Telecoms must safeguard information about consumers' phone calls, regardless of whether the calls are made on wireless devices or landlines, the Federal Communications Commission ruled today.
“When mobile carriers use their control of customers’ devices to collect information about customers’ use of the network, including using preinstalled apps ... carriers are
required to protect that information,” the FCC said in a statement today. “This sensitive information can include phone numbers that a customer has called and received calls from, the
durations of calls, and the phone’s location at the beginning and end of each call.”
The FCC began looking into expanding its privacy rules to wireless devices in response to
allegations that the mobile software company Carrier IQ was logging users' keystrokes. Carrier IQ has always denied that it logged keystrokes, but acknowledged in a 2011 report that an unintentional
glitch allowed some SMS messages to be collected. However, Carrier IQ says those messages were never decoded or made available in “human readable form.
The FCC's decision today makes
clear that carriers must treat data about phone calls as private regardless of the type of device the calls are made from. But the ruling doesn't appear to apply to a host of other data that can
travel on wireless networks -- including SMS calls and emails.
Today's FCC move also doesn't affect device manufacturers or operating system developers or third-party apps -- all of whom might
collect information from consumers. Commissioner Jessica Rosenworcel pointed out some of those issues today. “Dial a call, write an e-mail, make a purchase, post an online update to a social
network, read a news site, store your family photographs in the cloud, and you should assume that service providers, advertising networks, and companies specializing in analytics have access to your
personal information. Lots of it-- and for a long time,” she wrote in a statement supporting the ruling. “Our digital footprints are hardly in sand; they are effectively in wet
cement.”
She adds that the rules issued today apply only to carriers. “They do not apply to the manufacturers of wireless phones. They do not apply to the developers of operating
systems,” she wrote. “Consumers can be confused by these distinctions.”
Of course, even when the FCC tells companies to protect consumers' privacy, judges can still order
telecoms to disclose information to authorities like the National Security Agency. In fact, revelations about widespread NSA surveillance came up in today's decision. “The privacy of Americans'
phone records is a topic that has been in the news quite a bit lately,” Commissioner Ajit Pai wrote in a concurring statement. “This morning, the Commission tackles a small piece of this
subject that hasn't made the headlines.”