Privacy groups have asked the U.S. FCC to declare that even "anonymized" phone records have to be protected under a privacy rule that restricts carriers from sharing customers' information without their consent.
The petition filed before the Federal Communications Commission comes in the wake of reports that U.S. carriers like Verizon and AT&T were sharing phone records in bulk with the U.S. government.
The groups cite research to state that even so-called anonymized call records have sufficient information to link back to specific individuals. "When a carrier purges individual identities from a set of call records but leaves individual characteristics (such as incoming and outgoing calls, call times, and call durations) intact, the records are not anonymous at all; they are pseudonymous," according to their petition filed Wednesday before the FCC.
Section 222 of the Communications Act instructs carriers that, with few exceptions, they have to get customers' consent before they can share "customer proprietary network information," also referred to as CPNI, wrote Laura Moy, staff attorney at Public Knowledge, one of the groups filing the petition, in a blog post.
The groups found that all four major mobile carriers - AT&T, Sprint, T-Mobile, and Verizon - have privacy policies that suggest that they consider it okay to sell or share the records. "We don't know whether or not they actually are selling CPNI, but the fact that they think they can is alarming," Moy wrote.
Click headline to read more--
Via Chuck Sherwood, Senior Associate, TeleDimensions, Inc