Industry Resists New Laws on Phone Hacking
No new laws or regulations are needed to prevent voicemail hacking in the U.S., said telecom and cable industry associations in letters released Tuesday. Reacting last month to the News Corp. phone hacking scandal in the U.K., House Commerce Subcommittee on Manufacturing Chair Mary Bono Mack, R-Calif., sent letters to the heads of USTelecom, CEA, CTIA, NCTA and the Information Technology Industry Council (CD July 19 p6) asking if it’s necessary to adopt new practices, laws or regulations to prevent phone hacks and other privacy breaches. Bono Mack “is reviewing all of the information provided in the letters and is satisfied, at this point in time, that the phone hacking scandal appears to be limited to Great Britain,” her spokesman said Tuesday.
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
Laws and FCC rules exist to protect U.S. consumers from voicemail breaches, including last year’s Truth in Caller ID Act, ITI President Dean Garfield said in a letter dated Monday. “The government can protect consumers through enforcement of existing laws, and additional legislation would not prove to be a panacea for breaches.” NCTA and CTIA agreed in letters also dated Monday. But CTIA President Steve Largent said additional action may be needed “to ensure that would-be hackers cannot easily obtain access to ’spoofing’ software that facilitates their ability to engage in criminal activity and appears to have few legitimate uses."
"Intercepting conversations or voice mails occurring on our Nation’s wireline communications networks is considerably more difficult than the kind of nontechnical intrusions reported in the U.K. scandal,” USTelecom President Walter McCormick said in a letter dated Aug. 5. “We are aware of no reports of such unlawful interceptions occurring on the wireline networks of our member companies.” But McCormick said “there have been instances of illegal call interception reported on unprotected VoIP networks."
Wireless carriers “use a variety of methods to protect users, including technological solutions employed at both the network and device levels, and education of consumers about best practices that can be used to safeguard information,” Largent said. “Carriers recommend the use of passcodes, PINs, and application locks that are either provided by the carriers or are available in the third-party application market.” NCTA members, who offer cable VoIP, have developed “a variety of technical measures and protocols” to secure voicemail, NCTA President Michael Powell wrote. ITI member companies encourage users to secure voicemail by using secret PIN numbers and to regularly delete messages, Garfield said. Many of the phone hacking incidents in the U.K. happened several years ago, he noted. “Naturally, security has undergone huge improvements and many of ITI’s member companies have launched smartphones that have advanced security in all areas, especially voicemail."
CTIA members say “they receive either none or very few reports of phone hacking incidents and carriers do not report experiencing any sort of near-term increase in these incidents,” said Largent, citing an “informal survey.” When they are reported, “some carriers contact law enforcement and regulatory authorities directly, while others recommend that the customer do so,” he said. No NCTA member has received “any reports of confirmed or suspected phone hacking incidents,” but the companies are “diligent” in reporting security breaches to the FCC, law enforcement and customers, Powell said.
Voicemails are an unlikely place for confidential information, CTIA and ITI executives said. “Financial institutions, medical companies, and other regulated entities are subject to sector-specific privacy requirements that prohibit or discourage leaving sensitive information on voicemail,” Largent said. It’s not “common practice for valuable information such as credit card numbers, bank account numbers and social security numbers to be conveyed in voicemail messages,” Garfield said.