18 U.S.C. § 1039

Fraud and related activity in connection with obtaining confidential phone records information of a covered entity

Read at: OLRCuscode.house.gov CornellLII GovInfogovinfo.gov JustiaTitle 18 CasesGoogle Scholar
(a)Criminal Violation.—Whoever, in interstate or foreign commerce, knowingly and intentionally obtains, or attempts to obtain, confidential phone records information of a covered entity, by—(1) making false or fraudulent statements or representations to an employee of a covered entity;(2) making such false or fraudulent statements or representations to a customer of a covered entity;(3) providing a document to a covered entity knowing that such document is false or fraudulent; or(4) accessing customer accounts of a covered entity via the Internet, or by means of conduct that violates section 1030 of this title, without prior authorization from the customer to whom such confidential phone records information relates;shall be fined under this title, imprisoned for not more than 10 years, or both.(b)Prohibition on Sale or Transfer of Confidential Phone Records Information.—(1) Except as otherwise permitted by applicable law, whoever, in interstate or foreign commerce, knowingly and intentionally sells or transfers, or attempts to sell or transfer, confidential phone records information of a covered entity, without prior authorization from the customer to whom such confidential phone records information relates, or knowing or having reason to know such information was obtained fraudulently, shall be fined under this title, imprisoned not more than 10 years, or both.(2) For purposes of this subsection, the exceptions specified in section 222(d) of the Communications Act of 1934 shall apply for the use of confidential phone records information by any covered entity, as defined in subsection (h).(c)Prohibition on Purchase or Receipt of Confidential Phone Records Information.—(1) Except as otherwise permitted by applicable law, whoever, in interstate or foreign commerce, knowingly and intentionally purchases or receives, or attempts to purchase or receive, confidential phone records information of a covered entity, without prior authorization from the customer to whom such confidential phone records information relates, or knowing or having reason to know such information was obtained fraudulently, shall be fined under this title, imprisoned not more than 10 years, or both.(2) For purposes of this subsection, the exceptions specified in section 222(d) of the Communications Act of 1934 shall apply for the use of confidential phone records information by any covered entity, as defined in subsection (h).(d)Enhanced Penalties for Aggravated Cases.—Whoever violates, or attempts to violate, subsection (a), (b), or (c) while violating another law of the United States or as part of a pattern of any illegal activity involving more than $100,000, or more than 50 customers of a covered entity, in a 12-month period shall, in addition to the penalties provided for in such subsection, be fined twice the amount provided in subsection (b)(3) or (c)(3) (as the case may be) of section 3571 of this title, imprisoned for not more than 5 years, or both.(e)Enhanced Penalties for Use of Information in Furtherance of Certain Criminal Offenses.—(1) Whoever, violates, or attempts to violate, subsection (a), (b), or (c) knowing that such information may be used in furtherance of, or with the intent to commit, an offense described in section 2261, 2261A, 2262, or any other crime of violence shall, in addition to the penalties provided for in such subsection, be fined under this title and imprisoned not more than 5 years.(2) Whoever, violates, or attempts to violate, subsection (a), (b), or (c) knowing that such information may be used in furtherance of, or with the intent to commit, an offense under section 111, 115, 1114, 1503, 1512, 1513, or to intimidate, threaten, harass, injure, or kill any Federal, State, or local law enforcement officer shall, in addition to the penalties provided for in such subsection, be fined under this title and imprisoned not more than 5 years.(f)Extraterritorial Jurisdiction.—There is extraterritorial jurisdiction over an offense under this section.(g)Nonapplicability to Law Enforcement Agencies.—This section does not prohibit any lawfully authorized investigative, protective, or intelligence activity of a law enforcement agency of the United States, a State, or political subdivision of a State, or of an intelligence agency of the United States.(h)Definitions.—In this section:(1)Confidential phone records information.—The term “confidential phone records information” means information that—(A) relates to the quantity, technical configuration, type, destination, location, or amount of use of a service offered by a covered entity, subscribed to by any customer of that covered entity, and kept by or on behalf of that covered entity solely by virtue of the relationship between that covered entity and the customer;(B) is made available to a covered entity by a customer solely by virtue of the relationship between that covered entity and the customer; or(C) is contained in any bill, itemization, or account statement provided to a customer by or on behalf of a covered entity solely by virtue of the relationship between that covered entity and the customer.(2)Covered entity.—The term “covered entity”—(A) has the same meaning given the term “telecommunications carrier” in section 3 of the Communications Act of 1934 (47 U.S.C. 153); and(B) includes any provider of IP-enabled voice service.(3)Customer.—The term “customer” means, with respect to a covered entity, any individual, partnership, association, joint stock company, trust, or corporation, or authorized representative of such customer, to whom the covered entity provides a product or service.(4) IP-enabled voice service.—The term “IP-enabled voice service” means the provision of real-time voice communications offered to the public, or such class of users as to be effectively available to the public, transmitted through customer premises equipment using TCP/IP protocol, or a successor protocol, (whether part of a bundle of services or separately) with interconnection capability such that the service can originate traffic to, or terminate traffic from, the public switched telephone network, or a successor network.(Added Pub. L. 109–476, § 3(a), Jan. 12, 2007, 120 Stat. 3569.)Editorial NotesReferences in Text

Section 222(d) of the Communications Act of 1934, referred to in subsecs. (b)(2) and (c)(2), is classified to section 222(d) of Title 47, Telecommunications.

Statutory Notes and Related SubsidiariesFindings

Pub. L. 109–476, § 2, Jan. 12, 2007, 120 Stat. 3568, provided that: “Congress finds that—“(1) telephone records can be of great use to criminals because the information contained in call logs may include a wealth of personal data;“(2) call logs may reveal the names of telephone users’ doctors, public and private relationships, business associates, and more;“(3) call logs are typically maintained for the exclusive use of phone companies, their authorized agents, and authorized consumers;“(4) telephone records have been obtained without the knowledge or consent of consumers through the use of a number of fraudulent methods and devices that include—“(A) telephone company employees selling data to unauthorized data brokers;“(B) ‘pretexting’, whereby a data broker or other person represents that they are an authorized consumer and convinces an agent of the telephone company to release the data; or“(C) gaining unauthorized Internet access to account data by improperly activating a consumer’s account management features on a phone company’s webpage or contracting with an Internet-based data broker who trafficks in such records; and“(5) the unauthorized disclosure of telephone records not only assaults individual privacy but, in some instances, may further acts of domestic violence or stalking, compromise the personal safety of law enforcement officers, their families, victims of crime, witnesses, or confidential informants, and undermine the integrity of law enforcement investigations.”

Notes of Decisions
Cited in 16 cases (5 in the last 5 years), 2009–2024 · leading case: Federal Trade Commission v. Accusearch Inc.
Federal Trade Commission v. Accusearch Inc. (2009) ca10 · cites it 6× “Accusearch also argues that the injunction was improper because 18 U.S.C. § 1039 , enacted by Congress after this suit was filed, criminalizes the sale and receipt of confidential telephone records absent customer consent.”
United States Telecom Ass'n v. Federal Communications Commission (2016) cadc · cites it 2× “See 2015 Open Internet Order, 30 FCC Rcd. at 5783 ¶ 396. Not only did Congress decline to invoke the term “public switched telephone network,” but it also gave the Commission express authority to define the broader term it used instead.”
National Cable & Telecommunications Ass'n v. Federal Communications Commission (2009) cadc · cites it 2× “3568 (codified at 18 U.S.C. § 1039 ). The statute imposed criminal penalties for pretexting, 18 U.”
Mozilla Corporation v. FCC (2019) cadc “Pointing to 18 U.S.C. § 1039 (h)(4)’s express use of “public switched telephone network,” USTA, 825 F.”
Canuto v. United States (2016) cafc “We have previously explained the general rule that the Tucker Act does not grant the Court of Federal Claims jurisdiction to enforce the federal criminal code.”
Canuto v. United States (2016) cafc “§ 375 (relating to regulations for preventing the use of the military for domestic law enforcement); the Telephone Records and Privacy Protection Act of 2006, 18 U.S.C. § 1039 ; the Privacy Act of 1974, 5 U.”
Lawlor v. North American Corp. of Illinois (2011) illappct “See 720 ILCS 5/16G—15(a)(7) (West 2008); 18 U.S.C. §1039 (a) (2006). While this legislation was not in effect at the time of North American’s conduct in this case, it sheds light on the gravity of the offense.”
Pacific Networks Corp. v. FCC (2023) cadc “3568 , 3568; see 18 U.S.C. § 1039 (a). Courts likewise have observed that call records often contain a “startling amount of detailed information,” such as whether an individual is “a victim of domestic violence or rape; a veteran; suffering from an addiction of one type or…”
Real View, LLC v. 20-20 Technologies, Inc. (2011) mad “For example, it is quite possible that Real View obtained the tutorial videos with a third party’s username or password, and, as Real View has noted, the statutory analogues to 20-20’s claim, the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1039 , and the Digital Millenium…”
Dickson v. Mitta (2022) nynd · cites it 2× “Plaintiff purports to bring this action under 18 U.S.C. §§ 1039 , 1113, 3435, 3481. See Dickson |, Dkt.”
Mozilla Corporation v. FCC (2019) cadc “Pointing to 18 U.S.C. § 1039 (h)(4)’s express use of “public switched telephone network,” USTA, 825 F.”
HAYWARD v. SOUTHWEST CREDIT SYSTEMS (2024) paed “Nor does 18 U.S.C. § 1039 , also cited in the Amended Complaint, provide a private cause of action upon which Hayward can proceed.”
Annotations are extracted automatically from the opinions in the Syfert caselaw corpus and ranked by authority, recency, and treatment. Dots show Syfertize treatment of the citing case itself.