[Congressional Bills 110th Congress]
[From the U.S. Government Publishing Office]
[H.R. 852 Introduced in House (IH)]







110th CONGRESS
  1st Session
                                H. R. 852

        To prohibit the obtaining of customer information from 
    telecommunications carriers by false pretenses, and the sale or 
        disclosure of such records obtained by false pretenses.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                            February 6, 2007

 Mr. Inslee (for himself and Mrs. Blackburn) introduced the following 
    bill; which was referred to the Committee on Energy and Commerce

_______________________________________________________________________

                                 A BILL


 
        To prohibit the obtaining of customer information from 
    telecommunications carriers by false pretenses, and the sale or 
        disclosure of such records obtained by false pretenses.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Consumer Telephone Records 
Protection Act of 2007''.

SEC. 2. FINDINGS.

    Congress finds that--
            (1) customer telephone records may be accessed without 
        authorization of the customer by--
                    (A) an employee of the telephone company selling 
                the data;
                    (B) ``pretexting'', whereby a data broker or other 
                person pretends to be the owner of the phone and 
                convinces the telephone company's employees to release 
                the data to them; or
                    (C) unauthorized access of accounts via the 
                Internet; and
            (2) because telephone companies encourage customers to 
        manage their accounts online, many set up the online capability 
        in advance. Many customers never access their Internet 
        accounts, however. If someone seeking the information activates 
        the account before the customer, he or she can gain unfettered 
        access to the telephone records and call logs of that customer.

SEC. 3. UNFAIR AND DECEPTIVE ACTS AND PRACTICES IN CONNECTION WITH 
              OBTAINING CONFIDENTIAL PHONE RECORDS INFORMATION OF A 
              COVERED ENTITY.

    (a) Prohibition on Obtaining Confidential Phone Records Information 
Under False Pretenses.--It shall be unlawful for any person in 
interstate or foreign commerce to knowingly and intentionally obtain, 
or attempt to obtain, confidential phone records information of a 
covered entity, by--
            (1) making false or fraudulent statements or 
        representations to an employee of a covered entity;
            (2) making such false or fraudulent statements or 
        representations to a customer of a covered entity;
            (3) providing a document to a covered entity knowing that 
        such document is false or fraudulent; or
            (4) accessing customer accounts of a covered entity via the 
        Internet, or by means of conduct that violates section 1030 of 
        this title, without prior authorization from the customer to 
        whom such confidential phone records information relates.
    (b) Prohibition on Sale or Transfer of Confidential Phone Records 
Information.--
            (1) Except as otherwise permitted by applicable law, it 
        shall be unlawful for any person in interstate or foreign 
        commerce to knowingly and intentionally sell or transfer, or 
        attempt to sell or transfer, confidential phone records 
        information of a covered entity, without prior authorization 
        from the customer to whom such confidential phone records 
        information relates, or knowing or having reason to know such 
        information was obtained fraudulently.
            (2) For purposes of this subsection, the exceptions 
        specified in section 222(d) of the Communications Act of 1934 
        (47 U.S.C. 222(d)) shall apply for the use of confidential 
        phone records information by any covered entity, as defined in 
        section 7.
    (c) Prohibition on Purchase or Receipt of Confidential Phone 
Records Information.--
            (1) Except as otherwise permitted by applicable law, it 
        shall be unlawful for any person in interstate or foreign 
        commerce to knowingly and intentionally purchase or receive, or 
        attempt to purchase or receive, confidential phone records 
        information of a covered entity, without prior authorization 
        from the customer to whom such confidential phone records 
        information relates, or knowing or having reason to know such 
        information was obtained fraudulently.
            (2) For purposes of this subsection, the exceptions 
        specified in section 222(d) of the Communications Act of 1934 
        (47 U.S.C. 222(d)) shall apply for the use of confidential 
        phone records information by any covered entity, as defined in 
        section 7.

SEC. 4. NONAPPLICABILITY TO LAW ENFORCEMENT AGENCIES.

    Section 3 shall not prohibit any lawfully authorized investigative, 
protective, or intelligence activity of a law enforcement agency of the 
United States, a State, or political subdivision of a State, or of an 
intelligence agency of the United States.

SEC. 5. TELECOMMUNICATIONS CARRIER NOTIFICATION REQUIREMENT.

    Section 222 of the Communications Act of 1934 (47 U.S.C. 222) is 
amended--
            (1) by redesignating subsection (h) as subsection (i); and
            (2) by inserting after subsection (g) the following new 
        subsection:
    ``(h) Notice of Violations.--The Commission shall by regulation 
require each telecommunications carrier to notify the customer of any 
incidents in which such telecommunications carrier becomes or is made 
aware in which customer proprietary network information relating to 
such customer is disclosed to someone other than the customer in 
violation of this section or section 3 of the Consumer Telephone 
Records Protection Act of 2006.''.

SEC. 6. ENFORCEMENT BY THE FEDERAL TRADE COMMISSION.

    A violation of section 3 shall be treated as an unfair or deceptive 
act or practice in violation of section 5 of the Federal Trade 
Commission Act (15 U.S.C. 45). All of the functions and powers of the 
Federal Trade Commission under that Act are available to the Commission 
to enforce compliance by any person with such section, irrespective of 
whether that person is engaged in commerce or meets any other 
jurisdictional tests in the Federal Trade Commission Act, including the 
power to enforce the provisions of such section in the same manner as 
if the violation had been a violation of a Federal Trade Commission 
trade regulation rule.

SEC. 7. DEFINITIONS.

    As used in this Act, the following definitions apply:
            (1) Confidential phone records information.--The term 
        ``confidential phone records information'' means information 
        that--
                    (A) relates to the quantity, technical 
                configuration, type, destination, location, or amount 
                of use of a service offered by a covered entity, 
                subscribed to by any customer of that covered entity, 
                and kept by or on behalf of that covered entity solely 
                by virtue of the relationship between that covered 
                entity and the customer;
                    (B) is made available to a covered entity by a 
                customer solely by virtue of the relationship between 
                that covered entity and the customer; or
                    (C) is contained in any bill, itemization, or 
                account statement provided to a customer by or on 
                behalf of a covered entity solely by virtue of the 
                relationship between that covered entity and the 
                customer.
            (2) Covered entity.--The term ``covered entity''--
                    (A) has the same meaning given the term 
                ``telecommunications carrier'' in section 3 of the 
                Communications Act of 1934 (47 U.S.C. 153); and
                    (B) includes any provider of IP-enabled voice 
                service.
            (3) Customer.--The term ``customer'' means, with respect to 
        a covered entity, any individual, partnership, association, 
        joint stock company, trust, or corporation, or authorized 
        representative of such customer, to whom the covered entity 
        provides a product or service.
            (4) IP-enabled voice service.--The term ``IP-enabled voice 
        service'' means the provision of real-time voice communications 
        offered to the public, or such class of users as to be 
        effectively available to the public, transmitted through 
        customer premises equipment using TCP/IP protocol, or a 
        successor protocol, (whether part of a bundle of services or 
        separately) with interconnection capability such that the 
        service can originate traffic to, or terminate traffic from, 
        the public switched telephone network, or a successor network.
                                 <all>