Rep. Speier Wants To Register Every Prepaid Phone Purchase, In Case Someone Bad Uses One As A Burner Phone

from the post-Paris-panic-continues dept

First, the legislators came for encrypted phones, because terrorists were apparently using encryption. (Except they weren't.) Now, they're coming for prepaid phones. Sure, customers will still be able to buy prepaid phones. They'll just have to "register" with their local retailer in order to do so.

A bill proposed in congress this week would require that all users provide identification and register prepaid ‘burner’ phones upon purchase.

[...]

Representative Jackie Speier, the congresswoman who introduced the bill, called the prepaid phone “loophole” an “egregious gap in our legal framework,” one that allowed terrorists and criminals near-complete autonomy and a means for private, anonymous communications.
This "loophole" has existed for years. There's nothing new about burner phones. The only thing "new" is that these were used by the terrorists who attacked Paris. So, of course, a legislator has decided to do something about it.

What exactly will be done remains unclear. The bill has yet to arrive in written form. But it has, sight unseen, been referred to three House committees and enjoyed a full-page press release from Rep. Speier.
The Closing the Pre-Paid Mobile Device Security Gap Act of 2016 would place the same identification and record-keeping standards on pre-paid mobile devices as the ones that already exist on traditional contract mobile devices. When customers buy a traditional contract-based phone, they provide basic information such as a name, address, and date of birth, which law enforcement can request with a warrant in order to stop terrorist attacks or other illegal activity.

This bill would direct pre-paid cell phone retailers to collect basic ID information at the time of purchase and share that information with the cellular provider for that individual device. The information would be verified using a credit card, debit card, social security number, driver’s license number, or other information that the Attorney General finds adequate in order to have some record of the transaction. Pre-paid “burner phones” were used in the 9/11 attacks, the failed Times Square bombing, and the Paris attacks. Failure to hold them to the same standard as regular contract phones poses a serious risk to national security.
GIven that burner phones have been associated with criminal activity since forever, if anyone seriously felt the need to close the "loophole," you'd think they'd have accomplished it already. (Here's a failed attempt from 2010, made by Sens. Chuck Shumer and John Cornyn post-Times Square bombing.) What Speier wants to do is generate yet another set of third-party records to be housed by phone providers that can be accessed without warrants.

Even if this passes, it will do little to allow law enforcement agencies to follow up on burners recovered after attacks. Criminals and terrorists won't be presenting identification -- at least not theirs -- to retailers. In fact, they're going to do what they've done before: use straw purchasers or buy directly from resellers who fall outside of the bill's likely purview -- like individuals or online retailers.

This will have little investigative worth, but it will generate a ton of records on people who don't have any option but to buy prepaid phones, whether it's due to credit issues or a lack of verifiable identification. Many won't have the ID options requested, like credit/debit cards. Some may not have state ID/Social Security cards either. Adding this requirement will just inflict further difficulties on people whose lives are filled with difficulties already.

Then there are those who do have these things but would prefer to use a "burner" for conversations/communications they don't want to have linked to a phone that, for all intents and purposes, identifies them. Activists and journalists are two groups that immediately come to mind. So do philandering spouses, but that sort of activity is really none of the government's business -- nor the retailers acting as prepaid phone dragnets on the government's behalf.

And then there will be any number of people who buy prepaid phones simply to leave less of a personally-identifiable digital footprint -- without having to surrender most of their communication options.

In addition to these issues, requiring registration for prepaid phones will both lead to more criminal activity (in the form of a new black market for unregistered phones) and adversely affect smaller retailers who will now be shouldering additional burdens for the government. From a 2013 GSM (Groupe Speciale Mobile) report on registration requirements for SIM cards: (h/t Glyn Moody)
In countries where prepaid users represent the majority of the mobile communications market, the costs to mobile operators of implementing new registration processes can be significant including:

• Training staff and retailers i.e. on how to register users, what the acceptable forms of identity are and how to verify them;
• Investing in public awareness campaigns to inform their customers about the need to register;
• Ensuring that customer data databases are accurately updated, maintained and secured;
• Monitoring compliance and deactivating all unregistered SIM cards after the imposed deadline; and
• Verifying, copying and storing users’ identity documents.
The report also recommends:
Governments considering mandating the registration of prepaid users should seek to consult with industry stakeholders and conduct impact assessments before introducing regulation.
Right now, the only entity that has been consulted is Rep. Speier's gut instinct. It says, "Do something!"

Certainly a cell provider can gather any information it wants in exchange for providing phone service, but third parties like Wal-Mart and Target shouldn't be put in the position of tracking certain people who make certain purchases. As useful as it may be to have this information lying around (and that's certainly disputable), Speier's proposal will do little to prevent attacks and criminal activity while harming the privacy interests (and more) of her constituents.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    JBDragon, 28 Mar 2016 @ 2:47pm

    Re: Shouldn't private conversations be registered?

    Who are all these pedophiles talking to? Sending encrypted text to others?

    When is the Government just going to come right out and say they want to read your mind. That you get no privacy. You're nothing but a Taxpayer to help pay for the ever growing and corrupt Government!!!

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.