Slashdot Mirror
Your Cell Records For Sale Online, Cheap
AviN456 writes "The Chicago Sun-Times is reporting that your phone records are for sale online to the general public. From the article 'The Chicago Police Department is warning officers their cell phone records are available to anyone -- for a price. Dozens of online services are selling lists of cell phone calls, raising security concerns among law enforcement and privacy experts.' One of these sites is selling cell phone records for $110 for a month's worth of calls. No court order needed, no credentials required. If they want your records and have the money, they get 'em."
If there is a market for it, then why not let the phone companies make some bucks out of it? There is little information to be gained from the meta information of my phonecalls. But you would want some ways to opt out of it so persons and companies concerned about it could have the call to and from their number not listed.
The downside is offcourse that if this will be allowed, every phone company will make it their standard, and if you want out of it you have to pay more for the priviledge. So maybe restricting them from both ways (the info only goes out with a search warrant) is a better solution.
And now on to RTFA...
This space is intentionally staring blankly at you
Maclean's Magazine did a story on this in November. The magazine purchased the Canadian privacy minister's phone records.
Beautiful way to make a point.
http://request-header.info
we-eel, not exactly.
I can follow you, right? So, I can sit outside your house, wait for you to come out, follow you to the store, your office, etc, and wait outside until you come out and then follow you some more. I didn't impinge on your privacy because I didn't follow you _in_ or watch what you were doing or listen to your conversations.
So it is here. I can purchase a list of your telephone calls - in other words, follow the path your phone took. But, I'm not purchasing recordings or transcripts of the calls themselves.
I don't think the 4th amendment applies here.
-S
At this point, having a cell phone is not just a matter of convenience for the owner, it's a matter of consideration for the owner's friends (assuming he has any). It's much easier to meet up with people, much more convenient to know when to expect an arriving friend, etc. when all parties involved have cell phones.
My girlfriend refused to have one for the longest time, and I got really tired of waiting on her to meet me for dinner with no way to find out where she was or why she was late, really tired of trying to give her directions from random gas station pay phones to places, etc.
It's entirely possible to have and use a cell phone and not be a jerk about it, but I firmly believe that obstinately refusing to have one is just rude.
JRjr
In the past, just the privileged few could obtain phone records. Politically connected or wealthy people could bribe the right people and obtain anything they wanted.
Now, anyone can do it. Turnabout's fair play - as far as I'm concerned. I like seeing rich pols exposed.
I've been busy lobbying to get the video archives of the New York Police made public as well.
Why should the police be the only ones with access to this footage? (I'll tell you why... if enough of it was made public, lots of NY's finest them would wind up fired or in jail.)
Maybe I'm better off starting a data broker business overseas and publishing it myself.
"Her mouth hangs open, and she appears near tears. 'Oh my God," she says finally. "I didn't realize this was possible. This is really alarming.'"
For he today that sheds his blood with me shall be my brother.
...using web pages and links you can form a 'person rank' from the calls people make. This has many applications. For example if you want to figure out how to influence the most people with the least money these may be the people whose opinions are the most widely sought and hence the people for you to call.
-- SIGFPE
I have seen the bulletin. In it they indicate that they conducted a test and placed an order to get the records of one of the agency's own cell phones. A little while later an unknown person called that cell number and said they worked for the cell phone provider. The person then asked for some information about the subscriber. Some time later they got an email with "call records".
A little social engineering can go a long way. If a "service technician" calls asking me for information, I'm going to tell him I'm George W. Bush.
Heck is a place for people that don't believe in gosh.
My cell phone calls are my personal effects.
In the case of phone records, I think it would be more accurate to describe them as historical records, in which the telephone company, the caller and the call recipient have all played a role.
If the telephone company chooses to release the information about the call later, for profit, it doesn't seem like they under a strong ethical bond not to. Yes, it would be more discreet of them not to sell the information, but in this context, I don't think not being discreet should rise to the level of requiring legal penalties.
The reasons that this information gets out in this way would seem fall into two categories: a) the telcos are sloppy and allow access to the information, either directly from the outside, or through employees stealing it from the inside, b) the telcos are profiting directly by selling it to third parties.
If we ignore a) (but hope that the telcos do not) and focus on b), one way to deal with this would be for the telcos to offer a 'discretion' option on your account for a small fee. For example, you pay a dollar (or three or five) a year, and they make sure that nobody without a court order gets a copy of your logs (ignoring spies, the NSA, executive orders, and so on for the moment).
My guess is that the telcos would stand to make a lot more money from a lot of people paying a small amount than a relatively small number occasionally paying a few hundred dollars for records.
The people that paid the 'discretion' fee would feel better because they had a binding agreement with the companies not to reveal their (shared) history, except by court order. The people that don't care don't have to pay the fee and presumably won't feel outraged when their records are purchased by Sixty Minutes or their ex-boyfriend.
Why the small fee? Among other reasons, it would be an incentive for companies to make this a standard option that you can check off on your account, rather than something hidden at the end of the contract in small print, accessible only on obscure web pages, the location of which is traded around in lists by angry consumers.
I consult with financial broker dealers and they are often required to record "order line" phone conversations. We sell numerous "digital direct" recording packages for these clients. Some of them feed the information (via IP) to a central clearinghouse that stores and even analyzes orders. Sort of scary.
Maybe because for someone working undercover, who assumes that only the police (meaning, them) have access to cell phone call logs, this could easily get them killed.
Just think: you're a gang leader and suspect that someone in your organization is a narc. You have all of their cell phone numbers, because that's how you communicate, so you call up Locatecell and get the logs. The one who has the local PD in their logs gets a pair of cement shoes for Christmas.
While the rest of us could certainly be inconvenienced, or perhaps lose our jobs / marriages / etc., because of this, probably we won't have the same risk of ending up dead.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
After reading the SunTimes article I decided to call Sprint (my cell phone company). The people I talked to had never heard of this service. They told me that I needed to speak to fraud. After many attempts to get someone to listen I finally got a supervisor on the line. I explained that I did not authorize Sprint to disclose my address, name, and/or phone records with a third party. The supervisor opened the site and was shocked at what was available. I was transferred to a tech support person that I again explained the information release problem to. The technician told me he would get a phone from their stock of phones they use for testing and put the information from that phone into the website. After the technician verified the ability to gather information about a phone I was transferred to Sprint corporate security. Sprint corporate security was shocked that this type of service was available without a court order. I was assured that Sprint would not sell my information to a third party. The information about the site and news article was forwarded to the fraud and legal departments.
Last week, when talking to a rep from my bank, the first thing he said before asking anything important was "oh, wait, are you using a cell phone? because those are not secure and...", so I had to call from my regular land line. It was my first call to the bank's number, so maybe it's something everyone is supposed to know, but still, it surprised me.
The problem is that people are way too easily bribed into this sort of thing, and the information is just lying around at the cell phone provider for people to send out.
I was just thinking that it might be a worthwhile investment to buy a copy of my Senators' phone records and mail it to them. It might be the best way to make a point about privacy.
It's simple: I demand prosecution for torture.
No, your phone records are your providors business records. They can do with them what they want. Go read your TOS.
...
... call detail records, and bill summary. If you are a new customer of Sprint Nextel, you will receive a notice of your CPNI rights and further information on this topic from Sprint Nextel. When you have not already given Sprint Nextel your permission to use CPNI for certain marketing purposes, Sprint Nextel will give you 33 days after soliciting your consent before using your CPNI and Sprint Nextel will follow your directions if you choose not to provide your consent.
Maybe you ought to read yours. I use Sprint/Nextel and they spell it out in black and white:
Sprint Nextel protects the privacy of its local, long distance and wireless customers consistent with applicable law, such as the Federal Communications Commission's (FCC's) regulations that govern Customer Proprietary Network Information (CPNI).
CPNI includes, for example, the number and type of lines
In other words, if you don't give them explicit permission to give out your information, they are violating Federal law by doing so.