Is there a flaw in the Robocall Mitigation Database rule?

USTelecom and several carrier representatives met with FCC officials to alert them to a potential loophole in the Commission’s Robocall Mitigation Database scheme. The loophole could enable foreign-originated illegal traffic to reach U.S. consumers without any meaningful constraints.

Robocall Mitigation Database

Paragraphs 82-86 of the FCC’s Second Report and Order In the Matter of Call Authentication Trust Anchor requires all voice service providers to file a robocall mitigation certification with the Commission. This will be filed in a new portal and database, called the Robocall Mitigation Database (RMD), which the FCC will provide.

Intermediate and terminating providers will be prohibited from accepting traffic directly from any voice service provider that does not appear in the database.

USTelecom describes the issue

In a recent ex parte filing, USTelecom described confusion over what they called the “Intermediate Provider Loophole.”

“In our experience, much of the industry has read section 64.6305(c) as requiring that every upstream provider—originating or intermediate—in the call path needs to be in the database for the next intermediate or terminating provider to accept traffic from it. The text of the rule and text in the order, however, may best be read to suggest otherwise, namely that only the originating provider needs to be in the database for the next provider to take the traffic.”

Hands computer writing

How did USTelecom arrive at this interpretation? They cited three sources in their filing:

  1. The definition of “voice service” in paragraph 19 of the Second Order is “any service that is interconnected with the public switched telephone network and that furnishes voice communications to an end user.”
    • Intermediate providers don’t provide service to end users.
  2. Paragraph 89 of the Second Order says that “We find the rule we establish—whereby intermediate providers are prohibited from accepting traffic from an originating voice service provider that has not certified to a robocall mitigation program—best leverages the role of intermediate providers to combat illegal robocalls within our greater robocall mitigation scheme.”
    • In this citation, the FCC clearly identifies originating service provider, not just the next upstream provider.
  3. Paragraph 87 of the Second Order says that “By affirmatively adding such providers we give intermediate and terminating voice service providers confidence that any provider not listed in the Robocall Mitigation Database is out of compliance with our rules, rather than leaving the potential for uncertainty about whether a provider is noncompliant or simply was not required to be included in the database because it does not originate traffic.”
    • This statement also states that traffic originators are required to be in the database.

Given those citations, USTelecom believes the Second Order requires that only the originating provider must have a certification on file in the RMD.

That would leave a huge loophole in the scheme. Intermediate providers could take traffic from any other intermediate provider regardless of their database status.

USTelecom asked the Commission to provide additional comment to clarify the rules.


USTelecom presents a persuasive list of citations to support their interpretation. However, there are other citations that seem to go the other way:

  1. In paragraph 87, the Second Order states that voice service providers “must necessarily review the listings of voice service providers with which they interconnect to ensure that such certifications are sufficient.”
    • This seems to indicate that the certification applies to the next upstream provider, not the originating provider.
  2. Footnote 340 of the Second Order says that the FCC “will import all listings from the Intermediate Provider Registry into the RMD on a rolling basis so that all registered intermediate providers are represented therein.”
    • Why do that if the RMD filing requirements only apply to originating providers, not the next upstream provider?

These citations seem to indicate that the FCC intends to require RMD certification filings from the next upstream provider.

As a practical matter, this would also be easier in terms of compliance. Providers know who their upstream providers are. They can periodically check the RMD to confirm that their upstream providers have a certification on file. How would they check every possible foreign originating provider?

At any rate, we wholeheartedly agree with USTelecom that the Commission should clarify this rule.

TransNexus robocall mitigation solutions

We offer robocall mitigation solutions in our ClearIP and NexOSS software products. We can help you deploy them quickly and easily.

In addition, we can help you plan, prepare, and complete your Robocall Mitigation Certification filing. Your filing will demonstrate to the Commission that your voice service business has deployed effective robocall mitigation measures in production.

Contact us today to learn how we can help you tailor a robocall mitigation program to your circumstances and satisfy compliance requirements.

Request information

* required

This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.