Verizon Wireless Leak Touches Policy Debates
Last week’s privacy gaffe by Verizon Wireless raises policy questions on the Hill and elsewhere, several players told Washington Internet Daily. Bills on state preemption and privacy relate to events like the wireless carrier’s accidental distribution of customer data, they said.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
A Verizon Wireless employee sent a contact list Aug. 21 as an attachment in Microsoft Excel format to about 1,800 customers. The attachment contained names, mobile numbers, equipment types and e-mail addresses of about 5,000 customers who use Motorola Razr phones. The employee attached the file instead of a marketing form. The carrier said it “quickly recalled” the e-mail but at least some recipients had read the attachment, triggering online discussion about whether the file could be exploited by identity thieves or data miners. Verizon Wireless said it “communicated” with all affected Razr owners, informing them of “quality control procedures” it had adopted. A spokesman said company policy will change and marketing e-mails no longer will add attachments.
“It really makes you wonder how often this happen and we don’t even hear about it,” said longtime privacy activist Robert Douglas of privacytoday.com. “You can argue it’s a small breach,” but the cumulative effect of all such breaches has become immense, he said. As more data slip into public view, consumers will look more to enforcement agencies to act not only against data miners or identity thieves but also the companies that let data leak. “Expect little to nothing” to happen in that direction, he said, because the FCC and FTC have shown no inclination to go after companies.
Firings and internal discipline, at least, are possible, Douglas said. In the recent high-profile AOL data leak, the CTO stepped down; other employees were fired or reprimanded, he said. The Verizon Wireless spokesman said the company couldn’t discuss personnel decisions “because of various privacy laws.”
The significance of careless data dissemination “is not lost on us,” said a spokesman for House Commerce Committee Chmn. Barton (R-Tex.). Barton, an electronic privacy advocate, is pushing hard to for HR-4943, the Prevention of Fraudulent Access to Phone Records Act bill, which passed the committee unanimously (WID June 23 p3), the spokesman said. Besides targeting pretexters and other data miners, the bill urges new data safety requirements for phone carriers and hikes raises for failing to comply to $300,000 an episode, up to $3 million.
Barton’s bill has languished, though he insists it and data security counterpart HR-4127 will move this Congress (WID June 22 p3). Staff for House Majority Leader Boehner (R-Ohio) didn’t comment by out deadline.
Though she called the Verizon episode a “serious breach,” Privacy Rights Clearinghouse Dir. Beth Givens said chances of serious consequences to Verizon Wireless are slim. “If it had been wireline, maybe” there would be more grounds for action, she said.