[Speech text] "Telephone Privacy in the 1990's" Marc Rotenberg, Director, Washington Office Computer Professionals for Social Responsibility 1025 Connecticut Ave. NW, Suite 1015 Washington, D.C. 20036 (202) 775-1588 United States Telephone Association September 13, 1989 Washington, DC Thank you for the opportunity to speak today about "Telephone Privacy in the 1990's." With the current debate surrounding the introduction of a particular CLASS feature -- Automatic Number Identification or "Caller ID" -- it is worth a close examination of the privacy interests at stake and the responsibilities of the telephone companies as we look to the 1990's and the possible introduction of a wide range of new telephone features. I will make three points this morning about the Caller ID controversy. The first is that the Caller ID service is unlike previous services offered to consumers because it compels the disclosure of personal information, without the consent of the caller. This is at the heart of information privacy and the reason that so many civil libertarians and consumer advocates are concerned about the service. The second point is that what is technically possible is not the same as what is good public policy. Our system of government, through the regulatory framework, is designed to ensure that citizens have some say over technical forces that affect their lives. The protection of the environment and public safety depend on the efforts of lawmakers to draw boundaries around technologies that could make our world less safe, our lives less secure. And this includes personal privacy. It is a mistake to assume that simply because something can be done it should be done. The third point is that the consequences of widespread concern about privacy protection can be a powerful political force. Although we have not recently experienced in this country such a movement, the experience in other countries indicates the need for adequately addressing privacy issues as we move toward the next decade. Based on the recent actions of the various phone companies, the public response to the caller ID service must have came as something of a surprise. Pacific Bell held off on its plans to introduce the service, and has chosen instead to undertake an eighteen month study with various focus groups to assess the privacy issues. New Jersey Bell is pressing forward though has faced widespread criticism. Two others BOCs, Southwestern Bell and South Central Bell, have avoided the controversy by simply not offering Caller ID. [1] What is it about this service that has sparked such controversy? I think the answer was well stated by the New Jersey State Consumer Advocate who said, "the caller ID changes the fundamental expectation of privacy on the telephone service. Previously, if someone wanted your phone number, they had to ask for it." It is this prospect that a new technology diminishes the traditional expectation of privacy that is so unsettling. There are a number of organizations, individuals, and members of Congress who are rightly concerned about this problem. In fact, the most important group may be the large number of your own subscribers who have chosen to have their phone numbers unlisted precisely because they are trying to protect their phone numbers from public disclosure. The Caller ID service will, in effect, advertise the phone number with every call. The Caller ID service, in its common form, violates a central test of privacy protection -- it compels the disclosure of personal information without the consent of the caller. Whether or not you subsequently decide that there are other worthwhile goals served by the Caller ID service, it's worth stopping at this point and understanding clearly the privacy problem. Today, when a person makes a phone call there is an expectation that the caller's phone number -- and more generally the caller's identity -- will not be revealed until the caller chooses to do so. This establishes an expectation of privacy on which people base their action, express themselves, and control their identity. The problem of destroying the expectation of privacy was revealed when American Express, using the ANI service, instructed sales representatives to greet callers by name, before the caller identified himself or herself. Callers were so startled that American Express discontinued the practice. American Transtech avoided the problem by not greeting callers by name. "We could do it, but we don't want to let customers know we can capture their telephone numbers," said a company spokesman. [2] It's been suggested that a blocking service could be sold to those who would prefer that their numbers not be disclosed. This reminds me a little of the arms merchants -- you sell one side the ability to collect the call data and you sell the other side the ability to block the collection of the call data. I'm not the only person who has noticed this -- one consumer advocate remarked at a meeting in Washington a few months ago that Caller ID is not so much about technology as it is about economics. The underlying policy problem is who should carry the burden for protecting personal privacy. Unfortunately, in my opinion, large companies have assumed that they have the right to make use of personal information, and have left it to the consumer to, first, find out about the practice, and, second, to object. My view is that large organizations, both in the government and the private sector, have an obligation not to disclose personal information about individuals without the consent of the individual. This was the principle underlying the Privacy Act of 1974 and it is the thread that ties together virtually all of the privacy law in this country. When you disclose personal information without consent, or effectively compel the disclosure as the cost of using the phone service, you have diminished the right of privacy, our most fragile freedom. Several responses to the privacy concerns about the Caller ID service have been put forward. One is that, like a peephole, the Caller ID service provides the receiving party with greater control over phone calls. According to this description, a peephole provides an opportunity to determine who is knocking at your door before you decide whether to open it. Certainly, you wouldn't open your door without a quick check. Similarly, the argument goes, a person should not let someone into their home phone without checking the identity of the caller. From the privacy viewpoint, you can even bolster the argument by underscoring the importance of the home as the last defense against intrusions by others into one's personal sphere. This is a compelling analogy but it doesn't quite work. Calling may be the next best thing to being there, but it is not the same thing. There is simply no threat of physical assault, theft, or destruction from a phone call. I do not mean to understate the problem of harassing or obscene phone calls, but there are a number of ways to respond to these problems, including call tracing, that do not require Caller ID. [3] It also seems unlikely that the service will discourage the persistent, and perhaps the most dangerous, callers. In fact, one of the more unsettling problems with Caller ID may be the ability for a caller to disguise the actual source of the call. But, still, it is worth noting in the peephole analogy that the receiving party gains some information about the calling party, and, like with the phone answering machine, is able to exercise greater control over incoming calls. Another response is that you can sell a blocking service to those who would prefer not to disclose their phone numbers. This is unsettling because it essentially is the selling back of the privacy interest phone users currently possess. It also raises a reoccurring problem in privacy protection -- that is requiring the customer to carry the burden for protecting privacy. A final and popular defense of the Caller ID service is most troubling. A number of people within the phone industry that I have spoken with have said that the solution to privacy concerns about Caller ID is "public education," or, according to one trade publication, "the launching of a widespread campaign to inform callers of new limits in their calling anonymity." [4] This is disingenuous. To use an admittedly extreme example, after the Valdez oil disaster, Exxon had a big public relations problem, but they had the good sense not try to tell the public, "Travel Tip: Don't Visit Alaska, it's not as pretty as it once was." Similarly, caller ID didn't fall from the sky. Your engineers developed the technology, your managers figured out how to market the technology, and you are trying to decide how to promote the technology. You carry the responsibility for its impact and its consequences. To quote Thomas Edison, "What man makes with his hands, he can control with his head." This ties into my second point - technical possibility is not the same as permissible policy. It is never sufficient to say that technology has made possible these changes therefore we should employ them. There are plenty of technologies for reading the contents of a sealed letter. But to do so is against the law. Part of the challenge facing policy makers and organizations such as CPSR is to assess the benefits and risks of new technologies and to determine where appropriate lines should be drawn. Each new information technology requires a careful examination to assess its impact on personal privacy. This is the lesson of privacy legislation in the 1980's. For example, as the cable industry took off in the early 1980's, concern about the privacy of subscriber information also grew. In 1984 a law passed to ensure the protection of subscriber information. Electronic mail, a great boon to communications, also raised concern about the security of the contents of electronic messages. The Electronic Mail Association was as worried as it customers, perhaps moreso, because of the concern that a new mail service would not be very useful if privacy could not be assured. The Electronic Communications Privacy Act of 1986 responded to the need for privacy protection for this new form of communication. And, when a nominee to the Supreme Court found that his choice of videos that he watched with his family in their home became the subject of an article in a local newspaper, Congress looked at the new technology and developed legislation to protect the rental list of video users. In each instance, it seems clear that Congress is ready, willing, and able to assess the privacy implications of new technologies and to adopt appropriate legislative safeguards. There is little reason to believe that it would be different with the phone companies, if they are unable to resolve the privacy concerns to the satisfaction of phone customers. But there is more here than the potential regulation of just this one service. My guess is that the Caller ID issue is the beginning of a long public policy debate over the use of personal information by the phone companies. It is clear that you are sitting on a goldmine of transactional information. AT&T has freely admitted that the 800 phone service created the telemarketing industry. But, it seems, you may well go further. If I call a restaurant today to make a reservation for Friday night, you could probably extract some commercial information, just from my identity and the restaurant's identity. And, of course, the Caller ID service is not of much value without a reverse subscriber directory that would make it possible to translate the phone numbers into the name and location of the calling party. I don't mean to give you any ideas. I'm sure you've already thought of these possibilities and others. But not many people have yet discussed these issues and the public understanding of how transactional information is collected and exchanged has only recently picked up. I want to warn you as the public becomes aware that you are selling this information, without their knowledge or consent, you may be heading for one of the biggest privacy showdowns we've ever had in this country. And I can tell you right now what the slogan will be: "From Ma Bell to Big Brother." You should not underestimate the willingness of people, if they believe that personal information is misused, to go to almost any length to stop the practice. The 1980 West German census is a case in point. In West Germany, growing concern about the use of personal information by the national government led to widespread opposition by many who simply refused to fill out census forms. As the government tried stiff criminal sentences to enforce compliance, census protesters went to jail rather than comply. Failing to fill out the census was an act of civil disobedience, comparable to mixed groups eating at segregated lunch counters in the South during the 1950's. Eventually, the government backed down when the Constitutional Court cancelled the decennial census because the government had failed to protect individuals right to privacy. [5] And West Germany is not the only example of this. In Australia, the battle over a national identification card nearly led to the collapse of the national government. And in Sweden, France, and Canada, information privacy is carefully monitored by national boards with authority comparable to the FCC in the United States. Simply stated, the politics of privacy is a potential powder keg. So, here are my recommendations. First, if you go forward with the caller ID service make sure that no telephone number is disclosed without the knowledge and the consent of the phone user, except in emergency circumstances. If a person does nothing, subscribes to no new service, selects no new feature, his or her current expectation of privacy should remain unchanged. That will be the threshold test for evaluating the impact on privacy of this new service. Second, "reach out" and involve consumer advocates, privacy experts, and your customers in the process of developing new services that expand the usefulness and value of the phone network without undermining traditional civil liberties interests. There are no doubt many new services that customers would welcome that do not raise the privacy concerns of Caller ID. Third, steer clear of the personal information business. This will be a privacy minefield and make the current debate over caller ID look like a small border skirmish. There are certainly enough other possible ways to expand the use of phone networks without selling personal information. If customers learn that their routine phone calls are the basis for unsolicited advertising, they will come to mistrust the phone service. You may also find yourself caught in the net of efforts to regulate other industries directly involved in the sale of personal information. Having raised these privacy concerns, let me make one final point about the importance of the integrity of the phone system. The telephone may be one of the greatest inventions for democratic society, comparable perhaps to the printing press. It provides a ready means of communication, at little cost, for virtually anyone in the country. Even with the growth of all the recent features, the phone remains essentially the same to the banker and the bus driver. It is a tool of democracy and the mechanism of social discourse. It would be unfortunate if the trust that we place in the integrity of the phone system and our dependence were undermined by the rush to commercialize personal information. In the long-run, I believe, it would be a loss for us all. ===================================================================== End of speech. Footnotes within the speech by Mr. Rotenberg are enumerated in the listing below: 1 "Privacy, Market Concerns Delay CLASS Roll-out in California," State Telephone Regulation Report, April 1989, at 7. 2 "Automatic Number Identification," Privacy Journal, April 1989, at 5. 3 "The End of Phone Number Confidentiality?," Privacy Journal, June 1989, at 1. 4 Network World, May 1, 1989. 5 David F. Linowes, Privacy in America 8 (1989).