FCC accelerates SHAKEN deadline for some small providers

The FCC adopted new rules that accelerate the SHAKEN implementation for some small voice service providers. This article reviews the new rules.

The Second Report and Order in the matter of Call Authentication Trust Anchor (WC Docket No. 17-97) included a two-year implementation extension for small voice service providers. A provider qualifies as small if they have fewer than 100,000 subscriber lines. The SHAKEN implementation deadline was June 30, 2023, for qualified providers.

New rules

The Fourth Report and Order accelerates the SHAKEN implementation deadline for some small voice service providers as follows:

Non-facilities-based small providers

A voice service provider is non-facilities based if it offers voice service to end users using connections that are not sold by the provider or its affiliates. Instead, their voice service rides atop another provider’s transmission service.

Under the Fourth Order, non-facilities-based voice service providers are required to implement SHAKEN one year earlier than the previous deadline. Their new implementation deadline is June 30, 2022.

Non-facilities-based small providers subject to the accelerated deadline are required to update their exemption status in their Robocall Mitigation Database (RMD) filing to show they are subject to the June 30, 2022 deadline, not the June 30, 2023 deadline. For example, a provider could indicate in its certification that it is subject to a one-year extension for being a non-facilities-based small voice service provider. The deadline for updating the RMD filing is 30 days after the effective date of the order, which will be when it is published in the Federal Register.

Why did the rule change exempt facilities-based providers? The Fourth Order provides two reasons.

First, the Industry Traceback Group (ITG) reported in FCC filings that “tracebacks seldom conclude that a facilities-based provider, whether a large one or a small one, originate robocalls.” Most tracebacks find that illegal robocalls originate with non-facilities-based providers.

Second, the FCC also noted that a substantial number of non-facilities-based providers have been able to deploy SHAKEN more quickly than other providers. They cross referenced Form 477 filers with Robocall Mitigation Database (RMD) filers. They found that 53% of non-facilities-based providers certified either a complete or partial SHAKEN implementation, versus only 33% of other providers. The FCC says this shows that the burden of SHAKEN implementation for non-facilities-based small providers is low.

Small providers found to be a source of illegal robocalls

If the FCC Enforcement Bureau finds that a voice service provider is violating FCC rules by sending illegal robocalls, then the bureau will inform the provider. Once notified, the provider must take steps to mitigate illegal robocalls.

If the accused provider fails to:

1. Mitigate such robocalls, or
2. Provide information requested by the Enforcement Bureau, or
3. Respond in a timely manner, or
4. If the Enforcement Bureau deems the response inadequate,

Then the Enforcement Bureau can require the accused provider to implement SHAKEN within 90 days of the bureau’s decision.

In the FCC’s Further Notice of Proposed Rulemaking, they asked for comments on setting thresholds based upon call volume to trigger enforcement action. Based upon comments received, the Commission decided that such thresholds would be ineffective, as bad actors are adept and evading such limits.

What next?

We can’t provide legal advice, but reading the plain text of the Fourth Order, a few requirements seem clear:

1. Small providers relying on the small provider extension must figure out whether they’re a non-facilities-based provider. Their 477 filing might be helpful, but it doesn’t automatically trigger a classification.
2. Small non-facilities-based providers must amend their certification filing in the RMD to indicate that they are subject to a one-year extension, ending June 30, 2022, for being a non-facilities-based small voice service provider.
3. Small non-facilities-based providers must implement SHAKEN by June 30, 2022.

TransNexus solutions

We offer STIR/SHAKEN and robocall mitigation solutions in our ClearIP and NexOSS software platforms. We can make your STIR/SHAKEN deployment a smooth process.

We provide an STI-CPS, the TransNexus CPS, which is available to any SHAKEN-authorized service provider, free of charge, to use when they want to send or receive STI PASSporTs out of band.

Contact us today to learn more.