Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Privacy Communications

Your Cell Records For Sale Online, Cheap 431

AviN456 writes "The Chicago Sun-Times is reporting that your phone records are for sale online to the general public. From the article 'The Chicago Police Department is warning officers their cell phone records are available to anyone -- for a price. Dozens of online services are selling lists of cell phone calls, raising security concerns among law enforcement and privacy experts.' One of these sites is selling cell phone records for $110 for a month's worth of calls. No court order needed, no credentials required. If they want your records and have the money, they get 'em."
This discussion has been archived. No new comments can be posted.

Your Cell Records For Sale Online, Cheap

Comments Filter:
  • Why pay? (Score:4, Insightful)

    by Crilen007 ( 922989 ) on Friday January 06, 2006 @11:52AM (#14409819)
    I'm sure its on Google for free somewhere.
    • Re:Why pay? (Score:3, Informative)

      by teromajusa ( 445906 )
      I doubt it. These companies aren't sucking this info from some public data source. They obtain the information from pretending to be the phone owner and getting the company to tell them that phone's history.
      • Re:Why pay? (Score:3, Interesting)

        by cdrguru ( 88047 )
        More likely someone at the phone company is getting paid to send them the information. How much would it cost for you to deliver some information from your company? $50 an item? With a assured flow of cash as long as you keep the supply flowing?

        The problem is that people are way too easily bribed into this sort of thing, and the information is just lying around at the cell phone provider for people to send out.

  • Old news, new info. (Score:5, Informative)

    by TripMaster Monkey ( 862126 ) * on Friday January 06, 2006 @11:53AM (#14409830)


    Unfortunately, this issue is nothing [washingtonpost.com] new [go.com].

    Lots of good info on this problem can be found here [epic.org], courtesy of the good folks at EPIC [epic.org].

    And finally, you can choose to opt-out of the releasing of your phone data here [privacyrights.org] (at least you can try...opt-out information isn't listed for many of the companies). Also, many of these data brokers employ less-than-legal means to obtain the phone data anyway.
  • by Anonymous Coward on Friday January 06, 2006 @11:54AM (#14409840)
    I bet the NSA might be able offer a reduced price on these kinds of lists.
  • by User 956 ( 568564 ) on Friday January 06, 2006 @11:55AM (#14409851) Homepage
    One of these sites is selling cell phone records for $110 for a month's worth of calls. No court order needed, no credentials required.

    That's absolutely stalk-tastic. So, in addition to being able to buy SS#, satellite images of their house, and public property information, we can get phone records now. Sweet.

    Anyone want to see what 1-900 numbers Jack Thompson's been calling?
  • by CMiYC ( 6473 ) on Friday January 06, 2006 @11:58AM (#14409876) Homepage
    Both TFA and the /. post are slanted towards law enforcement agencies. There is nothing about the service or warning that shouldn't apply to everyone.

    Depending on how paranoid you are, this information could be interesting. Worried about a partner cheating? Worried about your partner finding out? Worried your boss will find out you have frequent calls to your Cylon agent (or is she just in your head?) (Okay, the last one was a joke.)

    But I wanted to make sure it was clear, this applies to everyone. Not just police.
    • Maybe because for someone working undercover, who assumes that only the police (meaning, them) have access to cell phone call logs, this could easily get them killed.

      Just think: you're a gang leader and suspect that someone in your organization is a narc. You have all of their cell phone numbers, because that's how you communicate, so you call up Locatecell and get the logs. The one who has the local PD in their logs gets a pair of cement shoes for Christmas.

      While the rest of us could certainly be inconvenienced, or perhaps lose our jobs / marriages / etc., because of this, probably we won't have the same risk of ending up dead.
      • by Digital Vomit ( 891734 ) on Friday January 06, 2006 @02:50PM (#14411273) Homepage Journal
        Just think: you're a gang leader and suspect that someone in your organization is a narc. You have all of their cell phone numbers, because that's how you communicate, so you call up Locatecell and get the logs. The one who has the local PD in their logs gets a pair of cement shoes for Christmas.

        Sucks for the cop. If only there was some way he could have *two* cell phones: one for gang business and one for personal/police use...

  • So what? (Score:3, Insightful)

    by Doomedsnowball ( 921841 ) <doomedsnowballs@yahoo.com> on Friday January 06, 2006 @12:00PM (#14409885)
    So what? Phone records have long been a way to track unorganized, unplanned crimes. Like shooting fish in a barrel. Cell phones have made it soooo tempting to make all your calls (legal, and possibly illegal) whenever you fancy, that it is certainly scary to unorganized, undiciplined criminals. Why would this even be an issue with the Patriot Act still out there? Obviously mere phone records aren't enough to catch Al Qaeda, so what do you have to worry about? Just run down to a different payphone, at different times, in disguise from the traffic cameras.
    • by ScentCone ( 795499 ) on Friday January 06, 2006 @12:19PM (#14410020)
      Why would this even be an issue with the Patriot Act still out there?

      I'm one of those people that doesn't have too much trouble with the Patriot act's purpose and typical use. But I think I do have trouble with my customers, suppliers, or competition being able to see who I'm talking to. In a competitive industry (I don't know, say wholesaling wine to restaurants in a busy city), being able to look over which restaurants of "yours" that a rival wine rep has suddenly been making a lot of calls to would be seriously helpful/evil business intel.

      On a more serious note, say a foreign or criminal entity was shopping around for people to blackmail/extort. Just the ability to use evidence of a stock broker's calls to his mistress as a way to get him to distort the value of some penny stock, etc... well, it's all bad movie-type stuff, except it's real. And real cheap.
      • "I'm one of those people that doesn't have too much trouble with the Patriot act's purpose and typical use"

        I have a problem in that it was sold to the congress as a way of fighting terrorism, but in fact is used as an excuse to do warrentless wiretaps domestically without judicial oversight.

        In fact, as it turns out, the "Patriot" act has nothing to do with terrorism.

        I have a problem with any law that mentions that you can be subject to investigation *and not be allowed tell anyone about it*. It flies direc
    • --Just run down to a different payphone, at different times, in disguise from the traffic cameras.--

      Yea, or your local WalMart and get a TracPhone. They don't ask you who you are. When that number is traced, where is it going to go? I think real criminals will just go to this method.
      • Re:So what? (Score:2, Insightful)

        Yeah, but you are still calling the same numbers at the same times. When a warrant is issued, it is usually to access the records and audio from a specific sub-station, thus exercising due diligence in making the intrusive governmental access as specific to the warrant as possible. When arressting a dangerous criminal in an apartment building, the police will block off as little an area as is reasonable to take the criminal into custody. They don't shut down entire blocks at a time for petty criminals.
    • Why?

      I can get prepaid sim cards to use in serveral unlocked GSM phones that have no link back to me easily.

      If I swap the sim around in 2 different phones and use different sims it makes it really easy to screw with those trying to track you and makes this topic of getting phone records pretty darn useless against the tactic.

      The above is one tactic that Mitnick should have used instead of being stupid and using the same cellphone over and over and over so they could find him easier.
  • FBI Eh? (Score:2, Insightful)

    by Anonymous Coward
    To test the service, the FBI paid Locatecell.com $160 to buy the records for an agent's cell phone and received the list within three hours, the police bulletin said....

    Frank Bochte, a spokesman for the FBI in Chicago, said he was aware of the Web site.

    "Not only in Chicago, but nationwide, the FBI notified its field offices of this potential threat to the security of our agents, and especially our undercover agents," Bochte said. "We need to educate our personnel about the dangers posed by individuals using
  • by liangzai ( 837960 ) on Friday January 06, 2006 @12:00PM (#14409889) Homepage
    I have no fixed line. I only use cash cards for mobile. I haven't received a spam e-mail message in 8 years.

    I mean, what the fuck is wrong with me? Why doesn't the corporate oligarchy like me? Why haven't I been offered to enlarge my reproductive tool, invest in Nigerian projects, or enroll in the US Gubmint Green Card lottery?

    It is so fucking unfair.
  • Why not? (Score:3, Interesting)

    by nietsch ( 112711 ) on Friday January 06, 2006 @12:00PM (#14409896) Homepage Journal
    If there is a market for it, then why not let the phone companies make some bucks out of it? There is little information to be gained from the meta information of my phonecalls. But you would want some ways to opt out of it so persons and companies concerned about it could have the call to and from their number not listed.
    The downside is offcourse that if this will be allowed, every phone company will make it their standard, and if you want out of it you have to pay more for the priviledge. So maybe restricting them from both ways (the info only goes out with a search warrant) is a better solution.
    And now on to RTFA...
    • Re:Why not? (Score:3, Interesting)

      by monkeydo ( 173558 )
      If you had RTFA first, you would have known that it isn't the cell companies selling the data, and in many cases it is being sold out the back door by dishonest employees.
      • If there is a genuine demand for it, then you can be sure it will be sold. If you outlaw it it will just not be the providers themselves but these shady types calling themselves 'brokers'. Allow it and you stop a black market from developing.
  • by dada21 ( 163177 ) * <adam.dada@gmail.com> on Friday January 06, 2006 @12:02PM (#14409910) Homepage Journal
    I personally don't care who knows who I am calling -- in fact I openly release my cell phone data to all my customers as I bill them by the minute when they call me (plus they can see who else calls me which helps when someone says I might have overcharged them).

    My bigger concern has always been who could have the content of any calls recorded. I know the phone companies "don't" and I doubt government has any concern for what I talk about, but there is proprietary information we all discuss on the phone (nothing illegal, just ideas and other information I'd rather not share). Digital cell transmissions are already nicely compressed for transmission and those data streams are just perfect to stick on a huge hard drive and use in the future.

    I have no political aspirations, so I guess my information would be totally useless in order to try to hurt me publicly, but for those who do think about the future -- is the cell phone a safe way to communicate?
    • Are your customers aware that you are exposing their calls to you to outside companies?

      Do your contracts include a confidentiality clause that this violates?

      " is the cell phone a safe way to communicate?"

      No. Not if you have information you want kept secret. No transmitted communication is entirely safe, and some are less safe than others.
    • by MarkusQ ( 450076 ) on Friday January 06, 2006 @12:27PM (#14410077) Journal

      On the one hand, I am appalled at the erosion of our civil liberties and the almost-sedated non-response from the public. It reminds me of the way in which cancer kills you (the body ignores it when it's small, and as it only grows a little bit each day, the problem is put off until it's too late; a tumor that would have been actively fought if implanted full grown kills an otherwise health person because it's never that much worse than it was the day before).

      But on the other hand, I'd love to see someone try to decipher my cell phone calls:

      Me: Could you repeat that?
      Them:If...the...ine when I...ick.
      Me: No! Don't click on that! We need to log the error message.
      Them:Hog...any..sausage?
      Me:Not sausage. Message. Error message. Error message. Error message.
      Them:...ot an err...hat about...age?
      Me:Write it down. Write it down. Write it down.
      Them:Could you...that? ...other...erver room...ception in here...od damn fans...!
      Me:Write it down. Write it down. Write it down.
      Them:...I just read...you? Zero zero...eff as in...apple, zero, ze...two. Got that?

      Hey, maybe I could just ask the NSA for a cleaned up transcript!

      --MarkusQ

    • No phone should not be considered a secure way to communicate. Depending upon the security requirements of what is discussed, certain levels of insecurity are usually tolerated (or ignored) when using a telephone. One thing that many people are totally clueless about is that telephone calls placed using analog cell phones and many cordless phones are very easily intercepted with simple radio receivers (even though it is illegal to sell those receivers in the US). Digital cell phone conversations requires
      • I consult with financial broker dealers and they are often required to record "order line" phone conversations. We sell numerous "digital direct" recording packages for these clients. Some of them feed the information (via IP) to a central clearinghouse that stores and even analyzes orders. Sort of scary.
  • When I signed up for the account I just called them and they said they can also stop sharing information within Sprint themselves, and I did that too.
  • by AutopsyReport ( 856852 ) on Friday January 06, 2006 @12:03PM (#14409921)
    Two months ago, Macleans (Canadian magazine) ran a story on this, but they took it one step further: they bought the cell phone records of Canada's Privacy Commisssioner, Jennifer Stoddart [privcom.gc.ca]. It was remarkably embarassing. Reading the Maclean's article was entertaining, so if any Canadian's missed it, check it out [macleans.ca].
  • by Schezar ( 249629 ) on Friday January 06, 2006 @12:09PM (#14409951) Homepage Journal
    Once news of this hits the mainstream television media, I imagine the public outcry and following legislation will put the kaibosh on it.

    Still, the underlying problem is far deeper than many will admit. I believe that we in the United States have a certain right to an expectation of privacy, but at the same time we cannot rely on that expectation to safeguard information regarding ourselves. Information exists beyond the scope of your personal effects, and you cannot reasonably expect others to protect it for you.

    The problem is that most financial and personal transactions here rely almost entirely on security through obscurity: the identity thief can't steal your identity... until he gets ahold of your (trivial to obtain) SSN, and so forth. We rely on hiding information about ourselves as a means of securing our effects, despite the fact that such information is all but unprotectable in the face of modern technology.

    No amount of legislation is going to stop people from uncovering information: the only way to mitigate this is to make the information on its own worthless.

    A social security number should be useless to anyone but me. Same with a bank account number. The security needs to be seperate from the identification.
    • The only "kibosh" that will be put is on government-related cell records. Just like cops, agents, politicians, and prosecutors get to carry guns but you don't, they will get special privacy protections that you don't. Put money on that fact.
      • "Just like cops, agents, politicians, and prosecutors get to carry guns but you don't...."

        Dunno where you live...but I as a normal citizen (none of what you listed) can perfectly legally carry a concealed gun. Many states have CC licenses you can get quite easily.

    • Europeans can reasonably expect other Europeans to help safeguard their privacy. Part of that is mutual interest, part is a reasonably comprehensive network of privacy laws that consumers (and governments) can use to skewer anyone who transgresses (and is discovered). Although territorial claims aren't particularly protected in, say, Britain (it still has no law of trespass), personal privacy is generally very well protected.

      Now, if quaint, olde worlde countries like Britain can succeed in offering a high l

  • So who is selling the logs and how do they get them? Can they be sued for privacy infringement?
  • Well this is disturbing news indeed. As long ago as July this issue had been raised. Wish I knew about it sooner.

    Where do these people come from? Whatever happens to these people that's bad, I hope it happens soon because they definitely deserve it... those people, and people who operate tow services with questionable tactics... these kinda people just get under my skin. If wishin' were killin' I'd be among America's most wanted right now.
  • by bhirsch ( 785803 ) on Friday January 06, 2006 @12:33PM (#14410114) Homepage
    I will sell my phone records for $110.
  • Preemptive strike

    I sleep well at night not worrying about privacy concerns or any of the other issues that are out there, and it helps me live in the modern age.

    The first is to live an exceedingly dull life. My cell phone records, if anyone bothered to pay for them, would provide a list of short calls to other dull people, usually to arrange meetings to do dull things such as 'play skee ball' or 'watch star trek'. If someone wanted to invade my privacy, the would end up spending hours on end trying to figure out what I was hiding, because nobody's life is that boring. The jokes on them, because mine is.

    The second is to have an abysmal credit rating. Go ahead and steal my identify. Trust me, you won't be getting any credit cards using *my* name.

    The third is to have completely bizar purchasing habits. If you want to collect market data on me, fine. You'll think your computers, which approximate consumer behavior are broken with me. It's not that I try hard to be weird, it's just that, well, I'm going to purchase a DVD of Bergman's 'Wild Strawberries' in the same order as 'Dude, Where's My Car', and you'll jut have to live with it.

    So go ahead, steal my data. Take my information. I'm just going to make your magin of error bigger.
  • Go pay to get Jose Padilla's phone records this way. There's a story there no matter what you find.
  • This would be a good idea for a honeynet. You could figure out a mathematical way for a bunch of dummy phones (or dummy cards/requests) to spider-web to each other and figure out who exactly is doing the looking-up...
  • "Information wants to be free" is something we've seen mentioned and even applauded on /.

    None the less I'm quite appalled this can be legal or, even worse, common in any developed country.
    OK, maybe it's a little (hidden) check box on the contract that makes it possible but such an option should be off by default.

    After all, it's not just the phone's owners information that is disclosed but as well info on the innocent people he talked with.

    I could imagine that people from countries where privacy is of hi

  • Prepaid cell phones (Score:5, Informative)

    by caseih ( 160668 ) on Friday January 06, 2006 @12:44PM (#14410205)
    Most europeans won't ever have this kind of problem with privacy and information selling. In Europe you can just go to the kiosk, buy a sim chip, buy some prepaid sim minutes, all without ID or a credit card. Use the phone for a few days, then toss the sim chip and put in a new one if you're paranoid. Thanks to our greedy, monopolistic telecom corporations over here, you get locked into 2-year contracts and have to give the company all kinds of private information upon sign-up including social security number.
    • by SW6 ( 140530 ) <abuse@cabal.org.uk> on Friday January 06, 2006 @01:38PM (#14410655) Homepage
      Most europeans won't ever have this kind of problem with privacy and information selling. In Europe you can just go to the kiosk, buy a sim chip, buy some prepaid sim minutes, all without ID or a credit card. Use the phone for a few days, then toss the sim chip and put in a new one if you're paranoid.

      You're not paranoid enough. The phone's serial number (the IMEI) is transmitted with the call. So even though you've changed your number, it can be associated with the old one because the IMEI hasn't changed.

  • Illegal or not? (Score:5, Informative)

    by SiliconEntity ( 448450 ) on Friday January 06, 2006 @12:47PM (#14410228)
    There is an important issue being glossed over here: is the release of this information illegal or not?

    The top article [suntimes.com] implies that it is illegal for the phone companies to share this data. They point to unscrupulous insiders, and acts of fraud on the part of private investigators and data miners.

    But the information from EPIC [epic.org] and the FCC [fcc.gov] suggests a very different situation. According to these sites it is perfectly legal to share this data if the company adopts an "opt-out" policy and if the consumer has not exercised his right to opt-out. Well, of course most people have never heard of this and so they have not opted-out. Therefore it is completely legal for the companies to share your phone call lists!

    I'm annoyed and frustrated that the press reports are getting this so wrong (as usual). By implying that the problem is a few illegal acts, necessarily commited furtively and relatively rarely, they hide the fact that this is a perfectly legal, above-board business which is presumably going along at a brisk rate selling everyone's call info!
  • by SIGFPE ( 97527 ) on Friday January 06, 2006 @12:53PM (#14410273) Homepage
    ...using web pages and links you can form a 'person rank' from the calls people make. This has many applications. For example if you want to figure out how to influence the most people with the least money these may be the people whose opinions are the most widely sought and hence the people for you to call.
  • Social Engineering? (Score:3, Interesting)

    by scottd18 ( 593645 ) on Friday January 06, 2006 @12:54PM (#14410282) Homepage

    I have seen the bulletin. In it they indicate that they conducted a test and placed an order to get the records of one of the agency's own cell phones. A little while later an unknown person called that cell number and said they worked for the cell phone provider. The person then asked for some information about the subscriber. Some time later they got an email with "call records".

    A little social engineering can go a long way. If a "service technician" calls asking me for information, I'm going to tell him I'm George W. Bush.

  • dupe [slashdot.org]
  • Question: (Score:2, Funny)

    by SoulMaster ( 717007 ) *
    Do you think that if I contacted one of the firms that actually buys a months worth of records for $110, and told them that they are more than welcome to my records if they pay my $110/ month phone bill, they would?

    For another $120 + $12.95(TIVO)/month, they can pay my cable/tivo bill for me and I'll tell them everything I watched on all my TVs.

    For about $320 I'll detail for them every Kw/h of power I used in a month.

    Kick in a final $400 amonth for gasoline, and I'll gladly catalogue everywhere I've driven.
  • One of the features of a 5ESS or DMS-100 is that they keep nice tidy records of who called who for how many minutes.

    Law enforcement has almost always had back doors into both the wired and wireless systems in the United States. They are the only entity I know of authorized to see this data.

    So what we have here is either a) The cell carriers which are pretty much wholly owned by Bell Co's selling this info

    or

    b) Someone illegaly getting the data and selling it.

    I'd lay my money on b.
  • In Europe this is virtually impossible; the guys operating those websites would get prison time for doing this.

    In France this government commission [wikipedia.org] is responsible for overseeing such rules. Everybody listed in any (government or otherwise) name database has a right to read his entry and modify or delete it.
  • I think there is a problem if only the government has access to cell phone records. If it becomes easy for everybody to get access, then the market will create mechanisms by which it becomes easy for people to regain their privacy (e.g., through disposable numbers, cash-based cell phone purchases, call routing, etc.).
  • by Anonymous Coward on Friday January 06, 2006 @01:46PM (#14410719)
    After reading the SunTimes article I decided to call Sprint (my cell phone company). The people I talked to had never heard of this service. They told me that I needed to speak to fraud. After many attempts to get someone to listen I finally got a supervisor on the line. I explained that I did not authorize Sprint to disclose my address, name, and/or phone records with a third party. The supervisor opened the site and was shocked at what was available. I was transferred to a tech support person that I again explained the information release problem to. The technician told me he would get a phone from their stock of phones they use for testing and put the information from that phone into the website. After the technician verified the ability to gather information about a phone I was transferred to Sprint corporate security. Sprint corporate security was shocked that this type of service was available without a court order. I was assured that Sprint would not sell my information to a third party. The information about the site and news article was forwarded to the fraud and legal departments.
  • by bot ( 235273 ) on Friday January 06, 2006 @02:44PM (#14411199)
    If we make enough noise about it, something might be done. Squeaky wheel etc etc.

We are not a clone.

Working...