FEATURE
Your Cell Records are for Sale
The calling details of our personal telephone records are for sale, and they are available to anyone willing to pay to know who we’ve been talking to, when, and for how long. There are no effective laws to prevent the sale of personal telephone records.
Websites hawk our records
In August 2005, the Electronic Privacy Information Center (EPIC), a public interest research center, reported having identified a staggering 40 websites offering to sell anyone our personal telephone calling records and other confidential information. Many of these insidious companies refer to themselves as data brokers, but in fact, they are data poachers, and they have been encroaching on our private lives.
Among the various offers publicized on the web pages of these brokers were the following: "Former United States Federal Agents"; investigations are conducted by "third-party independent search experts" and "[our company] does not know how they do the research or what databases they access"; "This search will enable you to trace a cell phone number back to the owner's name and address listed on his/her billing statement. By providing us with a cellular telephone number we can run this number through a large national database used by law enforcement, and government agencies to bring back current information about the owner. A detective at our firm will research your order and send the results to your email address after your order is placed. Results available within 1-10 days sent to your email address."
Is this lawful?
Telephone services are regulated at both the federal and state level. Congress and the Federal Communications Commission (FCC) establish federal law, and the California Public Utilities Commission (PUC) and the state legislature establish California state regulations provided they are not in conflict with federal law.
In 1996, Congress passed the Telecommunications Act. Included in the Act is a clear and concise definition of what is currently a crucial term, Consumer Proprietary Network Information (CPNI). According to FCC regulations, the sale of Consumer Proprietary Network Information is illegal. CPNI includes all information pertaining to when a customer places a call, the person whom the customer calls, the location from which the call is placed, and the telephone service offerings to which the customer subscribes. The Act further states that no such proprietary (privileged) information shall be used by the carrier for marketing purposes unless the subscriber provides preauthorization of such use.
In addition, the California Public Utilities Code, Section 2891, states that no telephone company is allowed to provide a residential subscriber's personal calling information (as described above) to another person or company without first obtaining the subscriber’s permission in writing. "Residential subscriber" is a term the PUC uses to describe traditional wire phone lines used by consumers other than businesses. The PUC privacy regulations do not cover cellular phone lines or business customers.
Most websites that sell telephone records obtain them by impersonating the telephone customers whose information they request, or by impersonating a phone company employee or law enforcement officer. "Pretexters" (impersonators) contact the subscribers' phone company and ask to have information sent to them via email, fax or mailing address (none of which are actually listed on their account).
Phone companies too often comply with a pretexter's request without independently verifying the identity of the individual inquiring about calling records.
EPIC reports that existing federal CPNI regulations are tailored to protect against telephone companies' marketing of their subscribers' personal/financial information. Existing privacy laws do not specifically make reference to prohibitions against third parties who fraudulently obtain and market the telephone records of telephone companies' subscribers.
The findings and responses of consumer representatives
In July 2005, EPIC urged the FTC to investigate companies offering to sell phone calling records and other confidential consumer information, stating that such services cannot be provided in compliance with federal law. In late August of 2005, EPIC petitioned the FCC to develop new regulations for the protection of individual calling records. By November of 2005, telephone companies were urging the FCC to take action against companies that sell individuals' phone records. By January of 2006, the FCC publicly released a statement indicating that "swift action" must be taken to address the problem of the illegal telephone-record sales. According to the FCC enforcement bureau, efforts were being made by the bureau to determine how such companies were going about obtaining customers' phone records.
When telephone companies were asked by FCC Commissioners about the other companies with which they had shared consumer information, the telephone companies declined to answer, stating that "they consider their sharing practices proprietary information." Apparently, phone companies value their corporate privacy more than they value the private records of their customers.
Who can obtain my personal calling records?
Anyone! Criminals, stalkers, suspicious spouses, nosey neighbors, prying employers, curious friends, private investigators, your co-workers - Anyone with a few extra bucks to spend!
How easily can strangers obtain my personal calling records without my permission?
The FBI tested the system of one website by providing the personally identifying information of a FBI agent and paying a $160 fee, and, within three hours, received the agent's phone call records. The Chicago Sun-Times reportedly tested the system by providing $110 and obtained the cell phone records of a reporter.
Learn Everything You Need to Know on the Issue
Find out steps you can take to protect your phone records from the Privacy Rights Clearinghouse.
Learn what the telephone industry could do to address this problem.
Find out about current legislation seeking to address the issue.
And finally, read up on how these privacy predators obtain people's phone information.