Connect with us

FCC

Telephony Industry Rises to the Challenge of Robocalls, With Legislation, Regulation and Enforcement Close Behind

Published

on

Photo of FCC Chairman Ajit Pai at the 2019 FCBA Chairman's Dinner by Drew Clark

WASHINGTON, December 13, 2019 – The industry group that is hammering out technical standards governing an anti-robocall framework announced Thursday that that the STIR/SHAKEN framework will launch on Monday, December 16, 2019.

The launch of STIR/SHAKEN calling verification service won’t be final word in ending robocalls. But the much-anticipated milestone does represent a significant achievement for the creation of an entirely new framework governing authenticated telephony.

The rampant rise of robocalls have made person-less phone calls uniquely despised. The widespread disgust associated with time-wasting, distracting and fraudulent calls highlights the one thing that Republicans, Democrats and independents can all agree upon: Government must stop robocalls.

Indeed, the announcement of Monday’s launch of the STIR/SHAKEN framework by the Secure Telephone Identity Governance Authority (STI-GA) is merely one of three forums in which the battle against robocalls is being waged.

“The successful launch of STIR/SHAKEN by the industry-led STI-GA is a major step in the fight to mitigate illegal robocalls and Caller ID spoofing,” STI-GA Chair Linda Vandeloop said Thursday.

In addition to the for-now-voluntary STIR/SHAKEN standard, legislation mandating the use of STIR/SHAKEN by the providers of telephone service is likely to be passed by Congress within the next week.

Even if legislation isn’t passed, Federal Communications Commission Chairman Ajit Pai has done everything possible to rally responsible telephone providers against robocalling – up to and including Thursday’s $10 million fine against an allegedly illegal robocaller.

The origins of STIR/SHAKEN call authentication framework

STIR/SHAKEN is an industry-developed system to authenticate caller ID and hence address unlawful telephone call spoofing. It is designed to confirm that a call actually comes from the number indicated in the Caller ID, or – alternatively – at least to attest that the call entered the U.S. telephone network through a particular voice service provider or gateway.

STIR stands for Secure Telephony Identity Revisited, and is a standard developed by the Internet Engineering Task Force. The loosely-form acronym SHAKEN stands for the “Signature-based Handling of Asserted information using toKENs.”

It is this latter standard that has been the subject of intensive negotiation among telephony engineers in the STI-GA, which was formed to develop STIR/SHAKEN, as well as the non-profit telecom standards organization Alliance for Telecommunications Industry Solutions.

Importantly, the STIR/SHAKEN framework only works on the internet protocol-based telephone networks, including Voice over Internet Protocol services, to which most enterprise callers have migrated.

Estimates vary widely, but a significant chunk of traffic of calls on the public switched telephone network – perhaps as much as half — remain non-IP-based calls. Robocallers, however, almost all use VoIP.

The fundamental idea behind STIR/SHAKEN is that, using public key cryptography, a telephony provider would “provide assurances that Caller ID information transmitted with a particular call is accurate,” according to the FCC’s June 7, 2019, declaratory ruling on robocalls. “Once an originating or gateway provider has implemented these standards, it should sign, or attest to, all IP-based calls originating on its IP-based network or entering the network through its gateway.”

There are three levels of attestation: Level A, or full attestation; Level B, or partial attestation; and Level C, or gateway attestation.

Level A is easy. When a customer using a telephony provider’s network originates a call, and the telephony provider knows that number is associated with a legitimate customer, the provider passes the Level A attestation to the receiving telephone network.

Level C is also pretty straightforward: It refers to the minimal level of attestation that is expected when, for example, a foreign-originating call enters the gateway to a U.S.-provider’s telephone network. The domestic telephone carrier would pass the “Level C” attestation to the terminating carrier, or the carrier of the person who receives the phone call.

Key determinations about attestation of STIR/SHAKEN have yet to be made

In announcing the availability of the calling number verification service, the industry groups STI-GA and ATIS were mum on one of the major issues still in dispute in regard to Level B attestation.

In other words, the rules that govern partial attestation – when the signing voice service provider has not established a verified association with the phone number, but has some other kind of direct relationship with the customer in question – have not yet been made clear.

Beginning on Monday, December 16, however, voice service providers can register with iconectiv, which is the Secure Telephone Identity Policy Administrator, to obtain credentials in order to acquire STI certificates from approved Certification Authorities.

These certificates will be used to authenticate Caller ID, inform customers if the Caller ID was spoofed and to facilitate tracing calls back to their origin.

“Setting SHAKEN into action completes a major milestone in an initiative that brought the industry together through ATIS to find a solution to address the formidable challenge of illegal robocalling,” said ATIS CEO Susan Miller. “This development advances a top industry priority critical to restoring consumer trust in the voice network.”

ATIS and the policy body STI-GA recommended that service providers read the Service Provider Guidelines before registering for the call verification service online. Once registered, service providers will be able to access a list of Certification Authorities that can assign digital certificates used to sign calls and authenticate Caller ID.

If industry self-regulation of robocalls falters, legislation is likely to mandate telephony rules

On Wednesday, December 4, 2019, on a 417-3 vote, the House approved passage of S. 151, the Pallone-Thune “Telephone Robocall Abuse Criminal Enforcement and Deterrence Act,” or the TRACED Act, sponsored by House Energy and Commerce Committee Chairman Frank Pallone, D-N.J., and former Senate Commerce Committee Chairman John Thune, R-S.D.

The revised legislation built upon Thune’s TRACED Act, and effectively requires the implementation of the STIR/SHAKEN technology that is still under development. On December 4, the House incorporated some element of Pallone’s prior H.R. 3375, the Stopping Bad Robocalls Act – and which had not mentioned or mandated STIR/SHAKEN.

The House-passed bill, which now awaits passage by the Senate, “require[s] a provider of voice service to implement the STIR/SHAKEN authentication framework in the internet protocol networks of the provider of voice service” within 18 months of the passage of the legislation.

There are, however, many reasons why certain call spoofing may be legitimate. At a June forum on the subject, Rebecca Thompson, the head of government affairs at Twilio, illustrated several examples. These include protecting Uber riders’ numbers, womens’ shelters and crisis counseling lines preserving safety and privacy. She also pointed out cases of legitimate robocalls, including notifications from schools or emergency providers, that could potentially be blocked.

The TRACED act includes a provision requiring the FCC to develop rules, no later than one year after passage, that would create a safe harbor “establishing when a provider of voice service may block a voice call based, in whole or in part, on information provided by the [STIR/SHAKEN] call authentication framework.”

Pai attempt bully-pulpit regulation and enforcement, even before TRACED Act’s passage

The legislation will give the FCC authority to prosecute robocallers that it might otherwise lack.

In a speech at an anti-robocall symposium on November 22, 2019, Pai said that while he was grateful for industry efforts to implement STIR/SHAKEN, “the reality is were are only seven weeks away from the end-of-the-year deadline, and we are not yet seeing sufficient implementation by all major voice providers.”

He continued: “To any carriers out there who might not be treating this deadline with the urgency it deserves, I am putting them on notice now: at my direction, Commission staff is actively working on developing regulations to make this happen. If industry doesn’t get the job done on time, I will not hesitate to call an FCC vote on these new rules.”

Even without authority to go after carriers who dally in implementing a still-incomplete STIR/SHAKEN, the FCC is taking enforcement action against robocallers using the authority granted from other legislation.

Indeed, on Thursday, the FCC imposed a $9,997,750 fine in issuing a “notice of apparent liability” against Kenneth Moser and his telemarketing company Marketing Support Systems.

The FCC said that he apparently made more than 47,000 unlawful spoofed robocalls over a two-day period by spoofing the telephone number assigned to another telemarketing company when transmitting prerecorded voice calls against a political candidate shortly before California’s 2018 primary election.

Moser, who was in the business of providing political robocall services, spoofed the number of another company that provides robocalling services to political candidates. The spoofing generated many complaints from consumers who received the calls, and a cease-and-desist letter from the candidate against whom the calls were allegedly made.

The California Secretary of State referred a complaint about the matter to the FCC’s Enforcement Bureau, and which used the Truth in Caller ID Act has the basis for the fine.

In addition to finding that Moser apparently violated the Truth in Caller ID Act, the FCC’s Enforcement Bureau found that Moser sent more than 11,000 prerecorded voice messages to wireless phones, without consent, in violation of the Telephone Consumer Protection Act’s.

The Enforcement Bureau found that Moser also violated the TCPA’s requirement that prerecorded messages include the phone number and identity of the entity responsible for initiating the call. As a result, the Bureau also issued a citation for TCPA violations.

About the author:

Drew Clark, the Editor and Publisher of BroadbandBreakfast.com, is a nationally-respected telecommunications attorney at The CommLaw Group. He has closely tracked the trends in and mechanics of digital infrastructure for 20 years, and has helped fiber-based and fixed wireless providers navigate coverage, identify markets, broker infrastructure, and operate in the public right of way. Additionally, see a related advisory laying out some of the salient issues with SHAKEN/STIR that may be of interest to many providers of telecommunications and Voice over Internet Protocol (VoIP) services.

Breakfast Media LLC CEO Drew Clark is a nationally respected U.S. telecommunications attorney. An early advocate of better broadband, better lives, he founded the Broadband Census crowdsourcing campaign for better broadband data in 2008. That effort became the Broadband Breakfast media community. As Editor and Publisher, Clark presides over news coverage focused on digital infrastructure investment, broadband’s impact, and Big Tech. Under the American Recovery and Reinvestment Act of 2009, Clark served as head of the Partnership for a Connected Illinois, a state broadband initiative. Now, in light of the 2021 Infrastructure Investment and Jobs Act, attorney Clark helps fiber-based and wireless clients secure funding, identify markets, broker infrastructure and operate in the public right of way. He also helps fixed wireless providers obtain spectrum licenses from the Federal Communications Commission. The articles and posts on Broadband Breakfast and affiliated social media, including the BroadbandCensus Twitter feed, are not legal advice or legal services, do not constitute the creation of an attorney-client privilege, and represent the views of their respective authors.

FCC

FCC Institutes ACP Transparency Data Collection

The FCC stated that it will lean on the newly mandated broadband nutrition labels.

Published

on

Photo of people working on computers, cropped, in 2011 by Victor Grigas

WASHINGTON, November 23, 2022 – The Federal Communications Commission last week adopted an order that mandated annual reporting from all providers participating in the Affordable Connectivity Program, a federal initiative that subsidizes the internet-service and device costs of low-income Americans.

The FCC order establishing the ACP Transparency Data Collection, not released until Wednesday, requires ACP-affiliated providers to disclose prices, subscription rates, and other plan characteristics on yearly basis. The FCC stated that it will lean on the newly mandated broadband nutrition labels, which, it says, will ease regulatory burdens for providers.

The FCC created the Transparency Data Collection pursuant to the statutory requirements of the Infrastructure, Investment and Jobs Act of 2021. The commission adopted a notice of proposed rulemaking in June.

Earlier this year, T-Mobile endorsed the nutrition-label method of collection. Industry associations including IMCOMPAS and the Wireless Internet Service Providers Associations warned the FCC against instituting excessive reporting burdens.

“To find out whether this program is working as Congress intended, we need to know who is participating, and how they are using the benefit,” said Chairwoman Jessica Rosenworcel.  “So we’re doing just that.  The data we collect will help us know where we are, and where we need to go. We’re also standardizing the way we collect data, and looking for other ways to paint a fuller picture of how many eligible households are participating in the ACP.  We want all eligible households to know about this important benefit for affordable internet service.”

Although the ACP is highly touted by the FCC, the White House, and industry experts, there is evidence the fund has been exploited by fraudsters, according to a watchdog. In September, the FCC Office of Inspector General issued a report that found the ACP handed out more than $1 million in improper benefits. In multiple instances, according to the OIG, the information of a qualifying individual was improperly used for hundreds of applications, achieving payouts of hundreds of thousands of dollars.

Last month, Rep. Frank Pallone, D-N.J., contacted 13 leading internet service providers, requesting details on alleged fishy business practices connected to the ACP and its predecessor, the Emergency Broadband Benefit Program.

Continue Reading

Broadband's Impact

Federal Communications Commission Mandates Broadband ‘Nutrition’ Labels

The FCC also mandated that internet service provider labels be machine-readable.

Published

on

Federal Communications Commission Chairwoman Jessica Rosenworcel

WASHINGTON, November 18, 2022 – The Federal Communications Commission on Thursday afternoon ordered internet providers to display broadband “nutrition” labels at points of sale that include internet plans’ performance metrics, monthly rates, and other information that may inform consumers’ purchasing decisions.

The agency released the requirement less than 24 hours before it released the first draft of its updated broadband map.

The FCC mandated that labels be machine-readable, which is designed to facilitate third-party data-gathering and analysis. The commission also requires that the labels to be made available in customers’ online portals with the provide the and “accessible” to non-English speakers.

In addition to the broadband speeds promised by the providers, the new labels must also display typical latency, time-of-purchase fees, discount information, data limits, and provider-contact information.

“Broadband is an essential service, for everyone, everywhere. Because of this, consumers need to know what they are paying for, and how it compares with other service offerings,”  FCC Chairwoman Jessica Rosenworcel said in a statement. 

“For over 25 years, consumers have enjoyed the convenience of nutrition labels on food products.  We’re now requiring internet service providers to display broadband labels for both wireless and wired services.  Consumers deserve to get accurate information about price, speed, data allowances, and other terms of service up front.”

Industry players robustly debated the proper parameters for broadband labels in a flurry of filings with the FCC. Free Press, an advocacy group, argued for machine-readable labels and accommodations for non-English speakers, measures which were largely opposed by trade groups. Free Press also advocated a requirement that labels to be included on monthly internet bills, without which the FCC “risks merely replicating the status quo wherein consumers must navigate fine print, poorly designed websites, and byzantine hyperlinks,” group wrote.

“The failure to require the label’s display on a customer’s monthly bill is a disappointing concession to monopolist ISPs like AT&T and Comcast and a big loss for consumers,” Joshua Stager, policy director of Free Press, said Friday.

The Wireless Internet Service Providers Association clashed with Free Press in its FCC filing and supported the point-of-sale requirement.

“WISPA welcomes today’s release of the FCC’s new broadband label,” said Vice President of Policy Louis Peraertz. “It will help consumers better understand their internet access purchases, enabling them to quickly see ‘under the hood,’ and allow for an effective apples-to-apples comparison tool when shopping for services in the marketplace.”

Image of the FCC’s sample broadband nutrition label

Continue Reading

FCC

FCC to Establish New Space Bureau, Chairwoman Says

‘The new space age has turned everything we know about how to deliver critical space-based services on its head.’

Published

on

Photo of FCC Chairwoman Jessica Rosenworcel, via fcc.gov

WASHINGTON, November 3, 2022 — The Federal Communications Commission will add a new space bureau that will modernize regulations and facilitate innovation, Chairwoman Jessica Rosenworcel announced Thursday.

The new bureau is intended to facilitate American leadership in the space economy, boost the Commission’s technical capacity, and foster interagency cooperation, Rosenworcel said, speaking at the National Press Club.

“The new space age has turned everything we know about how to deliver critical space-based services on its head,” Rosenworcel said. “But the organizational structures of the [FCC] have not kept pace,” she added.

The space economy is “on a monumental run” of growth and innovation, the chairwoman argued, and the FCC must remodel itself to facilitate continued growth. Rosenworcel said the commission is currently reviewing 64,000 new satellite applications, and she further noted that 98 percent of all satellites launched in 2021 provided internet connectivity. By the end off 2022, operators will set a new record for satellites launched into orbit, she said.

The FCC will not take on new responsibilities, Rosenworcel said, but the announced restructuring will help the agency “perform[] existing statutory responsibilities better.” In September, Rep. Cathy McMorris Rodgers, R–Wash., warned the FCC against overreaching its statutory mandate and voiced support for robust congressional oversight – a position reiterated by House staffers Wednesday.

“The formation of a dedicated space bureau within the FCC is a positive step for satellite operators and customers across the United States,” said Julie Zoller, head of global regulatory affairs at Amazon’s satellite broadband Project Kuiper, on a panel following Rosenworcel’s announcement.

“An important part of [Rosenworcel’s] space agenda is ensuring that there is a competitive environment in all aspects of that space,” said Umair Javed, the chairwoman’s chief counsel, during the panel. “So we’ve taken action to update our rules on spectrum sharing to make sure that there are opportunities for multiple systems to be successful in low Earth orbit.

“We’ve granted a number of experimental authorizations to companies that are doing really new…things,” Umair continued.

The FCC in September required that low–Earth orbit satellite debris be removed within five years of mission completion, a move Rosenworcel said would clear the way for new innovation.

In August, the FCC revoked an $885 million grant to SpaceX’s Starlink satellite-broadband service. FCC Commissioners Brendan Carr and Nathan Simington criticized the reversal, and Starlink has since appealed it.

Continue Reading

Signup for Broadband Breakfast

Get twice-weekly Breakfast Media news alerts.
* = required field

Broadband Breakfast Research Partner

Trending