YOU ARE AT:Archived ArticlesFCC to suggest tougher rules for call records

FCC to suggest tougher rules for call records

WASHINGTON- The Federal Communications Commission is expected to propose additional rules to protect cell-phone customer records later this month. Testifying before the House Commerce Committee, FCC Chairman Kevin Martin also asked that lawmakers strengthen laws to prohibit the commercial sale of call records.

“We are initiating a proceeding to determine what additional rules the FCC should adopt to further protect consumers’ sensitive telephone record data from unauthorized disclosure,” said Martin. “I believe that Congress could specifically make illegal the commercial availability of consumers’ phone records. Thus, if any entity is found to be selling this information for a fee, regardless of how it obtained such information, it would face liability.”

During the hearing, Martin asked that lawmakers require carriers to first get their customers’ permission before sharing customer data with affiliates and joint-venture partners. Martin’s request stems from a U.S. Court of Appeals for the 10th Circuit ruling that forced the FCC to reverse its Customer Proprietary Network Information (CPNI) rules from opt-in to opt-out. Telecom carriers rejoiced on the ruling because it allows them to more easily share customer data, which they use to promote cross-marketing and better customer relationships through service bundles. The 10th Circuit said the FCC did not have sufficient congressional authorization to require opt-in.

Meanwhile, the House Commerce Committee is warning two data brokers that if they do not sufficiently answer a letter highly critical of their practice of selling cell-phone records, they will face a subpoena either to produce the records or appear before the House Commerce oversight and investigations subcommittee.

Rep. Joe Barton (R-Texas), chairman of the House Commerce Committee, said the committee would seek answers from the data brokers. “I can only guess at the excuses that will be offered by people who profit by engaging in an obvious fraud, by invading personal privacy and by assisting in criminal behavior,” said Barton.

Letters were sent to Steven Schwartz, director of First Source Information Specialists Inc., and Patrick Baird, director of PDJ Services. Schwartz and Baird must respond by Feb. 17. The letters ask the data brokers whether their companies engage in pretexting-impersonating a customer to obtain call records.

Also, they are asked whether they have “conducted, through an examination by either in-house or outside counsel, an analysis of the legal implications and risks of acquiring and selling the personal cell-phone records and other data associated with a given cell-phone number?”

First Source was recently cited by the FCC for not adequately responding to its inquiry. At Wednesday’s hearing, Martin specifically asked that the commission be given additional powers beyond citations when a non-licensee or common carrier refuses to answer.

But going after the data brokers is only one piece of the puzzle to try to protect customer call records. Martin said at the hearing that he wants the FCC to act on the Electronic Privacy Information Center’s filing that asked the commission to implement additional rules to protect customer call records.

Wireless industry trade association CTIA opposes the EPIC petition. CTIA President Steve Largent said the wireless industry agrees with 90 percent of the EPIC’s petition, but disagrees with some of the ways in which the group hopes to solve the problem.

“We think there are some elements of the EPIC petition that go way too far that actually take us backwards. This is just a difference of opinion. We are trying to accomplish the same goal; we are just going about it differently,” said Largent.

For its part, the EPIC urged Congress to begin considering “whether the best possible solution in the long run would be to limit the collection of this information,” said Marc Rotenberg, executive director of EPIC.

The Senate Commerce consumer-affairs subcommittee is expected to examine the issue Wednesday. Kris Montieth, chief of the FCC’s Enforcement Bureau, is expected to testify, as is someone from the Federal Trade Commission.

Policy-makers at all levels have been jumping on the bandwagon of protecting cell-phone privacy after the CBS Evening News ran a story Jan. 12 on the apparent theft and sale of customer-call records.

Legislation on the issue has been introduced separately in the Senate by Sens. Charles Schumer (D.-N.Y.) and Richard Durbin (D-Ill.). There are at least two bills in the House, and Rep. Joe Barton (R-Texas), chairman of the House Commerce Committee, also plans to introduce a bill on the topic.

“These are very personal and private records of who we call, when we call and how long we spend on the telephone call. This is an invasion into our personal privacy and, if I have anything to do with it, it will not be allowed to continue for very much longer,” said Barton.

The scandal is also hot at the state level. Several state bills have been introduced and several state attorneys general are investigating the issue. Lisa Madigan, the attorney general for Illinois, urged Congress to consider dual enforcement by both the states and the federal government.

In addition to its rulemaking proceeding, the FCC also is examining carriers’ privacy certifications. Each year carriers must certify that they are protecting customer information. However, the certifications are not filed with the FCC; instead, each carrier must make it available upon request. The commission is now requiring carriers to submit their certifications. These certifications are expected to be posted on the Web.

The certifications became important after the House Commerce Committee asked the FCC for the certifications for the five largest wireless and wireline carriers. AT&T Inc.-formerly SBC Communications Inc.-and Alltel Corp. did not adequately respond to the request, the FCC said. The FCC proposed fining each company $100,000, and Martin warned that if other carriers do not file sufficient certifications, a similar fate could await them.

Proposed fines become effective in 30 days unless a settlement is reached.

ABOUT AUTHOR