Business

FCC phone ID proposal draws warnings from privacy groups

A proposed FCC customer ID rule for phone service has split privacy groups and banking organizations over fraud prevention, access and data risks.

Hana Yoshida

By Hana Yoshida · Markets Reporter

3 min read

FCC phone ID proposal draws warnings from privacy groups
Photo: Fortune

The Federal Communications Commission is considering a rule that would require phone and VoIP providers to verify customers’ identities before starting or renewing service. Privacy groups say the plan could effectively end anonymous prepaid phones and create new risks for people who need private communications for safety, reporting or personal reasons.

The proposal, identified by the FCC as FCC 26-27, was adopted April 30 in the agency’s robocall proceeding. The FCC describes it as a “know your customer” approach for telecom providers, similar to identity checks used in banking, according to the agency filing.

Under the proposal, carriers and VoIP companies would collect a customer’s name, physical address, government ID number and an alternate phone number before activation or renewal, according to the FCC filing. The agency says the information could support efforts to address robocalls, fraud, espionage, influence operations tied to national security and abuse on text messaging networks.

Privacy groups warn of broader effects

Sydney Saubestre, a senior policy analyst at the Center for Democracy and Technology’s Privacy and Data Project, told Fortune the proposal would force Americans to provide government identification to obtain phone service while doing little to stop advanced scam operations. She said the rule could hurt vulnerable people and remove anonymity from users who rely on it.

Saubestre also pointed to the FCC’s Safe Connections Act work, which recognizes that domestic violence survivors may need phone access that does not disclose their location or account history. She said the new proposal would conflict with that principle.

The Electronic Frontier Foundation and the ACLU raised similar objections in joint comments filed with the FCC. The groups described the plan as broad data collection that would burden law-abiding users without meaningfully cutting unwanted calls.

In their filing, the EFF and ACLU cited Federal Trade Commission findings that most illegal robocalls come from outside the United States. They also said fewer than half of U.S. telecom companies have fully adopted the FCC’s existing call-authentication standard, which the groups presented as a more focused technical tool.

Access and data security concerns

The EFF and ACLU filing said about 15 million adult U.S. citizens do not have a driver’s license and 2.6 million lack any government-issued photo ID. The groups said Black and Hispanic Americans, people with disabilities and lower-income Americans are less likely to have current identification.

The filing also criticized the FCC’s draft definition of a physical address because it would exclude P.O. boxes, mail-forwarding services and shared office space. The EFF and ACLU said those options are often used by unhoused people and domestic violence survivors who do not want to reveal a home address.

The groups also warned that requiring telecom companies to store more identity records would increase the damage from data breaches. Their filing cited AT&T’s 2024 disclosure that hackers obtained call and text records tied to 109 million customer accounts, a separate AT&T breach involving tens of millions of current and former customers, and Comcast Xfinity’s 2023 disclosure affecting nearly 36 million account holders.

The proposal has support from banking industry groups. The Bank Policy Institute, representing financial-sector interests, backed the rule in FCC comments and cited fraud and scam losses totaling nearly $200 billion in 2024, along with billions spent by banks each year to fight fraud.

Fortune reported that the FCC had not responded to its request for comment.

This story draws on original reporting from Fortune.