Yet another reason for cash settled IP telephony? Actually, you can trace an IP address just as well, can't you?... Cheers, Bob Hettinga --- begin forwarded text Resent-Date: Wed, 14 Jan 1998 19:06:14 -0800 (PST) X-Authentication-Warning: weber.ucsd.edu: procmail set sender to rre-request@weber.ucsd.edu using -f X-Authentication-Warning: weber.ucsd.edu: Processed from queue /usr/spool/mqueue/rqueue Date: Wed, 14 Jan 1998 18:58:10 -0800 (PST) From: Phil Agre <pagre@weber.ucsd.edu> To: rre@weber.ucsd.edu Subject: AT&T Database Reveals Unlisted Names From Numbers Resent-From: rre@weber.ucsd.edu Reply-To: rre-maintainers@weber.ucsd.edu X-URL: http://communication.ucsd.edu/pagre/rre.html X-Mailing-List: <rre@weber.ucsd.edu> archive/latest/1803 X-Loop: rre@weber.ucsd.edu Precedence: list Resent-Sender: rre-request@weber.ucsd.edu =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= This message was forwarded through the Red Rock Eater News Service (RRE). Send any replies to the original author, listed in the From: field below. You are welcome to send the message along to others but please do not use the "redirect" command. For information on RRE, including instructions for (un)subscribing, send an empty message to rre-help@weber.ucsd.edu =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Date: Wed, 14 Jan 98 12:38 PST From: privacy@vortex.com (PRIVACY Forum) Subject: PRIVACY Forum Digest V07 #02 PRIVACY Forum Digest Wednesday, 14 January 1998 Volume 07 : Issue 02 ---------------------------------------------------------------------- Date: Tue, 13 Jan 98 10:05 PST From: lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator) Subject: AT&T Database Reveals Unlisted Names From Numbers Greetings. In a memorable scene from the 1975 film "Three Days of the Condor," CIA agent-on-the-run Joe Turner, played by Robert Redford, monitors a phone line with a telephone test set (known in telco parlance as a "butt set" or more popularly a "butt-in"). After taping and determining the touch- tone digits being dialed, he makes a call to an "operator" who provides the name and address of the party associated with that dialed number. His exchange with that operator was completely authentic. For decades telephone companies have operated "Customer Name and Address" bureaus, known colloquially as "CNA" bureaus. Presented with a phone number, the CNA operators provide name and address data, even for unlisted or non-published numbers. This service was and is ostensibly only for telephone company use. The telcos rightly considered this information sensitive, and CNA access numbers were always subject to frequent changing, but still leaked out. They were highly coveted by private detectives, phone phreaks, and others, for various investigative or even harassing purposes (few things can upset a person who thinks they have an unlisted number more than a bizarre call from an unknown person in the dead of night who knows their name...) Over the years, telephone subscribers have become more aware of the various commercial and other purposes to which their telephone listings have been subjected, and increasing percentages of folks have unlisted ("non-published" or "non-pub") numbers. In states like California, the majority of numbers are non-pub. Telephone company literature usually states that a non-pub status (for which subscribers now typically have to pay an extra monthly fee) also protects them from so-called "upside-down" listings and services--essentially published versions of CNA that provide listings in telephone number and/or house address order. Clearly the telcos realize that people are still very sensitive about their names and/or addresses being looked up by number. So it was with considerable concern late last year when I learned of an easily accessible AT&T database that provides a major portion of CNA--the provision of names from numbers, even for unlisted or non-published numbers. I have been engaged in a dialogue with various AT&T officials concerning this database since then. Getting an official response has taken some time (the holidays didn't help of course), and I've been told that I'm the first person to ever bring this issue to their attention (a familiar enough refrain when it comes to privacy issues...) The database in question is a "service" (which AT&T says is greatly appreciated by their customers) which ostensibly exists to allow automated access to number information by business customers. AT&T long distance business customers, upon calling their designated customer service number from their bills, enter a typical complex voice mail maze. After entering their main AT&T account number into the system, one of the choices available relates to "if you do not recognize a number on your bill." Choosing this option drops the user into an automated system which allows the direct entering of phone numbers. For each number entered, the system then attempts to read out (using a voice synthesizer) the name associated with that number. An option is also available to spell out the name, since text-to-speech handling of proper names can be less than optimal (remind me to tell the story of my "Touch-Tone Unix" synthesizer system from the '70's someday). The number entry/readout sequence can be repeated (apparently) as many times as desired. The need for a customer to find out who is associated with a truly unknown number on their bill can be a real one. Unfortunately, this database has a variety of negative characteristics: -- The database does not limit lookups to numbers actually on the customer's bill! Any numbers can be entered, and the system will usually provide the associated name, even if they are not on the current (or any) bill. Presence or absence from the bill is totally irrelevant. -- The database provides data for unlisted or non-published numbers just as happily as for listed numbers. This includes corporate internal numbers, modem and fax lines, residential second lines, and so on. -- For listed numbers, the database sometimes provides not the name associated with the listing, but rather the name of the *person* who is apparently the "billing contact" for the listed entity and usually has nothing whatever to do with the listing itself! To quote from the official response I received from the AT&T media relations representative with whom I have been in contact about these concerns: "As a matter of policy, AT&T safeguards customer information from unauthorized access. It is also our policy to allow business customers to access their account-billing records to check the accuracy of their records and to request changes, as necessary, by using an automated system. Until now, questions such as yours have never come up, so we want to thank you very much for bringing your concerns to our attention. ... The system has been in use for several years and, in our search for ways to improve the accuracy, timeliness and cost- effectiveness of the services we offer customers, we had already begun evaluating a number of options. Your inquiry has hastened our considerations of new ways to offer capabilities that our business customers value while safeguarding private customer information from unauthorized access. So, again, we thank you for bringing this issue to our attention." What this really means in terms of actual changes is decidedly unclear. No date is specified for any alterations, nor have they explained in any manner what sorts of customer privacy changes (if any) will be made, nor how any new system might differ from the current one. In the meantime, I have been told that they do not intend to alter the operations of the current database in any manner. I have suggested suspending or limiting the current system as a clear move to help protect telephone subscribers' privacy. AT&T has chosen not to do so. They point out that the database is not "intended" for other than the lookup of unknown numbers on the bills, and that they consider any other use to be improper. However, such improper uses will continue to be completely possible under the current system. My overall impression is that AT&T feels people aren't concerned about number to name lookups, and that AT&T doesn't see what harm such information could do in any case. This sort of "What harm could it do?" attitude is one that PRIVACY Forum readers have seen repeatedly with commercial databases of various sorts. It of course is important that persons make their feelings about such issues known once they come to light. If people don't bother to complain, faulting the commercial database policies themselves becomes considerably more problematical. Others may agree, or perhaps disagree, with AT&T's apparent attitudes about this matter. It seems likely that more persons expressing their opinion, either positive or negative about the system, would be useful to AT&T in helping to gauge public feelings about such matters. AT&T has told me specifically that the appropriate venue for such opinions would be AT&T Executive Resolution, at (908) 221-4191 (8-5 PM Eastern--I'm told that collect calls are accepted during those business hours). All too often, we see that the implementation of potentially useful services is done in a manner that produces undesirable (and often unintended) negative privacy side-effects. A key issue is to what extent an entity responds to privacy concerns, even when they might not agree with them, after they've been made aware of the issues. So far, I'm afraid that AT&T's response to this situation has not been stellar. --Lauren-- Lauren Weinstein Moderator, PRIVACY Forum http://www.vortex.com ------------------------------ End of PRIVACY Forum Digest 07.02 ************************ --- end forwarded text ----------------- Robert Hettinga (rah@shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/ Ask me about FC98 in Anguilla!: <http://www.fc98.ai/>