State Law To Make Selling Of Illegal Information Illegal
from the missing-the-point dept
Verizon Wireless has a penchant for pumping up its efforts to sue people that somehow manage to get its customers’ call records — obscuring the real issue that they never should have been able to get the information from Verizon in the first place. Now, the governor and attorney general of Illinois have noticed the practice, and are looking to enact laws banning the sales of peoples’ call records. While the proposed law certainly has honorable intentions, it’s again missing the point. Banning the sale of the information in Illinois really won’t do anything to help the situation at all, since it’s all done over the internet anyway. Again, the bottom line here is that these are leaks of information by the cellular carriers — so why not put the onus on them to stop the information from getting out? Instead of pointlessly banning the sale of the numbers, make phone companies liable for keeping the information secure. Carriers currrently have little incentive to stop the practice. In Verizon’s case, stopping it would mean no more press releases calling attention to its “unmatched” efforts to sue people that get the info (rather than actually stopping them from getting it to begin with). Until there are real penalties and real motivation for companies to plug data leaks, they won’t stop.
Comments on “State Law To Make Selling Of Illegal Information Illegal”
Hey look! It’s something SHINY!
Why should Verizon fix the root cause here when it’s so much cheaper to deflect scrutiny on their poor IT practices by taking advantage of some of their PAC money?
Re: Over there!
Don’t be so quick to blame IT…these information occur through social engineering to customer service, not hacking it out of the company. This is a problem for every telcom carrier.
Re: Re: Over there!
For those who aren’t familiar with “pretexting”, this is how this information gets leaked:
1) Person A wants Person B’s call records (which are not, contrary to popular opinion, protected by law in any way…yet). In almost every case, Person A already knows Person B.
2) Person A contacts on online PI and fills out a form with basic info on Person B.
3) The PI firm calls target company’s customer service dept., sometimes a hundred times (the support number is toll-free, after all). Eventually they will get the young, inexperienced rep who will bow to pressure and release the call records to wherever Person A requests.
The process has nothing to do with IT security or even call center security…it’s just a matter of the PI firm patiently calling and attempting to social engineer reps until they get one that works in their favor.
Until there are laws on the books explicity protecting call records (there isn’t yet), and until companies like VZW start suing the pants off of these shady firms, nothing will change.
Path of least resistance
This is nothing more than another sad example of companies taking the path of least resistance. Guess this fuels the fire for me to continue my Verizon boycott …
Re: Google Ads
Makes me want to click on the Verizon google ads on this page LOL
No Subject Given
Well to them I’m sure its fairly good PR to the average dumb person. But on the other hand they have all these court records show their fighting the people who are smart enough to get into their system. And most of all they get some money from the guys.
No Subject Given
Why not just give that information away for free? I wouldn’t mind if my information was out there (although I’d probably stalk my ex a little less), if I could get all the hot gossip on who else was calling whom, too! Besides making the illegal sale of this illegal information obsolete.
Laws do not seem to stop this....
In Australia we have laws to stop this happening, the Privacy Act of 1988.
So, in theory, you have to prove your identity before any personal info can be given out by a company. Penalties are in the order of Au$30,000.
But it does not work…
It is often misused as companies try to hide behind it, refusing to give out details of their errors because it ‘violates privacy laws’. This works as most people do not know the act only covers individuals not business entities/organisations.
Two telephone companies sold my details to telemarketers.
One even sold the mobile phone numbers I used in development systems. These mobile modems are in vehicles and only recieve data calls (no handset to phone out). The company then tried to charge me (for services I had not requested) for recieving these unwanted calls.
A recruitment agency incorrectly told one of my employers I had signed a consent form to release my personal info (thinking that my employer would not tell me).
If you can track down the offending company, in all cases you get told it was an individual’s error (whom we have sacked, re-trained or made to disappear) and which won’t happen again….
selling details abroad
I recently got a new contract for my mobile phone thrhough a phone shop Link and unfortunately i gave them my home number. A few days later I received calls to my mobile and house phone number. I am pretty sure they must have passed on my details as the home number was quite new and not many people had the number. I don’t think there is anyway i could prove this though. I have demanded the man on the phone give the details of the company who he was calling for, I didn’t get very far. I then made sure both numbers were listed with TPS telephone perferial service and told the next caller they are breaking the law. I can;t prove it is the Link company though pretty sure it is.