SENATE, No. 789

STATE OF NEW JERSEY

214th LEGISLATURE

PRE-FILED FOR INTRODUCTION IN THE 2010 SESSION

Sponsored by:

Senator  FRED H. MADDEN, JR.

District 4 (Camden and Gloucester)

SYNOPSIS

     The "Consumer Telephone Records Protection Act of 2008."

CURRENT VERSION OF TEXT

     Introduced Pending Technical Review by Legislative Counsel

An Act concerning telephone records and supplementing Title 2C of the New Jersey Statutes and P.L.1960, c.39 (C.56:8-1 et seq.).

     Be It Enacted by the Senate and General Assembly of the State of New Jersey:

     1.  This act may be known and may be cited as the "Consumer Telephone Records Protection Act of 2008."

     2.  The Legislature finds and declares that:

     a.  Telephone records are especially vulnerable to misuse by criminals because the information contained in call logs listed in such records includes a large amount of personal data;

     b.  Many call logs reveal the names of telephone users' doctors, public and private relationships, business associates, and other personal information;

     c.  Although certain types of personal information such as social security numbers may appear on a variety of public documents which can be accessed by data brokers, telephone records are only stored by entities that provide voice services;

     d.  Telephone records may be accessed without authorization of the customer by:

     (1) an employee of the entity that provides the voice services selling the data;

     (2) "pretexting," whereby a data broker or other person who pretends to be the owner of the telephone convinces employees of the entity that provides the voice services to release the data to the broker or other person; or

     (3) unauthorized access of accounts via the Internet; and

     e.  Because entities that provide voice services encourage customers to manage their accounts through the Internet and many customers set up their electronic account capability in advance but never actually activate their accounts electronically, criminals seeking the customer's personal information are able to activate the account before the customer activates the account, thereby gaining unfettered access to the telephone records and call logs of that customer.

     3.  As used in P.L.    , c.    (C.    ) (pending before the Legislature as this bill):

     a. "Confidential telephone records information" means information that:

     (1) relates to the quantity, technical configuration, type, destination, location, and amount of use of a service offered by a covered entity;

     (2) is made available to a covered entity by a customer solely by virtue of the relationship between the covered entity and the customer; and

     (3) is contained in any bill related to the product or service offered by a covered entity and received by any customer of the covered entity.

     b.  "Covered entity" means:

     (1) a "telecommunications carrier" as defined in section 3 of the "Federal Communications Act of 1934," (47 U.S.C. s.153); or

     (2) a provider of IP-Enabled voice service.

     c.  "Customer" means, with respect to a covered entity, any person, or authorized representative of a person, to whom the covered entity provides a product or service.

     d.  "Document" means any information in any form.

     e.  "IP-Enabled voice service" means the service:

     (1) enables real-time, two-way voice communications;

     (2) requires a broadband connection from the user's location;

     (3) requires IP-compatible end user equipment; and

     (4) offering permits users generally to receive calls that originate on the Public Switched Telephone Network (PSTN) and to terminate calls to the PSTN.

     4.  Whoever obtains, or attempts to obtain, confidential telephone records information, as defined in section 3 of P.L.          ,

c.     (C.        ) (pending before the Legislature as this bill), from a covered entity, as defined in section 3 of P.L.    , c.    (C.        ) (pending before the Legislature as this bill), without authorization from the customer to whom such confidential telephone records information relates, by knowingly:

     a.  making false or fraudulent statements or representations to an employee of a covered entity;

     b.  making such statements or representations to a customer of a covered entity;

     c.  providing false documentation to a covered entity knowing that such documentation is false; or

     d.  accessing customer accounts of a covered entity through the Internet;

shall, for each occurrence, be guilty of a crime of the third degree.

     5.  Except as otherwise provided under applicable law, any person, including any employee of a covered entity or any data broker, who knowingly sells, or attempts to sell, confidential telephone records information, as defined in section 3 of P.L.    , c.     (C.        ) (pending before the Legislature as this bill), from a covered entity, as defined in section 3 of P.L.    , c.     (C.        ) (pending before the Legislature as this bill), without authorization from the customer to whom such confidential telephone records information relates, shall be guilty of a crime of the third degree.

     6.  Except as otherwise provided under applicable law, any person who knowingly purchases or receives, or attempts to purchase or receive, confidential phone records information as defined in section 3 of P.L.    , c.     (C.        ) (pending before the Legislature as this bill), without authorization from the customer to whom such confidential phone records information relates, or who has reason to know such information was obtained fraudulently, shall be guilty of a crime of the third degree.

     7.  For purposes of P.L.    , c.     (C.        ) (pending before the Legislature as this bill), the exceptions specified in subsection (d) of section 222 of the federal Communications Act of 1934 (47 U.S.C. s.222 (d)) shall apply for the use of confidential phone records information by any covered entity, as defined in section 3 of P.L.    , c.     (C.        ) (pending before the Legislature as this bill).

     8.  No provision of P.L.    , c.     (C.        ) (pending before the Legislature as this bill) shall apply to or expand the obligations and duties of any covered entity to protect telephone records beyond those otherwise established by federal or State law.

     9.  No provision of P.L.    , c.     (C.        ) (pending before the Legislature as this bill) shall apply to a covered entity, or its agents or representatives, who act reasonably and in good faith, notwithstanding any later determination that such action was not in fact authorized.

     10.  Whoever violates or attempts to violate section 4 of P.L.   , c.   (C.   )(pending before the Legislature as this bill) while violating another State or federal law, or as part of a pattern of any illegal activity involving more than $100,000, or more than 50 customers of a covered entity, in a 12-month period shall be guilty of a crime of the second degree.

     11.  It shall be an unlawful practice for any person to obtain confidential telephone records information from a covered entity, without authorization from the customer to whom such confidential telephone records information relates, by

     a.  making a false or fraudulent statements or representations to an employee of a covered entity;

     b.  making such statements or representations to a customer of a covered entity;

     c.  providing false documentation to a covered entity; or

     d.  accessing customer accounts of a covered entity through the Internet.

     12.  Except as otherwise provided under applicable law, it shall be an unlawful practice for any person, including any employee of a covered entity or any data broker to sell confidential telephone records information from a covered entity, without authorization from the customer to whom such confidential telephone records information relates.

     13.  Section 4 of P.L.   , c.   (C.   )(pending before the Legislature as this bill) shall not be construed to prevent any action by a law enforcement agency, or any officer, employee, or agent of such agency, to lawfully obtain confidential telephone records information from a covered entity in connection with the performance of the official duties of the agency.

     14. This act shall take effect immediately.

STATEMENT

     This bill, entitled the "Consumer Telephone Records Protection Act of 2008," would make it a crime of the third degree, and an unlawful practice under the Consumer Fraud Act, for any person to obtain or attempt to obtain confidential customer telephone records information from an entity that provides voice services, without the customer's authorization, by making false or fraudulent statements, knowingly providing false documentation, or accessing customer records through the Internet.  Under the bill, aggravated cases, in which the person violates another State or federal law, or is involved in a pattern of illegal activity involving more than $100,000 or more than 50 customers of an entity that provides voice services within a 12-month period, are considered offenses of the second degree.

     The bill would also makes it a crime of the third degree for:

·        any person to receive, or attempt to purchase or receive, confidential telephone records; or

·        any employee of an entity that provides voice services, data broker, or other person to knowingly sell, or attempt to sell, confidential customer telephone records information without the customer's authorization.  These offenses would also be unlawful practices under the Consumer Fraud Act.

     The bill specifies that exceptions set forth in section 222(d) of the Federal Communications Act of 1934 apply for the use of confidential telephone records information by any covered entity.  The bill also exempts actions by a law enforcement agency or any officer, employee or agent of such agency that lawfully obtains confidential telephone records information in the performance of the official duties of the agency.

     Under the bill, entities that provide voice services, and their agents or representatives, who act reasonably and in good faith, would not be considered in violation of this act if it is later determined that their actions were not authorized.  Furthermore, the bill would not expand upon the obligations and duties of any an entity that provides voice services to protect telephone records beyond those otherwise established by federal or State law.

      A crime of the third degree is punishable by three to five years imprisonment, a fine up to $15,000, or both.  An crime of the second degree is punishable by five to 10 years imprisonment, a fine up to $150,000, or both.  An unlawful practice under the Consumer Fraud Act is punishable by a monetary penalty of not more than $10,000 for a first offense and not more than $20,000 for any subsequent offense.  In addition, a violation can  result in cease and desist orders issued by the Attorney General, the assessment of punitive damages and the awarding of treble damages and costs to the injured party.