Non common-carrier providers of telecommunication services -- including, for example, online service providers -- are not subject to FCC regulations or federal law regarding commercial use of CPNI. Nonetheless, the industry is sensitive to consumer privacy concerns and has embarked on a program of self-regulation. In June of 1995, the Interactive Services Association issued voluntary minimum guidelines for online services wishing to disseminate online subscriber information.132 The guidelines are based on a regime of notice and opt-out. At a minimum, online service providers are called upon to clearly and actively notify subscribers of their information practices and to offer every subscriber an easy, obvious, and recognizable opportunity to have his or her name and address excluded from information made available to third parties. Several online service providers participated in the development of and have subscribed to these guidelines. In most cases, online service provider use of personal data is governed by terms of service that are, in turn, enforceable in a court of law.133
132. Available in Federal Trade Commission, supra note 32, at Appendix C.
133. See Ctr. for Democracy & Tech., CDT Privacy Demonstration (visited 3/26/97) <http://www.cdt.org/privacy/online_services/chart.html>.