Should robocall mitigation requirements be more specific?
The FCC proposed a rule change to strengthen robocall mitigation by making the requirements more specific—something they’ve carefully avoided in the past. This article reviews why they proposed this change and what the new requirements could be.
On May 20, the FCC issued a Further Notice of Proposed Rulemaking (FNPRM), which contains many proposed rules and questions about robocall mitigation and STIR/SHAKEN. Paragraphs 191 and 203 ask if the FCC should strengthen the definition of “reasonable steps” providers should take in their robocall mitigation program.
Suggestions from stakeholders
The Commission has been encouraged to require more of all providers in their robocall mitigation efforts. Here are two examples.
A provider can identify likely illegal calls by examining the percentage of calls answered, the ratio of different Caller-ID information (referred to as Automated Numbering Information, or ANI) to the number of total calls, and the average duration of calls[…] Almost all illegal robocalls are short duration averaging less than 20 seconds (because the called party hangs up). 99% of such calls last less than a minute. Less than 1% of such calls last more than 2 minutes.
Our provider rating methodology continuously measures wholesaler and direct peer calling patterns over time and considers factors such as call duration, percentage of calls declined by the recipient, number of calls made using invalid numbers, calls originating from industry or government identified problematic providers, and illegal calls made to our expansive honeypot.
Robocall mitigation claims by alleged bad actors
Let’s look at the robocall mitigation programs claimed in Robocall Mitigation Database (RMD) filings by providers recently blocked for participating in transmission of auto warranty robocalls and failure to respond to traceback and enforcement:
|Provider||Robocall Mitigation Status|
|Call Pipe||Intermediate provider registration only, which requires no robocall mitigation plan.|
|Fugle Telecom||No RMD filing.|
|Geist Telecom||Intermediate provider registration only, which requires no robocall mitigation plan.|
|Global Lynks||Intermediate provider registration only, which requires no robocall mitigation plan.|
|Mobi Telecom||Claimed No STIR/SHAKEN implementation. In their robocall mitigation plan, they claim to respond to traceback requests, screen applicants for services, will block robocallers, only accept traffic from companies registered in the RMD.|
|SD Telecom||Intermediate provider registration only, which requires no robocall mitigation plan.|
|SipKonnect||Claimed No STIR/SHAKEN implementation. In their robocall mitigation plan, they claim they only sell services to end user customers who don’t run autodialing at any level, don’t sell SIP-only services, actively monitor calls for suspicious calling patterns and volumes, will always cooperate with traceback.|
|Virtual Telecom||No RMD filing. FCC 499 filing lapsed.|
Most of these providers were not required to have or certify a robocall mitigation plan. That’s why the Commission wants to require plans from all providers.
Effective robocall mitigation requires providers to:
- Know their customers and/or upstream providers (KYC). This means vetting them before providing service.
- Monitor traffic they originate for customers and/or transit from upstream providers.
Robocall mitigation plans should include KYC and monitoring. In their RMD filings, providers should specifically certify that they are doing these things.
Monitoring traffic will also help providers manage their legal risks. State attorneys general are suing providers for carrying illegal robocalls. The key phrase used in these lawsuits is that the provider “knew or should have known” that they were originating or transiting illegal robocalls.
We believe the Commission should require robocall mitigation plans to confirm that providers vet their customers/upstream providers and monitor traffic.
Would bad actors still make dishonest claims about their alleged robocall mitigation programs? Sure. And they will get caught.
Other providers, however, will be more responsive. If they must have processes for KYC and monitoring, then they will. They won’t want to get in trouble with regulatory compliance or face the legal risks of inadequate vetting and monitoring.
TransNexus is a leader in developing innovative software to manage and protect telecommunications networks. The company has over 20 years’ experience in providing telecom software solutions including toll fraud prevention, robocall mitigation and prevention, TDoS prevention, analytics, routing, billing support, STIR/SHAKEN and SHAKEN certificate services.
Contact us today to learn more.
This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.
TransNexus has a comprehensive suite of robocall mitigation solutions to prevent the origination of unlawful robocalls.Learn more