TELECOM Digest OnLine - Sorted: Government Balks at Phone Privacy Provision


Government Balks at Phone Privacy Provision


Associated Press News Wire (ap@telecom-digest.org)
Sun, 04 Feb 2007 19:24:50 -0600

[TELECOM Digest Editor's Note: Here is a second version of the same
story, on pretexting and customer privacy. The first report today
was from Reuters; this second one from Associated Press. PAT]

WASHINGTON (AP) - Federal regulators working on rules to secure the
calling records and other private information of telephone customers
are running into resistance from phone companies and law enforcement
agencies.

The rules, an effort by the Federal Communications Commission to
combat "pretexting," are circulating among the commissioners for
comment and may be voted on this month.

Pretexting is the practice of impersonating a phone customer to gain
access to his phone records. President Bush signed a law last month
criminalizing the practice and imposing penalties including up to 10
years in prison.

The issue gained prominence last year when executives of the
Hewlett-Packard Co. were charged with hiring private detectives who
used the technique to investigate board members.

The new law gives police a weapon to punish perpetrators. But it
leaves out any requirements for how phone companies should protect
their customers' private data. Cell phone bills, for example, can
reveal who a person has called and, in some cases, even the caller's
location.

The FCC chairman, Kevin Martin, told reporters recently that the new
rules will require that customers use a password to access their
account information.

While that might protect calling data, telephone companies are wary.
They fear a password requirement might upset customers.

AT&T Inc. spokesman Michael Balmoris said the company has to be
careful to balance security against customers' wishes for easy access
to their information.

The rules also are expected to require that phone companies get a
customer's permission before they can release information that may be
used for telemarketing.

Phone companies contend this requirement would violate their First
Amendment right to communicate with customers -- a position that was
backed by a federal court in 1999.

Marc Rotenberg, executive director of the Electronic Privacy
Information Center, called that court decision "probably one of the
oddest First Amendment cases in many, many years." Since that case, he
said courts have been more inclined to support privacy rules.

Phone companies say there is no evidence that information shared with
business partners falls into the wrong hands, making the proposed
requirement unnecessary.

The departments of Justice and Homeland Security have taken issue with
two other possible provisions in the emerging rules, both of which have
privacy advocates concerned.

The first would tell phone companies to destroy customer records as soon
as the records no longer are needed for legitimate business purposes.
The government wants the records preserved for possible use in criminal
investigations.

Secondly, the two departments want phone companies to notify law
enforcement officials first, before customers, when customers' private
billing information has been disclosed improperly.

In written comments to the FCC, Deputy Attorney General Paul
J. McNulty said immediately alerting customers in such cases may tip
off investigative targets and lead them to destroy evidence, change
their behavior or slip away.

He proposed that companies not tell customers for at least seven
business days after notifying the FBI or the Secret Service.

For companies, this would mean they would have to determine, without
the benefit of input from their own customers, whether an unauthorized
breach had occurred. Companies also have raised questions about how
such a notification system would work.

Consumer advocates are concerned a delay may result in more harm than
good.

Jeannine Kenney, senior policy analyst with Consumers Union, said
customers should learn immediately when someone is delving into their
personal information.

"In fact, failing to notify a customer of a breach could impede
prevention of actual harm or the commission of another crime," she
said.

On the Net:

Federal Communications Commission: http://www.fcc.gov

Copyright 2007 The Associated Press.

NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. And, discuss this and other topics in our forum at
http://telecom-digest.org/forum (or)
http://telecom-digest.org/chat/index.html

For more news and headlines, please go to:
http://telecom-digest.org/td-extra/AP.html

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Marie Skelton, USA Today: "511 Traffic Phone Lines May Raise Crash Risk"
Go to Previous message: Reuters News Wire: "Justice Department Uneasy About FCC Rules to Stop 'Pretext' Calls"
TELECOM Digest: Home Page