The Federal Communications Commission (FCC) has issued a fine against the Internet-based data broker of cell phone and telephone subscriber call logs, 1st Source Information Specialists (LocateCell). The press release only names one company but at least 40 Web sites were listed in the EPIC petition.

The Federal Communications Commission (FCC) today found that LocateCell apparently “willfully or repeatedly” violated a Commission order by failing to provide information and documents required by a subpoena. For this failure, the Commission issued a $97,500 Notice of Apparent Liability for Forfeiture against LocateCell.

Specifically, the subpoena required LocateCell to provide information and documents relating to its website advertisement for the sale of consumers’ private telephone records and other customer proprietary network information. The company failed to fully respond to the subpoena and a subsequent Citation. Because LocateCell’s response to the subpoena remains deficient, the Commission proposed the maximum forfeiture for a continuing violation by a non-common carrier of $97,500.

The FCC Commissioners provided a recap of the history of their investigation and statements reflecting the basis for this determination. Commissioner McDowell alludes to the possibility of further fines being levied against similar companies.

LocateCell is not the only company from which the Commission has sought information. Our Enforcement Bureau has been actively investigating a number of these data brokers, many of which have
advertised the availability of records of wireless subscribers’ incoming and outgoing telephone calls, as well as certain landline toll call records, for a fee. The Bureau is also investigating the alleged failure of
carriers to certify compliance with our CPNI rules, and is vigorously pursuing non-compliant companies.
These investigations will continue, and I thank the Bureau for its work in moving these initiatives forward.

View the Webcast of the FCC meeting.

Last week, the governor of Maine signed into law LD 2038, An Act To Protect the Privacy of Cellular Telephone Customers. The law specifically bans the unauthorized acquisition and sale of subscriber cell phone records. Read the press release

The Federal Trade Commission, with assistance from the major cell phone carriers, has filed civil suits in 5 federal jurisdictions against resellers of telephone call records, seeking to bar them from this activity and to press them to deliver, to the federal government, any profits they’ve obtained.

U.S. District Court, Central District of California, Federal Trade Commission v. 77 INVESTIGATIONS, INC., and REGINALD KIMBRO:

The FTC brings this action pursuant to Section 13(b) of l9 the Federal Trade Commission Act (”FTC net’), 15 U.S.C. S 53(b), to secure permanent injunctive relief, rescission of contracts,
2211 restitution, disgorgement of ill-gotten gains, and other equitable relief against Defendants for violations of Section 23 24 II S(a) of the FTC Act, 15 U.S.C. § aS(a), in connection with surreptitiously obtaining and selling confidential customer phone records without the customer knowledge or authorization.

Read the FTC press release and all case complaints.

Anyone who buys or sells telephone subscriber information of Washington State residents can be criminally prosecuted.

The Final Bill Report provides a summary.

Summary: Creating the Crime of Unauthorized Sale or Procurement of Telephone Records.

It is a class C felony to intentionally sell, knowingly purchase, or fraudulently obtain a person’s telephone records without the person’s permission.

It is a gross misdemeanor to
knowingly receive a person’s telephone records without the person’s permission.

The legislation is entitled Prohibiting the unauthorized sale of telephone numbers.

Bestpeoplesearch operated by Intelligent eCommerce has attempted to distance itself from other cell phone telephone log resellers by posting a guide, How To Protect Your Cell Phone Records. This site is one that EPIC mentioned in its complaint to the FCC, which I wrote about in my squib on regulation. Two of the suggestions are for the account subscriber to request that the vendor remove call logs from their bill and that any telephone inquiry for information be denied, in favor of the account holder appearing in person at a company store and showing their id.

Technorati Tags: cell+phones, regulation

The U.S. Federal District Court (11th Circuit) issued a Restraining Order in Cingular Wireless LLC vs. Data Find Solutions, INC ., James Kester, 1ST Source Information Specialists INC., Kenneth W. German, Steven Schwartz, filed December 2005 (email me for a copy). Cingular’s complaint suggests that accusations from customers about Cingular’s business practices prompted the legal action, not concerns for customer’s privacy.

Cingular’s customers whose information has been obtained
wrongfully by Defendants have mistakenly accused Cingular of selling their private information to third parties, thereby harming the Company’s relationship with its customers…

In the Complaint (email me for a copy), Cingular demands repossession of the goods obtained by the defendants.

Cingular is entitled to replevin of all of its customer information in the possession of the Defendants, regardless of form or manner of storage, including without limitation Cingular’s customer information existing on Defendants’ computers and hard drives .

Among the actions listed in the Temporary Restraining Order that the defendants are enjoined from is “disposing of any confidential Cingular customer information, other than by returning it to Cingular.”

One of the methods Cingular posits 1st Source Information may have used to obtain customer account information is social engineering.

The legal underpinning for the action Cingular cited is the Federal Computer Fraud and Abuse Act, 18 U.S .C. § 1030 and the Georgia Fair Business Practices Act as the basis for its claims.

Websites identified as associated with the defendants are www (dot)locatecell (dot)com, www(dot)celltolls(dot)com, www(dot)datafind(dot)org and peoplesearchamerica(dot)com.

More on this topic: Devious Tactic Snags Phone Data

Technorati Tags: cingular, cell+phones privacy, social+engineering