A Call to Action: Stop the FCC's KYC Regime

Posted by FergusArgyll 5 hours ago

A Call to Action: Stop the FCC's KYC Regime(blog.lopp.net)

256 points | 157 commentspage 2

maerF0x0 3 hours ago|

Honestly I'm at the point where I'm like lets just kill the POTS. It makes little sense to me that it's become a sort of user ID for many things, that we have better alternatives (WebRTC, FaceTime et al) that we should push. Like where it currently says "Telephone number" i should be able to put in a URL like "webrtc://<a pseudonym for my IMEI>" (which itself could be a dropdown box for "This device" on the phone itself...)

For example, why isn't it the default that when a telemarketer calls me it's not a video call? And why can't I preview their video stream prior to answering?

I get its "impossible" to make everyone change, but i do think we should push forwards...

frollogaston 3 hours ago||

IMEI is tied to the physical phone, Facetime is Apple-specific, idk what the webrtc option would be. I'm actually glad phone won as digital ID, not cause it's the best choice but because it could've been a lot worse.

apt-apt-apt-apt 3 hours ago||

Careful, you are one capital letter 'U' away from having the FBI, NSA, SWAT team at your door!

netfortius 3 hours ago||

And how exactly are they going/hoping to do that with GV?

adolph 3 hours ago||

For background on KYC in the banking context @patio11's podcasts and essays are worth consuming:

  Patrick: Yes, so "Know Your Customer" (KYC) and "Anti-Money Laundering" (AML) 
  are mandatory elements of the international compliance regime that have been 
  in place in the United States since the early 1980s. Over time, this regime 
  spread globally, largely fueled by the U.S. leveraging the dollar as a tool 
  of foreign policy—a point where I find myself agreeing with critiques from 
  the crypto community. Their complaints about this are largely accurate. You 
  can see this clearly in the documents as these laws were passed and as 
  supranational bodies increasingly tightened regulations on banking secrecy 
  havens.

https://www.complexsystemspodcast.com/episodes/true-crime-ba...

https://www.bitsaboutmoney.com/archive/kyc-and-aml-beyond-th...

adolph 3 hours ago|

Reading this line in Lopp's article: "FCC even asks whether providers should consult lists of terrorists, terrorist organizations, and “criminal persons” maintained by law enforcement entities," brings to mind McKenzie's work describing the outsourced role of NGO's in vetting banking customers.

https://www.bitsaboutmoney.com/archive/nonprofit-indicted-ba...

https://www.complexsystemspodcast.com/episodes/splc-financia...

https://www.complexsystemspodcast.com/episodes/defendant-cen...

theturtletalks 4 hours ago||

KYC and AML are the most blatant attempts at subverting due process I’ve ever seen.

Instead of the government actually trying to catch money laundering, they just make 3rd parties like banks and payment processors judge, jury, executioner. Effectively giving them the power to decide who can do business. And if they decide you can’t, you have no recourse. If the government didn’t give this power to private companies, they would have to prove in court that you are doing something unsavory. And to people saying KYC/AML works, sure. HSBC was laundering billions and these guys know how to get around KYC. You’re just screwing over common people at this point and giving banks and financial institutions power to skirt due process.

frollogaston 3 hours ago||

"Effectively giving them the power to decide who can do business." well it's giving the government the power to decide who can do business. The banks and merchants already had that power, but now they have additional legal risk of doing business with whoever the govt doesn't like.

Ever since 2020, I've seen more stores that won't take cash, and refuse to go there on principle even if I was going to pay with card anyway.

elevation 3 hours ago||

> the most blatant attempts at subverting due process

This seems so clear to me; KYC is an end run around the constitution.

But how do we stop it? If we legislate "no KYC" then what is my recourse when an imposter empties my accounts? You'd want it to be at least allowed.

But if we allow industry to require KYC "we will only deposit your pay to a verified bank account" then you may end up with de facto KYC if not de jure. But if you tell businesses they may not require it, it enables other kinds of fraud.

Legislation does not constrain people who will to do evil.

logicchains 3 hours ago||

>But how do we stop it?

Use Monero as much as possible. If enough people adopted it, there's absolutely nothing they could do to stop it short of turning off the internet entirely. Even China, with the strictest internet controls in the world, hasn't managed to stop people paying for banned goods and services in crypto there.

greentea23 1 hour ago|||

How do you get or spend Monero without KYC? It's illegal to do so without reporting every transaction on your taxes. Maybe you can get away with it for small purchases, but with inflation the way it is, any meaningful purchase pushes you over a tax red flag line. Crypto is dead in the water legally speaking in the US.

frollogaston 3 hours ago|||

I'm all for cryptocurrency as a way to fight both KYC and money-dilution, but it's still not user-friendly. Regular people need a way to clog the gears too.

cf100clunk 4 hours ago||

KYC == ''Know Your Customer''

kelseyfrog 3 hours ago||

Parents need to parent. Full stop.

This means the parents of adult scammers too. Every scammer has a mother and father who are failing them. If they were doing their jobs, this wouldn't be happening.

frollogaston 54 minutes ago||

They're always calling from random countries anyway. Maybe we can tell (not ask) other countries to do their job and clamp down on these scam houses.

kelseyfrog 52 minutes ago||

Do they not have parents in random countries?

frollogaston 42 minutes ago||

Probably, maybe not. Yeah it'd be great if the entire world were prosperous and happy, until then we need a way to make spam calls harder.

downrightmike 1 hour ago||

A LOT of this is from the chinese triad in the Golden Triangle in Cambodia who use kidnapped people and abuse them

AtlasBarfed 3 hours ago||

Yeah if US mail is as spam compromised as it is, you can forget about phone calls ever being cleaned up.

In the era of Target specialized AI that can mimic voices, writing styles, communication is now fundamentally compromised without some sort of actual reform

phendrenad2 3 hours ago||

Let me give you an analogy: Someone keeps blaring an airhorn outside your window at 4am. It's making it difficult for you to sleep. The government, in their bountiful wisdom, decides to hold an emergency meeting, and agrees to pass a law that people need to show an ID to buy an airhorn. You're appalled. This is an invasion of privacy! You protest outside of city hall. You try to get some of your neighbors onboard, but find that they're already protesting! Their protest is demanding that the government do something about the annoying airhorns.

pona-a 3 hours ago|

The funny thing is most of the world had already pioneered the airhorn ID long ago. Very few of them saw any decrease in 4 AM airhorn activity, yet some are already well-known to arrest and harass airhorn users to international human rights observers' condemnation.

qdotme 4 hours ago||

Honestly, stop the KYC regime everywhere else.

We're making our law enforcement's job marginally easier, by making the criminals' job infinitely easier by creating millions of juicy PII honeypots.

No, you don't need my phone #, real name, captcha.. if you think you do, realign your incentives, and rethink what else can be used for your real need instead.

drnick1 1 hour ago|

Absolutely. And this is why I don't give any business my real name, phone number, or other personal information. Starbucks does not need to know my name or email to make my coffee. If a company insists on an app or some kind of registration, they lose my business, plain and simple.

cute_boi 4 hours ago|

Will this KYC reduce spam and scam calls?

stackskipton 4 hours ago||

In theory, it could help. In practice, for KYC to reduce spam and scam calls, FCC would have to be willing to drop hammer big time on people and telcos who allow it to happen. With current political climate in the US, I don't see that happening since companies would scream "Poor pitiful us" and fines would be the cost of doing business.

reddalo 4 hours ago|||

Italy had forced KYC for all mobile numbers at least since the early 2000's and no, it doesn't fix the spam/scam calls problem at all.

rockskon 4 hours ago|||

No.

inigyou 4 hours ago||

It did in every other country that did it. What's different about this one? If you get a spam call in Europe from Europe, you call the police and the spammer gets located and punished.

triceratops 4 hours ago|||

> It did in every other country that did it

Citation required.

KaiserPro 3 hours ago||

SMS farm/machines don't work in the UK at least, I suspect not even in NL

inigyou 1 hour ago||

Of course they do but every SIM is registered to your ID so it's extremely risky for you.

cge 4 hours ago||||

Europe does not consistently have KYC for phone service, at least for mobile connections. Normal phone companies in Ireland don't ask for information when buying SIMs (physical ones, at least). Some eSIM providers in Europe don't ask for information at all, and accept cryptocurrency payments. (I'm also aware that some other European countries have very different requirements, up to actually needing copies of identification.)

More widely, however, there do seem to be differences that I don't know the details of. VOIP seems quite different (I use it for my old phones): DID numbers in the US seem extremely cheap and available instantly, with little information, while European ones seem to have an actual verification process and prices that would make large-scale spamming difficult.

piltdownman 3 hours ago||

As an additional anecdote, I've never heard of a number-porting/2FA attack using social engineering or other methods in Ireland - but we have our own unique issues now with Robocalls and phishing on WhatsApp and SMS.

reddalo 4 hours ago||||

> It did in every other country that did it

Italy has mandatory KYC for all mobile numbers, and scam/spam calls are a common problem. So no, it doesn't fix the problem at all.

inigyou 1 hour ago||

From Italy or from other countries?

rockskon 3 hours ago|||

Has it?

Spam calls frequently don't have a source in the same country as their target victim.

singpolyma3 3 hours ago||

More comments...