overview
issues
principles
Aust law
EU law
New Zealand
Asia law
N America
agencies
advocacy
reports
primers
other writing
technologies
harbours
statements
media
business
costs
spatial
cctv
bodies
workplace
prisons
politics
telecoms
postal
search
attitudes
harvests
landmarks
related
Guides:
Networks
& the GII
Security
& Infocrime
Marketing
related
Profiles:
Australian
privacy
regimes
Aust & NZ
telecoms
Do Not Call
Registries
Pretexting
dot-au
& auDA
dot-nz
Australian
Constitution
& Cyberspace
Postal
Systems
|
telecommunication privacy
This page considers phone tapping, reverse directories,
do-not-call registries and other issues.
It covers -
It
is supplemented by guides on Networks
& the GII, Security
& Infocrime and Marketing.
There is a more detailed examination of specific issues
in profiles dealing with the Domain
Name System, dot-au
& auDA and the shape of Australian & New Zealand
telecommunications.
introduction
Concerns about privacy in telecommunications are not new.
The switch operator in Henry James' fin de siecle In
The Cage
quite
thrilled herself with thinking what, with such a lot
of material, a bad girl might do
As
noted in the first pages of this guide, protecting the
privacy of personal and corporate telegraphic communications
was one catalyst for the development of contemporary privacy
regimes in advanced economies.
Users of telecommunication networks have had an expectation
that their communication would be respected. That expectation
has had the corollary of special treatment for network
operators, broadly exempted from liability for the content
of the traffic on the basis that the operator is aware
that communication has taken place but unaware of the
content of that communication.
That concern for privacy - reflected in restrictions on
disclosure of information by network operators and unauthorised
access by private investigators - has gone hand in hand
with mechanisms for government identification of what
communication is taking place and surveillance
of the content of that traffic, including logs of calls,
copies of telegrams and technologies that allow government
officers to hear calls in real time or record them. Much
of the debate about US civil liberties over the past eighty
years has thus centred on the 'wiretap'.
More recently we have seen the emergence of concerns about
the ownership of telecommunications contact information,
as network subscribers seek to enhance their security
or their privacy by
- using
caller identification (aka caller number display or
CND)
- restricting
access to their numbers in an environment where the
average US household is receiving ten telemarketing
calls per night (often from a database rather than a
human)
- restricting
publication or matching of street address or other contact
details associated with their numbers
Those
concerns have seen many consumers move 'ex-directory'
to 'silent numbers'. They have also seen support for bans
on 'reverse directories' and for establishment of 'do
not call' registries.
Normalisation of the internet - particularly the strengthening
of government and community anxieties about security -
has seen debate about
- whether
the net should (and indeed can be) exempt from wiretapping
- the
responsibilities of regulatory choke points such as
internet service providers
- the
handling of web site registrant contact information
(in particular the various gTLD and ccTLD WHOIS databases)
- restrictions
on practices such as 'pretexting'
that are unethical and often illegal
A
result of that evolution is that telecommunication privacy
in Australia and most countries involves the interaction
of a range of legislation (typically both telecommunications
enactments and privacy enactments, often supplemented
by national security, criminal investigation and intellectual
property law) rather than a single discrete enactment.
wiretaps
[under development]
Federal wiretapping law (centred on 18 USC 2511) broadly
prohibit "interception" of spoken communications
and also make it illegal to "disclose to any other
person" when there is an expectation of privacy.
It is generally legal under US federal law to record spoken
communications as long as one person consented and as
long as the taping is not done to violate any other law.
The Australian regime features a range of Commonwealth
and state/territory legislation, notably the federal Telecommunications
(Interception) Act 1979 - discussed here
and here.
CND
It has been a tradition in telecommunication network management
that subscribers do not own their telephone numbers. Instead
they lease that number from the network operator. The
advent of competition, mobile phones and number portability
schemes has blurred that tradition but it remains essentially
intact.
It is also a tradition that subscribers use their numbers
to manage their identity and privacy, in particular as
a mechanism for screening contacts. Many consumers, for
example, provide third parties with a fixed line or mobile
number but are unwilling to accompany that information
with their address or other details. Concerns about stalking
and other matters mean that some subscribers do not wish
to publicly divulge a number.
That has affected the operation of public directories,
demand for 'silent numbers' and services such as Calling
Number Display (CND), which gives callers the option of
displaying their number (and sometimes related information)
to the recipient of the call.
In Australia the Integrated Public Number Database - discussed
here - provides
a master directory of all numbers across all carriers.
Service providers and directory producers can only use
IPND data to operate and provide directory assistance
services, produce a public number directory, provide associated
services and provide location-dependant telecommunications
services such as services that send a call to the branch
of the business nearest the caller.
A 'silent number' (aka 'silent line') is a fixed line
service for customers who seek enhanced personal information
protection by not having their telephone numbers included
in publicly available print and electronic directories
(and similarly not disclosed by directory assistance).
Silent line customers pay a fee to have their names, addresses
and phone numbers withheld from directories. Silent line
customer addresses and phone numbers are also not available
through some directory assistance services, though the
operator on these services may indicate that there is
a listing for a silent number under the name requested.
How many people are 'ex-directory'? As of 2000 Telstra
had around 800,000 silent line customers in Australia.
About 16% of residential customers in Melbourne and Sydney
(and an average of 12% in country areas) have silent lines.
The privacy implications of CND for callers encompass
the level of control CND callers have over automatic provision
of the number to receivers and whether this information
is provided on the basis of informed choice. It also encompasses
the uses to which CND information might be put by organisational
and business receivers, who have the capacity to capture
and possibly manipulate CND generated data.
directories
Who owns the directories? In the US the landmark 1991
Feist decision established that the network operator
has insubstantial intellectual property protection for
published phone directories, including what are known
as colour pages business
directories. That has resulted in a range of entities
copying directory information by scanning or rekeying
printed volumes.
In Australia the 1997 Telecommunications Act and industry
codes relating to the IPND - eg the ACIF IPND Data
Provider, Data User & IPND Manager code (PDF)
- provide Telstra subsidiary Sensis, US data
trading giant Acxiom and a handful of other commercial
entities with direct access to the national 'master registry'.
That is discussed in the ACA 2004 Who's Got Your Number
- Regulating The Use Of Telecommunications Customer Information
discussion paper.
Acting ACA chairman Bob Horton commented in 2004 that
there was evidence customer information was being collected
by public number directory producers and collated with
data drawn from other sources to create consumer 'profiles'.
Current use of telecommunications customer data appears
to go beyond what is allowed under existing legislation.
In fact, our investigations indicate that databases
are being created and maintained based on information
provided by customers to their telecommunications service
providers. These databases are then sold to other companies
for direct marketing and other commercial activities.
In the ACA's opinion, this is not only a breach of existing
law but also outside what customers providing personal
information expect to happen.
Section 285
of the Telecommunications Act 1997 prohibits
unauthorised creation of reverse directories.
During 2001 the 2600.org.au group launched a free 'Black
Pages' online reverse search service for Australia, discontinued
after a few months because of complaints from privacy
groups and apparent pressure by regulators. Desktop Marketing
Systems (DtMS)
subsequently marketed CD-ROMs with a reverse directory
facility. DtMS managing director Andre Kaminski reportedly
dismissed privacy concerns, commenting
There
is no such thing as privacy. Information is just a commodity.
As Australia becomes a more sophisticated market, there
is a demand for people like us.
Telstra
successfully argued in the Federal Court that DtMS had
breached its copyright; the product is no longer available.
registers as the embodiment of non-interference
The beginning of this guide also highlighted the significance
of 'non-interference' as a principle underlying much privacy
legislation, with individuals having a right to be left
alone and to exercise that right by having some control
over both what information is collected about them and
how that information is used.
That principle is embodied in a range of telecommunication
registers that have emerged over the past decade.
In essence those 'do-not-call' registers - discussed
in more detail elsewhere on this site - are the obverse
of the directories noted above. They allow consumers to
specify that those consumers are not to received unsolicited
commercial electronic messages. The consumer must specify
that they do not wish receive marketing messages, with
a national register typically being maintained by a government
agency and based on legislation. Marketers are otherwise
free to contact numbers.
The registers centre on voice (by fixed line or mobile)
and fax contact, particularly to households. They do not
encompass spam. Their
development has reflected consumer disquiet with performance
by some industry groups (eg poorly maintained lists managed
by some direct marketing associations). It has also reflected
recognition that some of the most egregious telemarketing
has come from businesses and not-for-profit organisations
outside those associations.
In 2003 the Federal Communication Commission (FCC) established
a national Do-Not-Call Registry
under the Telephone Consumer Protection Act of
1991 (TCPA), building on prohibitions in that enactment
against sending unsolicited faxes and against unsolicited
messages from automatic dialing systems to mobile phones.
The
registry is nationwide in scope, applies to all telemarketers
(with the exception of certain non-profit organizations),
and covers both interstate and intrastate telemarketing
calls. Commercial telemarketers are not allowed to call
you if your number is on the registry. As a result,
consumers can, if they choose, reduce the number of
unwanted phone calls to their homes.
The
US Registry now features over 60 million numbers.
In Australia the ALP has called for a similar registry,
criticised - in our view unconvincly - by some telemarketers
as resulting in "huge job losses". The proposed
registry would be managed by the Australian Communications
Authority. Apparently all unsolicited consumer telemarketing
on public holidays and sundays would be banned.
The registry would supersede private lists such as that
under the auspices of the Direct Marketing Association,
which in July 2004 claimed that the US government
is
facing an administrative and financial nightmare as
it is now dealing with a disgruntled and disillusioned
public and costs that are spiralling out of control.
It
is unclear whether the Australian legislation would restrict
cold calling by non-profit organisations and political
entities, consistent with loopholes in the Spam Act
2003 and the Privacy Act.
ISPs as regulatory choke-points
A discussion of ISPs
is available elsewhere on this site.
WHOIS
In discussing the domain name system (DNS) we have noted
debate about privacy aspects of WHOIS
databases for gTLDs (eg dot-com) and ccTLDs (eg dot-au
and dot-nz). A WHOIS database contains contact information
supplied by the domain name registrant, ie the entity
responsible for registering the domain name - sometimes
characterised as the "domain name owner".
The information typically includes the full name of one
or more individuals, fax and voice numbers, an email address
and a postal address.
During the first years of the internet that information
was primarily used by network administrators. With the
proliferation of sites and the emergence of cybersquatting
such contact details came to be of interest to both those
engaged in litigation and those who wanted to harvest
information for direct marketing, eg for spam.
Exploitation of the data - including alleged substantial
misuse by some domain name registrars - has resulted in
restrictions on publicly-accessible information in some
spaces, with suppression of some information or barriers
to automated harvesting. The restrictions have coincided
with - and often followed - registrant provision of spoof
contact details, such as registration by Santa Claus,
Mickey Mouse or Idi Amin of 1 Nowhere Street in Somewhereville.
studies and sites
Literature, particularly in the US, on telecommunications
privacy and surveillance is dauntingly large. We have
therefore highlighted only a selection of works of particular
interest.
For questions of directory and number ownership see Anne
Branscomb's Who Owns Information: From Privacy To
Public Access (New York: Basic Books 1994)
next page (postal
privacy)
|
|
Ketupa