FCC proposal would force telecoms to collect government IDs, effectively ending burner phones
The Federal Communications Commission is pushing forward with a proposal that would require every telecommunications provider in the United States to collect a government-issued ID number and physical address from all new and renewing customers. Privacy advocates say the measure would effectively eliminate burner phones, with consequences that reach far beyond the scam calls the FCC says it is trying to stop.
“For decades, civil libertarians have looked overseas at authoritarian countries where the government requires people to register to get a mobile phone to ensure they can be tracked. We never thought that would happen here,” Jay Stanley, senior policy analyst at the American Civil Liberties Union’s Speech, Privacy, and Technology Project, told 404 Media. “But make no mistake: with this rulemaking, the government is contemplating taking away people’s ability to get a burner phone, which will hurt low-income people, domestic violence victims, and anyone else who cares about their privacy.”
What the FCC wants
The proposal is a Further Notice of Proposed Rulemaking, adopted at the FCC’s April 2026 meeting, that seeks to convert the agency’s existing “know your customer” (KYC) principles into a specific compliance checklist for voice service providers. Comments were due 30 days after publication in the Federal Register, with reply comments due 60 days after.
Under the proposed framework, originating providers would be required to collect the following before activating any new customer:
- Customer’s full name
- Physical address
- Government-issued identification number
- An alternate telephone number
For high-volume customers, including business and foreign customers, the FCC is asking whether providers should also collect the intended use of the service and the IP address from which calls will be placed.
Providers would need to verify this information through supporting records, retain the data for four years after the customer relationship ends, and re-verify it when red flags arise, such as unusual traffic patterns or dormant accounts that suddenly generate large call volumes. The FCC also proposes a $2,500 per call base forfeiture for KYC violations, a penalty that would compound rapidly for high-volume services.
Who loses
The immediate victims of such a regime would be the people who rely on prepaid, unregistered phones. Domestic abuse survivors use burner phones to create a communication channel that cannot be traced back to their home or identity. Journalists use them for sensitive source communication. Low-income people without stable addresses use prepaid plans because they are cheaper and do not require credit checks.
The FCC’s framing centers on combating robocalls and scam calls, which have plagued American phone networks for years. The agency argues that knowing exactly who is placing calls will make it easier to trace illegal traffic and hold bad actors accountable.
But the scope of the data collection goes far beyond scammers. The FCC’s own proposal notes that the collected data could assist law enforcement across a broad range of activities. The ACLU and other privacy advocates see this as a fundamental shift in the relationship between Americans and their phone service, moving from a regime where phone service is presumptively anonymous to one where it is presumptively linked to a state-verified identity.
The technical reality
The proposal would apply to all “originating voice service providers,” which includes traditional carriers, mobile providers, interconnected VoIP services, and platform-based providers. That is a broad net. Prepaid phone providers, which currently sell activated SIM cards at retail stores with minimal identification requirements, would need to overhaul their business model entirely.
The requirement to retain records for four years after the relationship ends creates a massive data liability. A data breach at a telecom that holds government IDs, physical addresses, and call patterns for millions of customers would be catastrophic. The telecom industry has a mixed record on data security, and the proposed rule does not include specific security requirements for the stored information.
What happens next
The FCC is still in the comment-gathering phase. The proposal has not been adopted as a final rule. But the direction is clear: the agency wants to move from a flexible, principles-based KYC standard to a prescriptive, auditable compliance regime.
The public comment period will attract opposition from privacy organizations, civil liberties groups, and prepaid wireless providers. The outcome will depend partly on whether the FCC can demonstrate that the rules would actually reduce robocalls without creating disproportionate harm. On that question, the evidence is still being gathered.
Sources: 404 Media (June 9, 2026); DLA Piper (May 22, 2026); Boing Boing (June 9, 2026)