David Gast <gast@cs.ucla.edu> (05/08/91)
I agree that it was improper for an AT&T employee to post information
about a telephone user's account to this forum if that information was
obtained from confidential AT&T sources. We should take a larger view
of the episode and consider if his personal actions are really so out
of line when compared to corporate policy. At one time I believe that
these actions would have been completely out of line with respect to
corporate policy, but with current plans to sell ANI, CID, TTGI, and
the like the emphasis on privacy has been reduced. (The following is
quoted from Marc's article referenced below).
"Protection of Personal Data in the United States," by William Caming
(The Information Society, pp.117-119, vol, 3., no. 2 (1984)). Mr.
Caming was for many years general counsel for AT&T.
"In testimony before the Privacy Commission, I said in behalf of AT&T
that we unreservedly pledged ourselves to . . . ensure that the Bell
System's commitment to the spirit of "Fair information" principles was
being fully realized. . . .
"Over the years, the Bell System has staunchly supported the concept
that the protection of its customers' communications and business
records is of singular importance. Time and time again, we have
stressed to the Congress and the Federal Communications Commission and
on other public forums that the preservation of privacy is a basic
concept in our business. . .
"Access to these records is rigorously restricted. They are not
released except pursuant to subpoena, administrative summons, or court
order valid on its face. . . . Exceptions to the foregoing policies
are extremely few in number."
----- end of quoted text -----
The problem in large part, I believe, is because telephone companies
like most of commercial America do not believe in privacy. Marketing
is perceived to be more important than privacy. Yesterday's paper had
a front page article about a person who was stealing mail and then
collecting credit cards by filling out the unsolicited credit card
offers. The paper noted that this one person could have caused up to
$200,000 damage. While that figure may be and probably is inflated
and while I certainly do not condone the actions of the mail thief,
part of the problem has been caused by the very actions of the credit
card companies. If they did not go around invading consumer's privacy
and then sending out unsolicited and unwanted offers that the PO will
not forward to the correct address because they are third class mail,
these thieves would not be able to go around and fill them out.
Last year I sent an article to the Digest which was written by Marc
Rotenberg of CPSR. (I believe that article is available as
rotenberg.privacy.speech in the telecom archives). Part of that
article was a letter to Dr. Bonnie Guiton in the US Office of Consumer
Affairs. He was writing primarily against selling TTGI (Telephone
Transaction Generated Information). The telephone companies want to
sell information about every single call every single person makes.
While we can be shocked and outraged that an AT&T employee would
provide information about an allegedly sleazy business's phone
records, why don't we make the same fuss when the telephone companies
propose to sell this information to anyone who will pay including
sleaze?
Many readers of this forum believe that AT&T should be able to sell
ANI information on incoming 800 numbers.? How would these readers feel
if AT&T proposed to sell 800 calling patterns to anyone that wanted to
buy them? Some readers of this forum believe that local telephone
companies should be able to sell CID info to the receiver of a phone
call even if the caller objects. Suppose that the telephone companies
proposed to sell CID info to anyone who wanted to buy? Suppose that
the company you call starts selling this information? The problem is
that society has not thoroughly debated much less decided that the
protections of the Communications Act of 1934 should be eliminated.
As Marc wrote: Perhaps the clearest statement in support of telephone
privacy can be found in the original Federal Communications Act of
1934:
No person not being authorized by the sender shall intercept any
communications and divulge or publish the existence, contents, sub-
stance, purport, effect, or meaning of such intercepted
communication to any person. (Section 605).
As the Congress recognized in 1934, telephone privacy means
more than simply protecting the contents of the communication from
unlawful disclosure. The confidentiality of phone communications
extends as well to toll record information, and the broader category
of TTGI.
John Stanley seems to support my argument that marketing is more
important than privacy when he writes:
While the passing of this information between LD carriers for use
in marketing LD services might be arguably ethical, using one's
position within AT&T to broadcast this stuff to the general public
certainly is NOT.
I hardly see how passing the information between LD carriers can
possibly ethical. Does marketing suddenly make an ethical activity
ethical? Additionally, passing the info among LD carriers could be
construed as collusion under the anti-trust laws. If I call someone,
I expect that information is private and confidential. Finally, I can
hardly agree that the marketing department should be privy to any
information that the general public should not be. As a result,
marketing departments should not receive personally identifiable
information.
DavidSteve Forrette <forrette@cory.berkeley.edu> (05/08/91)
In article <telecom11.341.9@eecs.nwu.edu> David writes: > Many readers of this forum believe that AT&T should be able to sell > ANI information on incoming 800 numbers.? How would these readers feel > if AT&T proposed to sell 800 calling patterns to anyone that wanted to > buy them? I think this would be improper. The reason I support the unconditional delivery of ANI for incoming 800 calls is that the recipient is paying for the call. If someone doesn't want to be identified, they shouldn't ask someone else to pay for the call. Revealing the information to a third party without the caller's permission is another issue entirely. Steve Forrette, forrette@cory.berkeley.edu
davids@mondo.engin.umich.edu (David Snearline) (05/08/91)
Along with the rest of the readers of the TELECOM Digest, I too was shocked when I read the Randy's post regarding the calling patterns of the local telemarketing scam. While I do not condone posting confidential information to the net, I am glad that he did, for the very reason that it reminds us how easily "private" information regarding our lives is accessed. The particular information that Randy posted was interesting, but not particularly damaging. I am sure that in this age of electronic information, far more sensitive information is distributed to individuals or corporations whom we would rather not have it. Randy's particular mistake was broadcasting the information in a public place, substituting the invasion of privacy on the part of the telemarketer for his own. Hopefully the net community will learn from this experience. David Snearline CAEN Network Operations University of Michigan Engineering