Verizon Wireless found that some employees viewed information from an Obama cell-phone account that has been discontinued for several months, the company disclosed last week. Verizon was investigating employees who saw the information, with and without authorization, and put them on paid leave. Later reports said some had been fired.
Verizon declined to comment for this story.
Information that is saved by mobile operators -- and that might be available to unauthorized or unscrupulous employees -- includes whom you talked to, when you called them or they called you, and for how long you talked, as well as text messages and voicemail, according to Ari Schwartz, vice president and chief operating officer of the Center for Democracy and Technology (CDT).
The information can also include your locations when you started and ended the call, as determined by cell towers or other techniques, CDT Senior Counsel John Morris said. The risk is greater with current accounts than with closed ones like the Obama record that was snooped, Schwartz said, because some types of data are kept longer than others.
There have been few cases of internal snooping on mobile records, at least ones that have seen the light of day, according to attorneys and analysts in this area. But neither are there clear protections, they charge.
"It is very easy to obtain wireless phone records of another person," said Chris Hoofnagle, director of the information privacy program at UC Berkeley's Center for Law & Technology. "How can you tell when your (authorized) employee is looking at records in an inappropriate context? That's the challenge that the phone companies have to deal with."
Phone-company employees snooping for fun would be one thing, but the danger seems to go beyond that to include information being passed to outsiders, such as private investigators, he said.
"There is at least some evidence ... there is a little bit of a market in which employees are improperly selling access to private information," said Kurt Opsahl, a staff attorney at the Electronic Frontier Foundation.
According to the Electronic Privacy Information Center (EPIC), online data brokers openly advertise on the Internet that for about US$100, they can provide information on all the calls made on a particular cell phone. Such information isn't interesting solely to celebrity-chasers, observers said. It could put average people in danger from stalkers or ex-spouses, for example.
Under standard procedures, no one at a mobile operator looks at an individual's call data record -- the combination of personal identity, dialled numbers, call times and financial details -- without the customer's permission, according to Tad Neeley, chairman of mobile operator Telscape. If a customer service representative needs to see the record to solve a problem over the phone, they ask the subscriber before opening it up. But the information typically is accessible to many people along the line, including those in administrative positions, Neeley said.
Information on incoming and outgoing calls is collected in a database as the month goes on, but the call data record doesn't exist until someone initiates a query to bring that data together with the customer's name, address, and account information, Neeley said. Then the bill goes out, on paper or as an e-mail message, for the customer's eyes only.
Carriers also need to be able to generate a call data record in response to a subpoena or a police search with a warrant, Neeley said.
But that doesn't mean that no one inside a mobile operator can, technically, create a call data record for their own curiosity, Neeley said. Even if the data is encrypted, some administrators and other employees will have passwords to view it.
Comverse, which provides billing software to mobile operators around the world, offers many tools for carriers to both secure their subscriber records from unauthorized users and keep records on what authorized users do with them, said Senior Vice President Kurt Silverman.
"In our systems, we'll know what you've done, if you did anything interesting," Silverman said. Verizon does not use Comverse's software, he said.
The legality of viewing cell-phone records isn't always as cut and dried as relying on a subpoena, warrant or customer permission, privacy experts said.
Improperly viewing phone records, whether for landline or mobile phones, should fall under federal wiretapping laws, Berkeley's Hoofnagle said. But the statutes specifically addressing phone-record privacy are complicated and aren't always as strong for cell phones as for landlines, he said. A recent bill in the California legislature aimed to protect cellular information as tightly as landline phone bills.
"California tried to strengthen its phone records protections, and there was a very strong lobbying effort from the phone companies to prevent expansion," Hoofnagle said.
The federal government has cracked down on improper access to cell records with the Telephone Records and Privacy Protection Act. It was enacted last year in part to prevent "pretexting," where unauthorized people call a carrier and pretend to make a legitimate request for information. Following the Obama records incident, Sen. Patrick Leahy, chairman of the Senate Judiciary Committee, earlier this week the Department of Justice whether that law had been effective in protecting consumers' privacy. But whether the pretexting law covers this kind of internal breach will be a matter of interpretation, CDT's Schwartz said.
There isn't much a consumer can do to prevent phone-company employees delving into bill records, but Schwartz recommends that anyone concerned about it ask carriers about their privacy policies before signing up.
If a mobile operator promised its subscribers certain privacy protections and didn't deliver them, that could be grounds for a breach-of-contract suit or even an action by the U.S. Federal Trade Commission against deceptive practices, Schwartz said.
The fact that Verizon found out about these breaches and acted on them is actually a good sign that the industry may be moving in the right direction, Schwartz said.
Opsahl of EFF, which has clashed with the Bush administration over alleged illegal federal wiretapping in the case of Hepting versus AT&T, sees another possible silver lining.
The question of call-record privacy is key to Hepting vs. AT&T, where the government is alleged to have monitored who called whom on some carriers' wired networks. Voting as a U.S. Senator earlier this year, Obama approved a law that in part granted some immunity to carriers in such cases. Opsahl said this case may contain a lesson.
"It might help Obama understand the invasiveness of the warrantless surveillance program," Opsahl said.