Earlier this week, EFF joined a bunch of other groups -- the Center for Democracy and Technology, the Computer & Communications Industry Association, and Pulver.com -- in filing comments [PDF] before the FCC about how the agency should handle making Emergency 911 (E911) features available on next-generation IP phones. In its request for comment, the FCC asked a number of questions, including which new technologies should absolutely guarantee access to emergency services, where and how "automatic location technologies" should be deployed, and finally how users' privacy should be protected.
It's not hard to be sympathetic to the FCC's position here -- it wants to make sure the broadest array of commonly used communications devices can summon help quickly. The agency has already mandated that the plain old telephone system (POTS) be E911 compliant, which means among other things that the government guarantees a connection to local emergency services and has a way to locate where the emergency call originated. This setup has led to faster service for people whose lives are in danger.
Now that IP phones are becoming more and more common, however, the agency has to make some decisions about whether those devices should be E911 compliant too. In our joint comments, we argue that the FCC needs to be very hesitant to mandate E911 compliance in nascent technologies. When an IP phone looks like a traditional phone and connects to the POTS network, users might reasonably expect that it will have the same 911 functionality as other phones. But other devices, such as IP phones that never touch the POTS network and are operated via the speaker on a common laptop, should not be regulated. Nor should other applications like instant messengers that may carry voice but aren't a replacement for the telephone. Mandating expensive and strict regulations this early in the life cycle of these technologies could stop their development in its tracks.
Moreover, the FCC seems to be overstepping its bounds with these attempts to control IP networks that have little to do with the telephone system. Rather than overreaching, the FCC would do better to encourage vendors of communications devices to market 911 capabilities as a feature in their products. If an IP phone is 911-capable, that should draw consumers to it. If it isn't 911 capable, this should also be disclosed to consumers so that they can choose a device knowing what emergency services it offers.
When it does come time to start imposing E911 regulations on IP phones, the agency must consider user privacy. Part of E911 compliance means having the ability to figure out where people are when they use their computers. In the wrong hands, this information constitutes a gross invasion of privacy at best -- and is a source of genuine danger at its worst. We recommend strict regulations on who has the ability to locate the origin of IP phone calls. In addition, we suggest that users be able to control what information is sent about their locations and when.
Our main goal with these comments is to urge the agency to strike a sensible balance between privacy and public safety. But that doesn't always mean putting E911 regulations in place everywhere. Sometimes the public is best served by fostering less-regulated innovation and discouraging unnecessary surveillance. And certainly it's better served by making it difficult for anyone other than emergency workers to find out where IP phone callers live.