STIR/SHAKEN has been years in the making, with legislative and regulatory backing. One of the…
Last year, Congress passed the RAY BAUM’S Act (what a terrible name). It’s a hodge-podge of legislation, but relevant to us here is that it made some tweaks to the Truth-in-Caller-ID Act which became law ten years ago.
Both the original and revised laws specify that it is “unlawful … to cause any caller identification service to knowingly transmit misleading or inaccurate caller identification information with the intent to defraud, cause harm, or wrongfully obtain anything of value.”
Determining “intent” is fraught with uncertainty. So when I saw that the FCC was going to revise their regulations to implement changes mandated by this new Act, I vigorously advocated that they require that callers use only a caller-ID number that is assigned to them, or which they have permission to use. That’s much more deterministic – and it’s just common sense, even if nothing nefarious is going on. It’s fine if a women’s shelter or a physician want to use a caller-ID other than the one assigned to the service from which the call is placed – but they can’t arbitrarily choose to use my number or your number. Such a rule wouldn’t interfere with anybody operating in good faith.
The agency published a DRAFT of their forthcoming Notice of Proposed Rulemaking. I suggested they should include my wording in their formal NPRM, so that they could collect any feedback from other stakeholders.
To my great surprise, my suggestion backfired. In the NPRM they adopted, they included footnote 79: “ZipDX asks us to broaden the scope of this Notice to consider changes to our rules beyond those necessary to implement section 503 of the RAY BAUM’S Act, and beyond the scope of the section 227(e) as amended. Letter from David Frankel, CEO, ZipDX LLC, to Zenji Nakazawa, Legal Advisor, FCC Chairman Ajit Pai, et al., WC Docket No. 18-335 et al., at 2 (filed Jan. 22, 2019). We are committed to attacking deceptive robocalls through all the tools at our disposal but limit our proposals herein to those necessary to meet Congress’ statutory deadline to prescribe implementing regulations. See RAY BAUM’S Act § 503(a)(4), 132 Stat. at 1092 (giving the Commission 18 months after enactment to prescribe regulations).”
Are they really saying they’re only going to do the MINIMUM required by Congress? So much for the commitment to using “all the tools at our disposal.” In fact, the footnote seems to preclude any suggestions that go beyond that minimum.
I filed formal comments asking them to seriously (re)consider incorporating my suggestion. Others have advocated for this sort of objective criteria. Verizon said so in a recent filing (“Verizon supports a simple rule that would make it illegal for any caller to use any phone number that it is not authorized to use.”). Jeff Lawson, CEO of Twilio, said in a recent blog post: “We require you to confirm ownership of a phone number before you are allowed to use it as ‘caller-id’ when initiating a phone call via our APIs.” I’ve never seen or heard any objection to such a rule. Perhaps in the NPRM “Reply Comments” (the window for which closes May 3), we’ll see more yeas or perhaps a nay.