RealTime IT News

FCC Questions AT&T Role in HP Scandal

The Federal Communications Commission (FCC) is launching a formal investigation into AT&T's role in disclosing the personal telephone records of HP board members and selected journalists to HP private investigators.

The FCC sent what the agency calls a Letter of Inquiry (LOI) to AT&T late last week seeking information about the company's role in the scandal embroiling the HP board of directors, sources familiar with the situation told internetnews.com.

The sources also said the high profile HP case may prompt the FCC to take some action on a Notice of Proposed Rule Making (NPRM) launched in February over telephone company efforts to protect proprietary customer information.

The FCC currently has open meetings scheduled for Sept. 26 and Oct. 12.

AT&T and the FCC Monday refused to either confirm or deny the LOI. Both parties cited policies of not commenting on ongoing investigations.

"It's straight forward questions about the incident," one source familiar with the inquiry said. Another source noted the FCC has sent "numerous" LOIs to telephone companies since beginning the February NPRM.

As part of an investigation into media leaks by the HP board, the company admits its private investigators used a technique known as pretexting to snoop on records of directors' private telephone calls to journalists.

Pretexters fool telephone company representatives into revealing a customer's personal data by using bits and pieces of known information about the customer.

HP admits its private investigators used pretexting to obtain the calling records of its board members and the journalists.

While federal law requires telephone companies protect the calling records of their customers, a cottage industry in data brokering is blossoming on the Internet. The telephone companies maintain data brokers are obtaining the information through pretexting.

"AT&T is committed to both protecting the privacy of our customers and to weeding out those who fraudulently obtain access to customer information," AT&T said in an e-mail to internetnews.com Monday. "We are working closely with all law enforcement officials to bring these data thieves to account."

On a separate legal front, California law enforcement officials are asking ISP Cox Communications to disclose documents that could help the state learn the identity of those who accessed the phone records of the HP board members and the journalists.

"We believe a crime has been committed," Tom Dresslar, spokesman for California Attorney General Bill Lockyer, said Friday.

An AT&T spokesman stressed Monday the company is aggressively moving on its own to stop pretexters.

Last week, AT&T filed a lawsuit in the U.S. District Court for the Northern District of California targeting alleged pretexters who have accessed AT&T customer information without authorization from either AT&T or the customer.

Last month, AT&T won approval from a Texas court for expedited authority to issue "John Doe" subpoenas.

AT&T hopes the new John Doe legal tactics will aid the company in seeking the identities from ISPs of pretexters who gained access to approximately 2,500 AT&T customers.

"We will use every means available to vigorously pursue these individuals who, through fraud, have attempted to obtain unauthorized access to customer information," Priscilla Hill-Ardoin, chief privacy officer for AT&T, said in a statement.