Most of us despise robocalls. Although we often don’t answer them, they’re a persistent annoyance that causes our phones to ring needlessly throughout the day.
Most unlawful robocalls involve illegal caller ID spoofing, which is when the caller deliberately transmits inaccurate caller ID information to disguise their identity and attempt to defraud the called party. Scammers often use what’s known as neighbor spoofing, which is when it appears that the call is coming from a local number to increase the likelihood it will be answered.
Neighbor spoofing truly hit home for me one day when I received a call that showed my own phone number on the caller ID display. It was both surreal and infuriating. Within minutes, I got a barrage of voice messages from nearby residents who also received a call from what appeared to be my number.
Some understood that it was a spoofed call and just wanted to make me aware that my number was being misused. Then there were those who believed the call was coming from my number and the messages they left for me were not very neighborly.
FCC’s Efforts to Combat Robocalls
Not surprisingly, unwanted calls, including illegally spoofed robocalls, are the Federal Communication Commission (FCC)’s top consumer complaint, and combatting them is their top consumer protection priority.
FCC Acting Chairwoman Jessica Rosenworcel stated in March 2021 that “unwanted robocalls are not only a nuisance, but they also pose a serious risk to consumers who can inadvertently share sensitive, personal information in response to bad actors’ malicious schemes.”
Particularly troublesome has been international con artists who use illegal spoofing to target American consumers with COVID-19 pandemic-related scam robocalls.
Since 2017, the FCC has aggressively pursued a multipart strategy for combatting illegally spoofed robocalls.
This has included:
- Issuing hundreds of millions of dollars in fines against robocallers for violations of the Truth in Caller ID rules
- Expanding those rules to foreign calls and text messages
- Enabling voice service providers to block certain clearly unlawful calls
- Clarifying that voice providers may block by default unwanted calls based on reasonable call analytics
- Designating a consortium for coordinating industry-led efforts to trace back unlawful spoofed robocalls to their original sources, which is a vital resource for the FCC in uncovering the companies that facilitate large-scale robocall campaigns
In addition to the above efforts, there is also voice service providers’ required implementation of a caller ID authentication framework known as STIR/SHAKEN, as well as a robocall mitigation program and certification, which are explored below in more detail.
One key part of the FCC’s efforts to thwart illegally spoofed robocalls has been to encourage voice service providers to implement a caller ID authentication framework known as STIR/SHAKEN. This stands for Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using Tokens (SHAKEN) standards.
The STIR/SHAKEN framework enables voice providers to verify that the caller ID information transmitted with a particular call matches the caller’s number and to identify calls with illegally spoofed caller ID information before those calls reach their subscribers.
Benefits of STIR/SHAKEN
Although there isn’t a silver bullet when it comes to eradicating illegal robocalls, once STIR/SHAKEN is universally implemented by voice service providers, it could yield numerous and substantial benefits. The framework could:
- When paired with call analytics, protect consumers from fraudulent robocall schemes that cost Americans approximately $10 billion annually
- Restore trust in caller ID information and encourage consumers to answer the phone, which will benefit businesses, health care providers, and not-for-profits
- Reduce spoofed robocalls to health care and emergency communications systems
- Reduce costs for voice providers by eliminating unwanted network congestion and decreasing the number of customer complaints about robocalls
STIR/SHAKEN Implementation Deadline
In 2019, Congress passed the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act, which required the FCC to take numerous steps to promote and mandate the implementation of the STIR/SHAKEN framework. Consistent with the TRACED Act, the FCC now requires large voice service providers to implement STIR/SHAKEN in the Internet protocol (IP) portions of their networks by June 30, 2021.
However, small voice service providers with 100,000 or fewer voice subscriber lines have been granted a two-year extension of this deadline, giving them until June 30, 2023, to complete their implementation.
Limitations of STIR/SHAKEN
The STIR/SHAKEN framework only operates on the IP portions of a voice service provider’s network that support the transmission of calls using Session Initiation Protocol (SIP).