View more FAQs by selecting a topic from the drop-down menu.
Current Topic
Customer Privacy FAQ
What are the concerns about call privacy?
Numerous companies, known as "data brokers," operate websites where call detail records and other confidential customer information are offered to anyone willing to pay a fee. These companies claim they can access call detail records or wireless location information, and trace cellular or landline phone calls. These companies do not disclose how they obtain information.
Sprint Nextel believes that "pretexting" or "social engineering" is the most common method used to fraudulently obtain private customer information, whereby someone uses personal information from sources other than the wireless company to impersonate an authorized account holder and gain access to a customer’s account without permission from the wireless company or the customer.
Sprint Nextel believes that selling confidential customer information should be banned. We are not in the business of selling our customers’ Customer Proprietary Network Information (CPNI).
How is Sprint Nextel taking action against these unscrupulous companies?
Sprint Nextel's corporate security and legal teams have launched a full scale investigation into these practices. Sprint Nextel filed lawsuits against three companies engaged in fraudulently obtaining and selling customer information:
- 1st Source Information Specialists, filed in January 2006. Sprint Nextel obtained a permanent injunction against 1st Source in March, meaning that the company agreed to never again acquire, offer, sell or advertise the ability to obtain Sprint Nextel customer account information. Today’s settlement was reached with 1st Source and one of its officers. Although this settlement closes the case with respect to the corporate entity and one of its officers, the case continues against individual defendants who are also believed to be responsible for pretexting activity.
- All Star Investigations Inc. (ASI), the parent company of www.onlinePI.com, www.allstarinvestigations.com, www.detectivesusa.com, www.miamiprotection.com and www.privatedetectivesusa.com, filed in January 2006. Sprint Nextel reached a settlement and permanent injunction against ASI in June.
- San Marco & Associates, filed in March 2006. This case is pending.
In addition, Sprint Nextel has sent scores of cease & desist letters to other companies that have advertised their ability to obtain call detail records or other private customer information.
How does Sprint Nextel work to make customer data secure?
Sprint Nextel is committed to protecting the privacy of its customers.
- Privacy programs: Sprint Nextel fully complies with all applicable privacy laws and regulations. Our corporate security, legal and customer care teams regularly evaluate existing safeguards to protect confidential customer information.
- Educated agents: Our customer service agents are trained to ask for passcodes and follow detailed authentication procedures when responding to customer inquiries.
- Limited access to call detail information: Our policy is to allow access to CPNI only to those Sprint Nextel employees or agents with a “need to know.” For example, customer service agents need to view this type of information in order to service accounts or answer billing questions. Customers must provide a passcode or answer specific authentication questions before access to a customer account will be granted. It is important to keep in mind that some customers do not remember their passcodes, but want fast and efficient customer service. Sprint Nextel’s authentication processes take these considerations into account.
- Code of conduct: Sprint Nextel’s Code of Conduct requires employees to safeguard confidential customer information. Sprint Nextel management requires all employees to follow the Code of Conduct.
- Online privacy policy: Sprint Nextel customers can access our Privacy Policy online (http://www.sprint.com/legal/privacy.html ). The policy sets out our commitment to protecting confidential customer information.
- Recommend precautions: Customers are strongly advised to establish passcodes for accessing account information online and through Customer Care, and accessing voicemail on Sprint PCS and Nextel phones.
How does Sprint Nextel balance privacy with the need to assist customers in emergency situations?
- As a matter of practice, Sprint Nextel seeks to protect the privacy of our customers’ confidential information to the fullest extent allowed by law. At the same time, we are called upon to provide what may be life-saving information in emergency situations.
- Sprint Nextel operates an office with a dedicated staff, available 24 hours a day, seven days a week, with a comprehensive and streamlined process to quickly handle emergency information requests. In addition, Sprint Nextel’s Subpoena Compliance Group serves as the point of contact for non-emergency law enforcement and court-ordered demands for customer information or account documents. To protect privacy, Sprint Nextel releases no confidential information without a valid legal demand, customer consent, or law enforcement request (including requests under emergency circumstances).
- In the normal course of business Sprint Nextel processes hundreds of thousands of emergency and non-emergency requests (such as law enforcement requests and subpoenas) each year.
- Sprint has been recognized with honors for security and privacy protection:
- In a June, 2005 research report, the Aberdeen Group identified Sprint as the only telecommunications firm employing “Best Practice in Security for Governance in 2005.” This award is based on Aberdeen Group’s research involving 200 companies from various industries, known to be operating at best-in-class levels.
- Sprint Nextel has received numerous other rewards, recognition and certifications for corporate security, including:
--63 Certified Information Systems Security Professional certifications earned by employees in Corporate Security
--Assisted with capture of US Marshal Top 15 wanted fugitive
--Honored by Virginia Chief Deputy Attorney for murder investigation
--Established and operated Sprint City command and control center for network restoration in Louisiana and Texas during 2005 hurricanes
What can customers can do to protect themselves?
Establishing and using passcodes is an action that customers can take to protect themselves. When customers have elected to use a passcode, they are prompted to provide the passcode before accessing their account information on sprint.com or when calling customer care. Passwords can be used to access messages on Sprint phones. Passwords can be selected when activating service or any time thereafter.
Sprint urges customers to:
- Regularly change the passwords they use to access account information. If a password is selected, the likelihood of successful “pretexting” (i.e., fraud) is greatly reduced.
- Adopt passwords that are not commonly used. For example, customers are advised not to use birthdays, social security numbers, anniversaries, etc.
- Use a password to retrieve voicemails rather than opting for the "skip password" feature. A feature offered by many wireless companies is "skip password," whereby the customer can access his or her voicemail without having to reenter the password each time. Although some customers find this to be a time-saving, convenient feature, Sprint PCS subscribers were notified last summer (2005) on their bills that in order to maintain the highest level of security, the "skip password" option should not be used.
If a customer feels that his/her account has been accessed without authorization, the customer should contact Sprint's Customer Care department immediately.
Where can I obtain additional information about this issue?
CTIA - The Wireless Association has posted additional information about the sale of call detail records, including legal and regulatory statements.
Email article to friend
Send this page to Printer
Back to Consumer Resources