John Avarosis at AmericaBlog discovered earlier this week that you can buy anyone's cell phone records for the low price of $110 (or less). So he decided to buy his own records and see what they told him.


He wanted to take this to the next level though and see if he could get the records for a high profile public official, he chose General Wesley Clark:


Once available only to authorities with the proper access and a warrant, it looks like some companies are making this available to the general public and it is completely legal.

Questions for debate:
1. Should cell phone records be available to the general public, or is this a violation of your privacy?

2. Who should be responsible in your opinion for fixing this problem, the federal government (via legislation) or the cell phone companies (by protecting your information)?

3. Now that we've entered the information age, it seems that much of our private life is out there for the right price. How do we address this new challenge?

This is just plain SCARY. I wonder how they obtain this information, in that the switching system would presumably be the easiest way to see who's calling who, but from what I understand is pretty secure. (my company is in this industry)

Simply put, this allows a stalker to easily track the movements and activities of anyone they so choose. It's amazing that there isn't some legislation and/or corporate law suit to keep this from occurring. Heck, I have a Nextel Blackberry and a Sprint Cell phone, and if I found that this happened to me due to corporate negligence... I'd never pay another cell phone bill again. I'm astonished.

In my opinion, all cell phone companies should make an attempt to safeguard this information, but the government might have to step in on this one. It's hard for me to believe that someone can trace not only your cell, but your land line as well! Check this out... They Can check your Long Dist calls...

1. Should cell phone records be available to the general public, or is this a violation of your privacy?
I would think that these should be private.

2. Who should be responsible in your opinion for fixing this problem, the federal government (via legislation) or the cell phone companies (by protecting your information)?
I suspect that there is going to be considerable consumer pressure on cell phone providers to protect our information. This is crazy.

3. Now that we've entered the information age, it seems that much of our private life is out there for the right price. How do we address this new challenge?
Great question. Honestly, since none of us pay cash any more (it seems), every transaction is logged somewhere. We have GPS locators on our phones and in our cars (on-star etc.)

The only thing we can do, which is getting increasingly difficult, is to hide our Social Security number. Don’t put it on your drivers license, don’t give it to anyone that doesn’t need it, find an alternate ID number to use for non-tax-related services. At least this way, your identity is safer…but still not safe.

It’s always encouraging to see that some people embrace every new technology. Over at democrats.com, they are asking readers to use these services to spy on republicans. Very mature.


Reminds me when that patriotic old couple released a recording of Newt Gingrich a few years back.

And you don't think we'll see similar threads in the usual conservative hangouts like Red State, Free Republic, Little Green Footballs, etc once they get wind of this? This was broken on liberal blogs first, so I expect they are ahead and there will be people seeking to use this information for unscrupulous reasons. They might even seek to use this information for good reasons, but that doesn't make it right to use it. I can certainly see someone trying to get Karl Rove's phone records during the time period of the Plame outing. That is part of the reason why I started this topic, clearly this information will be used in this way now.

While I appreciate your anecdote I don't want this to turn into some sort of partisan slugfest, I think the issue is a lot bigger than party politics.

Some good might come out of this though, if these folks at Democrats.com actually do succeed in getting this information it might prompt legislation to be passed. Politicians tend not to care about some issues like this until it effects them personally.

Well, no I don't, but I don't frequent those sites. And even if I did, dismissing this as a "thread" is a bit rich, given that Bob Fertik himself wrote the post I quoted. He is one of two Democratic party consultants that launched democrats.com. I suppose some of the right-wing fever swamps engage in this kind of stuff, too, but you'll have to post it for me to see it. Anyway, no it's not a partisan issue. Just thought it was worth mentioning, since it was so topical. Why debate an abstract when we have a real-life example.


I hear you and agree again that this is much bigger than politics.

Wasn't it Jeb Bush's social security number that was published online in Florida by a consumer protesting that her credit report was made public? that got some people moving right quick as I recall.

Beyond consumer outcry, I'd vote to give cell phone records the same threshold of protection as land lines, and similar levels of protection for medical records, video rentals, internet access, library cards, etc.

Can I get an AMEN?? It would be nice to talk about something that isn't literally drawn down party lines in indelible ink.

However, CJ, I've looked long and hard and can't find any Republican sites (I even checked humanevents and the nationalreview.com) that have anything of this nature. It's hard to stand behind something like that without sounding a little partisan... and honestly saying "it won't be long before the republicans do it" isn't the earnest admonishment that I'd hope for.

The most frightening part is that this isn't on network news, and that the Big 3 carriers haven't begun to jump through hoops to have this stopped. If Amex allowed people to legally purchase a list of my charges I'd be ready to explode! Can you imagine???....

It was a little bit of investigative reporting done by a blogger over the course of the past few days. On his latest entry (linked in my opening post) it says that there will be a special on CBS News tonight (1/12/2006) about it. It makes sense that the people at democrats.com knew about it because it has been making it's way around the liberal blogosphere, AmericaBlog is liberal as are all of the sites I've seen it on.

I'm not making some sort of comment about Republicans, I'm making a comment about human nature. The reason that they aren't talking about it yet is because they don't know about it but once it gets around and gets some media attention I can guarantee they will be talking about it.

There are people of all political stripes that would use this information with both good and bad intentions, up to and including actual politicians and campaign operatives. Once it spreads and becomes general knowledge that is a certainty, right now not many people know about it.

My point was that I was trying to deflect where carlito was taking the discussion by using democrats.com as an example.

Now with all of that out of the way I hope we can have a productive discussion

I heard about this yesterday. I think it was on Al Franken's show.

He focused on the "spy on Bush" aspect of it, just as democrats.com did. Needless to say, it took away some of the seriousness of the issue.

1. Should cell phone records be available to the general public, or is this a violation of your privacy?

I guess we all need to read (or re-read) the privacy agreements we have with these companies.

2. Who should be responsible in your opinion for fixing this problem, the federal government (via legislation) or the cell phone companies (by protecting your information)?

The companies. The one which convinces people that it will protect their information will win market share.

3. Now that we've entered the information age, it seems that much of our private life is out there for the right price. How do we address this new challenge?

Remember www.zabasearch.com? Last year a guy I know used it to track down his ex-girlfriend's new boyfriend: where he lived, what he did for a living and a lot more information. It ate him up inside that the new guy was a bigger loser than he was.

In the past, what you did in public was not private. We all need to understand that the internet is not private and take steps to protect ourselves. I don't need Big Brother to watch out for me, thank you very much.

Yep, I sure do In fact I started a topic on it which didn't prove to be very popular.

I don't believe the issue is putting your information on the internet, what you do by choice is up to you. The problem is that because of advances in technology almost every aspect of our lives is digitized these days.

If you really wanted to I bet you could do everything you needed to online and never leave your home. Anything related to banking can be done online, you can do work online without leaving your home (provided you have a white collar office job), you can buy groceries, medicine and household goods online, you can connect socially with people through places like - the list goes on.

The problem is that our laws are simply not equipped to deal with or regulate these changes in society. The internet in general is almost completely unregulated and that is both a good thing and a bad thing at the same time. But I believe it is high time we start taking a serious look at some of these things and formulate some laws to offer people reasonable protection. Technology improves everyday and with it so does our access to information, including information you shouldn't have access to.


Well that's Franken for you. It also illustrates the point I'm trying to make. Some people are going to use this information in ways they consider "just" even if they couldn't be further from the mark. Use of the information is not going to be determined by the political label you associate yourself with.

1. Should cell phone records be available to the general public, or is this a violation of your privacy? Of course this should be private. As was mentioned, this used to available only to law enforcement agencies, and even then only with a warrant. The fact that this should be private hasn't changed at all since then, only the ability to distribute the information has.

2. Who should be responsible in your opinion for fixing this problem, the federal government (via legislation) or the cell phone companies (by protecting your information)?

I'd have to say both. I'll address both thiese issues below.

3. Now that we've entered the information age, it seems that much of our private life is out there for the right price. How do we address this new challenge?



There is a very, very simple solution to this problem. Simply pass legislation that makes it clear that any information that isn't explicitly allowed to be available is deemed to be private (why this isn't the default assumption, I'm not sure). This would force potential distributors to get exceptions as new technologies make information available, thereby by default keeping the laws up to date with technology.

This would also put the onus on companies to protect your privacy, rather than look for ways to exploit it, as distribution of information would be illegal be default, rather than legal. In short, the people shouldn't have to expend time and effort to protect their privacy, companies seeking to exploit it should have to expend time and effort to get that privelege.

1. Should cell phone records be available to the general public, or is this a violation of your privacy?

If it results in fewer people yapping on those things, then could very well be a good thing. Maybe then people could actually learn to appreciate life outdoors without one of those things pressed to their ears all the time.

This is not a facetious post, by the way. Another benefit of this is that those who have proper concerns about government surveillance of cell phone conversations (which of course wouldn't be affected by privacy legislation - after all, government's so much happier regulating everyone else's behavior than disciplining its own) would then have all the more excuse to avoid using cell phones without ostracizing themselves from the rest of society. So if companies want to make these lists available, I say bring it on.

1. Should cell phone records be available to the general public, or is this a violation of your privacy?

Of course cell phone records should be private. I don't know what shocks me more, that they are available or that a company is profiting from the sale of these records.

2. Who should be responsible in your opinion for fixing this problem, the federal government (via legislation) or the cell phone companies (by protecting your information)?

I[/b]t is the responsibility of the cell phone companies. They have a duty to protect their clients privacy. However, since the cell phone companies clearly have not fulfilled their duties the federal government should step in AND fine each company that is involved.


3. Now that we've entered the information age, it seems that much of our private life is out there for the right price. How do we address this new challenge?
[/B]

I think we have to fight it on a case by case basis and set precedents.

What's the difference between this and let's say grocery stores who sell the spending habits of their customers to anyone interested? Grocery stores collect this information via those little "savings cards".

I don't see why transactions involving a company are private. Is it illegal (or unethical) for Amazon.com to tell you what other books people who bought the book you are looking at also purchased?

These disclosures are not of the information contained, only of the numbers you called. A number you called on public frequencies via a for-profit company.

Those don't contain personally identifiable information Amlord. I can't call a grocery store up and say I'd like to know what Amlord bought at your store last month, here is some cash. The reports that grocery stores sell are composed of aggregate statistics e.g. people who buy this, also tend to buy this as well and people who buy this product buy a lot more of it when it is on sale.



So you don't think that knowing what numbers you called is a violation of your privacy Amlord? This was only available in the past to authorities with a warrant. If I knew your cell phone number I could find out who you were talking to and this could be used for all sorts of unscrupulous purposes that violate your right to privacy.

If you were a celebrity of sorts it could be used for stalking. What if I found your number got your information, found out what your parents number was and then started harrassing them. If you were a public figure it could be used against you - anyone want to know who Karl Rove calls on a regular basis?

It is well established that in order to intercept or track calls you need a warrant so your "public frequencies" argument does not hold.

Amlord, I would have to say I am a little shocked at your stance. Exactly where would you say the line needs to be drawn, then? Almost everything you do on a daily basis is or soon will be recorded somehow. Should all that information be available publicly? While I can't say that this information is that much different than the store cards you cite, neither can I say this is that much different from making the actual content of such calls available. Both are, as you say, transactions taken over public frequencies through a for-profit company.

As I said in my response (agreement) with CJ's post...the solution to this is to make it clear that any and all information not explicitly made public via legislation is considered private (again, why this isn't the default assumption baffles me....but no one ever said our legal system needed to make sense). This would then raise the question "Why should such information be made available publicly?". I don't think there's any response to this that would outweigh the presumption of privacy. Why should anyone be able to access your phone records without your consent, or a warrant? All such matters should be addressed this way--why should they, as opposed to why shouldn't they. Otherwise, we will quickly find ourselves living in a world where essentially nothing is private. Is that the world we wish to live in?

For one thing, maybe it's because I have nothing to hide, but here's my stance:

If information is broadcast, then it is public. Cell phones are not encrypted and thus can be intercepted by anyone with the right technology.

What sort of sinister purpose can be accomplished by knowing who I called? OK, the FBI can profile me since they probably have a huge database of numbers with IDs. But Joe Citizen can't do much with that information unless he has other information that he gathered some other way.

I have said that I think this is a privacy issue between the company and the customer. If you (as a customer) don't want your usage sent to third parties you'd better make damn sure what's in your privacy agreement with your provider.

OK, I understand this line of reasoning...I use similar reasoning on other, similar matters....fingerprinting everyone, for example. However, in general, I only apply it in matters pertaining to security, and for access by law enforcement agencies. However, I begin to suspect that we may not differ that much in our opinions here. I would like to follow up on my contention that making your actual conversations available isn't much of a leap from making your phone calls available. The main difference being one is being recorded each time, the other is not....data storage prices will soon make the actual recording itself quite feasible if desired, and if it could be sold for a profit, it would be desired. It would seem your same logic would apply here, yet I suspect you would be against making these conversations public...correct? What really is the difference, ie, where would you draw the line? Availability shouldn't be the deciding factor, I don't think...because it won't be long before just about everything about your life will be available. You state that this should be between you and your phone provider. I don't have a problem with that. Shouldn't the presumption be, though, that unless your phone company explicitly informs you that such information is going to be made public (or actually sold, for a profit), that it will be private? This would then allow the market to decide the issue....sure, companies would garner the $110, but how many customers would they lose? Companies that promised to keep such information private could then compete on that fact. But the market can't determine such things if consumers aren't made completely aware of what's being offered. That will only happen if companies are forced to make such information available.

I'm going to have a hard time convincing you that this applies to you personally Amlord. Regardless of what anecdote I can come up with it would be incredibly easy for you to say "no that wouldn't apply" or "I don't care about that" because when it comes down to it I don't know you well enough personally to give you a solid reason why you personally should care about your privacy. If you don't care about it on principle then I'm afraid I can't do much more there.

What I can do is give numerous examples of how this might damage freedoms and institutions that we all consider to be important. So here is another potential abuse. Reporters cell phone numbers are very frequently public knowledge, and you can easily get them by getting in contact with the paper under the guise of legit business. Let's say that a reporter runs a story in the paper where an anonymous source is referenced and this story is particularly interesting or high profile. If you grabbed that reporter's phone records for the past few months then you could very likely determine who the source was or at the very least get it down to a short list of names. Something like that would seriously damage the press.

To add to CJ example if the phone records are public knowledge then techinically wouldn't that allow either the government or a third party working with a government official to do an end run around the law in requiring to get a warrant for the records? It is very disturbing how some companies like this incident or the data mining companies are actually making things easier for anyone whether a private citizen or a government official to collect and redistrubt information to others.

I guess I'd better re-state my position in broader terms.

When it comes to government action, my stance is that if there is a private solution available to most citizens then that is the avenue that should be taken.

Let's take health insurance and whether the government should provide it. It is my take that since there is a private sector solution for most citizens, the government should not be involved. In certain cases, local governments should provide assistance (for low income people, for example) if such assistance is cost beneficial.

In this instance, we must ask ourselves if there is a private sector solution and the answer is yes there is. Many companies have privacy policies that protect their customers. Other have limited policies which allow them to sell the information of their customers spending habits, demographics, tax bracket, you name it.

The fourth amendment protects citizens against government intrusion, not against the intrusion of other citizens. The government cannot be involved in protecting the "privacy" rights of every citizen from every other citizen. It is simply too large and complex of a job (not to mention one that is likely to either be abused or bungled).

The government must still get a warrant to get this information. It cannot be used in court without one. The citizens are protected from the government.

As for the reporter who is using his cell phone to contact some super secret informant: he has the same protections available to him as everyone else. Reporters have no more rights than you or I.

Government regulation is necessary because companies do not often want to do the "right thing". Tha majority of them only consider the bottom line when making decisions and this leads to unethical behavior in the absence of regulation. That is the reason we have laws to do things like regulate child labor, work saftey conditions, environmental policies, etc. In the past these were originally the responsibility of the company but they proved in each case they were not capable of protecting consumers and workers, so they had to be regulated.

Privacy really isn't any different, it just isn't regulated yet because the concept is relatively new and the government hasn't dealt with it properly. This problem has only begun in the last decade or so and it has really only started becoming a problem in the last few years due to advances in technology.



Ok, I'll show you why that isn't a solution. From the first link I provided, where the blogger bought his own records, we learn that the cellular company was Cingular. Why don't you go check out what Cingular's Privacy Policy has to say. Right at the top of the page it says:


I read through the whole thing and nowhere else in the document does it explicitly state that information, such as usage like you'd find on your monthly statement, can be sold or obtained by a third party without your consent.

So, in this case the blogger did not give the cell phone company consent to sell or distribute his information yet he was able to obtain information about himself and others (General Wes Clark) through these services.

Therefore:
1) The company did sell or make available this information to third parties without the customer's consent in violation of their own privacy policy...

OR

2) The company doesn't have the ability to protect this information and their privacy policy is worthless.

I don't care which way you look at it, either way your "private sector solution" is broken.

OK, I think we need to come to some definition of *government* then. Because, to me, courts and the law are *government*. So, if government is not set up to protect you against intrusion against privacy, the only alternative would be take matters into your own hands, and eliminate the threat. I doubt that is what you are advocating. Further, shouldn't protection of your privacy rights simply be assumed? If not, then exactly what is sacrosanct? As I said in my earlier post, the leap from public disclosure of your phone records to public disclosure of the actual conversations is only a very, very small step. Do you really think such recordings should be made available? Why would you think the governement should be required to get a warrant for such information, yet anybody else should have access without any due process? Wouldn't law enforcement then just get those records from somebody else? After all, what would then prevent me, Joe Citizen, from acquiring such information, and then simply giving it to law enforcement, without any search warrant? Without explicit or iimplicit government protection of privacy rights, then we have no privacy rights at all. I don't think anyone here thinks that would be a good thing.

After reading the policy, it is quite murky:



Given this information, if Cingular is following their privacy policy, then users are opting in to its usage. Of course, the opt in is probably passive (i.e. assumed).

If not, then the company is in breach of contract and should be held financially responsible.

By the way, I sent Cingular the following message:


I'll let you know if I get a response.

That's part of the problem though, let's say that I don't want my usage records out there for anyone to pick up. As you pointed out in the contract if you are on someone else's network then you are I suppose subject to their privacy policies which you never get the opportunity to read and consent to.

So there are a few big problems here.
1) I don't know when I'm going on to someone else's network and I'm never given the ability to confirm that I'd like to do that.

2) If I were to call Cingular and tell them that I didn't want my records to be available they couldn't do anything (reference the blogger's first article)

So where does that leave me? Taking on the whole cellular communications industry with a lawsuit? Even if you win (after spending incredible amounts of your personal money - lawsuits are about who has the most money) what changes?

That pretty much indicates to me the only available solution is government regulation. Do you have another one?

PS it'll be interesting to see what they tell you if they do respond.

1. Should cell phone records be available to the general public, or is this a violation of your privacy?

Who I call or who calls me is nobody's dirty dang bidness but my own. The records should not be made public.

2. Who should be responsible in your opinion for fixing this problem, the federal government (via legislation) or the cell phone companies (by protecting your information)?

Cell phone companies are in the business to make money. If selling your info makes money, they'll do it. That leaves the government to regulate and bring the stinkers up on charges, lay heavy fines, that sort of thing.

3. Now that we've entered the information age, it seems that much of our private life is out there for the right price. How do we address this new challenge?

Regulation is the only way when profit is involved. Profit has no morality, nor does it respond to the previously mentioned consumer pressure because every outfit will do it. It's just a matter of time. Think of it like public safety issues of years gone by. Why did industry clean up its environmental act? Why did vehicles start getting better gas mileage? Why did credit card interest rates go down?

Oh right. They did not. No regulation.

One can argue that Honda beat the pants off of the Big Three in the 1970s and that pushed better gas mileage. However, that's using common sense. The Big Three do not operate on common sense. A lot of American business does not operate on common sense. They need a Big Brother.

Exactly. In other words, don't deal with companies that divulge your information. That's taking matters into your own hands, and it's perfectly legitimate.


As we've been seeing in the news already, government is going to do this anyway. Even before these latest NSA revelations came out, we've had this thing called Echelon, which was (and probably still is) a huge data-mining project that existed during the Clinton Administration, and who knows how far prior to that. So any regulations will not affect government's ability to keep tabs on you. All they'll do is give you a false sense of security. Might as well tear the facade down completely.

I'm fine with that, providing that they are required to provide notice before disclosing such information. Regulation is, of course, the only way that will happen. How can you take matters into your own hands if you have no idea what the matter is?



So, your basic argument is that we're going to lose all privacy anyway, so we should just give up without a fight?

That isn't a solution if everyone does it and cell phones make for a good example here. If you really feel like it go check out the privacy policies for all the major carriers, I bet they'll all be nearly identical. Yet, using these services I'm sure you could pull data for any user in the country. The blogger cited in the article pulled data for at least two different carriers. If I felt like blowing a few hundred bucks I could prove you can get this information from other carriers as well.

Now I'm sure your response is going to be "don't use cell phones" which is completely and totally ridiculous and impossible. They are a part of our world and they are here for the duration, each year more people use them and less people use land line phones. Suggesting that we don't use them is a non-solution.

So if you have an industry that is either unwilling or unable to police itself then the government has no choice but to step in.

For what it's worth, Cingular sent me a response (it only took them a little more than an hour, actually):



So it seems that these companies are stealing the information, at least according to Cingular. I believe we already have laws regarding corporate theft, so how does that change the debate?

Interesting response (and thanks for posting it ), although I tend to take any response from the customer service department on the subject of hot or political issues with a grain of salt.

I also don't feel that is really a valid answer either, it doesn't comfort me that the records are being stolen any more than it would if Cingular was violating their privacy policy. I think the answer is somewhere in between in this case. I think the records are probably someplace that isn't secure and some companies have created a business around mining and selling these records. That wouldn't technically be theft and it would be a messy legal matter to address.

This also doesn't really address the larger problem. More and more of our life is online these days and that is going to continue and in a lot of cases is completely unavoidable. Our current laws are simply not equipped to deal with these issues and therefore it is incredibly easy for your privacy to be violated or your identity to be stolen or compromised.

I think it does change it, although, as with CJ, I question the validity of their response. I find it a bit alarming that Cingular's private network and *secure* business data is so easily accessible that not only can someone else get it, but they then have the temerity to turn around and sell it in the open. That would be somewhat like robbing someone's house, and having a yard sale next door selling the stuff. Strikes me as, to say the least, questionable.

But, supposing what they say is true, shouldn't Cingular have obligations to keep what they say is private...private? I think where we're headed is something similar to HIPAA regulations, where if you don't have proper procedures in place to safeguard confidential information, then you're guilty regardless of whether you authorized someone to access it or not. The term *reasonable and proper* should apply here. I can't see that reasonable and proper means would have been used by Cingular if someone so blatantly accesses their records.

Well it looks like my Senator from Illinois Senator Durbin is working to ban this practice.

DURBIN BILL WOULD STOP THE SALE OF CELL PHONE CALL LISTS



Hopefully more Senators get on board to protect our privacy with this issue as well as other issues.

What's completely and totally ridiculous is this notion that there's some Mighty Hand of Fate pushing us inexorably in one direction, that's impossible to resist. It's nothing but a modern superstition. Land line phones were once "part of our world" until people decided that the disadvantages outweighed the advantages. The principle is every bit the same with cell phones.

Now if you want to argue that cell phones are somehow necessary (even though we got by fine for a long time without them), have at it. But arguments from historical inevitability carry absolutely no weight with me.

It doesn't have anything to do with the hand of fate pushing us in some direction, it has a lot to do with advances in technology and changes in the way we work. In many industries today, staying ahead is all about staying connected and informed and cell phones are one of many devices that enable that to happen.

You argument seems to be nothing more than an anti-technology one, we also got by just fine for a long time without refrigerators, TV, radio, even cars. I really don't see your point.

It looks like this story finally has some traction, thanks to AmericaBlog Congress is now working on legislation to protect consumers and the Washington Post has picked up the story. Pretty cool for a blog.



This article also offers a little bit of insight into how the companies got this information annd notes that the FCC is investigating:


Looks like I called it right from the beginning:


The problem is that the focus is really too narrow here, Congress is just entertaining plugging this particular hole. There are scores of ways your privacy can be violated in our digital world and this doesn't address them.