Why phone-record thieves laugh at the law

The Federal Trade Commission yesterday announced a $25,000 wrist slap against a scam artist who it acknowledges "earned" almost a quarter of a million dollars by illegally obtaining and selling telephone records through the use of pretexting.

An expert who has been tracking this chicanery and its practitioners for years tells me that at least in this instance the bad guy will/may end up paying some price, "compared to numerous past cases" where they paid zilch. He also says the pretexting problem, in general, is only going to get worse and predicts an "inevitable" repeat of HP corporate spying debacle.

From the openly self-conscious FTC press release:

In May 2006, the FTC filed federal court complaints charging five Web-based operations that obtained and sold consumers’ confidential telephone records to third parties with violating federal law. The agency alleged that the principals of the Web sites were pretexting – obtaining records using false pretenses or hiring others to do so – in order to get the records from phone companies. … The settlement announced with CEO Group, Inc., doing business as Check Em Out, and its principal, Scott Joseph, ends the litigation against them in that case. The FTC previously obtained settlements in two of the cases and a default judgment in a third case, and one case remains in litigation.

The settlement bars the defendants from obtaining, causing others to obtain, marketing or selling consumer phone records or other consumer personal information except where allowed by law, regulation, or court order. The settlement imposes a judgment of $222,381, the amount earned through the sale of consumers’ telephone records. All but $25,000 of the judgment is suspended based on the defendants’ inability to pay. Should the court find that they misrepresented their finances, the entire $222,381 will be due. The settlement also imposes bookkeeping and record keeping provisions to allow the FTC to monitor compliance with its order.

Can't you just see the FTC accountant with the green eye-shades lurking outside of Joseph's home?

We're talking wrist slap, all right.

Rob Douglas, a security consultant who has testified before Congress about pretexting issues and says he was personally involved in blowing the whistle on Joseph, believes the details of this case are illuminative.

"I think the fine itself is relatively small given the extent of the damage done," Douglas says. "The FTC though has to do an analysis of the ability of the defendant to pay and while I don’t trust what the defendants claim (they are, after all, professional liars), at least in this case there is an actual fine compared to numerous past cases where the defendant didn’t have to pony up a dime."

The dollar amounts involved here do give us a sense of scale of the problem, Douglas says.

"I do think what is interesting is the determination that just this one company had made $222,000 just in selling stolen phone records," he says. "That gives a good insight into how lucrative and how common this practice is.  Remember this is just one of hundreds of companies that were/are stealing phone records."

Despite much huffing and puffing from Washington and on the state level, Douglas doesn't see much progress being made in terms of stemming pretexting.

"There is little evidence that there has been much in the way of deterrence, as the practice of stealing records continues," he says, "with one of the most egregious cases just exposed in Washington State."

That case saw grand jury indictments handed down against 10 people.

Douglas doesn't even believe that corporate America has learned from the public-relations and legal costs incurred by HP when the company turned pretexters loose against its own board and members of the media.

"Not only will there be another HP fiasco, I am confident that the same practices continue today," he says. "Remember, Congress did their dog and pony show and brought a dozen of these information thieves before the committee investigating and they took the 5th.  To my knowledge that committee did not make referrals to the U.S. Attorneys for the appropriate jurisdictions to initiate investigations of those companies.  And I know for a fact that several are still in business and are just trying to stay further under the radar in plying their illicit trade."

His outlook for the future?

"Bottom line:  Theft by pretext continues and grows by the day."

Welcome regulars and passersby. Here are a few more recent Buzzblog items. And, if you'd like to receive Buzzblog via e-mail newsletter, here's where to sign up.

Santa's unimaginable data disaster to mean empty stockings on Christmas.

Gates on education: Knowledge is good.

Average Joe asks Bill Gates a priceless question.

BSA, software giants target little guys most often.

Can the geek press handle a Microsoft sex scandal?

Hacking for better grades gets 4 preppies bounced from elite school in Mass.

This year's "25 Geekiest 25th Anniversaries."

When the patient is a Googler and the doctor is a pompous jerk.

Cell phone jamming on the rise.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2007 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)