Compliance is required by the end of the year for providers to expand caller ID authentication and robocall mitigation measures.
06/23/2023 10:45 A.M.
4.5 minute read
The Federal Communications Commission has announced an Aug. 21 effective date for final rules on illegal robocall mitigation and to expand requirements for voice service providers to implement the STIR/SHAKEN call authentication framework.
Compliance with the call authentication framework requirements is required by Dec. 31, 2023, according to the final rule published in the Federal Register.
The final rule “takes further steps to combat illegally spoofed robocalls by strengthening and expanding caller ID authentication and robocall mitigation obligations and creating new mechanisms to hold providers accountable for violations of the commission’s rules,” according to the notice.
Here are a few terms related to telephone companies’ obligations included in the rule:
- Originating Voice Service Providers: Telephone companies serving the entity making the call.
- Terminating Voice Service Providers: Telephone companies serving the person receiving the call.
- Intermediate Providers: Telephone companies that don’t serve the calling or called party, but merely pass the call along the chain.
- Gateway Provider: A U.S.-based intermediate provider that receives a call directly from a foreign originating provider or foreign intermediate provider at its U.S.-based facilities before transmitting the call downstream to another U.S.-based provider.
The rule closes a significant gap in the STIR/SHAKEN call authentication framework, increases robocall mitigation requirements for all providers, enacts more robust enforcement tools, and seeks feedback on more steps to further improve the effectiveness of the STIR/SHAKEN framework, ACA International previously reported.
Specifically, the new rule “requires intermediate providers that receive unauthenticated IP calls directly from domestic originating providers to use STIR/SHAKEN to authenticate those calls.”
This measure will close the gap between originating voice service providers with systems that cannot accommodate the framework and others that “may deliberately fail to authenticate calls,” according to a news release from the FCC when the rule was proposed.
“By requiring the next provider in the call path to authenticate those calls, the FCC closes a gap in the caller ID authentication regime and facilitates government and industry efforts to identify and block illegal robocalls,” the FCC reports.
In addition, the new rules will expand robocall mitigation requirements for all providers through the FCC’s Robocall Mitigation Database.
This includes requiring all providers to submit a certification to the Robocall Mitigation Database regarding their STIR/SHAKEN implementation as well as a robocall mitigation plan to the database.
In enforcement components of the rule, the “FCC made clear that violations of its mandatory blocking rules could result in substantial fines using per call forfeiture calculations.”
Amendments
A few amendments to the rule will have delayed effective dates.
Amendments codified at 47 CFR 64.6303(c) (amendatory instruction 9) and 64.6305(d), (e), (f), and (g) (amendatory instruction 12) are delayed. The FCC will publish a document in the Federal Register announcing the effective dates for the delayed amendments to 47 CFR 64.6303(c) and 64.6305(d), (e), (f), (g).
The amendments listed under 64.6305 are related to certification by gateway providers in the Robocall Mitigation Database and intermediate provider and voice service provider obligations.
The FCC will also publish a document in the Federal Register announcing the effective dates for the delayed amendments to 47 CFR 64.6303(c), which relates to caller ID authentication in non-IP networks.
Compliance Deadlines
By Dec. 31, 2023, the first non-gateway intermediate provider in the call chain must authenticate unauthenticated calls it receives, according to the FCC.
The FCC is allowing until the end of the year for compliance “because intermediate providers need time to deploy the technical capability to comply with the commission’s requirement to authenticate calls, and providers may wish to amend their contracts with upstream originating providers to meet this new requirement.”
Providers that are new to using the Robocall Mitigation Database and filing obligations must submit a certification and mitigation plan to the Robocall Mitigation Database 30 days after publication of notice of approval by the Office of Management and Budget of any associated Paperwork Reduction Act obligations in the Federal Register, or any deadline set in a public notice from the Wireline Competition Bureau, whichever is later.
This allows the Wireline Competition Bureau to provide an extended filing window where circumstances warrant.
ACA’s Take
Illegal robocall and text message mitigation has long been a focus of FCC Chair Jessica Rosenworcel and is expected to continue through enforcement actions and rules.
ACA and joint industry trade association partners have advocated with the FCC to ensure important illegal robocall blocking measures do not impact calls from legitimate businesses consumers want and need, as documented in a letter (PDF) recapping a meeting with these groups and the FCC on its Advanced Methods to Target and Eliminate Unlawful Robocalls.
Meanwhile, the FCC’s modified rule on call exemptions and obtaining consumers’ consent will take effect on July 20, 2023, meaning compliance is required for certain call exemptions and call limits by that date, ACA previously reported.
In partnership with Brownstein Hyatt Farber Schreck, ACA will release best practices for members to discuss call authentication processes with their carriers and strategies for prevention for call and text blocking. In addition, the guide will provide insights on how to remediate if it does happen.
Brownstein shareholder Michael Pryor is also leading a session to review FCC and other government agency efforts to mitigate illegal robocalls and texts, “Avoiding the Call Blocking Blues,” during ACA’s Annual Convention & Expo, July 26-28 in Chicago.
Remember, subscribe to ACA Daily and Member Alerts under your My ACA profile when logged in to acainternational.org to receive updates on the ACA Huddle.