WASHINGTON, December 13, 2019 – The industry group that is hammering out technical standards governing an anti-robocall framework announced Thursday that that the STIR/SHAKEN framework will launch on Monday, December 16, 2019.
The launch of STIR/SHAKEN calling verification service won’t be final word in ending robocalls. But the much-anticipated milestone does represent a significant achievement for the creation of an entirely new framework governing authenticated telephony.
The rampant rise of robocalls have made person-less phone calls uniquely despised. The widespread disgust associated with time-wasting, distracting and fraudulent calls highlights the one thing that Republicans, Democrats and independents can all agree upon: Government must stop robocalls.
Indeed, the announcement of Monday’s launch of the STIR/SHAKEN framework by the Secure Telephone Identity Governance Authority (STI-GA) is merely one of three forums in which the battle against robocalls is being waged.
“The successful launch of STIR/SHAKEN by the industry-led STI-GA is a major step in the fight to mitigate illegal robocalls and Caller ID spoofing,” STI-GA Chair Linda Vandeloop said Thursday.
In addition to the for-now-voluntary STIR/SHAKEN standard, legislation mandating the use of STIR/SHAKEN by the providers of telephone service is likely to be passed by Congress within the next week.
Even if legislation isn’t passed, Federal Communications Commission Chairman Ajit Pai has done everything possible to rally responsible telephone providers against robocalling – up to and including Thursday’s $10 million fine against an allegedly illegal robocaller.
The origins of STIR/SHAKEN call authentication framework
STIR/SHAKEN is an industry-developed system to authenticate caller ID and hence address unlawful telephone call spoofing. It is designed to confirm that a call actually comes from the number indicated in the Caller ID, or – alternatively – at least to attest that the call entered the U.S. telephone network through a particular voice service provider or gateway.
STIR stands for Secure Telephony Identity Revisited, and is a standard developed by the Internet Engineering Task Force. The loosely-form acronym SHAKEN stands for the “Signature-based Handling of Asserted information using toKENs.”
It is this latter standard that has been the subject of intensive negotiation among telephony engineers in the STI-GA, which was formed to develop STIR/SHAKEN, as well as the non-profit telecom standards organization Alliance for Telecommunications Industry Solutions.
Importantly, the STIR/SHAKEN framework only works on the internet protocol-based telephone networks, including Voice over Internet Protocol services, to which most enterprise callers have migrated.
Estimates vary widely, but a significant chunk of traffic of calls on the public switched telephone network – perhaps as much as half — remain non-IP-based calls. Robocallers, however, almost all use VoIP.
The fundamental idea behind STIR/SHAKEN is that, using public key cryptography, a telephony provider would “provide assurances that Caller ID information transmitted with a particular call is accurate,” according to the FCC’s June 7, 2019, declaratory ruling on robocalls. “Once an originating or gateway provider has implemented these standards, it should sign, or attest to, all IP-based calls originating on its IP-based network or entering the network through its gateway.”
There are three levels of attestation: Level A, or full attestation; Level B, or partial attestation; and Level C, or gateway attestation.
Level A is easy. When a customer using a telephony provider’s network originates a call, and the telephony provider knows that number is associated with a legitimate customer, the provider passes the Level A attestation to the receiving telephone network.
Level C is also pretty straightforward: It refers to the minimal level of attestation that is expected when, for example, a foreign-originating call enters the gateway to a U.S.-provider’s telephone network. The domestic telephone carrier would pass the “Level C” attestation to the terminating carrier, or the carrier of the person who receives the phone call.
Key determinations about attestation of STIR/SHAKEN have yet to be made
In announcing the availability of the calling number verification service, the industry groups STI-GA and ATIS were mum on one of the major issues still in dispute in regard to Level B attestation.
In other words, the rules that govern partial attestation – when the signing voice service provider has not established a verified association with the phone number, but has some other kind of direct relationship with the customer in question – have not yet been made clear.
Beginning on Monday, December 16, however, voice service providers can register with iconectiv, which is the Secure Telephone Identity Policy Administrator, to obtain credentials in order to acquire STI certificates from approved Certification Authorities.
These certificates will be used to authenticate Caller ID, inform customers if the Caller ID was spoofed and to facilitate tracing calls back to their origin.
“Setting SHAKEN into action completes a major milestone in an initiative that brought the industry together through ATIS to find a solution to address the formidable challenge of illegal robocalling,” said ATIS CEO Susan Miller. “This development advances a top industry priority critical to restoring consumer trust in the voice network.”
ATIS and the policy body STI-GA recommended that service providers read the Service Provider Guidelines before registering for the call verification service online. Once registered, service providers will be able to access a list of Certification Authorities that can assign digital certificates used to sign calls and authenticate Caller ID.
If industry self-regulation of robocalls falters, legislation is likely to mandate telephony rules
On Wednesday, December 4, 2019, on a 417-3 vote, the House approved passage of S. 151, the Pallone-Thune “Telephone Robocall Abuse Criminal Enforcement and Deterrence Act,” or the TRACED Act, sponsored by House Energy and Commerce Committee Chairman Frank Pallone, D-N.J., and former Senate Commerce Committee Chairman John Thune, R-S.D.
The revised legislation built upon Thune’s TRACED Act, and effectively requires the implementation of the STIR/SHAKEN technology that is still under development. On December 4, the House incorporated some element of Pallone’s prior H.R. 3375, the Stopping Bad Robocalls Act – and which had not mentioned or mandated STIR/SHAKEN.
The House-passed bill, which now awaits passage by the Senate, “require[s] a provider of voice service to implement the STIR/SHAKEN authentication framework in the internet protocol networks of the provider of voice service” within 18 months of the passage of the legislation.
There are, however, many reasons why certain call spoofing may be legitimate. At a June forum on the subject, Rebecca Thompson, the head of government affairs at Twilio, illustrated several examples. These include protecting Uber riders’ numbers, womens’ shelters and crisis counseling lines preserving safety and privacy. She also pointed out cases of legitimate robocalls, including notifications from schools or emergency providers, that could potentially be blocked.
The TRACED act includes a provision requiring the FCC to develop rules, no later than one year after passage, that would create a safe harbor “establishing when a provider of voice service may block a voice call based, in whole or in part, on information provided by the [STIR/SHAKEN] call authentication framework.”
Pai attempt bully-pulpit regulation and enforcement, even before TRACED Act’s passage
The legislation will give the FCC authority to prosecute robocallers that it might otherwise lack.
In a speech at an anti-robocall symposium on November 22, 2019, Pai said that while he was grateful for industry efforts to implement STIR/SHAKEN, “the reality is were are only seven weeks away from the end-of-the-year deadline, and we are not yet seeing sufficient implementation by all major voice providers.”
He continued: “To any carriers out there who might not be treating this deadline with the urgency it deserves, I am putting them on notice now: at my direction, Commission staff is actively working on developing regulations to make this happen. If industry doesn’t get the job done on time, I will not hesitate to call an FCC vote on these new rules.”
Even without authority to go after carriers who dally in implementing a still-incomplete STIR/SHAKEN, the FCC is taking enforcement action against robocallers using the authority granted from other legislation.
Indeed, on Thursday, the FCC imposed a $9,997,750 fine in issuing a “notice of apparent liability” against Kenneth Moser and his telemarketing company Marketing Support Systems.
The FCC said that he apparently made more than 47,000 unlawful spoofed robocalls over a two-day period by spoofing the telephone number assigned to another telemarketing company when transmitting prerecorded voice calls against a political candidate shortly before California’s 2018 primary election.
Moser, who was in the business of providing political robocall services, spoofed the number of another company that provides robocalling services to political candidates. The spoofing generated many complaints from consumers who received the calls, and a cease-and-desist letter from the candidate against whom the calls were allegedly made.
The California Secretary of State referred a complaint about the matter to the FCC’s Enforcement Bureau, and which used the Truth in Caller ID Act has the basis for the fine.
In addition to finding that Moser apparently violated the Truth in Caller ID Act, the FCC’s Enforcement Bureau found that Moser sent more than 11,000 prerecorded voice messages to wireless phones, without consent, in violation of the Telephone Consumer Protection Act’s.
The Enforcement Bureau found that Moser also violated the TCPA’s requirement that prerecorded messages include the phone number and identity of the entity responsible for initiating the call. As a result, the Bureau also issued a citation for TCPA violations.
About the author:
Drew Clark, the Editor and Publisher of BroadbandBreakfast.com, is a nationally-respected telecommunications attorney at The CommLaw Group. He has closely tracked the trends in and mechanics of digital infrastructure for 20 years, and has helped fiber-based and fixed wireless providers navigate coverage, identify markets, broker infrastructure, and operate in the public right of way. Additionally, see a related advisory laying out some of the salient issues with SHAKEN/STIR that may be of interest to many providers of telecommunications and Voice over Internet Protocol (VoIP) services.
Cable Group NCTA Says Deny Exclusive Multitenant Access, But Not Wiring, Agreements
NCTA said the FCC should deny exclusive access to these buildings, but not exclusive wiring agreements.
WASHINGTON, September 8, 2021 – The internet and television association NCTA is suggesting that the Federal Communications Commission deny all broadband providers exclusive access to multitenant buildings, but to continue allowing exclusive wiring agreements.
On Tuesday, the FCC opened a new round of comments into its examination of competitive broadband options for residents of apartments, multi-tenant and office buildings.
In a Tuesday ex parte notice to the commission, which follows a formal meeting with agency staff on September 2, the NCTA said the record shows that deployment, competition, and consumer choice in multiple tenant environments “are strong,” and that the FCC can “promote even greater deployment and competition by prohibiting not just cable operators, other covered [multiple video programming distributors], and telecommunications carriers, but all broadband providers from entering into MTE exclusive access agreements.
The organization, whose member companies include Comcast, Cox Communications and Charter Communications, also said it should continue to allow providers to enter into exclusive wiring agreements with MTE owners. Wiring just means that the provider can lay down its cables, like fiber, to connect residents.
“Exclusive wiring agreements do not deny new entrants access to MTEs. Rather, exclusive wiring agreements are pro-competitive and help ensure that state-of-the-art wiring will be deployed in MTEs to the benefit of consumers.”
The NCTA also told the FCC that there would be technical problems with simultaneous sharing of building wires by different providers and vouched for exclusive marketing arrangements, according to the notice.
The FCC’s new round of comments comes after a bill, introduced on July 30 by Rep. Yvette Clarke, D-New York, outlined plans to address exclusivity agreements between residential units and service providers, which sees providers lock out other carriers from buildings and leaving residents with only one option for internet.
Reached for comment on the filing, a spokesman for NCTA said they had nothing to add to the filing, which was signed by Mary Beth Murphy, deputy general counsel to the cable organization.
Hytera’s Inclusion on FCC’s National Security Blacklist ‘Absurd,’ Client Says
Diversified Communications Group said the FCC flubbed on adding Hytera to blacklist.
WASHINGTON, September 8, 2021 – A client of a company that has been included in a list of companies the Federal Communications Commission said pose threats to the security of the country’s networks is asking the agency to reconsider including the company.
In a letter to the commission on Tuesday, Diversified Communications Group, which installs and distributes two-way radio communications devices to large companies, said the inclusion of Hytera Communications Corporation, a Chinese manufacturer of radio equipment, on a list of national security threats is “absurd” because the hardware involved is not connected to the internet and “does not transmit any sensitive or proprietary data.
“It seems that Hytera has been lumped in with other Chinese companies on the Covered List simply because they happen to manufacture electronics in the same country,” Diversified’s CEO Ryan Holte said in the letter, adding Hytera’s products have helped Diversified’s business thrive.
“This is a wrong that should be righted. Hytera is not a national security risk. They are an essential business partner to radio companies throughout the U.S.,” the CEO added.
In March, the FCC announced that it had designated Hytera among other Chinese businesses with alleged links to the Communist government. Others included Huawei, ZTE, Hangzhou Hikvision Digital Technology, and Dahua Technology.
List among a number of restrictions on Chinese companies
This list of companies was created in accordance with the Secure Networks Act, and the FCC indicated that it would continue to add companies to the list if they are deemed to “pose an unacceptable risk to national security or the security and safety of U.S. persons.”
Last month, the Senate commerce committee passed through legislation that would compel the FCC to no longer issue new equipment licenses to China-backed companies.
Last year the U.S. government took steps to ensure that federal agencies could not purchase goods or services from the aforementioned companies, and had previously added them to an economic blacklist.
In July, the FCC voted in favor of putting in place measures that would require U.S. carriers to rip and replace equipment by these alleged threat companies.
The Biden administration has been making moves to isolate alleged Chinese-linked threats to the country’s networks. In June, the White House signed an executive order limiting investments in predominantly Chinese companies that it said poses a threat to national security.
FCC Says 5 Million Households Now Enrolled in Emergency Broadband Benefit Program
The $3.2 billion program provides broadband and device subsidies to eligible low-income households.
August 30, 2021—The Federal Communications Commission announced Friday that five million households have enrolled in the Emergency Broadband Benefit program.
The $3.2-billion program, which launched in May, provides a broadband subsidy of $50 per month to eligible low-income households and $75 per month for those living on native tribal lands, as well as a one-time reimbursement on a device. Over 1160 providers are participating, the FCC said, who are reimbursed the cost to provide the discounted services.
The agency has been updating the public on the number of participating households for the program. In June, the program was at just over three million and had passed four million last month. The program was part of the Consolidated Appropriations Act of 2021.
“Enrolling five million households into the Emergency Broadband Benefit Program in a little over three months is no small feat,” said FCC Acting Chairwoman Jessica Rosenworcel. “This wouldn’t have been possible without the support of nearly 30,000 individuals and organizations who signed up as volunteer outreach partners.”
Rosenworcel added that conversations with partners and the FCC’s analysis shows the need for “more granular data” to bring these opportunities to more eligible families.
The program’s strong demand was seen as far back as March.
- Broadband Breakfast on Wednesday, September 29, 2021 — Best Practices for Delivering Rural Networks
- Infrastructure Bill Opportunity to Show Efficiency of Shared Infrastructure, Conference Hears
- Focus of Broadband Expansion Should Be On Last Mile, Says President of CETF
- Counties, Private Providers Clash Over Merits of Open Access Networks
- House Could Vote on Infrastructure Thursday, Senators Want Rosenworcel Permanent, JSI Buys Mid-State
- Pandemic and Funding Programs Increasing Investments in Broadband and M&A, Conference Hears
Signup for Broadband Breakfast
Broadband Roundup2 months ago
Senators Intro App Bill, Groups Drop TracFone Buy Complaint, States Want Shorter Robocall Deadline
Infrastructure4 months ago
AT&T CEO Says $60-$80 Billion in Federal Dollars Should Suffice to Bridge Digital Divide
Antitrust3 months ago
Experts Disagree Over Need, Feasibility of Global Standards for Antitrust Rules
Infrastructure2 months ago
Lumen Responds to Allegations it Underbuilds While Collecting Public Funds
Artificial Intelligence4 months ago
Deepfakes Could Pose A Threat to National Security, But Experts Are Split On How To Handle It
Broadband Roundup1 month ago
Mapping Comment Deadline Extended, AT&T Gets Federal Contract, 5G and LTE Drive Microwave Demand
Broadband Roundup3 months ago
AT&T Labelling Over 1B Robocalls, NTIA Updates Broadband Guide, Fiber Assoc. Says Current Speeds Inadequate
Antitrust3 months ago
House Judiciary Committee Clears Six Antitrust Bills Targeting Big Tech Companies