|
BLOCKING OF LONG-DISTANCE CALLS by Jim Schmickley Hawkeye PC, Cedar Rapids, Iowa SUMMARY. This article describes the "blocking" by one long-distance telephone company of access through their system to certain telephone numbers, particularly BBS numbers. The blocking is applied in a very arbitrary manner, and the company arrogantly asserts that BBS SYSOPS and anyone who uses a computer modem are "hackers." The company doesn't really want to discuss the situation, but it appears the following scenario occurred. The proverbial "person or persons unknown" identified one or more "valid" long-distance account numbers, and subsequently used those numbers on one or more occasions to fraudulently call a legitimate computer bulletin board system (BBS). When the long-distance company discovered the fraudulent charges, they "blocked" the line without bothering to investigate or contacting the BBS System Operator to obtain his assistance. In fact, the company did not even determine the SYSOP's name. The long-distance carrier would like to pretend that the incident which triggered the actions described in this article was an isolated situation, not related to anything else in the world. However, there are major principles of free, uninhibited communications and individual rights deeply interwoven into the issue. And, there is still the lingering question, "If one long-distance company is interfering with their customers' communications on little more than a whim, are other long-distant companies also interfering with the American public's right of free 'electronic speech'?" CALL TO ACTION. Your inputs and protests are needed now to counter the long-distance company's claims that "no one was hurt by their blocking actions because nobody complained." Obviously nobody complained for a long time because the line blocking was carried out in such a manner that no one realized, until April 1988, what was being done. Please read through the rest of this article (yes, it's long, but you should find it very interesting) and judge for yourself. Then, please write to the organizations listed at the end of the article; insist that your right to telephone whatever number you choose should not be impaired by the arbitrary decision of some telephone company bureaucrat who really doesn't care about the rights of his customers. Protest in the strongest terms. And, remember: the rights you save WILL BE YOUR OWN! SETTING THE SCENE. Teleconnect is a long-distance carrier and telephone direct marketing company headquartered in Cedar Rapids, Iowa. The company is about eight years old, and has a long-distance business base of approximately 200,000 customers. Teleconnect has just completed its first public stock offering, and is presently (August 1988) involved in a merger which will make it the nation's fourth-largest long-distance carrier. It is a very rapidly- growing company, having achieved its spectacular growth by offering long- distance service at rates advertised as being 15% to 30% below AT&T's rates. When Teleconnect started out in the telephone interconnection business, few, if any, exchanges were set up for "equal access", so the company set up a network of local access numbers (essentially just unlisted local PABXs - private automatic branch exchanges) and assigned a six-digit account number to each customer. Later, a seventh "security" digit was added to all account numbers. (I know what you're thinking - what could be easier for a war-games dialer than to seek out "valid" seven-digit numbers?) Teleconnect now offers direct "equal access" dialing on most exchanges. But, the older access number/account code system is still in place for those exchanges which do not offer "equal access." And, that system is still very useful for customers who place calls from their offices or other locations away from home. "BLOCKING" DISCOVERED. In early April 1988, a friend mentioned that Teleconnect was "blocking" certain telephone lines where they detected computer tone. In particular, he had been unable to call Curt Kyhl's Stock Exchange BBS in Waterloo, Iowa. This sounded like something I should certainly look into, so I tried to call Curt's BBS. CONTACT WITH TELECONNECT. Teleconnect would not allow my call to go through. Instead, I got a recorded voice message stating that the call was a local call from my location. A second attempt got the same recorded message. At least, they were consistent. I called my Teleconnect service representative and asked just what the problem was. After I explained what happened, she suggested that it must be a local call. I explained that I really didn't think a 70 mile call from Cedar Rapids to Waterloo was a local call. She checked on the situation and informed me that the line was being "blocked." I asked why, and she "supposed it was at the customer's request." After being advised that statement made no sense, she admitted she really didn't know why. So, on to her supervisor. The first level supervisor verified the line was being "blocked by Teleconnect security", but she couldn't or wouldn't say why. Then, she challenged, "Why do you want to call that number?" That was the wrong question to ask this unhappy customer, and the lady quickly discovered that bit of information was none of her business, And, on to her supervisor. The second level supervisor refused to reveal any information of value to a mere customer, but she did suggest that any line Teleconnect was blocking could still be reached through AT&T or Northwestern Bell by dialing 10288-1. When questioned why Teleconnect, which for years had sold its long-distance service on the basis of a cost-saving over AT&T rates, was now suggesting that customers use AT&T, the lady had no answer. I was then informed that, if I needed more information, I should contact Dan Rogers, Teleconnect's Vice President for Customer Service. That sounded good; "Please connect me." Then, "I'm sorry, but Mr. Rogers is out of town, and won't be back until next week." "Next week?" "But he does call in regularly. Maybe he could call you back before that." Mr. Rogers did call me back, later that day, from Washington, D.C. where he and some Teleconnect "security people" were attending a conference on telephone security. TELECONNECT RESPONDS, A LITTLE. Dan Rogers prefaced his conversation with, "I'm just the mouthpiece; I don't understand all the technical details. But, our security people are blocking that number because we've had some problems with it in the past." I protested that the allegation of "problems" didn't make sense because the number was for a computer bulletin board system operated by a reputable businessman, Curt Kyhl. Mr. Rogers said that I had just given Teleconnect new information; they had not been able to determine whose number they were blocking. "Our people are good, but they're not that good. Northwestern Bell won't release subscriber information to us." And, when he got back to his office the following Monday, he would have the security people check to see if the block could be removed. The following Monday, another woman from Teleconnect called to inform me that they had checked the line, and they were removing the block from it. She added the comment that this was the first time in four years that anyone had requested that a line be unblocked. I suggested that it probably wouldn't be the last time. In a later telephone conversation, Dan Rogers verified that the block had been removed from Curt Kyhl's line, but warned that the line would be blocked again "if there were any more problems with it." A brief, non-conclusive discussion of Teleconnect's right to take such action then ensued. I added that the fact that Teleconnect "security" had been unable to determine the identity of the SYSOP of the blocked board just didn't make sense; that it didn't sound as if the "security people" were very competent. Mr. Rogers then admitted that every time the security people tried to call the number, they got a busy signal (and, although Mr. Rogers didn't admit it, they just "gave up", and arbitrarily blocked the line.) Oh, yes, the lying voice message, "This is a local call...", was not intended to deceive anyone according to Dan Rogers. It was just that Teleconnect could only put so many messages on their equipment, and that was the one they selected for blocked lines. BEGINNING THE PAPER TRAIL. Obviously, Teleconnect was not going to pay much attention to telephone calls from mere customers. On April 22, Ben Blackstock, practicing attorney and veteran SYSOP, wrote to Mr. Rogers urging that Teleconnect permit their customers to call whatever numbers they desired. Ben questioned Teleconnect's authority to block calls, and suggested that such action had serious overlays of "big brother." He also noted that "you cannot punish the innocent to get at someone who is apparently causing Teleconnect difficulty." Casey D. Mahon, Senior Vice President and General Counsel of Teleconnect, replied to Ben Blackstock's letter on April 28th. This response was the start of Teleconnect's seemingly endless stream of vague, general allegations regarding "hackers" and "computer billboards." Teleconnect insisted they did have authority to block access to telephone lines, and cited 18 USC 2511(2)(a)(i) as an example of the authority. The Teleconnect position was summed up in the letter: "Finally, please be advised the company is willing to 'unblock' the line in order to ascertain whether or not illegal hacking has ceased. In the event, however, that theft of Teleconnect long distance services through use of the bulletin board resumes, we will certainly block access through the Teleconnect network again and use our authority under federal law to ascertain the identity of the hacker or hackers." THE GAUNTLET IS PICKED UP. Mr. Blackstock checked the cited section of the U.S. Code, and discovered that it related only to "interception" of communications, but had nothing to do with "blocking". He advised me of his opinion and also wrote back to Casey Mahon challenging her interpretation of that section of federal law. In his letter, Ben noted that, "Either Teleconnect is providing a communication service that is not discriminatory, or it is not." He added that he would "become upset, to say the least" if he discovered that Teleconnect was blocking access to his BBS. Mr. Blackstock concluded by offering to cooperate with Teleconnect in seeking a declaratory judgment regarding their "right" to block a telephone number based upon the actions of some third party. To date, Teleconnect has not responded to that offer. On May 13th, I sent my own reply to Casey Mahon, and answered the issues of her letter point by point. I noted that even I, not an attorney, knew the difference between "interception" and "blocking", and if Teleconnect didn't, they could check with any football fan. My letter concluded: "Since Teleconnect's 'blocking' policies are ill-conceived, thoughtlessly arbitrary, anti-consumer, and of questionable legality, they need to be corrected immediately. Please advise me how Teleconnect is revising these policies to ensure that I and all other legitimate subscribers will have uninhibited access to any and all long-distance numbers we choose to call." Casey Mahon replied on June 3rd. Not unexpectedly, she brushed aside all my arguments. She also presented the first of the sweeping generalizations, with total avoidance of specifics, which we have since come to recognize as a Teleconnect trademark. One paragraph neatly sums Casey Mahon's letter: "While I appreciate the time and thought that obviously went into your letter, I do not agree with your conclusion that Teleconnect's efforts to prevent theft of its services are in any way inappropriate. The inter- exchange industry has been plagued, throughout its history, by individuals who devote substantial ingenuity to the theft of long distance services. It is not unheard of for an interexchange company to lose as much as $500,000 a month to theft. As you can imagine, such losses, over a period of time, could drive a company out of business." ESCALATION. By this time it was very obvious that Teleconnect was going to remain recalcitrant until some third party, preferably a regulatory agency, convinced them of the error of their ways. Accordingly, I assembled the file and added a letter of complaint addressed to the Iowa Utilities Board. The complaint simply asked that Teleconnect be directed to institute appropriate safeguards to ensure that "innocent third parties" would no longer be adversely affected by Teleconnect's arbitrary "blocking" policies. My letter of complaint was dated July 7th, and the Iowa Utilities Board replied on July 13th. The reply stated that Teleconnect was required to respond to my complaint by August 2nd, and the Board would then propose a resolution. If the proposed resolution was not satisfactory, I could request that the file be reopened and the complaint be reconsidered. If the results of that action were not satisfactory, a formal hearing could be requested. After filing the complaint, I also sent a copy of the file to Congressman Tom Tauke. Mr. Tauke represents the Second Congressional District of Iowa, which includes Cedar Rapids, and is also a member of the House Telecommunica- tions Subcommittee. I have subsequently had a personal conversation with Mr. Tauke as well as additional correspondence on the subject. He seems to have a deep and genuine interest in the issue, but at my request, is simply an interested observer at this time. It is our hope that the Iowa Utilities Board will propose an acceptable resolution without additional help. AN UNRESPONSIVE RESPONSE. Teleconnect's "response" to the Iowa Utilities Board was filed July 29th. As anticipated, it was a mass of vague generalities and unsubstantiated allegations. However, it offered one item of new, and shocking, information; Curt Kyhl's BBS had been blocked for ten months, from June 6, 1987 to mid-April 1988. (At this point it should be noted that Teleconnect's customers had no idea that the company was blocking some of our calls. We just assumed that calls weren't going through because of Teleconnect's technical problems.) Teleconnect avoided putting any specific, or even relevant, information in their letter. However, they did offer to whisper in the staff's ear; "Teleconnect would be willing to share detailed information regarding this specific case, and hacking in general, with the Board's staff, as it has in the past with various federal and local law enforcement agencies, including the United States Secret Service. Teleconnect respectfully requests, however, that the board agree to keep such information confidential, as to do otherwise would involve public disclosure of ongoing investigations of criminal conduct and the methods by which interexchange carriers, including Teleconnect, detect such theft." There is no indication of whether anyone felt that such a "confidential" meeting would violate Iowa's Open Meetings Law. And, nobody apparently questioned why, during a ten-months long "ongoing investigation", Teleconnect seemed unable to determine the name of the individual whose line they were blocking. Of course, whatever they did was justified because (in their own words), "Teleconnect had suffered substantial dollar losses as a result of the theft of long distance services by means of computer 'hacking' utilizing the computer billboard which is available at that number." Teleconnect's most vile allegation was, "Many times, the hacker will enter the stolen authorization code on computer billboards, allowing others to steal long distance services by utilizing the code." But no harm was done by the blocking of the BBS number because, "During the ten month period the number was blocked, Teleconnect received no complaints from anyone claiming to be the party to whom the number was assigned." The fact that Curt Kyhl had no way of knowing his line was being blocked might have had something to do with the fact that he didn't complain. It was also pointed out that I really had no right to complain since, "First, and foremost, Mr. Schmickley is not the subscriber to the number." That's true; I'm just a long-time Teleconnect customer who was refused service because of an alleged act performed by an unknown third party. Then Teleconnect dumped on the Utilities Board staff a copy of a seven page article from Business Week Magazine, entitled "Is Your Computer Secure?" This article was totally unrelated to the theft of long-distance service, except for an excerpt from a sidebar story about a West German hackers' club. The story reported that, "In 1984, Chaos uncovered a security hole in the videotex system that the German telephone authority, the Deutsche Bundespost, was building. When the agency ignored club warnings that messages in a customer's private electronic mailbox weren't secure, Chaos members set out to prove the point. They logged on to computers at Hamburger Sparkasse, a savings bank, and programmed them to make thousands of videotex calls to Chaos headquarters on one weekend. After only two days of this, the bank owed the Bundespost $75,000 in telephone charges." RESOLUTION WITH A RUBBER STAMP. The staff of the Iowa Utilities Board replied to my complaint by letter on August 19th. They apparently accepted the vague innuendo submitted by Teleconnect without any verification; "Considering the illegal actions reportedly to be taking place on number (319) 236-0834, it appears the blocking was reasonable. However, we believe the Board should be notified shortly after the blocking and permission should be obtained to continue the blocking for any period of time." However, it was also noted that, "Iowa Code 476.20 (1) (1987) states, 'A utility shall not, except in cases of emergency, discontinue, reduce, or impair service to a community or a part of a community, except for nonpayment of account or violation of rules and regulations, unless and until permission to do so is obtained from the Board." The letter further clarified, "Although the Iowa Code is subject to interpretation, it appears to staff that 'emergengy' refers to a relatively short time..." CONSIDER THE EVIDENCE. Since it appeared obvious that the Utilities Board staff had not questioned or investigated a single one of Teleconnect's allegations, the staff's response was absolutely astounding. Accordingly, I filed a request for reconsideration on August 22nd. Three points were raised in the request for reconsideration: (1) The staff's evaluation should have been focused on the denial of service to me and countless others of Teleconnect's 200,000 customers, and not just on the blocking of incoming calls to one BBS. (2) The staff accepted all of Teleconnect's allegations as fact, although not one bit of hard evidence was presented in support of those allegations. (3) In the words of the staff's own citation, it appeared that Teleconnect had violated Iowa Code 476.20 (1) (1987) continuously over a ten months' period, perhaps as long as four years. Since Teleconnect had dumped a seven page irrelevant magazine article on the staff, it seemed only fair to now offer a two page completely relevant story to them. This was "On Your Computer - Bulletin Boards", from the June 1988 issue of "Changing Times". This excellent article cited nine BBSs as "good places to get started". Among the nine listed BBSs was Curt Kyhl's "Stock Exchange, Waterloo, Iowa (319-236-0834)." Even the geniuses at Teleconnect ought to be able to recognize that this BBS, recommended by a national magazine, is the very same one they blocked for ten months. MEANWHILE, BACK AT THE RANCH. You are now up-to-date on the entire story. Now, we are in the process of spreading the word so that all interested people can contact the Iowa authorities so they will get the message that this case is much bigger than the blocking of one BBS. YOU can help in two ways: First, upload this file to bulletin boards you call. Let's get this message distributed to BBS and modem users across the nation, because the threat is truly to communications across the nation. Second, read the notice appended to this article, and ACT. The notice was distributed at the last meeting of Hawkeye PC Users' Group. If you are a Teleconnect customer, it is very important that you write the agencies listed on the notice. If you are not a Teleconnect customer, but are interested in preserving your rights to uninhibited communications, you can help the cause by writing to those agencies, also. Please, people, write now! Before it is too late! T E L E C O N N E C T C U S T O M E R S = = = = = = = = = = = = = = = = = = = = = = = = If you are user of Teleconnect's long distance telephone service, you need to be aware of their "blocking" policy: Teleconnect has been "lashing out" against the callers of bulletin boards and other "computer numbers" by blocking access of legitimate subscribers to certain phone numbers to which calls have been made with fraudulent Teleconnect charge numbers. Curt Kyhl's Stock Exchange Bulletin Board in Waterloo has been "blocked" in such a manner. Teleconnect representatives have indicated that other "computer numbers" have been the objects of similar action in the past, and that they (Teleconnect) have a "right" to continue such action in the future. Aside from the trampling of individual rights guaranteed by the Bill of Rights of the U.S. Constitution, this arbitrary action serves only to "punish the innocent" Teleconnect customers and bulletin board operators, while doing absolutely nothing to identify, punish, or obtain payment from the guilty. The capping irony is that Teleconnect, which advertises as offering significant savings over AT&T long-distance rates, now suggests to complaining customers that the blocked number can still be dialed through AT&T. Please write to Teleconnect. Explain how long you have been a customer, that your modem generates a significant amount of the revenue they collect from you, and that you strongly object to their abritrarily deciding what numbers you may or may not call. Challenge their "right" to institute a "blocking" policy and insist that the policy be changed. Send your protests to: Teleconnect Company Mr. Dan Rogers, Vice President for Customer Service 500 Second Avenue, S.E. Cedar Rapids, Iowa 52401 A complaint filed with the Iowa Utilities Board has been initially resolved in favor of Teleconnect. A request for reconsideration has been filed, and the time is NOW for YOU to write letters to the State of Iowa. Please write NOW to: Mr. Gerald W. Winter, Supervisor, Consumer Services Iowa State Utilities Board Lucas State Office Building Des Moines, Iowa 50319 And to: Mr. James Maret Office of the Consumer Advocate Lucas State Office Building Des Moines, Iowa 50319 Write now. The rights you save WILL be your own.