Date: Thu, 09 Apr 92 11:09:20 -0700 From: Jeff Johnson On Monday, April 6, I took a day off work to go to Sacramento to testify in favor of a State Assembly bill that would, if CNID is approved in California, require free per-line blocking as an option for phone customers. The bill would make per-line blocking (with per-call unblocking) the default; phone users who want per-call blocking would have to request it. The bill was written by Common Cause, and was sponsored by Assemblyman Rusty Areias (D-South San Jose). It was up for consideration in the Transportation and Communications committee, on which Areias sits. The experience of testifying can only be described as extremely frustrating, even though the Assembly members who were present clearly opposed the telco position on CNID. Areias' staff asked me to arrive at 1:30, when the committee hearing was scheduled to begin. In fact, the hearing didn't start until 2:30, so I went out and walked around Sacramento for an hour. When it got started, Areias wasn't there; he was in a meeting of the Agriculture committee meeting, which he chairs. Therefore, his bill kept being postponed until he arrived. His staff kept saying that he was "on his way" and "would be there in fifteen minutes", but in fact he didn't arrive until about 5:45 pm. So from 2:30 to 5:45, I stood in the crowded hallway outside the hearing room. While I was waiting, I spoke with the lobbyist from Common Cause. She asked to see my statement. I showed it to her, and she said it was way too long. I told her that Areias' staff had told me to draft a 3-minute statement, but she said: "Three minutes? Way too long. You'll have to cut it in half. The committee has a lot of bills to get through today." She said, "You don't need to explain the bill; the members know what it does. Cut this paragraph, that one, and that one. And why aren't you calling the service 'Caller ID' like everyone else does?" I said that part of what CPSR has been arguing all along is that "Caller ID" is a misleading name for the service. She said: "But this isn't the place to clarify that. Call it 'Caller ID'." Her tone was *not* that of someone making friendly suggestions. Sigh, so I worked on cutting down the statement. When the bill finally came up, Areias read his supporting statement, then about seven people gave supporting testimony. There was a lot of commotion in the room: Assembly members talking to their aides, audience members going in and out, etc. However, it did seem to me that at least some of them were listening to my statement (original, 3-minute version attached below). I had been advised by Areias' staff that I would be asked questions about the technical feasibility of per-line blocking with per-call unblocking, but in fact I wasn't asked any questions. When we finished, the Chair of the committee said with a mischievous grin: "Well, I don't suppose there is any opposition to this one, so we can just vote, huh?" The telco lobbyists rushed forward to testify against the bill. They gave their usual arguments about how per-call blocking "balances the privacy interests of caller and callee." However, they were continually interrupted by several committee members who were clearly opposed to CNID. In a sense, that was nice to see: the telco people were really put on the hot seat, and told in no uncertain terms that they were "nuts". They clearly weren't prepared for that; they gave stammering, badly expressed replies. However, in another sense, this scene was also very frustrating, because it was clear that the Assembly members had *little or no understanding* of the bill. They were trashing the telcos for the *wrong reasons*. About half of them (or half of those who were paying attention at all) clearly thought they were voting Yea or Nay on CNID itself. So we heard all of their favorite personal anecdotes about why CNID is bad (or good). The other half of them confused subscribing to CNID (i.e., receiving numbers) with indicating a blocking option. They seemed to think that the telcos want everyone to have (and pay for) the CNID service by default, and that the bill would make the default be that you don't subscribe unless you ask to. They were really outraged by the thought that the phone companies would dare try to force CNID on everyone to guarantee themselves income. No *wonder* they were trashing the telcos! Even more mind-boggling was the fact that the telco lobbyists did nothing to dispel these misunderstandings. They simply kept repeating their canned arguments for per-call blocking, apparently oblivious to the fact that the assembly members weren't at a level of understanding where blocking options were even relevant. After a number of exchanges, it became clear (to me) that the telco lobbyists had only a *slightly* better understanding of the issues, and the bill, than the Assembly members did. They didn't distinguish between subscribing to CNID and indicating a blocking option either! When I realized this, the engineer in me wanted to jump up and say: "Here, I see how you can dispel their concerns. I can argue for you better than you can; I can give the *argument* you should be giving." Instead, I just sat there, shaking my head. Throughout this whole time, Areias sat there, saying nothing to clarify the situation. Even the state legislative analyst whose job is to explain the bill, who I *know* understands the bill (because I have talked to him on several occasions about CNID), kept silent. The Assembly members then voted. Though some were voting for CNID itself, some against it, some for forcing everyone to subscribe to CNID, others to give people a choice, and perhaps some for what the bill was actually about, all votes were of course expressed only as "yea" or "nay" for the bill. Not surprisingly, the committee was split, so the bill died. Areias said nothing, and left immediately to return to his other committee. I left, feeling a combination of disgust and bewilderment. Not because the bill died, but rather because rational debate and reasoned argument had been overwhelmed by ignorance. Because they didn't know what they were voting for or against. I would have *much* preferred a well-reasoned rejection of the bill to what actually occured. I now think the advice that the Common Cause lobbyist had given me -- not to bother explaining the bill -- was wrong; that was precisely what the assembly members needed. Of course, it is not clear that *my* particular explanation would have helped them. I'm afraid the experience has left me extremely cynical about CPSR's approach to this issue. We spend lots of time and effort making subtle arguments about better alternative services, problems of per-call blocking, what the defaults should be, etc. The lawmakers, on the other hand, are at the level of: "Fer it/agin' it." I spent a day and a half preparing my testimony, but it seems to me that I would have probably done better to give an argument like: "Caller ID: booga, booga, booga! Bad, bad, bad!" Or maybe, "Caller ID is the devil's handiwork!" I'm serious. So much for our democratic process. Sheesh! JJ P.S. About the only positive thing that came out of it was that I left copies of my prepared statement (below) and of my prepared answers to anticipated questions with Areias staff, and these were distributed to committee members' staffs. --------------------------------- Testimony of Jeff Johnson Chair, Computer Professionals for Social Responsibility Re: California State Assembly Bill 3425 April 6, 1992 My name is Jeff Johnson. I'm testifying today as Chair of Computer Professionals for Social Responsibility (CPSR) a public-interest organization that examines the social impact of technology. Professionally, I'm a researcher at Hewlett-Packard, and formerly at US West, a Bell Operating Company. CPSR has reviewed Assembly Bill 3425, sponsored by Assemblyman Areias, and supports its passage. It is quite appropriate for the legislature to establish minimum privacy requirements for communications services in California. The existing blocking law, though ambiguously worded, is usually interpreted to require per-call blocking of number identification. Given that interpretation, it does not adequately protect Californians against unintentional disclosure of personal information, and should be strengthened. If Calling Number ID (CNID) is approved in California with only per-call blocking, unintentional disclosure would be common, as callers forget -- or do not know -- to block. Let's consider some of the ways in which disclosure errors would occur. If CNID is approved, phone companies would be required to inform customers about the service and how to block, but it is naive to assume that all phone users would be adequately warned. Bill inserts are often ignored, or read only by the person who pays the bill. New residents won't know to block when they first arrive, especially those who don't speak English; is their privacy unimportant? Visitors may not know to block, and so may unwittingly add their hosts to marketing lists. No matter how much phone companies spend trying to inform the public about per-call blocking, it is obvious that even years from now, a substantial proportion of Californians won't even know that CNID exists, much less that blocking is available. In short, with per-call blocking, many Californians would have their numbers disclosed by the phone companies without their knowledge or consent, due to inadequate warning. Even customers who have been warned will make mistakes. As a designer of computer systems, I know that users sometimes forget important steps, like forgetting to save one's work before turning off the computer. Consider how often you call movie theaters for show times. Forget just once to block, and bang: you're in a national video-movie marketing database. If CNID is allowed in California, the way to minimize the likelihood of disclosure errors is to make the default be per-line blocking with per-call unblocking. This greatly reduces the chance that phone users will have their numbers disclosed without their consent. It also reduces the burden on phone companies to assure that every phone user understands the service. And make no mistake about it, per-line blocking with per-call unblocking is technically feasible. In summary, while CPSR is on-record with the California PUC as preferring alternatives to CNID such as name identification, number identification becomes minimally acceptable if per-line blocking with per-call unblocking is provided as a default, with provisions for customers to specify that they want otherwise. For this reason, CPSR supports Assemblyman Areias' bill. Thank you for the opportunity to testify. I will now be happy to answer questions on the technical feasibility of various proposals or on whatever topics you like. --------------------------------------- Answers to Likely Questions Re: California State Assembly Bill 3425 April 6, 1992 Q: What is your assessment of the technical feasibility of per-line blocking with per-call unblocking as a default service, and of having the unblocking code be different from the blocking code? A: Per-line blocking with per-call blocking is completely feasible for telephone companies to implement. So is having different codes for blocking and unblocking. They may not want to implement these things, but they can easily do it if required. The infrastructure that enables so-called CLASS services like CNID is provided by electronic switching systems introduced in the eighties that conform to what is called the Signalling System 7 (SS7) standard. Phone operating companies purchase switching systems from switch manufacturers. There are currently five such manufacturers: AT&T, Northern Telecom, NEC, Siemens, and Eriksson. Of those, AT&T and Northern Telecom have between them about 90% of the U.S. market, that is, almost all SS7 switching systems in use in the U.S. -- including Calif. -- were made by either AT&T or Northern Telecom. I'm telling you this because I know that the AT&T and Northern Telecom switches make it easy for local phone companies to set up whatever sort of blocking -- with whatever codes -- is required. The other three brands of switches probably do the same, but I know the situation for the most widely-used switches. If you're interested, I can describe in laymans' terms how the services and codes are set up in these switches. Q: Please do. A: The switching machines have tables inside them -- software tables -- that indicate what codes do what. There is a main table that indicates what the default services and codes are for everyone. Then, for each phone line handled by the switch, there is a table that indicates how that line's services and codes differ from those defined in the main table. Finally, there are settings for each call that can override the settings for a particular line. So, to establish per-line blocking with per-call unblocking as a default for all customers, the main table would be set up to issue blocking codes for all calls on all lines, and also to recognize whatever code is to be the unblocking code. Then, for customers who want something other than the default, the table for that line would be set up to indicate the desired service for that line, e.g., per-call blocking. The tables are explicitly designed by the switch manufacturers to allow local phone companies great flexibility in defining services. Since the tables are implemented in software, changing the services and codes they define is easy. Defining per-line blocking as a default, and defining different codes for blocking vs. unblocking, is therefore no problem. Q: Why is per-call blocking (i.e., having to press three keys to block disclosure of one's number) such a burden on telephone users? A: Though phone companies often pretend that the relevant burden is the physical one of pressing three keys, anyone who knows anything about interactive system design knows that the important burden is the mental one: having to remember to punch the keys. If someone gave you a new car and said, "Oh, by the way, you have to remember to press *67 on the dashboard here each time you try to stop or else the brakes won't work," you would consider that a heavy burden, and probably refuse to drive the car. The maker of the car might argue: "Hey, what's the problem? It's only three keys." The three keys aren't the issue. The issues are: how easy is it to forget, and what are the consequences of forgetting? As I said in my testimony, people often forget important steps. This is especially likely when they have other things on their mind; like when you return home and have houseguests coming and need to order that take-out food quickly. Bang: you're in Roundtable's national list of pizza lovers, as well as in the lists of everyone Roundtable sells its list to. Q: You predicted that if only per-line blocking is offered, telephone numbers will often be disclosed unintentionally because not everyone will have been adequately warned. Would you consider phone companies liable for such errors? A: I am not a lawyer and so won't presume to prejudge legal liability. I do think, however, that phone companies should be prepared for numerous "wrongful disclosure" and "failure to warn" lawsuits if they offer only per-call blocking, and they should include the cost of fighting such suits in their financial forecasts of the per-call blocking scenario. They should also consider that their customer education program would have to be much more comprehensive -- and therefore expensive -- under a per-call blocking scenario than under a per-line blocking scenario. Q: As a public-interest organization, is CPSR allowed to support particular bills, i.e., to lobby? A: First, IRS regulations do not completely prevent 501(c)3 organizations such as CPSR from engaging in lobbying, they simply restrict the amount of lobbying such organizations may do to a small amount. CPSR does very little lobbying -- we mainly provide testimony when asked, as here -- and so are well within the IRS limits. Second, IRS limits on lobbying are expressed in terms of how much of an organization's annual budget may be spent on lobbying activities. After all, the IRS wants to make sure that tax-deductable contributions aren't spent promoting particular legislation. However, I am here as a volunteer. No CPSR money has been spent. Therefore, my testimony may not even count against CPSR's lobbying quota.