On 7 February, 2007, the UK Government unveiled plans to impose jail sentences of up to two years on those found guilty of misusing personal data. In the US, on 12 January, 2007, President Bush signed into law the Telephone Records and Privacy Protection Act of 2006. The law prohibits “fraudulent methods and devices [used to obtain] telephone records… without the knowledge or consent of consumers”. It imposes a penalty of up to 10 years for “‘pretexting’, whereby a data broker or other person says that they are an authorised consumer and convinces an agent of the telephone company to release [phone records].”
The anti-pretexting law in the US was seen as a necessary measure to punish criminals such as the private investigators at the heart of the Hewlett-Packard (HP) scandal. In fact, in America there were already criminal laws that imposed jail sentences on those engaging in pretexting. Two days before the law was signed, Bryan Wagner admitted that he had illegally obtained the social security numbers and private telephone records of journalists and HP board members in an effort to discern the source of a leak of sensitive information. Wagner’s sentencing is set for 20 June, 2007. He faces up to five years’ imprisonment for conspiring and a two mandatory minimum sentence for identity theft. He is reportedly co-operating with authorities.
