Connect with us

FCC

Telephony Industry Rises to the Challenge of Robocalls, With Legislation, Regulation and Enforcement Close Behind

Published

on

Photo of FCC Chairman Ajit Pai at the 2019 FCBA Chairman's Dinner by Drew Clark

WASHINGTON, December 13, 2019 – The industry group that is hammering out technical standards governing an anti-robocall framework announced Thursday that that the STIR/SHAKEN framework will launch on Monday, December 16, 2019.

The launch of STIR/SHAKEN calling verification service won’t be final word in ending robocalls. But the much-anticipated milestone does represent a significant achievement for the creation of an entirely new framework governing authenticated telephony.

The rampant rise of robocalls have made person-less phone calls uniquely despised. The widespread disgust associated with time-wasting, distracting and fraudulent calls highlights the one thing that Republicans, Democrats and independents can all agree upon: Government must stop robocalls.

Indeed, the announcement of Monday’s launch of the STIR/SHAKEN framework by the Secure Telephone Identity Governance Authority (STI-GA) is merely one of three forums in which the battle against robocalls is being waged.

“The successful launch of STIR/SHAKEN by the industry-led STI-GA is a major step in the fight to mitigate illegal robocalls and Caller ID spoofing,” STI-GA Chair Linda Vandeloop said Thursday.

In addition to the for-now-voluntary STIR/SHAKEN standard, legislation mandating the use of STIR/SHAKEN by the providers of telephone service is likely to be passed by Congress within the next week.

Even if legislation isn’t passed, Federal Communications Commission Chairman Ajit Pai has done everything possible to rally responsible telephone providers against robocalling – up to and including Thursday’s $10 million fine against an allegedly illegal robocaller.

The origins of STIR/SHAKEN call authentication framework

STIR/SHAKEN is an industry-developed system to authenticate caller ID and hence address unlawful telephone call spoofing. It is designed to confirm that a call actually comes from the number indicated in the Caller ID, or – alternatively – at least to attest that the call entered the U.S. telephone network through a particular voice service provider or gateway.

STIR stands for Secure Telephony Identity Revisited, and is a standard developed by the Internet Engineering Task Force. The loosely-form acronym SHAKEN stands for the “Signature-based Handling of Asserted information using toKENs.”

It is this latter standard that has been the subject of intensive negotiation among telephony engineers in the STI-GA, which was formed to develop STIR/SHAKEN, as well as the non-profit telecom standards organization Alliance for Telecommunications Industry Solutions.

Importantly, the STIR/SHAKEN framework only works on the internet protocol-based telephone networks, including Voice over Internet Protocol services, to which most enterprise callers have migrated.

Estimates vary widely, but a significant chunk of traffic of calls on the public switched telephone network – perhaps as much as half — remain non-IP-based calls. Robocallers, however, almost all use VoIP.

The fundamental idea behind STIR/SHAKEN is that, using public key cryptography, a telephony provider would “provide assurances that Caller ID information transmitted with a particular call is accurate,” according to the FCC’s June 7, 2019, declaratory ruling on robocalls. “Once an originating or gateway provider has implemented these standards, it should sign, or attest to, all IP-based calls originating on its IP-based network or entering the network through its gateway.”

There are three levels of attestation: Level A, or full attestation; Level B, or partial attestation; and Level C, or gateway attestation.

Level A is easy. When a customer using a telephony provider’s network originates a call, and the telephony provider knows that number is associated with a legitimate customer, the provider passes the Level A attestation to the receiving telephone network.

Level C is also pretty straightforward: It refers to the minimal level of attestation that is expected when, for example, a foreign-originating call enters the gateway to a U.S.-provider’s telephone network. The domestic telephone carrier would pass the “Level C” attestation to the terminating carrier, or the carrier of the person who receives the phone call.

Key determinations about attestation of STIR/SHAKEN have yet to be made

In announcing the availability of the calling number verification service, the industry groups STI-GA and ATIS were mum on one of the major issues still in dispute in regard to Level B attestation.

In other words, the rules that govern partial attestation – when the signing voice service provider has not established a verified association with the phone number, but has some other kind of direct relationship with the customer in question – have not yet been made clear.

Beginning on Monday, December 16, however, voice service providers can register with iconectiv, which is the Secure Telephone Identity Policy Administrator, to obtain credentials in order to acquire STI certificates from approved Certification Authorities.

These certificates will be used to authenticate Caller ID, inform customers if the Caller ID was spoofed and to facilitate tracing calls back to their origin.

“Setting SHAKEN into action completes a major milestone in an initiative that brought the industry together through ATIS to find a solution to address the formidable challenge of illegal robocalling,” said ATIS CEO Susan Miller. “This development advances a top industry priority critical to restoring consumer trust in the voice network.”

ATIS and the policy body STI-GA recommended that service providers read the Service Provider Guidelines before registering for the call verification service online. Once registered, service providers will be able to access a list of Certification Authorities that can assign digital certificates used to sign calls and authenticate Caller ID.

If industry self-regulation of robocalls falters, legislation is likely to mandate telephony rules

On Wednesday, December 4, 2019, on a 417-3 vote, the House approved passage of S. 151, the Pallone-Thune “Telephone Robocall Abuse Criminal Enforcement and Deterrence Act,” or the TRACED Act, sponsored by House Energy and Commerce Committee Chairman Frank Pallone, D-N.J., and former Senate Commerce Committee Chairman John Thune, R-S.D.

The revised legislation built upon Thune’s TRACED Act, and effectively requires the implementation of the STIR/SHAKEN technology that is still under development. On December 4, the House incorporated some element of Pallone’s prior H.R. 3375, the Stopping Bad Robocalls Act – and which had not mentioned or mandated STIR/SHAKEN.

The House-passed bill, which now awaits passage by the Senate, “require[s] a provider of voice service to implement the STIR/SHAKEN authentication framework in the internet protocol networks of the provider of voice service” within 18 months of the passage of the legislation.

There are, however, many reasons why certain call spoofing may be legitimate. At a June forum on the subject, Rebecca Thompson, the head of government affairs at Twilio, illustrated several examples. These include protecting Uber riders’ numbers, womens’ shelters and crisis counseling lines preserving safety and privacy. She also pointed out cases of legitimate robocalls, including notifications from schools or emergency providers, that could potentially be blocked.

The TRACED act includes a provision requiring the FCC to develop rules, no later than one year after passage, that would create a safe harbor “establishing when a provider of voice service may block a voice call based, in whole or in part, on information provided by the [STIR/SHAKEN] call authentication framework.”

Pai attempt bully-pulpit regulation and enforcement, even before TRACED Act’s passage

The legislation will give the FCC authority to prosecute robocallers that it might otherwise lack.

In a speech at an anti-robocall symposium on November 22, 2019, Pai said that while he was grateful for industry efforts to implement STIR/SHAKEN, “the reality is were are only seven weeks away from the end-of-the-year deadline, and we are not yet seeing sufficient implementation by all major voice providers.”

He continued: “To any carriers out there who might not be treating this deadline with the urgency it deserves, I am putting them on notice now: at my direction, Commission staff is actively working on developing regulations to make this happen. If industry doesn’t get the job done on time, I will not hesitate to call an FCC vote on these new rules.”

Even without authority to go after carriers who dally in implementing a still-incomplete STIR/SHAKEN, the FCC is taking enforcement action against robocallers using the authority granted from other legislation.

Indeed, on Thursday, the FCC imposed a $9,997,750 fine in issuing a “notice of apparent liability” against Kenneth Moser and his telemarketing company Marketing Support Systems.

The FCC said that he apparently made more than 47,000 unlawful spoofed robocalls over a two-day period by spoofing the telephone number assigned to another telemarketing company when transmitting prerecorded voice calls against a political candidate shortly before California’s 2018 primary election.

Moser, who was in the business of providing political robocall services, spoofed the number of another company that provides robocalling services to political candidates. The spoofing generated many complaints from consumers who received the calls, and a cease-and-desist letter from the candidate against whom the calls were allegedly made.

The California Secretary of State referred a complaint about the matter to the FCC’s Enforcement Bureau, and which used the Truth in Caller ID Act has the basis for the fine.

In addition to finding that Moser apparently violated the Truth in Caller ID Act, the FCC’s Enforcement Bureau found that Moser sent more than 11,000 prerecorded voice messages to wireless phones, without consent, in violation of the Telephone Consumer Protection Act’s.

The Enforcement Bureau found that Moser also violated the TCPA’s requirement that prerecorded messages include the phone number and identity of the entity responsible for initiating the call. As a result, the Bureau also issued a citation for TCPA violations.

About the author:

Drew Clark, the Editor and Publisher of BroadbandBreakfast.com, is a nationally-respected telecommunications attorney at The CommLaw Group. He has closely tracked the trends in and mechanics of digital infrastructure for 20 years, and has helped fiber-based and fixed wireless providers navigate coverage, identify markets, broker infrastructure, and operate in the public right of way. Additionally, see a related advisory laying out some of the salient issues with SHAKEN/STIR that may be of interest to many providers of telecommunications and Voice over Internet Protocol (VoIP) services.

Continue Reading
1 Comment

1 Comment

Leave a Reply

Your email address will not be published.

FCC

FCC Commissioner Supports Rural Telco Efforts to Implement ‘Rip and Replace’

In remarks at the Rural Wireless Association event on Wednesday, Commissioner Geoffrey Starks reaffirmed the FCC’s goals.

Published

on

Photo of Carri Bennet, general counsel of the Rural Wireless Association, leading a discussion at the summit on Wednesday by Drew Clark

PARK CITY, Utah, June 30, 2022 – Federal Communications Commissioner Geoffrey Starks acknowledged the agency’s goal of obtaining secure broadband networks at an event of the Rural Wireless Association on Wednesday.

“We must ensure that our broadband networks are secure,” Starks said in keynote address at the Rural Wireless Infrastructure Summit here, delivered via Zoom. “This is evident in the constant barrage of attacks of American networks from hostile state and non-state actors.”

Starks continued, “insecure networks, by definition, can’t provide the stable, reliable, always on communications we need. Especially during emergencies… Broadband must be secure for the full benefits of broadband to be achieved.”

The issue of ridding American telecommunications networks of equipment manufactured in China was a constant theme during the conference.

In addition to Starks’ presentation, several sessions addressed the dilemma faced by telecommunications carriers, particular rural ones, that had in the past invested heavily in lower-cost equipment from Huawei, a leading Chinese manufacturer.

As the political winds have changed on the topic over the past three years, Congress has allocated funds for a “rip and replace” program. The FCC is expected to announce the providers that will receive nearly $2 billion as part of the program by July 15.

But some fear that number could be more than $4 billion short of needed funds.

“The funds available will cover only a very small portion” of the costs to replace Huawei with non-Chinese manufacturers, said Carri Bennet, general counsel of the Rural Wireless Association.

Potential new requirements imposed on telecom providers

The commission recently sought comment on whether it should require carriers that receive high-cost support to have include baseline cyber security and supply chain risk management plans.

If these plans are included in requirements, Starks said that American communication networks would be protected from bad actors. Moreover, they are consistent with requirements already included in the Infrastructure Investment and Jobs Act.

Starks thanked the RWA for its activity and advocacy in the “rip and replace” proceedings, officially dubbed the Secure and Trusted Communications Network Reimbursement Program.

“The threat is real,” called Starks. “Companies that are deemed by the federal government to be a threat to the United States and its people can not have free reign in data centers featuring some of the most sensitive data of Americans.”

This comes only days after Commissioner Brendan Carr called for Apple and Google to remove Beijing-based popular video-sharing application, TikTok, from their app stores in response to the apps’ obligation to comply with the Peoples Republic of China’s surveillance demands.

Broadband Breakfast Editor and Publisher Drew Clark contributed to this report.

Continue Reading

FCC

FCC Commissioner Geoffrey Starks Calls for Environmental Sustainability at Summit

Environmental sustainability in telecom has been a key talking point for Starks.

Published

on

Photo of FCC Commissioner Geoffrey Starks

June 27, 2022 – Federal Communications Commission Commissioner Geoffrey Starks raised on Monday the importance of sustainability in telecommunications as a speaker at the 2022 Broadband for All Summit in Stockholm, Sweden.

An important responsibility for agencies in the industry is building infrastructure that is environmentally sustainable, Starks said, suggesting four avenues to improve sustainability.

First, “we must continue to find ways to do more while using less, and that begins with the way we use spectrum,” he said. We need to “squeeze” the most out of the finite spectrum while simultaneously building networks that draw less power.

Second, “we need to realize our full potential to help other sectors consume less, too.”

We are entering an era where we can “collect, communicate, and analyze massive quantities of data to improve decision-making in real-time. Everything from traffic flow to energy transmission to orders of operation on the factory floor can benefit from data-driven efficiencies that were previously impossible,” he said.

Third, “industry-led initiatives must continue to play a significant role, from progressing towards reducing or eliminating the carbon emissions associated with their operations, to increasing renewable energy and minimizing electronic waste.”

Some manufacturers, according to Starks, have gone beyond carbon neutrality and are aiming for net-zero operations.

Fourth, “we must collectively do our part to mitigate climate change’s harmful effects at the network level”. With harsher weather patterns than previous generation, we should invest in networks that will keep communities connected during storms, floods, wildfires, and other disasters.

Starks, who has pitched environmental sustainability in telecommunications on a multiple occasions, advocated for players in the industry to be “as aggressive as possible with our climate commitments, and we should be as comprehensive as possible in our effort to comply with them.” This should include eliminating waste during the production phase, he said.

Continue Reading

FCC

FCC to Gather Information on Offshore Spectrum, Accurate 911 Call Routing

The FCC is examining the need and use cases for allocating spectrum for offshore use.

Published

on

Photo of Nathan Simington

WASHINGTON, June 8, 2022 – The Federal Communications Commission voted in an open meeting Wednesday to examine technology that can improve wireless 911 call routing, propose a fine for interrupting U.S. forest service radio communications, and to seek comment on offshore spectrum needs and uses.

The FCC voted to begin gathering information through public comment on the “possible current and future needs, uses, and impacts of offshore wireless spectrum use,” including for cruise ships, oceanography and wind turbine projects. Other options, like satellite-based systems, are available to provide service.

The construction and operation of windfarms in the Atlantic and Pacific oceans and communication services between at-sea vessels require offshore spectrum. The notice of inquiry asks what other cases exist that require offshore spectrum access that are not being provided for under existing models.

“We seek more broadly to understand the extent of the demand to use offshore spectrum and more generally where that demand is concentrated,” stated the inquiry.

“It is important that the FCC stay ahead of the curve in its consideration of upcoming commercial spectrum needs and this item does just that,” said commissioner Nathan Simington.

911 call routing

The FCC launched an examination into technology that could result in faster response times by more precisely routing wireless 911 calls to the correct call center.

Some wireless emergency calls are made near city or county borders where the closest call center is in the neighboring jurisdiction, resulting in lost time as calls are rerouted to the correct call center.

Since 2018, when the FCC issued a Notice of Inquiry seeking comment on feasibility of routing 911 calls based on location of the caller versus location of the cellular tower, there have been many advancements in location-based routing technology. The FCC issued a Public Notice Wednesday seeking updated information on these technologies and the feasibility of adopting them into public use.

Last month, AT&T announced a new technology that would allow dispatchers to get a more accurate location of distressed calls by using the phone’s GPS.

Proposed fine for violating radio interference rules

The FCC also proposed a $34,000 fine Wednesday against Jason Frawley who, in 2021, allegedly interfered with radio communications that were guiding firefighting during the 1000-acre wildfire near Elk River, Idaho.

Frawley reportedly admitted to a Forest Service supervisor that he broadcasted on government frequencies in direct defiance to the Communications Act which prohibits any interference with authorized radio communications.

Neither the allegations nor the proposed sanctions are final FCC actions, said the press release.

Continue Reading

Recent

Signup for Broadband Breakfast

Get twice-weekly Breakfast Media news alerts.
* = required field

Trending