ainst a backdrop of lawsuits, heated congressional hearings, and outcries by privacy advocates, the company's new policy for Internet and video customers further claims that "while your account information may be personal to you, these records constitute business records that are owned by AT&T."

The policy update impacts AT&T's more than 7 million Internet and video customers – with the company declaring it could collect usage information from subscribers, including the Web pages they visit, the programs they download, and the games they play.

AT&T customers must agree to the terms before using AT&T's services. Previous company privacy policy guidelines did not unequivocally say the company outright owned customer data.

The language continues: "We may also use your information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud (or) situations involving potential threats to the physical safety of any person."

The latest verbiage comes as AT&T is being sued by San Francisco's Electronic Frontier Foundation for allegedly providing the National Security Agency with warrantless access to its data – including customers' e-mail.

Also, this week during a Senate Judiciary subcommittee hearing, lawmakers probed AT&T chairman and chief executive Edward E. Whitacre, Jr. about his firm's involvement in sharing records with federal agencies seeking to target terrorists.

"I'm not allowed to answer that. It's classified information," Whitacre told committee chairman Arlen Specter, a Republican from Pennsylvania.

But AT&T says its new privacy policy does not reflect any substantive changes and instead offers only some new "plain language" about customer data.

Furthermore, an AT&T spokesman maintains that the new privacy policy declaration has been mulled since December – after SBC Communications Inc. merged with AT&T Corp. – and is not connected to any ongoing lawsuits or building pressures from Capitol Hill.

Consumer advocates, however, have zeroed-in on the new language, saying that, in effect, AT&T has given itself carte blanch to disclose virtually any customer data to terror-fighting official agencies such as the NSA.

In a press release issued today, the American Civil Liberties Union (ACLU) charged that AT&T's reworked privacy policy is "a completely inadequate response to the company's apparent betrayal of its customers' privacy by illegally providing calling information to the NSA."

Pointing especially to the language, "involving potential threats to the physical safety of any person," the ACLU said that even the vaguest hunch by the lowest-ranking security guard could qualify as a "potential threat."

"AT&T appears to be trying to give itself license to do whatever it sees fit with customers' data," concluded the advocacy group.

"It has always been a part of the story that AT&T apparently violated its former privacy policy, but that has never been the central problem with the reported program. If the allegations are true, AT&T could somewhat reduce its liability for any participation in the program once the new policy goes into effect... But such cooperation would still be illegal," said the ACLU.

"Privacy policies do not trump the laws of the U.S. or individual states. For example, Congress has explicitly banned telecoms from providing customers' calling information to the government outside of the specific legal channels created by Congress," the group added.

The ACLU maintained that by secretly providing customer data to the government outside of any legal channel, AT&T has violated the privacy expectations of Americans – not just the terms of some legalistic privacy policy, but their basic expectations for how private communications will be treated in America.

‘Spin Control'

In the NSA spying controversy, the ACLU – which filed a lawsuit against the NSA on January 17th, alleging that the surveillance program violates the separation of power, as well as the First and Fourth amendments – maintained, "We have the all-too-rare instance where existing laws actually do cover the behavior at issue, making changes to AT&T's privacy policy nothing more than an exercise in spin control."

Those "existing laws" referred to by the ACLU include the Foreign Intelligence Surveillance Act of 1978 (FISA) that limits "warrantless" surveillance to a specific period and strictly limits the targets of that surveillance to foreign governments.

The law has been interpreted to include all calls to destinations outside the United States. If the government can show probable cause, it can obtain a warrant to monitor the communications of Americans within the country's borders.

Since 1978, only five out of 19,000 requests made to the FISA court have been rejected.

In May, President Bush defended the NSA phone surveillance, saying from the White House, "We're not mining or trolling through the personal lives of millions of innocent Americans. Our efforts are focused on links to al-Qaida and their known affiliates. So far, we've been very successful in preventing another attack on our soil."

Bush also assured Americans that "one end of the communication must be outside the United States. " The president's statement did little to quell the apprehension of privacy groups and some lawmakers about the call detail records, which are database entries that record the parties to the conversation, the length of the call, and the like.

Under the current administration policy, the NSA and other government agencies have records of the calling histories of hundreds of millions of Americans – though without access to the actual content of the conversations.

More Reaction

Michael Shames, executive director of the Utility Consumers' Action Network in San Diego, told the San Francisco Chronicle that he suspects other telecom companies, including cable companies, will follow AT&T's lead and claim unqualified ownership of customers' data.

"If AT&T is doing it," he said, "it's just a matter of time before every telecommunications provider is doing it."

The Washington Post quoted Charles H. Kennedy, a privacy attorney at Morrison & Foerster, LLP in D.C., saying, "They are redefining the customer information as their property. If the company is going to say, ‘Well, it's not your record; it's our record. You don't own it; we own it,' this may later be used to say it's not protected by the Privacy Act."

Pam Dixon, executive director of the World Privacy Forum, a non-profit focused on conducting research and consumer education in the intersecting areas of technology and privacy, told the Post, "What if this kind of thinking spreads to other companies and other sectors? When a company this large does something, it can have a profound impact on others."

"My understanding is that they will be monitoring television viewing habits, and that it's a condition of service that customers can't opt out of," said Paul Stephens, a policy analyst at Privacy Rights Clearinghouse. "It's frightening," he told Reuters.

Meanwhile, Sen. Hillary Rodham Clinton, R-N.Y., has entered the privacy fray as part of the buildup to her expected run for the Democratic presidential nod in 2008.

In a recent address, she advocated a "privacy bill of rights," pushed for the creation of a "privacy czar" within the White House, and proposed legislation to let consumers know what information companies are keeping about them – as well as a tier-system of penalties for companies who are careless with consumer data.

As to anti-terror eavesdropping: "The administration's refrain has been ‘Trust us,'" said Clinton. "That's unacceptable. Their track record doesn't warrant our trust. Unchecked mass surveillance without judicial review may sometimes be legal but it is dangerous."

The issue is certainly not spent on Capitol Hill, despite protestations of national security.

"I respect you, and you and I will talk about this further," Specter told the voluntarily-appearing AT& T chief Whitacre near the end of the hearing.

Specter has threatened to subpoena telephone executives to testify about any involvement in the program.

Also on the Senate Judiciary subcommittee that grilled the AT&T chief at this past Thursday's hearing, Sen. Patrick Leahy, R- Vt., said, "I am very concerned about the new AT&T policy in which AT&T asserts that private customer records are AT&T property, which could allow AT&T to divulge that information to the highest bidder or just give it to the Government."

As of this writing, however, Leahy's office has had no further comment until such time as the lawmaker studies the complete text of the new privacy policy declaration.