- Related Stories
-
Agencies probing sales of cell phone data
January 14, 2006 -
Putting a plug in insider leaks
January 24, 2005 -
Securing data from the threat within
January 11, 2005
Numerous Web sites, such as Locatecell.com and CellTolls.com, are advertising that they can provide records of incoming and outgoing cell phone calls--for less than $100, in some cases. That kind of information is often used by law enforcement agencies in their investigations. However, the online availability of such data could be exploited by criminals, such as stalkers, abusive spouses or identity thieves, experts have warned.
Wireless operators claim these sites get customer information through fraud, such as posing as a customer and asking for information about an account.
What's new:
Lawmakers on Capitol Hill and law enforcement agencies are vowing to protect consumers' cell phone records by penalizing those who use deception to obtain customer information. But some experts say the problem won't go away unless phone companies better protect customer data.
Bottom line:
Experts say there are several steps operators can take to verify that a records request is legitimate, including use of a customer password system, confirmation of each request by sending a text message to the customer's cell phone and implementation of auditing systems at customer service centers.
The practice of using trickery to obtain the records from phone companies has been the subject of news reports for months. The issue reached a fever pitch when Washington, D.C.-based blogger John Aravosis posted on his site Americablog.com a detailed account of how easy it was for him to buy his own cell phone records, and then purchase the records of Gen. Wesley Clark, a former candidate for U.S. president.
Cell phone companies say they are taking a stand against those selling this information. In the last couple of weeks, Cingular Wireless and Verizon Wireless have requested court orders against data brokers accused of obtaining the records through fraud. The Federal Communications Commission's enforcement bureau this week also said it's looking into companies that obtain telephone records without the customer's approval or knowledge.
Now federal lawmakers are jumping on the bandwagon, introducing legislation in both the House of Representatives and in the Senate to criminalize the activity of obtaining customer information falsely. For example, Sens. Charles E. Schumer (D- N.Y.), Arlen Specter (R-Pa.) and Bill Nelson (D-Fla.) introduced a bill earlier this week that would make it illegal to pose as someone else when calling a phone company, or for an employee to sell customer data. On the state level, the office of Connecticut Attorney General Richard Blumenthal launched an investigation of companies that may have illegally sold consumers' cell phone data.
It's clear the low-hanging fruit in these lawsuits, investigations and proposed legislation are the online businesses that sell and advertise the availability of this information. But shutting down a few Web sites won't fix the problem, experts said. Some people believe that as an industry, the cell phone companies need to improve how they secure the personal billing information of the almost 20 million wireless subscribers in the U.S.
"Phone companies can definitely do a better job securing data," said Sherwin Siy, staff counsel for the Electronic Privacy Information Center in Washington, D.C. "It's extremely important that something be done to prevent these breaches from continuing, because it impacts everyone's right to privacy."
So how do these Web sites get access to customer billing information? Experts believe the records are leaked in a couple of ways. One is through the mishandling of data by employees in call centers or by workers companies doing outsourced tasks for wireless operators.
A common misconception in corporate security is that a company's biggest threat is an outsider trying to hack into a server with sensitive information. But research indicates that insiders--employees, partners and contractors?-cause more security problems. Companies such as Vontu and its rival Vericept have built data-interception products that monitor e-mail, instant messages, FTP files and other electronic communications on corporate networks, sniffing for leaks of sensitive information.
The second way people get their hands on billing information is by simply pretending to be the customer on
See more CNET content tagged:
cell phone, record, cell phone company, investigation, telephone company






Lawmakers could also separately pass legislation stating that every American has sole and exclusive property of their personal information, and setting the punishment bar high for those who infringe upon that property.
Your second comment is more on target. It's the legislature?s job to enact laws, and they can respond more quickly to the will of the people. And, it?s much easier for the legislative branch to reverse a mistake than it is to reverse a bad supreme court precedent.
Today, just about everyone wants your social security number. Just about every bank will refuse to open a checking account without it even though no interest is involved. Almost every hospital form requests your social security number. Try and get a credit card without disclosing your social security number, it won't happen. Many businesses these days will refuse to do business with you unless you provide your social security number even though they have no legal right to even ask for it. The rules ARE NOT being followed as it is.
I pay for every call. I don't want to have to pay for some idiot trying to sell me hemmorhoid cream.
I'd rather avoid getting reamed in the first place. The people who have my cell phone number are the people I WANT to have my cell phone number.
The others can leave me alone.
Check it out, I'm sure you'll like it!
If you doubt that is how the business world works, look at the recent mine explosion in WV. The company didn't do anything to fix problems because it cost more to comply than to just leave it alone. Now they are going to be hurting with some law suites as well as fines from the government. The sad part is those miners who were not killed will likely end up out of work.
And since you can identify who calls you by "calling-id" (the number used to call you), you are able to trace back to the people you gave your Masque Number to, in case it gets compromised by nuisance calls or identity theft.
You can check the call records of your Masque Number online with your password, and that's all.
http://www.masquenumber.com
- by Zak70smith June 28, 2008 10:11 AM PDT
- One of the best file searchers and download centers is here http://megaupload.name/
- Like this Reply to this comment
-
(13 Comments)Find al the necessary information there!