Yes my refrigerator is running, and you need to get a lawyer
November 21, 2009 8:11 PM   Subscribe

Legal status of inadvertently sent (supposed to be internal) automated test calls which could be viewed as "prank calls" that go accidentally to 7-13 unsuspecting recipients. And more. YANML i know, please read details.

I know YANML:

Legally, if you are the cause of ~10 people getting something they characterize a prank call which includes their name, and the ANI was masked so that a random 3rd party is blamed, what jeopardy are you in? The 3rd party knows who you are. The Masking was not intentional, just an unfortunate system setting.

What type of lawyer should you consult?

(looking at context below) is consulting a lawyer at this point wise?

Is the justification that it was an honest mistake that was made while tired and doing an assigned, routine task as part of your job acceptable? Even if there were some lack of protocol that were still ultimately your fault and exacerbated the situation?

As a decent person and morally what is the right course of action (please view context below)

What is the worst case scenario here?

Throw away email =

LONG RAMBLING CONTEXT (and blanket apology):

I work for a company that does massive calls for institutions, usually as emergency notifications and "reverse 911" type things. WE DO NOT DO SOLICITATIONS, POLITICAL CALLS, or any of the other stuff that gives broadcast telephony a bad name.

I was preparing to do scheduled, routine testing at 3:00am two nights ago (so we didn't affect users). It was all supposed to be internal tests and I was intending to send test messages to my own cell phone. Easy, no problems.

I was working from home, it was late, I was tired and this is something I do a million times a day as the course of my work. at 10:00pm, before the tests the following morning (and before I tried to catch at least a few hours sleep) I needed to make sure some software that I had just installed on my personal computer was going to work for the 3am tests. I was sending a message essentially in command prompt, back-end method which sends out immediately after you select a list. I thought I had selected a list with only my own personal cell phone and information in it. Somehow I selected the wrong list, it was a list from a customer with live data in it. It was a list I had been working on scripting a solution on earlier that day... somehow I sent it to myself with an ambiguous name thinking it was MY cell phone and test data.

I realized the mistake after the system validation message said "sending to 30 contacts" when I was just supposed to send to one (me)! I immediately tried to terminate the message, but it was too late and around 7-13 people got called.

So here is where it gets sticky. This test call I sent out can insert computer spoken portions, usually the name of someone to whom it is addressed. The accidental list (and my test list of course) both had recipient's names (I work with this type of list a lot as part of my day job... testing is just something I get stuck with at times).

So an unfortunate 2 second oversight and failure to double check which numbers I am sending to gets worse because people are now not just getting a random call, but a random call that features their name in it.

Where it gets more sticky is that the message I sent did not indicate it was a test. Like i said, it was late, I was in a hurry, I was just sending to my self so I wrote some thing for the CPU to say along the lines of free association gibberish that I just typed out on the spot. "message foo bar, go to the playground pick up your baby [name] from play time at [date] thanks bye". or something like that.

Bad form, bad protocol, totally my fault, no excuses. But that is what happened.

Now, the final part, the part that has me worried:
OK, so on the test platforms we use you can define what the outgoing caller ID is (ANI). Usually we just use company numbers, or personal number, or gibberish numbers. In this case it was my test platform but the caller ID number had been initialized in the account by someone else, so I never looked into what the number was. It was a local number so I thought it was one of the companies #s, or some random disconnected number, or ... I don't know, never thought about it.

Again, my responsibility, my fault, my bad. I should have thought about it.

But, when the call went out, I tried to stop it, which I prevented most of the calls, but some still went through. I informed who I needed to inform in the company, fretted over it for 20 minutes but realized there was very little else I could do, and went to sleep so I could do the tests at 3am.

So, when this call goes out to these people, who are understandably confused, a little shocked that it has their name, and some apparently angry, they called the caller ID number back.

It WAS a random number, but apparently, to a real person.

I found this out yesterday when this person called my cell phone and interrogated me about it. I'm not quite sure how he tracked me down (I have thoughts but they are irrelevant).

After at first I honestly did not know who he was. He explained what had happened to him (7 random people from another state called wondering why he was prank calling them) I connected the dots. I apologized, tried to explain in general terms that it was an honest mistake and generally everything I outlined above. I was a bit shocked so I may have admitted more than I should have, and this guy knew who I was through use of Facebook, so I am a bit unnerved

That said, he seems to be OK. By the end of the convo he was not mad at me and we actually chatted in a friendly manner about what he does and a mutual interest, but I don't know. Maybe he is just trying to psych me out or... I don't know. I have not really heard back from him. I called him back (at his request) to follow up, but only got a Voice Mail.

Anyway... This brings me to my question. obviously YANML, but what is the legal status of this? Should I consult a lawyer. And I am willing to admit maybe I should, but what type of lawyer would know something about this type of thing?

And on a decent person, moral level what should I do? Keep in mind, the people who were contacted are off limits. My company has expressly forbid me from contacting them (their customers). So basically what can I do to make it up to random guy?

I am not at all concerned about the company, I have informed the proper people above me, they are handling it to protect their interests. I need to protect my interests. I am 90% sure this will just blow over and maybe I'll buy this guy a beer and be done with it, but I want to prepare for that 10%.

Thanks Metafilter.
posted by anonymous to Law & Government (10 answers total) 2 users marked this as a favorite
I think you should just let it go. I don't see there's a legal issue, but I would think it would definitely get worse the more you mess with the situation. Just let it go. These things happen. Don't make a bigger deal out of it than needs to be.
posted by glider at 8:28 PM on November 21, 2009

Send a text message to each call recipient, apologizing for phone spam, and giving an email or phone number for those wishing for information. Text message is least intrusive; people have varying schedules. Realistically, you annoyed 13 people at 3 a.m. It's tempting to say "Do nothing" in case they complain. But, if you do the right thing, and then someone complains to the Utilities Commission, or the police, the apology would show that you and your company weren't total jerks.
posted by theora55 at 8:33 PM on November 21, 2009

Don't send a text message. You're apologizing for spamming with more spam.

Just let it go.
posted by theichibun at 8:35 PM on November 21, 2009 [3 favorites]

Let it go regarding the 7-13 people. Send the guy a nice food gift, like a Harry & David cheese or fruit basket, and a note that thanks him for being so understanding without specifying exactly what he's being understanding about.
posted by carmicha at 8:44 PM on November 21, 2009

Just a completely unqualified and possibly bad idea: can you do reverse lookup on the numbers and send a letter of apology?
posted by Decimask at 8:45 PM on November 21, 2009

Guys he can't contact the people who recieved the calls, that's just more unwanted contact. I don't think he should apologize anymore to the guy whose number got put out there either.

In general though I can't see how you could be in trouble beyond the fact that you fucked up and might get fired. Legally I don't see what law you broke. IANALE.
posted by Potomac Avenue at 8:53 PM on November 21, 2009 [2 favorites]

How did your manager react when you told him/her? Unless you're in some unique position, I would arrange a meeting with your manager post-haste to discuss how the company wants to deal with it. All the above suggestions are good, but don't make an accidental error into a full-blown, deliberately-ignoring-company-policy mistake. The only lawyer you would need to consult with at this stage would be whoever provides legal council for your company.
posted by brambory at 8:55 PM on November 21, 2009 [3 favorites]

Let it go. It was an accident. In a week, it will all have been forgotten. I highly doubt there will be any legal repercussions unless you do contact these people again and give them ammunition to sue.

Just be extra careful next time.
posted by inturnaround at 10:40 PM on November 21, 2009

Yes, find a lawyer. Best way to find one is through one. Do you have a lawyer you trust, have used for other things? (Real Estate, Will, etc?) Ask them.
That said, my 'humans are usually decent people' side is saying all will be fine.
posted by defcom1 at 1:50 PM on November 22, 2009

OK, so on the test platforms we use you can define what the outgoing caller ID is (ANI). Usually we just use company numbers, or personal number, or gibberish numbers.

Spoofing your caller ID info, even in a test environment is shady. Really, this was exactly what caused all of the problems for this guy (assuming I have read this rambling correctly). Stop doing it and only use the correct number and the real name of the organization. If you ever need to use a fake number in a real situation, then you are abusing broadcast telephony. Part of the testing should be verifying the Caller ID display.
posted by soelo at 6:15 PM on November 22, 2009

« Older dealing with unwanted attention   |   Rental of Fujitsu ScanSnap (or Similar) in Chicago... Newer »
This thread is closed to new comments.