FCC's RoboCall plan and how phone providers will protect the consumer
We are increasingly being inundated on a daily basis by telemarketers and spammers on our land lines and on our mobile phones. These phone calls can appear to be from your local area or calls from those impersonating an IRS agent whose purpose may be to steal your IRS refund. This deceptive and sometimes malicious practice of disguising the calling number via Caller ID is known as spoofing.
iPhones and Android phones do come with built-in blocking features for specific calls and some carriers offer free or for pay blocking tools that go a step further, but FCC Chairman, Ajit Pai, would like to see all phone companies block these robocalls for free. Telephone service providers would be required to disclose to the consumer what calls are being blocked and an option to opt out should they choose to do so. Many argue that this should be made a requirement by the FCC and not left up to the carriers to decide whether to charge for these services or to offer them for free.
Pai would like phone carriers to adopt an authentication system called SHAKEN (Secure Handling of Asserted Information Using Tokens) and STIR (Secure Telephony Identity Revisited) which uses digital certificates based on common public key cryptography techniques, which can differentiate between legitimate phone calls and spoofed ones to ensure the caller’s phone number is secure. Each telephone service provider would obtain their certificate from a certificate authority trusted by other telephone service providers.
Implementation of SHAKEN and STIR may allow unsigned calls to ring, but be marked as unverified. But implementation of this system would only work well if all carriers adopted this specific authentication. SHAKEN and STIR and can only verify Caller ID on a phone call when both carriers, sending and receiving, have deployed this technology. Thus far, T-Mobile, Verizon, Comcast, Bandwidth.com, Google and Cox have committed to call blocking features based on SHAKEN and STIR. (See responses to Pai from phone providers here.) Phone providers who do not have plans in place for an authentication network are CenturyLink, Charter, Frontier, Sprint, TDS Telecom, US Cellular, and Vonage. Some people are concerned they will not receive a call they may want, but the analytics used are directed at detecting spam callers and robocall patterns, and there would be flexibility for the user to decide what to block or the ability to opt out altogether. Another option may be the ability for the user to allow calls from their contact list, essentially adding them to a “white list.”
The FCC will vote on two robocall items on June 6th, the first item would allow phone companies to block robocalls by default using methods to analyze every call.
The following are details on the proposal provided by the FCC:
- Voice service providers may offer opt-out call-blocking programs based on any reasonable analytics designed to identify unwanted calls and will have flexibility on how to dispose of those calls, such as sending straight to voicemail, alerting the customer of a robocall, or blocking the call altogether.
- Providers should clearly disclose to consumers what types of calls may be blocked.
- Voice service providers must provide sufficient information so that consumers can remain in the program or opt out.
- Call blocking should not in any way interfere with our country’s emergency communications systems.
The second item, which may take a few months to finalize, is a Notice of Proposed Rulemaking (NPRM) which asks for public input and which is necessary before the FCC will consider implementing the new rules. The NPRM proposes a legal safe harbor for carriers that block calls that aren’t signed up under SHAKEN and STIR frameworks.