Privacy of consumers must be protected- Costello

14 July 2011

by Cllr Joe Costello

Speaking on the Motion on the Adjournment:

"Mobile Phone Manufacturers and Operators Must Be Obliged to Protect Customers private data"

One of the indirect consequences of the recent scandalous events in the UK surrounding News Corporation/News International and the widespread mobile phone hacking, which brought Rupert Murdoch's mighty media empire to its knees, closed the News of the World and brought the entire "fourth estate" into disrepute, is to open up debate on the need for mobile phone manufacturers and operators to protect the privacy of their consumers.

The actual act of newspaper editors and journalists paying individuals to hack into private citizens' phone messages to glean personal and private information to be printed as exclusive front page news is truly reprehensible and repulsive. The hurt caused to private citizens who were coping at the time with very tragic and distressing events in their lives is incalculable. They now have to relive those events and contend with the fact that their privacy and their inner-most thoughts were completely and comprehensively invaded. The Newspapers initially targeted "celebrities" and justified their actions by claiming these were public figures and as such fair game. They quickly moved on to politicians and private citizens - with no regard for the basic human rights.

It transpires that much of the hacking that was carried out, was easily done because of insufficient security on mobile phone messaging systems. The mobile phone operators have set up a default password of four zeros for all phones. Therefore, to access a mobile phone's voicemail, any member of the public merely needs to place a 5 before the main number, press the # key and then enter the four digit password.

In the early days of mobile phones this was the only way to access phone messages from abroad - now it is possible in many countries to dial the 171 voicemail callback number. Thus, most people are not even aware of the existence of a password to access their voicemail. It would be interesting to ascertain how many Members of the Oireachtas, despite the recent warnings, have not changed their voicemail password from the default four zeros?

There are other sophisticated mechanisms for accessing all mobile phone data - Bluetooth technology while providing huge advantages can also allow data on mobile phones be visible, downloaded and even corrupted without people realising that anything is happening. Earlier I googled "mobile phone hacking" there are almost 42 million results - millions of websites offering "free software" to enable hacking of mobile phone data. There are even tutorials are provided on YoutTube as to how to hack into phones using Bluetooth.

In these days of the mobile data - so much information about an individual is contained on their mobile phone- address book, diary, emails, text messages, - the mobile phone for many people is an extension of their daily lives and offers the "peeping tom" a real insight into their most personal data.

Mobile phone companies have an obligation towards their customers to protect their rights. They should be obliged to ensure that each account is secure and cannot be hacked into.

There are a number of basic measures which should be standardised across all mobile company operators which would protect consumers.

Mobile phone operators at present have a default setting that allows unanswered calls go straight to voicemail. I believe that there should be a requirement for the customer to set a new password before voicemail can be activated. This would immediately eliminate the four zero option. Moreover, phones using Bluetooth Technology should also have a default setting that would ensure the user must actually grant permission for other Bluetooth devices pick up the device and information rather than the default setting. Again, how many members of the Oireachtas who use Bluetooth for their car handsets think to turn off Bluetooth when not in their car?

Mobile phone operators and mobile phone manufacturers have an obligation to ensure their consumers' privacy and rights are fully protected. In the first instance, I am requesting the Minister to examine the possibility of legislation at national level. However, mobile phones enable global communication and as such know no boundaries. It is therefore important that action is taken at a global level. I have also requested that this issue be placed on the work programme of the European Affairs Committee and will be seeking a European Directive to compel mobile phone operators to protect their consumers' privacy.