Path: utzoo!telecom-request Date: Tue, 7 May 91 21:41:45 -0700 From: David Gast Newsgroups: comp.dcom.telecom Subject: The Phone Company and Personal Information Message-ID: Organization: TELECOM Digest Sender: Telecom@eecs.nwu.edu Approved: Telecom@eecs.nwu.edu X-Submissions-To: telecom@eecs.nwu.edu X-Administrivia-To: telecom-request@eecs.nwu.edu X-Telecom-Digest: Volume 11, Issue 341, Message 9 of 9 Lines: 108 I agree that it was improper for an AT&T employee to post information about a telephone user's account to this forum if that information was obtained from confidential AT&T sources. We should take a larger view of the episode and consider if his personal actions are really so out of line when compared to corporate policy. At one time I believe that these actions would have been completely out of line with respect to corporate policy, but with current plans to sell ANI, CID, TTGI, and the like the emphasis on privacy has been reduced. (The following is quoted from Marc's article referenced below). "Protection of Personal Data in the United States," by William Caming (The Information Society, pp.117-119, vol, 3., no. 2 (1984)). Mr. Caming was for many years general counsel for AT&T. "In testimony before the Privacy Commission, I said in behalf of AT&T that we unreservedly pledged ourselves to . . . ensure that the Bell System's commitment to the spirit of "Fair information" principles was being fully realized. . . . "Over the years, the Bell System has staunchly supported the concept that the protection of its customers' communications and business records is of singular importance. Time and time again, we have stressed to the Congress and the Federal Communications Commission and on other public forums that the preservation of privacy is a basic concept in our business. . . "Access to these records is rigorously restricted. They are not released except pursuant to subpoena, administrative summons, or court order valid on its face. . . . Exceptions to the foregoing policies are extremely few in number." ----- end of quoted text ----- The problem in large part, I believe, is because telephone companies like most of commercial America do not believe in privacy. Marketing is perceived to be more important than privacy. Yesterday's paper had a front page article about a person who was stealing mail and then collecting credit cards by filling out the unsolicited credit card offers. The paper noted that this one person could have caused up to $200,000 damage. While that figure may be and probably is inflated and while I certainly do not condone the actions of the mail thief, part of the problem has been caused by the very actions of the credit card companies. If they did not go around invading consumer's privacy and then sending out unsolicited and unwanted offers that the PO will not forward to the correct address because they are third class mail, these thieves would not be able to go around and fill them out. Last year I sent an article to the Digest which was written by Marc Rotenberg of CPSR. (I believe that article is available as rotenberg.privacy.speech in the telecom archives). Part of that article was a letter to Dr. Bonnie Guiton in the US Office of Consumer Affairs. He was writing primarily against selling TTGI (Telephone Transaction Generated Information). The telephone companies want to sell information about every single call every single person makes. While we can be shocked and outraged that an AT&T employee would provide information about an allegedly sleazy business's phone records, why don't we make the same fuss when the telephone companies propose to sell this information to anyone who will pay including sleaze? Many readers of this forum believe that AT&T should be able to sell ANI information on incoming 800 numbers.? How would these readers feel if AT&T proposed to sell 800 calling patterns to anyone that wanted to buy them? Some readers of this forum believe that local telephone companies should be able to sell CID info to the receiver of a phone call even if the caller objects. Suppose that the telephone companies proposed to sell CID info to anyone who wanted to buy? Suppose that the company you call starts selling this information? The problem is that society has not thoroughly debated much less decided that the protections of the Communications Act of 1934 should be eliminated. As Marc wrote: Perhaps the clearest statement in support of telephone privacy can be found in the original Federal Communications Act of 1934: No person not being authorized by the sender shall intercept any communications and divulge or publish the existence, contents, sub- stance, purport, effect, or meaning of such intercepted communication to any person. (Section 605). As the Congress recognized in 1934, telephone privacy means more than simply protecting the contents of the communication from unlawful disclosure. The confidentiality of phone communications extends as well to toll record information, and the broader category of TTGI. John Stanley seems to support my argument that marketing is more important than privacy when he writes: While the passing of this information between LD carriers for use in marketing LD services might be arguably ethical, using one's position within AT&T to broadcast this stuff to the general public certainly is NOT. I hardly see how passing the information between LD carriers can possibly ethical. Does marketing suddenly make an ethical activity ethical? Additionally, passing the info among LD carriers could be construed as collusion under the anti-trust laws. If I call someone, I expect that information is private and confidential. Finally, I can hardly agree that the marketing department should be privy to any information that the general public should not be. As a result, marketing departments should not receive personally identifiable information. David