Pretexting all too often an invasion of privacy

Efforts grow to ensure that getting personal information under false pretenses is illegal

September 12, 2006|By Tricia Bishop | Tricia Bishop,Sun reporter

When the Hollywood gumshoes do it, it's considered good detective work.

When a real private investigator's consultant, who happens to have been hired by Hewlett-Packard's chairwoman, does it - as was revealed last week - it's considered a possible career-ender and maybe even illegal.

It's called pretexting and is broadly defined as getting personal information under false pretenses. It's hardly new, whether it takes place in boardrooms or beyond. But in these days of increasing privacy concerns and cyber-based identity theft, lawmakers and businesses are cracking down on those who would pretend to be someone else to get private details, such as account information or Social Security numbers.

Still, to many, it's a tried-and-true investigative method that's been put to use by everyone from television PI's to the police.

Jim Rockford of the 1970s Rockford Files, for example, used to carry a printing press in his car to whip up phony business cards. Undercover detectives frequently fake their identities to find bad guys. And in Towson, investigators for Victor Aulestia's firm will fudge facts to score information about everyone from insurance defrauders to cheating spouses.

"It's just amazing how people will throw information at you without verifying further what you're doing or where you're from," said Aulestia, who directs the investigative division of Absolute Investigative Services Inc.

That same vulnerability has caused thousands to be cheated out of their account information and life savings from scam artists, however. And in some stalker cases, it's even led to death. Such dangers have spurred a spate of recent laws meant to prevent people from using fraudulence to obtain private records.

A 1999 federal law makes it illegal to use deception to obtain financial information. And Congress is considering a bill that would make such methods illegal when obtaining phone records, similar to legislation already in place in several states.

Such a law, passed during this year's legislative session, takes effect in Maryland Oct. 1.

"The bill that passed only dealt with telephone records because that's where the issue has been previously," said Steve Sakamoto-Wengel, a Maryland assistant attorney general in the consumer protection division.

But, he added, "I would have concerns about obtaining any kind of information based on false information. ... Nobody should be posing as somebody else to be getting personal information."

A filing Wednesday with the U.S. Securities and Exchange Commission showed that detectives hired by Hewlett-Packard's chairwoman, Patricia Dunn, had used the technique to obtain phone records.

According to the Associated Press, Dunn has said she initiated the investigation to determine who had been leaking company details to news reporters, which was considered an "egregious breach" of company standards. She also said she would resign her position if asked. The records of some board members and news reporters were accessed, according to the Wall Street Journal.

Pretexting has been around as long as there have been nosy neighbors. But it's received more attention during the past few years as cellular phone companies and others have filed court cases against those who try to deceitfully access telephone records.

During the past few months, the Federal Trade Commission has also sued five Internet operations for selling phone records to alleged pretexters, though the agency hasn't fully defined what types of pretexting are illegal or acceptable, if any.

"The only type of pretexting that's specifically banned by federal law is for financial information," said Joel Winston, the FTC's associate director of the division of privacy and identity protection, which has oversight responsibility for prosecuting illegal pretexters.

But his agency has been using the Federal Trade Commission Act, which prohibits deceptive or unfair trade practices, to legally address other forms of pretexting that have consumer angles, such as companies selling access to sensitive information, the release of which, Winston said, "could cause serious harm to consumers."

Phone records have been accessed to reveal undercover law enforcement operations, Winston said, and could "facilitate stalking or other predatory behavior."

One case often cited involves a New Hampshire woman and Florida data company, Docusearch. In 1999, that business obtained the work address of Amy Boyer by calling her at home under false pretenses and then sold the information to Liam Youens, who tracked her down and killed her. In 2003, the New Hampshire Supreme Court ruled that could be held liable for its actions.

Baltimore Sun Articles
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.