The furor over online data brokers selling personal telephone data continues to roil on Capitol Hill with a House panel now demanding to know when the Federal Communications Commission (FCC) will complete its investigation.
Since August, the FCC has been dealing with a barrage of complaints that telephone carriers are not adequately protecting the personal information of subscribers, increasing consumer vulnerability to identity theft, fraud and online stalkers.
The data the brokers are selling allegedly includes numbers dialed, calls received and the location of callers. The privacy watchdog Electronic Privacy Information Center (EPIC) estimates at least 40 Web sites are selling the information.
“In the recent cases involving the online sale of telephone records the apparent ease with which such personal information has been compromised, obtained, and then sold, is shocking and unacceptable,” states a Monday letter sent to the FCC from the House Energy and Commerce Committee.
The lawmakers want to know when the FCC will rule on the August petition filed by EPIC seeking action on the issue.
“We are eager to know when the Commission will complete its review of the record and determine what actions should be taken in response to the petition,” the House letter states.
Over in the Senate, lawmakers are not waiting on the FCC.
Last week, Sen. Charles Schumer (D-N.Y.) introduced the Consumer Telephone Records Protection Act of 2006, criminalizing the practice of both stealing and selling the personal records for cell phone, landline and voice over IP Earlier this week, Moveon.org collected almost 40,000 signatures on a petition supporting Schumer’s bill. Both Verizon Wireless and T-Mobile have endorsed the legislation. “Stealing someone’s private phone records is absolutely a criminal act and the fact that it can’t be prosecuted as one has got to change,” Schumer said at a Tuesday press conference. “Stealing a person’s phone log can lead to serious personal, financial and safety issues for just about any American.” Also appearing at the press conference was former presidential candidate Gen. Wesley Clark, whose own phone records were purchased online and widely posted. “People should be able to trust that their privacy is being respected and protected by everyone from the government to our Internet and mobile phone service providers. Clearly this is not always the case,” Clark said. “Legal remedies are required to stop this.” In its FCC petition, EPIC claims telecom carriers are often duped into providing customers’ private data through a practice known as pretexting, where fraudsters pretend to have authority to access private records. EPIC also claims crooks can crack consumers’ online telephone accounts and suggests evidence exists of dishonest insiders at the carriers selling access to information. Under the Telecommunications Act of 1996, telephone carriers are obligated to protect the Consumer Proprietary Network Information (CPNI) of all customers. The CPNI is considered sensitive personal data since includes logs of calls that individuals or businesses initiate and receive on their phones. “Consumers are rightly concerned when they learn that their personal information has been compromised,” states the House letter to the FCC. “The protection of consumer privacy in an age where an increasing amount of personal information and transactions are contained in electronic form is more vital than ever.”
