Law enforcement using data brokers

Earlier bills to control sale of personal data was shelved by House leadership, so committee opened new hearings into just how easy it is to access bank statements, phone records, emails.
Written by ZDNet UK, Contributor

American's bank account statements, email messages and phone records are all available to sale, both to private sector institutions like banks trying to track down debtors and to law enforcement agencies. But the information could also be used by stalkers or estranged husbands, or other criminal elements. This is what a House committee learned last week in hearings on the sale of personal data on the Internet, Reuters reports.

The release of such data is creepy, perhaps illegal, bit it can also be fatal. A committee witness testified that an LA cop was shot down after drug dealers got his beeper information from a data sales firm.

"We had the impression that there were no secrets any more. Now we know that for sure," said Rep. Ed Whitfield, a Kentucky Republican and chairman of the panel's oversight subcommittee. "Such information, for example, could allow a stalker to find a victim or a threatening husband to find a spouse," said Rep. Diana DeGette, a Colorado Democrat who lamented that for $300 buyers can purchase the location of a cell phone that a person carries daily.

The problem was frequently discussed some months ago, but two bills to address the issue were mysteriously pulled by House leadership. Committee members said they suspected House leaders halted the bills because of their "potential implications on terrorism investigations," such as accessing phone records from Verizon Communications and other companies without subpoenas, Reuters reported.

The committee subpoenaed representatives from 11 companies that use the Internet and phone calls to obtain, market, and sell personal data, but they refused to talk. "What delicious irony," said Rep. Joe Barton, chairman of the full committee and a Texas Republican. "People who cheat and lie for the purpose of making money are now complaining that they cannot cheat and lie in private."

Some lawmakers shook their heads as former data broker James Rapp explained how easily and quickly he could obtain and sell a bank password or credit card record of committee members. Rapp said by offering a few pieces of personal information, such as a person's name and address, pretexters con a customer service representative into revealing other information. After a few inquiries, they can get the Social Security number, the key to a trove of other sensitive data. "There was nowhere you could run or hide that I couldn't track you down," said Rapp, who closed his data brokerage in 1999 under pressure from Denver police.

Law enforcement officers testifying said it was not standard practice to buy data from the brokers. Lawmakers wanted to know if law enforcement was doing an end-run around the subpoena process but the officers denied that.

Editorial standards