Robocall blocking —

Robocallers “evolved” to sidestep new call blocking rules, AGs tell FCC

Thirty-five states urge FCC to let carriers block "neighbor spoofing" calls.

Three robots sitting in front of computers and wearing phone headsets.
Getty Images | vladru

The Federal Communications Commission should let phone companies get more aggressive in blocking robocalls, 35 state attorneys general told the commission yesterday.

The FCC last year authorized voice service providers to block more types of calls in which the Caller ID has been spoofed or in which the number on the Caller ID is invalid. But the FCC did not go far enough, and robocallers have "evolved" to evade the new rules, the 35 attorneys general wrote in an FCC filing:

One specific method which has evolved recently is a form of illegal spoofing called "neighbor spoofing." A neighbor-spoofed call will commonly appear on a consumer's caller ID with the same area code and local exchange as the consumer to increase the likelihood he/she will answer the call. In addition, consumers have recently reported receiving calls where their own phone numbers appeared on their caller ID. A consumer who answered one such call reported the caller attempted to trick her by saying he was with the phone company and required personal information to verify the account, claiming it had been hacked.

The attorneys general said they "encourage the FCC to adopt rules authorizing providers to block these and other kinds of illegally spoofed calls."

The industry can also make progress simply by using existing frameworks to authenticate legitimate calls and identify illegally spoofed calls, the attorneys general wrote. The FCC should encourage all service providers "to aggressively implement" the STIR (Secure Telephone Identity Revisited) and SHAKEN (Secure Handling of Asserted information using toKENs) protocols, they wrote.

The letter was signed by state attorneys general from Arizona, Arkansas, Connecticut, Delaware, District of Columbia, Florida, Hawaii, Illinois, Indiana, Iowa, Kansas, Louisiana, Maryland, Massachusetts, Minnesota, Mississippi, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Oklahoma, Oregon, Pennsylvania, Rhode Island, Tennessee, Utah, Vermont, Virginia, Washington, and Wisconsin.

“Virtually anyone” can be a robocaller

The states also explained why robocall complaints are rising each year:

Virtually anyone can send millions of illegal robocalls and frustrate law enforcement with just a computer, inexpensive software (i.e., auto-dialer and spoofing programs), and an Internet connection. Because "technology enables a cheap and scalable model," illegal robocalls remain the number one consumer complaint for many of our Consumer Protection Offices, the FCC, and the Federal Trade Commission. Despite the 2017 Call Blocking Order, which increased providers' ability to block illegally spoofed calls, the robocall problem appears to be getting worse.

The states wrote to the FCC in response to a call for public comment "on how the Commission might further empower voice service providers to block illegal calls before they reach American consumers." In particular, the FCC asked the public for "additional criteria voice providers could use to identify and block illegal calls."

"Our goal in seeking additional comment is to identify specific, enforceable criteria for targeting illegal calls that cannot be abused while ensuring providers have sufficient flexibility available to adapt to dynamic calling patterns," the FCC said in August when it asked for public input.

Concern about false positives

The FCC also heard from CTIA, the mobile industry trade group that represents AT&T, Verizon, T-Mobile, and Sprint. The group urged the FCC to make sure that "carriers... combatting illegal robocalls in good faith must have protection from associated legal and regulatory liability."

A safe harbor as proposed by the CTIA would limit carriers' liability when they mistakenly block calls that shouldn't be blocked. This would encourage carriers to adopt the STIR and SHAKEN protocols, CTIA said.

Numeracle, a company whose products help businesses make legal marketing calls without getting blocked, previously told the FCC that it should be wary of extending safe harbors to carriers because of the risk of false positives that block legal calls.

"As long as false positives occur, the Commission should not extend safe harbors to carriers before exhaustive efforts to explore trusted identification of calling entities has been fully vetted," Numeracle said.

CTIA countered that call blocking systems "should not be stifled by rules aimed at addressing false positives."

"The total elimination of false positives cannot be a condition precedent for establishing a safe harbor," CTIA wrote. "Because of the limited nature of carrier-initiated blocking, it is unlikely that carrier-initiated blocking is the source of significant false positive errors, to the extent this is a substantial problem at all. False positives, which likely are more relevant to consumer opt-in blocking and labeling services, should not dictate what the Commission does to facilitate more network-level blocking."

The FCC must also "understand that false positives can never be completely eliminated, just as illegal robocalls can never be completely eliminated," the CTIA wrote.

The deadline for comments passed this week. All comments are available at this link. It's not clear when the FCC will take further action.

Last month, the FCC issued about $120 million dollars' worth of fines to two robocallers accused of spoofing real people's phone numbers.

Channel Ars Technica