◆ SpookStack

A mandatory destruction requirement is the wrong approach for two reasons. First, because not all records would be immediately destroyed, efforts are better focused on proper security for the records while they are maintained. Second, and more importantly, the inability to produce records in response to lawful authority would have a significant negative impact on national security and public safety. Accordingly, the Departments urge the Commission to focus on security measures to protect all CPNI against unauthorized access rather than a rule that would also preclude lawfully authorized access. As the Commission recognized when it explicitly asked about the impact of EPIC’s records desiniction proposal on other concerns, CPNI has other valid uses, such as fraud prevention and the protection of a carrier's own network.'® Another legally authorized use is to investigate crime and protect national security and public safety. The Departments seek lawful access to CPNI in connection with investigations of all kinds — from child pornography to illegal drug trafficking, counter-intelligence, espionage, and more. In fact, as the FBI fas previously advised the Commission, lawfully-obtained CPNI is used in virtually every federal, state, and local investigation of consequence.'' Such CPNI ts critically important not only in solving crimes but also in preventing crimes + . 3 . * . . . and even saving lives.'? As discussed below, the same is true in the national security and "° The Departments submit that, beyond any retention period required by law, carriers should be free to retain voluntarily CPNI for other legal and appropriate purposes, such as protecting their networks and mitigating fraud. nN See Comments of the Federal Bureau of Investigation, in re fmplementation of the Telecommmunications Act of 1996; Telecommunications Carriers Use of Customer Proprietary Network Information and Other Customer Information, CC Docket No. 96- 115 (filed Jul. 9, }997) at S. "2 Id.