Jeers to the Cellular Telecommunications & Internet Association for volunteering its membership’s data collections for the growing corporate-government surveillance axis.
In an exchange of comments to the FCC about whether there should be mandated security requirements for Customer Proprietary Network Information (aka “phone records”), the Electronic Privacy Information Center has argued for “deidentifying” older phone records that are no longer needed for billing and related purposes. This way, the companies can use the data to study their network needs without maintaining an ongoing risk to the privacy interests of customers. Whether this should be required by regulation or not – I think it probably shouldn’t – this practice is the right thing to do.
CTIA responds, “Historical calling records serve many legitimate purposes, from assisting customers who need to validate their wireless charges and document past events to responding to legal process from law enforcement in criminal and national security matters.” In other words, after all billing issues are gone, identified calling records are a trove of surveillance data for investigators. So let us keep them.
The implicit appeal to the threat of terrorism should not carry the day over the real consequences for every American consumers’ privacy. But regulators won’t put consumers’ interests ahead of covering their own asses. Watch for CTIA’s veiled terrorism argument to win. EPIC has the right answer, but it should be working this angle in the marketplace rather than in Washington.