> The issue is just that they don't value their customers privacy high enough to do a proper check.
I think the real issue is that the backlash from politicians and the public for failing to respond to a legitimate emergency will be orders of magnitude larger than the backlash for disclosing some customer information.
The solution to that is having a well defined and understood mechanism to verify the police departments that the departments can easily be referred to (or look up themselves in advance) to fall back on.
For example, in the U.S. E911 services use a database of coordinates and other info to determine what police department to route you to based on location. Requiring an EDR to come from an agency in this database (or larger state and federal institutions that are well known) could solve a lot of this problem. Having a way to look up police badges might help as well, and is also just a good idea.
An EDR is essentially the same as some person on the street stopping you and saying they are police and need to commandeer your vehicle. It makes sense to verify that in some way (such as a badge), as otherwise even if you think a crime has just been committed, you could just as easily be giving a vehicle to the criminal as the police.
It shouldn’t and can not be the responsibility of the recipient to solve this. All the blame rests of the federal legislators, not companies which have to process requests from entities without any clear mechanism to verify them.
> It makes sense to verify that in some way (such as a badge)
But that’s hardly real verification, a badge is trivial to fake.
Yes, but in certain situations is very unlikely to be present. It's not a great way to verify an officer of the law, but it's better than nothing, and lack of it is a good indication that someone is not one.
I think the real issue is that the backlash from politicians and the public for failing to respond to a legitimate emergency will be orders of magnitude larger than the backlash for disclosing some customer information.