I don’t know how this ‘service’ can legally exist:
Anyone can buy a list of your incoming and outgoing phone calls, cell or land-line, for $110 online by John in DC – 1/07/2006 03:21:00 PM
And the best part? Congress and the Executive branch have known about this problem for half a year or more and no one did a damn thing to fix it.
In a nutshell, the Chicago Sun-Times ran a story two days ago about a Web site that sells phone records, for cells and land-lines, for $110 a pop. The company boasts on its own Web site:
Give us the cell phone number and we will send you the calls made from the cell phone number.
So I went to their site, plopped down $110, and within a day I had a list of every single phone number that called my cell, or that I called from my cell, for the month of November. I even had the dates the calls were made, and for a premium I could find out how long the calls were.
I called Cingular and they were shocked by what I told them – yeah right.
And the best part? The article from the Sun-Times makes clear that the FBI is aware of this problem, the Chicago Police Department, one of the top two electronic privacy groups in the nation (EPIC), and even the office of Democratic Senator Chuck Schumer (D-NY). EPIC apparently has known about this problem for a long time, and Schumer didn’t seem very surprised either.
Good on John Aravosis for checking it out, and now this needs to be discussed widely until something is done about it. This needs to be stopped.
(h/t Kos)
ppGaz
According to the story I read yesterday and am too lazy today to find for you, the “services” here gained these lists by a pratice known as “pretexting” …. contacting the cel provider and asking for the information under the pretext of straightening out a billing error or something of that nature.
In other words, they are getting the lists by a practice of deception. To me, that means that it’s stoppable by simply tightening the security around customer contacts. Being more careful to be sure that they are talking to to the actual customer or his representative, in other words.
docG
In our post-industrial society, information is seen as the coin of the realm, not products. Information is the primary thing we produce, not manufactured, tangible goods. A significant portion of American workers are in the business of creating/trading information. This commerce will not be restricted in any meaningful way.
Matt
It’s actually probably not occuring through customer service channels. Those’re fairly secure already (though it could definitely be improved). Most likely, the security problem is in some of the back-end billing departments. I would guess there is quite a lot of information sharing between providers, and someone with the right e-mail address or letterhead could easily obtain a list of call records.
Jcricket
Wow, I’m shocked. Eliminating regulations (or failing to regulate and police to begin with) hasn’t resulted in a self-policing industry that benefits consumers with lower prices? /snark
I’m actually not kidding. This is one more example of why willy-nilly de-regulation and weakening government oversight is only good for corporations and only bad for your “average” consumer (i.e. all of us).
In an age where information is power, consumers cannot be at the mercy of info-broker companies good will and promises to “do the right thing”. The various security break-ins, quasi-legal services like this, etc. point to a clear need for thorough regulatory overhaul and increased oversight.
Unfortunately, most industries will do the absolute minimum to comply with whatever laws exist (and sometimes less). And if they figure out there’s little or no policing, they’ll do whatever it takes to maximize short-term corporate profits, consumers be damned.
Jcricket
Keep reading Americablog. The carriers basically don’t care (they don’t want to spend money fixing the problem unless there’s an actual hit to their bottom line (i.e. a big fine). Oh, and Republicans are trying to overturn laws that require consumers get notification when their information has been exposed.
Exactly who do Republicans in Congress work for?
ppGaz
Wow, excellent point. Once again, crummy government has consequences.
Arrgghh……
jg
This must also be stopped.
http://www.azcentral.com/news/articles/0108B-repwatcha08.html
Once-ler
In this case, couldn’t you stop this by prosecuting them for fraud? Isn’t this already a crime?
Pb
And when they say ‘anyone’, they aren’t kidding:
I’ll say one thing for them, they sure are speedy. I hear FOIA requests are much slower and more unreliable. Must be all that government bureaucracy that stands in the way, checking and rechecking with their outmoded concepts of ‘classified information’ and ‘national security’ and ‘privacy’… Go free market blah blah blah…
Jcricket
What was that joke again… A Republican is someone who campaigns on the premise that government is the problem. And then when elected, goes on to prove it.
Randolph Fritz
The first reason is that the telecommon industry makes money from “legitimate” analysis of this data. The second reason is that all the switching gear has backdoors in it, to allow for government traffic analysis. The third reason is the continuing reduction of regulatory oversight of telecomm.
In Western Europe, keeping such records is illegal; what the Nazis did with them is remembered.
Psyberian
Interesting post and I especially like your comments Jcricket.
Also, don’t let the republicans argue that they don’t worry about it since they’re not doing anything wrong. That is beside the point, since our phone call log is literally none of their business.” Fascists.
Zifnab
But… but… this is America. Not Iran or China or Nazi Germany. Since America, therefore no civil rights violations. Any dissent would be unpatriotic.
AkaDad
“The Republicans are the party that says government doesn’t work and then gets elected and proves it.”
O’Rourke, P.J. (1989), Holidays in hell.
Pooh
Damnit, beat me to it Aka…
Perry Como
Why would you care unless you have something to hide?
The Other Steve
Exactly!
Every day people need to have access to this information, otherwise how are we going to stop terrorists!?
Tulkinghorn
My divorce clients would love this.
“Get the bastard!!”
I sure hope they don’t hear about it, because I have to deal with enough craziness as it is. FWIW, wouldn’t the DOJ need to get a (gasp) warrant to get this information?
Richard Bottoms
What and stand in the way of the Liberterian philosophy and selling anything the public will buy?
The Other Steve
It should be noted…
We can’t do something about this because Congress is owned by the telecom lobbyists.
Shygetz
That is the Propertarian philosophy–Libertarians and Propertarians split some time ago, but they forgot to let everyone else know.
Shygetz
Automated speen monitors on a freeway? Blech! Why are there laws that the majority of people break on a regular basis?
demimondian
Tulk — that’s the first thing I thought, too. (Well, actually, what I thought was “Oh, my Lord, this is a gold mine for tracking people,” but it comes to the same thing in the end.) I’m not sure that the DOJ would actually need a warrant — I know Al Maviva has read up on this, and the situation is far more complicated than I’d ever thought. Either way, though, this is clearly in violation of the Electronic Communications Privacy Act of 1986, even for a private citizen.
Pb
Shygetz,
I guess there are two ways to take that. One, why are there laws like that in the first place? And two, why must people break them? I think I generally prefer the first interpretation.
But really, add it to the list of similar imponderables. Like, why don’t the “court costs” in a ticket only go to paying, um, the actual court costs? Or, why is the speed limit set to 45 on the spiffy new thoroughfare with the speed trap on it, but 55 on the rickety old road it connects to? Or, why does the government set itself up to profit from allegedly illegal, immoral, unhealthy, or unsafe behavior in the first place, thus giving it a vested interest in not eliminating (or perhaps even encouraging) such behavior, so as not to eliminate its revenue stream…
HH
The original Sun-Times article linked at Drudge…
Jcricket
Given that telecom companies, securities firms and energy trading companies seem to be incapable of operating within the law, we obviously need to loosen the laws. They’re too tight. These are all simply cases of good, non-law-abiding corporations caught up in a Legal Smear campaign
I think the President is thinking along the same lines lately. I wonder if “I had my fingers crossed at the time” will be the new “Depends on what the meaning of the word is, is”.
Al Maviva
I’m of the opinion that private sector data mining is far more intrusive and potentially damaging than anything the government has been doing. Anybody here ever receive highly targeted marketing – like ads for sales on diapers that just happen to be the size their toddler is in? That’s because supermarkets track your purchases through those savings cards and/or your credit/debit cards, clever marketers match up that data with advertising, and build a profile of your consumer habits.
The other great threat comes from data aggregators that produce a dossier on you using sometimes upwards of a hundred commercial and public records sources. Potential employers, mortgage companies, etc. then make decisions based on the dossier. The problem is the data is often flawed (Florida felon purge, anybody?) and there is no recourse, since “nobody owns the data.” If you can manage to track down the source of the erroneous record, and get them to correct it, and then get them to correct it with the aggregator, you are not only diligent but lucky too. What is probably needed is a strong statutory data integrity/safeguarding/recourse protection along the lines of Germany’s Datenschutz law. What probably prevents this is the extent to which corporate interests control both parties’ handling of lower profile regulatory matters, and that the corporate interests (whether they are aggregators, producers of retail products, or financial institutions) don’t mind losing out on a customer here and there so long as they have greater surety (and can sell more goods) to customers who pass muster. That, and the fact that data aggregation is generally unobtrusive, so many people probably don’t mind data aggregators, as long as their activities lead to more offers of better consumer goods, and the aggregated data doesn’t get in the way of buying a house or getting a job.
ppGaz
The annoyance and harm that invasion by private data aggregators is not to be dismissed. It’s major. But it is not even in the same league with the power of government to invade your life and fuck you over.
The main thing that private and government intrusion have in common is that your privacy is singular. You either have it or you don’t. But shrugging at either one of these threats in favor of paying attention to the other is just a gross misunderstanding of the problems.
Skip
I shelled out the $110 for John’s phone call list. Fascinating. On a daily basis there is a pattern: one to Armstrong Williams, two to Ben Stein, three to Peggy Noonan, four to James Dobsoni, five to Kate Moss, six to Dick Morris, seven to someone named Jeff Gannon.
But what do all the 1-900 calls mean?
mark
I don’t know much law, but when Tony Soprano makes an important call he drives to a pay phone to use a land line because the government considers a cell call to be public speech the same as having a conversation in a crowded elevator. Therefore, there is no privacy in cell phoning.
Could someone whose knowledge of this area comes from a more sophisticated source than cable comment?
aw
The republicans will love this until their calls to the girlfriends are published.
Skip
“The republicans will love this until their calls to the girlfriends are published.”
Along with their phone numbers, from Henry Hyde and Bob Livingston’s little black book.
Don
I call ho-hum on this. Yeah, it’s horrid but it’s not at all a surprise. The only people with the real power to stop this – the cell companies – have little motivation to stop it from happening. I have come to agree with Bruce Schneier that the solution is to make the holders of the data liable for its release. Until the point where they feel it in their wallets why would they accept the additional expense of hardening themselves to social engineering?