KAI RYSSDAL: A different high-tech company admitted this morning it's been doing something decidedly more low-tech. Hewlett Packard filed what's called a Form 8-K with the Securities and Exchange Commission. That's not so unusual. The 8-K's a pretty standard form. But the devil for this one was in the details. From New York, Marketplace's Amy Scott has the story.
AMY SCOTT: Hewlett-Packard admits it used a controversial tactic called pretexting to access the phone records of board members. Company investigators were trying to find out who leaked information to the press about the board's struggles with then-CEO Carly Fiorina. To do so, investigators may have used personal information, such as social security numbers, to get the phone company to release the call records. Attorney Chris Hoofnagle says it's easy to do with the kind of information every employer has on file.
CHRIS HOOFNAGLE: Employers have so much personal information through the HR process, that employers could easily use the data to invade individuals' privacy. However, it's unlikely that HP provided that information. Chances are the investigator got it.
That's because investigators can easily access social security numbers with as little as a name and approximate age. There's no federal law that specifically prohibits pretexting. But privacy consultant Rob Douglas says it's clearly illegal.
ROB DOUGLAS: The Unfair and Deceptive Trade Practices Act outlaws, just as the title says, deceptive trade practices. Hard to imagine what is a more deceptive trade practice than hiring somebody to impersonate a fellow board member in order to get their phone records.
That doesn't stop bosses from routinely spying on their staff, Douglas says. When he worked as a private investigator, he says employers would ask for the phone records of employees they suspected of leaking information to competitors.
Douglas says what's unusual about the HP case is that the company got caught.
In New York, I'm Amy Scott for Marketplace.