Privacy advocates and domestic violence groups say ID mandate is a big mistake.
A Federal Communications Commission proposal to collect more identifying information from phone users has drawn protests from privacy-focused groups and advocates for domestic violence survivors. The plan is ostensibly designed to thwart robocallers but could make it difficult for individuals to use prepaid phones that can protect their privacy, devices that are often referred to as burner phones.
The FCC is seeking comment on the proposal to require phone companies to obtain and retain, at a minimum, “the name, physical address, government issued identification number, and an alternate telephone number of any new and renewing customer before granting access to its services.”
Critics say this would prevent people from using prepaid phones without revealing their identities. Technology Safety Specialist Belle Torek of the National Network to End Domestic Violence told the FCC in a filing yesterday that “many of the behaviors and privacy-protective measures the Commission appears to view as suspicious are, for survivors, well-established and often life-preserving safety practices.”
A similar group, the Kansas Coalition Against Sexual & Domestic Violence, told the FCC today that “implementation of these rules would harm victims of sexual assault, domestic violence, and stalking and actually create more harm for survivors trying to flee often deadly, crisis situations.” It said that “many victims and survivors do not have reliable access to identifying documents” and “cannot disclose their location when fleeing a perpetrator or when participating in address confidentiality programs.”
The FCC argues that expanding Know-Your-Customer (KYC) requirements will reduce robocalls by deterring scammers from getting phone service and by making it easier to identify scammers that do get access to the phone network. FCC Chairman Brendan Carr said some phone companies “are not doing enough to vet their customers, allowing bad actors to infiltrate our US phone networks… This item would close the gaps that exist in originating providers’ KYC obligations and ensures that providers cannot turn a blind eye while US phone networks are exploited and Americans are defrauded.”
The National Network to End Domestic Violence described extensive concerns with the list of potential information the FCC may require collecting. The proposal “asks whether providers should exclude or subject to heightened scrutiny virtual addresses, shared office locations, PO boxes, and mail-forwarding services, and whether providers should rely on customer-characteristic ‘red flags’ to identify potentially suspicious customers,” the group said. “While these questions arise in the context of fraud prevention, they also implicate practices that survivors routinely use to protect themselves from being monitored or harmed by abusive actors.”
The proposal “asks whether providers should collect copies of government-issued identification, verify information using public databases; consumer reporting agencies; financial institutions; and commercial records, and retain those records for four years after the customer relationship ends,” the group said.
People fleeing domestic abuse “may be living in a shelter, transitional housing, a hotel, a car, a friend’s spare room, or another location they cannot safely disclose,” the group’s filing said. “Many rely on address confidentiality programs (ACPs), governmental programs that provide survivors with a substitute legal address and mail-forwarding services precisely because disclosure of a residential address can expose them to renewed violence.”
Victims of abuse frequently relocate and need to establish new email accounts and phone numbers, the FCC was told. While the National Network to End Domestic Violence is focused on domestic violence survivors, the group pointed out that similar concerns about the FCC plan have been “raised by leading privacy and civil liberties organizations.”
Eric Null, director of the Privacy & Data Project at the Center for Democracy & Technology, told 404 Media recently that “to address the scourge of illegal robocalls, the FCC has unfortunately proposed to force every wireless subscriber in the nation to sacrifice their privacy and give up significant personal details before receiving or renewing a wireless line. While some carriers already collect such details, there are specific circumstances where a person may need privacy and anonymity when seeking a cell phone, including if that person is a victim of domestic violence, or is a journalist or whistleblower.”
Chao Jun Liu, a senior legislative associate at the Electronic Frontier Foundation, told CNET that “collecting all this data is horrible for everyone’s privacy. You have to ask, do you trust the government to have that information at this current moment in time? A government that has proven that they are trying to centralize and weaponize your information.”
Another filing opposing the plan came from the Consumer Access & Choice Coalition, which said it represents “small, nomadic Voice over Internet Protocol (‘VoIP’), 2nd-line application-based VoIP, and wireless service providers.” The industry group said the FCC should regulate abusive behavior by voice service providers that knowingly or recklessly facilitate illegal robocalls, and not impose limits on “ordinary consumer anonymity.”
Requiring the collection of personal information could harm people seeking privacy without substantially lessening robocalls, the group said. “If applied without careful tailoring, these proposals would impose significant costs, privacy risks, cybersecurity exposure, and access barriers on lawful consumer-focused services and their users, while doing little to deter sophisticated illegal robocallers who can migrate to offshore providers, stolen or synthetic identities, compromised accounts, account farms, encrypted platforms, or other evasive channels,” the group said.
The voice-provider group further argued that the plan “would raise serious legal questions, including whether Congress clearly authorized such a regime.” It said the FCC’s proposed rules could be challenged under the major questions doctrine, which can prevent federal agencies from making certain types of decisions without explicit instructions from Congress.
The FCC docket has received numerous comments from individuals opposing the plan. There is a June 25 deadline for an initial round of comments and a July 27 deadline for reply comments. There’s no specific timeline for implementing rules, and it can take a few months after a comment period for the FCC to decide on a final plan.
Source: Ars Technica
