I want to sue my phone company for releasing my personal info

[Astronuc]

The Privacy Act of 1974, Title 5, United States Code, Section 552a, protects against an invasion of privacy through the misuse of personal information by government agencies.

The key here is whether or not the government has misused private information, and this is the government, not the phone company.

It would appear that the phone companies have done nothing illegal or anything for which one could successfully sue them.

Since the government obtained the information without a subpoena or warrant, the question remains as to whether these actions constitute a violation of due process. There is a reason for having law enforcement of investigative/intelligence agencies obtaining a warrant - the protection against unreasonable 'search and seizure'. The Bush administration has decided to circumvent this protection. In a matter of 'national security' or rather 'common defense', it is certainly reasonable for the government to obtain a warrant after the fact if waiting for such a warrant would fail to prevent a criminal (violent or destructive) act. The law already provides that, but the Bush administration ignores it in favor of acting in secret. That's the big deal.

This document discusses - Presidential Authority to Conduct Warrantless Electronic
Surveillance to Gather Foreign Intelligence Information
http://www.fas.org/sgp/crs/intel/m010506.pdf

 

[Art]

Here's a very comprehensive article relating to america's privacy laws. The extract below pertains to Ivan's particular bone of contention,

CONSUMER PRIVACY IN THE INFORMATION AGE:
A VIEW FROM THE UNITED STATES

<snip>B. Communications-Related Information Held by the Private Sector

Americans are also concerned about the government's ability to access information held by the private sector, especially personal communications. As a result, under existing law, government agents must present a warrant to access telephone company facilities to conduct wiretaps. Postal employees may review mail content only for the purpose of determining the intended recipient's address. Postal regulations also limit government access to transactional data about postal based communications. For example, in order to record the return addresses of those who send mail to a particular address, a federal agency must provide the post office with a written statement justifying the mail "cover" on the basis of suspected criminal activity.(10)

One area in which U.S. law may be more comprehensive than that of our European counterparts is electronic communications. The Electronic Communications Privacy Act (ECPA) limits the circumstances under which federal and state government may access the contents of transactional data in both real time communications and stored communications.(11) Specifically, the statute prohibits eavesdropping on oral, wire, and electronic communications. ECPA recognizes that communications systems generate information about system users, so-called transactional data. Thus, the government can obtain basic subscriber information, including name, address, toll records, etc., only with a subpoena. The government must have a search warrant or court order upon a showing of specific and articulable facts demonstrating relevance to a criminal investigation, in order to obtain other transactional data such as a list of addresses to which a particular message was sent.

http://www.ftc.gov/speeches/varney/priv&ame.htm

As Astronuc said any legal recourse would probably have to be taken against the fed gov't rather than the phone companies unless there are individual state laws (which may well be the case) protecting consumers from such behaviour.

 

[BobG]

It's impossible for the average person to evaluate a program that's highly classified. That's why people have to rely on the checks and balances built into the system, such as Congressional oversight and the FISA court.

You can get a general idea of whether the program is legal or not by how each party reacted.

Qwest refused to comply, at some risk, because they felt complying would carry an equal risk. They would be in violation of Section 222 of the Communications Act.

The concern for the customer was also based on law: Under Section 222 of the Communications Act, first passed in 1934, telephone companies are prohibited from giving out information regarding their customers' calling habits: whom a person calls, how often and what routes those calls take to reach their final destination. Inbound calls, as well as wireless calls, also are covered.

The NSA bypassed the FISA court because of the chance that the FISA court might disagree - "don't ask the question because you might not like the answer". As long as the question was never asked, there was a chance that the program was legal. Asking the question could create a situation where there would be no doubt that the program was illegal.

Unable to get comfortable with what NSA was proposing, Qwest's lawyers asked NSA to take its proposal to the FISA court. According to the sources, the agency refused.

The NSA's explanation did little to satisfy Qwest's lawyers. "They told (Qwest) they didn't want to do that because FISA might not agree with them," one person recalled. For similar reasons, this person said, NSA rejected Qwest's suggestion of getting a letter of authorization from the U.S. attorney general's office. A second person confirmed this version of events.

Congressional oversight was very limited in this case due to the limitations in technical knowledge of the Congressmen and their inability to consult anyone who could educate them on the issue due to the security classification of the info. This is a problem. As important as security is, you have to give the people responsible for making decisions about the program the means to make a decision.

I think the chances of this program being illegal are quite a bit better than 50/50. In fact, given that there is a law that prohibits phone companies from releasing the info that the NSA wanted, I'm surprised Qwest was the only company that resisted.

By the way, here's the link to the USA Today story causing the current debate: NSA has massive database of Americans' phone calls

 

[Gokul43201]

Actually, no. People think so, but not legally so.

Why do you think it is so easy for law enforcement to get those records?

But don't the police need a warrant to access phone records ? I thought they did, but I may be wrong.

I thought it required judicial oversight if your right to privacy was going to be breached.

Edit : Just read Art's reference which corroborates my above point.

 

[Evo]

But don't the police need a warrant to access phone records ? I thought they did, but I may be wrong.

I thought it required judicial oversight if your right to privacy was going to be breached.

Edit : Just read Art's reference which corroborates my above point.

They need a subpoena, which would be easy to get.

 

[Ivan Seeking]

Which they didn't have. And they weren't about to get one for tens of millions.

The beauty of this approach [the law suit] is that it takes the process out of the hands of an inept and corrupt congress, and potentially puts ten or twenty million people [or more] in control through the legal process. If companies are afraid of civil repercussions when they compromise your privacy, they may start to act more responsibly.

The other part is that this creates a legal entity - the claimants in the class action suit - that is large enough to take on the corporations. And the money would attract the best lawyers in the nation. What is a reasonable price for violating my civil rights, times ten or twenty million.

Again, Russ, the entire point is to not rely on a corrupt congress that has already failed to protect my rights.

 

[Ivan Seeking]

Also, for those here confused about criminal and civil law, OJ Simpson was acquitted on murder charges, but convicted on civil violations, and sued by the family of his dead wife.

 

[Evo]

Which they didn't have. And they weren't about to get one for tens of millions.

The beauty of this approach [the law suit] is that it takes the process out of the hands of an inept and corrupt congress, and potentially puts ten or twenty million people [or more] in control through the legal process. If companies are afraid of civil repercussions when they compromise your privacy, they may start to act more responsibly.

The other part is that this creates a legal entity - the claimants in the class action suit - that is large enough to take on the corporations. And the money would attract the best lawyers in the nation. What is a reasonable price for violating my civil rights, times ten or twenty million.

Again, Russ, the entire point is to not rely on a corrupt congress that has already failed to protect my rights.

The companies would be protected it seems by what Astronuc posted. Any fault would be with the government if they acted inappropriately.

 

[Ivan Seeking]

Show me where. I see Astro make the assertion, but I see nothing saying the phone company can release the personal records for tens of millions at will.

This isn't like a targeted wire tap, this is mining.

 

[Ivan Seeking]

I just heard that law suits are already being filed.

 

[Evo]

Show me where.

This document discusses - Presidential Authority to Conduct Warrantless Electronic
Surveillance to Gather Foreign Intelligence Information
http://www.fas.org/sgp/crs/intel/m010506.pdf

If they requested the records with the intent to search for international calls, this seems to let the companies off the hook.

I don't approve of it, but the blame would lie with the president and government agencies. It's the "needle in the haystack", they took the whole haystack.

 

[Ivan Seeking]

They are randomly mining domestic call information. They are allegedly looking for patterns in large databases that suggest terrorist activity.

I agree that the government is a problem, but now the phone companies are as well. But this time there is something that can be done. And this time it won't matter if Bush and the Rove can dupe half the country.

 

[Evo]

They are randomly mining domestic call information.

Well, that's likely what they're doing but not likely what their reason for the request was.

I agree that the government is a problem, but now the phone companies are as well. But this time there is something that can be done.

I think the companies will be reluctant to turn over information in the future due to the flack this is getting, but I'm not so positive a suit will work. Too much gray area.

 

[Ivan Seeking]

Then why did Quest refuse; and they did refuse. They knew this was a problem.

 

[Evo]

Then why did Quest refuse; and they did refuse. They knew this was a problem.

Having dealt with Qwest, their record keeping is probably so bad, they didn't have anything to turn over and were trying to avoid embarrassment.

 

[russ_watters]

It could be a violation of the 1974 Privacy Act...

A lot depends on the wording of your service agreement with the phone company, which, I remember from previous threads, I had trouble tracking down. The "without his consent" part is key: by signing up for the service, you consented to whatever was in that policy.

At the very least every subscriber should request a copy of their personal files from the gov't to see what is being recorded about them. This should keep the gov't busy for a while. 'The devil finds work for idle hands'

You get a copy of your calling records from the phone company every month. For bigger customers, the phone company mails cd's.

The key here is whether or not the government has misused private information, and this is the government, not the phone company.

Ehh, to you (and me), maybe, but to Ivan (and a lot of other people), the privacy in and of itself is important as well.

Qwest refused to comply, at some risk, because they felt complying would carry an equal risk. They would be in violation of Section 222 of the Communications Act.


Quote:
Originally Posted by USA Today
The concern for the customer was also based on law: Under Section 222 of the Communications Act, first passed in 1934, telephone companies are prohibited from giving out information regarding their customers' calling habits: whom a person calls, how often and what routes those calls take to reach their final destination. Inbound calls, as well as wireless calls, also are covered.

Huh. Now that's interesting. If correct, it would be a pretty clear legal violation to turn over those records, but is it correct? From what I understand, companies hand over information like that all the time to the police without warrants or subpoenas (I think) - so wouldn't that make that illegal?

They need a subpoena, which would be easy to get.

Do they even need a subpoena?

 

[Moonbear]

Isn't it the phone companies information to do with what they want? They let you use their networks. Besides, they already make your phone number publicly available in the phone book. You should probably read that little pamphlet every company seems to send out that includes their privacy policy. Only if they violated what they've sent you in writing as part of your contract (continuing service with them after receiving that is considered agreeing to the contract) would you have a case in civil court as a breach of contract situation. Generally, unless you specifically request something different, those things all default to permitting them to disclose certain information to third parties (telemarketers, government, whoever they want).

 

[Evo]

From what I understand, companies hand over information like that all the time to the police without warrants or subpoenas (I think) - so wouldn't that make that illegal? Do they even need a subpoena?

You're right, it appears a subpoena may not be necessary in this case. Stored records of phones calls (numbers) apparently can be handed over according to the article Art posted.

For voice communications:
"ECPA allows for disclosure of information under certain exceptions: consent of one party; disclosure to service providers as a necessary incident of providing the service; and disclosure to law enforcement concerning inadvertently obtained evidence of a crime.

http://www.ftc.gov/speeches/varney/priv&ame.htm

 

[franznietzsche]

http://thinkprogress.org/2006/05/11/telcos-liable/

Stored records cannot be handed over without administrative subpoena, which the NSA does not have.

 

[Gokul43201]

For voice communications:
"ECPA allows for disclosure of information under certain exceptions: consent of one party; disclosure to service providers as a necessary incident of providing the service; and disclosure to law enforcement concerning inadvertently obtained evidence of a crime.

I don't understand what those exceptions mean. Will someone please explain them in simple-talk ?

 

[russ_watters]

I spent about 20 minutes googling and looking at privacy policies, but they are vague on the particulars regarding the circumstances under which a phone company can release the information. Even that quote you just posted, Evo - it doesn't explicitly say whether or not a subpoena is required. I'd really like to find something clearer, because that's kinda a critical part of this issue...

 

[Astronuc]

Ehh, to you (and me), maybe, but to Ivan (and a lot of other people), the privacy in and of itself is important as well.

Actually, I don't care what the government knows about me, as long as they leave me alone. They can spy on me as much as they want, as long as I am at liberty, I couldn't care.

 

[Evo]

http://thinkprogress.org/2006/05/11/telcos-liable/

Stored records cannot be handed over without administrative subpoena, which the NSA does not have.

The article is inaccurate, they site 2703, which does not cover voice, it covers electronic communications (e-mail etc...)

 

[Art]

The article is inaccurate, they site 2703, which does not cover voice, it covers electronic communications (e-mail etc...)

If you click on there FAQ link it says this

3. Does the SCA apply to phone records? Yes. The rules apply to an “electronic communications service,” which includes both phone and e-mail communications.

 

[BobG]

Isn't it the phone companies information to do with what they want? They let you use their networks. Besides, they already make your phone number publicly available in the phone book. You should probably read that little pamphlet every company seems to send out that includes their privacy policy. Only if they violated what they've sent you in writing as part of your contract (continuing service with them after receiving that is considered agreeing to the contract) would you have a case in civil court as a breach of contract situation. Generally, unless you specifically request something different, those things all default to permitting them to disclose certain information to third parties (telemarketers, government, whoever they want).

Not necessarily. The agreement/contract has to be legal in order to be binding.

In most places, if a tenant signs a lease agreeing to no pets, but later gets a pet while living in the house/apartment, the landlord can legally only do two things: require a pet deposit (it can't be 'unreasonably' high, but it can be high) and pester the tenant with empty threats. Same thing goes for kids - a landlord can't legally forbid kids from a house/apartment (even if it's 12 kids in a two bedroom apartment), can't forbid smokers, etc. (The lack of property rights for a landlord would be pretty controversial if they weren't such a small minority.)

The same principle goes for any other agreement you sign. The terms have to be legal in order for the terms to be binding (the overall effect of an unenforceable term in an agreement is kind of iffy, so buying a pet or starting smoking just to jump a lease usually wouldn't work).

 

[Amp1]

There is also a case to be made for a lawsuit. Although the phone companies have used a catch all phraseology in their contract, it only appears to let them off the hook. The truth of it is they are still liable. An example is the warnings and releases signed for amusement park rides, school trips, organized sports in schools and similar stuff. Even though it appears there isn't anything they can be sued over once you have signed or given consent in writing, they are still liable for a claim to be made against them. I believe the same thing applies in the case of the phone companies. It's misdirection, because you signed something that says you can't sue you will likely believe your powerless to do so but in reality you are not bound or prevented from bringing suit.

 

[loseyourname]

The beauty of this approach [the law suit] is that it takes the process out of the hands of an inept and corrupt congress, and potentially puts ten or twenty million people [or more] in control through the legal process. If companies are afraid of civil repercussions when they compromise your privacy, they may start to act more responsibly.

The other part is that this creates a legal entity - the claimants in the class action suit - that is large enough to take on the corporations. And the money would attract the best lawyers in the nation. What is a reasonable price for violating my civil rights, times ten or twenty million.

Use vonage or skype. I don't even own a phone and I've gotten along fine for years that way. If you don't like your service provider, stop using them. There are more direct ways to hurt a company than a lawsuit that is very unlikely to succeed. If those tens of millions of people simply dropped their service, imagine what that would do.

This shouldn't even be about legality, but simple market dynamics. When a company offers you a service and you don't like that service, you don't buy.

 

[BobG]

Use vonage or skype. I don't even own a phone and I've gotten along fine for years that way. If you don't like your service provider, stop using them. There are more direct ways to hurt a company than a lawsuit that is very unlikely to succeed. If those tens of millions of people simply dropped their service, imagine what that would do.

This shouldn't even be about legality, but simple market dynamics. When a company offers you a service and you don't like that service, you don't buy.

No doubt that this will help Qwest recover from their past problems. They suddenly went from being seen as scandalous and disreputable to heroic.

 

[Evo]

Wait, I found it.

ECPA permits the government to compel two kinds of information using a subpoena. First, the government may compel the disclosure of the basic subscriber information (discussed above in section C.1) listed in 18 U.S.C. § 2703(c)(2):

(A) name; (B) address; (C) local and long distance telephone connection records, or records of session times and durations; (D) length of service (including start date) and types of service utilized; (E) telephone or instrument number or other subscriber number or identity, including any temporarily assigned network address; and (F) means and source of payment for such service (including any credit card or bank account number)[.]


http://www.usdoj.gov/criminal/cybercrime/s&smanual2002.htm

 

[Art]

Evo are you confirming they do need a subpoena??

ECPA permits the government to compel two kinds of information using a subpoena.