Accompanying Statement to Annual CPNI Compliance Certification for SPOC, LLC

1300 S. Neil Street, Champaign, IL 61820 499 Filer ID 826868 SPOC, LLC (hereinafter Company) has established operating procedures that ensure compliance with the Federal Communications Commission regulations regarding the protection of customer proprietary network information (CPNI). As of this date, the Company has not used nor plans to use CPNI for marketing. For marketing purposes, the Company uses customer billing name and address and/or telephone number without any disaggregation or refinement based on CPNI.

1. Identification of CPNI The Company has established procedures and trained employees having access to, or occasion to use customer data, to identify what customer information is CPNI consistent with the definition of CPNI under Section 64.203(g) and Section 222(f)(1) of the Communications Act of 1934 as amended (47 U.S.C. 222(f)(1)). 2. Identification of Services Affected by CPNI Rules The Company has established procedures and trained employees to recognize the different types of telecommunications and non-telecommunications services that affect how the Company uses CPNI. 3. Identification of Permissible Uses of CPNI without Customer Authorization. The Company has established procedures and trained employees having access to, or occasion to use CPNI, to identify used of CPNI not requiring customer authorization under Section 64.2005. 4. Identification of Uses of CPNI Requiring Customer Authorization The Company has established procedures and trained employees having access to, or occasion to use CPNI, to identify uses of CPNI requiring customer authorization under Section 64.2007. 5. Customer Notification and Authorization Process The Company does not use CPNI for marketing and thus, at this time, has not provided notice to customers regarding Opt-Out. Prior to any planned use of CPNI for marketing, the Company will initiate a notification and Opt-Out process. The Company does not provide CPNI to other parties and thus has not used the Opt-In approval process. The Company has trained employees regarding prohibitions on the use of CPNI for marketing. Prior to initiation of any program for use of CPNI for marketing, the Company will train employees with a need and/or responsibility for obtaining customer authorization to use CPNI for marketing purposes and regarding the notice and approval requirements under Section 64.2008. 6. Record of Customer CPNI Approval/Non-Approval At such time as the Company may initiate use of CPNI for marketing with corresponding launch of a notification and Opt-Out process, the Company will develop and utilize a system for maintaining readily accessible records of whether and how a customer has responded to Opt-Out approval as required by Section 64.2009(a).

7. Procedures Protecting Against Disclosure of CPNI It is the Companys policy to take reasonable measures to discover and protect against attempts to gain unauthorized access to CPNI. The Company will properly authenticate a customer prior to disclosing CPNI based on customer-initiated telephone contact or online access, as described herein: a) In Person: It is the Companys policy that it may disclose CPNI to a customer who, at the Companys retail location, first presents to the Company or its agent a valid photo ID matching the customers account information. b) By Mail: Disclosure of requested CPNI to the customers add ress of record. c) By Telephone: It is the Companys policy to only disclose call detail information over the telephone, based on customer initiated telephone contact, if the customer first provides the Company with a password, as described in Section X, that is not prompted by the Company asking for readily available biographical information or account information. If the customer is able to provide call detail information to the Company during a customerinitiated call without the Companys assistance, then the Company may discuss the call detail information provided by the customer. d) Online Access: It is the Companys policy to authenticate a customer without the use of readily available biographical or account information prior to allowing the customer online access to CPNI related to a telecommunications account. Once authenticated, the customer may only obtain online access to CPNI related to a telecommunications service account through a password, as described in Section x, that is not prompted by the Company asking for readily available biographical or account information. e) Password Procedures: To establish a password, the Company will authenticate the customer without the use of readily available biographical or account information. The Company may create a back-up customer authentication method in the event of lost or forgotten passwords, but such back-up customer authentication method will not prompt the customer for readily available biographical or account information. If the customer cannot provide the correct password or correct response for the back-up customer authentication method, the customer must establish a new password as described in this paragraph. f) Notification of Account Changes: the Company will notify customers immediately whenever a password, customer response to a back-up means of authentication for lost or forgotten passwords, online account, or address of record is created or changed. This notification is not required when the customer initiates service, including the selection of a password at service initiation. This notification may be through a Company originated voicemail, text message to the telephone number of record, or by mail to the address of record, and must not reveal the changed information or be sent to the new account information. g) Business Customer Exemption: the Company may bind itself contractually to authentication regimes other than those described herein for services it provides to its business customers that have both a dedicated account representative and a contract that specifically addresses the Companys protection of CPNI.

8. Disciplinary Process The Company has in place an express disciplinary process to address any unauthorized use of CPNI where the circumstances indicate authorization is required under Section 64.2009(b). Any improper use of CPNI will result in appropriate disciplinary action in accordance with established Company disciplinary policies. Any improper use shall be treated as a serous offense, and may result in suspension or termination of employment in appropriate cases. Any Company personnel making improper use of CPNI will undergo additional training to ensure future compliance. 9. Supervisory Review Process for Outbound Marketing. Before undertaking to use CPNI for outbound marketing purposes, the Company will establish a supervisory review process to ensure compliance with Section 64.20 09(d) of the FCCs Part 64, Subpart U CPNI rules. 10. Procedures for Notifying Law Enforcement of CPNI Security Breaches The Company has adopted procedures to comply with Section 64.2011 for notifying law enforcement of CPNI security breaches and will ensure that all records of any discovered CPNI breaches are kept for a minimum of two (2) years.