Quick search by citation:

18 U.S. Code § 1039 - Fraud and related activity in connection with obtaining confidential phone records information of a covered entity

(a) Criminal Violation.—Whoever, in interstate or foreign commerce, knowingly and intentionally obtains, or attempts to obtain, confidential phone records information of a covered entity, by—
(1)
making false or fraudulent statements or representations to an employee of a covered entity;
(2)
making such false or fraudulent statements or representations to a customer of a covered entity;
(3)
providing a document to a covered entity knowing that such document is false or fraudulent; or
(4)
accessing customer accounts of a covered entity via the Internet, or by means of conduct that violates section 1030 of this title, without prior authorization from the customer to whom such confidential phone records information relates;
shall be fined under this title, imprisoned for not more than 10 years, or both.
(b) Prohibition on Sale or Transfer of Confidential Phone Records Information.—
(1)
Except as otherwise permitted by applicable law, whoever, in interstate or foreign commerce, knowingly and intentionally sells or transfers, or attempts to sell or transfer, confidential phone records information of a covered entity, without prior authorization from the customer to whom such confidential phone records information relates, or knowing or having reason to know such information was obtained fraudulently, shall be fined under this title, imprisoned not more than 10 years, or both.
(2)
For purposes of this subsection, the exceptions specified in section 222(d) of the Communications Act of 1934 shall apply for the use of confidential phone records information by any covered entity, as defined in subsection (h).
(c) Prohibition on Purchase or Receipt of Confidential Phone Records Information.—
(1)
Except as otherwise permitted by applicable law, whoever, in interstate or foreign commerce, knowingly and intentionally purchases or receives, or attempts to purchase or receive, confidential phone records information of a covered entity, without prior authorization from the customer to whom such confidential phone records information relates, or knowing or having reason to know such information was obtained fraudulently, shall be fined under this title, imprisoned not more than 10 years, or both.
(2)
For purposes of this subsection, the exceptions specified in section 222(d) of the Communications Act of 1934 shall apply for the use of confidential phone records information by any covered entity, as defined in subsection (h).
(d) Enhanced Penalties for Aggravated Cases.—
Whoever violates, or attempts to violate, subsection (a), (b), or (c) while violating another law of the United States or as part of a pattern of any illegal activity involving more than $100,000, or more than 50 customers of a covered entity, in a 12-month period shall, in addition to the penalties provided for in such subsection, be fined twice the amount provided in subsection (b)(3) or (c)(3) (as the case may be) of section 3571 of this title, imprisoned for not more than 5 years, or both.
(e) Enhanced Penalties for Use of Information in Furtherance of Certain Criminal Offenses.—
(1)
Whoever, violates, or attempts to violate, subsection (a), (b), or (c) knowing that such information may be used in furtherance of, or with the intent to commit, an offense described in section 2261, 2261A, 2262, or any other crime of violence shall, in addition to the penalties provided for in such subsection, be fined under this title and imprisoned not more than 5 years.
(2)
Whoever, violates, or attempts to violate, subsection (a), (b), or (c) knowing that such information may be used in furtherance of, or with the intent to commit, an offense under section 111, 115, 1114, 1503, 1512, 1513, or to intimidate, threaten, harass, injure, or kill any Federal, State, or local law enforcement officer shall, in addition to the penalties provided for in such subsection, be fined under this title and imprisoned not more than 5 years.
(f) Extraterritorial Jurisdiction.—
There is extraterritorial jurisdiction over an offense under this section.
(g) Nonapplicability to Law Enforcement Agencies.—
This section does not prohibit any lawfully authorized investigative, protective, or intelligence activity of a law enforcement agency of the United States, a State, or political subdivision of a State, or of an intelligence agency of the United States.
(h) Definitions.—In this section:
(1) Confidential phone records information.—The term “confidential phone records information” means information that—
(A)
relates to the quantity, technical configuration, type, destination, location, or amount of use of a service offered by a covered entity, subscribed to by any customer of that covered entity, and kept by or on behalf of that covered entity solely by virtue of the relationship between that covered entity and the customer;
(B)
is made available to a covered entity by a customer solely by virtue of the relationship between that covered entity and the customer; or
(C)
is contained in any bill, itemization, or account statement provided to a customer by or on behalf of a covered entity solely by virtue of the relationship between that covered entity and the customer.
(2) Covered entity.—The term “covered entity”—
(A)
has the same meaning given the term “telecommunications carrier” in section 3 of the Communications Act of 1934 (47 U.S.C. 153); and
(B)
includes any provider of IP-enabled voice service.
(3) Customer.—
The term “customer” means, with respect to a covered entity, any individual, partnership, association, joint stock company, trust, or corporation, or authorized representative of such customer, to whom the covered entity provides a product or service.
(4) IP-enabled voice service.—
The term “IP-enabled voice service” means the provision of real-time voice communications offered to the public, or such class of users as to be effectively available to the public, transmitted through customer premises equipment using TCP/IP protocol, or a successor protocol, (whether part of a bundle of services or separately) with interconnection capability such that the service can originate traffic to, or terminate traffic from, the public switched telephone network, or a successor network.
Editorial Notes
References in Text

Section 222(d) of the Communications Act of 1934, referred to in subsecs. (b)(2) and (c)(2), is classified to section 222(d) of Title 47, Telecommunications.

Statutory Notes and Related Subsidiaries
Findings

Pub. L. 109–476, § 2, Jan. 12, 2007, 120 Stat. 3568, provided that:

Congress finds that—
“(1)
telephone records can be of great use to criminals because the information contained in call logs may include a wealth of personal data;
“(2)
call logs may reveal the names of telephone users’ doctors, public and private relationships, business associates, and more;
“(3)
call logs are typically maintained for the exclusive use of phone companies, their authorized agents, and authorized consumers;
“(4) telephone records have been obtained without the knowledge or consent of consumers through the use of a number of fraudulent methods and devices that include—
“(A)
telephone company employees selling data to unauthorized data brokers;
“(B)
‘pretexting’, whereby a data broker or other person represents that they are an authorized consumer and convinces an agent of the telephone company to release the data; or
“(C)
gaining unauthorized Internet access to account data by improperly activating a consumer’s account management features on a phone company’s webpage or contracting with an Internet-based data broker who trafficks in such records; and
“(5)
the unauthorized disclosure of telephone records not only assaults individual privacy but, in some instances, may further acts of domestic violence or stalking, compromise the personal safety of law enforcement officers, their families, victims of crime, witnesses, or confidential informants, and undermine the integrity of law enforcement investigations.”