Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    Andy
    Guest
    Your phone records are for sale

    January 5, 2006

    BY FRANK MAIN Crime Reporter

    The Chicago Police Department is warning officers their cell phone
    records are available to anyone -- for a price. Dozens of online
    services are selling lists of cell phone calls, raising security
    concerns among law enforcement and privacy experts.

    Criminals can use such records to expose a government informant who
    regularly calls a law enforcement official.

    Suspicious spouses can see if their husband or wife is calling a
    certain someone a bit too often.

    And employers can check whether a worker is regularly calling a
    psychologist -- or a competing company.

    Some online services might be skirting the law to obtain these phone
    lists, according to Sen. Charles Schumer (D-N.Y.), who has called for
    legislation to criminalize phone record theft and use.

    In some cases, telephone company insiders secretly sell customers'
    phone-call lists to online brokers, despite strict telephone company
    rules against such deals, according to Schumer.

    And some online brokers have used deception to get the lists from the
    phone companies, he said.

    "Though this problem is all too common, federal law is too narrow to
    include this type of crime," Schumer said last year in a prepared
    statement.

    The Chicago Police Department is looking into the sale of phone
    records, a source said.

    Late last month, the department sent a warning to officers about
    Locatecell.com, which sells lists of calls made on cell phones and
    land lines.

    "Officers should be aware of this information when giving out their
    personal cell phone numbers to the general public," the bulletin said.
    "Undercover officers should also be aware of this information if they
    occasionally call personal numbers such as home or the office, from
    their [undercover] ones."

    Test got FBI's calls in 3 hours

    To test the service, the FBI paid Locatecell.com $160 to buy the
    records for an agent's cell phone and received the list within three
    hours, the police bulletin said.

    Representatives of Data Find Solutions Inc., the Tennessee-based
    operator of Locatecell.com, could not be reached for comment.

    Frank Bochte, a spokesman for the FBI in Chicago, said he was aware of
    the Web site.

    "Not only in Chicago, but nationwide, the FBI notified its field
    offices of this potential threat to the security of our agents, and
    especially our undercover agents," Bochte said. "We need to educate
    our personnel about the dangers posed by individuals using this site
    and others like it. We are stressing that they should be careful in
    their cellular use."

    How well do the services work? The Chicago Sun-Times paid $110 to
    Locatecell.com to purchase a one-month record of calls for this
    reporter's company cell phone. It was as simple as e-mailing the
    telephone number to the service along with a credit card number. The
    request was made Friday after the service was closed for the New
    Year's holiday.

    'Most powerful investigative tool'

    On Tuesday, when it reopened, Locatecell.com e-mailed a list of 78
    telephone numbers this reporter called on his cell phone between Nov.
    19 and Dec. 17. The list included calls to law enforcement sources,
    story subjects and other Sun-Times reporters and editors.

    Ernie Rizzo, a Chicago private investigator, said he uses a similar
    cell phone record service to conduct research for his clients. On
    Friday, for instance, Rizzo said he ordered the cell phone records of
    a suburban police chief whose wife suspects he is cheating on her.

    "I would say the most powerful investigative tool right now is cell
    records," Rizzo said. "I use it a couple times a week. A few hundred
    bucks a week is well worth the money."

    Only financial info protected?

    In July, the Electronic Privacy Information Center filed a petition
    with the Federal Communications Commission seeking an end to the sale
    of telephone records.

    "We're very concerned about Locatecell," said Chris Jay Hoofnagle,
    senior counsel for the center. "This is the company that sold the
    phone records of a Canadian official to a reporter 'no questions
    asked.' "

    Schumer has called for legislation to criminalize the "stealing and
    selling" of cell phone logs. He also urged the Federal Trade
    Commission to set up a unit to stop it.

    He said a common method for obtaining cell phone records is
    "pretexting," involving a data broker pretending to be a phone's owner
    and duping the phone company into providing the information.

    "Pretexting for financial data is illegal, but it does not include
    phone records," Schumer said. "We already have protections for our
    financial information. We ought to have it for the very personal
    information that can be gleaned from telephone records."





    See More: Your Cell Phone Records Are For Sale




  2. #2
    DecaturTxCowboy
    Guest

    Re: Your Cell Phone Records Are For Sale

    Andy wrote:
    > Your phone records are for sale


    Let someone pull up the records for Homeland Security Secretary Michael
    Chertoff and see how fast this security hole is plugged. <snicker>



  3. #3
    Michael Singletary
    Guest

    Re: Your Cell Phone Records Are For Sale

    On Sun, 08 Jan 2006 00:20:55 GMT, DecaturTxCowboy
    <DTC@boogie_boggie.blog> wrote:

    >Andy wrote:
    >> Your phone records are for sale

    >
    >Let someone pull up the records for Homeland Security Secretary Michael
    >Chertoff and see how fast this security hole is plugged. <snicker>


    You know.. that's what I find interesting. The only reason this
    article was ever written was because it was affecting law enforcement
    and the government in some way. I'm quite sure that this has been
    going on for some time with consumers, but now that the police and
    government are involved it must be stopped.

    Where's the care for the public as a whole?

    Oh, and what do they have to hide on their personal cell phone records
    that I don't, for example? These ARE personal phones, right? You would
    think that those tasked with keeping us safe from terrorists are using
    some sort of secure and encrypted communication medium, and not
    something commercially available to the mass-market, consumer level.

    Cell phones are an item that have proven continually insecure for
    consumers.. much less public safety officials.



  4. #4

    Re: Your Cell Phone Records Are For Sale


    If you can get SprintPCS/Nextel customer records, it's an express
    violation of Sprint's Privacy Policy
    (http://www.sprint.com/legal/sprint_privacy.html).

    "Sprint Nextel does not disclose CPNI outside Sprint Nextel or its
    authorized agents without customer consent except as required or allowed
    by law."

    "CPNI" = Customer Proprietary Network Information, which includes "call
    detail records".

    I wonder what the remedy is for violation of of a privacy policy. An
    apology?

    Do I smell a class action lawsuit in the making?



  5. #5
    BruceR
    Guest

    Re: Your Cell Phone Records Are For Sale

    Well, like in any lawsuit, to get damages you have to prove injury. If
    you can show that the disclosure of the call records caused you
    physical, emotional or financial harm you may get compensation. A class
    action lawsuit would greatly enrich the attorneys (if they reached a
    settlement) and probably give the class members a statement of no
    admission of wrongdoing, an assurance to continue to abide by the
    privacy policy and maybe - just maybe - a certificate redeemable for a
    free ringtone download or other meaningless concession.

    From:[email protected]
    [email protected]

    > If you can get SprintPCS/Nextel customer records, it's an express
    > violation of Sprint's Privacy Policy
    > (http://www.sprint.com/legal/sprint_privacy.html).
    >
    > "Sprint Nextel does not disclose CPNI outside Sprint Nextel or its
    > authorized agents without customer consent except as required or
    > allowed by law."
    >
    > "CPNI" = Customer Proprietary Network Information, which includes
    > "call detail records".
    >
    > I wonder what the remedy is for violation of of a privacy policy. An
    > apology?
    >
    > Do I smell a class action lawsuit in the making?






  6. #6
    Steve Sobol
    Guest

    Re: Your Cell Phone Records Are For Sale

    BruceR wrote:
    > Well, like in any lawsuit, to get damages you have to prove injury.


    You'd also have to prove that the carrier sold the records in the first
    place, if you were to go after them for a privacy violation.

    --
    Steve Sobol, Professional Geek 888-480-4638 PGP: 0xE3AE35ED
    Company website: http://JustThe.net/
    Personal blog, resume, portfolio: http://SteveSobol.com/
    E: [email protected] Snail: 22674 Motnocab Road, Apple Valley, CA 92307



  7. #7
    Richard
    Guest

    Re: Your Cell Phone Records Are For Sale

    [email protected] wrote:
    >
    > If you can get SprintPCS/Nextel customer records, it's an express
    > violation of Sprint's Privacy Policy
    > (http://www.sprint.com/legal/sprint_privacy.html).
    >
    > "Sprint Nextel does not disclose CPNI outside Sprint Nextel or its
    > authorized agents without customer consent except as required or allowed
    > by law."
    >
    > "CPNI" = Customer Proprietary Network Information, which includes "call
    > detail records".
    >
    > I wonder what the remedy is for violation of of a privacy policy. An
    > apology?
    >
    > Do I smell a class action lawsuit in the making?



    Uh....

    > "Sprint Nextel does not disclose CPNI outside Sprint Nextel or its
    > authorized agents without customer consent except as required or allowed
    > by law."


    "....except as allowed by law" is pretty broad.

    All this says is that Sprint/Nextel will not knowingly break the law.
    As a privacy policy, it's meaningless.

    So, is it a direct corollary of this assertion is that, with customer
    consent, Sprint Nextel will disclose CPNI in violation of the law?

    Richard



  8. #8
    BruceR
    Guest

    Re: Your Cell Phone Records Are For Sale

    That would be best if the proof were there but you might not need to
    even prove they sold them. You could contend that they were grossly
    negligent in failing to secure them even if they were stolen or leaked.
    If they were stolen rather than sold then the settlement might not be so
    rich - they'd give you something worth even less than the ringtone.

    From:Steve Sobol
    [email protected]

    > BruceR wrote:
    >> Well, like in any lawsuit, to get damages you have to prove injury.

    >
    > You'd also have to prove that the carrier sold the records in the
    > first place, if you were to go after them for a privacy violation.
    >
    > --
    > Steve Sobol, Professional Geek 888-480-4638 PGP: 0xE3AE35ED
    > Company website: http://JustThe.net/
    > Personal blog, resume, portfolio: http://SteveSobol.com/
    > E: [email protected] Snail: 22674 Motnocab Road, Apple Valley, CA
    > 92307






  9. #9
    Jer
    Guest

    Re: Your Cell Phone Records Are For Sale

    Richard wrote:
    > [email protected] wrote:
    >
    >>If you can get SprintPCS/Nextel customer records, it's an express
    >>violation of Sprint's Privacy Policy
    >>(http://www.sprint.com/legal/sprint_privacy.html).
    >>
    >>"Sprint Nextel does not disclose CPNI outside Sprint Nextel or its
    >>authorized agents without customer consent except as required or allowed
    >>by law."
    >>
    >>"CPNI" = Customer Proprietary Network Information, which includes "call
    >>detail records".
    >>
    >>I wonder what the remedy is for violation of of a privacy policy. An
    >>apology?
    >>
    >>Do I smell a class action lawsuit in the making?

    >
    >
    >
    > Uh....
    >
    >
    >>"Sprint Nextel does not disclose CPNI outside Sprint Nextel or its
    >>authorized agents without customer consent except as required or allowed
    >>by law."

    >
    >
    > "....except as allowed by law" is pretty broad.
    >
    > All this says is that Sprint/Nextel will not knowingly break the law.
    > As a privacy policy, it's meaningless.
    >
    > So, is it a direct corollary of this assertion is that, with customer
    > consent, Sprint Nextel will disclose CPNI in violation of the law?
    >
    > Richard



    All it takes for a policy to be violated is one disgruntled employee, or
    some other employee offered to make a few bucks, or the company be sold
    to another company that couldn't care less what someone else's privacy
    policy was supposed to be. No privacy policy is worth the ink it takes
    to print it.

    --
    jer
    email reply - I am not a 'ten'



  10. #10
    Michael Singletary
    Guest

    Re: Your Cell Phone Records Are For Sale

    On Mon, 09 Jan 2006 02:14:24 GMT, "[email protected]"
    <[email protected]> wrote:

    >
    >If you can get SprintPCS/Nextel customer records, it's an express
    >violation of Sprint's Privacy Policy
    >(http://www.sprint.com/legal/sprint_privacy.html).
    >
    >"Sprint Nextel does not disclose CPNI outside Sprint Nextel or its
    >authorized agents without customer consent except as required or allowed
    >by law."


    Unfortunately in this case, the private investigator is posing as the
    customer by identifying the social security number, as per the
    security of most cell phone providers.

    To the best of the provider's knowledge, they are releasing this
    information to the customer.

    >"CPNI" = Customer Proprietary Network Information, which includes "call
    >detail records".
    >
    >I wonder what the remedy is for violation of of a privacy policy. An
    >apology?
    >
    >Do I smell a class action lawsuit in the making?




  11. #11

    Re: Your Cell Phone Records Are For Sale

    BruceR wrote:
    > Well, like in any lawsuit, to get damages you have to prove injury. If
    > you can show that the disclosure of the call records caused you
    > physical, emotional or financial harm you may get compensation. A class
    > action lawsuit would greatly enrich the attorneys (if they reached a
    > settlement) and probably give the class members a statement of no
    > admission of wrongdoing, an assurance to continue to abide by the
    > privacy policy and maybe - just maybe - a certificate redeemable for a
    > free ringtone download or other meaningless concession.


    In most cases, I agree with your sentiments. The most recent
    Time-Warner Cable class action lawsuit, for example, resulted in
    customers being offered one month of some cable service they don't
    already have (which TWC is probably delighted to offer, as a marketing
    expense), and the lawyers get $5M. That ticked me off.

    In this case, though, I don't care if I don't get a dime. I want the
    phone companies to experience significant pain for profiting from such a
    serious privacy violation. Even if the money does go to lawyers.

    By the way, that TWC lawsuit was also over a privacy policy violation --
    but a relatively minor one.

    > From:[email protected]
    > [email protected]
    >
    >
    >>If you can get SprintPCS/Nextel customer records, it's an express
    >>violation of Sprint's Privacy Policy
    >>(http://www.sprint.com/legal/sprint_privacy.html).
    >>
    >>"Sprint Nextel does not disclose CPNI outside Sprint Nextel or its
    >>authorized agents without customer consent except as required or
    >>allowed by law."
    >>
    >>"CPNI" = Customer Proprietary Network Information, which includes
    >>"call detail records".
    >>
    >>I wonder what the remedy is for violation of of a privacy policy. An
    >>apology?
    >>
    >>Do I smell a class action lawsuit in the making?

    >
    >
    >




  12. #12

    Re: Your Cell Phone Records Are For Sale

    Steve Sobol wrote:
    > BruceR wrote:
    >
    >> Well, like in any lawsuit, to get damages you have to prove injury.

    >
    >
    > You'd also have to prove that the carrier sold the records in the first
    > place, if you were to go after them for a privacy violation.


    That ought to be pretty easy. Try to purchase the records for some
    Sprint customers who agree to be in on the lawsuit. If you can get them
    without a legal demand, Sprint has violated their privacy policy.

    And you don't have to prove that Sprint *sold* the records. Only that
    they failed to follow their policy, which says that they will not
    transfer them outside the company without a valid legal demand
    (discovery order, subpoena, court order...).



  13. #13

    Re: Your Cell Phone Records Are For Sale


    Jer wrote:
    > Richard wrote:
    > > [email protected] wrote:
    > >
    > >>If you can get SprintPCS/Nextel customer records, it's an express
    > >>violation of Sprint's Privacy Policy
    > >>(http://www.sprint.com/legal/sprint_privacy.html).
    > >>
    > >>"Sprint Nextel does not disclose CPNI outside Sprint Nextel or its
    > >>authorized agents without customer consent except as required or allowed
    > >>by law."
    > >>
    > >>"CPNI" = Customer Proprietary Network Information, which includes "call
    > >>detail records".
    > >>
    > >>I wonder what the remedy is for violation of of a privacy policy. An
    > >>apology?
    > >>
    > >>Do I smell a class action lawsuit in the making?

    > >
    > >
    > >
    > > Uh....
    > >
    > >
    > >>"Sprint Nextel does not disclose CPNI outside Sprint Nextel or its
    > >>authorized agents without customer consent except as required or allowed
    > >>by law."

    > >
    > >
    > > "....except as allowed by law" is pretty broad.
    > >
    > > All this says is that Sprint/Nextel will not knowingly break the law.
    > > As a privacy policy, it's meaningless.
    > >
    > > So, is it a direct corollary of this assertion is that, with customer
    > > consent, Sprint Nextel will disclose CPNI in violation of the law?
    > >
    > > Richard

    >
    >
    > All it takes for a policy to be violated is one disgruntled employee, or
    > some other employee offered to make a few bucks, or the company be sold
    > to another company that couldn't care less what someone else's privacy
    > policy was supposed to be. No privacy policy is worth the ink it takes
    > to print it.
    >


    Given the delight of Multi National Companies to Outsource various
    business functions,
    its conceivable that some low paid staffer in a third world office
    could start pulling up
    reams of customer data during a slow period in the middle of the night.
    The bribe
    received, although a pitance by US standards, would feed an entire clan
    of third world
    relatives.

    There was virtually nothing of this kind heard of in the lated 1990's,
    when most cell phone
    support was based in the US.

    JG




  14. #14
    BruceR
    Guest

    Re: Your Cell Phone Records Are For Sale

    I don't know of any laws preventing it provided you aren't trying by
    means of an illegal activity like hacking a database or breaking &
    entering. If one is really concerned about the issue because they are
    making calls that could get them in trouble then they should probably
    use a disposable phone to really stay anonymous.

    From:Paul Miner
    [email protected]lid

    > On Mon, 09 Jan 2006 20:37:20 GMT, "[email protected]"
    > <[email protected]> wrote:
    >
    >> Steve Sobol wrote:
    >>> BruceR wrote:
    >>>
    >>>> Well, like in any lawsuit, to get damages you have to prove injury.
    >>>
    >>>
    >>> You'd also have to prove that the carrier sold the records in the
    >>> first place, if you were to go after them for a privacy violation.

    >>
    >> That ought to be pretty easy. Try to purchase the records for some
    >> Sprint customers who agree to be in on the lawsuit. If you can get
    >> them without a legal demand, Sprint has violated their privacy
    >> policy.

    >
    > Is it legal to even TRY to get access to someone's records other than
    > your own?
    >
    > --
    > Paul Miner






  15. #15
    Scott
    Guest

    Re: Your Cell Phone Records Are For Sale


    "[email protected]" <[email protected]> wrote in
    message news:[email protected]...

    >
    > In this case, though, I don't care if I don't get a dime. I want the
    > phone companies to experience significant pain for profiting from such a
    > serious privacy violation. Even if the money does go to lawyers.
    >


    I'll bet that the only person at the carrier to know of the transaction is
    the one making it, and making it by ignoring Company policy and in many
    cases overriding security controls in place to prevent it. And before the
    aluminum foil freaks get excited- think about this. In order for your
    problems to be addressed, payments taken, units added, accounts to be setup,
    credits to be issued- somebody has to go into your account for many of
    these. A complete lockdown of your account is probably not possible,
    potentially not the best thing for you, but would probably be much more cost
    effective and profitable for the company.





  • Similar Threads




  • Page 1 of 2 12 LastLast