CC Adds to US Prohibitions against Pretexting

US regulators at the Federal Communications Commission (FCC) have created new rules aimed at preventing data thefts from phone companies – the practice known as "pretexting", by which consumer information is disclosed to unauthorized third parties. Congress has already outlawed any technique used to fraudulently obtain personal information (see an earlier issue of E-TIPS®: "US Close to Making Pretexting a Federal Crime", Vol 5, No 13, December 20, 2006). Now the federal communications regulator has prohibited the release by a carrier of personal data either over the phone or online unless the phone customer provides a password, and carriers will be obliged to notify customers of any breach of confidentiality. All US phone companies, whether fixed line, wireless or VoIP, must annually certify to the FCC their compliance with the new regulations. Additionally, they must summarize the complaints they have received regarding any unauthorized release of information and any action they may have taken against data brokers. Although a phone company will be obliged to notify customers of any data breach, significantly, before they do so they must first notify law enforcement authorities of the breach. For the text of the FCC news release dated April 2, 2007, visit: http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-272008A1.doc For a news report, see: http://news.com.com/2100-1037_3-6172705.html Summary by: The Editor