Gmail already has a system for using one account to unlock another, so no changes required there. A bank, USPS, or DMV generally requires ID or other identifying documents. The people we're trying to help often struggle to retain physical possessions like ID.
It's not that I'm determined to not find solutions. It's that I am determined to find solutions that don't create a degraded security state ready-made to abuse people's email accounts. Sometimes finding a good solution requires looking somewhere other than under the streetlight.
Like others, I'm led to the conclusion that perhaps Google isn't the party best positioned to solve this particular pain point for our most vulnerable and marginalized community members. Maybe we should be paying more attention to why Lifeline numbers aren't portable.
It's routine in disaster relief situations that people lose all their documents but then governments step in and allow identity verification via vouching: this other person Alice says you're Bob. Then Bob gets his photo on a temporary ID document and gets a DR payment.
Social workers, shelters, libraries etc are well placed to support that. They know these people because they see them every day.
If you choose to enrol in the "community assisted recovery" process then you could enrol a new device into your email with their help. Put a big red banner at the top of the email client saying "Community recovery via Topeka Library, Kansas".
Lifeline numbers aren't portable because people have no way to prove their ownership of the previous number, because they have no ID.
This feels ever-increasingly like asking Google to cover the role of a government agency. Universal service is something we expect of government agencies. It's rarely something we expect of private enterprise.
The whole "community recovery" concept sets my teeth on edge. It's a whole alternative authentication avenue ripe for exploitation. Anything that positive and innocuous sounding is going to be the target of many an abuse campaign - think Cambridge Analytica and all the people who handed over their info to innocuous-looking things. Telling people all their info has been stolen isn't all that helpful for protecting them and knowing the specific library or shelter that authorized it will do very little to help.
Plus it turns the people designated as recovery agents into high-value targets.
Again, I'm not trying to avoid finding a solution. I'm trying to avoid finding a "solution" that puts a large number of people at risk unnecessarily.
You could easily limit this program to people using Lifeline phones, or enrolled with a geolocated homeless support organisation. The vouching agents can't be high value targets if they're protecting the identity of impoverished people.
It's not that I'm determined to not find solutions. It's that I am determined to find solutions that don't create a degraded security state ready-made to abuse people's email accounts. Sometimes finding a good solution requires looking somewhere other than under the streetlight.
Like others, I'm led to the conclusion that perhaps Google isn't the party best positioned to solve this particular pain point for our most vulnerable and marginalized community members. Maybe we should be paying more attention to why Lifeline numbers aren't portable.