Is the war against robocalls finally coming to a close? In a milestone ruling, the FCC now forbids telecom companies from accepting calls made by unregistered voice service providers. In other words, if a voice service company doesn’t appear in the new Robocall Mitigation Database, then it can’t bother you. But some experts say that this new rule is full of loopholes—will it really help end robocalls?
The Good: Unregistered Voice Providers Can’t Make Calls
Well, let’s start with the basics. This new rule builds on a cryptographic Caller ID system called STIR/SHAKEN, which the FCC required providers to implement on June 30. While the science behind STIR/SHAKEN is a bit complicated, the protocol helps prevent Caller ID spoofing by forcing voice providers (the companies that provide automated call services) to attest the validity of any outgoing calls. If a company using STIR/SHAKEN decides to start robocalling people, it will be extremely easy to identify.
According to the FCC, the June 30th STIR/SHAKEN mandate led to an 8.6% reduction in robocalls. That’s not a significant change. Clearly, most voice providers making robocalls chose to simply ignore the June 30th ruling.
But the FCC’s newest rule could lead to a much more noticeable change—voice providers that aren’t registered with the Robocall Mitigation Database (a requirement when implementing STIR/SHAKEN) can’t make calls anymore. All of the companies that ignored STIR/SHAKEN are screwed, right?
The Bad: Loopholes, Loopholes, Loopholes
In its press materials, the FCC suggests that all voice providers must implement STIR/SHAKEN and register with the Robocall Mitigation Database. But in reality, the FCC provides a ton of loopholes to help voice providers avoid these mandates.
For one, the voice providers can submit information to the Robocall Mitigation Database without implementing STIR/SHAKEN. They simply need to “prove” that they’re taking internal action to prevent robocalls.
According to the U.S. Public Interest Research Group, 57% of voice providers registered with the Robocall Mitigation Database “said they were not using the industry standard technology but rather are using their own methods to manage robocalls.” Only 17% of registered providers say that they’ve fully implemented STIR/SHAKEN, and a whopping 27% have “partially” implemented the technology, whatever that means.
Not only that, but several companies are exempt from the FCC’s new rule. Small voice providers don’t need to use STIR/SHAKEN or submit info to the Robocall Mitigation Database, despite the fact that these small companies drive the spam call industry. “Gateway providers” that direct calls from outside the U.S. are also exempt—has anyone from the FCC actually answered a robocall?
And then there are older TDM and PTSN-based networks, which cannot implement new Caller ID technology. The FCC says companies using these networks must switch to modern IP standards or develop their own caller authentication system. But because the FCC hasn’t set a deadline for this rule, companies are ignoring it.
The Gist: Change Is Coming Slowly
The FCC has come a long way over the last few years. As you’ve probably noticed, many incoming calls are now automatically marked as “spam” by your phone, and today’s new rule should reduce the total number of robocalls accepted by carriers.
But small companies and gateway providers are exempt from these rules. Until the FCC takes action against these voice providers, they will provide a safe haven for robocallers. You will continue to get spam calls. Sorry!
Source: FCC via Ars Technica, Engadget