WASHINGTON, November 3, 2021 – The Federal Communications Commission held a webinar Thursday to field concerns and raise awareness of the agency’s efforts to stifle robocalls and spoofing in Hawaii, hearing that such illegal activity is still very active on the island state.
The FCC has been on pushing publicity on the need for telecommunications companies to put in place measures to tackle illegal robocalls and scammers who mask their caller ID numbers to get unsuspecting Americans to pick up the phone. That is part of the new STIR/SHAKEN rules, the deadline for which went into effect in late June for large telecoms. (Smaller telecoms currently have an expected compliance deadline of June 2022, but there is a fight to extend the deadline for some providers.)
Lyle Ishida, FCC’s chief of consumer affairs and outreach division, hosted the webinar alongside Hawaiian reporter, Diane Ako and heard that Hawaiians face a number of malicious phone scams, including one that ostensibly originates from the island’s criminal justice data center.
Stephen Levins, the executive director of Hawaii’s Office of Consumer Protection, spoke of the ways scammers deceive consumers. Levins spoke of strategies as common as a caller asking for a social security number, to complex schemes where callers specifically target Asian Americans by impersonating Amazon workers, police departments and financial institutions. “It’s happening on a daily basis in Hawaii,” Levins said.
Underreported calls mask Hawaii’s robocall problem
Levins said he estimated that 10 million unreported spoofs or robocalls reached Hawaiian citizens in September alone, which makes it appear that the island state doesn’t have as big a problem nationally as it actually does.
Keyla Hernandez-Ulloa, associate chief of the FCC’s Consumer Affairs and Outreach Division, spoke at length about the work her organization does to combat spoofing and robocalls, not just in Hawaii, but nationally. “The FCC knows these calls are an area of concern for millions of Americans,” she said.
Thursday’s webinar was also another example of the FCC driving up its engagement with local officials to ensure they are up to speed on what the agency is doing. FCC Chairwoman Jessica Rosenworcel has spoken about outreach as a priority for the agency to ensure its message gets to local communities, especially those who need funds for broadband expansion.
Charging for Call Whitelisting Could Hamper Robocall Fight, Small Provider Says
Small provider says cost and fast-moving deadlines making it hard to implement robocall regulations.
November 9, 2021 – A representative at a small voice service provider is warning that alleged anticompetitive behavior, such as charging customers for whitelisting phone numbers, can slow progress on the illegal robocall fight.
“We have to be careful about [anticompetitive] practices like having customers pay to be on a whitelist to have their calls go through,” said Greg Rogers, head of global policy and regulatory affairs at communications software company Bandwidth, at the INCOMPAS 2021 conference in Las Vegas on October 25. “Those kinds of practices are bad for smaller businesses less able to cover the cost of these new solutions.”
“Whitelisting” is a tool that allows only calls from numbers in someone’s contact list. Some companies already offer these capabilities for free, but others may charge for them. Rogers said he thinks voice companies should offer the service to the general public for free and not as an additional cost “add on” service.
Rogers said these additional charged services can help larger companies pay for their compliance with the STIR/SHAKEN framework, which requires voice service providers to place measures to combat illegal robocalls that often lead to scams that affect millions of Americans. Those new measures include analytics software that labels calls based on authenticity. The deadline for large providers to implement these rules was June 30 this year and June 30, 2022 for smaller providers.
Despite the longer timeline for smaller players to implement the rules, Rogers said it is going to be harder for them to do so without the additional revenue stream.
Rogers warned that the FCC may be pushing the industry too hard for deadlines that are hard to meet. “We’re moving too fast in implementation and expectations are not being set appropriately,” he said. “It’s a bipartisan, political winner to be against robocalling, and we’ve seen a really fast, hard driving set of demands.” Rogers pointed to the FCC’s December 2020 mandates as a good example of demands that are hard to meet. The FCC’s Fourth Report and Order required voice providers to add call blocking notifications to indicate that a call is unwanted. “The pushback is, it’s too hard. We can’t do it that fast, we need more time.”
Rogers said the complexity of the issues combined with a globally interconnected network makes it hard to deliver consistent service while optimizing their systems for call blocking.
“I didn’t say we should move slow, but people have to recognize how hard it is,” Rogers said. “[the call blocking effort] will march forward and that’s good. Don’t get expectations set that it’s gonna be fixed tomorrow. It’s not.”
The industry-wide endeavor to eliminate harmful robocalling continues as robocalls have risen over the past month. Analytics company YouMail’s call blocking data shows that Americans received over 4 billion robocalls in October, increasing 3.1 percent since September. So far this year, Americans have received 42.8 billion robocalls. Since robocall mitigation tools took effect on June 30, robocalls decreased about 8 percent per month on average.
Jonathan Marashlian: The Legal Landscape Emerging for Robocalls Under the TRACED Act
The biggest risk is likely to come through enforcement actions by state attorneys general and civil litigation, says Marashlian.
Requirements for voice service providers emerging from the TRACED Act and the Federal Communications Commission orders that followed have changed the risks and threats to voice service providers.
Voice service providers have just passed some major milestones: Certifying SHAKEN and/or robocall mitigation in the FCC database and refusing calls from unregistered upstream providers. Does that mean it is time to kick back and relax?
Not at all. The legal landscape in the new STIR/SHAKEN era is much larger and more diverse than mere technical compliance with FCC requirements.
We are already seeing clear and unmistakable signs that compliance with the bare minimum requirements established by the FCC—implementing STIR/SHAKEN and robocall mitigation plan procedures—is insufficient to mitigate the myriad of business risks arising from the government onslaught against the scourge of illegal robocalling.
Reading the tea leaves, the biggest risk or threat is likely to come through enforcement actions by state attorneys general and civil litigation initiated by private parties. Wherever the legal landscape provides the opportunity to recover damages, class action plaintiff’s lawyers and attorneys for large enterprise consumers of voice services, such as call center operators, are certain to seize upon those opportunities.
‘Know your Customer’ rules come to the telecom industry
We anticipate that questions around the meaning of and extent to which the “Know Your Customer” requirements apply in different contexts will ultimately be answered through litigation and enforcement, and less so through the FCC regulatory rulemaking process. Questions around damages and who is or can be held responsible for originating, passing, or terminating illegal robocalls are also going to be fleshed out by regulatory enforcement and private litigation.
Perhaps the most significant risk, even more so than the FCC, are the federal and state consumer protection laws that are being developed around robocall mitigation. Starting with the Federal Trade Commission (FTC), where the FTC’s strict “known or should have known” standard is applied to hold voice service providers accountable for illegal robocallers using their networks.
Many service providers and telecom consultants pore over FCC regulations to try and understand the requirements. Is that sufficient? Are there other things they need to worry about?
FCC regulations are a good starting point and, telecommunications providers should stay abreast of updated regulations and releases. However, FCC regulatory compliance alone may not be enough to defend an action if provider’s face the FTC and state attorneys general’s “known or should have known” standard or the creative, evolving litigation strategy of the plaintiff’s bar.
Marriott filed a lawsuit in federal court against unknown perpetrators, “John Does,” who made illegal robocalls misusing Marriott’s name. Why would Marriott do that? What’s the point?
This is sheer speculation, but as often turns out, the actual perpetrators who harmed Marriott likely will be insolvent or outside the reach of Marriott. By using “John Does,” Marriott preserves its ability to amend its complaint to implead carriers and providers that carried or transported the fraudulent traffic.
Marriott could rely on the FTC’s “known or should have known” standard to show underlying carriers are the “John Does” that profited from bad actors (now insolvent or extra-judicial). It’s unlikely Marriott would commence this litigation without a strategy outside positive public relations for pursuing bad actions; rather, the “John Does” will likely turn out to be carriers of bad traffic who settle Marriott’s claims.
The Call Authentication Trust Anchor Working Group issued Caller ID Authentication Best Practices, which the FCC published and endorsed as voluntary measures. Then the Fourth Report and Order on Robocall Prevention mandated affirmative obligations to prevent service providers from originating robocalls. It seems like momentum is building toward holding service providers responsible for knowing their customers and the nature of their calls.
Based on recent trends, there is certainly momentum in that direction and Know Your Customer will likely continue to grow in importance. Thus, providers should ensure they have a good KYC policy in place, particularly as new risks emerge, and scrutiny grows. However, as discussed above, this appears largely driven by the FTC and state attorney general actions.
Of note, the Industry Traceback Group in July 2021 published a Policies and Procedures booklet with a best practices section. All voice service providers should review the booklet, and particularly the best practices. Accountability will keep mounting and the weakest link—the weakest KYC policy—will be the first to break, and that provider will be accountable and “holding the bag.”
Jonathan Marashlian is Managing Partner of Marashlian & Donahue, PLLC, The CommLaw Group, a full-service telecom law firm located in the Washington, D.C., area catering to businesses operating in and around the dynamic and diverse communications and information technology industries. Their clients include providers of VoIP, wireless and traditional telecommunications services, SaaS-based and cloud computing technologists and Internet-of-Things application and network vendors. The CommLaw Group has formed a Robocall Mitigation Response Team to help clients achieve the level of compliance needed to avoid the emerging threats of litigation and regulatory enforcement. Jonathan S. Marashlian may be reached by email or by phone at 703-714-1313.
A prior version of this piece was published on October 6, 2021, on TransNexus. This lightly-edited Expert Opinion is reprinted with permission. Broadband Breakfast accepts commentary from informed observers of the broadband scene. Please send pieces to firstname.lastname@example.org. The views expressed in Expert Opinion pieces do not necessarily reflect the views of Broadband Breakfast and Breakfast Media LLC.
Associations Press FCC to Keep Robocall Extension for Facilities-Based Carriers
Organizations say preponderance of illegal calls don’t come from facilities-based providers.
August 11, 2021 – In submissions to the Federal Communications Commission on Monday, associations representing smaller telecom are asking the agency to keep an extension specifically for facilities-based carriers to comply with new robocall rules.
In May, the FCC voted to push up by a year, from 2023 to 2022, the deadline for small carriers to comply with the STIR/SHAKEN regime, which requires telephone service providers to put in place measures – including analytics services to vet calls – to drastically reduce the frequency of scam, illegal robocalls, and ID spoofing that misleads Americans to believe the call is legitimate. Large carriers, however, had a deadline of June 30 this year.
But in submissions to the FCC this week, the Competitive Carriers Association, NTCA, and USTelecom said the preponderance of illegal robocalls come from smaller providers – those with fewer than 100,000 lines – that don’t have networks and, because of that, facilities-based carriers should have the additional year to comply with the rules, which is reportedly a highly technical and complex endeavor.
To appreciate the effort, providers must tag or label all calls on their network, using analytics tools, to ensure that the calls are legitimate. All illegitimate calls must be tagged as potential spam or blocked completely. Even still, the possibility of “false positives” can occur. Failure to comply with the rules could result in hefty penalties.
‘Good faith’ actors shouldn’t be penalized
“Commenters recognize as well that care must be taken to correctly identify this group of small providers in a surgical and precise manner that does not sweep in innocent actors and compel them to adopt this standard on a timeframe they had neither anticipated nor budgeted for,” the NTCA said in its submission to the FCC on Monday.
“A more targeted and effective way of capturing the parties that prompted these proposals can be found in the record – specifically, the Commission should require operators that are not ‘facilities-based’ voice providers…to adopt STIR/SHAKEN on a more accelerated timeframe,” the NTCA continued.
Burden of proof on non-facilities providers to show need for extension
USTelecom, however, added that the non-facilities-based providers – which generally originate calls over the public internet – should be able to request the full two-year extension, but they must show why they need it.
“It’s also critical that they are required to explain in detail and specificity why their robocall mitigation plans are sufficient to protect consumers and other voice service providers from illegal and unwanted robocalls,” USTelecom said in its Monday submission.
“Such a requirement would offer the right balance between affording non-facilities-based small providers the opportunity for the full extension if truly needed, but without creating an opportunity for the small VoIP providers responsible for illegal robocalls to abuse the process in order to continue to send unsigned illegal traffic downstream to the detriment of other providers and consumers,” USTelecom added.
- Panel Concludes U.S. Relatively Unprepared to Lead Global Push for Web Transparency
- Critics Concerned Infrastructure Bill Money Will Go to Satellites, Harm Fiber Builds
- Rosenworcel Confirmed, Rohingya Meta Class Action, FTTH Builds Increase, WOW! Offers 1 Gig
- FCC Takes Stock of Telehealth Successes, But Acknowledges a Long Way to Go at Agency Event
- CaptionCall $40 Million Settlement, World Bank Broadband in Rwanda, Tribal Broadband Money Not Enough
- Render Networks and Irby Ahead of Schedule on Arkansas Fiber Build
Signup for Broadband Breakfast
Broadband Roundup4 months ago
Senators Intro App Bill, Groups Drop TracFone Buy Complaint, States Want Shorter Robocall Deadline
Broadband Roundup3 months ago
Mapping Comment Deadline Extended, AT&T Gets Federal Contract, 5G and LTE Drive Microwave Demand
#broadbandlive3 months ago
Broadband Breakfast on September 1, 2021 — What’s Next for Broadband Infrastructure Legislation?
Broadband Roundup2 months ago
Cox’s Wireless Deal with Verizon Dies, Apple Appeals Epic Games Case, AT&T’s Fiber Investment
Broadband Roundup3 months ago
FCC and FTC Announce Open Meeting Agendas and AT&T Signs Deal with OneWeb
Antitrust4 months ago
Antitrust Experts Zero In on Big Tech and Consumer Welfare Standard at Aspen Forum
Expert Opinion3 months ago
Shrihari Pandit: States Can Enable Broadband Infrastructure Through Open Access Conduits
Broadband Roundup2 months ago
AT&T Hurricane Survey, FCC Announces $1.1B from Emergency Connectivity Fund, Comcast’s Utah Plans