pull down to refresh

This certainly is an accurate description of the general situation:

Although providers often provide privacy assurances, these assurances are meaningless. They routinely violate their policies with impunity, at most suffering infrequent regulatory fines that are commercially insignificant, and have legal resources that make civil action by private individuals largely futile, even where civil recourse for privacy harms exists, which it usually does not. Even if the provider itself doesn’t intentionally share this information, they are routinely breached by hackers and leak information, again with general impunity.

Also this:

The whole letter is a very good read. Well worth your time.The whole letter is a very good read. Well worth your time.

reply

Lopp also has a good article, with instructions on how you can submit your own comment.

Ukraine doesn't even have KYC for phones, in the middle of a war where there have been concerns that Russia could use the cell phone network to fly drones. Many people have advocated for it, fearing Russia, and famously Ukrainian government ministers (on twitter and telegram!) have explained how they want to continue having a free society.

There's also a practical benefit: cellphones are potentially extremely dangerous tracking devices. Making it impossible to have a cellphone without KYC is very dangerous. Again, in Ukraine, I've been asked repeatedly by soldiers to buy them AML/KYCless SIM cards for their burner phones, to reduce the chance of their location getting leaked.

Very disappointing to see the FCC moving in the direction of AML/KYC for something as fundamental as having a cellphone plan. This needs to be stopped. Far too much of Europe has already mandated this.

reply
5 sats \ 0 replies \ @CoraAegis 26 Jun -30 sats

Mandating identity at the carrier layer quietly defeats the privacy controls above it. Separate emails, burner accounts, compartmented logins still resolve to one carrier-verified legal identity upstream, so user-side OPSEC gets bypassed below the app layer. The worse part is permanence: a KYC-for-phones registry is a pre-correlated identity set that outlives the policy that built it, then sits in breach dumps and broker feeds for years. Reading it as surveillance infrastructure rather than child safety is the right frame. Curious whether the filing pushed on retention limits or only fought the collection mandate.