(b)(1)(A). 8 Safe Connections Act § 5(b)(1), (2). 9 Safe Connections Act § 5(b)(3). 10 Safe Connections Act § 3. 109 Federal Communications Commission FCC-CIRC2311-02 whose devices and associated telephone numbers are part of multi-line or shared plans with abusers can face difficulties separating lines from such plans and maintaining affordable service. Survivors may be reluctant to call support services such as hotlines for fear of the call log exposing the call to an abuser. Survivors may also experience financial hardship as a result of leaving a relationship with an abuser. 4. Specifically, the Report and Order adopts rules to implement the line separation requirement in the Safe Connections Act; adopts the Commission’s proposal from the Safe Connections Notice relating to protecting the privacy of calls and text messages to domestic abuse hotlines to establish a central database of domestic abuse hotlines to be used by service providers and require such providers to omit, subject to certain conditions, any records of calls or text messages to the hotlines from consumer- facing call and text message logs; and designates the Lifeline program as the vehicle for providing survivors suffering financial hardship with emergency communications support for up to six months. B. Summary of Significant Issues Raised by Public Comments in Response to the IRFA 5. There were no comments raised that specifically addressed the proposed rules and policies presented in the IRFA. Nonetheless, we considered the potential impact of the rules proposed in the IRFA on small entities and took steps where appropriate and feasible to reduce the compliance burden for small entities in order to reduce the economic impact of the rules enacted herein on such entities. C. Response to Comments by the Chief Counsel for Advocacy of the Small Business Administration 6. Pursuant to the Small Business Jobs Act of 2010, which amended the RFA, the Commission is required to respond to any comments filed by the Chief Counsel for Advocacy of the Small Business Administration (SBA), and to provide a detailed statement of any change made to the proposed rules as a result of those comments.11 The Chief Counsel did not file any comments in response to the proposed rules in this proceeding. D. Description and Estimate of the Number of Small Entities to Which the Rules Will Apply 7. The RFA directs agencies to provide a description of and, where feasible, an estimate of the number of small entities that may be affected by the rules adopted herein.12 The RFA generally defines the term “small entity” as having the same meaning as the terms “small business,” “small organization,” and “small governmental jurisdiction.”13 In addition, the term “small business” has the same meaning as the term “small business concern” under the Small Business Act.14 A “small business concern” is one which: (1) is independently owned and operated; (2) is not dominant in its field of operation; and (3) satisfies any additional criteria established by the SBA.15 8. Small Businesses, Small Organizations, Small Governmental Jurisdictions. Our actions, over time, may affect small entities that are not easily categorized at present. We therefore describe, at 11 5 U.S.C. § 604(a)(3). 12 Id. § 604 (a)(4). 13 Id. § 601(6). 14 Id. § 601(3) (incorporating by reference the definition of “small-business concern” in the Small Business Act, 15 U.S.C. § 632). Pursuant to 5 U.S.C. § 601(3), the statutory definition of a small business applies “unless an agency, after consultation with the Office of Advocacy of the Small Business Administration and after opportunity for public comment, establishes one or more definitions of such term which are appropriate to the activities of the agency and publishes such definition(s) in the Federal Register.” 15 15 U.S.C. § 632. 110 Federal Communications Commission FCC-CIRC2311-02 the outset, three broad groups of small entities that could be directly affected herein.16 First, while there are industry specific size standards for small businesses that are used in the regulatory flexibility analysis, according to data from the Small Business Administration’s (SBA) Office of Advocacy, in general a small business is an independent business having fewer than 500 employees.17 These types of small businesses represent 99.9% of all businesses in the United States, which translates to 33.2 million businesses.18 9. Next, the type of small entity described as a “small organization” is generally “any not- for-profit enterprise which is independently owned and operated and is not dominant in its field.”19 The Internal Revenue Service (IRS) uses a revenue benchmark of $50,000 or less to delineate its annual electronic filing requirements for small exempt organizations.20 Nationwide, for tax year 2020, there were approximately 447,689 small exempt organizations in the U.S. reporting revenues of $50,000 or less according to the registration and tax data for exempt organizations available from the IRS.21 10. Finally, the small entity described as a “small governmental jurisdiction” is defined generally as “governments of cities, counties, towns, townships, villages, school districts, or special districts, with a population of less than fifty thousand.”22 U.S. Census Bureau data from the 2017 Census of Governments23 indicate there were 90,075 local governmental jurisdictions consisting of general purpose governments and special purpose governments in the United States.24 Of this number, there were 16 See 5 U.S.C. § 601(3)-(6). 17 See SBA, Office of Advocacy, “What’s New With Small Business?,” https://advocacy.sba.gov/wp-content/uploads/2023/03/Whats-New-Infographic-March-2023-508c.pdf. (Mar. 2023) 18 Id. 19 See 5 U.S.C. § 601(4). 20 The IRS benchmark is similar to the population of less than 50,000 benchmark in 5 U.S.C § 601(5) that is used to define a small governmental jurisdiction. Therefore, the IRS benchmark has been used to estimate the number of small organizations in this small entity description. See Annual Electronic Filing Requirement for Small Exempt Organizations – Form 990-N (e-Postcard), “Who must file,” https://www.irs.gov/charities-non-profits/annual- electronic-filing-requirement-for-small-exempt-organizations-form-990-n-e-postcard. We note that the IRS data does not provide information on whether a small exempt organization is independently owned and operated or dominant in its field. 21 See Exempt Organizations Business Master File Extract (EO BMF), “CSV Files by Region,” https://www.irs.gov/charities-non-profits/exempt-organizations-business-master-file-extract-eo-bmf. The IRS Exempt Organization Business Master File (EO BMF) Extract provides information on all registered tax- exempt/non-profit organizations. The data utilized for purposes of this description was extracted from the IRS EO BMF data for businesses for the tax year 2020 with revenue less than or equal to $50,000 for Region 1-Northeast Area (58,577), Region 2-Mid-Atlantic and Great Lakes Areas (175,272), and Region 3-Gulf Coast and Pacific Coast Areas (213,840) that includes the continental U.S., Alaska, and Hawaii. This data does not include information for Puerto Rico. 22 See 5 U.S.C. § 601(5). 23 See 13 U.S.C. § 161. The Census of Governments survey is conducted every five (5) years compiling data for years ending with “2” and “7”. See also Census of Governments, https://www.census.gov/programs- surveys/cog/about.html. 24 See U.S. Census Bureau, 2017 Census of Governments – Organization Table 2. Local Governments by Type and State: 2017 [CG1700ORG02], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. Local governmental jurisdictions are made up of general purpose governments (county, municipal and town or township) and special purpose governments (special districts and independent school districts). See also tbl.2. CG1700ORG02 Table Notes_Local Governments by Type and State_2017. 111 Federal Communications Commission FCC-CIRC2311-02 36,931 general purpose governments (county,25 municipal, and town or township26) with populations of less than 50,000 and 12,040 special purpose governments—independent school districts27 with enrollment populations of less than 50,000.28 Accordingly, based on the 2017 U.S. Census of Governments data, we estimate that at least 48,971 entities fall into the category of “small governmental jurisdictions.”29 11. Wired Telecommunications Carriers. The U.S. Census Bureau defines this industry as establishments primarily engaged in operating and/or providing access to transmission facilities and infrastructure that they own and/or lease for the transmission of voice, data, text, sound, and video using wired communications networks.30 Transmission facilities may be based on a single technology or a combination of technologies. Establishments in this industry use the wired telecommunications network facilities that they operate to provide a variety of services, such as wired telephony services, including VoIP services, wired (cable) audio and video programming distribution, and wired broadband Internet services.31 By exception, establishments providing satellite television distribution services using facilities and infrastructure that they operate are included in this industry.32 Wired Telecommunications Carriers are also referred to as wireline carriers or fixed local service providers.33 12. The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.34 U.S. Census Bureau data for 2017 show that there 25 See id. at tbl.5. County Governments by Population-Size Group and State: 2017 [CG1700ORG05], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. There were 2,105 county governments with populations less than 50,000. This category does not include subcounty (municipal and township) governments. 26 See id. at tbl.6. Subcounty General-Purpose Governments by Population-Size Group and State: 2017 [CG1700ORG06], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. There were 18,729 municipal and 16,097 town and township governments with populations less than 50,000. 27 See id. at tbl.10. Elementary and Secondary School Systems by Enrollment-Size Group and State: 2017 [CG1700ORG10], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. There were 12,040 independent school districts with enrollment populations less than 50,000. See also tbl.4. Special-Purpose Local Governments by State Census Years 1942 to 2017 [CG1700ORG04], CG1700ORG04 Table Notes_Special Purpose Local Governments by State_Census Years 1942 to 2017. 28 While the special purpose governments category also includes local special district governments, the 2017 Census of Governments data does not provide data aggregated based on population size for the special purpose governments category. Therefore, only data from independent school districts is included in the special purpose governments category. 29 This total is derived from the sum of the number of general purpose governments (county, municipal and town or township) with populations of less than 50,000 (36,931) and the number of special purpose governments - independent school districts with enrollment populations of less than 50,000 (12,040), from the 2017 Census of Governments - Organizations tbls. 5, 6 & 10. 30 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 31 Id. 32 Id. 33 Fixed Local Service Providers include the following types of providers: Incumbent Local Exchange Carriers (ILECs), Competitive Access Providers (CAPs) and Competitive Local Exchange Carriers (CLECs), Cable/Coax CLECs, Interconnected VOIP Providers, Non-Interconnected VOIP Providers, Shared-Tenant Service Providers, Audio Bridge Service Providers, and Other Local Service Providers. Local Resellers fall into another U.S. Census Bureau industry group and therefore data for these providers is not included in this industry. 34 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 112 Federal Communications Commission FCC-CIRC2311-02 were 3,054 firms that operated in this industry for the entire year.35 Of this number, 2,964 firms operated with fewer than 250 employees.36 Additionally, based on Commission data in the 2022 Universal Service Monitoring Report, as of December 31, 2021, there were 4,590 providers that reported they were engaged in the provision of fixed local services.37 Of these providers, the Commission estimates that 4,146 providers have 1,500 or fewer employees.38 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 13. Local Exchange Carriers (LECs). Neither the Commission nor the SBA has developed a size standard for small businesses specifically applicable to local exchange services. Providers of these services include both incumbent and competitive local exchange service providers. Wired Telecommunications Carriers39 is the closest industry with an SBA small business size standard.40 Wired Telecommunications Carriers are also referred to as wireline carriers or fixed local service providers.41 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.42 U.S. Census Bureau data for 2017 show that there were 3,054 firms that operated in this industry for the entire year.43 Of this number, 2,964 firms operated with fewer than 250 employees.44 Additionally, based on Commission data in the 2022 Universal Service Monitoring Report, as of December 31, 2021, there were 4,590 providers that reported they were fixed local exchange service providers.45 Of these providers, the Commission estimates that 4,146 providers have 1,500 or fewer employees.46 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 35 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 36 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 37 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2022), https://docs.fcc.gov/public/attachments/DOC-391070A1.pdf. https://docs.fcc.gov/public/attachments/DOC- 379181A1.pdf 38 Id. 39 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 40 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 41 Fixed Local Exchange Service Providers include the following types of providers: Incumbent Local Exchange Carriers (ILECs), Competitive Access Providers (CAPs) and Competitive Local Exchange Carriers (CLECs), Cable/Coax CLECs, Interconnected VOIP Providers, Non-Interconnected VOIP Providers, Shared-Tenant Service Providers, Audio Bridge Service Providers, Local Resellers, and Other Local Service Providers. 42 Id. 43 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 44 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 45 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2022), https://docs.fcc.gov/public/attachments/DOC-391070A1.pdf. 46 Id. 113 Federal Communications Commission FCC-CIRC2311-02 14. Competitive Local Exchange Carriers (LECs). Neither the Commission nor the SBA has developed a size standard for small businesses specifically applicable to local exchange services. Providers of these services include several types of competitive local exchange service providers.47 Wired Telecommunications Carriers48 is the closest industry with a SBA small business size standard. The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.49 U.S. Census Bureau data for 2017 show that there were 3,054 firms that operated in this industry for the entire year.50 Of this number, 2,964 firms operated with fewer than 250 employees.51 Additionally, based on Commission data in the 2022 Universal Service Monitoring Report, as of December 31, 2021, there were 3,378 providers that reported they were competitive local exchange service providers.52 Of these providers, the Commission estimates that 3,230 providers have 1,500 or fewer employees.53 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 15. Interexchange Carriers (IXCs). Neither the Commission nor the SBA have developed a small business size standard specifically for Interexchange Carriers. Wired Telecommunications Carriers54 is the closest industry with a SBA small business size standard.55 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.56 U.S. Census Bureau data for 2017 show that there were 3,054 firms that operated in this industry for the entire year.57 Of this number, 2,964 firms operated with fewer than 250 employees.58 Additionally, based on Commission data in the 2022 Universal Service Monitoring Report, as of December 31, 2021, there were 127 providers that reported they were engaged in the provision of 47 Competitive Local Exchange Service Providers include the following types of providers: Competitive Access Providers (CAPs) and Competitive Local Exchange Carriers (CLECs), Cable/Coax CLECs, Interconnected VOIP Providers, Non-Interconnected VOIP Providers, Shared-Tenant Service Providers, Audio Bridge Service Providers, Local Resellers, and Other Local Service Providers. 48 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 49 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 50 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 51 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 52 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2022), https://docs.fcc.gov/public/attachments/DOC-391070A1.pdf. 53 Id. 54 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 55 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 56 Id. 57 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 58 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 114 Federal Communications Commission FCC-CIRC2311-02 interexchange services. Of these providers, the Commission estimates that 109 providers have 1,500 or fewer employees.59 Consequently, using the SBA’s small business size standard, the Commission estimates that the majority of providers in this industry can be considered small entities. 16. Cable System Operators (Telecom Act Standard). The Communications Act of 1934, as amended, contains a size standard for a “small cable operator,” which is “a cable operator that, directly or through an affiliate, serves in the aggregate fewer than one percent of all subscribers in the United States and is not affiliated with any entity or entities whose gross annual revenues in the aggregate exceed $250,000,000.”60 For purposes of the Telecom Act Standard, the Commission determined that a cable system operator that serves fewer than 498,000 subscribers, either directly or through affiliates, will meet the definition of a small cable operator.61 Based on industry data, only six cable system operators have more than 498,000 subscribers.62 Accordingly, the Commission estimates that the majority of cable system operators are small under this size standard. We note, however, that the Commission neither requests nor collects information on whether cable system operators are affiliated with entities whose gross annual revenues exceed $250 million.63 Therefore, we are unable at this time to estimate with greater precision the number of cable system operators that would qualify as small cable operators under the definition in the Communications Act. 17. Other Toll Carriers. Neither the Commission nor the SBA has developed a definition for small businesses specifically applicable to Other Toll Carriers. This category includes toll carriers that do not fall within the categories of interexchange carriers, operator service providers, prepaid calling card providers, satellite service carriers, or toll resellers. Wired Telecommunications Carriers64 is the closest industry with a SBA small business size standard.65 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.66 U.S. Census Bureau data for 2017 show that there were 3,054 firms in this industry that operated for the entire year.67 59 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2022), https://docs.fcc.gov/public/attachments/DOC-391070A1.pdf. 60 47 U.S.C. § 543(m)(2). 61 FCC Announces Updated Subscriber Threshold for the Definition of Small Cable Operator, Public Notice, DA 23-906 (MB 2023) (2023 Subscriber Threshold PN). In this Public Notice, the Commission determined that there were approximately 49.8 million cable subscribers in the United States at that time using the most reliable source publicly available. Id. This threshold will remain in effect until the Commission issues a superseding Public Notice.. See 47 CFR § 76.901(e)(1). 62 S&P Global Market Intelligence, S&P Capital IQ Pro, Top Cable MSOs 06/23Q (last visited Sept. 27, 2023); S&P Global Market Intelligence, Multichannel Video Subscriptions, Top 10 (April 2022). 63 The Commission does receive such information on a case-by-case basis if a cable operator appeals a local franchise authority’s finding that the operator does not qualify as a small cable operator pursuant to § 76.901(e) of the Commission’s rules. See 47 CFR § 76.910(b). 64 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 65 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 66 Id. 67 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 115 Federal Communications Commission FCC-CIRC2311-02 Of this number, 2,964 firms operated with fewer than 250 employees.68 Additionally, based on Commission data in the 2022 Universal Service Monitoring Report, as of December 31, 2021, there were 90 providers that reported they were engaged in the provision of other toll services.69 Of these providers, the Commission estimates that 87 providers have 1,500 or fewer employees.70 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 18. Wireless Telecommunications Carriers (except Satellite). This industry comprises establishments engaged in operating and maintaining switching and transmission facilities to provide communications via the airwaves.71 Establishments in this industry have spectrum licenses and provide services using that spectrum, such as cellular services, paging services, wireless Internet access, and wireless video services.72 The SBA size standard for this industry classifies a business as small if it has 1,500 or fewer employees.73 U.S. Census Bureau data for 2017 show that there were 2,893 firms in this industry that operated for the entire year.74 Of that number, 2,837 firms employed fewer than 250 employees.75 Additionally, based on Commission data in the 2022 Universal Service Monitoring Report, as of December 31, 2021, there were 594 providers that reported they were engaged in the provision of wireless services.76 Of these providers, the Commission estimates that 511 providers have 1,500 or fewer employees.77 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 19. Satellite Telecommunications. This industry comprises firms “primarily engaged in providing telecommunications services to other establishments in the telecommunications and broadcasting industries by forwarding and receiving communications signals via a system of satellites or reselling satellite telecommunications.”78 Satellite telecommunications service providers include satellite and earth station operators. The SBA small business size standard for this industry classifies a business with $38.5 million or less in annual receipts as small.79 U.S. Census Bureau data for 2017 show that 275 68 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 69 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2022), https://docs.fcc.gov/public/attachments/DOC-391070A1.pdf. https://docs.fcc.gov/public/attachments/DOC- 379181A1.pdf 70 Id. 71 See U.S. Census Bureau, 2017 NAICS Definition, “517312 Wireless Telecommunications Carriers (except Satellite),” https://www.census.gov/naics/?input=517312&year=2017&details=517312. 72 Id. 73 See 13 CFR § 121.201, NAICS Code 517312 (as of 10/1/22, NAICS Code 517112). 74 See U.S. Census Bureau, 2017 Economic Census of the United States, Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517312, https://data.census.gov/cedsci/table?y=2017&n=517312&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 75 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 76 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2022), https://docs.fcc.gov/public/attachments/DOC-391070A1.pdf. 77 Id. 78 See U.S. Census Bureau, 2017 NAICS Definition, “517410 Satellite Telecommunications,” https://www.census.gov/naics/?input=517410&year=2017&details=517410. 79 See 13 CFR § 121.201, NAICS Code 517410. 116 Federal Communications Commission FCC-CIRC2311-02 firms in this industry operated for the entire year.80 Of this number, 242 firms had revenue of less than $25 million.81 Additionally, based on Commission data in the 2022 Universal Service Monitoring Report, as of December 31, 2021, there were 65 providers that reported they were engaged in the provision of satellite telecommunications services.82 Of these providers, the Commission estimates that approximately 42 providers have 1,500 or fewer employees.83 Consequently, using the SBA’s small business size standard, a little more than half of these providers can be considered small entities. 20. Wireless Broadband Internet Access Service Providers (Wireless ISPs or WISPs).84 Providers of wireless broadband Internet access service include fixed and mobile wireless providers. The Commission defines a WISP as “[a] company that provides end-users with wireless access to the Internet[.]”85 Wireless service that terminates at an end user location or mobile device and enables the end user to receive information from and/or send information to the Internet at information transfer rates exceeding 200 kilobits per second (kbps) in at least one direction is classified as a broadband connection under the Commission’s rules.86 Neither the SBA nor the Commission have developed a size standard specifically applicable to Wireless Broadband Internet Access Service Providers. The closest applicable industry with an SBA small business size standard is Wireless Telecommunications Carriers (except Satellite).87 The SBA size standard for this industry classifies a business as small if it has 1,500 or fewer employees.88 U.S. Census Bureau data for 2017 show that there were 2,893 firms in this industry that operated for the entire year.89 Of that number, 2,837 firms employed fewer than 250 employees.90 21. Additionally, according to Commission data on Internet access services as of June 30, 2019, nationwide there were approximately 1,237 fixed wireless and 70 mobile wireless providers of 80 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Sales, Value of Shipments, or Revenue Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEREVFIRM, NAICS Code 517410, https://data.census.gov/cedsci/table?y=2017&n=517410&tid=ECNSIZE2017.EC1700SIZEREVFIRM&hidePrevie w=false. 81 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. We also note that according to the U.S. Census Bureau glossary, the terms receipts and revenues are used interchangeably, see https://www.census.gov/glossary/#term_ReceiptsRevenueServices. 82 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2022), https://docs.fcc.gov/public/attachments/DOC-391070A1.pdf. 83 Id. 84 Formerly included in the scope of the Internet Service Providers (Broadband), Wireless Telecommunications Carriers (except Satellite) and All Other Telecommunications small entity industry descriptions. 85 Federal Communications Commission, Internet Access Services: Status as of June 30, 2019 at 27, Fig. 30 (IAS Status 2019), Industry Analysis Division, Office of Economics & Analytics (March 2022). The report can be accessed at https://www.fcc.gov/economics-analytics/industry-analysis-division/iad-data-statistical-reports. 86 See 47 CFR § 1.7001(a)(1). 87 See U.S. Census Bureau, 2017 NAICS Definition, “517312 Wireless Telecommunications Carriers (except Satellite),” https://www.census.gov/naics/?input=517312&year=2017&details=517312. 88 See 13 CFR § 121.201, NAICS Code 517312 (as of 10/1/22, NAICS Code 517112). 89 See U.S. Census Bureau, 2017 Economic Census of the United States, Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517312, https://data.census.gov/cedsci/table?y=2017&n=517312&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 90 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 117 Federal Communications Commission FCC-CIRC2311-02 connections over 200 kbps in at least one direction.91 The Commission does not collect data on the number of employees for providers of these services, therefore, at this time we are not able to estimate the number of providers that would qualify as small under the SBA’s small business size standard. However, based on data in the Commission’s 2022 Communications Marketplace Report on the small number of large mobile wireless nationwide and regional facilities-based providers, the dozens of small regional facilities-based providers and the number of wireless mobile virtual network providers in general,92 as well as on terrestrial fixed wireless broadband providers in general,93 we believe that the majority of wireless Internet access service providers can be considered small entities. 22. Local Resellers. Neither the Commission nor the SBA have developed a small business size standard specifically for Local Resellers. Telecommunications Resellers is the closest industry with a SBA small business size standard.94 The Telecommunications Resellers industry comprises establishments engaged in purchasing access and network capacity from owners and operators of telecommunications networks and reselling wired and wireless telecommunications services (except satellite) to businesses and households.95 Establishments in this industry resell telecommunications; they do not operate transmission facilities and infrastructure.96 Mobile virtual network operators (MVNOs) are included in this industry.97 The SBA small business size standard for Telecommunications Resellers classifies a business as small if it has 1,500 or fewer employees.98 U.S. Census Bureau data for 2017 show that 1,386 firms in this industry provided resale services for the entire year.99 Of that number, 1,375 firms operated with fewer than 250 employees.100 Additionally, based on Commission data in the 2022 Universal Service Monitoring Report, as of December 31, 2021, there were 207 providers that reported they were engaged in the provision of local resale services.101 Of these providers, the Commission estimates that 202 providers have 1,500 or fewer employees.102 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 91 See IAS Status 2019, Fig. 30. 92 See Communications Marketplace Report, GN Docket No. 22-203, 2022 WL 18110553 at 27, paras. 64-68. (2022) (2022 Communications Marketplace Report). 93 Id. at 8, para. 22. 94 See U.S. Census Bureau, 2017 NAICS Definition, “517911 Telecommunications Resellers,” https://www.census.gov/naics/?input=517911&year=2017&details=517911. 95 Id. 96 Id. 97 Id. 98 See 13 CFR § 121.201, NAICS Code 517911 (as of 10/1/22, NAICS Code 517121). 99 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517911, https://data.census.gov/cedsci/table?y=2017&n=517911&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 100 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 101 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2022), https://docs.fcc.gov/public/attachments/DOC-391070A1.pdf. 102 Id. 118 Federal Communications Commission FCC-CIRC2311-02 23. Toll Resellers. Neither the Commission nor the SBA have developed a small business size standard specifically for Toll Resellers. Telecommunications Resellers103 is the closest industry with a SBA small business size standard. The Telecommunications Resellers industry comprises establishments engaged in purchasing access and network capacity from owners and operators of telecommunications networks and reselling wired and wireless telecommunications services (except satellite) to businesses and households. Establishments in this industry resell telecommunications; they do not operate transmission facilities and infrastructure.104 Mobile virtual network operators (MVNOs) are included in this industry.105 The SBA small business size standard for Telecommunications Resellers classifies a business as small if it has 1,500 or fewer employees.106 U.S. Census Bureau data for 2017 show that 1,386 firms in this industry provided resale services for the entire year.107 Of that number, 1,375 firms operated with fewer than 250 employees.108 Additionally, based on Commission data in the 2022 Universal Service Monitoring Report, as of December 31, 2021, there were 457 providers that reported they were engaged in the provision of toll services.109 Of these providers, the Commission estimates that 438 providers have 1,500 or fewer employees.110 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 24. All Other Telecommunications. This industry is comprised of establishments primarily engaged in providing specialized telecommunications services, such as satellite tracking, communications telemetry, and radar station operation.111 This industry also includes establishments primarily engaged in providing satellite terminal stations and associated facilities connected with one or more terrestrial systems and capable of transmitting telecommunications to, and receiving telecommunications from, satellite systems.112 Providers of Internet services (e.g. dial-up ISPs) or Voice over Internet Protocol (VoIP) services, via client-supplied telecommunications connections are also included in this industry.113 The SBA small business size standard for this industry classifies firms with annual receipts of $35 million or less as small.114 U.S. Census Bureau data for 2017 show that there were 1,079 firms in this industry 103 See U.S. Census Bureau, 2017 NAICS Definition, “517911 Telecommunications Resellers,” https://www.census.gov/naics/?input=517911&year=2017&details=517911. 104 Id. 105 Id. 106 See 13 CFR § 121.201, NAICS Code 517911 (as of 10/1/22, NAICS Code 517121). 107 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517911, https://data.census.gov/cedsci/table?y=2017&n=517911&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 108 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 109 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2022), https://docs.fcc.gov/public/attachments/DOC-391070A1.pdf. https://docs.fcc.gov/public/attachments/DOC- 379181A1.pdf 110 Id. 111 See U.S. Census Bureau, 2017 NAICS Definition, “517919 All Other Telecommunications,” https://www.census.gov/naics/?input=517919&year=2017&details=517919. 112 Id. 113 Id. 114 See 13 CFR § 121.201, NAICS Code 517919 (as of 10/1/22, NAICS Code 517810). 119 Federal Communications Commission FCC-CIRC2311-02 that operated for the entire year.115 Of those firms, 1,039 had revenue of less than $25 million.116 Based on this data, the Commission estimates that the majority of “All Other Telecommunications” firms can be considered small. E. Description of Projected Reporting, Recordkeeping, and Other Compliance Requirements for Small Entities 25. In the Report and Order, the rules we adopt regarding the separation of lines from shared mobile service contracts require all small and other covered providers to take several actions with regard to reporting, recordkeeping, and other compliance matters. 26. Specifically, within two business days of receiving a completed line separation request from a survivor, a covered provider must separate the line(s) of a survivor (and any line(s) of an individual in the care of a survivor) or the line(s) of an abuser from a shared mobile service contract under which a survivor and abuser each use a line. To facilitate such line separations, a covered provider must establish more than one secure remote means through which a survivor may submit all information required to effectuate a line separation request and such means must be accessible by survivors with disabilities. A covered provider must treat any information submitted by a survivor in connection with a line separation request as confidential, which means the covered provider must securely dispose of such information within 90 days, subject to certain exceptions; implement policies and procedures governing the treatment and disposal of such information; train employees on such procedures; and restrict access to databases storing such information. Furthermore, at the time a survivor submits a line separation request, a covered provider must allow the survivor to indicate service choices, including from among any commercially available plans offered by the covered provider. Our rules also require that, as part of the line separation request mechanism, a covered provider inform a survivor of the availability of funding from the Lifeline program, and about the rules pertaining to participation in Lifeline. 27. After receiving a line separation request from a survivor, a covered provider must notify the survivor that the covered provider may contact the survivor or the survivor’s designated representative to confirm the line separation or to inform them of the covered provider’s inability to complete the line separation. When communicating with a survivor or a survivor’s designated representative, a covered provider must allow the survivor or the designated representative to select the manner of communication. Furthermore, a covered provider must provide documentation confirming receipt of the survivor’s legitimate line separation request that clearly identifies the survivor by name. A covered provider must attempt to authenticate that a survivor submitting a line separation request is in fact a user of the specific line identified by the survivor. A covered provider must also lock the account subject to a line separation to prevent all SIM changes, number ports, and line cancellations and effectuate a line separation for the completed request, subject to operational or technical infeasibility. If a line separation is operationally or technically infeasible, a covered provider must inform the survivor of the nature of the infeasibility and provide information about alternative options, such as establishing a new account for the survivor. A covered provider must notify the survivor of the date it will notify the primary account holder of the completed line separation if the survivor who submitted a complete line separation request is not also the primary account holder. In the event a survivor elects to separate an abuser’s line, a covered provider 115 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Sales, Value of Shipments, or Revenue Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEREVFIRM, NAICS Code 517919, https://data.census.gov/cedsci/table?y=2017&n=517919&tid=ECNSIZE2017.EC1700SIZEREVFIRM&hidePrevie w=false. 116 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. We also note that according to the U.S. Census Bureau glossary, the terms receipts and revenues are used interchangeably, see https://www.census.gov/glossary/#term_ReceiptsRevenueServices. 120 Federal Communications Commission FCC-CIRC2311-02 must also provide notice to the survivor of when it will notify the abuser of the separation. Additionally, if the covered provider rejects a line separation request for any reason other than operational or technical infeasibility, the covered provider must notify the survivor within two business days through the manner of communication selected by the survivor of the rejection. This notification must also explain the basis for rejection, describe how the survivor can correct any issues with the existing request or submit a new one, and, if applicable, provide the survivor with information about alternative options, including starting a new account. 28. The new rules also require a covered provider to effectuate a line separation request regardless of whether an account lock is activated on the account. To balance the need to protect survivors with the need to protect against fraud, our rules also require that covered providers make a record of any customer other than the survivor who requests that the covered provider stop or reverse a line separation because of fraud. 29. In addition to the procedural requirements mentioned above, we require that covered providers train employees who will interact with survivors on the sensitivities surrounding such interactions. We also require that covered providers notify consumers of the availability of line separations from shared mobile service contracts on its website, in physical stores, and in other forms of public-facing consumer communication. Our rules detail the specific information that must be included by covered providers and we require that this notice be in any language in which the covered provider currently advertises. 30. Our rules also implement the SCA’s statutory requirements that covered providers take certain actions with regard to financial responsibilities and account billing following completed line separations. Specifically, unless otherwise ordered by a court, when survivors separate their lines and the lines of individuals in their care from a shared mobile service contract, a covered provider must ensure that the financial responsibilities, including monthly service costs, for the transferred numbers are assumed by the survivor beginning on the date on which the covered provider transfers the billing responsibilities for and use of the transferred numbers to those survivors. We also require covered providers to ensure that any previously-accrued arrears on an account following a line separation stay with the person who was the primary account holder prior to the line separation. 31. The rules we adopt relating to protecting the privacy of calls and text messages to domestic abuse hotlines require all covered providers, wireline providers of voice service, fixed wireless providers of voice service, and fixed satellite providers of voice service to omit from consumer-facing logs of calls and text messages any records of calls or text messages to covered hotlines in the central database that we establish. These service providers must maintain internal records of these omitted calls and text messages. In addition, these providers are responsible for downloading the initial database file and subsequent updates to the database file from the central database that we establish. Updates must be downloaded and implemented by covered providers, wireline providers of voice service, fixed wireless providers of voice service, and fixed satellite providers of voice service no later than 15 days after such updates are made available for download. In the Report and Order, we exempt from its rules pertaining to protecting the privacy of calls and text messages to domestic abuse hotlines service providers that do not create their own call logs but, instead, rely on their underlying facilities-based provider to create such call logs and clarifying that wholesale service providers incur such an obligation. 32. We delegate many of the details regarding establishing the central database of hotlines to the Wireline Competition Bureau (Bureau), but direct the Bureau not to fund creation and maintenance of the database through an assessment on service providers. The rules adopted in the Report and Order service providers serving the vast majority of Americans to comply with the rules 12 months after publication of the Report and Order in the Federal Register. Small service providers, defined as covered providers, wireline providers of voice service, fixed wireless providers of voice service, and fixed satellite providers of voice service that have 100,000 or fewer voice service subscriber lines (counting the total of all business and residential fixed subscriber lines and mobile phones and aggregated over all of the 121 Federal Communications Commission FCC-CIRC2311-02 provider's affiliates), are provided additional time an additional six months to comply (18 months). We provide two important caveats to aid the ability of service providers to comply with these deadlines. First, the deadline for compliance will be no earlier than eight months after the Bureau has published the database download file specification (14 months for small service providers), which should be the final detail necessary for service providers to complete design of their systems. Second, the deadline will be no earlier than two months after the Bureau announces that the database administrator has made the initial database download file available for testing (eight months for small service providers). To the extent that the date of either announcement causes the deadline to be later than 12 months after Federal Register publication (18 months for small service providers), the Bureau should announce the new deadline for implementation based on the date of the announcement. 33. The Report and Order directs the Universal Service Administrative Company (USAC) to ensure that survivors experiencing financial hardship will be able to apply for and enroll in the Lifeline program. The Report and Order also directs USAC to implement processes to transition survivors from emergency communications support at the end of the six-month emergency support period mandated by the SCA. The actions taken in the Report and Order do not place any significant new requirements on service providers that are also eligible telecommunications carriers (ETC) participating in the Lifeline program, regardless of whether ETCs are large or small businesses. The Lifeline rules already applicable to ETCs remain largely the same. We therefore expect the actions we have taken in the Report and Order achieve the goals of the SCA without placing additional costs and burdens on covered providers; however, there is not sufficient information on the record to quantify the cost of compliance for small entities, or to determine whether it will be necessary for small entities to hire professionals to comply with the adopted requirements. F. Steps Taken to Minimize the Significant Economic Impact on Small Entities, and Significant Alternatives Considered 34. The RFA requires an agency to provide, “a description of the steps the agency has taken to minimize the significant economic impact on small entities…including a statement of the factual, policy, and legal reasons for selecting the alternative adopted in the final rule and why each one of the other significant alternatives to the rule considered by the agency which affect the impact on small entities was rejected.”117 35. With regard to line separations, the Safe Connections Act directs the Commission to consider implementation timelines for small covered providers,118 and after examining the record, we declined to adopt a different implementation timeframe for small providers.119 First, while the record indicated that small covered providers may need additional time to comply with the Safe Connections Act and our rules as a whole, commenters failed to provide sufficient justification for why small covered providers would require additional time to implement the line separation provisions specifically. Second, given the critical and potentially lifesaving importance of independent communications for survivors escaping abusive circumstances, we think it self-evident that survivors who receive service from small covered providers are no less entitled to the protections made available by the Safe Connections Act than survivors who receive service from other covered providers. Third, we found that adopting inconsistent timelines for small and large providers may make it difficult for stakeholders to carry out effective messaging campaigns touting the availability of line separations. This inconsistency may confuse survivors and ultimately dissuade them from further pursuing a line separation if they are told that their current carrier does not offer the ability despite having been informed of the Safe Connections Act’s 117 5 U.S.C. § 604(a)(6). 118 See Safe Connections Act § 5(b)(1)(B)(ix). 119 See CCA Comments at 6-7 (requesting that the Commission extend the compliance deadline for 24 months, “at least for smaller carriers”). 122 Federal Communications Commission FCC-CIRC2311-02 features by a stakeholder messaging campaign. Fourth, we believe that Congress included the technical and operational infeasibility provisions to account for differences in the capabilities of providers (among other reasons), particularly between large and small providers, and to incentivize and protect providers while they work to update or develop systems and processes capable of fully effectuating the SCA’s requirements and our rules within the statutory timeframe. For these reasons, we declined to extend the implementation timeline for small entities. 36. With regard to our rules pertaining to protecting the privacy of calls and texts to hotlines, we received comments noting that smaller service providers work with limited staff and other resources, requiring it taking longer to implement changes in their systems, specifically requesting 24 months to comply with any obligations that the Commission might establish. 120 As part of the directive under the Safe Connections Act to consider factors reflecting implementation of such requirements on smaller providers,121 we adopted a deadline of 18 months from the date of publication of the Report and Order in the Federal Register to comply with our new rules. We found that granting smaller providers extra implementation time is appropriate, given that they may face more resource challenges than larger providers (which are given 12 months) in complying with the new rules. We found that our 18-month compliance deadline for small providers properly balances the significance of the risks faced by domestic abuse survivors, and the benefits of them being able to call hotlines and seek help without fear of the abuser accessing their call records, with the implementation challenges faced by smaller providers. We also adjusted the guaranteed periods between the two important database creation milestones and the compliance deadline for smaller service providers to compensate for the additional six months that such providers are granted to comply. Our decision to exempt from the requirements service providers that do not create their own call logs but, instead, rely on their underlying facilities-based provider to create such call logs should be of significant benefit to smaller service providers that rely on resale rather than constructing capital-intensive networks to provide service. 37. We delegated many of the details regarding establishing the central database of hotlines to the Wireline Competition Bureau (Bureau), but direct the Bureau not to fund the creation and maintenance of the database through an assessment on service providers. In designating the Lifeline program to provide emergency communications support to survivors experiencing financial hardship, the Report and Order largely places requirements on USAC, as the Lifeline program administrator, to implement the mandated requirements. Service providers that are also ETCs are still required to ensure their compliance with all Lifeline rules, but this is not a new requirement. There are limited new requirements for ETCs, large and small, but these requirements align with existing requirements for participation in the Lifeline program and merely clarify that such requirements will also apply to survivors that might enter the Lifeline program. This approach allowed the Commission to minimize any significant impact on all participating entities. G. Report to Congress 38. The Commission will send a copy of the Report and Order, including this FRFA, in a report to Congress pursuant to the Congressional Review Act.122 In addition, the Commission will send a copy of the Report and Order, including this FRFA, to the Chief Counsel for Advocacy of the SBA. A copy of the Report and Order and FRFA (or summaries thereof) will also be published in the Federal Register.123 120 Id. 121 Safe Connections Act § 5(b)(3)(B)(ii), (iii). 122 5 U.S.C. § 801(a)(1)(A). 123 See id. § 604(b). 123