State Attorneys General call for tighter access to numbering resources
NOV.17, 2021 - Fifty-one State Attorneys General sent reply comments to the FCC urging the Commission to reduce access to numbers by voice service providers (VSPs) that do not have meaningful Know-Your-Customer policies. The State AGs contend that such service providers undercut anti-robocall efforts such as SHAKEN call authentication and the call blocking and labeling tools that SHAKEN enables.
THE PROBLEM
The State AGs submitted their reply comments to the FCC Further Notice of Proposed Rulemaking published in August 2021.
In this notice, the Commission proposed to require additional information and certifications from interconnected VoIP providers that apply for access to numbering resources. The intention is to examine applicants more closely to curb illegal robocalling.
They aren’t just going after the robocallers. They’re going after VSPs that know or should have known that they are originating or transiting illegal robocalls. In their reply comments, the State AGs spelled out the problems clearly. These problems include VSPs that:
* Do not have meaningful Know-Your-Customer policies
* Allow anonymous customer access to numbers
* Supply numbers to new customers on a trial basis
* Provide free, temporary access to phone numbers
* Offer untraceable payment mechanisms
When robocallers use these numbers, provided with little-to-no vetting, the VSPs sign their calls with SHAKEN.
PROPOSED SOLUTION
The State AGs support the following requirements for applicants or authorized holders of access to number resources:
* Disclose foreign ownership.
* Disclose any change in ownership.
* Reject an application or revoke authorization of any applicant or holder that has originated or transmitted illegal robocalls.
* Certify SHAKEN or robocall mitigation in the Robocall Mitigation Database (RMD)
* Inform the Commission if it is subject to a Commission, law enforcement, or regulatory agency action for unlawful robocalls.
* Comply with state requirements and establish minimal state contacts.
THOUGHTS
We notice recurring themes in these comments that we’ve seen in other places. Let’s pull these together to get the big picture.
The FCC periodically announces big fines against robocallers. However, since 2020, we’ve seen their focus turned to VSPs. The Enforcement Bureau issues cease-and-desist letters that tell the VSPs to stop the robocalls within 48 hours and report on your robocall mitigation within 14 days, else other providers will be encouraged to block your calls. We saw the latest episode just three weeks ago.
In their Fourth Report and Order on robocalls, the Commission established affirmative obligations for VSPs to mitigate unlawful robocalls.
In September 2021, the National Association of Attorneys General held a robocall summit. The overarching theme was that State AGs are going to go after VSPs that know, or should have known, that they were originating or transmitting illegal robocalls.
We discussed the legal landscape emerging from the TRACED Act with Jonathan Marashlian, of The CommLaw Group. He reiterated that VSPs should watch State AGs, who are gearing up to go after VSPs that know, or should have known, about illegal robocalls.
In Canada, the CRTC directed the CST-GA to revise eligibility requirements for telephone service providers to participate in SHAKEN. Paraphrasing their decision, the CRTC concluded that the type or size of service provider doesn’t matter for deciding SHAKEN eligibility. What does matter is the trustworthiness of the VSP, which is essential to maintain the integrity of the STIR/SHAKEN framework.
Accordingly, the CST-GA issued the revised policy recently, and a key component centers on vetting the reputation and trustworthiness of the applicant.
We have observed and reported on a consistent pattern we’ve noticed during the first four months of the SHAKEN era, July – October 2021: there’s a high percentage of robocalls that are signed with a partial (B) or gateway (C) attestation. In fact, calls signed with B or C attestation are more than twice as likely to be robocalls as unsigned calls. These observations are consistent with the problems the State AGs outlined in their comments.
So, all this attention and focus directed on VSPs isn’t surprising. We expect this to pick up steam going forward.
To survive and thrive in this new era, VSPs must take a hard look at their customer vetting and robocall mitigation program.