        Proposal by New England Telephone for "Phonesmart" Service
           (Caller ID, Repeat Dialing, Call Return, Call Trace)
               Massachusetts Department of Public Utilities
                      Proceedings 91-64, 29 May 1991


                         Testimony of CPSR/Boston

Written by Ronni Rosenberg, Ph.D., CPSR/Boston Member and CPSR Director
           Presented by Coralee Whitcomb, Chair, CPSR/Boston


Introduction
------------
Thank you for the opportunity to speak today about proposed telephone
services. I am Coralee Whitcomb. I teach Computer Information Systems at
Bentley College and am a doctoral student in the Law, Policy, and Society
program at Northeastern University. I am testifying on behalf of the Boston
chapter of Computer Professionals for Social Responsibility. CPSR is a
national public-interest organization of computer scientists. Its membership
includes a Nobel Laureate and four recipients of the Turing Award, the highest
honor in computer science. CPSR has prepared reports and presented testimony
on computer-technology issues at the request of Congressional committees.
I am the Chair of CPSR/Boston.

Most of my comments are about one proposed service, marketed under the name
Caller ID. This name is misleading, because the service identifies the
telephone used to place a call, not the person making the call. To correct
this misnomer, I refer to this service by the more accurate name Calling-Phone
ID.

CPSR/Boston takes the following positions:

* Calling-Phone ID is designed to serve the needs of businesses, not
  residential customers.

* Business needs are satisfied at the expense of residential telephone users.
  For residential users, Calling-Phone ID diminishes current expectations of
  privacy.

* Misleading marketing is being directed by telephone companies to residential
  users. The service does not provide the benefits claimed for it.

* To provide these benefits to residential users, other services are
  preferable to Calling-Phone ID.

* Calling-Phone ID should not be approved as proposed. Instead, we recommend
  modifications to the proposal. We also recommend additional services that
  would better protect the privacy of callers and would be of much greater
  value to residential consumers.

I will elaborate on these points in the remainder of my testimony.

Calling-Phone ID is Designed to Benefit (Only) Businesses
---------------------------------------------------------
Calling-Phone ID is designed for businesses, not residential customers.
Calling-Phone ID provides new ways to gather information about consumers.
Businesses can link incoming telephone numbers to reverse directories and
third-party information services. In this way, elaborate dossiers of telephone
callers may be compiled, used for marketing purposes, and sold, all without
the knowledge or consent of the callers.

Not only are telephone numbers themselves personal information, they also
provide access to other personal information. A telephone number serves as a
unique identifier for a household, an information key that allows information
about the household to be easily compiled, retrieved, and matched. Using a
household's telephone number as an identifier, businesses that obtain the
number can retrieve other information on the household through the use of
on-line directories (available from telephone companies) and numerous other
databases.

For example, the credit agencies TRW and Equifax offer as a marketing service
to "enhance" the consumer databases of other companies. A company can send its
database to TRW or Equifax and, for a fee, have it augmented with information
from the credit agency's files about the people or households in the database.
Because a telephone number is an unambiguous identifier for a household and
thus an ideal database key, a company that gives Equifax or TRW a list of
telephone numbers--gathered via Calling-Phone ID--could come away with a
wealth of new data about the households in their original database. The
privacy of residential telephone users is compromised just as effectively if
their local department store, movie theater, or pizza parlor captures their
number and either uses it for marketing purposes or sells it to another
business.

Business interests are well aware of the commercial value of Calling-Phone
ID. In March 1990, a market-research organization, TeleStrategies, held a
seminar for telephone industry executives and regulators about automatic
identification of calling telephone numbers. It is instructive to note that,
during the seminar, the debate was framed as pitting "individual consumer
privacy" against "new billion dollar marketing and productivity
opportunities." The telecommunications industry is marshalling its vast
resources to take advantage of this billion-dollar opportunity.

Residential customers, in contrast, depend on agencies like the DPU to look
out for their interests and safeguard their privacy. The public's awareness of
the extent to which information about them is being compiled, sold, and traded
as a commodity is growing, and the public is unhappy. When Blockbuster Video
announced its intention to sell information about the video-renting habits of
its customers, public and legislative outrage quickly changed the company's
mind. Last year, Lotus Development Corporation and Equifax developed Lotus
Marketplace: Households, a database containing consumer information on 120
million American households. Any PC owner who bought the product could have
used it to sort, categorize, and target households based upon characteristics
such as number of children, income, car owned, and life-style category. When
the public learned of the impending product (mainly through the efforts of
CPSR), Lotus was deluged with letters and calls from people who wanted their
records removed from the database. After receiving 30,000 such requests, Lotus
and Equifax recently cancelled the product. It is well to keep in mind that
widespread concern about privacy protection is a powerful political force.

Calling-Phone ID Diminishes Residential Customers' Privacy
----------------------------------------------------------
The central problem with Calling-Phone ID is that it infringes on the right
of individuals to control the release and use of personal information about
themselves. Telephone subscribers are entitled to decide when, to whom, and
under what circumstances their telephone numbers should be disclosed.

The proposed Calling-Phone ID service violates a central test of privacy
protection--it compels the disclosure of personal information without the
consent of the caller. Today, when a person makes a telephone call, there
is an expectation of privacy, an expectation that the caller's telephone
number--and more generally the caller's identity--will not be revealed until
and unless the caller chooses to do so. Unlike previous consumer services
Calling-Phone ID compels the disclosure of this information without the
individual's consent. This is at the heart of information privacy and the
reason so many civil libertarians and consumer advocates oppose about the
service. The controversy was well stated by the New Jersey State Consumer
Advocate, who said: "Caller ID changes the fundamental expectation of privacy
on the telephone service. Previously, if someone wanted your phone number,
they had to ask for it." It is this prospect that a new technology would
diminish our traditional expectation of privacy that is so unsettling.

The problem of destroying the expectation of privacy was revealed when
American Express, using the Calling-Phone ID service linked to its customer
database, instructed sales representatives to greet callers by name, before
the caller identified himself or herself. Callers were so startled that
American Express discontinued the practice. American Transtech avoided the
problem by not greeting callers by name. "We could do it, but we don't want
to let customers know we can capture their telephone numbers," said a company
spokesman (Privacy Journal, 4/89).

One telephone-company response is to sell Call Blocking to people who do not
want to disclose their telephone numbers. This is unacceptable, because it
is selling back the privacy interest telephone users now possess gratis.
Moreover, the per-call Blocking offered by NET is inadequate and onerous.
Customers must make an added effort for every telephone call, simply to retain
their current expectation of privacy in making calls. Instead, consumers want
strong privacy safeguards and will not be satisfied with stop-gap measures
that require them to do additional work to protect their privacy. To retain
current expectations of privacy, the telephone company must provide per-line
Call Blocking, and it must provide it as the default service.

The underlying policy question is who should bear the burden of protecting
personal privacy. Businesses have assumed they have the right to collect and
use personal information, and they have left it to the consumer to deal with
privacy issues. This view is exemplified by the limited offer by NET of
per-call Blocking. My view is that organizations, in both the public and
private sector, have an obligation not to disclose personal information
without the consent of the individual. This was the principle underlying the
Privacy Act of 1974, and it is the thread that ties together virtually all the
privacy law in this country. When you disclose personal information without
consent, or effectively compel the disclosure as the cost of having telephone
service, you have diminished the right of privacy.

Calling-Phone ID Does not Provide the Benefits Claimed for Residential
Customers
----------------------------------------------------------------------
Loose marketing statements about Calling-Phone ID have misled many consumers
about what the service really provides.

For example, Calling-Phone ID is being marketed to residential customers
largely as a means of reducing the incidence and impact of unwanted telephone
calls. Supposedly, subscribers to Calling-Phone ID will have the ability to
know who is calling them before they answer the telephone, allowing them to
screen their calls. This is a false claim. The service allows subscribers to
see only the telephone number assigned to the telephone used to make the call.
There are two problems:

1. If the calling party uses a telephone other than his or her usual
   telephone, the call recipient can draw no conclusion from the displayed
   number about who is calling. If your teenage child calls from a service
   station after her car broke down, Calling-Phone ID will not provide any
   useful information.

2. The numerical display is so "user-unfriendly" as to be useless much of the
   time. Unless you have a miraculous memory, with instantaneous recall of the
   telephone numbers of all the people who call you, you will not be able to
   convert the information displayed by Calling-Phone ID into the information
   you need, namely the caller's identity. Imagine you have rushed to your
   telephone, and you see a number displayed that you do not recognize. Is the
   caller someone you do not want to talk to, or a friend whose number you
   can't remember right away? You must decide so fast, you probably will just
   answer the telephone.

Telephone companies also present Calling-Phone ID as a solution to obscene and
harassing telephone calls, since perpetrators of such calls usually rely on
anonymity. I am sure many of us have been victims of such calls, and we are
all sympathetic to this problem. The claim that Calling-Phone ID is the only,
or best, way to reduce these calls is false. Common-sense tells us that the
most effective deterrent to crank calls is for would-be perpetrators to know
their identity can be determined easily by the authorities. The best way to
accomplish this is not to offer Calling-Phone ID but to make another service,
Call Trace, widely available and easily affordable.

We may also ask what people who receive an obscene or harassing call would do
with the caller's number if they had it. Most people would quite appropriately
give the number to the police and perhaps to the telephone company. Though
telephone companies seem to want customers to handle harassing calls
themselves, I believe few people want to call back and confront their harasser
or obscene caller. The argument that residential telephone users want to see
the numbers of harassing callers is a marketing device that does not reflect
consumer needs. Consumers want these calls to cease and, at least some of the
time, the perpetrators to be caught and punished.

As someone who knows a lot about computer system design, I can say with
confidence that Calling-Phone ID is a terrible design: It forces people to use
numerical codes intended primarily for machine-to-machine identification, when
instead we should be designing systems--including the telephone system--to
conform to human needs. Furthermore, it provides the wrong information for
its users' purposes. Calling-Phone ID is not the "electronic peephole" that
it is often said to be by telephone companies. A more apt analogy is that
Calling-Phone ID gives people the license number of the car that just drove
into their driveway, from which they must decide whether to open their door.

I do not doubt many residential telephone users say they want Calling-Phone
ID. Thanks to the telephone company's powerful marketing, many consumers
mistakenly believe Calling-Phone ID will help them control who calls them.
Residential users do not understand the limitations of the service for
their purposes or its usefulness for marketing purposes. Moreover, they are
unaware--because the telephone companies choose not to publicize this--that
there are alternatives to Calling-Phone ID that are more useful to individual
customers and less destructive to their privacy.

Other Services are Preferable to Calling-Phone ID for Residential Customers
---------------------------------------------------------------------------
Telephone companies are attempting to convince the public that the only
alternatives are Calling-Phone ID or nothing. That is not true. If they wanted
to, telephone companies could provide services that would help residential
users screen calls and reduce the incidence of unwanted calls, while avoiding
the privacy problems inherent in Calling-Phone ID. The argument that
Calling-Phone ID provides much value to residential customers is eroded by
the availability of other services that solve many of the problems that
Calling-Phone ID purports to solve, better than Calling-Phone ID and without
undermining personal privacy:

* Call Trace is designed specifically to deter harassing and obscene telephone
  calls.

* Last Call Return can be used to return missed calls, talk to parents of
  children who make crank calls, and so on.

* Answering machines can be used to screen calls more accurately and with
  fewer errors than Calling-Phone ID.

* Priority Ring, in which calls from certain numbers are given a distinctive
  ring, can be used to assure that certain calls get answered.

* Call Rejection can be used to control the calls that one will accept, for
  example, to reject calls with Calling-Phone ID Blocking. Although it is not
  discussed nearly as often as Calling-Phone ID, Call Rejection is a critical
  component of a truly useful residential customer service package, by giving
  call recipients greater control over the invasion of their privacy from
  unwanted telephone calls.

None of these services reveals anyone's telephone number without their
consent.

In addition, new services could virtually eliminate privacy problems while
vastly improving the usefulness and accuracy of the information for
residential call screening. A real version of Caller ID would be a welcome
service.

One type of real Caller ID would work as follows: When placing a call, callers
would optionally provide an identifying name or other text (by inserting a
card or typing on a keypad). This identifying text would be transmitted to the
called telephone. Whether the identifying text is "John Quigly" or "Grandma,"
it is much more useful and useable to the call recipient than the number of
the calling telephone, or even the billing name associated with that number.
On the other hand, the identifying text would not be useful to collectors of
marketing information, because it would not be unique across the telephone
network. Callers could opt not to identify themselves and, as with
Calling-Phone ID with Blocking, call recipients could choose to reject
unidentified calls.

A second real Caller ID service would use voice instead of text to identify
callers. When placing a call, a caller would be asked to (optionally) record a
brief voice message that would be played for the call recipient when he or she
picks up the telephone. When you answer the telephone, you might hear "It's
Aunt Bessie," "John Smith, ACME Insurance," or "unidentified caller." Voice
recordings are virtually useless as database keys, and thus are an improvement
over telephone numbers from the perspective of privacy protection. Voice
recordings would be very useful to call recipients, as they would enable
virtually error-free identification of callers. Voice identification also
avoids the need for special equipment at the originating or receiving end of
the call.

In a third scheme, instead of typing a name, inserting a card, or recording a
message when placing a call, callers would enter their own telephone number.
The telephone company would translate your number into text or recorded voice
that you specified previously should be used to identify you. The company
would transmit only your specified identification information (not the number)
to the call recipient. No matter whether you call from home, work, or a gas
station in the middle of nowhere, the call recipient knows it is you calling.
As before, if a caller chooses not to identify himself or herself, the call
recipient can reject the call.

These three hypothetical schemes identify callers to residential customers
better than Calling-Phone ID does, allowing much easier and more accurate call
screening. The essential feature of these alternatives is that they provide
exactly the information needed to identify the caller to the call recipient,
and no more information. This is an essential requirement for giving call
recipients what they need without compromising caller privacy. In contrast,
Calling-Phone ID provides an identifier that is better suited to be a database
key than to identify callers.

Conclusions
-----------
Technical possibility is not the same as good public policy. Our system of
government, through the regulatory framework, is designed to ensure that
citizens have a say over technical forces that affect their lives. We depend
on lawmakers to draw boundaries around technologies that could make our lives
less secure, and this includes personal privacy. It would be a mistake to
assume that because something can be done, it should be done.

I get many unwanted calls, and I would like better ways to screen them.
Since the overwhelming majority of these unwanted calls are marketing calls,
however, you will understand if I am not enthusiastic about a proposed
"solution" to my call-screening problem that--besides being inaccurate and
unusable--would give my telephone number to even more businesses.

No telephone number should be disclosed without the knowledge and consent of
the telephone user, except in emergency situations. If a person does nothing,
subscribes to no new service, selects no new feature, his or her current
expectations of privacy should remain unchanged. That is the threshold test
for evaluating the impact on privacy of Calling-Phone ID.

The privacy interests of both the call originator and call recipient can
be accommodated. Call originators should have the right to decide when to
disclose their telephone numbers, through per-line and per-call Call Blocking.
Call recipients should have the right to decide whether to accept calls,
through Call Rejection.

Currently, per-line blocking is provided by default to all customers, without
charge, because Calling-Phone ID is not available. Any weakening of this
policy takes a service away from customers. One should have to explicitly
choose to allow one's telephone number to be displayed to the call recipient.
In this way, the burden of action is placed appropriately, on those who wish
to provide additional information, rather than on those who do not.

Recommendations
---------------
The following modifications are required to make the proposed Phonesmart
service acceptable:

1. Per-call and per-line Call Blocking should be provided to all telephone
   customers, gratis.

2. Per-line Call Blocking should continue to be the default service for all
   telephone customers. That is, current telephone subscribers who do nothing
   should receive free per-line blocking.

3. Per-line and per-call Call Rejection should be provided to all telephone
   customers, for a nominal monthly fee.

4. Call Trace should be provided to all telephone customers, for a nominal
   per-use fee (e.g., Florida and Indiana are considering $1 per use) and no
   monthly fee.

In addition, CPSR/Boston believes that the telephone company should obtain
customers' approval before using customer information for any purpose other
than that for which it was collected. The telephone company always should tell
customers why they are collecting information, and they should not require
that customers agree to blanket use of information or to uses not directly
related to the provision of local common-carrier telephone service, connection
to long-distance services, long-distance billing, or 911 emergency service.

Finally, I urge the DPU to send the telephone company back to the drawing
board to develop a true Caller ID service, one that meets the real needs of
their residential customers, both for screening calls and preserving caller
privacy.

Acknowledgements
----------------
I would like to acknowledge the substantial help of CPSR members Marc
Rotenberg, Jeff Johnson, and Erik Nilsson, and the CPSR/Boston Executive
Committee.

For More Information
--------------------
CPSR/Boston, P.O. Box 962, Cambridge, MA 02142

Ronni Rosenberg, 67 Highland Avenue, Cambridge, MA 02139,
e-mail: ronni@ksr.com

Coralee Whitcomb, 18 Centre Street #102, Cambridge 02139, 617-864-7329,
e-mail: cwhitcomb@bentley.bitnet

