The House Energy and Commerce Committee took steps Wednesday to protect consumers’ privacy by unanimously approving the Prevention of Fraudulent Access to Phone Records Act. The bill will not only stop data sellers from lying to obtain individual consumers’ personal phone records, but also fine telephone companies that don’t do enough to protect this information.
“These telephone calling records, which detail some of the most intimate and sensitive aspects of our lives, are easily available to anyone with an Internet connection, a credit card and $100 to spend,” Chairman Joe Barton, R-Texas, said. “Americans are rightfully concerned that identity thieves, stalkers and unscrupulous data brokers can access such information they believed was kept private by their telephone company.”
News reports recently unveiled an emerging cottage industry based on the sale of personal phone records. For a price, nearly anyone’s phone records are for sale, including information about who is called, when calls were made and how long they last. Data brokers who sell this information impersonate customers – a practice known as “pretexting”- to obtain their personal phone data.
“Today we’re going to start the formal process of ending a unique threat to personal privacy,” Barton said. “We’re going to do it without choking off the flow of data that makes information-age Americans the happiest, healthiest and wealthiest people in the history of the world.”
The bill will ban the practice of lying to get telephone records and give the Federal Trade Commission authority to seek civil penalties against violators. The bill also adds new data safety requirements for telephone carriers and increases fines for companies that don’t do enough to protect this data. The bill increases fines to a maximum $300,000 per incident, up from $100,000, with a maximum fine of $3 million for multiple violations.
Additionally, the committee made it easier for consumers to keep their wireless numbers out of a proposed directory for cell phone numbers. Under the proposal from U.S. Reps. Joseph Pitts, R-Pa., and Edward Markey, D-Mass., a wireless carrier can’t release a customer’s number to a directory, or for any other purpose, unless the customer agrees to it.
The bill drew strong bipartisan support. Barton said he will push for quick consideration by the House.
The Prevention of Fraudulent Access to Phone Records Act will:
- Prohibit the use of pretexting to obtain personal telephone data.
- Authorize the FTC to seek civil penalties for telephone records pretexting.
- Prohibit the sale or lease of any consumer telephone data.
- Increase FCC fines on telephone companies that sell or allow personal phone data to be released. Fines for carriers, or their affiliates, increases to a maximum $300,000 per violation, up from $100,000. Multiple violations could result in a maximum fine of $3 million.
- Create more stringent standards for telephone companies that wish to share calling data with their affiliates, agents, joint venture partners and contractors.
- Customers must opt-in for telephone companies to share their detailed call records with joint venture partners and contractors. These records would include the number called, the time of call and the call’s duration. Currently, consumers must opt-out of this information sharing.
- Customers can opt-out to prevent telephone carriers from sharing general calling data with joint venture partners and contractors. This data would include non-specific information such as whether the customer calls internationally or spends more than $50 a month on phone services.
- Telephone carriers may continue to share telephone records with affiliates with opt-out approval.
- Allow an exemption for law enforcement investigations.
- Require consumers to agree before wireless carriers can release the customer’s wireless phone number, including to any directory of cell phone numbers, which carriers have proposed to create.