"There are no more secrets and that's the truth of the matter."
Those words from former "data broker" James Rapp startled members of Congress today at a hearing held by the House Subcommittee on Oversight and Investigations. The hearing, which is the first of two that Congress will hold on this subject this week, is part of an attempt to shed light on the data broker industry, a field that mines personal data like cell phone records, addresses, and even social security numbers from sympathetic customer service representatives.
To do this, the data brokers use "pretexting" -- the process of convincing service representatives with consumer data to divulge the information to a caller who is not the actual customer.
Data brokers, who are sometimes contracted by private investigators, often turn to banks, cell phone carriers and credit card companies to deceptively extract the data that clients request. The key, Rapp said, is to make the customer service representative sensitive to your needs, leading them to give up personal information.
Rep. Diana DeGette, D-Colo., said that pretexting "is kind of a pretty word for pretending that you're someone that you're not."
Rapp, who practiced data brokering in the 1980s and 1990s by telephone until he was charged with racketeering, closed his company and served three years of probation, said deveral types of personal data are available if you know where -- and how -- to look.
Social security numbers, he said, are no harder to get than an address or phone number.
But, as Rapp told the committee, he did all of this in the 1980s and '90s, before the Internet boom meant that personal information was even more easily accessed.
The hearing included the appearance of 11 currently practicing data brokers, all of whom invoked their Fifth Amendment rights when asked about how they gather information.
The hearing also focused on cell phone records that are being taken without a persons' knowledge, as Adam Yuzuk attested to during the hearing.
Yuzuk's cell phone records were allegedly obtained by a data broker hired by a disgruntled former business partner.
"This means that someone broke into my Cingular account two additional times after my account was password protected and after I was given what I believed to be the highest level of security," he said.
The members of Congress at the hearing expressed concern that tens of thousands of Americans could unknowingly be affected by data brokers obtaining their personal information.
Yuzuk pushed for a law preventing the theft of information through the phone and Internet. Because this type of identity theft does not have a high profile, Yuzuk said he had trouble getting law enforcement to take up his case.
"Why is it that if you went to my mailbox and stole my cell phone records or stole anything from my mailbox that is clearly illegal? But it's OK to pretend to be me and then print out my information and then sell it?" he asked.
Rapp explained that he is no longer in the data brokering business and hasn't been since 1999. When asked if he wanted to get back into the data brokering industry, he replied he could no longer practice "lying, conning, scamming."
"It just got to the point where I felt guilty," he said.