US Department of Commerce Proposes KYC for US Infrastructure as a Service \ stacker news ~privacy

US Department of Commerce Proposes KYC for US Infrastructure as a Service www.natlawreview.com/article/us-department-commerce-publishes-proposed-rule-imposing-know-your-customer-and

4276 sats \ 13 comments \ @k00b 4 Mar privacy

The proposed rule requires all U.S. providers of U.S. IaaS products to create, implement, and maintain an appropriately tailored, written CIP—akin to the “know your customer” (“KYC”) information that banks maintain. The primary purpose of the CIP is to verify whether potential customers and beneficial owners are foreign or U.S. persons, and to verify the identities of potential foreign customers and their beneficial owners.

Forced KYC when motivated by hampering foreign enemies feels an awful lot like a new form of The Draft. If modern warfare is fought with information, how long before we recognize this kind of thing as an atrocity?

This also makes me question which is worse: price controls or customer controls?

view all related items

262 sats \ 0 replies \ @freetx 4 Mar

The large cloud computing sites (AWS, GC, etc) already collect this info so will be no imposition to them.

However this will have the effect of pushing all "anonymous" services -- and certainly all VPN's -- out of US jurisdiction.

Why would they do this? Two main reasons spring to mind:

Obviously this helps AWS, Google, etc.
But more importantly, by pushing VPN's etc out of US jurisdiction, this opens them up to being "foreign entities" which makes it legal to use intelligence services against them. So once your VPN is located in a foreign country, they will be fair game to be infiltrated and targeted by snooping.

120 sats \ 0 replies \ @davidw 4 Mar

Isn't it ironic that the CIP (Customer Identification Program) sounds an awful lot like the CCP.

110 sats \ 1 reply \ @Scoresby 4 Mar

Sadly, I don't see how this goes anywhere else. KYC requirements are going to increase. You need it to bank, you need it to rent, you need it to open a business...cell phone and internet service are almost entirely kyc'd. What is going to provide (effective) pushback?

34 sats \ 0 replies \ @kytt 4 Mar

You need it to bank - nope. You need it to open a business - nope. You need it for cell phone/internet - nope.

Pushback happens using their own rules. You can use a trust for all of those. You can also "open a business" by operating as yourself and paying "contractors" in cash. There is nothing against doing that.

101 sats \ 0 replies \ @davidw 4 Mar freebie

I interpret this that it may hamper U.S. citizens just as much, if not more, than it does foreign adversaries. With the Government able to know exactly what content & information U.S. citizens are consuming, they have more influence on them within their borders. But no doubt it'll be used for foreign influence, cutting-off digital services to anyone acting/behaving 'foreign' and A.I training too.

Identification Procedures

Providers should assume all potential customers and beneficial owners are non-U.S. persons until the aforementioned identifying information is collected and assessed.

If a provider verifies that “the potential customer and all beneficial owners are U.S. persons,” the provider need not engage in further verification procedures.

At minimum, U.S. IaaS providers must gather and retain specific identifying information from potential foreign customers and foreign beneficial owners:

Name;
Address;
Means and source of payment;
Email address;
Telephone number; and
“IP address(es) used for access or administration and the date and time of each such access or administrative action.”

100 sats \ 0 replies \ @nicosey 4 Mar

unless we start a movement to stop this it will only get worse...

44 sats \ 0 replies \ @jeff 4 Mar

Soon : All companies must KYC everybody.

21 sats \ 0 replies \ @space_karen 4 Mar

Homeless often cannot qualify for KYC. They lack mailing address, phone number and other essential requirements. Bitcoin maximalists claim 4 billion in the world are unbanked. They cannot meet KYC or bank account requirements. I'm not certain imposing new regulation works in the favor of banks or the state. Over the long run these restrictions might show a need for bitcoin and paper currency, to increasingly greater numbers of people who are unhappy with KYC overregulation.

42 sats \ 0 replies \ @Bell_curve 4 Mar

No KYC for campaign contributions

10 sats \ 0 replies \ @arrivederci 4 Mar

P2P unaffected

#NeverOnAServer

0 sats \ 0 replies \ @doofus 4 Mar

Overton’s window has been opened for this issue.

0 sats \ 0 replies \ @OriginalSize 4 Mar

Engaging in "malicious cyber-enabled activity" is already illegal. Maybe the cops should do their jobs rather than swallow the surveillance line? Also where are the studies showing CIP would've helped? Seems like whack-a-mole where adversaries will easily adapt and ultimately freedom takes a hit.

0 sats \ 0 replies \ @OT 4 Mar

Has anyone ever sued the state for requiring KYC?