"It is very easy to obtain wireless phone records of another person," said Chris Hoofnagle, director of the information privacy program at UC Berkeley's Center for Law & Technology. "How can you tell when your (authorized) employee is looking at records in an inappropriate context? That's the challenge that the phone companies have to deal with."

Phone-company employees snooping for fun would be one thing, but the danger seems to go beyond that to include information being passed to outsiders, such as private investigators, he said.

"There is at least some evidence ... there is a little bit of a market in which employees are improperly selling access to private information," said Kurt Opsahl, a staff attorney at the Electronic Frontier Foundation.

According to the Electronic Privacy Information Center (EPIC), online data brokers openly advertise on the Internet that for about US$100, they can provide information on all the calls made on a particular cell phone. Such information isn't interesting solely to celebrity-chasers, observers said. It could put average people in danger from stalkers or ex-spouses, for example.

Under standard procedures, no one at a mobile operator looks at an individual's call data record -- the combination of personal identity, dialled numbers, call times and financial details -- without the customer's permission, according to Tad Neeley, chairman of mobile operator Telscape. If a customer service representative needs to see the record to solve a problem over the phone, they ask the subscriber before opening it up. But the information typically is accessible to many people along the line, including those in administrative positions, Neeley said.