Nowadays, VoIP providers should be careful to comply with all the regulations. VoIP service is no longer an unregulated undertaking. Gone are the days when the Federal Communications Commission (FCC) had no right to regulate VoIP services because they are informative services. Thus, VoIP did not fall under FCC jurisdiction. However, two major concerns arise with regulated service: Security - low level of security, particularly in terms of terrorism Taxation - since VoIP providers are not subject to the same tax rules, thus unfair market conditions are created Under these circumstances, regulations were required to give solutions to these concerns. Thus, the FCC implemented regulations for VoIP providers. Now, the VoIP providers who fall under the definition of “Interconnected VoIP service” should register with the FCC, contribute FCC’s Universal Service Fund (USF), comply with E911, HIPAA, and other regulations. Bottom line, interconnected VoIP service is not an unregulated service anymore. Let’s understand what legal hoops you need to jump through to become a VoIP provider. Here are the most common regulations with which VoIP providers should comply. Note that there are other regulations, too. Read them thoroughly on the FCC official page.
FCC RegistrationInterconnected VoIP providers must file an FCC Form 499-A registration with the Universal Service Administrative Company (USAC). This form registers the company with the FCC and USAC as a U.C. domestic services provider. With this registration your company will also be able to automatically connect with the USF contribution system. Also, your company should list an agent for service of process in the District of Columbia and list the states where you will provide VoIP services.
Customer Proprietary Network InformationThe Customer Proprietary Network Information is the information that you will gather about your subscribers and customers. It is mainly about what type of service they use and the amount of their usage. For example, you can track when your customers use their phone and how often they do. You must keep this information private in case the customer opts out from sharing their data with third parties. If the customer does not, then you can pass the information to other marketers. However, you should notify your customers when you pass their information to others.
Children's Online Privacy Protection Act (COPPA)The Children’s Online Privacy Protection Act of 1998 forbids marketing to children and collecting or sharing their private information without consulting their parents. The personal information can be name, IP address, username, social security number, and photos. You should not encourage children to provide that kind of information in case they register. In case any information about a child is to be passed to a third party, the child’s guardian should be aware to easily protect that information. You can prohibit children under 18 to use your service, if your business allows that.
Health Insurance Portability and Accountability Act (HIPAA)The Health Insurance Portability and Accountability Act deals with the rules for electronic health care transaction. Simply put, you must keep private your customers' Private Health Information (PII) that is stored indigital forms on your servers. Sharing this kind of information will be illegal and considered a crime. This kind of information can only be shared if your customer allows you to do so or with a judge’s orders.
Tepephone Consumer Protection Act / National Do Not Call RegistryNational Do Not Call Registry was officially established by the Federal Trade Commission as a part of the Do-Not-Call Implementation Act of 2003. The Telephone Consumer Protection Act limits companiess to use robocalls, automatic dialers, and other methods of communicaion. If your customers want you to stop calling them you must stop, otherwise you will be subject to fines.
Personal Dara Privacy and Security ActThe Personal Data Privacy and Security Act uses penalties to identity theft and computer hacking. As a rule, VoIP companies are dealing with a huge number of Personally Identifiable Information (PII) in electronic or digital form. So, it would be a great advantage that your VoIP company complies with this requirement. This will increase credibility among your customers.
VoIP E911Interconnected VoIP providers are required to provide 911 or E911 service according to FCC regulations. The NET 911 act is required to provide capability of E911 service to VoIP vendor. Thus, for ensuring this service you’ll need to cooperate with your Internet service provider, incumbent local exchange carriers, states, localities, Public Safety Answering Points (PSAPs), and other third party commercial providers who are responsible to route E911 calls to PSAP. With this regulation, you must implement the following functions:
- Transmit all 911 calls to PSAP
- Transmit a callback number for each 911 caller to the PSAP
- Transmit the caller’s “Registered Location” to the PSAP