[Congressional Bills 110th Congress] [From the U.S. Government Publishing Office] [H.R. 852 Introduced in House (IH)] 110th CONGRESS 1st Session H. R. 852 To prohibit the obtaining of customer information from telecommunications carriers by false pretenses, and the sale or disclosure of such records obtained by false pretenses. _______________________________________________________________________ IN THE HOUSE OF REPRESENTATIVES February 6, 2007 Mr. Inslee (for himself and Mrs. Blackburn) introduced the following bill; which was referred to the Committee on Energy and Commerce _______________________________________________________________________ A BILL To prohibit the obtaining of customer information from telecommunications carriers by false pretenses, and the sale or disclosure of such records obtained by false pretenses. Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE. This Act may be cited as the ``Consumer Telephone Records Protection Act of 2007''. SEC. 2. FINDINGS. Congress finds that-- (1) customer telephone records may be accessed without authorization of the customer by-- (A) an employee of the telephone company selling the data; (B) ``pretexting'', whereby a data broker or other person pretends to be the owner of the phone and convinces the telephone company's employees to release the data to them; or (C) unauthorized access of accounts via the Internet; and (2) because telephone companies encourage customers to manage their accounts online, many set up the online capability in advance. Many customers never access their Internet accounts, however. If someone seeking the information activates the account before the customer, he or she can gain unfettered access to the telephone records and call logs of that customer. SEC. 3. UNFAIR AND DECEPTIVE ACTS AND PRACTICES IN CONNECTION WITH OBTAINING CONFIDENTIAL PHONE RECORDS INFORMATION OF A COVERED ENTITY. (a) Prohibition on Obtaining Confidential Phone Records Information Under False Pretenses.--It shall be unlawful for any person in interstate or foreign commerce to knowingly and intentionally obtain, or attempt to obtain, confidential phone records information of a covered entity, by-- (1) making false or fraudulent statements or representations to an employee of a covered entity; (2) making such false or fraudulent statements or representations to a customer of a covered entity; (3) providing a document to a covered entity knowing that such document is false or fraudulent; or (4) accessing customer accounts of a covered entity via the Internet, or by means of conduct that violates section 1030 of this title, without prior authorization from the customer to whom such confidential phone records information relates. (b) Prohibition on Sale or Transfer of Confidential Phone Records Information.-- (1) Except as otherwise permitted by applicable law, it shall be unlawful for any person in interstate or foreign commerce to knowingly and intentionally sell or transfer, or attempt to sell or transfer, confidential phone records information of a covered entity, without prior authorization from the customer to whom such confidential phone records information relates, or knowing or having reason to know such information was obtained fraudulently. (2) For purposes of this subsection, the exceptions specified in section 222(d) of the Communications Act of 1934 (47 U.S.C. 222(d)) shall apply for the use of confidential phone records information by any covered entity, as defined in section 7. (c) Prohibition on Purchase or Receipt of Confidential Phone Records Information.-- (1) Except as otherwise permitted by applicable law, it shall be unlawful for any person in interstate or foreign commerce to knowingly and intentionally purchase or receive, or attempt to purchase or receive, confidential phone records information of a covered entity, without prior authorization from the customer to whom such confidential phone records information relates, or knowing or having reason to know such information was obtained fraudulently. (2) For purposes of this subsection, the exceptions specified in section 222(d) of the Communications Act of 1934 (47 U.S.C. 222(d)) shall apply for the use of confidential phone records information by any covered entity, as defined in section 7. SEC. 4. NONAPPLICABILITY TO LAW ENFORCEMENT AGENCIES. Section 3 shall not prohibit any lawfully authorized investigative, protective, or intelligence activity of a law enforcement agency of the United States, a State, or political subdivision of a State, or of an intelligence agency of the United States. SEC. 5. TELECOMMUNICATIONS CARRIER NOTIFICATION REQUIREMENT. Section 222 of the Communications Act of 1934 (47 U.S.C. 222) is amended-- (1) by redesignating subsection (h) as subsection (i); and (2) by inserting after subsection (g) the following new subsection: ``(h) Notice of Violations.--The Commission shall by regulation require each telecommunications carrier to notify the customer of any incidents in which such telecommunications carrier becomes or is made aware in which customer proprietary network information relating to such customer is disclosed to someone other than the customer in violation of this section or section 3 of the Consumer Telephone Records Protection Act of 2006.''. SEC. 6. ENFORCEMENT BY THE FEDERAL TRADE COMMISSION. A violation of section 3 shall be treated as an unfair or deceptive act or practice in violation of section 5 of the Federal Trade Commission Act (15 U.S.C. 45). All of the functions and powers of the Federal Trade Commission under that Act are available to the Commission to enforce compliance by any person with such section, irrespective of whether that person is engaged in commerce or meets any other jurisdictional tests in the Federal Trade Commission Act, including the power to enforce the provisions of such section in the same manner as if the violation had been a violation of a Federal Trade Commission trade regulation rule. SEC. 7. DEFINITIONS. As used in this Act, the following definitions apply: (1) Confidential phone records information.--The term ``confidential phone records information'' means information that-- (A) relates to the quantity, technical configuration, type, destination, location, or amount of use of a service offered by a covered entity, subscribed to by any customer of that covered entity, and kept by or on behalf of that covered entity solely by virtue of the relationship between that covered entity and the customer; (B) is made available to a covered entity by a customer solely by virtue of the relationship between that covered entity and the customer; or (C) is contained in any bill, itemization, or account statement provided to a customer by or on behalf of a covered entity solely by virtue of the relationship between that covered entity and the customer. (2) Covered entity.--The term ``covered entity''-- (A) has the same meaning given the term ``telecommunications carrier'' in section 3 of the Communications Act of 1934 (47 U.S.C. 153); and (B) includes any provider of IP-enabled voice service. (3) Customer.--The term ``customer'' means, with respect to a covered entity, any individual, partnership, association, joint stock company, trust, or corporation, or authorized representative of such customer, to whom the covered entity provides a product or service. (4) IP-enabled voice service.--The term ``IP-enabled voice service'' means the provision of real-time voice communications offered to the public, or such class of users as to be effectively available to the public, transmitted through customer premises equipment using TCP/IP protocol, or a successor protocol, (whether part of a bundle of services or separately) with interconnection capability such that the service can originate traffic to, or terminate traffic from, the public switched telephone network, or a successor network. <all>