PIs Selling Phone Records Sued By The FTC 79
carl writes "According to an MSNBC article, the FTC has sued five different background investigation firms for selling confidential phone records." From the article: "In the lawsuits announced Wednesday, the FTC charged the companies used 'false pretenses, fraudulent statements, fraudulent or stolen documents or other misrepresentations, including posing as a customer of a telecommunications carrier' to get the phone records. The companies advertised on their Web sites that they could get the confidential phone records of any individual and make them available for a fee, the agency said."
Re:PLS... (Score:2, Informative)
Re:PLS... (Score:1, Insightful)
Never mind me...
And another thing... Why do I have to wait for over 5 minutes between posting anonymous replies? I realize it's flood protection, but 2 replies within 5 minutes would hardly make a flood. Something more reasonable, like a minute or two would be better.
Re:PLS... (Score:2, Insightful)
Re:PLS... (Score:3)
The acronym is not the problem so much as the font. Like the original poster, I also read that at P-L-S, and count not guess what it was supposed to mean. The font used for the title of the article makes capital-I and lowercase-L identical.
Re:PLS... (Score:1)
Re:Bush is invading our privacy! (Score:2)
Use a period to end a rhetorical question.
tch tch (Score:5, Funny)
Re:tch tch (Score:1)
Re:One detail at a time will be voluntary. har har (Score:2)
Re: (Score:3, Informative)
Don't Steal. (Score:5, Funny)
Don't steal. Your Government's surveillance programme hates competition.
Buy Instead (Score:4, Informative)
But they do love shopping in a free market:
FBI buys illegally acquired phone records for investigations [arstechnica.com]
Don't forget (Score:5, Insightful)
(Emphasis mine)
So when is the FTC going to charge carriers with improperly handling private information? I hope they don't forget to nail the carriers to the wall for handing out this information in the first place. If they wouldn't just give the information away to every Tom, Dick, and Harry that called without verifiying they are who they say they are, there wouldn't be as much of a problem would there? Some simple ways to avoid giving the information to the wrong person might include calling them back on their cellphone or sending the information to the address that gets the bills. Selling this information is wrong, but the carriers are just as culpable for giving it out without proper verification.
Re:Don't forget (Score:1)
Re:Don't forget (Score:1, Informative)
You can't really secure against social engineering (Score:4, Informative)
There isn't really much way to be "secure" against social engineering because it exploits the one system you can't secure - the human mind. I know people who do this sort of stuff (I don't mean theft though heh) for fun on a fairly regular basis and they can all screw with pretty much any person. It's really amazing how easily you can manipulate someone of any personality type, actually. heh.
The only people who I've found to be highly resistant to any sort of social engineering are the type of people who know how to do it as well. It requires a certain mindset to be able to catch on to when a person might be trying to manipulate you. Unfortunately that sort of mindset usually involves always having a certain amount of suspicion towards peoples' statements all the time...
Some reading material:
http://www.securityfocus.com/infocus/1527 [securityfocus.com]
http://www.morehouse.org/hin/blckcrwl/hack/soceng
http://www.kuro5hin.org/story/2004/6/3/223758/226
http://rf-web.tamu.edu/security/secguide/V1comput
etc. etc..
Re:You can't really secure against social engineer (Score:3, Funny)
That's why I never interact with humans. Or at least that's what I tell my mom when she says I shouldn't eat dinner in the basement.
Re:You can't really secure against social engineer (Score:5, Insightful)
Why not? When you establish service with a company, they should require you to provide them with a security question and answer of your choosing, and not simply ask you to select a common one from a list. Then when someone calls to access information from your account, they simply read back the question to you, and wait for the answer. If it matches, fine, they can presume it's you. If you don't know the answer, then they don't give out any information. If you've forgotten, they can mail it to the billing address on record (or email it to the address on record) and you can call them back later. Why wouldn't that work?
Re:You can't really secure against social engineer (Score:2)
Because 80% of the people will forget their secret answer and then whine, cry, or yell to get what they want. The people on the phone, being people, will give in sometimes - hence the social engineering. As long as there is a human answering the call they can be duped into bending the rules. If a machine answers the phone the company ge
Re:You can't really secure against social engineer (Score:2)
However, that's a pretty amateur (and often minimally effective) way to social engineer some information out of a company employee. Did you look at the links I posted? It's far more likely that someone would pose as an employee of another department at the same company, or even a higher-up from "the head office in New York", for example. Think about
Mine does (Score:2)
I guess not all carriers do that... but yes, they should.
Re:Mine does (Score:2)
Re:Mine does (Score:2)
Re:Don't forget (Score:2)
They won't. The carriers paid their protection money^W^Wcampaign contributions to the RNC. These guys didn't, and that's why they're getting hammered. Hell, ChoicePoint and a whole host of other companies traffic in customer information all the time!
Ah nice... (Score:1, Redundant)
Good, the competition is eliminated...
SBC gives this stuff out for free (Score:4, Interesting)
Often, the customer service reps will read back the entire address, and sometimes, even the last for digits of the SSN. I found this out when I was ligitimately calling them because of a line problem.
I never had any problems adding service, removing service, or getting personal account information... all without identifying myself whatsoever. Need an address for a telephone number, call SBC and tell them you want DSL. The phone reps will "verify" your address by reading it back. Awesome, huh?
Re:SBC gives this stuff out for free (Score:3, Insightful)
Re:SBC gives this stuff out for free (Score:1)
When Time Magazine declares something to be "cool," it's completely passé.
<grrr
Re:SBC gives this stuff out for free (Score:2)
Re:SBC gives this stuff out for free (Score:1)
I haven't had a home phone for ten years. When I decided to go mobile, I *REALLY* went mobile. All of my experiences with SBC were done with my mobile phone.
Criminal Charges (Score:2)
Re:Criminal Charges (Score:2)
Re:Criminal Charges (Score:2)
Re:Criminal Charges (Score:2)
Re:Criminal Charges (Score:2)
Re:Criminal Charges (Score:2)
Re:Criminal Charges (Score:2)
Selling private information? (Score:2, Interesting)
Re:Selling private information? (Score:2, Informative)
The three nationwide consumer reporting companies are using one website, one toll-free telephone number, and one mailing address for consumers to order their free annual report. They are:
www.annualcreditreport.com
1-87
Credit Agencies! (Score:1)
ANYONE can claim that you owe them a debt and make a report to the credit agency at ANY TIME. The credit agency then happily reports that to everyone who asks as gospel but, you only get ONCE A YEAR to check that the information is accurate (unless you want to pay)!?!?!
That report (that probably has false information (if you pissed off a company)) is then used to set your loan rates, your auto-insurance rates, and a bunch of other un-credit related things!
WHAT KIND OF CRAP IT THAT
I agree but... (Score:2)
Also, they don't relay info for free either, other people wanting your info have to pay for it.
Still seems horribly broken though.
Re:Selling private information? (Score:2)
If that is the same "unified" website I visited 6 months ago- they go through no end of complexity to "hand off" your session to each credit agency; I lost track of how many times my browser was redirected and bounced off various URLs. I wasn't able to retrieve 2 out of the 3 credit reports because I couldn't supply correct login information, but I had cut+paste the username and password into a text document to save them, and pasted them back into the login pages.
Re:Selling private information? (Score:2)
Re:Selling private information? (Score:1)
I barely trust the government enough to keep all my private information, I definitely don't trust a private organization to keep track of my records. I don't give them permission to collect this information, I don't give them permission to sell my information, and I'd rather just not be a part of it so... where's the "opt out" button on their website?
Re:Solution? The Libertarian Party (Score:2)
Are they going to sue the FBI as well? (Score:1)
Re:Are they going to sue the FBI as well? (Score:2)
Re:Are they going to sue the FBI as well? (Score:2)
Ars Technica was the Source I refereced (Score:1)
"The FBI's long history of misconduct illuminates the necessity of judicial oversight. Requiring strict adherence to due process is the only way to promote accountability and ensure that our law enforcement agents are not abusing their authority. There is already evidence that law enforcement agents have misused information from data brokering services."
When you begin to break the law to enforce the law where do you draw the line? Illegally purchasing
Why steal? (Score:4, Interesting)
Then if you're entrepeneurial you take the names from the other 999 records and cross-reference them with divorce filings, call up and say "would it be useful to have proof that your soon-to-be-ex husband called Jennifer's Massage every payday?".
And those are some of the least damaging possibilities. Think how much money a crook could make tracking Wall Street traffic patterns.
Corps are never held to the standard of people (Score:2)
Ethical and Legal Private Investigation (Score:1)
I think its important to remember that licensed companies (by the state) that act on the behalf of their clients need to have some level of access to public data. The licensing agencies should be quite strict with offenders.
Just an aside: Popular media has imprinted so many strange ideas of what it is to be a PI, I think the service they provide is sometimes overlooked, especially in areas of family law or where the lo
Re:Ethical and Legal Private Investigation (Score:2)
Using your logic, any website should be able to sell the fact that I did business with them, when, for how much, and paid via whatever method. ISP's should be able to sell my browsing history, etc. Thats all complete BS, all of those should be pr
for great justice (Score:2)
hot quality! 100%!
Poor FBI (Score:2)
Can't let the terrists win, right?
Hold the phone! PIs Still Have a Chance! (Score:1)
Canada's Privacy Minister (Score:1)
Macleans magazine did an article where they got HER cellphone records. All the calls she had made on not only her office Cell, but her personal Cell as well.