Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
It's Official: Pretexting Is Illegal
The controversial practice gained more attention after the HP scandal broke.
January 18, 2007
2 Min Read
President Bush signed a bill last week making a controversial practice known as "pretexting," a federal offense.
The law specifically forbids the act of misrepresentation, impersonation or deception in order to obtain personal telephone information. Just five months ago, pretexting fell into a gray area of the law.
The issue gained national attention when Hewlett-Packard filed a document with the U.S. Securities and Exchange Commission. The computer maker said its investigators had used tactics to find out which members of its board where leaking private company information to the media, which ended up as news reports. The scandal led to testimony before Congress and the resignation of several board members and HP employees.
Several lawyers and private investigators -- including some working for HP when the company obtained journalists' and board members' personal phone records during an investigation into leaks from its boardroom -- said that it was unclear whether pretexting was against the law.
The legal line is clearer now. The text of the Telephone Records and Privacy Protection Act of 2006 now states it is illegal to use fraud in order to obtain billing records and other information phone companies retain on individual customers. Law enforcement officers are exempted but generally need warrants to get the information.
Breaking the "pretexting" law allows for fines and imprisonment of up to 10 years for those who use fraud, deceit, or computer access in a successful or an unsuccessful attempt to obtain, transfer, or disclose phone records without prior customer authorization. It applies to phone and Internet-enabled communications and contains additional penalties for aggravated cases. That covers those engaged in numerous violations, as well as those who use the information to commit other crimes such as stalking, witness intimidation, or crimes against law enforcement.
Emergency services employees as well as telephone service providers are exempt under the U.S. Communications Act.
Last year, several federal agencies and former California Attorney General Bill Lockyer began investigating HP and the tactics used by people working on the company's behalf. Lockyer filed charges saying that investigators, one employee and former board president Patricia Dunn, violated state laws. More recently, federal prosecutors filed felony charges against Bryan Wagner, one of the investigators hired by HP, as a result of an FBI investigation. Dunn and most of the others have denied any wrongdoing. Wagner pleaded guilty to the federal charges. HP settled a civil suit.
You May Also Like
University of Minnesota Uses Entuity to Strategically Manage and Upgrade Complex Network Environment
NIST Cybersecurity Framework 2.0: Changes, impacts, and opportunities for your InfoSec program
*Why DDI? Why it is Important to Integrate DNS, DHCP, and IP Address Management in Your Network
KVM SwitchÂ High Performance Applications with Dominion KX III
2022 Retrospective: The Emergence of the Next Generation of Wi-Fi