We really just need telcos to stop allowing caller id spoofing. Doesn’t even need your name, but with a real number we could actually report these scams.
You can still allow people to hide it, but then by default every non-business phone should block calls with hidden numbers.
What ever happened to SHAKEN/STIR? I thought this was supposed to happen 5 years ago. Did they just chicken out on the prospect of actually shutting down telcos sending spam volume? I still get loads of spam phone calls, so clearly something went wrong (or slow enough to be indistinguishable from wrong).
I'm not certain, but I think on my phone incoming calls that fail SHAKEN/STIR show the caller id in red rather than black text. I'm on T-Mobile. It also shows "Number Verified" or something like that.
Now that you mention it, I believe I have seen a couple of red flagged calls, but I still get ~3 calls a day from a very aggressive business loan spammer, it's always a new number and never flagged.
Anybody desperate enough to consider telemarketed merchant cash advances (MCAs) should look into them very carefully first. The contracts often have stipulations that allow them to draw money from your bank account at will, penalty interest rates that jump up 400% APR, have been known to use mafia enforcers to violently extract payments, and the list goes on. There was a more perfect union video (titled something about texting back a loan shark) with a bracing, if sensationalized, look at some of the worst ones.
Do they actually need to purchase numbers to do that, though?
I alwys imagined that there are certain shady providers ("grey-market Twilio" sort of idea) that just let you run single outbound call/text requests through a giant pool of numbers shared with other customers of the service. Perhaps specifically a bank of residential numbers plugged into banks of regular cell phones, like a residential IP proxy service provider.
Just because a call is a spam call doesn't mean it is spoofed. STIR/SHAKEN ends spoofing but anyone can ultimately buy a phone and make calls that are spammy.
Sure, but with phone numbers that can't be spoofed, telcos can terminate service, and filtering technologies can block calls. Spam gets expensive if you have to buy new service every five calls.
STIR/SHAKEN up to this point has only been a self-certification that a telecom company has the right to use a number. What the FCC is trying to do is set up a legal obligation for the STIR/SHAKEN header to match a KYC verified identity.
If the FCC implements this, I expect a lot litigation because of the burden and legal liability this would place on telecom and VOIP companies. There are other less burdensome approaches to preventing spam that the FCC has not tried.
According to a defcon talk, spammers just make sure all their spam gets routed through legacy TDM systems which discard the shaken/stir header because they're too old to support it. The other side then re-adds a "we got this from somewhere that didn't support this header" header.
Easy fix. It should be opt-in to accept a call that is routed through one of these. I know they allow it so some grandma in rural France that still uses a dial phone on a copper line that hasn't been touched since 1962 can call her son in New York, but for the rest of us who are not in that situation, we can just blacklist all those calls and lose nothing. This would even fix spam for the people who opt-in, because so few people have grandmas in rural France that it's not worth it for the spammers to bother anymore.
> Easy fix. It should be opt-in to accept a call that is routed through one of these.
Easier (and correct) fix: Telecoms operators should not be permitted to provide transit to a call that's routed through one of these.
> I know they allow it so some grandma in rural France that still uses a dial phone on a copper line that hasn't been touched since 1962...
This doesn't make sense. Even my inexpensive Mikrotik switches can augment packets with the ID of the port that they originated from. I do not believe for even a second that Telecoms Grade switching equipment is unable to do the same. The fact that that grandma can send and receive calls tells you that both that that equipment exists and that it knows what port her phone is connected to.
> I do not believe for even a second that Telecoms Grade switching equipment is unable to do the same.
The example should rather have been some telecom carrier in Africa or India. Telco equipment is expensive, the technology is ridiculously complex and getting companies especially in less well-off regions to replace aging stuff and updating it to modern standards is next to impossible. Think about it, the globally connected phone system includes countries where you get 10 GBit/s symmetric fiber in your home and it includes countries where people don't even have running water because they're so poor.
The fact that we in Western countries can have a realtime conversation with someone in the Saharan desert or in an Indian village that requires days worth of travel [1] is nothing short of a miracle.
I am, more in tune with "just get it over with" than ever. Ipv6? 25 years of this crap? should have just said, Jan 1 2001, all routers must support 64 bit ipv4 addresses. Like the chrome HTTPS switch over, JUST DO IT
The FCC issued a report on this very subject[1]. TLDR, there have been four exceptions to the SHAKEN/STIR requirements:
- Providers that can't afford it implement it
- Non-IP networks
- Small voice service providers that originate calls via satellite using U.S. NANP
- Providers that lack control over the network infrastructure necessary to implement
Nothing is going to change as long as those holes exist.
The can't afford it exception is disappearing soon, as it isn't true for any business. Total setup costs for STIR/SHAKEN are under $2000 these days. Providers that lack control over the network infrastructure (i.e. they don't have the ability to control the stir/shaken headers so by definition they can't spoof numbers) will likely continue to be a thing as changing it would force pretty much every small business in the VOIP industry out of business and allow only large companies to be VOIP service providers.
What valid purpose does hidden numbers have? Government departments in my country hide their caller ID.
I find that abusive on its own but let’s not forget about the fact that now you have victims of domestic violence being forced to answer hidden numbers in case it’s welfare, or the cops, or their abusive spouse.
We don't, but the entire world currently does, and the amount of equipment deployed that depends on it is substantial.
I would be willing to bet money that any "better call addressing system" would be a design by committee where this just gets litigated there. And we'd end up with either a system that requires KYC per-call, or has compromises similar to what we're complaining about now.
Having worked with telco companies, 99% of it is "Yeah, but this stuff still works just fine;) And if a government compels us to change our equipment for reasons other than national security, we're going to pitch a fit and demand financial incentives beyond reason." A lot of the pressure to boot Huawei from tech stacks globally ran straight into that wall and flopped. Even with national security at its back.
Considering most of those same telcos are donors and employers of large numbers of people across many constituencies of almost every nation, usually no politician has or is willing to spend political capital to shoot themselves in the foot like that. And no nation with a national telco company runs it well enough to ever even dream of spending money for something like IP addresses, they typically barely keep the lights on.
It's even worse: Since cell phones broadcast your location at all times, this means telling hundreds of companies (and a number of governments) your location at basically all times.
That's already an issue with most cell phones. Making this apply to prepaid phones is even worse.
One thing I wonder is if this is just one step removed from 'Now we know the identity of every user so we can now have both probable cause and verified identity to arrest over statements containing speech we do not like.' "
Like that is Carr's FCC in a nutshell - he wants to control speech by controlling the airwaves. That is a raw fact in his behavior. But when the news stations say the thing they want them to say, what happens next other than slightly extending the definitions of public good to the internet and then restricting speech?
If you have to wonder, you don't need to wonder. So now not only can "antifa"-related speech qualify you as a terrorist (https://www.whitehouse.gov/presidential-actions/2025/09/coun...), now your phone is legally required to track you and report your location at all times. The legal infrastructure is in place to track and bring a wide range of consequences down on just about any and all political enemy, whether that be ruining their life by dragging them through years of criminal charges or simply black-bagging them and whisking them off to a prison for "enemy combatants" without any oversight from a court. All of this is being done in full view of Congress and the Supreme Court, therefore one can only conclude that they are comfortable with and complicit in what is going on.
They won't do that because that'll cause an uproar.
What they'll do, what they always do, what you can see them actively doing (albeit on other policy axis) even at the local government level, is simply scrutinize these people for other laws they've broken or rules they've run afoul of and then enforce the shit out of those.
It's important to remember that Carr is but a bureaucrat doing what he needs to do to make his boss (or, rather, his boss's boss) happy.
We have a real problem with people in government buying into the idea that it's basically a private company set up for the benefit of one man in particular.
> Note: By checking this box, I acknowledge that I am filing a document into an official FCC proceeding. All information submitted, including names and addresses, will be publicly available via the web.
Is there really not a way to submit an express FCC comment that avoids all my personal info being publicly published to the web? Yeesh.
I spend a lot of time filing requests to take down my home address. Most low-hanging fruit options have been scrubbed. I am hesitant to increase the count.
You mean the link between your name and home address? Impossible to scrub. If you're registered to vote, own a home, or many other things, that is legally a matter of public record.
Yes. You need to stand up as a citizen to have the impact (they cross check).
Publication is probably a bit much as a default and chills speech a bit, but it’s also important that the federal register can remain public with all public comment on the web. These are official comments on the record.
Im USA based use prepaid service because I dont want to provide information for a credit check to obtain postpay service.
Theres absolutely no reason for a US based telephony provider to retain the most sensitive PII on their customers.
Every large provider has a history of breaches and selling customer data.
The telephone companies are already tracking, storing, selling; so many data points on their customers.
They cant be trusted with any information.
I got ATT prepaid in January and still had to give my ID, but it was weirdly not upfront but later on when I was trying to actually activate the service. Not sure what the deal is.
Counterpoint: for my part I would like it to be the case that any phone line that can dial or message my phone can be traced back to a known human being who can be held accountable for abuse of that phone line in terms of generating spam, abuse or harassment.
Seems that we can’t both get what we want.
A potential solution is that you get your anonymous phone line but my phone provider simply refuses to let you call me with it.
Of course then we need to extend the same principle to data and to IP traffic originating from your device. If you don’t want to be traceable it seems reasonable that services should have the right to refuse to handle IP traffic you generate.
Would such a half-baked level of network access suit your needs?
> my phone provider simply refuses to let you call me with it.
I don't think it's necessary to go this far. The provider could indicate something like "CANNOT VERIFY NUMBER". I imagine most people would block such calls.
Why can't you? They don't want to provide info for a credit check, you want human accountability. All that requires is for them to use a debit card for whatever service (prepaid or postpaid). Law enforcement can trace that if needed. No need for credit checks or really any other information directly in the hands of the telco.
The problem of the government tracking down people for political posts is supposed to be solved by having laws that constrain the government, not by having corporations provide anonymity as a service.
There's no "supposed to" here. Humans, (including governments) are inclined to do bad things; both law and technology are necessary to restrain those tendencies.
"Call to Action" is a needlessly impotent threat. Like high school students walking out of their own lunch period to protest the loss of salisbury steak on the menu.
Most major telcos worldwide outside the US have strict KYC rules, this is not a battle you are going to win, because there are very few legitimate reasons in support.
In my opinion, the real fix to scam, spam, and robocalls is to pass along the REAL(TM) Caller ID information not just the caller ID but the actual billed Caller ID information and allow the recipient easy ways to drop the calls when those two don't match. I don't know exactly the technical details of Stir/Shaken but someone somewhere is paying / getting paid for each call and this information should be transparently available to the call or message recipient. For "legitimate" reasons like doctors or call centers, they should already provide a separate work phone and not make them use their personal line. For leaky carriers, those should be blocked entirely. Nothing good comes from them. Basically what I am suggesting is if the full attestation level ("A-level") is not available, drop those calls and text messages by default unless the customer opts in (I have no idea why anyone would)
Any particular reason yall can't just argue in court that by creating opportunities for your PII to be stolen your governments (state or federal or both) are actively harming you economically?
Sure, not much money to be had by fighting that fight but basically any PAC should have the means to do this and by claiming money is at stake and not people's actual safety you do have a better chance at this not being dismissed because of how your justice system /is/.
Unless you've had fraud committed against you, that's a hard sell. What dollar figure do you use as the basis? Are you suing for years of credit monitoring? Because that's typically the solution for people who are the victims of PII leaks.
One could argue that it's a failure of law enforcement or telcos or regulators to do enough to prevent fraud and maaaaybe bring a class action or something, but that's a massive stretch.
Given it's a physical impossibility to create an impregnable fortress for your data and said data both already has a dollar amount attached to it in the black market and an obligation to be cared for, the argument could be that the government is setting up companies to lose money unless they too get to sell that data themselves, which regulations -and basic decency- say they can't.
Honestly I'm at the point where I'm like lets just kill the POTS. It makes little sense to me that it's become a sort of user ID for many things, that we have better alternatives (WebRTC, FaceTime et al) that we should push. Like where it currently says "Telephone number" i should be able to put in a URL like "webrtc://<a pseudonym for my IMEI>" (which itself could be a dropdown box for "This device" on the phone itself...)
For example, why isn't it the default that when a telemarketer calls me it's not a video call? And why can't I preview their video stream prior to answering?
I get its "impossible" to make everyone change, but i do think we should push forwards...
This means the parents of adult scammers too. Every scammer has a mother and father who are failing them. If they were doing their jobs, this wouldn't be happening.
KYC and AML are the most blatant attempts at subverting due process I’ve ever seen.
Instead of the government actually trying to catch money laundering, they just make 3rd parties like banks and payment processors judge, jury, executioner. Effectively giving them the power to decide who can do business. And if they decide you can’t, you have no recourse. If the government didn’t give this power to private companies, they would have to prove in court that you are doing something unsavory. And to people saying KYC/AML works, sure. HSBC was laundering billions and these guys know how to get around KYC. You’re just screwing over common people at this point and giving banks and financial institutions power to skirt due process.
"Effectively giving them the power to decide who can do business." well it's giving the government the power to decide who can do business. The banks and merchants already had that power, but now they have additional legal risk of doing business with whoever the govt doesn't like.
> the most blatant attempts at subverting due process
This seems so clear to me; KYC is an end run around the constitution.
But how do we stop it? If we legislate "no KYC" then what is my recourse when an imposter empties my accounts? You'd want it to be at least allowed.
But if we allow industry to require KYC "we will only deposit your pay to a verified bank account" then you may end up with de facto KYC if not de jure. But if you tell businesses they may not require it, it enables other kinds of fraud.
Legislation does not constrain people who will to do evil.
Use Monero as much as possible. If enough people adopted it, there's absolutely nothing they could do to stop it short of turning off the internet entirely. Even China, with the strictest internet controls in the world, hasn't managed to stop people paying for banned goods and services in crypto there.
We're making our law enforcement's job marginally easier, by making the criminals' job infinitely easier by creating millions of juicy PII honeypots.
No, you don't need my phone #, real name, captcha.. if you think you do, realign your incentives, and rethink what else can be used for your real need instead.
For background on KYC in the banking context @patio11's podcasts and essays are worth consuming:
Patrick: Yes, so "Know Your Customer" (KYC) and "Anti-Money Laundering" (AML)
are mandatory elements of the international compliance regime that have been
in place in the United States since the early 1980s. Over time, this regime
spread globally, largely fueled by the U.S. leveraging the dollar as a tool
of foreign policy—a point where I find myself agreeing with critiques from
the crypto community. Their complaints about this are largely accurate. You
can see this clearly in the documents as these laws were passed and as
supranational bodies increasingly tightened regulations on banking secrecy
havens.
Reading this line in Lopp's article: "FCC even asks whether providers should consult lists of terrorists, terrorist organizations, and “criminal persons” maintained by law enforcement entities," brings to mind McKenzie's work describing the outsourced role of NGO's in vetting banking customers.
Yeah if US mail is as spam compromised as it is, you can forget about phone calls ever being cleaned up.
In the era of Target specialized AI that can mimic voices, writing styles, communication is now fundamentally compromised without some sort of actual reform
Let me give you an analogy: Someone keeps blaring an airhorn outside your window at 4am. It's making it difficult for you to sleep. The government, in their bountiful wisdom, decides to hold an emergency meeting, and agrees to pass a law that people need to show an ID to buy an airhorn. You're appalled. This is an invasion of privacy! You protest outside of city hall. You try to get some of your neighbors onboard, but find that they're already protesting! Their protest is demanding that the government do something about the annoying airhorns.
In theory, it could help. In practice, for KYC to reduce spam and scam calls, FCC would have to be willing to drop hammer big time on people and telcos who allow it to happen. With current political climate in the US, I don't see that happening since companies would scream "Poor pitiful us" and fines would be the cost of doing business.
It did in every other country that did it. What's different about this one? If you get a spam call in Europe from Europe, you call the police and the spammer gets located and punished.
Europe does not consistently have KYC for phone service, at least for mobile connections. Normal phone companies in Ireland don't ask for information when buying SIMs (physical ones, at least). Some eSIM providers in Europe don't ask for information at all, and accept cryptocurrency payments. (I'm also aware that some other European countries have very different requirements, up to actually needing copies of identification.)
More widely, however, there do seem to be differences that I don't know the details of. VOIP seems quite different (I use it for my old phones): DID numbers in the US seem extremely cheap and available instantly, with little information, while European ones seem to have an actual verification process and prices that would make large-scale spamming difficult.
As an additional anecdote, I've never heard of a number-porting/2FA attack using social engineering or other methods in Ireland - but we have our own unique issues now with Robocalls and phishing on WhatsApp and SMS.
Realistically, it is for 99.9% of people who have phones. The 0.1% have to go out of their way to buy, with cash or crypto, prepaid SIM top-ups on flip phones, and by doing so they stand out like a sore thumb.
Back in the days of rotary phones, not only did the phone providers have your name, they even listed it, your home address, and your phone number in the white pages of the phone book, and everyone in town had a copy of it. Before the rise of microcomputers which enabled data tracking and robocalls, which in turn gave rise to demand for privacy from spam, having that information out in public wasn't a problem except for edge cases like domestic abuse victims or people in a witness protection program. The 99.9%, though, are still getting tracked no matter what, and I sometimes wonder if we've sacrificed the convenience and confidence of the phone-book age for an illusion of privacy that relies on anxiety.
I grew up in the phone book age. We had one phone with a really long cable, but it wasn't long enough to take it with me everywhere I went. And, as you point out, nobody had robots to call it, either.
You don’t see the harm in requiring telcos - famous for handing over data without warrants or court orders - being forced to have identifying data for every subscriber?
I can think of a half dozen ways that can get abused. Remember that in the states policing is decentralized. There is always some department somewhere willing to abuse their power. Look at how flock has been used to stalk partners, or how geofencing was used to sweep up everyone in the area of a protest, or how stingray is used to listen to all calls in an area. This is opening up avenues of abuse for almost no benefit.
> famous for handing over data without warrants or court orders
More concretely, famous for pushing data in bulk to the surveillance industry for a nominal fee. That is ostensibly the goals behind this development - all of these companies demanding phone numbers for "verification" and snake oil "2FA" want to reliably dox 100% of their users rather than just 80%.
at times? we can't even decide if women are allowed to control their own bodies. we're now open to states stopping people with dark skin from voting, and we have giant internment camps where we keep innocent men, women, children because they have a spanish accent. vaccines are apparently not a worldwide health miracle, education is overrated, we're bringing back jobs in coal and oil, and invading/destabilizing latin american countries is back in vogue. in two years we might be so backwards that women's suffrage becomes questionable (https://en.wikipedia.org/wiki/Democratic_backsliding_in_the_...).
Almost no one has physical phone lines anymore. It also used to be a given because they had to send a physical paper bill to someone, and hence needed an address.
Neither of these are true anymore.
Also, the tone is set from the top.
Do you think the current admin cares about actually tackling fraud and abuse?
You can still allow people to hide it, but then by default every non-business phone should block calls with hidden numbers.
I alwys imagined that there are certain shady providers ("grey-market Twilio" sort of idea) that just let you run single outbound call/text requests through a giant pool of numbers shared with other customers of the service. Perhaps specifically a bank of residential numbers plugged into banks of regular cell phones, like a residential IP proxy service provider.
Almost every spam call has that I get, is spoofed.
Someone here explained it, once.
I think the spoofed calls use a legacy transport tech that can’t be forced to validate.
If the FCC implements this, I expect a lot litigation because of the burden and legal liability this would place on telecom and VOIP companies. There are other less burdensome approaches to preventing spam that the FCC has not tried.
Easy fix. It should be opt-in to accept a call that is routed through one of these. I know they allow it so some grandma in rural France that still uses a dial phone on a copper line that hasn't been touched since 1962 can call her son in New York, but for the rest of us who are not in that situation, we can just blacklist all those calls and lose nothing. This would even fix spam for the people who opt-in, because so few people have grandmas in rural France that it's not worth it for the spammers to bother anymore.
Easier (and correct) fix: Telecoms operators should not be permitted to provide transit to a call that's routed through one of these.
> I know they allow it so some grandma in rural France that still uses a dial phone on a copper line that hasn't been touched since 1962...
This doesn't make sense. Even my inexpensive Mikrotik switches can augment packets with the ID of the port that they originated from. I do not believe for even a second that Telecoms Grade switching equipment is unable to do the same. The fact that that grandma can send and receive calls tells you that both that that equipment exists and that it knows what port her phone is connected to.
Mikrotik is a young spring chick compared to the dinosaurs in telecom.
The example should rather have been some telecom carrier in Africa or India. Telco equipment is expensive, the technology is ridiculously complex and getting companies especially in less well-off regions to replace aging stuff and updating it to modern standards is next to impossible. Think about it, the globally connected phone system includes countries where you get 10 GBit/s symmetric fiber in your home and it includes countries where people don't even have running water because they're so poor.
The fact that we in Western countries can have a realtime conversation with someone in the Saharan desert or in an Indian village that requires days worth of travel [1] is nothing short of a miracle.
[1] https://www.aljazeera.com/gallery/2024/5/8/an-election-booth...
- Providers that can't afford it implement it - Non-IP networks - Small voice service providers that originate calls via satellite using U.S. NANP - Providers that lack control over the network infrastructure necessary to implement
Nothing is going to change as long as those holes exist.
1: https://docs.fcc.gov/public/attachments/DOC-416732A1.pdf
It would certainly hurt a consumption-based economy, for starters.
If your carrier accepts a spoofed call they're already violating FCC recommendations.
I find that abusive on its own but let’s not forget about the fact that now you have victims of domestic violence being forced to answer hidden numbers in case it’s welfare, or the cops, or their abusive spouse.
I would be willing to bet money that any "better call addressing system" would be a design by committee where this just gets litigated there. And we'd end up with either a system that requires KYC per-call, or has compromises similar to what we're complaining about now.
Considering most of those same telcos are donors and employers of large numbers of people across many constituencies of almost every nation, usually no politician has or is willing to spend political capital to shoot themselves in the foot like that. And no nation with a national telco company runs it well enough to ever even dream of spending money for something like IP addresses, they typically barely keep the lights on.
That's already an issue with most cell phones. Making this apply to prepaid phones is even worse.
https://www.pcmag.com/news/apple-expands-this-location-focus...
Like that is Carr's FCC in a nutshell - he wants to control speech by controlling the airwaves. That is a raw fact in his behavior. But when the news stations say the thing they want them to say, what happens next other than slightly extending the definitions of public good to the internet and then restricting speech?
What they'll do, what they always do, what you can see them actively doing (albeit on other policy axis) even at the local government level, is simply scrutinize these people for other laws they've broken or rules they've run afoul of and then enforce the shit out of those.
We have a real problem with people in government buying into the idea that it's basically a private company set up for the benefit of one man in particular.
Is there really not a way to submit an express FCC comment that avoids all my personal info being publicly published to the web? Yeesh.
And if you think your name and address are private, then I have some bad news for you.
Publication is probably a bit much as a default and chills speech a bit, but it’s also important that the federal register can remain public with all public comment on the web. These are official comments on the record.
They probably do keep records, but something doesn't have to be perfect in order to be better.
Seems that we can’t both get what we want.
A potential solution is that you get your anonymous phone line but my phone provider simply refuses to let you call me with it.
Of course then we need to extend the same principle to data and to IP traffic originating from your device. If you don’t want to be traceable it seems reasonable that services should have the right to refuse to handle IP traffic you generate.
Would such a half-baked level of network access suit your needs?
I don't think it's necessary to go this far. The provider could indicate something like "CANNOT VERIFY NUMBER". I imagine most people would block such calls.
Why can't you? They don't want to provide info for a credit check, you want human accountability. All that requires is for them to use a debit card for whatever service (prepaid or postpaid). Law enforcement can trace that if needed. No need for credit checks or really any other information directly in the hands of the telco.
I would like anonymous political posts to be untraceable by the government.
I can't even get all of what I want.
Most major telcos worldwide outside the US have strict KYC rules, this is not a battle you are going to win, because there are very few legitimate reasons in support.
Sure, not much money to be had by fighting that fight but basically any PAC should have the means to do this and by claiming money is at stake and not people's actual safety you do have a better chance at this not being dismissed because of how your justice system /is/.
One could argue that it's a failure of law enforcement or telcos or regulators to do enough to prevent fraud and maaaaybe bring a class action or something, but that's a massive stretch.
For example, why isn't it the default that when a telemarketer calls me it's not a video call? And why can't I preview their video stream prior to answering?
I get its "impossible" to make everyone change, but i do think we should push forwards...
This means the parents of adult scammers too. Every scammer has a mother and father who are failing them. If they were doing their jobs, this wouldn't be happening.
- It is kind of expensive,
- You are forced to provide it to many official institutions,
- It is the default or mandatory insecure 2FA for many institutions,
- It always get leaked somewhere and is one of the most common/reliable identifier.
We still have them around governments and telcos love it and old people and scammers are its last users.
Instead of the government actually trying to catch money laundering, they just make 3rd parties like banks and payment processors judge, jury, executioner. Effectively giving them the power to decide who can do business. And if they decide you can’t, you have no recourse. If the government didn’t give this power to private companies, they would have to prove in court that you are doing something unsavory. And to people saying KYC/AML works, sure. HSBC was laundering billions and these guys know how to get around KYC. You’re just screwing over common people at this point and giving banks and financial institutions power to skirt due process.
This seems so clear to me; KYC is an end run around the constitution.
But how do we stop it? If we legislate "no KYC" then what is my recourse when an imposter empties my accounts? You'd want it to be at least allowed.
But if we allow industry to require KYC "we will only deposit your pay to a verified bank account" then you may end up with de facto KYC if not de jure. But if you tell businesses they may not require it, it enables other kinds of fraud.
Legislation does not constrain people who will to do evil.
Use Monero as much as possible. If enough people adopted it, there's absolutely nothing they could do to stop it short of turning off the internet entirely. Even China, with the strictest internet controls in the world, hasn't managed to stop people paying for banned goods and services in crypto there.
We're making our law enforcement's job marginally easier, by making the criminals' job infinitely easier by creating millions of juicy PII honeypots.
No, you don't need my phone #, real name, captcha.. if you think you do, realign your incentives, and rethink what else can be used for your real need instead.
https://www.bitsaboutmoney.com/archive/kyc-and-aml-beyond-th...
https://www.bitsaboutmoney.com/archive/nonprofit-indicted-ba...
https://www.complexsystemspodcast.com/episodes/splc-financia...
https://www.complexsystemspodcast.com/episodes/defendant-cen...
In the era of Target specialized AI that can mimic voices, writing styles, communication is now fundamentally compromised without some sort of actual reform
More widely, however, there do seem to be differences that I don't know the details of. VOIP seems quite different (I use it for my old phones): DID numbers in the US seem extremely cheap and available instantly, with little information, while European ones seem to have an actual verification process and prices that would make large-scale spamming difficult.
Citation required.
Italy has mandatory KYC for all mobile numbers, and scam/spam calls are a common problem. So no, it doesn't fix the problem at all.
Spam calls frequently don't have a source in the same country as their target victim.
>AI slop art right at the start
Instant close
don't see the harm in this? isn't this already the case for 99.9% of phoneline havers already?
Back in the days of rotary phones, not only did the phone providers have your name, they even listed it, your home address, and your phone number in the white pages of the phone book, and everyone in town had a copy of it. Before the rise of microcomputers which enabled data tracking and robocalls, which in turn gave rise to demand for privacy from spam, having that information out in public wasn't a problem except for edge cases like domestic abuse victims or people in a witness protection program. The 99.9%, though, are still getting tracked no matter what, and I sometimes wonder if we've sacrificed the convenience and confidence of the phone-book age for an illusion of privacy that relies on anxiety.
I can think of a half dozen ways that can get abused. Remember that in the states policing is decentralized. There is always some department somewhere willing to abuse their power. Look at how flock has been used to stalk partners, or how geofencing was used to sweep up everyone in the area of a protest, or how stingray is used to listen to all calls in an area. This is opening up avenues of abuse for almost no benefit.
More concretely, famous for pushing data in bulk to the surveillance industry for a nominal fee. That is ostensibly the goals behind this development - all of these companies demanding phone numbers for "verification" and snake oil "2FA" want to reliably dox 100% of their users rather than just 80%.
The US seems so backwards at times.
Neither of these are true anymore.
Also, the tone is set from the top.
Do you think the current admin cares about actually tackling fraud and abuse?