Washington State
House of Representatives
Office of Program Research		 BILL
ANALYSIS
Technology, Energy & Communications Committee

HB 2102

This analysis was prepared by non-partisan legislative staff for the use of legislative members in their deliberations. This analysis is not a part of the legislation nor does it constitute a statement of legislative intent.

Brief Description: Regarding records retained by communications providers.

Sponsors: Representatives Morris and Hudgins.

Brief Summary of Bill
  • Provides that radio communications providers and voice-over-Internet-Protocol providers must allow their customers to access their customer profile data and be given an opportunity to contest, amend, or request removal of the data.

Hearing Date: 2/16/07

Staff: Kara Durbin (786-7133).

Background:

Radio communications service companies provide radio communications, radio paging, or cellular communications service to their customers. Voice-over-Internet-Protocol service companies provide voice communications over internet telephony.

The Washington Utilities and Transportation Commission does not regulate radio communications service providers or voice-over-Internet-Protocol providers.

Summary of Bill:

When a covered entity substantially upgrades or replaces their billing or records management system, the system must be capable of verifying which persons or persons have had access to customer profile data.

A customer may request release of all customer profile data pertaining to the customer, including the identity of any individual or entity, internal or external, who has had access to the requesting customer's records. The customer may request a copy of their records once per year without charge. The customer may be charged for any subsequent requests. Any customer profile data collected by a covered entity must be retained and remain accessible for at least two years.

After reviewing his or her customer profile data, a customer must be given an opportunity to:
(1) Contest the accuracy, completeness, timeliness, relevance, or dissemination of his or her customer profile data;
(2) Correct or amend the customer profile data; and
(3) Request removal or destruction of the customer profile data, unless removal or destruction would be contrary to federal or state law.

A covered entity must implement adequate security measures to protect customer profile data and customer records from unauthorized access, loss, or tampering. These security measures should be consistent with industry best standards that are commensurate with the sensitivity and amount of customer information being stored on the system.

A covered entity is defined as a radio communications service company or an internet protocol-enabled voice provider.

Appropriation: None.

Fiscal Note: Not requested.

Effective Date: The bill takes effect 90 days after adjournment of session in which bill is passed.