Stricter rules for phone data

The Federal Communications Commission told phone companies that they must require customers to provide a password to access their records by telephone, a move meant to discourage fraud.

Phone companies, including those that use Internet-based calling technology, must also ask permission before transferring customer information to another company, the FCC said Monday. USTelecom, an industry trade group, said the requirements would increase costs.

The telecommunications industry’s customer data policies attracted the FCC’s scrutiny after a scandal at Hewlett-Packard Co. last year highlighted the practice of impersonating a customer to access phone records. The U.S. Office of Management and Budget must approve the FCC rules before they take effect, a process that may take at least six months.

“We are deeply concerned that the FCC is taking an overly broad approach” to protect privacy, USTelecom President Walter B. McCormick Jr. said in a statement.

The requirement to seek customer approval to share information will give consumers greater control over their personal data, said Marc Rotenberg of the Electronic Privacy Information Center.