Is there not a way to just block the ability to direct dial International Calls at the Phone company level. That way a calling card could be used to only dial international?
If the phone company does not offer such a protection, they are in a manner condoning such abuse are they not?
I was also under the impression that YOU had to be the one that actually 'in good faith' placed the calls for it to legally billed to you. I am not sure about US/Canadian telecom laws?
If a stranger hacks my WIFI encryption in my neighborhood and downloads child prOn, warez, illegal MP3, etc.. through my router/IP that DOES NOT mean that I did it and I AM NOT responsible for those communications/transfers as I have made reasonable accommodations to prevent that (plus I shutter to think that any of my neighbors are into any of that).
I would simply be responsible for getting a better protected router or some other commonplace and reasonable standard process of WiFi protection.
Similarly, this firm likely had made reasonable efforts to NOT have their phone system hacked, and therefore did not make the calls and thus should not be made responsible for them. The phone company should protect their customers 'in good faith'.