certain information held by others, including credit12, education13, financial1*, cable15 and video records.16

In the area of communications, following Katz. Congress passed the Wiretap Act of 1968, which limits severely the government's ability to intercept and record communications.17 And, in 1986, Congress passed the Electronic Communications Privacy Act (ECPA) to update the Wiretap Act to cover the interception of new forms of electronic, non-aural communication.18 In addition, in ECPA Congress rejected the Supreme Court's conclusion in Smith v. Marvland that telephone toll records are not entitled to privacy protection.

ECPA provides that "no person may install or use a pen register or trap and trace device" without first obtaining a

12 Fair Credit Reporting Act, § 15 U.S.C. 1681 (1970).

13 Family Educational Rights and Privacy Act, 20 U.S.C. § 1232g (1974).

14 Right to Financial Privacy Act, 12 U.S.C. § 3401 (1978).

15 Cable Communications Policy Act, 47 U.S.C. 5 551 (1984).

16 Video Privacy Protection Act, 18 U.S.C. § 2710 (1988).

17 The Omnibus Crime Control and Safe Streets Act of 1968, 18 U.S.C. 2510 et seq.

19 As Senator Leahy stressed in introducing ECPA, the 1968 Wiretap Act "is hopelessly out of date. . . [In 1968], Congress could not envision the dramatic changes in the telephone industry which we have witnessed in the last few years."

19 A trap a trace device is defined as a "device which captures the originating electronic or other impulses which identify the originating number of an instrument or device from which a wire or electronic communication was transmitted." 18 U.S.C. 3127(4).

court order" that certifies "that information likely to be

obtained is relevant to an ongoing criminal investigation being

conducted" by a particular law enforcement agency.20 This

general prohibition does not apply if used by a provider of:

electronic or wire communication service-

(1) relating to the operation, maintenance, and testing of a wire or electronic communication service or to the protection of the rights or property of such provider, or to the protection of users of that service from abuse of service or unlawful use of service; or

(2) to record the fact that a wire or electronic communication was initiated or completed in order to protect such provider, another provider furnishing services towards completion of the wire communication, or a user of that service, from fraudulent, unlawful, or abusive use of service; or

(3) where the consent of the user of that service has been obtained.21

Although Congress did not consider specifically Caller ID in the

drafting of ECPA, the use of Caller ID as a trap and trace device

is clearly covered by the law.

III. CALLER ID AND CURRENT LAW

A serious question exists as to whether Caller ID, as a trap and trace device, is legal under current federal law.- As drafted, ECPA contemplates the use of trap and trace devices by only two parties — law enforcement, which must first obtain a court order, and telephone service providers, which must meet one of three exceptions. All other uses are prohibited.

era

Be lav's definition of a and identifies "the z. a Itt& or electronic rut probisits the use of a

order unless one of three only apply to -:v»i it appears that the use sy a -sa-Lapnone [subscriber is

Service (CRS) arrived at

r an •prrr""r is"***1 last fall, C8S

tE: ^ne Oeneral prohibition to apply ^ am— devices by providers ai aam asc nur ia«rs of the services.23 The

t» Hc-=.t:w history are clear thai rh* ^samBCS, m is* trap and trace devices * ^---mc an£ to detect illegal acr»ra±Sy. 3r. . i£ sttss law refer explicitly *c Udfcfc

Even if it is determined that "providers" may provide Caller ID to telephone subscribers, none of the three exceptions apply to authorize its general, unrestricted use. The first exception applies to the use of a trap and trace device in the "operation, maintenance, and testing" of the service, or to "protect the rights or property of the provider" or to protect the users of that service from unlawful or abusive use of the service. The legislative history is clear that this first exception was intended to cover only use of a pen register by the phone company.29

The second exception authorizes a provider to use a trap and

trace device to protect providers and users from fraudulent,

unlawful or abusive use of service. Again, the second exception

is inapplicable to the everyday use of Caller ID by telephone

subscribers. In addressing the first two exceptions, CRS

concluded:

Any suggestion that either of these exceptions authorizes a user's employment of a trap and trace device to identify all incoming calls in order to avoid answering those from sources likely to be obscene or harassing overlooks the fact that permissible use is limited to providers.26

The third exception authorizes providers to use trap and trace devices "where the consent of the user of that service has

25 The trap and trace language had not yet been added to the bill.

been obtained." At best, the scope of this exception is

ambiguous. First, is the user the caller or the receiver of a

phone call? Or is it the subscriber? Logically, since it is the

caller who takes the active step to initiate a phone call, and it

is his or her number that is being revealed, it follows that it

is the caller's consent that should be obtained prior to the

provider using a trap and trace device.

Even assuming that "the user" is found to be either party to

a phone call, in its analysis CRS interprets the third exception

to be:

restricted to consent to use a trap and trace in connection with a particular call where there is only a single user who may consent, as opposed to continuous use of a trap and trace device in connection with a particular line which might over the course of time have many users... The consent exception therefore cannot embody consent of a telephone subscriber to include a continuously operating trap and trace device as a feature of his or her telephone service.

We do know, though, that in 1986 the development of Caller

ID technology was in its infancy, and was not considered

explicitly by either the Congress or the various groups that

supported passage of ECPA. Nevertheless, Congress did intend

ECPA's scope to be elastic enough to cover the development of new

communications technologies. As the Chairman of this Subcommittee

and chief author of the House-passed version of ECPA stated:

The first principle [upon which ECPA is based] is that legislation which protects electronic communications from interception by either private parties or the Government should

27 CRS found it important that exception (3) refers to the user, whereas others sections of the law refer more generally to a user.