Congress passes 'pretexting' phone records bill

The U.S. Congress has wrapped up its work for the year by passing a bill that would make it illegal to obtain a person's phone records without permission.

The Senate late Friday passed the Law Enforcement and Phone Privacy Protection Act, spurred in part by revelations in September that Hewlett-Packard Co. (HP) investigators had used deceptive means to gain access to phone records of reporters and company board members.

The bill, sponsored by Representative Lamar Smith, a Texas Republican, would make illegal the act of pretexting -- tricking phone companies into giving up private records by pretending to be a customer. The bill, which passed by voice vote in the Senate, allows prison sentences of up to 10 years and fines of up to US$500,000 for deceiving phone companies into handing over records such as phone logs.

The bill, which now awaits President George Bush's signature before it becomes law, also outlaws the sale of phone records and adds penalties for people who obtain phone records as a way to help commit a violent crime. Privacy advocates have worried that criminals are using phone records obtained through pretexting to stalk potential victims.

Smith praised the Senate for passing the legislation. "This data fraud can adversely affect Americans' lives," he said in a statement. "A careful study of these records may reveal details of our medical or financial life. It may even identify our occupation or physical location – a serious concern for undercover police officers and victims of stalking or domestic violence."

Members of Congress began raising concerns about the sale of phone records a year ago, after the Electronic Privacy Information Center in mid-2005 filed a federal complaint about dozens of Internet-based companies selling phone records for less than $100.

The issue gained traction late this year after HP officials revealed that investigators there had used pretexting to gain access to board members' and reporters' phone records in an effort to find which board members were leaking details of meetings. After members of Congress lectured HP officials about the use of pretexting in a September hearing, California Attorney General Bill Lockyer in October filed felony charges against former HP Chairman Patricia Dunn, a former HP legal counsel and three private investigators.

Last week, HP agreed to a $14.5 million settlement in the California civil lawsuit related to the company's spying scandal.

The civil suit made the same allegations that the state made in its criminal filing in October against the HP executives and investigators.

Trade group USTelecom, representing large telecom carriers, praised the Senate for passing the pretexting bill. The legislation will "reinforce the efforts of telecom carriers to ensure that customer records remain secure," Walter McCormick Jr., president and chief executive of USTelecom, said in a statement.