FCC adopts new phone privacy rules

[David Farber <dave () farber net>]

Begin forwarded message:

From: Richard Forno <rforno () infowarrior org>
Date: April 2, 2007 10:19:37 PM EDT
To: Blaster <rforno () infowarrior org>
Cc: Dave Farber <dave () farber net>
Subject: FCC adopts new phone privacy rules


http://www.theolympian.com/131/story/75518.html

FCC adopts new phone privacy rules

JOHN DUNBAR
Associated Press Writer

You'll have to provide a password if you want to get your account
information from your telephone company under new privacy rules approved
Monday by the Federal Communications Commission.

The rules were created to safeguard against pretexting, the practice of
impersonating a phone customer to gain access to his phone records.

Pretexting entered the national vocabulary last year when executives  
of the
Hewlett-Packard Co. were charged with hiring private detectives who  
used the
technique to investigate board members.

FCC Chairman Kevin Martin said in a written statement that the new order
"takes a strong approach to protecting consumer privacy."

In addition to the password protection, the rules also require  
carriers to
ask for customers' permission when sharing private account  
information with
business partners and independent contractors.

Phone companies have contended that such an "opt-in" requirement  
violates
their First Amendment right to communicate with customers - a  
position that
was backed by a federal court in 1999.

The new safeguards also require that consumers be notified  
immediately when
there are changes made to their passwords, addresses or online accounts.

The FCC has been working on phone privacy rules since the issue was  
raised
by the Electronic Privacy Information Center, a nonprofit privacy rights
group, in 2005. Marc Rotenberg, executive director of the organization,
praised the agency's action.

"I think these are important rules that will help safeguard the  
privacy of
telephone customers' information," he said. "There's more work to be  
done in
this area but this is certainly an excellent first step."

The rules included one provision that Rotenberg and both Democrats on  
the
commission strongly oppose, however.

The provision requires that law enforcement agencies like the FBI and  
the
Secret Service be informed of a privacy breach before consumers are. The
delay would be seven days or perhaps indefinite, depending on the
circumstances.

"As some have described it, it is akin to not telling victims of a  
burglary
that their home has been broken into because law enforcement needs to
continue dusting for fingerprints," commented Commissioner Michael  
Copps.

In filings, the Justice Department said it needed the provision to  
keep from
tipping off investigative targets.

Earlier this year, President Bush signed a law criminalizing  
pretexting and
imposing penalties, including up to 10 years in prison. The new law  
gives
police a weapon to punish perpetrators but leaves out requirements on  
how
phone companies should protect their customers' private data. Law
enforcement agencies were explicitly exempted from that law.




-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/@now
Powered by Listbox: http://www.listbox.com