State Law To Make Selling Of Illegal Information Illegal
from the missing-the-point dept
Verizon Wireless has a penchant for pumping up its efforts to sue people that somehow manage to get its customers' call records -- obscuring the real issue that they never should have been able to get the information from Verizon in the first place. Now, the governor and attorney general of Illinois have noticed the practice, and are looking to enact laws banning the sales of peoples' call records. While the proposed law certainly has honorable intentions, it's again missing the point. Banning the sale of the information in Illinois really won't do anything to help the situation at all, since it's all done over the internet anyway. Again, the bottom line here is that these are leaks of information by the cellular carriers -- so why not put the onus on them to stop the information from getting out? Instead of pointlessly banning the sale of the numbers, make phone companies liable for keeping the information secure. Carriers currrently have little incentive to stop the practice. In Verizon's case, stopping it would mean no more press releases calling attention to its "unmatched" efforts to sue people that get the info (rather than actually stopping them from getting it to begin with). Until there are real penalties and real motivation for companies to plug data leaks, they won't stop.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Over there!
Why should Verizon fix the root cause here when it's so much cheaper to deflect scrutiny on their poor IT practices by taking advantage of some of their PAC money?
[ link to this | view in chronology ]
Re: Over there!
[ link to this | view in chronology ]
Re: Over there!
1) Person A wants Person B's call records (which are not, contrary to popular opinion, protected by law in any way...yet). In almost every case, Person A already knows Person B.
2) Person A contacts on online PI and fills out a form with basic info on Person B.
3) The PI firm calls target company's customer service dept., sometimes a hundred times (the support number is toll-free, after all). Eventually they will get the young, inexperienced rep who will bow to pressure and release the call records to wherever Person A requests.
The process has nothing to do with IT security or even call center security...it's just a matter of the PI firm patiently calling and attempting to social engineer reps until they get one that works in their favor.
Until there are laws on the books explicity protecting call records (there isn't yet), and until companies like VZW start suing the pants off of these shady firms, nothing will change.
[ link to this | view in chronology ]
Path of least resistance
[ link to this | view in chronology ]
Google Ads
[ link to this | view in chronology ]
No Subject Given
[ link to this | view in chronology ]
No Subject Given
[ link to this | view in chronology ]
Laws do not seem to stop this....
So, in theory, you have to prove your identity before any personal info can be given out by a company. Penalties are in the order of Au$30,000.
But it does not work...
It is often misused as companies try to hide behind it, refusing to give out details of their errors because it 'violates privacy laws'. This works as most people do not know the act only covers individuals not business entities/organisations.
Two telephone companies sold my details to telemarketers.
One even sold the mobile phone numbers I used in development systems. These mobile modems are in vehicles and only recieve data calls (no handset to phone out). The company then tried to charge me (for services I had not requested) for recieving these unwanted calls.
A recruitment agency incorrectly told one of my employers I had signed a consent form to release my personal info (thinking that my employer would not tell me).
If you can track down the offending company, in all cases you get told it was an individual's error (whom we have sacked, re-trained or made to disappear) and which won't happen again....
[ link to this | view in chronology ]
selling details abroad
[ link to this | view in chronology ]