Attached Accompanying Statement The following are the measures put in place by the carrier (herein referred to as the

company) to protect CPNI from pretexting The company understands that the three common types of pretexting are identity theft! selling personal data for profit without authorization by the owner or using some other method for snooping for information whose release was not authorized by the owner of the information I Pretexting "ia identify theft (#) Identify theft "ia theft of physical hardware containing CPNI $ata Guarding Measures% The company utili&es physical security such as loc's and security sur"eillance to protect physical hardware and limits physical access to authori&ed personnel #lso! certain portable hardware such as laptops ha"e security features that pro"ide additional security (() Identify theft "ia hac'ing)"irtual intrusion of systems that carry CPNI Guarding Measures% The company utili&es security software to detect and pre"ent unauthori&ed access "ia hac'ing and other "irtual methods II Pretexting "ia some other method for snooping for information whose release was not authori&ed by the owner (#) *nooping "ia social engineering) impersonation)false identification Guarding Measures% The company+s customer ser"ice personnel (the individuals most likely to be the targets of social engineering ) ha"e specific policies that they must follow to identify that they are in contact with the owner of the CPNI data prior to discussing or re"ealing CPNI (() *nooping by personnel not authori&ed to access data Guarding Measures% The company limits access of CPNI to authori&ed personnel only III Pretexting by selling CPNI for profit without authori&ation by the owner (#) *elling CPNI data by the company with other companies Guarding Measures% The company does not share CPNI data with other companies for mar'eting and profit purposes (() *haring CPNI data for profit)mar'eting purposes by the company with sister companies! subsidiaries! parent companies or ,oint "enture entities Guarding Measures% *ee page - to . for details (items / to /.)

Attached Accompanying Statement The following items (/) to (/.) are how the company guards CPNI against pretexting in the form of selling CPNI for profit or mar'eting purposes by the company to its sister companies! subsidiaries! parent companies or ,oint "enture entities but without authori&ation by the owner In the e"ent that the company was to sell or share CPNI with its affiliated entities for mar'eting or profit purposes! it would strictly abide by the following policies in compliance with 0CC rules as outlined in section 111 of the Communications #ct of /23- as amended! -4 5 * C 111 (-4 C 0 6 *% 7- 188/ to 7- 18// et se9 ) How The Company Complies with 47 C ! " S# $4 %&&'($4 %&'' et se) (/) The company does not enable use! disclosure or permit access to CPNI for any mar'eting purposes to any persons! entities parties outside of the company without the specific consent of the customer that owns the CPNI data (1) If the company wishes to share CPNI with any subsidiaries or parent companies of the company and the customer only subscribes to only / category of ser"ice offered by the company! the company will secure the consent of the customer prior to sharing that CPNI data with subsidiaries or parent companies of the company (3) In most cases! the company will go a step abo"e and try to secure the consent of the customer to share CPNI data with subsidiaries and parent companies of the company! regardless of whether customer subscribes to / or more than / type of ser"ice offered by the company (-) The company will not utili&e! disclose or permit access to CPNI data to identify or trac' customers that call competing ser"ice pro"iders (:) If the company re9uires customer consent for utili&ing! disclosing or permitting access to CPNI data! the company will obtain consent through written! oral or electronic methods (7) The company understands that carriers that rely on oral appro"al shall bear the burden of pro"ing that such appro"al has been gi"en in compliance with the Commission;s rules (4) The company has a policy in which any customer appro"als obtained for the use! disclosing or utili&ation of CPNI data will remain in effect until the customer re"o'es or limits such appro"al or disappro"al

Attached Accompanying Statement (.) 0or all <pt=<ut and <pt=In #ppro"al Processes utili&ed by the Company in which the CPNI data is used for mar'eting communications related ser"ices to that customer! the company will ma'e that customer+s data indi"idually identifiable to the customer and state the specific mar'eting purpose that CPNI would be utili&ed (2) Prior to any solicitation of the customer for appro"al! the company pro"ides notification to the customer of the customer+s rights to restrict to use of! disclosure of! and access to that customer+s CPNI (/8) The company maintains records of notification! whether oral! written or electronic! for at least one year The company pro"ides indi"idual notices to customers when soliciting appro"al to use! disclose or permit access to customer+s CPNI (//) In cases where the company re9uests CPNI release re9uests from the customer! the company includes the following in its *Consent of +otice, I *ufficient information to enable the customer to ma'e an informed decision as to whether to permit the company to use! disclose or permit access to! the customer+s CPNI II *tatement declaring that the customer has a right! and that the company has the duty! under federal law! to protect the confidentiality of CPNI III *pecific statement on that the types of information that constitute CPNI (as defined in $4 %&&') and the specific entities that will recei"e the CPNI! describing the purposes for which CPNI will be used! and inform the customer of his or her right to disappro"e those uses! and deny or withdraw access to CPNI at anytime I> *tatement ad"ising the customer of the precise steps the customer must ta'e in order to grant or deny access to CPNI! and clear statement that a denial of appro"al will not affect the pro"ision of any ser"ices to which the customer subscribes The company also pro"ides a brief statement! in clear and neutral language! describing conse9uences directly resulting from the lac' of access to CPNI The company+s notification will be comprehensible and not be misleading

Attached Accompanying Statement (//) Consent of Notice (continued from page 4...) > In cases where the company utili&es written notification! the notice will be clear! legible! sufficiently large type and be placed in an area so as to be readily apparent to a customer >I In the e"ent that the notification is to be translated into another language! then all portions of the company+s notification will be translated into that language >III The company will not include in the notification any statement attempting to encourage a customer to free&e third=party access to CPNI I? The notification will state that any appro"al! or denial of appro"al for the use of CPNI outside of the ser"ice to which the customer already subscribes from the company is "alid until the customer affirmati"ely re"o'es or limits such appro"al or denial ? The company+s solicitation for appro"al will state the customer;s CPNI rights (defined in 47 C ! " S# $4 %&&' to $4 %&'' et se) (/1) #ll of the company+s notices specific to <pt=<ut option will be pro"ided "ia electronic or written notification The company will not utili&e purely oral notification (/3) The company must wait a minimum of 38 days after gi"ing customer notice and an opportunity to opt=out before assuming customer appro"al to use! disclose! or permit access to CPNI The company may! in its discretion! pro"ide for a longer period for notification and opportunity for opt=out option The company does notify customers as to the applicable waiting period for response before appro"al is assumed The company also abides by the following as far as minimum waiting period I In cases where the company utili&es electronic notification! the Company+s waiting period begins to run from the date that the notification was mailed II In the case of notification by mail! the waiting period shall begin to run on the third day following the date that the notification was mailed (/-) The company+s opt=out mechanism will pro"ide notices to the customer e"ery two years

Attached Accompanying Statement (/:) The company+s e=mail based opt=out notices will comply with the following re9uirements in addition to the re9uirements generally applicable to notification% I The company will obtain express! "erifiable! prior appro"al from the customer to send notices "ia e=mail regarding their ser"ice in general! or CPNI in particular II The company will allow customers to reply directly to e=mails Containing CPNI notices in order to opt=out III <pt=out e=mail notices returned to the company as undeli"erable must be sent to the customer in another form before the company may consider the customer to ha"e recei"ed notice I> Carriers that use e=mail to send CPNI notices must ensure that the sub,ect line of the message clearly and accurately identifies the sub,ect matter of the e=mail > Telecommunications carriers must ma'e a"ailable to e"ery customer a method to opt=out that is of no additional cost to the customer and that is a"ailable 1- hours a day! se"en days a wee' Carriers may satisfy this re9uirement through a combination of methods! so long as all customers ha"e the ability to opt=out at no cost and are able to effectuate that choice whene"er they choose /7 In terms of the company+s <pt=in method! the company will pro"ide notification to obtain opt=in appro"al through oral! written or electronic methods! with all such methods complying with applicable items listed prior in this attachment /4 In <ne=Time 5se of CPNI! the customer recogni&es that it may use oral notices to obtain limited! one=time use of CPNI for inbound and outbound customer telephone contacts for the duration of the call! regardless of whether the company use opt=out or opt=in appro"al based on the nature of the contact @owe"er! the company will not utili&e oral consent and as such! will utili&e either written or electronic notification and consent methods

Attached Accompanying Statement /. The company will ensure that all notifications will comply with the re9uirements listed abo"e but recogni&es that under 0CC CPNI rules enable the company to omit any of the following notice pro"isions if not rele"ant to the limited use for which the company see's CPNI% I 5nder the applicable 0CC CPNI rules! The company recogni&es that it will not need to ad"ise customers that if they opted=out pre"iously! no action is needed to maintain the opt=out election II The company also recogni&es that it need not ad"ise customers that they may share CPNI with the affiliates or third parties and need not name those entities! if the limited CPNI usage will not result in use by! or disclosure to! an affiliate or third partyA III The company recogni&es that it need not disclose the means by which a customer can deny or withdraw future access to CPNI! so long as the company explains to customers that the scope of the appro"al the carrier see's is limited to one=time use I> The company recogni&es that it may omit disclosure of the precise steps a customer must ta'e in order to grant or deny access to CPNI! as long as the company clearly communicates that the customer can deny access to his CPNI for the call