[misc.handicap] New Abuses of Caller-ID

34AEJ7D@CMUVM.BITNET (Bill Gorman) (06/20/91)

Index Number: 16248

The following article, reposted here by permission, may be of interest
to those concerned with collection and abuse of personal data in
the proliferating data bases out there.

It strikes me that the technique of looking up a caller before answering,
as described in the following article, would have a terribly great potential
for abuse in screening out calls from the disABLED on the old, racist
idea "what one of THEM do with.../how could one of THEM afford..." etc.

Perhaps I am wrong.

Perhaps it will snow in the Sahara.

Sez me,

W. K. (Bill) Gorman

----------------------------------------CUT HERE--------------------------
|Date: Tue, 11 Jun 91 18:59:08 PDT
|from: lauren@vortex.com (Lauren Weinstein)
|subject: Caller ID -- The Risks are already here!
|
|The Caller ID (CID) situation in California is still undetermined, other than
|that per-call CID blocking will definitely be provided at no charge, since this
|has been mandated by state law.  It is decidedly unclear whether or not such
|blocking will be effective on interstate calls, since such calls are an FCC,
|not PUC (Public Utilities Commission), matter.  A similar unclear situation
|exists with regard to 800 and 900 calls (remember that most 800 calls already
|have CID attached to them, at least on customer bills--and you can sign up for
|instant delivery of the caller numbers if you want them).  Current rules seem
|to imply that CID blocking will not apply to 800/900 calls.
|
|I recently sent a letter to the California PUC promoting the need for per-line
|CID blocking, and asking a number of questions regarding call-return operations
|when the original caller had blocked their CID (the key question: since it is
|proposed that call-return would still function in this case, what number would
|show on the phone bill of the person activating call return in the case of
|message-unit and toll calls?  Would it be marked "private"?  Would only a
|partial number be shown?
|
|As for per-line blocking, I feel strongly that subscribers should not be
|required to take *extra* steps to maintain a level of privacy that they have
|already come to expect over the years.  Particularly when people are in unusual
|locations, or under stress, elderly, in a hurry, etc., they are the least
|likely to remember about dialing special codes--even though they might
|especially need their number privacy in those situations.  Nor should
|subscribers be forced to purchase special equipment to dial blocking codes for
|them when they're calling from their "normal" location.
|
|I have proposed that all unlisted/non-published numbers have caller-ID blocked
|by default, with all subscribers offered a one-time opportunity to choose the
|mode (blocked or unblocked) that they prefer without charge, after which
|further changes in the per-line CID blocking status would be subject to a fee.
|I have also proposed the availability of codes to change the per-line CID
|blocking status on a per-call basis (both for enabling and disabling CID).
|
|There is a fascinating publication that relates to all of this.  It was
|originally provided to me by a company that builds equipment for CID number
|capture (Automatic Number Identification -- ANI capture).  While it is
|primarily oriented toward use on existing 800 ANI capture systems, it is
|obviously looking forward to full-scale CID availability for non-800 calls.
|
|The publication is called "Inbound/Outbound" -- "Using Technology to Build
|Sales and Deliver Customer Service".  It was a supplement to "Inbound/Outbound"
|magazine from July 1990.  It is heavy on the promotion of MCI ANI delivery
|systems, which isn't surprising when you notice that the publication was
|prepared under the direction of MCI employees.  Many manufacturers of ANI
|related equipment and systems (including name/address database lookup services)
|have ads within.
|
|It is a veritable cornucopia of endless praise for ANI/CID systems--I was
|unable to find a single negative statement concerning these systems.  As far as
|they are concerned, ANI/CID is the best thing to happen to sales since the
|invention of the phone.  There are database services who can search between 60
|and 90 million name/address entries "instantly" over networks in response to
|incoming ANI phone number info, and others who will take a tape or floppy and
|get you the info "offline" at a lower price.
|
|One of their suggested applications for ANI/CID is hanging up on or refusing to
|answer calls from "suspicious" phone numbers with which you've had problem
|calls in the past (the RISKs are obvious).  Another is recognize the phone
|number of your better customers and route them to operators ahead of all the
|other poor slobs waiting for assistance.  Yet another is call back people who
|hang up without waiting for an answer on your sales lines.
|
|Overall, they list a range of applications (including various authentication
|applications) that seem to imply that (1) Everyone wants everyone to know who
|they are when they make a simple call, (2) Your customers will always call you
|from the same phone number, and you have the right to call them back on
|whatever number they happen to call you from, and (3) People hardly ever change
|their phone numbers.
|
|They also throw out the usual arguments about the use of ANI/CID in emergency
|situations, even though we all should know by now that 911 services are exempt
|from CID blocking.
|
|Most of the associated privacy RISKs with this technology have been discussed
|in this forum before, but I want to emphasize the incredible degree to which
|the intertwining of ANI/CID and database services can result in instant
|information about the caller (or rather, about the caller's phone number!)
|being provided to the entity being called, (though not necessarily accurate
|information, of course!)
|
|Not only can name/address be provided from the caller phone number, but also
|other nifty data such as "dwelling unit code" (what kind of residence are you
|living in?  Do you live in a "bad" part of town?)  and "wealth code" (are you
|rich?  Does the company even want to bother talking to you?), and numerous
|others.
|
|There is also apparently talk of connecting into the credit inquiry databases
|so that, essentially, when you call a firm, it is possible that everything
|about that call will have been determined based on the voluminous information
|they were able to dig up from your phone number during a couple of rings!  How
|you will be treated, who will answer your call, how long you wait in the queue,
|what they will say to you, and a range of other decisions can be made before
|you've said *one word* -- all based on the phone number from which you're
|calling, with all the issues of privacy and accuracy that accompany such a
|scenario.
|
|And remember--this is happening *right now*.  These services exist today; they
|can be subscribed to immediately.  Your area does not need to have local CID
|for your number to be transmitted via 800 or 900 calls--in fact, about 90+% of
|the phones in the U.S. are already transmitting their numbers on 800 and 900
|calls.  As more areas achieve "equal access" long distance carrier status, that
|number will eventually reach 100%.  Local CID blocking will probably *not*
|block the delivery of your number via 800/900 calls under the current rules,
|though the definitive status of such calls remains unclear.
|
|We need federal legislation to address these issues, and we need it now.  These
|concerns can not be dealt with effectively on a local or state basis.  It's up
|to those of us who are aware of the dangers inherent in these systems to make
|our concerns known and push for appropriate improvements in the Privacy Act and
|other related legislation.
|
|Please feel free to contact me if you'd like further information about any of
|these topics.
|                                      --Lauren--