💾 Archived View for spam.works › mirrors › textfiles › phreak › cpid-ani.dev captured on 2023-06-16 at 19:42:27.

View Raw

More Information

-=-=-=-=-=-=-



                            CPID/ANI Developments



The introduction of calling number identification and delivery
services over the past two years, first by the interexchange carriers
and now the LECs, have not been the only developments to provoke
concern over telecommunications-related privacy issues.  Growth in the
use of analog wireless services and, of course, the burst in "junk
calling" made economical by recent long distance rate reductions are
certainly also factors.  But the new Caller*ID and ANI delivery
services share primary responsibility for the unprecedented level of
state and federal legislative and regulatory activity seeking to
strengthen all forms of privacy protection.  Because of the ease of
public access to state regulatory forums and the high profile
currently enjoyed by telecommunications generally, the telephone
industry -- much more so than, for example, the direct mailers, the
credit/collection industries, or other personal data manupulators --
has become the focal point of public criticism concerning issues
affecting perceived personal privacy.  This is, without question, a
good and healthy development, perhaps even long overdue.
 
The telcos' recent cavalier attempts to introduce new caller
identification services as though "nothing has changed" now face
hostile challenges, even adverse backlash, with potential technical
and disappointing economic consequences.  For example, network
technology and new revenue generating applications are being
threatened by popular but naive state and federal proposals which
would mandate calling number blocking at the caller's option while
refusing to recognize that this solution is not technically feasible
with most forms of CPID delivery -- not even with the most
sophisticated ISDN-based delivery methods.  (ISDN protocol allows for
the insertion of a "privacy code" in the data stream, but nevertheless
delivers the private data across the network on the presumption that
the receipient will honor the "code".)
 
Although Caller*ID and other similar Calling Party Identification
(CPID) services so far have been approved in more jurisdictions than
have turned them down, it is apparent that momentum is building
against their deployment, at least in their intended mode -- that is,
on a universal, nonoptional basis without number blocking.  The
proponents of ubiquitous CPID delivery appear to be at a loss to come
up with a publicly acceptable yet cost effective technical or
alternative service solution to the publics' privacy concerns which
would not also substantially undermine CPID functionality and its
commercial and private utility.

Specifically, the public's privacy concerns seem to have settled on
the three obviious: (1) protection of the caller's need or desire
under particular calling circumstances not to disclose the number from
which his/her call is originating; (2) a perceived telephone company
duty to avoid all forms of unwarranted number disclosure on behalf of
those who have subscribed to and rely on nonpublished and unlisted
telephone number service; and (3) control over the use and
dissemination of CPID information delivered over the network.
 
But despite its best intentions, to date CPID proponents have been
able to agree only on the following meager suggestions: (1) promotion
of the use of telephones, calling card and local operator services as
means by which callers can avoid disclosing their telephone number;
and (2) help agencies and institutions requiring protection against
number disclosure or unwanted "call backs" should order service from a
designated local exchange set aside by the LEC to guarantee number
anonymity, or subscribe to so-called outward-only exchange services.
(While the US West operating companies have acquiesed to requiring
nondisclosure agreements from noncarrier recipients of CPID
information as a method of containing abuse, this practice is far from
considered acceptable by the carrier industry generally.)
 
The first set of alternatives leaves an impression of arrogance and
insensitivity to the practical needs and circumstances of callers
desiring number anonymity.  The second alternatives are not
universally available and will involve added line costs to the help
agencies.  As for controls limiting re-use and resale of network
generated information, the CPID providers fear that these would
undermine the usefulness of CPID information to a large segment of the
potential commercial market.
 
Calling number blocking is surfacing as everyone's suggested answer to
the number anonymity problem.  While both selective call-by-call or
calling line number blocking on all calls are technically feasible,
they tend to deminish the utility of CPID services for present and
planned applications.  However, CPID proponents appear willing to
accept very limited blocking provided it is extended only to certain
categories of customers and call-based help services, such as hot
lines.  But this solution could prove impossible to administer and
might even be unlawfully discriminatory under existing regulatory
statutes.
 
The lack of significant progress after nearly two years of wrestling
with the CPID privacy issues suggests the need to exhaust and possibly
mandate nontechnical approaches.  These might include the following:
 
First, there should be strict institutional controls limiting the use
of CPID and other telephone generated data and information, and
restricting telemarketing call practices.  Such controls could be
industry self-administered or, if this proves to be ineffective, they
could be prescribed by regulators and set forth in the telcos'
exchange tariffs.  In either case, consensus on specific conduct
guidelines will not be reached among industry participants alone
without the intervention of either legislators or regulators.  Thus,
it behooves the CPID advocates -- both providers and potential users -- 
to move in this direction and embrace outside intervention in
developing a code of conduct quickly, before short-sighted technical
restraints or other absolute prohibitions are immposed and become
irreversible.
 
Second, there should be a widespread CPID public awareness campaign
sponsored by CPID providers and supported by all commercial users of
such services and those who manufacture or sell products capable of
receiving or capturing CPID data.
 
Third, the industry should adopt a simple, universally recognisible
symbol (such as the asterick) which can be printed in association with
the publication or other promotion of any telephone number which is
equipped to capture CPID information.  The purpose of this symbol
would be to alert callers that their number or other network
identifiable information might be captured or recognized by the called
party.  It would appear in directories and in all ads or other
promotions involving display of numbers equipped to receive CPID
information.
 
Finally, if and where CPID blocking is prescribed, it should be
offered only to existing subscribers and only for a reasonable
transitional period.  Blocking should not be offered to new or changed
subscribers, and should be phasessd out for grandfathered subscribers
after a reasonable period has been allowed for all customers to become
familiar with the fact that new and evolving telecommunications
capabilities and services can no longer assure number anonymity.  (New
and relocating subscribers would be informed that there can no longer
be an automatic expectation of caller anonymity with normal uses of
the telephone network.)
 
Meanwhile, the publicity evoked by Caller*ID has had a multiplier
effect.  It has stimulated public policy debate, first at the state
and now the federal level, on telecommuications privacy issues
extending beyond just the original question of caller anonymity.
This, in turn, has resulted in an unprecedented number of legislative
and regulatory proposals and even judicial proceedings which , if not
effectively addressed by knowledgeable and interested parties, could
lead to a patch quilt of unworkable or ineffective new laws and
regulations which fall short of satisfying either sides' best
interests and which could have unintended and disappointing results.
 
The most recent step targeted at curbing the spread of CPID/ANI
deployment without controls was the introduction of Senate Bill S.
2030 by Senator Kohl (D.WI) referred to as the "Telephone Privacy Act
of 1990".  This bill would amend The Electronic Privacy Act of l986 to
require that any provider of telephone services which include a caller
identification delivery capability must also furnish, at no additional
charge, the capability for the caller to prevent the "dissemination of
their telephone numbers to persons of their choosing."  Civil remedies
would be made available to persons aggrieved by violations of the new
law.  According to Senator Kohl, the purpose of the bill is not to
curb technology, but to open debate on telecommunications-related
privacy issues generally.
 
Moving in this same direction, Dr. Bonnie Guiton, Special Advisor to
the President on Consumer Affairs, has convened a task force of
industry representatives, known as the Privacy in Telecommunications
Working Group, to make recommendations to how to proceed in this
emerging privacy area.  (I have been invited as a member of the task
group).  While the Kohl Bill and CPID/ANI issues generally fall within
the scope of the task force assignment, it will address all areas of
telecommunications privacy-related matters.