New Software Service Outfoxes Caller ID
Regulators, Privacy Advocates Concerned

By KEN BELSON, The New York Times

Like most bill collectors, Marvin Smith is always seeking ways to get chronic debtors to pay up. When he calls the first time, he typically hears excuses and requests for more time. When Mr. Smith calls again, the debtors often block his calls using ordinary caller ID technology from the phone company.

 

AP
That caller ID screen may soon start lying to you.  
 
That means he then visits in person, a time-consuming and sometimes dangerous task. But Mr. Smith, who runs a collection agency in Austin, Tex., says he may have found a solution: a new computerized service enabling him to create false outbound phone numbers with a click of a mouse, so he can skirt the call blockers.

The service, the first commercial version of a technology known mainly among software programmers and the computer-hacker underground until now, was introduced nationwide on Wednesday by a California company called Star38.

For $19.99 a month and as little as 7 cents a minute, customers can go to the company's Web site (www.star38.com), log in and then type the number that they want to call and the number that they want to appear on the caller ID screen of the recipient's phone.

 
Talk About It  
 
 
· Post a Message
· Top News Boards  
 
For an additional fee, they can also specify names that can appear along with their telephone numbers.

"This product would be beneficial," Mr. Smith, the bill collector, remarked. "I'm going to look into it."

Star38 says that others with reason to mask their telephone identities, including private detectives and law enforcement officials, are looking into it, too.

But some privacy-rights advocates and consumer groups wonder whether angry former spouses, stalkers or fraud artists might not be far behind.

"Some people see caller ID as an invasion of their privacy, while others see it as a protection of their privacy," said Robert Atkinson, director of policy research at the Institute for Tele-Information at Columbia University. "It's spy versus spy."

Officials at the Federal Communications Commission indicate that there is nothing illegal, per se, in the Star38 system.

And to some extent, it is merely the latest step in the continual cat-and-mouse game played since caller ID was introduced in the 1980's.

 
Related Links  
 
 
· Guess Who's Calling  
 
But the new service goes beyond past techniques like withholding the caller's number or masking it with a series of meaningless digits (calls from the main office of The New York Times, for example, regularly appear on the called party's screen as 111-111-1111). With Star38, for the first time it will be possible for vast numbers of people to place calls masquerading as someone else.

"My concern is that private investigators will find out your mother's number so their number will pop up on your telephone as 'Mom,' " said Loretta M. Lynch, a member of the California Public Utilities Commission, which oversees the telecommunications industry in the state. "People will not trust what their phones tell them. It will spell the end of caller ID as a way for people to protect their privacy."

The developers of Star38, who say they required only 65 lines of computer code and $3,000 to create their service, insist that they will take steps to ensure that it is not used maliciously. They plan to spend up to 10 days checking the business licenses of all applicants and will ask subscribers to agree not to use Star38 to commit fraud, and to accept legal liability if they violate state or federal laws.

The company also plans to cooperate with police forces, if asked, to provide records of what numbers customers dialed to and from, and what numbers they chose to show the recipients of their calls.

"Law enforcement will have complete access to search our database," said Jason Jepson, the chief executive of Star38, of Newport Beach, Calif. "We don't want the insinuation that they can sign up, use it temporarily and then run off."

 
More From the Times  
 
 
· The Most Irresponsible Board Ever?
· Film About Alexander Is Finally Successful
· When Thieves are Checking Bags
 
 
Mr. Jepson, 30 - who says he got the idea for his service after speaking to his aunt, a bounty hunter, about the best ways to get in touch with people - said Star38 had no immediate plans to sell its service to ordinary consumers because of the potential for misuse. "There are too many things that can go wrong," Mr. Jepson said.

But industry experts say that the caller ID spoofing, as it is known, is simple enough to develop that it is only a matter of time before other service providers make it available to anyone.

The legal and ethical boundaries of the service are rather blurry. An F.C.C. official said the agency's rules require only that telephone companies provide caller ID abilities and the ability to block caller ID. The rules do not cover add-on services like Star38 provided by nontelephone companies.

But Star38 or any other service that helps companies deceive consumers does have the potential to run afoul of the federal Fair Debt Collection Practices Act.

"Third-party debt collectors are prohibited from using any means that is likely to deceive consumers, " said Rozanne Andersen, general counsel at the Association of Credit Collection Professionals, a trade group based in Minneapolis, "so unless the collector is presenting a telephone number that is meaningful to the consumer, it is arguably a deceptive practice." She also said that a service like Star38 could violate various state fraud laws.

Mr. Jepson said the company's lawyers were confident that the service was legal. And he said that debt collectors, who might be able to spoof caller ID systems by using Star38, would still be obligated to identify themselves once a recipient picked up the phone.

At least one big telephone company, BellSouth of Atlanta, is concerned about the advent of Star38. "It raises safety issues," said Jeffrey Battcher, a BellSouth spokesman. "Our legal and regulatory departments are looking into it. Also, the service degrades a BellSouth service that people pay for - the caller ID information they pay for."

As for privacy-rights advocacy, not all are in the same camp when it comes to caller ID. Some privacy groups opposed the original caller ID services because they forced consumers to reveal personal information involuntarily. Some of those groups now warily support Star38's spoofing technology.

"This is solving a problem that caller ID created," said Mark Rotenberg, executive director of the Electronic Privacy Information Center in Washington. "Most people thought of caller ID as a net privacy loss, but this technology may help customers recapture some privacy."

Others add that caller ID spoofing is no different - and no better or worse - from other telecommunications technology that have allowed people to mask their identities or locations. For years, people have used pay phones to hide their whereabouts, and some companies now sell cheap mobile phones with a finite number of minutes that callers can use temporarily and throw out afterward.

And anyone with a computer and a telephone line can create free e-mail addresses that preserves anonymity.

"You've always had in technology an arms race when you try to change things," said Lee Tien, a senior staff lawyer at the Electronic Frontier Foundation, a nonprofit group that advocates minimal regulation of the Internet. "I've never liked caller ID, but it's one of the things you have to deal with."

Still, Mr. Tien and others warn that there is often a gap between the introduction of technology and the public's knowledge of its uses and abuses, and the lag leaves ordinary people open to exploitation. And since Star38 will be available only to companies and not consumers, it is individuals who may be most at risk initially, they say.

"This is another case where the technology is developing so quickly that there aren't standards settled on for people to keep up with what's possible, and that's where you have the deception," said Jay Stanley, communications director of the technology and liberty project at the American Civil Liberties Union. "There's a lag between what's possible and what's known."

Mr. Jepson, who said he had received about six dozen e-mail messages so far from potential customers who had downloaded the Star38 software, maintained that his company's safeguards were intended to prevent misuse.

"Every technology has a dark side," Mr. Jepson said, "but our customer will have to use it legally."

We do this at the hospital where I work all the time. We provide phone service off of our switch to a lot of the doctor's offices. When the doctors are calling patients they don't want their personal numbers showing up on the caller IDs. We can insert any number the doctor wants to show up instead. Usually the main office number.

http://star38.com/

[email protected]
949 307 2794

founder: Jason Jepson

Google away...

Usually if I see a number I don't recognize I let the machine pick up. Of course, I don't have debtors rining my phone off the hook. If these peopl are in such debt the first expense they should cut is their phone service... killing two birds with one stone.

Of course if you don't recognize the name or number you don't have to anwser the phone.  Simple solution to a high tech problem.

And just wait for the charities and other telemarketers to start calling as companies that people would normally answer.

You see a call from the hospital, and answer worried only to find that it is some stupid telemarketer.

...they required only 65 lines of computer code and $3,000 to create their service...

...$19.99 a month and as little as 7 cents a minute...

Helluva payback.

$3000/$19.99 = 150 subscriber months

or

$3000/$.07 = 42,857 subscriber minutes

or some lesser combination of the two.

[Slaps forehead]  Why didn't I think of that?

I have a problem with SPAM on my work fax machine...The number listed as the 'From' number is my own phone number.

BigDozer66

Quoted: Quoted: Of course if you don't recognize the name or number you don't have to anwser the phone.  Simple solution to a high tech problem. What if they put in the name and number of somebody you know and trust? What if htis technology is used to imitate trusted persons, to get you to divulge sensitive information such as credit card numbers or SS numbers? When you adopt the tools of thieves and vandals, you are getting close to becoming just that.

Damn good point. I can see it now. Just like they do with Paypal and Ebay. This is <insert your bank here> we need you to update your personal information or we will be closing your account....................

We had that problem here...over the spring...

We paid off a couple of Credit cards..on of them was a inter net card I had 4 years ago called Next Card...

Next Card was shut down by the FTC....the accounts were sold to half a dozen people until ours landed at a company call NCO Financial..

We paid the balance in full and thought we were done with that....

Then we started getting calls...they would show up on the Caller ID as a "Cell Call"...

On the other end was a person demanding money for the account..I would refuse to talk to them, telling them that the account was paid in full and that I had the documents to prove it..

The calls kept coming....then they started to come as SERTA mattress company, Dial One services, Ontario International Airport, 3 different health care places, MATCO tools and Hertz rent a car...

We started taping the calls...I also took pics of the caller id with the digicam...We sent the info to every buisness's name they used, to the Indiana and California, where NCO is based, Attorney Gererals office....

Indiana and Cali fined them and the buisness's who's names they used, sued them......

I had to give depositions over the phone to 10 different Attorneys while my Attorney advised me....

All and all..it cost them about $900,000 is fines a damages....

If you haven't got the balls to let me know who you really are and where your calling from......DON'T CALL MY FUCKING HOUSE!