FTC Settlement Bars One Call Broker's Sales, Pretexting

Telecom Policy Report, Oct 9, 2006

As the Hewlett-Packard pretexting fraud scandal intensifies with criminal charges and arrest warrants (TelecomWeb news break, Oct. 5), the Federal Trade Commission (FTC) revealed it has settled charges against a call-detail broker that will be barred from selling such information and from the pretexting technique used to gain such data.

Based on several high-profile complaints surfacing earlier this year (TelecomWeb news break, May 3), the FTC in a 13-page settlement filed with the U.S. District Court, Eastern District of Virginia -Newport News Division says the defendants also will "give up ill-gotten gains" totaling some $2,700. The settlement - accepted by the full commission in a 5-0 vote - was agreed to by Integrity Security & Investigation Services Inc. (ISIS) and its principal Edmund Edmister, according to the agency.

"The settlement bars the defendants from obtaining or selling consumers' confidential phone and credit account records unless authorized by law or court order and requires that they give up the money they made selling phone records in the past," the FTC says. The settlement with ISIS and its principal ends the litigation with those particular defendants. The FTC also says it dismissed charges against ISIS corporate officers F. Lynne Moseley and Tracey Edmister, whom the agency "determined played no role" in operating the call-data brokerage business.

ISIS reportedly is based in Yorktown, Va., but its mailing address is Laguna Beach, Calif. It was one of five Web-based operations charged with violating federal law in the ways it obtained and sold consumers' confidential phone records to third parties via pretexting techniques that impersonate phone subscribers to gullible telco personnel and other holders of personal and private information. The FTC is seeking permanent injunctions in its litigation.

There are four other call-brokerage cases still in litigation, according to the FTC: 77 Investigations Inc. and Reginald Kimbro, based in Upland, Calif., and using mailing addresses in Jacksonville, Fla., Broomfield, Colo., and Nashville, Tenn.; AccuSearch Inc. (dba Abika.com) and Jay Patel, based in Cheyenne, Wyo.; CEO Group Inc. (dba Check Em Out) and Scott Joseph, based in Ft. Lauderdale, Fla.; and Information Search Inc., and David Kacala, based in Baltimore, Md.

Credit-Card Transactions

The complaint against ISIS and Edmister also alleged the company obtained and sold consumers' credit-card information. The FTC asked the court to order a permanent halt to the sale of the phone records, and it ordered the operators to give up the money they made from their illegal operations. The settlement also prevents the defendants from hiring others who pretext to obtain phone or financial records, and it contains provisions allowing the FTC to monitor compliance with its order.

The FTC and federal law-enforcement agencies reportedly had been investigating call brokers and pretexting - including via sting operations - since late last year, identifying numerous but sometimes elusive Web-based companies involved in the practice and the transactions. The call broker/pretexting business drew wider national and federal lawmaker attention earlier this year when media reports revealed the extent and ease of conducting such an activity.

State laws against pretexting vary, and proposed bills in the U.S. Congress to outright criminalize all such call-brokerage and pretexting activity on a national statute basis haven't yet passed. The scandal over HP's private detectives (reportedly call brokers' best customers) allegedly using pretexting to investigate board members, employees and journalists in an internal-news-leak probe has added to widespread policy-maker angst over the country's apparent pretexting mess. Due to its leeway under the Federal Trade Commission Act, that agency and its civil-litigation authority right now seem to be the most effective way of dealing with call brokers and pretexters at the federal level.

The Federal Communications Commission (FCC) also has been investigating online data brokers, pretexting practices and vulnerabilities of telco records under its Telecommunications Act of 1996 authority. It's also looking at the privacy and security measures major common carriers have in place to protect user information under consumer proprietary network information (CPNI) regulations, and it has penalized companies for technical violations of the rules. Like the FTC, the FCC's legal action, if any, falls under bureaucratic enforcement measures and civil suits, and not criminal complaints.

Several major wireless and wireline service providers also have filed private legal action against call brokers, and they've been petitioning the courts to halt the businesses permanently. State attorneys general also have been taking action where applicable.

In related efforts, the FTC is working with the U.S. Department of Justice and some 15 federal agencies and departments on an Administration- organized "identity theft task force." It's made some early interim recommendations to help address the problem of identity theft, especially over the Internet, in advance of a final report and strategic plan due in November.