Verizon Wireless Opt-Out Plan For Customer Records

An anonymous reader writes to let us know that Verizon Wireless is planning to share its customers' calling records (called CPNI) with "our affiliates, agents and parent companies (including Vodafone) and their subsidiaries." The article explains that CPNI "includes the numbers of incoming and outgoing calls and time spent on each call, among other data." Some subscribers, it's not known if it's all of them, received a letter in the mail giving them 30 days to opt out of this sharing by calling 1-800-333-9956. Skydeck, a mobile and wireless services company, seems to have been the first to call attention to the Verizon initiative on their blog; they also posted a scan of the letter (sideways PDF) from Verizon.

current versus past customers

When I hear things like that I always wonder how they handle past customer data. Those folks are not being given any "opt out" provision. Same as when companies get bought or sold off for parts. Current customers of course are respected since they have value but past customers are only worth the data you can mine out of them.

How you could have handled it...

By letter, template below. Usually, only a letter is legalling binding.

YOUR ADDRESS HERE

DATE

A/C Number: aaaa-bbbb-cccc-dddd

Dear Sir or Madam,

I am writing to close my ISSUING COMPANY NAME Visa/Mastercard credit card account aaaa-bbbb-cccc-dddd. I enclose the one/two issued card(s), cut into pieces.

I have sent a check separately to pay the $$$$.cc balance outstanding on the current statement. I agree to pay for any transactions authorized by me that I have missed in my calculations as soon as you advise me of them.

Any further transactions to the credit card account aaaa-bbbb-cccc-dddd are not authorised by me, and I instruct you not to accept any further purchases or other debits to the account.

I also request that you remove me from your direct mail marketing lists and do not share my name, address, telephone, transaction, and other personal details with ISSUING COMPANY NAME's marketing affiliates or other organisations.

Yours faithfully,

YOUR FULL NAME

I got one of those

I got one of those letters several weeks ago, and immediately called the 800-333-9956 number listed to opt out.

Pretty painless

It's pretty painless to do. You need to have your account details, and you have to jump through a separate hoop for each number, but at least they retain your context from hoop to hoop. Saves you from having to enter your SSN every time.

Re:Pretty painless

It's just evil that they make you do it at all.

Re:Pretty painless

Saves you from having to enter your SSN every time.

I haven't called, but I'm gathering from you that they ask you to enter it once? They send a piece of mail (with their logo on it, so you know it's really them) to you asking you to call a number that could be anyone and ask you to enter your social security number? Thanks, Verizon, for making identity theft even easier.

Re:Pretty painless

I just called. You need to enter your phone number, billing zip code, and the last 4 digits of your SS#.

Re:Pretty painless

Actually, you have to give them the SSN that you made up back when you signed up for service originally.

Re:Pretty painless

It doesn't matter how easy it is, that's not the point. In pretty much every western country, except for the US, this would be totally illegal. It amazes me how Americans seem (on the whole) totally content with not having any data protection laws.

Curious question

I'm trying to understand this. Although it is painted as a marketing arrangement, does this provide them the immunity (going forward) that Congree would not grant retroactively?

They'd be crucified if they did this in Europe...

I can't believe the shit companies can get away with over here. Call me paranoid, but I think my next cellphone will be another pay-as-you-go under someone else's name.

Actually. Maybe that would be a good business idea. Buy a PAYG phone and swap SIMS with someone at random. Maybe make it so you mail them on every few months. For the truly paranoid...

Re:They'd be crucified if they did this in Europe.

Swapping SIMs == swapping phone numbers.

Not if you use something like GrandCentral.com.

Of course the smart-ass response is, do you trust Google more than Verizon?

just another example...

...of corporate (a)merica truly getting out of hand.

This scenario is much like a criminal going to commit a crime no matter what, but he won't if you get his letter in the mail and then take steps and waste your time to tell him not too. Just so many things wrong with this story, but unfortunately not shocking and of course NO ONE will do anything to stop this trend in the country other than bitch and moan.

the Google model

I guess they want to follow the gmail model for advertising, etc.
Unfortunately, while many people have several e-mail accounts, you cannot
switch so easily between different phones. Moreover, gmail is nearly anonymous, while you
cell phone is anything but.

Really?

Incoming phone numbers? Not sure what Verizon does with those, but I don't even get those numbers from Sprint on my bill.

Opt-out should be illegal

Opt-out for this kind of thing should be illegal. I should have to opt-in to allow this, but of course few people would so it might not be worth it to the companies. Which is why they use opt-out.

Because an OPT IN would be the right thing to do

Because an OPT IN would be the right thing to do, but that would require morals wouldn't it.

Re:Because an OPT IN would be the right thing to d

Corporations, like governments, are amoral by definition. Opt-in would require business ethic, of which Verizon has repeatedly shown it has little. To be fair, the same applies to AT&T/SBC, Comcast, AOL, and any of the other big boys.

The people who consume the goods and services provided by the likes of Verizon have become less important than the companies willing to pay to mine customer databases. There's a lot of money in that, which means quality-of-service levels (and corresponding expenses) can be reduced while maintaining profitability. If that kind of information-sharing were simply illegal, perhaps our communications providers would have to get back to worrying themselves about what their customers want.

Re:Because an OPT IN would be the right thing to d

This is why I find it important to distinguish from consumer and customer. The customer is always right. The consumer is just a resource. Problem is, we are the consumer. The corporation on the other end of the data-mining business is the customer.

Here's my favorite part:

In order to better serve your communications needs and to identify, offer and provide products and services to meet your requirements, we need your permission to share this information among our affiliates, agents and parent companies (including Vodafone) and their subsidiaries... You have a right to keep your CPNI private by "opting out." Unless you provide us with notice that you wish to opt out within 30 days of receiving this letter, we will assume that you give Verison Companies the right to share your CPNI with the authorized companies as described above.

I know this is common practice, but I'd still like to believe that this would be a non-binding contract. Especially since there's no mutual consideration. Here's an excerpt from the Michigan Law Review regarding Silence as Acceptance of an Offer:

It is generally held that an offeree has a right to make no reply to offers, and that his silence and inaction cannot be construed as an assent to the offer. This is true even though the offer states that silence will be taken as consent, for the offeror cannot prescribe conditions of rejections so as to turn silence on the part of the offeree into acceptance.

The Virginia Law Review continues to talk about when silence is binding:

Where the offeror acts to his detriment in reasonable reliance on the offeree's conduct, the offeree's inaction, will be deemed an acceptance after he has remained silent for a reasonable length of time.

The difference here, though is that Verizon isn't acting to its detriment, they're going to be getting a big fat cheque out of this from a 3rd party. So, once again, it goes back to mutual consideration.

Re:Here's my favorite part:

I know this is common practice, but I'd still like to believe that this would be a non-binding contract. Especially since there's no mutual consideration. Here's an excerpt from the Michigan Law Review regarding Silence as Acceptance of an Offer:

Contract has nothing to do with it. Obviously, you can't send someone a letter and form a contract just because they didn't bother to respond. The reason they can get away with this is because they have Congress in the palm of their hands.

It was just a few years ago that everyone was up in arms about companies sharing our personal information. Congress was pressured to create some regulations to stop it. Instead of going for an "Opt-in Rule" where companies would only be allowed to share or sell your information if you affirmatively acted in telling them it was ok, they passed an "Opt-out Rule."

Under the current scheme, all a company has to do is tell you about it's information sharing policies and give you an opportunity to Opt-out. They don't need a contract. They don't need a meeting of the minds, consideration, offer and acceptance or anything but your silence. If you don't want your information shared, you'll need to get busy and start notifying every company you've ever done business with. You can thank Congress for this.

New Verizon Patent

In the preferred embodiment a method of fucking over customers is described whereby private customer data is disclosed to third parties for profit.

In Case You're Wondering

This is why it only costs $100 to buy your telephone records.

McNealy's law, people. You have no privacy, get over it.

--Dan

Verizon trying to bypass FCC mandate?

It seems that Verizon is trying to sidestep the 12/2/07 deadline for new rules regarding CPNI. Earlier this year, the FCC decided to change the CPNI rules for carriers (both wireless and wireline) to try and beef-up the security around the call details that these carriers handle: http://www.ipbusinessmag.com/departments.php?department_id=6&article_id=23 [ipbusinessmag.com]

One thing that is clear from the FCC ruling is that "The FCC changed this requirement to mandate that customers obtain "opt-in" approval from their customers prior to sharing CPNI with their joint venture partners and independent contractors for marketing purposes only." Verizon shouldn't be able to have a global "opt-in" through silence, unless they're trying to get that recorded before the more stringent policy goes into effect in December.

The process

After dialing 800-333-9956, you need to enter your Verizon mobile number, your billing zip code, your account password (if configured), and press '9' to confirm opt-out. If you have another mobile number you wish to opt-out, press '2' then repeat the above process. The first two tidbits of info could easily be obtained from public searches, the last maybe not so easily. And kudos to Verizon for not forcing me to make a phone call for each number to be opted out. In any case, I'm okay with opting out, though I'm not okay with the fact that I have to opt out.

Is the NSA an affiliate?

I'm guessing that the NSA/FBI/CIA/[insert TLA here] will be considered an affiliate?

In other words...

From the TFA: In order to better serve your communications needs and to identify, offer and provide products and services to meet your requirements, ...

Meaning: In order to increase our revenue and profit margins ...

... we need your permission to share this information among our affiliates, agents and parent companies (including Vodafone) and their subsidiaries.

... unless you tell us otherwise, we will trash any semblance of privacy you thought you had and share your data with the entities we really care about, so we can all make even more money off you chumps.

I guess it could be worse, they could be sharing your data with the NSA. Oh wait...damn.

It wasn't a separate letter

It was one of those bill-stuffers that people tend to ignore.

Sideways PDF

Is "sideways PDF" another way of saying that the submitter didn't know how to use the rotate button in the Acrobat viewer?

Why is the default always to 'opt out'?

The option for these kinds of schemes is always to "opt out" of the data sharing. Since I expect that the overwhelming majority of users would want to keep their calling records and data private, shouldn't the option be to "opt in" to the data sharing?

How I protested this action

I called the customer service number (*611) and talked to a rep for 20 minutes asking every conceivable question about this policy change. I put her on speakerphone and continued reading slashdot while we chatted. If a lot of people called them like this, their call center costs will rise. I don't see really any other way of letting them know my discontent.

+1 mod for screwing the big guy. :)

Am I missing something here?

Let's see. I suffer from a terrible disease of one type or another (My daughter thinks Mesothelioma is cool. I think she watches too much TV). Anyhow, I call several specialists to schedule appointments for treatment and then I call a lawyer to put the smack down on those nasty Asbestos peeps. An infomercial low-life who sells Mesothelioma snake oil buys my phone records, scans it for all the doctor records (umm... duh... they are online) connects the dots and then starts calling my number which is also on the DNC registery. Last time I checked, there were Federal laws against sharing medical information without express written permission.

Verizon is not alone though

Verizon is not alone in this. The companies (and even some DMV's and banks) are collecing and selling out their customer's data with complete disregard to the risks involved from privacy to identity theft. I went to CompUSA a few weeks ago to buy a Nokia N800 wifi internet tablet. At the checkout register, when the lady scanned it, a window popped up on her screen. She said I had to give my phone number, name and address to buy it. I asked why and she called her manager who said I have to provide this information otherwise they can't sell it to me. I explained that it is not a mobile phone but no luck. I left it at their checkout register and walked out. I came home and emailed the customer service who never responded. I also called the store manager on the phone and he explained that they build a profile of people buying computers so that they can provide service later if needed and it is NOT optional. Touch luck. I had to buy it from a different retailer because I felt that they had absolutely no need to collect my personal data.

When I signed up for Wall Street Journal print subscription, I used my abbreviated name in the mailing address in case they decide to print it and throw it out in the yard. Surprise surprise, within about 6 weeks, I started getting offers from other print media and magazines such as businessweek and economist with the exact same variation in my mailing address confirming that Wall Street Journal had already sold that data!!

It is sad that you have to opt out (they make it as difficult as possible) instead of opting in. And with acquisition of companies like Doubleclick, it seems that our darling Google is headed the same way!!
 

How can I know this is the right number?

Is this letter from Verizon Wireless, or from a phisher? Is the phone number real? I called up Verizon Wirelss (using 611 from my phone -- not at the number on the letter) but they were unwilling to confirm or deny that they are doing this, or that 800-333-9956 is the correct phone number to opt out. After a few tries, I was able to explain to the customer service representative that anyone can send out letters claiming that they're Verizon, telling people to call and provide their SSNs. She agreed to file a complaint that will be reviewed by their marketing department. She noted in my complaint that I have no intention of doing any further business with Verizon Wireless, as a result of this stunt.

How about calls I made to Verizon customers?

I am not a Verizon customer, but have made calls to many Verizon customers, and have received calls from many Verizon customers. Using only Verizon data, one would be able to reconstruct quite a bit of my calling patterns. Can I call Verizon, and have them withhold calls involving my phone number(s) ?

I can't even get that info

If Sprint does this, I'll be really upset. I can't even get that information for my own phone. My statements contain only "incoming" for incoming calls, so I can't see who all called me. I have even asked customer service, and they say they cannot provide that information.

Where is this new FCC rule for Dec 2007 ?

Here is Consumer Advisory from FCC: http://www.fcc.gov/cgb/consumerfacts/phoneaboutyou.html [fcc.gov]
Verizon is following rule #1 Opt-Out. Though I find the way they do it unethical.

Several posters have remarked that there is a new rule for Dec 07:

It seems that Verizon is trying to sidestep the 12/2/07 deadline for new rules regarding CPNI. Earlier this year, the FCC decided to change the CPNI rules for carriers (both wireless and wireline) to try and beef-up the security around the call details that these carriers handle: http://www.ipbusinessmag.com/departments.php?department_id=6&article_id=23 [ipbusinessmag.com] [ipbusinessmag.com]

I read this from the link above to ipbusinessmag.com and looks like if it is different, it still reeks of loopholes.

Joint Venture and Independent Contractor Use of CPNI: Under previous FCC CPNI rules, carriers were permitted to share information with joint venture partners and independent contractors if they obtained "opt-out" approval from their customers. The FCC changed this requirement to mandate that customers obtain "opt-in" approval from their customers prior to sharing CPNI with their joint venture partners and independent contractors for marketing purposes only. This opt-in requirement does not apply to the permissible disclosures of CPNI, such as sharing CPNI for billing purposes or to render services to the customer

The part about the 'permitted to share information with joint venture partners and independent contractors if they obtained "opt-out" approval from their customers.' looks like a typo, shouldn't that be opt-in. Then the rest of it just looks like the same thing as they are doing. Can someone find something better from the FCC, I can't. Otherwise it looks like my first link, that you can do EXACTLY what Verizon is doing Now!

Opt-out list can then go to Homeland Security

or the NSA, or whoever... Obiously, in these critical times of terrorist threats, anyone who opts out MUST have something to hide... What a great way to get a list of potential wiretap suspects !
/end sarcasm

Truth

Let's just face the facts, we have no privacy, no lawmakers actually care about privacy, they just promise things that will take as long to go into effect as it will for them to get out of office so they don't have to deal with it again.

I've got a plan though.
If enough of us forward calls from suspeted telemarketer numbers to suspected terrorists, we may be able to get rid of two turds, err I mean birds, with one stone.

Not working

I have tried to use the number to opt-out but it keeps asking for a "password" that I never setup. I guess they don't necessarily want me to be successful at opting-out.

Opt-out requires info I don't have!

Those steaming sacks of shit are requiring that I opt out by calling an automated system and entering my phone number, billing zip code, and last four digits of my social security number. However, because I don't remember the random number I would have given any phone company who asked for my SSN, I can't enter it!

Strange, Verizon shares anyway.

The junk mail companies seem to know where to find me no matter where my husband and I go. In fact, I always seem to get the first couple of pieces of junk mail within the first week of a move, addressed to me, not forwarded, and often in my maiden name.

The only thing that was in my maiden name the last time this happened was the Verizon land line bill. So if it isn't Verizon that is sharing the data, then who else could it possibly be?

I'm glad we ditched them finally, the old prepaid phone we have ended up being cheaper in the long run.

Business Customers will LOVE this

Yup, I'm sure all those folks that use their verizon cells for business are just thrilled about this. Just thrilled.

VZW opt-out

As a non VZW customer, how do I opt out of their sharing of my CPNI? When a VZW customer calls my cell phone, the CPNI for that call is shared by both VZW and my carrier. Without my express permission, I don't understand how VZW could share my CPNI which they have been ordered to protect by the FCC. They are essentially leaking my carrier's CPNI information in the process. Could there be any grounds here for a Class-Action to limit this? Until such time, I can at least try and ensure I do not take calls from VZW customers. Is there a way to prevent a VZW customer from calling my cell or home number? Is there any information in ANI or elsewhere that would allow me to configure my Asterisk server to reroute all VZW calls to a message announcing that I no longer accept calls from VZW customers due to VZW policy?

Copyright

Would it be possible to copyright my personal information such that providing that information without my express permission would constitute copyright infringement?

Why yes, please hand my info to the FBI...

What you all think is about advertising and marketing couldn't be further from the truth. This program, and others like it, are stop-loss mechanisms to prevent legal liability by Verizon for handing this information over to the FBI, NSA, etc. *without* a warrant. Believe me, if you were a business looking at possible class-action damages on a scale that most of these Ma-Bell types are looking at-especially when courts are finding their information disclosures as unconstitutional-you'd find a way to trick people into implicit permission.

Re:Time to switch

Indeed. I left Verizon years ago (used to have them for landline and DSL), and haven't looked back. They were horrible then, and have clearly only gotten worse. Not that the other phone companies are saints, but Verizon just sucks.

Re:Time to switch

I've always found it at least mildly disturbing that Verizon makes AT&T look good. I mean... this is Death-star-logo-sells-your-conversations-to-the-NSA AT&T we're talking about.

I was actually on with AT&T Wireless before they were Cingular, and they actually were *very* nice to us. Even once they were Cingular, their customer service was great even though they did sort of alienate their former AT&T customers. A few of the price plans that the old AT&T had right before being absorbed into Cingular were far better then anything Cingular or Verizon have ever offered. If you wanted to modify your plan, however, you had to switch to a Cingular plan which would inevitably cost you more money. There were a few tricks for getting new phones out of the deal as well, although it got a lot harder over time. Still.... you have to give them major props for honoring the plan -- I held onto it for a few years after the merger. You also didn't have to pay for incoming text messages on any plan, something that no other US carrier does to my knowledge (most European countries have legislation which forces the caller to pay for both sides of the conversation, making incoming calls and SMS free)

However, as time went on, Verizon improved its coverage in my area, while there were no improvements in GSM service. Frustrated by not being able to get a signal at home, I switched to Verizon. A year and a half down the road, and I'm fed up to the point where I'm switching back the day my contract runs out. I've been overbilled, had my service disconnected, had my plan changed without my consent, and Verizon gave my old number to somebody else after they "lost" it while porting. And of course, in order to resolve any of this, you either have to call them and wait on hold for hours on end, or visit one of their stores -- which are more and more resembling the DMV these days (I've seen actual fights break out on more than one occasion).

You can keep Euro cellphone billing.

The U.S. system seems screwy for text messages, but it makes sense for voice calls. The caller pays for the cost of the call on the POTS system to whatever exchange the cellular number is in. Then the person with the cellphone pays for the airtime to transmit that call over the cellular network to their handset. (And they pay for the airtime whether the call is outgoing or incoming; what they're paying for is the circuit, not really the 'call.') This means, if the call originates from the same area that the cellphone's number is in, the caller pays next to nothing, since it's a local call. In fact, they have no way of knowing, just by looking at the number, whether it's a cell or landline. There's no difference in the U.S. between a "cellular number" and a "regular number."

It doesn't strike me as illogical. If it cost people more to call cellphones than landlines, the uptake of cellphones would have been a lot slower. I certainly wouldn't be able to use a cellphone as my primary business line, since it would be obnoxious to charge people more (and, hence, discourage them from calling me) because I want the ability to take calls on the road.

The U.S. pricing structure means that text messages are a bad deal (which is why they're little used here compared to in Europe), but it also sped the adoption of cell phones to many people who wouldn't have bought them otherwise, particularly business users, and it prevented people from consciously avoiding making calls to cell phones because of the expense. It puts the expense of owning a cellphone on the person who wants the convenience of being mobile, rather than on the caller.

Re:Time to switch - all telcos suck

We need the Mutt Telco. "All telcos suck, mutt telco sucks less."

Re:Time to switch

Yeah, just switch to the phone company that spies for the NSA.

Re:Time to switch

a corporation helping its government to spy is bad?
something else?

I'd think that a corporation helping its government spy illegally is bad. If the spying is done in a legal, constitutional way, with a judge overseeing the procedures, I don't think most people would object.

Re:Time to switch

The government breaking the law and private citizens breaking the law are radically different things. The government is an artificial structure defined by the law - if it breaks that law, then it can no longer be trusted to serve it's intended purpose rather than some unwanted purpose. And when a government is serving unwanted and unintended purposes that's a very bad thing.

Re:Initial versus second reaction

What am I missing?

A clue ?

Re:Initial versus second reaction

The only real risk I see here, is that it may allow the government to buy these records in the future (directly or via a contractor) instead of subpoenaing them....

I'm not grasping something here. On your analysis, the government is your enemy, and your only enemy?

Verizon trying to bypass FCC mandate?

It seems that Verizon is trying to sidestep the 12/2/07 deadline for new rules regarding CPNI, however, I don't see how exactly this accomplishes that goal. Earlier this year, the FCC decided to change the CPNI rules for carriers (both wireless and wireline) to try and beef-up the security around the call details that these carriers handle: http://www.ipbusinessmag.com/departments.php?department_id=6&article_id=23 [ipbusinessmag.com]

One thing that is clear from the FCC ruling is that "The FCC changed this requirement to mandate that customers obtain "opt-in" approval from their customers prior to sharing CPNI with their joint venture partners and independent contractors for marketing purposes only." Verizon shouldn't be able to have a global "opt-in" through silence, unless they're trying to get that recorded before the more stringent policy goes into affect in December.

Re:Time to switch

hey people... *whoosh*

don't you get it? OP is dropping one telco thats sells your personal data for another that just outright spies on you...

sheesh

Re:Time to switch

Why? At least Verizon has an opt-out policy. Does AT&T let you opt-out of their handing the exact same information to the federal government without a warrant?

Re:Initial versus second reaction

You want a wide variety of other companies to know who you are calling and how long you are talking to them for, just to get better advertising?

Both — the diminishing of privacy and the abundance of misdirected advertising [catalogchoice.org] — are bad, and it is not at all obvious (to me), which is worse.

And the expectation of privacy of cellular calls (it is Verizon Wireless we are talking about) is unfounded. The calls aren't encrypted and, AFAIK, it would not be illegal to build and install devices collecting the dialed numbers and the durations of calls. Eavesdropping on the actual calls may be illegal (although still possible), but not collecting (and selling) the end-points' numbers and call-durations...