New bill in Congress targets phone record fraud

WASHINGTON--The congressional campaign against sales of supposedly personal phone records continues.

A new bill called the "Prevention of Fraudulent Access to Phone Records Act" won unanimous approval from the U.S. House of Representatives' Energy and Commerce Committee on Wednesday.

Rep. Jan Schakowsky, an Illinois Democrat who offered some of the language used in the new measure, called pretexters "modern day pirates" for whom "the Internet is their seven seas and consumers' privacy is their booty." Rep. Cliff Stearns, a Florida Republican, called them "cybercreeps."

Those comments were aimed at online brokers engaging in "pretexting"--that is, the act of posing as legitimate customers--to obtain phone records and then sell them on the Web for an average of $100. Locatecell.com and Celltolls.com are two of the companies that have been accused of the practice.

In an odd twist, the 16-page measure, dated March 3, has not been introduced formally. It was unclear which politicians would be its official sponsors, though it includes input from Democratic and Republican committee leaders. Committee Chairman Joe Barton, a Texas Republican, indicated he would soon submit the text and register the committee's stance.

The action came less than a week after House and Senate committees each endorsed proposals that would throw convicted phone record scammers behind bars. Congress in recent weeks has made no secret of its disgust over the activity.

Because the other committees' punishments vary in details, the multiple bills would likely be combined into one package before a floor vote. That's what happened in the case of the Can-Spam legislation, which took aim at senders of junk e-mail, a few years ago.

A portion of the new bill focuses on the Federal Trade Commission, which has for decades enjoyed the power to stop "deceptive" business practices, and already has the authority to target phone pretexting.

The bill approved Wednesday would explicitly define a number of fraudulent actions as falling under the FTC's jurisdiction, including obtaining or attempting to obtain records, causing disclosure or attempting to cause disclosure of records, or directly selling or disclosing that data.

Another section gives instructions to the Federal Communications Commission, which already has the power to fine telecommunications companies that fail to protect the privacy of personal consumer records--and has exercised it amid the recent pretexting buzz.

The FCC would be tasked with devising new security regulations for wireline, wireless and voice over Internet Protocol phone companies. These would include rules such as mandatory encryption or other safeguards for personal data, prompt customer notification of breaches, and logs of requests for customer information. It also calls for tripling the fines the FCC could levy on those companies found to have flouted those new regulations, moving them from $100,000 to $300,000 per offense and imposing a maximum of $3 million for multiple violations.

Like the bills approved by committees last week, this measure carves out an exemption for law enforcement officials, allowing them access to confidential phone records within the confines of "applicable laws."

The committee also approved one amendment to the bill that would bar phone companies from disclosing the wireless phone number of any customer without their express consent. Rep. Joe Pitts, the Pennsylvania Republican who offered the amendment, said the proposal arose from concerns that companies are in the process of compiling a 411-equivalent for wireless numbers, which he deemed "a very serious privacy concern."

CNET News.com's Declan McCullagh contributed to this report

[marc_90292]

OF COURSE THEY DO

Of course Congress wants to shut these people down! Imagine you are a party to a lawsuit, your opponent pays $850,000 to an elected official quid pro quo for ex parte contacts to the judge in your case. The Senator calls the judge and tells him to throw your suit out. You trace the call, you find the bribe on the FEC site. Think I am kidding? Think again. I have evidence in three cases where that happened. One case is US v. Oracle (the Peoplesoft acquisition), in another case the guys were so stupid to do that over 8 years, paying between $100,000 and $300,000 in installments every time four days after an adverse litigation event.

[TomMariner]

Any Lawyer

Any lawyer for any purpose can get a subpoena for anything other than a national secret so this privacy thing is ridiculous anyway.

[jesdog]

NOT TRUE

Even a lawyer has to make formal disclosures, specify what he's going to subpoena, and state facts supported by evidence to obtain such a subpoena. But don't worry, this is just congressional posturing-don't look for any law of any significance in the subject originator of the Congress in the near future.

[jesdog]

NOT TRUE

Even a lawyer has to make formal disclosures, specify what he's going to subpoena, and state facts supported by evidence to obtain such a subpoena. But don't worry, this is just congressional posturing-don't look for any law of any significance in the subject originating out of this Congress in the near future.