In a letter on Aug. 7, Sen. Ron Wyden, D-Ore., wrote to telecom giants AT&T, T-Mobile, Sprint, and Verizon and urged them to store less sensitive customer data.
“I write to ask that you protect your customers’ privacy and U.S. national security from foreign hackers and spies by limiting the time you keep records about your customers’ communications, web browsing, app usage, and movements,” Wyden wrote.
In his letter, Wyden cited the recent Office of Personnel Management (OPM), Anthem, and Starwood hackings as a reason to decrease the amount of sensitive data stored.
“In addition to impacting the privacy of millions of Americans whose information was stolen, these breaches also threaten U.S. national security,” he explained. “Personal data can be used by foreign intelligence services to support their espionage and influence operations. In 2015, then-Director of National Intelligence James Clapper said that China was the ‘leading suspect’ in the theft of data from OPM.”
Wyden further argued that since the companies collectively hold sensitive data about “hundreds of millions of Americans” their data is a “juicy target for foreign spies” and so it is “critical” that their companies “minimize the data” they keep.
Wyden noted that the Federal Communications Commission does require telecom carriers to keep records of toll calls for 18 months, however, he allgeges that it is “apparently routine for carriers to retain records for much longer.” He said that this “data hoarding by telephone companies is unnecessary – firms do not need 20 years worth of customer records to manage their networks and these stockpiles of Americans’ data create an irresistible target for hackers and foreign governments.”
He concluded by asking the companies to respond to his letter by Sept. 4 and to detail the steps they will take to “protect your customers’ privacy and U.S. national security by minimizing your retention of customer data.”