Private Address Forwarding

Legal action last update 2014-01-04

I have a proposal for something I call "Private Address Forwarding" (PAF).

tl;dr proposal: Google Voice for postal mail. The USPS assigns you a unique ID, you tell them where to forward that ID, and they can't disclose who it belongs to or where it goes without court process or your permission. You could get mail that's just addressed to "PAF 13JS-00EG-C, United States", and it'd automagically get routed to you. You can also choose to give UPS, FedEx, etc permission to access the forwarding info if you want.

tl;dr benefits: Getting mail while preserving your privacy; never having to update your address w/ everyone when you move (just w/ the USPS); cheaper & easier than PO boxes.

Using an obscure, technical, never-before-used 2006 law, I've gotten the Postal Regulatory Commission (PRC) and USPS to start formally considering this proposal. (Obligatory: first! \o/.)

You can view all the relevant documents (including all public comments filed so far) on the PRC website here, or go to here and enter MC2013-60 as the docket number.

Coverage: Bruce Schneier, Association for Postal Commerce

Updates (RSS)

• 2014-01-04: Because time is running out to do so — enough that I might not get a PRC subpoena before the 30 day appeal deadline runs out — I filed suit against the USPS for their denial of my FOIA (and previous improper and untimely responses).
• 2014-01-03: The USPS said they'll delay again until 2014-01-06.
• 2013-12-30: I agreed with the USPS, though noting that my deadline to appeal the USPS denial of my FOIA request was approaching.
• 2013-12-27: The USPS asked for an extension to respond until 2014-01-03.
• 2013-12-26: I received and posted to the PRC a recently received partial response to my USPS FOIA. The main useful part is a presentation on Mail My Way, which has some similarities to PAF, and supports belief in the feasibility of my proposal.
• 2013-12-23: I filed an addendum responding to the USPS' comments.
• 2013-12-20: I filed a closing motion to the PRC asking for further proceedings, disclosure, determinations against the USPS, etc. The USPS filed a comment asking that my proposal be denied because only the USPS should determine how ideas are prioritized and whether in-depth analysis is made.
• 2013-12-12: I responded to the USPS denial of my FOIA request asking them to make the determinations they have to by law. They vacillated; I reiterated & filed administrative appeal; they acknowledged it and then issued a final determination refusing to grant expedited processing or public interest waivers.
• 2013-11-18: The Association for Postal Commerce and Public Representative commented on my proposal. Summary: PostCom thinks the USPS shouldn't have to do anything new if it doesn't want to. The PR thinks the proposal "appears feasible", the USPS is "instranigent", and the PRC should require limited discovery, but should not approve PAF without a "comprehensive business plan".
• 2013-11-06: The USPS responded to my FOIA request, saying that just the search would cost "at minimum" $832, plus 10¢/page over 100 pages for "duplication". They did not respond (as required) to my public interest and processing exemption requests, nor my request for electronic documents only.
• 2013-11-05: The PRC denied my motion for discovery as premature, saying that the "rules do not provide for discovery prior to determining whether the proposal complies with statutory and regulatory requirements and is consistent with the position of the Postal Service. However, the rules do allow for a period of discovery following that determination." So we'll have to revisit the question of whether the USPS should provide documents / whether there should be a proceeding on the merits once all comments are in.
• 2013-11-04: I filed a motion to amend the PAF proposal to include all the changes people have suggested.
• 2013-10-28: The USPS has opposed my motion for disclosure of relevant documents. I have filed a counter-reply.
• 2013-10-23: The PRC found that "taking the circumstances into account, including the nature of the Request, the revised procedural periods suggested by Petitioner are reasonable", completely siding with my revised scheduling request. The new dates are November 18 for initial comments and December 20 for reply comments.
• 2013-10-21: Chris Phoenix filed a reply comment with suggestions for improvement.
• 2013-10-18: I have filed a revised motion to reschedule — essentially, to permit open public comment until December 20th (or 30 days after publication of USPS documents, whichever is later).
• 2013-10-18: I have filed a FOIA request (2014-FPRO-00057) for documents relating to the USPS' previous PAF-like products, as well as a motion asking the PRC to order their disclosure.
• 2013-10-18: I had a productive phone call with the USPS lawyer on this case, to try to better understand their position and any compromises we might be able to make. I've updated the USPS position section of this page accordingly and am preparing reply motions.
• 2013-10-17: The government is back up. This includes the PRC. I've updated informal links to point to formal document locations.
• 2013-10-16: The USPS has contacted me with copies of their reply motions due today (whose formal submission is pending PRC resumption): formal reply to PRC proposal, opposition to schedule extension, and motion for late acceptance thereof.
• 2013-10-01: Because of the government shutdown, the PRC is shut down. I filed a motion asking for a schedule extension once they resume.
• 2013-09-25: I filed a motion supporting the Public Representative's and asking for further clarification of procedure
• 2013-09-24: PRC's Public Representative disagreed with PRC's dates
• 2013-09-23: PRC set dates and summarized the proposal
• 2013-09-19: PRC notified USPS.
• 2013-09-18: Filed! \o/

To stay updated: subscribe to the RSS feed of above updates; get emails from me (major developments only), and/or add an official PRC document filing alert for docket MC2013-60.

Schedule

NOTE: The original schedule was contested by by the Public Representative and by me (plus an addendum because of the government shutdown).

The USPS opposed us on all of that, and I revised my request given the post-shutdown mootness of some of the issues and addressing the USPS' concerns. The PRC found that "taking the circumstances into account, including the nature of the Request, the revised procedural periods suggested by Petitioner are reasonable", completely siding with my revised scheduling request (though delaying whether it'd extend the schedule if the USPS produces the documents I've requested).

• 2013-11-13 2013-12-20: Response comments due.
• 2013-10-16 2013-11-18: Initial public comments due.
• 2013-10-16: USPS response due.
• 2013-09-18: Filed.

Have comments?

If you have any comments on this proposal, I strongly encourage you to send them in formally, after first discussing them informally.

Would you use PAF (and why)? How do you think my proposal could be improved? Do you think it's a bad idea? Unless you tell the PRC formally, they won't know, and your perspective won't be taken into account.

Of course, please do also share this widely, discuss it on the redfacegooghackblr, etc. (Please email me links to such discussions so I can post 'em here.)

To comment on the record:

• File a formal comment through the PRC (preferred)

  1. Prepare your comments as a PDF document.
     • Name the file "paf-com-[your-name].pdf", < 40 characters, no spaces or special chars.
     • Address it to the Postal Regulatory Commission, refer to docket number MC2013-60, and be polite, clear, and concise.
     • 12 pt Arial w/ 1.5 line spacing for body text; 1 inch margin; header w/ docket # & page #. You can copy the format of e.g. the PR's motion (pdf, docx) or use my gdoc template.
     • If you're referring to someone else's comment, mention its title and date.
  2. Go here and register for a temporary online filing account. Check your email and click the verification link.
  3. When logged in, go here, select MC2013-60 as the docket number, title your document "Comment on MC2013-60 by [your name]" (if before Nov. 18) or "Reply comment by [your name] to USPS comments on MC2013-60", upload the PDF, and submit it. It'll probably take a day or so to get posted and visible.

• File a formal comment through regulations.gov

  The Federal Register notice has a form that lets you submit comments. (I don't know how this interfaces with the PRC's own official filing system.)

  You can also call Stephen L. Sharfman, General Counsel at 202-789-6820 if you can't submit comments electronically.

• Send your comments to the Public Representative

  The PRC appoints a staffer for each case as a sort of independent obudsman, to represent the interest of the "general public", called the Public Representative (PR).

  The PR for this case is James Waclawski (james.waclawski@prc.gov; phone (202) 789-6826; fax (202) 789-6861).

  You can contact Jim with any questions about this case.

  You can also contact him to tell him your thoughts, but note that he does not represent you, but rather his own independent view of the "general public"'s interests. So if you want your opinions represented, you should file formal comment in your own name.

  To quote him: "The Public Representative can answer procedural questions. However, the Public Representative does not represent individual members of the public and will not offer legal advice. Typically, a Public Representative does not act as a conduit for the positions of individual members of the public. It is best for individual members of the public to file comments directly with the Commission."

To participate in informal collaboration on the document:

1. Post a link to this page on your favorite blog / social network / bookmarking site / etc and discuss it there. (I'd appreciate if you email me a link.)

2. Use the google doc. Highlight text -> 'insert' menu -> 'comment'. Please note that the PRC won't look at this though, and I can't edit it because it's already been filed. This is just for informal discussion; be sure to file your thoughts resulting from that discussion formally, as above.

3. Email me directly or leave me an anonymous comment. I take constructive comments seriously and will try to integrate your ideas in any amendments I make — but you should still file your perspective formally so that the PRC sees them directly.

USPS' position on this proposal

On October 16th, the USPS filed a formal reply to my PAF proposal, an opposition to schedule extension, and a motion for late acceptance of the same.

I also had a phone call on the October 18th with the USPS lawyer on this case, which was helpful in better understanding their position and my response.

I of course encourage you to read their views yourself, but here's my attempt at a fair summary of them, as well as my tentative thoughts in response so far (in italics).

The USPS belives the PRC should deny my requests, have no further proceedings on this, and not ask the USPS do anything about it, except if the USPS independently chooses to propose something similar at some point in the (unlikely to be near) future, because:

• Privacy

  1. They need to think through compliance with NIST security standards, the Privacy Act, how to make "mail processing equipment image recognition software" process PAF IDs, etc.

     I fully agree these things need to be thought through, and indeed I said exactly that in my original proposal. Having to think about privacy issues isn't an argument against doing so.

  2. The Privacy Act authorizes more disclosures than my proposal does, e.g. "to the Bureau of the Census for purposes related to census and survey activities, to other domestic government agencies for a civil or criminal law enforcement activity if the activity is authorized by law, and to a person upon a showing of compelling circumstances affecting an individual’s health or safety" and to "agencies and entities such as credit bureaus that perform identity verification and credit risk assessment services, or to government agencies when necessary in connection with decisions by the requesting agency to issue licenses, grants, or other benefits",

     I don't believe that the Census has a need to know anything about PAF IDs; they have other info on where people live. My proposal already includes standards for law enforcement disclosure. "Compelling circumstances" disclosure may be a reasonable addition. Credit bureaus should not have access without very explicit, optional user consent, because they're some of the biggest brokers of data mining that violate individuals' privacy. And presumably a user would consent to disclosure to a government agency when it's to their own benefit.

  3. The USPS already has some privacy protections via its "system of records for address change, mail forwarding, [etc]", "protective court order[s]"; exceptions for "domestic violence shelters", and because "permanent change-of-address [information]" is only given "to mailers … already in possession of [customer information]".

     These protections are completely inadequate for privacy of normal mail users, and nowhere near the level of privacy that would be given by my proposal. Any spammer, stalker, or PI can easily get change of address information (since they already have previous address information), and protective court orders are hard to obtain (let alone without proof of some specific risk, e.g. for someone who simply values their privacy). And PO boxes are not adequate either.

     Plus, these give no protection whatsoever for someone's continuing need to receive mail. Even if your new address isn't disclosed to people who have your old one, the moment you use it to order anything, it'll get cross-linked by data-mining brokers — and poof goes privacy. (And why shouldn't you have privacy from the people you buy things from, too?)

     I believe that everyone has rights to both privacy and to mail service, and that it should not be difficult to exercise those rights.

• Operations / pragmatics

  1. They've thought of similar ideas before:

     1. Patent #7,295,997, in which merchants generate "[l]abel information [e.g.] a random number … to identify the customer [without] includ[ing] the customer's name or address information" and "the shipper may read … the label to determine the customer's name and address, apply [a] new label that has the customer's name and address to the package, and ship the package to the customer … [so that] the customer's information remains anonymous from the merchant."

     2. Patent application 20120011068 ("Mail My Way"), in which "a 'virtual address' or 'vanity address' is arbitrary character data defined by a mail recipient that is other than a physical address or mailing address of the customer … for use in lieu of their … physical address"

     3. Trademark application 8600747 ("Digital License Plate"), which concept includes "providing authentication of personal identification, secure storage of personal information, and encoding of identification information on valuable documents and products"

     Looks like they have indeed thought of similar things before, and I wasn't aware of them. This isn't an argument against my proposal, though. (If anything, it's an argument in favor.)

  2. "no system for storing records of coded customer identities and addresses for purposes of a product like [this] exists"

     … really? The USPS already maintains something virtually identical for storing records of PO Box holders' information, validating their ID, etc.

  3. "the feasibility of applying the concept to all types and shapes of mail (letters/card vs. flats vs. parcels)"

     It doesn't have to work for everything at once. E.g., PAF could be rolled out for letters/cards only at first. Iterative development is a good thing. Plus, letters only would enhance privacy.

  4. Allowing user-authorized access to PAF information to third parties only under a non-disclosure agreement "would raise legal and liability risks for the Postal Service".

     Again, it's OK if the first rollout doesn't include third party access. I'm not the USPS' lawyer so can't comment on liability for them, but I do believe that if PAF information is disclosed to third parties, an NDA is a non-negotiable requirement to adequately preserve user privacy.

  5. "refus[ing] PAF service to customers who are documented to have abused PAF or who have been convicted of mail fraud, identity theft, or abuse of legal process" would "[require] disclosure of a PAF customer’s name and actual physical location to third parties in order to confirm convictions or other necessary information. Alternatively, the Postal Service may have to collect such information from those third parties."

     That could be a potential plus (if handled with adequate privacy protections), but it certainly isn't a requirement. USPS regulations (DMM 508 §§4.4.5, 4.4.6, 4.9.1 & 4.9.2) already say that people can't have a PO box if they've abused it, etc etc. This is enforced simply by requiring the customer to make a sworn statement that they haven't, and lying on that (if discovered) has serious penalties. Again, as an initial step, the same approach would be adequate for my proposed restrictions on PAF users.

• Authority

  The USPS says that it has "limited investigative and/or developmental resources", "postal management determines if and when to devote resources to examining such issues", the "responsibilities and prerogatives to allocate its scarce capital, technological and human resources within the context of overall financial, operational, and service objectives, as determined by postal management", and "the duty to evaluate the feasibility, direction and prioritization of diverse pre-decisional product development investigations" especially if "the present unavailability of the product in question [doesn't] violate[] any policy of Title 39 U.S.C.".

  The USPS also says that the PRC shouldn't "interfere with the process of determining new product concepts", "compel postal management to justify its current priorities", "schedule or require negotiations or dialogue between the Postal Service and a requester under section 3642(a)", or even "direct[] the Postal Service to expend resources to analyze or develop any form of the proposed product concept beyond any the Postal Service may independently choose".

  Based on my phone call, my understanding is that the USPS believes the PRC should legitimately be involved in changes under dispute (e.g. how GameFly is currently upset at preferential treatment given to Netflix on DVD mailers) — but that it's the USPS' sole authority (based on 39 USC §403(a) and "title 39 as a whole") to determine its priorities. They also belive that the PRC shouldn't ask them to do something new without their first having determined it to be feasible to do, that 403(a) etc gives them sole authority to choose what to investigate for feasibility in the first place, and that they shouldn't have to disclose any information about that. Essentially, they don't believe that the PRC has the authority to make them do something new, nor to investigate doing so — only to make changes to existing services.

  Certainly, the USPS has to determine feasibility etc., and its resources are limited; it probably can't do or even investigate everything that is proposed. And I don't claim that the lack of PAF IDs violates the law.

  However, the USPS goes too far in claiming (or implying) that it has the sole authority to make such determinations. 39 USC §3642 (a, b) clearly says that product list changes and criteria-fitting determinations are made "by the Postal Regulatory Commission", not by the USPS, and that changes may be proposed by "users of the mails, or [the PRC]".

  While the USPS may well have primary control over its operations, the USPS' argument that the PRC shouldn't "interfere with the process of determining new product concepts" or "compel postal management to justify its current priorities" directly contradicts Congress' intent with the 2006 Postal Accountability and Enhancement Act (PAEA). The PRC has clearly been given a mandate to oversee and decide exactly those things. Letting the USPS unilaterally refuse to allow PRC oversight would completely gut that mandate.

  Likewse, the USPS' argument that the PRC shouldn't "require negotiations" with a requester — or even to direct them to "expend resources" for "any … proposed product" that the USPS doesn't "independently choose" — would completely gut the power given by the PAEA to individuals (like me) to propose changes in postal services. Their position is basically a "Catch-22 argument" — that they shouldn't do something new unless they think it's feasible, but they also shouln't even be asked to determine whether it's feasible.

  I would strongly prefer to work cooperatively with the USPS, and I believe that they do have a primary role in determining practical issues of feasibility and the like. However, this kind of blanket "not invented here" rejection doesn't demonstrate good faith in having a cooperative discussion of products proposed by ordinary citizens.

• Scheduling

  The USPS disagrees with the schedule extensions proposed by the PRC's Public Representative and by me, because:

  1. our proposal would "be flawed by the absence of any opportunity for [the USPS] to reply to initial comments"

     I have no opposition whatsoever to the USPS having opportunity to reply to initial comments; indeed, I encourage it. So far no initial comments have been filed at all anyway.

  2. our proposal would "delay the Commission’s ability to even begin the process of sorting through the merits of the PAF proposal", "strain the Commission’s resources in a way that the current schedule seeks to avoid", and "delay the resolution of this docket well beyond the length of time applicable to concurrent proceedings of greater significance and complexity"

     True, it would be a longer process. However, the Commission doesn't particularly need to do anything for most of it (merely accepting comments), and the USPS can choose how much it wants to reply. The additional "strain" is minimal and delaying resolution would not impede other proceedings. By contrast, it would allow for true public commment and discussion — which I think justifies delay of a couple months.

  3. "proceedings should not be delayed solely for the purpose [of] permitting … [someone] to mount a publicity campaign or to recruit allies in support of its position. [Decisions should be made based on] the various relevant policies of title 39, not by the numbers of parties who subscribe to various views regarding the merits of a particular product proposal."

     I've intentionally delayed disseminating this proposal until after the USPS' reply was in, because I believe the public should comment on an informed basis. I agree that a view isn't more justified merely by the number of people holding it. However, widespread desire for PAF would certainly be a merit in itself, which gets to the question of prioritization. Calling my desire for true public participation in what are supposed to be public comment periods a "publicity campaign" is rather unfair and dismissive of the value of public participation in policy-making.

  "On the other hand, the Postal Service understands that the Commission may need to adjust the scheduled November 13th date for the filing of reply comments based on when it is able to resume full operations and declare that parties are on notice of pleadings filed today."

  At least we agree on that one. :-)

Modifications I intend to propose

Since reading others' comments on my original PAF proposal, I believe the following modifications would be beneficial:

1. Have PAF IDs generated using some kind of pseudo-random permutation generator (like this), rather than a general pseudo-random number generator, to avoid the birthday paradox effect (otherwise it'd take increasingly long to generate PAF IDs). Credit: Ryan Castellucci

2. Allow users to configure their PAF IDs to refuse certain kinds of mail — primarily, bulk mail (aka spam) and any package large enough to contain a GPS device. Users could either grant an exemption to specific senders, or have a separate (more closely held) PAF ID without that restriction.

3. Add some teeth to the recommendation that third parties not refuse to accept PAF IDs unless they have a legitimate need to know your actual address. The PAF ID alone should suffice for any shipment method (once the major shippers adopt my proposed user-authorization API). Credit: Ryan Castellucci

   However, I don't know how to do this. I don't know how to adequately define "legitimate need". Nor do I know whether this legal context (i.e. USPS regulations) even has the power to impose such a PAF ID acceptance requirement on third parties or how it could be enforced.

   Similarly, it'd be nice if mailing a GPS tracker to a PAF ID in order to breach the user's privacy were illegal, but I don't know if that's possible to do in thie context.

4. Make the 1st PAF ID free (for humans). However, there are some pragmatic issues with that.

5. Have a public API to tell whether a given PAF ID is valid for delivery. If there are possible mail-type restrictions, it would also say what kinds of mail that PAF ID accepts. With user opt-in consent, the API would also disclose the user's legal name. Credit: Chris Phoenix, cphoenix at gmail

6. Have an audit log of all PAF ID accesses (whether by postal employees or third party API requests), to help deter / prosecute insider abuse. Credit: Matt Mastracci

7. Permit transfer of PAF IDs to another party (though see below re secondary market abuse deterrance).

8. Permit "vanity" PAF IDs (possibly at some reasonable cost), much like vanity license plates, in addition to purely random PAF IDs. This would be primarily for people for whom disclosing their name is not a problem. (They may also not per se care about protecitng the privacy of their location — though that would be preserved — but still want the convenience of a PAF ID.)

   Registration of a vanity address would require an extra annual fee (in addition to the general annual PAF maintenance fee). For individuals, the first 3 or so would be at a reasonable cost (~$30?). For corporations, the cost should be somehow proportional to the corporation's size and non-profit status. E.g. it'd be perfectly reasonable to charge Google or Microsoft on the order of $10k for the vanity PAF ID of their name, and probably reasonable to charge Goodwill on the order of $1k, but a small non-profit should probably get the same rates as individuals. Credit (for this and following parts): Yonatan Zunger

   To prevent collisions, vanity IDs would be case-insensitive and ignore any non-alphanumeric characters (just like random PAF IDs' hyphens are optional). Also, there would need to be some procedures (similar to those for vanity license plates, trademarks, and name changes) to ensure that vanity names are not obscene; are not so ambiguous as to probably confuse someone about who owns it; and that names that clearly reference a specific entity can only be registered by that entity. Also, there would need to be some combination of administrative burden and legal prohibition / enforcement ability to prevent secondary market abuse (like domain squatters), so that vanity names are only registered by people who actually want to use the name themselves.

   One vanity PAF ID in particular — "Santa Claus" and variants thereof — has already been registered by the USPS itself since 1912.

   The rules would be enforcable both by the USPS (with usual administrative appeals ability) and third parties (like a trademark owner or someone having the same name, claiming an equal or superior right to a given name), either to nullify the PAF ID and prohibit its use entirely (e.g. if it is too ambiguous or confusable, like someone trying to register "John Smith"), or to take it over entirely (e.g. if someone other than Google tries to register "Google").

9. Permit multi-address PAF IDs (for additional cost), primarily for corporate clients. For these, a single PAF ID would be actually delivered to the nearest / cheapest-to-send address on a list of addresses. For instance, if Goodwill has a PAF ID for donations, it would likely want such packages delivered to its nearest donation-processing center, of which there are hundreds. This would save money for the USPS and be more convenient for PAF users who have multiple locations. Credit: Yonatan Zunger

FAQ / issues

Again: I welcome comments, especially constructive ones. I'd appreciate being contacted directly so I can integrate your ideas into mine, but of course, you should definitely comment on the record if you have something you want to propose directly.

These are my responses to questions I've seen come up in discussions so far.

• Privacy

  1. Couldn't this be defeated by mailing a GPS tracker?

     Yes.

     However, that's a lot more work than most people would do, and definitely more than it requires now. Don't dismiss imperfect privacy solutions; raising the difficulty level of an attack does reduce its likelihood. All security is about risk reduction; risk elimination is impossible.

     If a PAF ID is e.g. restricted against delivery of packages (letters only), a GPS attack would be harder. (Though again, yes, not impossible, if you have a device that can fit in and survive processing of a regular letter envelope.)

     Of course, other public records (e.g. house ownership) still can lead to you. All this does is provide you a way to give others a mailable address that doesn't itself disclose your physical address. If they already have enough other info on you, it's too late to try to protect your privacy from them.

     This is meant to incrementally improve your privacy and make things more convenient, not be a panacea. That doesn't exist. Sorry.

  2. Aren't there more securely private methods?

     The only one I can think of is to have your mail go through a lawyer who represents you, refuses to disclose your identity without a warrant, will fight any such warrant, and has excellent operational security.

     It's not the same kind of protection as a 4th amendment subpoena/warrant requirement, but it's still pretty good, and of course your lawyer could be behind a PAF ID themselves to get that added layer. Depending on how privacy-conscious and helpful your lawyer is, you could get your mail emailed to you as an encrypted scan and then immediately shredded.

     In fact, this is basically what many companies routinely do already by only disclosing the address of an "agent for service of process" rather than their physical location.

     Of course, the downside is that it's way more expensive than a PAF ID would be, and also has the time delay if you want to get a physical delivery.

  3. Wouldn't this help spammers?

     They already have your info. It might help them a little by reducing costs of sending duplicate mail, but then that reduces how many pieces of spam you get, so on that score at least it's win/win.

     If they have your real address or even PO box, they can (and do) cross-reference it with a lot more info (and know your location). This would at least give you some chance at establishing a new, non-datamined address.

     I'd like to have PAF users be able to preemptively refuse all bulk mail, which would cut down on spam significantly (though not completely, and not from companies you do business with).

     Unfortunately, I'm not sure the USPS would be willing to allow that. Bulk mailers are a major source of their revenue, and would be certain to vigorously oppose such an option. I intend to propose it anyway, but if you want to see it happen, please submit a formal comment in support.

• Government

  1. Couldn't the government seize / redirect a PAF ID?

     Yes. They can do that already with the current system. And yes, the NSA probably will get a full dump anyway.

     These aren't changes. If the government goes through due process successfully, or if they choose to violate the Constitution, they can already do all that and more. Plus, the USPS already scans your mail.

  2. Could I use this for my driver's license or the like?

     I see no reason why not. (I've personally had a PO box listed on my driver's license before.)

     Of course, cops will need access to your real address so they can confirm a claim that you live where you say you do, arrest you if there's a warrant, etc. But there's no need for cashiers, bouncers, Amazon.com, etc to know that.

  3. Shouldn't this be free / cheaper?

     Preferably, yes. I'm hoping the USPS would agree to let everyone have at least 1 free PAF ID.

     Ideally, I'd prefer that it cost only nominal amount for you to give a different PAF ID to every separate entity you deal with, so you can detect when they sell your info and cut them off. That would be like "virtual account numbers" that some credit cards & banks offer or Google's application-specific passwords.

     However, the USPS is currently operating at a loss, and this will cost money to implement. They're going to want this to be profitable for them in order to OK it, and they have to be on board or it won't happen. Also, the price should be high enough to deter abuse by spammers and the like.

• Doesn't a private mailbox or PO box already do this?

  No.

  1. If it's not government run, you have zero 4th amendment rights; they can legally hand over your stuff without even a subpoena, even if you have a private agreement with them that says they won't. You can sue them for breaking the agreement, but you wouldn't be able to stop the disclosure or its use against you in court. Note that this also means you should be careful if you give e.g. FedEx/UPS access to your PAF ID, because though my proposal calls for them to have a mandatory non-disclosure and non-retention policy, they could still violate it. This is one of the reasons why I also think you should have multiple IDs.

     If it's run by the USPS, you have 4th amendment due process rights on disclosure. Yes, they can still get a warrant, and you could lose a John Doe motion to suppress a subpoena, but it's more than nothing.

  2. Mailing twice (sender → intermediary → you) is more expensive and time consuming. In that sense, PAF IDs are very similar to the military's use of APO/FPO mailing addresses (though those provide no due process protection against the government, and PAF IDs would).

  3. You're only allowed to have a PO box where you live. If you move, you have to get a new one (which is a hassle) and update your address with all third parties who send you mail. With a PAF ID, you only have to make one update, with the USPS, and it doesn't matter where you live (as long as the USPS delivers there).

  4. You're not allowed to have multiple PO boxes. You can have multiple PAF IDs — and e.g. segregate addresses you use for work, personal mail, private purchases, etc. (You would however need to tell your bank about it, have multiple credit cards, or the like, so that payment address verification still works. It's necessary to reduce credit card fraud.)

• Are you some sort of shill?

  Um, no. Take a look at my projects and presentations. You'll see I have a long history of strongly supporting civil liberties and privacy in particular. I'm a whitehat hacker.

Proposal (gdoc) - Updates - Schedule - Comments (formal, informal) - USPS' position (privacy, operations, authority, scheduling) - My planned changes - FAQ - Shameless plugs


1. Original PAF proposal, page 2, part 2(d)
2. The idea to allow users to grant API access to third party shippers was a last minute addition, which is why my original proposal is a little inconsistent on that point (on page 2 part 2(d), and 5 part 4). Sorry about that.