• Home 

• About Us

  • Awards/Honors
  • Client Service Pledge
  • Clients
  • Community
    • Atlanta
    • Brussels
    • Cincinnati
    • Cleveland
    • Columbus
    • Dayton
    • New York
    • Washington, D.C.
  • Diversity
    • Commitment & Goals
    • For More Information
    • Initiative Brochure (PDF)
    • Leadership Spotlight
    • News/Events
    • Women's Initiative
  • Firm Facts
  • Leadership
  • Origins
  • Privacy
  • Pro Bono
    • Awards/Recognition
    • For More Information
    • News/Events
    • Office Involvement
    • Overview
    • Representative Matters
    • Services
  • Technology
    • Client Toolkits
    • Extranets
    • Lawyer Toolkits
    • Network Systems
    • Software Standards
  • Women's Initiative
    • About the Initative
    • About the Initative - Mission
    • Awards/Honors
    • Diversity
    • Events/Sponsorships
    • For More Information
    • In The News
    • Initiative Brochure (PDF)
    • Lawyers
    • Leadership Spotlight
    • Publications
    • Testimonials - Lawyers
    • Testimonials - Staff

• Careers 

  • Lateral Associates
    • Benefits
    • Career Opportunities
    • Contacts
    • Diversity
    • Locations
    • Practices
    • Professional Development
    • Technology
    • Testimonials
  • Lateral Partners
    • Contacts
    • Diversity
    • Integration
    • Locations
    • Practices
    • Technology
    • Testimonials
  • New/Summers
    • College Alumni
    • Compensation/Benefits
    • Contacts
    • Diversity
    • FAQs
    • Locations
    • New Law Clerks
    • On-Campus Interviews
    • Practices
    • Pro Bono
    • Professional Development
    • Summer Law Clerks
    • Technology
    • Testimonials
  • Staff
    • Apply Online
    • Career Opportunities
    • Compensation/Benefits
    • Diversity
    • In The News
    • Technology
    • Testimonials
    • Training/Development

• Lawyers 

• Locations 

  • Atlanta
    • About
    • Careers
    • Community
    • Directions
    • Lawyers
    • News/Events
    • Related Links
  • Brussels
    • About
    • Careers
    • Community
    • Directions
    • Lawyers
    • News/Events
    • Related Links
  • Cincinnati
    • About
    • Careers
    • Community
    • Directions
    • Lawyers
    • News/Events
    • Related Links
  • Cleveland
    • About
    • Careers
    • Community
    • Directions
    • Lawyers
    • News/Events
    • Related Links
  • Columbus
    • About
    • Careers
    • Community
    • Directions
    • Lawyers
    • News/Events
    • Related Links
  • Dayton
    • About
    • Careers
    • Community
    • Directions
    • Lawyers
    • News/Events
    • Related Links
  • New York
    • About
    • Careers
    • Community
    • Directions
    • Lawyers
    • News/Events
    • Related Links
  • Washington, D.C.
    • About
    • Careers
    • Community
    • Directions
    • Lawyers
    • News/Events
    • Related Links

• News | Events 

  • Events
  • In The News
  • Media Kit
  • Press Contacts
  • Press Releases
  • Search

• Practices 

• Publications 

  • Current Items
  • Past Items
  • RSS News Feed
  • Search

• Contact Us 

  • Careers
  • Lawyers
  • Locations
  • Press

Overview

On January 12, 2007, President Bush signed the “Telephone Records and Privacy Protection Act of 2006” (“Telco Privacy Act” or “Act”). The new law criminalizes “pretexting” and certain other actions undertaken to fraudulently acquire telephone records. Pretexting in this context generally involves obtaining telephone records from a telephone carrier (such as wireline and wireless carriers) under false pretenses, for example, pretending to be a customer seeking a report of last month’s calling records.

Background

During 2006, the practice of “pretexting” to obtain telephone records gained notoriety from the scandal that arose at Hewlett-Packard (“HP”) when investigators hired by HP impersonated HP directors and others to obtain these individuals’ telephone records. Subsequent congressional and other investigations revealed that many companies offered individuals’ telephone records for sale over the Internet without the customers’ authorization or knowledge. Consumer groups, individuals and others decried the privacy implications of pretexting, particularly in light of the national problem of identity theft in recent years, and personal safety concerns.

Some states, such as California, took action prior to the enactment of the federal law. California’s legislature passed an anti-pretexting law in October 2006, effective on January 1, 2007. Prior to the enactment of the federal law, Congress held hearings on the national implications of pretexting, and the Federal Communications Commission (“FCC”) investigated several companies that were selling consumers’ telephone records. The FCC also launched a proceeding aimed at reviewing and possibly strengthening its rules that require carriers to protect certain customer information, such as calling records. In late 2006, Congress joined the action by passing the Telco Privacy Act.

Telco Privacy Act – Criminal Acts

The Act applies to “confidential phone records information” which, in essence, means information kept because of the relationship between a carrier and its customers that relates to the amount, type, location or destination of services offered by covered telecommunications providers (including VoIP providers); which is made available to a covered carrier solely because of its relationship with the customer; or that which is contained in bills and similar account statements.

Obtaining Confidential Phone Records

The Act makes it a crime to knowingly and intentionally obtain confidential phone records information of a “covered entity” in interstate or foreign commerce by making false or fraudulent statements or representations to an employee of a covered entity; to make false or fraudulent statements or representations to a customer of a covered entity; to provide a false or fraudulent document to a covered entity; or to access customer accounts of a covered entity via the Internet without prior authorization from the customer to whom such records relate.

Selling or Transferring Confidential Phone Records

Unless otherwise permitted by law, it is now a federal crime to sell or attempt to sell or transfer confidential phone records of a covered entity, without prior authorization from the applicable customer, whether intentionally or knowingly or with reason to know that such information was obtained fraudulently.

Purchasing or Receiving Confidential Phone Records Information

Unless otherwise permitted by applicable law, the Act also criminalizes the knowing and intentional purchase or receipt, and any attempt to purchase or receive, confidential telephone records information of a covered entity, without prior authorization.

Exceptions

The broadest exception is provided for actions by federal, state or other political subdivision law enforcement agencies or federal intelligence agencies engaged in investigative, protective or intelligence activities.

The Act adopts certain exceptions currently set forth in the Customer Proprietary Network Information (“CPNI”) provisions of the Communications Act of 1934, as amended. In summary, telecommunications carriers may use, disclose or permit access to customer information in connection with the initiation, rendering, billing and collecting of telecommunications services; to protect the rights or property of the carrier or users and other carriers from fraudulent, abusive or unlawful use of services; upon customer approval in connection with marketing or administrative services; or to provide call location information concerning wireless users in the context of an emergency.

Penalties

The penalties under the Telco Privacy Act include fines and imprisonment for up to 10 years. The Act also provides for certain enhanced penalties that increase the fines and imprisonment time in certain enumerated circumstances (up to five additional years in prison).

Emerging Technologies/Types of Customers

Interestingly, the Act includes VoIP providers in the definition of “covered entity.” Wireless providers are also “covered entities.” Customer records include records of both individuals and businesses.

Trends

In light of the public debate and concern regarding access to telephonic records, Congress, the FCC and state regulators will continue to monitor privacy issues in this context. The FCC could make further revisions of its CPNI rules designed to place additional requirements on carriers to protect customer information from improper disclosure. In the 110th Congress, we may see further legislation designed to place additional duties on carriers to protect customer information. For example, Sen. Ted Stevens (R-Alaska) reintroduced a bill designed to require wireless, Internet and wireline phone companies to implement new safeguards against unauthorized access to their customers’ records, and would authorize a private right of action by consumers against those who obtained their phone records without authorization.

For More Information

Please contact Michelle W. Cohen, Carolyn S. Flahive, Thomas E. Lodge, or Thomas F. Zych or any member of our Business Litigation or Telecommunications practice groups for more information.

Disclosure

This advisory may be reproduced, in whole or in part, with the prior permission of Thompson Hine LLP and acknowledgement of its source and copyright. This publication is intended to inform clients about legal matters of current interest. It is not intended as legal advice. Readers should not act upon the information contained in it without professional counsel. This document may be considered attorney advertising in some jurisdictions. Some of the design images and photographs in this document may be of actors depicting fictional scenes.