[Infowarrior] - FCC adopts new phone privacy rules
Richard Forno
rforno at infowarrior.org
Tue Apr 3 02:19:37 UTC 2007
http://www.theolympian.com/131/story/75518.html
FCC adopts new phone privacy rules
JOHN DUNBAR
Associated Press Writer
You'll have to provide a password if you want to get your account
information from your telephone company under new privacy rules approved
Monday by the Federal Communications Commission.
The rules were created to safeguard against pretexting, the practice of
impersonating a phone customer to gain access to his phone records.
Pretexting entered the national vocabulary last year when executives of the
Hewlett-Packard Co. were charged with hiring private detectives who used the
technique to investigate board members.
FCC Chairman Kevin Martin said in a written statement that the new order
"takes a strong approach to protecting consumer privacy."
In addition to the password protection, the rules also require carriers to
ask for customers' permission when sharing private account information with
business partners and independent contractors.
Phone companies have contended that such an "opt-in" requirement violates
their First Amendment right to communicate with customers - a position that
was backed by a federal court in 1999.
The new safeguards also require that consumers be notified immediately when
there are changes made to their passwords, addresses or online accounts.
The FCC has been working on phone privacy rules since the issue was raised
by the Electronic Privacy Information Center, a nonprofit privacy rights
group, in 2005. Marc Rotenberg, executive director of the organization,
praised the agency's action.
"I think these are important rules that will help safeguard the privacy of
telephone customers' information," he said. "There's more work to be done in
this area but this is certainly an excellent first step."
The rules included one provision that Rotenberg and both Democrats on the
commission strongly oppose, however.
The provision requires that law enforcement agencies like the FBI and the
Secret Service be informed of a privacy breach before consumers are. The
delay would be seven days or perhaps indefinite, depending on the
circumstances.
"As some have described it, it is akin to not telling victims of a burglary
that their home has been broken into because law enforcement needs to
continue dusting for fingerprints," commented Commissioner Michael Copps.
In filings, the Justice Department said it needed the provision to keep from
tipping off investigative targets.
Earlier this year, President Bush signed a law criminalizing pretexting and
imposing penalties, including up to 10 years in prison. The new law gives
police a weapon to punish perpetrators but leaves out requirements on how
phone companies should protect their customers' private data. Law
enforcement agencies were explicitly exempted from that law.
More information about the Infowarrior
mailing list