A Call to Action: Stop the FCC’s KYC Regime

行动呼吁：阻止 FCC 的“了解你的客户”（KYC）制度

Robocalls are really annoying. Everyone knows the misery of scam calls, spoofed numbers, fake warranty pitches, fraudulent bank alerts, and automated political spam. The FCC is correct to claim that illegal calls erode trust in the phone system and cost Americans time, money, and security. But this problem does not justify a dragnet solution. Under the guise of fighting robocallers, the FCC is now considering “Know Your Customer” rules that could force phone providers to collect identity information from ordinary people before they can acquire or renew service with a phone carrier.

骚扰电话确实令人厌烦。每个人都深知诈骗电话、伪造号码、虚假保修推销、欺诈性银行提醒以及自动化政治垃圾信息的痛苦。美国联邦通信委员会（FCC）声称非法通话侵蚀了电话系统的信任，并让美国人损失了时间、金钱和安全，这一点是正确的。但这个问题并不能成为实施“撒网式”解决方案的理由。在打击骚扰电话的幌子下，FCC 目前正在考虑推行“了解你的客户”（KYC）规则，这可能迫使电信运营商在普通用户获取或续订服务之前，必须收集其身份信息。

The proposal is being sold as consumer protection, but the surveillance regime it would create is something else entirely. On April 30, 2026, the FCC adopted a Further Notice of Proposed Rulemaking seeking stronger KYC rules for voice service providers. The agency says possible measures include requiring providers to verify customer identities before enabling service, including name, address, government ID, and alternate phone numbers. The item was approved by Chairman Brendan Carr and Commissioners Gomez and Trusty.

该提案被包装为消费者保护措施，但它所建立的监控制度完全是另一回事。2026 年 4 月 30 日，FCC 通过了一项《拟议规则制定进一步通知》，旨在为语音服务提供商寻求更严格的 KYC 规则。该机构表示，可能的措施包括要求提供商在开通服务前验证客户身份，包括姓名、地址、政府颁发的身份证件以及备用电话号码。该事项已获得主席 Brendan Carr 以及委员 Gomez 和 Trusty 的批准。

That should alarm anyone who believes phone access is basic infrastructure, not a privilege conditioned on identity verification. The danger is not that the FCC wants to punish robocall scammers. The danger is that the FCC is contemplating rules that would put millions of innocent people into telecom identity databases in the hope that criminals will be inconvenienced. We’ve seen this playbook before. Such measures take more privacy from lawful users while determined criminals will adapt and find ways around the “gate.”

任何认为电话接入是基础设施而非以身份验证为前提的特权的人，都应该对此感到警惕。危险不在于 FCC 想要惩罚骚扰电话诈骗者，而在于 FCC 正在考虑的规则会将数百万无辜民众的信息纳入电信身份数据库，仅仅是为了给罪犯制造一点不便。我们以前见过这种套路。此类措施剥夺了合法用户的隐私，而坚定的罪犯总会适应并找到绕过这些“关卡”的方法。

KYC rules seen stopping determined criminals

KYC 规则被认为无法阻止坚定的罪犯

KYC does not reliably stop determined criminals. We know this to be true simply from looking at KYC requirements in the financial system. There’s no shortage of money laundering that occurs through regulated venues, in part because criminals don’t have much trouble providing the required documentation to pass KYC checks. Why is this easy to route around? Mainly because so much personally identifiable information gets leaked on an ongoing basis that entire markets exist to trade this information. Buying a new identity and the associated documents to go along with it is cheap.

KYC 并不能可靠地阻止坚定的罪犯。只要看看金融系统中的 KYC 要求，我们就能明白这一点。在受监管的场所中，洗钱活动依然屡见不鲜，部分原因是罪犯在提供通过 KYC 检查所需的文件方面并没有太大困难。为什么这很容易绕过？主要是因为大量的个人身份信息在持续泄露，以至于存在专门交易这些信息的完整市场。购买一个新的身份及相关配套文件非常便宜。

Burner Phones Are Important Tools

一次性手机是重要的工具

The proposal also reaches directly into prepaid service. The FCC is asking whether KYC requirements should vary between prepaid and postpaid plans, what information wireless providers currently obtain from prepaid SIM customers, and whether KYC measures should be imposed for prepaid service purchased through third-party vendors. That is the heart of the burner-phone issue. A prepaid phone is not just a movie prop for criminals. It can be a lifeline for a domestic violence survivor, a worker reporting misconduct, a journalist protecting a source, a protester avoiding retaliation, or someone who simply does not want every communication account tied to a government ID.

该提案还直接触及了预付费服务。FCC 正在询问预付费和后付费计划之间的 KYC 要求是否应有所不同，无线运营商目前从预付费 SIM 卡客户那里获取了哪些信息，以及是否应对通过第三方供应商购买的预付费服务实施 KYC 措施。这就是“一次性手机”（burner-phone）问题的核心。预付费手机不仅仅是罪犯电影里的道具。对于家庭暴力幸存者、举报不当行为的员工、保护消息来源的记者、避免报复的抗议者，或者仅仅是不希望每个通信账户都与政府身份证件挂钩的人来说，它可能是一条生命线。

ACLU senior policy analyst Jay Stanley warned that the rulemaking contemplates taking away people’s ability to get a burner phone and could harm low-income people, domestic violence victims, and anyone who values privacy. That is the point the public needs to understand: anonymous or pseudonymous communication is not suspicious by default.

美国公民自由联盟（ACLU）高级政策分析师 Jay Stanley 警告称，该规则制定考虑剥夺人们获取一次性手机的能力，这可能会伤害低收入群体、家庭暴力受害者以及任何重视隐私的人。这就是公众需要理解的一点：匿名或化名通信在本质上并不等同于可疑。

I’ve used KYC-free phone services for many years both as a security and privacy protection tactic. I, like anyone who might be suspected of having access to significant amounts of bitcoin, need strong privacy in order to protect myself from wrench attacks. This is not a theoretical threat; hundreds of Bitcoiners have been physically attacked and I myself have been swatted and extorted.

多年来，我一直使用无需 KYC 的电话服务，将其作为一种安全和隐私保护策略。像任何可能被怀疑拥有大量比特币的人一样，我需要强大的隐私保护来防止“扳手攻击”（物理暴力勒索）。这不是理论上的威胁；已有数百名比特币持有者遭到人身攻击，我自己也曾遭遇过“假报警”（swatting）和勒索。

The most chilling parts of the FCC’s proposal go beyond ordinary ID collection. In its section on risk-based KYC differences, the FCC even asks whether providers should consult lists of terrorists, terrorist organizations, and “criminal persons” maintained by law enforcement entities. We’ve also seen this before and such lists would surely lead to false positives, abuse of innocent people being opaquely added to said lists, and the possibility that people could be denied basic communication infrastructure without a conviction or meaningful due process. Even though the FCC frames this as a question rather than a final decision, it is a dangerous question for a communications regulator to normalize.

FCC 提案中最令人不寒而栗的部分超出了普通的身份收集。在关于基于风险的 KYC 差异部分，FCC 甚至询问提供商是否应该查阅执法机构维护的恐怖分子、恐怖组织和“犯罪人员”名单。我们也见过这种情况，此类名单肯定会导致误报，导致无辜者被不透明地列入名单而受到侵害，并可能导致人们在没有定罪或有效的正当程序的情况下被剥夺基本通信基础设施。尽管 FCC 将其表述为一个问题而非最终决定，但对于通信监管机构来说，将这种问题常态化是非常危险的。

The proposal also contemplates long retention periods. The FCC asks about requiring providers to retain KYC information and supporting records for four years after the customer relationship ends. That means the risk does not end when someone cancels service. A person’s identifying information could remain in carrier databases for years, exposed to breach, misuse, subpoena, sale, or mission creep.

该提案还考虑了较长的保留期限。FCC 询问是否要求提供商在客户关系结束后，仍需保留 KYC 信息及支持记录四年。这意味着风险并不会在某人取消服务时结束。一个人的身份信息可能会在运营商数据库中保留多年，从而面临泄露、滥用、传票调取、出售或“任务蔓延”的风险。

Mission creep is already visible in the FCC’s own words. The agency asks whether enhanced KYC rules could help law enforcement investigate crimes beyond illegal calls, including organized crime, trafficking, espionage, influence operations, and other national-security concerns. That is a very different pitch from “we are stopping robocalls.” Once telecom providers are required to verify, retain, re-verify, and possibly screen customers, the phone system starts looking less like an open communications network and more like a chokepoint.

“任务蔓延”在 FCC 自己的话语中已经显而易见。该机构询问，加强的 KYC 规则是否可以帮助执法部门调查非法通话以外的犯罪，包括有组织犯罪、人口贩运、间谍活动、影响力行动以及其他国家安全问题。这与“我们正在阻止骚扰电话”的说法大相径庭。一旦电信运营商被要求验证、保留、重新验证甚至审查客户，电话系统看起来就不再像一个开放的通信网络，而更像是一个关卡。

The FCC also proposes a per-call enforcement structure. It asks about assessing KYC violations on a per-call basis and specifically proposes a $2,500 per-call base forfeiture. That creates an obvious incentive: providers will protect themselves by over-verifying, over-retaining, and over-denying. When the penalty for under-screening can multiply by call volume, the safest corporate choice is not the one that protects consumer privacy, but rather the one that intrudes upon it greatly.

FCC 还提议建立一种按通话次数计算的执法结构。它询问是否应按通话次数评估 KYC 违规行为，并明确提议每通电话处以 2,500 美元的基础罚款。这产生了一个明显的激励机制：提供商将通过过度验证、过度保留和过度拒绝服务来保护自己。当审查不足的惩罚会随着通话量成倍增加时，最安全的商业选择不是保护消费者隐私，而是极大地侵犯隐私。

Privacy Is Not a Crime

隐私不是犯罪

A free society does not require citizens to continually fight to retain their privacy. The burden should be on the government to justify eroding the…

一个自由的社会不应要求公民不断地为保留隐私而斗争。政府应当承担举证责任，以证明其侵蚀隐私行为的合理性……