TCPA Regulatory Update — Commission Seeks Comment on Efficacy of STIR/SHAKEN; Commission Signs Robocall MOU

Commission Seeks Comment on Efficacy of STIR/SHAKEN

On August 5, the Federal Communications Commission’s (“Commission”) Wireline Competition Bureau (“WCB”) released a Public Notice seeking comment on two recurring obligations imposed by the Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (“TRACED Act”) relating to the Commission’s caller ID authentication rules.

The Public Notice first seeks comment on two implementation extensions for STIR/SHAKEN call authentication technology that WCB granted in 2020 – one for “small voice service providers” and one for voice service providers unable to obtain a Service Provider Code (“SPC”) token (a necessary component of STIR/SHAKEN participation). The Commission granted a STIR/SHAKEN implementation extension until June 30, 2023 for voice service providers with 100,000 or fewer subscriber lines, finding that these providers may face substantial cost and resource constraints that would prevent STIR/SHAKEN implementation. Subsequently, the Commission shortened that extension for a subset of small providers determined to be the likely source of illegal robocalling. Now, pursuant to the TRACED Act, WCB must reassess this extension and determine if the 2023 deadline is still appropriate in light of any current barriers or burdens to STIR/SHAKEN implementation small providers face. Similarly, the Commission granted an indefinite extension to providers incapable of obtaining an SPC token. Even though in 2021 the Token Access Policy was revised, which enabled some providers to obtain SPC tokens that could not do so before, the Commission chose to leave this extension in place. Now, WCB seeks input to determine whether technological or other changes have eliminated the practical impediments to token access, such that it should terminate this extension.

Next, WCB seeks comment on the efficacy of STIR/SHAKEN at eliminating unlawful calls. The TRACED Act directed the Commission to “assess the efficacy” of the technology chosen for call authentication – in this case, STIR/SHAKEN – within three years of its 2019 enactment. The TRACED Act also directed the Commission to “revise or replace” that technology if, based on its efficacy assessment, it is in the public interest to do so. The Commission must ultimately submit a report to Congress outlining the findings of its assessment and any actions it determines are necessary to revise or replace STIR/SHAKEN. This will be the Commission’s first triennial assessment of STIR/SHAKEN, which was required to be implemented by most U.S.-based voice service providers by June 30, 2021. At the time of the Commission’s previous report to Congress on STIR/SHAKEN, it found that without widespread adoption, the agency could not assess the practical efficacy of the technology. Given the broad application of STIR/SHAKEN since that report, it is likely that the Commission will have more to assess this time.

Comments in response to the Public Notice are due 30 days following publication in the Federal Register, and reply comments are due 50 days after publication in the Federal Register.

Commission Signs Robocall MOU

In June, Federal Communications Commission (“Commission”) Chairwoman Jessica Rosenworcel announced that she had signed a Memorandum of Understanding (“MOU”) to combat unlawful robocalling with the Canadian Radio-television and Telecommunications Commission (“CRTC”).

In the MOU, which was publicly released in August, the Commission and CRTC (collectively “Parties”) agreed to provide mutual assistance in their robocall enforcement activities. This includes sharing complaints and investigation information such as relevant personally identifiable information (“PII”) (but only to the extent it is necessary to resolve the complaint or investigation), the facts underlying the complaint or investigation, and a description of the type of assistance sought. The Parties also agreed to coordinate any cross-border enforcement actions; share information about relevant regulatory, technical, and policy developments, enforcement solutions, amendments to relevant legislation, and staffing or other resource issues; and collaborate on initiatives that promote regulatory, policy, technical, and other commercially viable solutions to unlawful robocalling. They further agreed that in the event cooperation is not feasible due to a conflict with domestic laws or the nature of the potential violation, a party may decline to assist the other or limit that assistance. And finally, the MOU makes clear that both parties must get prior written consent to disclose or use any PII and that all sensitive information must be handled safely – e.g., only transmitted in an encrypted format, transmitted directly by courier with tracking where possible, maintaining files in a secure location with limited access, and redacting any information used in a proceeding that could lead to public disclosure. The MOU states that both the Commission and CRTC must oppose, to the extent permitted by law, any application by a third-party (for example, a Freedom of Information Act request) for disclosure of any confidential information or materials shared under the MOU. Both the Commission and CRTC agreed that neither would retain any materials or information obtained under the MOU beyond the conclusion of the proceeding for which the materials were requested.

Noting that illegal robocalls are an international problem that does not respect borders, in her announcement of the MOU, Chairwoman Rosenworcel stated, “It is critical that we work closely with partners like our colleagues in Canada who share our commitment to fight[ing] robocall scams and unmasking the bad actors behind them. I thank Chairperson Scott and his team for continuing our active and productive cooperative relationship. Together, we will continue to make stopping illegal robocalls a top consumer protection priority.”

The MOU was effective as of June 6, 2022.

Subscribe To Viewpoints