Yesterday, reports surfaced that Voipo, a California voice-over-internet-protocol (VOIP) provider, exposed millions of consumer call logs and text messages stored on an “improperly secured” ElasticSearch database for several months before security researcher Justin Paine located them. According to Mr. Paine, many of the files contained detailed customer call records, including time and date. Public Knowledge demands that Federal Communications Commission Chairman Pai enforce existing Customer Proprietary Network Information (CPNI) rules that protect the privacy of information related to telephone calls. The CPNI rules apply to both facility-based VOIP providers as well as to traditional telephone providers.
The following can be attributed to Harold Feld, Senior Vice President at Public Knowledge:
“Unfortunately, the general unwillingness of Chairman Pai to protect consumers’ privacy has led to increasing recklessness in the way telecommunications companies protect and treat our personal data. By now these companies know that there are almost no consequences for bad behavior. The FCC seems unwilling to act; Republicans in Congress have already limited the FCC’s privacy authority; and the Federal Trade Commission — which is now the only agency with authority to investigate text messaging privacy since the FCC declared it an information service last month — is nowhere to be seen in this space.
“To counteract nearly two years of consistent ringing of the dinner bell for carriers to exploit our personal information, Chairman Pai must move immediately to make clear that the agency will enforce its rules and hold companies that fail to adequately protect call records accountable. Failure to do so will make it clear to carriers, Congress and consumers that the supposed ‘cop on the beat’ is asleep at the wheel.
“Chairman Pai should cooperate with Congressman Pallone and explain to the new House Energy and Commerce Committee what is it that the FCC is doing to protect the privacy of phone subscribers, as required by law. We call on the FTC and the FCC to work together to protect subscriber privacy, rather than standing on the sideline passing responsibility from one to the other.”
You may view our latest blog post on the topic, “How Well Do the Current Federal Privacy Proposals Protect Your Privacy?,” for more recommendations on how the new Congress can put consumers first.
Members of the media may contact Communications Director Shiva Stella with inquiries, interview requests, or to join the Public Knowledge press list at shiva@publicknowledge.org or 405-249-9435.