FCC threatens 600 operators with fines over data protection rules

IDG News Service - The U.S. Federal Communications Commission may fine 600 operators for failing to properly file annual reports proving that they protect customer data.

Telephone companies and voice-over-IP providers are required to submit to the FCC annual certifications proving that they have taken reasonable measures to protect against pretexting, or the practice of pretending to be a person or a law enforcement agent in order to obtain telephone records. Operators must also show the FCC that they've kept records of all instances when they disclosed customer information to a third party and report on customer complaints they've received regarding unauthorized release of their information.

The FCC found that last year, 600 operators either didn't file reports to the agency at all or they filed noncompliant reports. The FCC proposed a fine of $20,000 for operators that didn't file at all and $10,000 for those that filed noncompliant reports. The carriers will be allowed to argue against the fine or demonstrate reasons to reduce the penalty due to an inability to pay it, the FCC said.

In a statement, Michael Copps, the FCC's acting chairman, said that the annual filings are essential for the agency to ensure that operators are complying with the privacy regulations. He also said he hopes the fines will help ensure compliance in the future.

The practice of pretexting entered the spotlight -- for consumers as well as government officials -- after Hewlett-Packard Co. revealed that it hired investigators who used pretexting to try to find the source of boardroom press leaks. The HP case led to the passage of federal legislation that makes pretexting illegal.