The Federal Communications Commission has issued a Declaratory Ruling and Notice of Proposed Rulemaking in its ongoing efforts to address the proliferation of unlawful robocalls.
Earlier this summer, the Federal Communications Commission (FCC) issued its latest attempt to address the continued proliferation of robocalls, an issue that continues to generate a high volume of complaints at the FCC and the Federal Trade Commission (FTC). The FCC released a Declaratory Ruling and Third Further Notice of Proposed Rulemaking on June 7. The Declaratory Ruling largely clarifies that voice providers can offer call-blocking programs on an opt-out basis, while the Third Further Notice of Proposed Rulemaking (NPRM) sets forth additional steps to address robocalls. The NPRM, "Advanced Methods to Target and Eliminate Unlawful Robocalls, Call Authentication Trust Anchor," was published in the Federal Register on June 24.1
The NPRM proposes various revisions to FCC rules implementing the Telephone Consumer Protection Act2 to decrease the number of illegal robocalls, including the establishment of a safe harbor for call-blocking programs targeting unauthenticated calls and safeguards to ensure that legitimate calls are not blocked.
The NPRM also includes a proposal to mandate that voice service providers (defined as wireline, wireless, and voice over internet protocol providers) implement the SHAKEN/STIR caller ID authentication framework if they fail to meet the current deadline to voluntarily implement it by the end of 2019. SHAKEN/STIR is an industry-developed framework designed to stop robocalls and number spoofing. Secure Telephone Identity Revisited (STIR) is a working group of the Internet Engineering Task Force. The STIR charter states that the working group will "specify Internet-based mechanisms that allow verification of the calling party's authorization to use a particular telephone number for incoming calls."3 Secure Handling of Asserted information using toKENs (SHAKEN) is a standard that helps to define how telephone service providers can use STIR mechanisms and technologies to mitigate the risks of spoofed numbers. The two work together by using digital certificates to ensure that the incoming telephone number is secure. This means that calls would have to be validated by originating voice service providers and other voice service providers before a consumer receives a call. The FCC states that many larger voice service providers have already committed to deploying SHAKEN/STIR in 2019, and it is therefore seeking comments on the logistics of implementing this proposal, what steps are appropriate to ensure voice service providers have implemented SHAKEN/STIR, and what additional entities, if any, should be included in the definition of voice service providers.
Additionally, the FCC proposes "a narrow safe harbor for voice service providers that offer call-blocking programs that take into account whether a call has been properly authenticated under the SHAKEN/STIR framework and may potentially be spoofed." The FCC expects that most of the calls blocked under this proposed rule would be illegitimate in nature and thus the relevant voice providers would be deserving of the safe harbor; however, it sought comments on this view, as well as comments on any other potential instances where the authentication might fail.
While stakeholders are concerned about the frequency of illegal robocalls, many also worry that widespread call blocking may impact legitimate calls that carry similar characteristics to illegal spam or telemarketing calls. Examples of these calls include flight delay notifications, credit card fraud notifications, and emergency calls originating from 911 call centers and government emergency outbound numbers. The FCC therefore is proposing that voice service providers maintain a "critical calls list" that includes numbers the voice service providers may not block; all of these numbers must be authenticated. The FCC is seeking comments on the proposal, along with comments on what numbers should be included on this list.
Initial comments to the FCC on its NPRM were due on July 24, and reply comments are due by August 23. The proposal is important because it could have implications for how higher education institutions work with their telecommunications providers. EDUCAUSE will keep members apprised of any important developments.
Notes
- Federal Communications Commission, "Advanced Methods to Target and Eliminate Unlawful Robocalls, Call Authentication Trust Anchor," Federal Register 84, no. 121 (June 24, 2019): 29478. ↩
- In 1991, Congress enacted the Telephone Consumer Protection Act (TCPA) in an effort to address a growing number of telephone marketing calls. The law restricts the making of telemarketing calls and the use of automatic telephone dialing systems and artificial or prerecorded voice messages. The FCC adopted rules in 1992 to implement the TCPA. Since then, there have been multiple revisions to the rules. ↩
- "Secure Telephone Identity Revisited (stir): Charter for Working Group," IETF Data Tracker (website), accessed Tuesday, July 23, 2019. ↩
Kathryn Branson is an Associate at Ulman Public Policy.
© 2019 Kathryn Branson. The text of this work is licensed under a Creative Commons BY-NC-ND 4.0 International License.