The legal landscape emerging from the TRACED Act
We recently sat down with a legal expert to discuss requirements for voice service providers emerging from the TRACED Act and the FCC orders that followed. Things are changing, risks are emerging, and service providers need to know. Let’s have a look.
We spoke with Jonathan Marashlian, Managing Partner of Marashlian & Donahue, LLC, The CommLaw Group. Mr. Marashlian described the new legal landscape, and we followed up with a few questions.
- Voice service providers have just passed some major milestones: certifying SHAKEN and/or robocall mitigation in the FCC database and refusing calls from unregistered upstream providers. Time to kick back and relax?
No. The legal landscape in the new STIR/SHAKEN era is much larger and more diverse than mere technical compliance with Federal Communications Commission (FCC) requirements.
We are already seeing clear and unmistakable signs that compliance with the bare minimum requirements established by the FCC—implementing STIR/SHAKEN and robocall mitigation plan procedures—is insufficient to mitigate the myriad of business risks arising from the government onslaught against the scourge of illegal robocalling.
Reading the tea leaves, the biggest risk or threat is likely to come through enforcement actions by state attorneys general and civil litigation initiated by private parties. Wherever the legal landscape provides the opportunity to recover damages, class action plaintiff’s lawyers and attorneys for large enterprise consumers of voice services, such as call center operators, are certain to seize upon those opportunities.
“The biggest risk or threat is likely to come through enforcement actions by state attorneys general and civil litigation initiated by private parties.”
We anticipate that questions around the meaning of and extent to which the “Know Your Customer” requirements apply in different contexts will ultimately be answered through litigation and enforcement, and less so through the FCC regulatory rulemaking process. Questions around damages and who is or can be held responsible for originating, passing, or terminating illegal robocalls are also going to be fleshed out by regulatory enforcement and private litigation.
Perhaps the most significant risk, even more so than the FCC, are the federal and state consumer protection laws that are being developed around robocall mitigation. Starting with the Federal Trade Commission (FTC), where the FTC’s strict “known or should have known” standard is applied to hold voice service providers accountable for illegal robocallers using their networks.
- Many service providers and telecom consultants pore over FCC regulations to try and understand the requirements. Is that sufficient? Are there other things they need to worry about?
FCC regulations are a good starting point and, telecommunications providers should stay abreast of updated regulations and releases.
However, FCC regulatory compliance alone may not be enough to defend an action if provider’s face the FTC and state attorneys general’s “known or should have known” standard or the creative, evolving litigation strategy of the plaintiff’s bar.
“Regulatory compliance alone may not be enough to defend an action if provider’s face the FTC and state attorneys general’s “known or should have known” standard or the creative, evolving litigation strategy of the plaintiff’s bar.”
- We saw a news item about Marriott, who filed a lawsuit in federal court against unknown perpetrators, “John Does,” who made illegal robocalls misusing Marriott’s name. Why would Marriott do that? What’s the point?
This is sheer speculation, but as often turns out, the actual perpetrators who harmed Marriott likely will be insolvent or outside the reach of Marriott.
By using “John Does,” Marriott preserves its ability to amend its complaint to implead carriers and providers that carried or transported the fraudulent traffic.
Marriott could rely on the FTC’s “known or should have known” standard to show underlying carriers are the “John Does” that profited from bad actors (now insolvent or extra-judicial). It’s unlikely Marriott would commence this litigation without a strategy outside positive public relations for pursuing bad actions; rather, the “John Does” will likely turn out to be carriers of bad traffic who settle Marriott’s claims.
The CATA Working Group issued Caller ID Authentication Best Practices, which the FCC published and endorsed as voluntary measures. Then the Fourth Report and Order on Robocall Prevention mandated affirmative obligations to prevent service providers from originating robocalls. It seems like momentum is building toward holding service providers responsible for knowing their customers and the nature of their calls. What’s your perspective on this?
Based on recent trends, there is certainly momentum in that direction and Know Your Customer (KYC) will likely continue to grow in importance. Thus, providers should ensure they have a good KYC policy in place, particularly as new risks emerge, and scrutiny grows. However, as discussed above, this appears largely driven by the FTC and state attorney general actions.
Of note, the ITG has published a Policies and Procedures booklet with a best practices section. All VSPs should review the booklet, and particularly the best practices. Accountability will keep mounting and the weakest link—the weakest KYC policy—will be the first to break, and that provider will be accountable and “holding the bag.”
“The weakest Know-Your-Customer policy will be the first to break, and that provider will be accountable and ‘holding the bag.’”
We thank Mr. Marashlian for sharing his views on the changing legal environment for voice service providers.
About The CommLaw Group
Marashlian & Donahue – The CommLaw Group – is a full-service telecom law firm located in the Washington, D.C. area catering to businesses operating in and around the dynamic and diverse communications and information technology industries. Their clients include providers of VoIP, wireless and traditional telecommunications services, SaaS-based and cloud computing technologists, Internet-of-Things application and network vendors, and nearly every imaginable 21st Century business driving the Digital Revolution.
The CommLaw Group has formed a Robocall Mitigation Response Team to help clients achieve the level of compliance needed to avoid the emerging threats of litigation and regulatory enforcement.
For more information, you can reach Jonathan S. Marashlian at jsm@CommLawGroup.com or by phone at 703-714-1313.
We offer STIR/SHAKEN and robocall mitigation solutions in our ClearIP and NexOSS software platforms. We can make your STIR/SHAKEN deployment a smooth process.
In addition, we help service providers with all aspects of STIR/SHAKEN deployment, including registering with the Policy Administrator and filing their certification with the FCC.
Contact us today to learn more.
This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.
Our STIR/SHAKEN products:
- Work with your existing network
- Support SIP and TDM
- Affordable, easy to deploy