Thursday, August 23, 2007

Unintended consequences?

Lawmakers are currently working on a bill called the "Truth in Caller ID Act of 2007". I have issues with it in that:
  • it is vaguely worded. "Inaccurate" and "misleading" are undefined, meaning they are left up to interpretation, both by law enforcement and the legal system (meaning that it will be up to case law to determine the definition).
  • the wording of the law allows for a non-judicial entity to interpret the law
  • the law does not define who is allowed (or how) to monitor the Caller ID "system" (Remember, it is a loosely worded protocol agreed upon by a collection of "peered" communications companies)(Does the fact that I own/manage/use a number of Asterisk boxes make me a communications entity? An infrastructure owner? Am I POTS (see below)?)
  • it strikes me as being worded like a statute (no need to prove intent) (but hey, I am not a lawyer so...)
  • it is intended to protect an insecure protocol (with poor implementations) that was never intended to be employed as a legal form of identity
  • Caller ID is not a universal service
  • There's no definition of "POTS". POTS stopped being 100% analog lines and hardware switches decades ago.
  • the wording of the law protects only a specific industry (POTS)

It is this last issue that caused the title of this post. Given the move away from POTS to IP-based services (POTS has been losing ground to special purpose (usually smaller) carriers for years. Vaguely worded laws get enforced in all manner of ways unintended by their authors. I think that this law may just push various user communities (industries in particular) away from POTS. (i.e., Caller ID will be whatever the company wants internally.

Organizations like autonomy in controlling what they have, especially internal infrastructures. I don't see this as improving organizations' relationships with "the phone company". Think about it. Anyone receiving a phone call from any one of 400,000+ phones internal to Microsoft (as an example) will probably only see "Microsoft" in the Caller ID, even though the capability is there to show "S. Jobs" (or whomever).

[Yeah, I know he doesn't work there.]

Hmmm... This may create a niche industry for Caller ID interfaces (internal call recipients see one thing, external another).