No New Regulation Expected to Address Subscriber Privacy
Chmn. Martin indicated the FCC Enforcement Bureau is investigating “availability and sale” of telephone records (CD Jan 18 p11) with an eye on how Internet-based firms that sell obtain it from phone companies. Rather than bring carriers under more rules, Martin appears inclined to push enforcement of rules already approved by the Commission, sources said Wed.
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
Last summer the Electronic Privacy Information Center (EPIC), which has been publicizing the issue, asked the FCC to enhance security and authentication regulations so wireless carriers come under stiffer requirements to protect customer data (CD Jan 17 p5). Instead, Martin seems to tilt toward acting with the rules as they stand, we're told.
“To a large extent it’s just ensuring compliance with existing regulations, getting the carriers to show the good stuff they're doing,” said one regulatory source: “There is generally a feeling a lot of the carriers are taking steps to safeguard the information but there are still people getting the information.” The FCC is probing the process by which the information is obtained. “It’s clear right now data is not safeguarded,” the source said. “The question is, how can we work with [wireless carriers] to make sure this doesn’t happen.”
A 2nd regulatory source said Martin likely feels pressed to act on the issue, given its high profile and lack of strong effort so far by state attorneys gen. “There will be an investigation and something will be done,” the source predicted. “There will be an argument as to how effective it is.”
A bill that would stop the sale of cellphone call logs was introduced Wed. by Sens. Schumer (D-N.Y.), Nelson (D-Fla.) and Specter (R-Pa.). The bill would make it illegal to obtain another person’s confidential phone records or to sell another person’s confidential records. For each occurrence, the person found guilty can be fined up to $250,000 and/or imprisoned for up to 5 years. The penalties can be doubled for “aggravated cases,” according to a summary of the bill. “Stealing someone’s private phone records is absolutely a criminal act and the fact that it can’t be prosecuted as one has got to change,” Schumer said. “Stealing a person’s phone log can lead to serious personal, financial and safety issues for just about any American.”
A companion bill in the House sponsored by Reps. Inslee (D-Wash.) and Blackburn (R-Tenn.) is expected to be introduced when the House reconvenes Jan. 31. Meanwhile, the Senate Commerce Committee announced Wed. that it plans to hold a hearing to examine potential legislation solutions to the problem, and to “assess the proper roles of the FCC and FTC,” according to a statement. Phone records are protected and there will be severe penalties for invading privacy, Stevens said.
Noting Cingular’s aggressive stand on guarding subscriber records, sources said the Commission wants other carriers to follow suit, sources said. Cingular recently got a temporary restraining order from a federal court in Atlanta against 2 companies -- Data Find Solutions and 1st Source Information Specialists - alleging the companies unlawfully obtained and disseminated customer records.
Cellphone records’ ready availability via Internet sites has drawn national attention in recent days. In a report, AMERICAblog said it bought 3 days’ worth of cellphone records for calls made by former Supreme Allied Commander of NATO Gen. Wesley Clark for $89.95 from website CellTolls.
The FCC “is very concerned about the availability and sale of such records, and is looking into the troublesome practices described in recent media reports,” Martin wrote in a letter to Rep. Markey (D-Mass.). He said if the FCC finds the data came from phone companies it will “take strong enforcement action to address noncompliance by carriers with their obligations to protect consumer proprietary information under the Communications Act and the Commission’s existing rules.”
The FTC also might be investigating. Writing to Markey, Chmn. Deborah Majoras said she couldn’t “discuss publicly any specific investigations” by FTC staff. But in the past the FTC has moved against firms “that offer to procure and sell sensitive consumer information to third parties,” she added.
Authority to pursue firms selling phone records could be limited. The Gramm-Leach-Bliley Act (GLBA) bars obtaining customer data from a financial institution via “fictitious or fraudulent statements,” she said. “Pretexting,” in which a party impersonates a consumer to a firm holding that person’s information to obtain the information by deceit, is a GLBA violation. The FTC brought “several” court actions against pretexting outfits after reviewing 1,000 plus websites that offer consumer financial account information, Majoras said. Commission staff are working with their FCC counterparts “to share information and coordinate strategies” on phone records, she added. But Majoras didn’t bring up any other regulatory device the agency could use against phone- record sellers that didn’t involve deception to acquire records.