"This is a simple matter of consumer privacy," Nelson said. "I feel strongly that sensitive personal information, including our cell phone records, should be protected from the eyes of strangers."
The Consumer Telephone Records Protection Act of 2006 will make it a federal offense, punishable as a felony, to obtain customer information from a telephone service provider by false pretenses or access a customer account on the Internet to obtain billing information without authorization. The bill also makes it a crime for phone company employees to sell customer information without proper authorization. The bill applies to cell, landline, and (VOIP) phone records.
The following actions will be violations of federal law under Schumer's new bill to obtain someone's phone records by:
- Making false or fraudulent statements or representations to an employee of a telephone service provider;
- Making such statements to a customer of a telephone service provider;
- Accessing a customer account on the Internet without the customer's authorization;
- Providing false documentation to a telephone service provider knowing that the document is false;
All phone records, but especially cell phone records can be of use to criminals and the information provided through a call log provides whoever is looking with a wealth of personal data. Many call rosters can reveal the names of a cell user's doctors, their public and private relationships, their business associates and more. While other personal information such as social security numbers which can be on public documents that are found by data brokers, the only warehouse of phone records is at the phone companies themselves.
Experts say that these records can be made available through three techniques. The first is having someone that works for one of the phone companies who sells the data. Though strict rules inside most of the phone companies make this practice risky, officials say that finding someone with access to the information desired is not that difficult. The second technique is "pretexting" where a data broker or the like pretends to be the owner of the phone. In doing so, they convince the cell phone company's employees to release the data to them.
Third, as more people manage their cell phone accounts online, thieves can access the accounts on the Internet. Many cell phone companies push account holders to manage their accounts online, many of them set up the online capability in advance, many customers never access their Internet accounts. If someone seeking the information can figure out how to activate the account before the real customer does, they get unfettered access to all of the call records.
Federal law is currently too narrow to include this type of crime. Pretexting for financial data is illegal, but its does not include phone records.
"We should protect your phone information and call logs the same way we protect your financial information or even medical records. Very personal information can be gleaned from our telephone records and criminals who steal this information should be punished," Schumer concluded.
On Tuesday, the Federal Communications Commission (FCC) announced it has launched an investigation into phone records data brokering practices.
