A law passed late last weekright before the 109th Congress wrapped up its final sessionwill outlaw pretexting, the practice of obtaining someone else's phone records without their permission. Pretexting has been going on for years, but the practice recently moved into the public consciousness with the recent scandal over HP's investigation into leaks of confidential information by one or more of its board members.

Passed by voice vote on Friday night, the legislation calls for fines of up to $250,000 and up to 10 years in prison for individuals engaging in pretexting. Companies caught pretexting would face fines of up to $500,000.

The law's passage marks a small victory for consumers, but a larger one for phone companies. Some consumer groups wanted the phone companies forced to tighten their own security procedures and to impose penalties on companies that gave out information to unauthorized parties.

Currently, the practice is illegal in 12 states. In areas where pretexting is not specifically outlawed, prosecutors have been forced to bring action under existing anti-fraud or consumer-protection statutes.

The new federal law will supersede state legislation, which will help consumers in states like California. The MPAA lobbied against pretexting legislation in California, working for the defeat of a bill that would have made pretexting illegal. The MPAA told legislators that it needed to ability to "pose as someone other than who we are to stop illegal downloading."

Phone records are now in the same category as financial records when it comes to pretexting. Obtaining someone else's financial records under false pretenses was outlawed in 1999.