FCC Closing Loophole That Gave Robocallers Easy Access To US Phone Numbers (arstechnica.com) 72
The Federal Communications Commission is taking steps to restrict Voice over Internet Protocol (VoIP) providers from easily accessing US telephone numbers. Over the past several years, robocallers have exploited VoIP providers to inundate US citizens with unwanted calls, many of which come from falsified numbers. Previously, the regulations allowed VoIP services relatively uncomplicated access to US phone numbers. ArsTechnica: But under rules adopted by the FCC yesterday, VoIP providers will face some extra hurdles. They will have to "make robocall-related certifications to help ensure compliance with the Commission's rules targeting illegal robocalls," and "disclose and keep current information about their ownership, including foreign ownership, to mitigate the risk of providing bad actors abroad with access to US numbering resources," the FCC said. The FCC order will take effect 30 days after it's published in the Federal Register. A public draft of the order was released ahead of the FCC meeting.
All of them (Score:2)
Re: (Score:3)
Solid 90%. There's still some rural/older areas in Canada/USA that are using older switches, but pretty much anything urban (or passing a major CO) is probably converted to VoIP at some point. The rest of the world is probably fairly similar: upgraded to voip, waiting for an upgrade cycle, or waiting for some cheap used DSLAMs to get retired here.
So, not all calls, but close.
Re:All of them (Score:5, Insightful)
You say upgraded - but the voice quality and communication content, and especially the latency were, IMHO, way better before.
I must be getting old. I remember when things worked immediately when you pushed the button etc. Everyone has to have way more patience and delay tolerance now.
Re:All of them (Score:5, Interesting)
I think that's very provider/hardware dependent. We get compliments all the time about call latency and quality, but we're also the ISP in many cases and have direct peerings with a number of local telcos. Media takes a short path, and ideally is IP based all the way to the endpoint.
And just because traffic isn't VoIP doesn't mean it isn't switched. PRI/T1 operates on a timer, as did a bunch of older cell networks.
As with all things, ymmv. I do appreciate some of the "old days" hardware though, the reason that ancient Nortel is still running a rural network is because it has survivability measured in Nokia 3310's.
Re: (Score:2)
It depends where you lived, I remember when I could hear radio stations whenever you picked up the horn. That and when *DSL was a thing and the impedances on your line weren't great. Analog works but that is accepting some serious potential side effects. Nowadays most of my phone chatter is end-to-end encrypted and although it can take a bit of delay to get a connection, once it works, it is crystal clear.
Re: All of them (Score:1)
Re: (Score:2)
That's capitalism. Businesses innovate on ways to improve profit. If people are willing to switch to a phone with 200+ ms latency when they typically had under 150 ms, that's them voting with their dollars. They'd rather have a VoIP service than POTS, probably because it's taxed less. In the end it doesn't end up being cheaper.
Re: (Score:2)
caveat emptor
Re: (Score:2)
Re: (Score:3)
You say upgraded - but the voice quality and communication content, and especially the latency were, IMHO, way better before.
I must be getting old. I remember when things worked immediately when you pushed the button etc. Everyone has to have way more patience and delay tolerance now.
Is this parody.
In the 90's you had a telco provided land line (in Australia a Telecom Australia "soft touch" phone), to call someone you had to:
1. lift the handset and wait for the dial tone.
2. Dial the number (8 digits for local, +2 digits for STD, +4 digits and a kings ransom for IDD).
3. Wait for the line to realise you've finished dialling.
4. Wait another few seconds for connection.
5. Then it'll start ringing.
This was a lot slower than modern phones where you can dial the number in advance
Re: (Score:3)
They do. Poles are hopefully a little too scary for them, but people cutting into any kind of conduit for copper scrap is fairly common.
We've had it happen in buildings & multi-complexes, and just last month a major backhaul to northern Alberta was cut that serviced several providers.
Both times the thieves made off with nothing because it was fibre. But the damage is a costly pain in the ass.
Re:All of them (Score:4, Interesting)
It's iffy. First the article wait VoIP "providers", not necessarily individual users. Also, there are still landlines that plug into POTS wall sockets; they may convert to VoIP down the line but I don't think that's what this is talking about. Internet phones are VoIP, but again, I don't think that's what this is talking about. This change is about accessing US phone numbers in bulk. That makes robocalling easier tha if they just want through all possible phone numbes. The rules won't deter the determined robocaller, but it will make it more expensive or time consuming. The old rules said that just about anyone could access a list of all numbers with no real hurdles. Sounds incredibly naive, so I suspect this occured during the amazing early days of the internet where no one wanted to slow anything down and kill the golden goose.
A bigger problem is the spoofed phone numbers, where callers can pretend to have any number and the phone companies don't bother stopping this.
Re:All of them (Score:4, Informative)
It's iffy. First the article wait VoIP "providers", not necessarily individual users. Also, there are still landlines that plug into POTS wall sockets; they may convert to VoIP down the line but I don't think that's what this is talking about. Internet phones are VoIP, but again, I don't think that's what this is talking about. This change is about accessing US phone numbers in bulk. That makes robocalling easier tha if they just want through all possible phone numbes. The rules won't deter the determined robocaller, but it will make it more expensive or time consuming. The old rules said that just about anyone could access a list of all numbers with no real hurdles. Sounds incredibly naive, so I suspect this occured during the amazing early days of the internet where no one wanted to slow anything down and kill the golden goose.
A bigger problem is the spoofed phone numbers, where callers can pretend to have any number and the phone companies don't bother stopping this.
Highlighted in bold is a loophole created by the advent of Caller ID.
Call centers for major CORPs don't like to expose their local numbers because their customers know them by the Toll-Free number on the back of the credit card or printed on a payment due bill. So those call centers spoof their outbound ID to match their commonly known Toll-Free number so John & Jo Public can 'whitelist' that Toll-Free number and calls from that company's call centers will reach the customer.
Some US, State, and local Government operations will also spoof their outbound Caller ID number for any number of reasons: hospital staff calling people relating to health care issues; law enforcement operations; multi-location Government functions that can be reached by the public through a single inbound phone number but have local numbers for outbound calls at their many locations.
It is the not-so-honourable call centers that take advantage of outbound Caller ID spoofing. Since no technology or legal requirements at the traditional TELCO or VoIP provider prevents spoofing of outbound Caller ID by those call centers, those not-so-honourable call centers simply do whatever they want.
Technology has existed to stop spoofed outbound Caller ID by traditional TELCO and VoIP callers, but no law, at least to my knowledge, has ever mandated the use of that tech in the USA. If a US Federal-level law mandated the use of that tech, then the not-so-honourable call centers would have to conspire with a traditional TELCO carrier or VoIP provider to allow spoofed calls to continue. That sort of conspiracy is a high bar to hurdle for some call centers, but it's not impossible.
As the Mr. Bridger character says in the original The Italian Job movie: "Camp Freddie...everybody in the world is bent."
Re: (Score:2)
This! I assume my telephone number is public information, much like my street address. No biggie. I would love it if everyone that called someone else had to authenticate with the service provider to match their info with the records so you couldn't spoof numbers. I pretty much just don't bother answering my phone anymore because the vast majority of calls coming to me aren't legit. I find when businesses call me, their information usually appears on the screen but most calls either it says "possibly spam/s
Re: (Score:1)
> their customers know them by the Toll-Free number
It's more than that. If you have multiple phone lines, technically, you have multiple numbers, one for each line. (Or, at least, it used to work that way, back in the analog days when Caller ID was created. If this has changed, I'm not aware of it, but I wouldn't necessarily be.) Practically every company with multiple numbers had their phone system set up so that incoming calls to the
Re: (Score:2)
There is VoIP, where IP is only used as bidirectional tunnel between phone switches, and the routing of the call is based solely on the phone number. When entering the phone switch, the IP connection is terminated, the switch handles the call traditionally and routes it solely based on its phone number, and then creates a new VoIP connection with new SIP URL or
Re: (Score:2)
Re: (Score:3)
As you don't have analogue long distance lines anymore, your call, be it VoIP at some time or not, will definitely be going through a codec somewhere. And it does so since the 1980ies, since SS7 switches operate the backbones of the PSTN.
Re: (Score:2)
These days almost everything IS VoIP, you may still have an analog handset that connects to a thing that emulates a phone line, but if you use phone bundled with high speed internet, it's most likely VoIP, if you're on your cell phone, it's VoLTE or WiFi calling, which is effectively VoIP. In many cases, if you have a business multi-line which you terminate yourself in something like Asterisk or with sufficient knowledge, you can actually get or find out your SIP URL (eg. ANY Verizon cell phone has somethin
Re:All of them (Score:4, Informative)
Re: (Score:2)
Depends on the phone system and provider. SS7 is on its way out though, many international, wireless and other parties are communicating purely in VoIP.
Re: (Score:2)
Nope every military base in the US uses copper pots lines to a Avaya telco switch/gateway that then runs out a dark fiber path to a hardened Air Force base SIP relay station before getting to the outside world. Good luck "hacking" that you'd need to set on a pots box on the base with a handset and several testers to figure anything out. I've installed enough of them over the last 10 years to know how that works.
All of the very large power and infrastructure system uses pots lines internally in the larger
Now would be a good time to remind everyone (Score:2, Insightful)
Now that Biden has had his appointee confirmed expect to see a lot of this including some rulings on net neutrality.
So next time you get a robo call thank a Republican.
Re: (Score:2)
What if it's a robocall from a Republican asking for donations to a legal defense fund?
Re:Now would be a good time to remind everyone (Score:4, Interesting)
Fun fact, local RNCs are all going bankrupt because they're not important enough to get money from billionaires and all the small dollar donors are giving their money to Trump or scams that look like Trump. The primary season is gonna be wild with all the extra shenanigans since they're the referees.
Good thing Republicans never cheat in an election or at golf.
Re: (Score:3, Insightful)
...giving their money to Trump or scams that look like Trump
How do you tell the difference?
Re:Now would be a good time to remind everyone (Score:5, Interesting)
They're also getting all their money sucked up because of "legal defense funds" and other legal shenanigans! Seriously, this is not some new conspiracy by Democrats to deprive them of money, Republicans are hurting themselves. They're giving money to the guy who claims he's so rich that he won't need donations, to pay for legal fees and not for campaigns. The local parties have also spend tons of money on boondoggles, like investigating election frauds, recount circuses. And Trump's fundraising in all likelihood is going to his own pockets or to legal expenses and not towards boosting election chances.
The local parties have been taken over by the far right MAGA worshippers of Trump, locking out traditional Republicans. The traditional Republicans feel no real urge to go fund raise for a party that calls them RINOs and that has hard litmus tests of about declaring 2020 elections to have been stolen and other nonsense. The new Republicans don't know how to fund raise, except to answer the emails asking for dollars which end up being wasted on stuff other than the local parties and local candidates. When the local leadership are a bunch of kooks believing in conspiracy theories, the base is demoralized. While this might work in hard red states, it's a losing game in swing states. Giving money to the super PACs is a waste, because that money is wasted; almost none of that money is going to local candidates to help them win, and when it does go to candidates it only goes to those Trump feels are sufficiently loyal to his person (not the country, party, or office). The new local leadership doesn't know how to run elections or how to fund raise.
There's donor fatigue. They've being asked every day to send dollars in for this or that purpose with the email spams.
The big donors, deep money interests who traditionally have supported Republican candidates, are hesitant to give money to the newstyle burn-it-down wannabe Republicans like who are pushing the conspiracy theories and electing goofballs. They're not MAGA cult members.
Internally the local leadership is often attacking their own candidates if they're not conservative enough. At times it feels like some Republicans are fighting more amongst themselves than with candidates outside their parties. And Trump just inflames it all by naming primary candidates who he'll support (often a badly polling candidate who shook his hand) and labeling a traditional conservative a RINO. Local Republican leaders have been ousted for the sin of criticizing their lord and savior, Donald Trump. This is in no way the Grand Old Party anymore, it has been hijacked by cultists.
Now there have been more recent efforts to offset this, but it's not a lot. McCarthy has a fundraising committee helping out some states. But at the same time the true believer MAGA person hates McCarthy with a passion for not being insane enough for them. They've got a majority in congress but refuse to cooperate with each other, it's insane.
This is an implosion caused by the Republicans and its of their own doing.
The big guys are still OK (Score:2)
But it's going to *kill* their bench. e.g. the smaller guys at the state level who need that money.
Lindsey Graham said it best: "If we nominate Trump we'll get destroyed and we'll deserve it".
Re: (Score:2)
Sean Trende is smarter than both of us [realclearpolitics.com]
Listen, there is no standard GOP anymore, it's gone. Stick a fork in it. Without voters, there's nothing there. It was a loser of a party while it existed, since the 80s at least. Trump has less than 10 years on this planet. What the two party system looks like after he dies is indeterminate, or if it exists at all, but you're never getting back the pre-2016 GOP.
Re: (Score:2)
Sean Trende is smarter than both of us [realclearpolitics.com]
Listen, there is no standard GOP anymore, it's gone. Stick a fork in it. Without voters, there's nothing there. It was a loser of a party while it existed, since the 80s at least. Trump has less than 10 years on this planet. What the two party system looks like after he dies is indeterminate, or if it exists at all, but you're never getting back the pre-2016 GOP.
The rot started long before then.
If you remember back to the 90's, Bill Clinton was the Prez who shouldn't have been.
Because George Bush (sr) wanted to raise taxes the Libertarian arm of the GOP split off and followed Ross Perot, so the conservative vote was split. Clinton walked into office with 44% of the vote in 1992 and less in 1996 (if memory serves). Ross Perot quit before 2000 but the Republicans found a new source of votes in the ultra-conservatives, religious and white supremacists. This is w
Re: (Score:2)
You lost me at Clinton. First, he was way more of a politician than you give him credit for. He had game, of the Reagan and Trump kind. The dude was a open sleazeball and it was his behavior that gave us Trump, who is essentially Clinton redux without any redeeming virtues.
Bush lost because he was a lame candidate and he vomited on national TV - specifically in Japan. He should never have made it to that point, but apparently he had pictures of various GOP types with farm animals from his time at CIA. B
Re: (Score:2)
As a right-leaning centrist, I have to say that was a beautiful summary of the whole catastrophic, tragic mess. I'm old enough to remember thinking Reagan was the most far-right wackadoodle the party had ever seen*, and now I only wish he was our biggest problem.
The parties these days have become so extreme, I have little hope we'll see unity or any form of bipartisan cooperation in the foreseeable future. You either prostrate yourself before The Donald, or before the drag queens. Middle ground no longer ex
Re: (Score:2)
Right the middle ground no longer exists. Everything people have written about the GOP here is true about the DNC as well, Ralph Nader was just their Ross Perot.
There is a smaller and shrinking portion of the national democrats that could reasonably be described as anything but radicals. The DNC does have base but they are frothing at the mouth radicals put there by leader ship from people like Howard Deen and Debbie Shultz.
However we need to look at the Trumpian right an understand that for all its probl
Re:Now would be a good time to remind everyone (Score:4, Interesting)
I'm not talking about political calls (Score:1)
Re: (Score:2)
and yet I can't recall ever getting a single spam call from an undertaker. Not a single "Have you recently lost a loved one ..." type call.
Such good people ;-)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
All political robocalls I get are from Democrats. I don't expect the FCC to do anything to stop those, nor the ones from Republicans.
Republicans are pro Robocalls (Score:3, Informative)
Just a reminder. Republicans are pro-robocall and have voted over and over to make it easy for them to occur. They've also blocked appointments that would have ended many robocallers two years ago.
You can mod this -1, if you're a Republican, but it doesn't change the facts. You're votes cause more robo calls.
Re: (Score:2)
I'd be more likely to -1 you for "you're" vs. "your" but you could at least cite some references to drive the point home.
R's have never been great on consumer rights stuff but working in ISP's and telcos for 20+ years, I haven't heard anything about allowing foreign calls into our telephone networks deliberately. I suppose it wold be covered under the tired old "hinders creativity and invention" anti-regulation mindset...
Re: (Score:3)
the robocall problem should have been killed dead a decade ago.
I believe that was OPs point.
Re: (Score:2)
It's all political. That's how legislation gets done. That you don't like politics doesn't change that fact.
We *can* have nice things because we legislate them. Like no more robocalls telling you that you have a legal matter pending or your social security is going to be cut off. You know, the legislation that some representatives have consistently lined up against.
Re: (Score:1)
Blah blah blah, robocalls are a solved problem, the market has already found out various solutions that aren't based in legislation. I receive virtually no robocalls, it's a feature initially my phone (Apple) and phone providers (all of them) have figured out how to fix for their customers.
Re: (Score:2)
Regulation costs money, the FCC is an agency that spends billions per year on these programs without anyone ever getting arrested or shut down. Regulation would hurt the tax payer and only the tax payer.
No Spam / robocalls are not over (Score:2)
Maybe you don't... I get plenty of calls, messages and I'm definitely not the only one
There is an increased text correlation with the number of website you give your number to but I have seen brand new number getting spam calls
What makes it frustrating is an increasing number of website are insisting on non- google voice / internet numbers like banks or openai... Not only mobile provider often provide the messages online - so it's not necessarily more secure - but I don't necessarily want to give my primary
Re: (Score:2)
Uh excuse me, it's not "pro-robocall". They prefer "pro-small business" as a much better dog whistle for their BS. Please get with the PR program.
Red Herring (Score:5, Insightful)
Nearly all of the robocalls that make it to my phone (most are now screened out by Verizon and T-Mobile's filters) come from on-shore "businesses". They hide behind several layers of obfuscation but if you peel enough layers off the onion you'll eventually find some US based entity willing to take your money via a US based payment system. I have taken two scammers far enough down the rabbit hole to figure out who they were and successfully sued them for violations of the TCPA. I got $500 from one, $1,200 from the other, not nearly enough to make it worth my time, but it was a fun little exercise.
WTF stops Uncle Sam from hauling these assholes into court if I am able to do it in my spare time? If I can beat them in cviil court the Federal Government can. My victory was hollow; I'm sure it's just a cost of doing business for them. Uncle Sam could fucking bankrupt them. It's also likely there's some criminal behavior here just waiting to be unearthed by a sufficiently motivated US Attorney.
They're fighting this problem with press releases when they have access to the legal equivalent of a thermonuclear weapon.
Congress could also upend the calculation by amending TCPA to allow for recovery of attorneys fees. The damages you'll get out of a FCRA or FDCPA lawsuit are trivial, $100 to $1,000, but if you prevail you can recover attorneys fees. Those will be in the high four or low five digits if they contest the case all the way to trial. There are legions of consumer lawyers that love to take these suits on contingency because it's easy money for them.
Re: (Score:3)
Got a HOWTO?
Distributed attacks need distributed defense.
Re:Red Herring (Score:4, Funny)
Re:Red Herring (Score:5, Interesting)
Here [peopleclerk.com] is a reasonable starting point. I disagree with only two things they say:
One, it doesn’t matter if your State is "two-party" and you can't record without their consent. Federal law applies if the call crosses State lines and Federal law is "one-party" for recording. Record them all, even if you're in a "two-party" State, and just keep it close to your chest until you figure out where they're located. If they're dumb enough to announce they're recording, guess what, they just consented, lol. In the highly unlikely event they're in your State, bonus, now you may be able to sue under a state law that allows for more serious statutory damages.
Two, I’d sue in Federal Court, not small claims. A Federal summons is a lot harder to ignore. Federal judges actually know Federal law. Small claims is a dice roll, you might get Atticus Finch, but you could get Lionel Hutz. If you're going for spite, it's going to cost them a lot more to defend against a Federal suit than a small claims action. It's not too hard to put together pleadings for Federal court, templates are online, the tricky part is learning the local rules of whatever district you're in.
Read the Rules of Civil Procedure [uscourts.gov]. Get a PACER [uscourts.gov] account and look at similar cases in your district. Bonus points if you have any paralegal or attorney friends/family, you can pick their brains, and mooch off their Westlaw account for case law research. You'll get some leeway as a pro se plaintiff but if you can execute it without mistakes you'll impress the Judge a lot. They see sloppy filings from lawyers, so when a pro se person comes in with a solid one...
Re: (Score:2)
FCRA/FDCPA damages are not trivial. I had a settlement that was high $10k, more than what you list, and that was 2 decades ago. It didn't go to trial admittedly, but if the damages at trial were likely to be less, the company wouldn't have settled for this amount.
Re: (Score:2)
You presumably had a shit ton of individual violations or actual damages you could prove? In the absence of provable damages (which I regrettably never had) it's a $1,000 per violation statutory maximum on FDCPA/FCRA claims. I got a lousy $100 + attorneys fees for my recent FCRA case that actually went to trial. An old credit union I included in a bankruptcy 15+ years ago pulled my credit without permissible purpose. I sent a demand letter for $1,000, the maximum, they ignored me, so I sued them.
I thou
Re: (Score:2)
I had damages I could prove indeed. Not sure that I had 10 different types. But it was definitely documented.
Re: (Score:2)
Good on you man. It would have been my dream to soak them for that much. The most I pulled off was $6,500 against LVNV Funding, may they burn in hell. That was for four different documented violations of a C&D I sent them. One post C&D dunning letter and three phone calls. They settled on the figurative court house steps after months of stonewalling with bogus offers to forgive the debt in exchange for dropping the suit.
Best (worst?) part is the debt was included in my bankruptcy two years yea
Weak do-nothing action (Score:3)
An obvious ploy to make you think something is being done. Self certification is useless, you know it and I know it. Phase out number sharing. We need strict number-of-calls per phone number limits (with rare, and documented case-by-case exceptions). We also need strict ways to report and record scams.
Approach it from the other end as well. (Score:3)
One big step in the right direction to kneecapping robocallers; be they scammers, pollsters, fundraisers, or even just asshole sales drones; would be to fix callerID to be impossible to spoof.
*Somebody* owns or is assigned every phone number out there. So if it were impossible to fake callerID, there's some specific identifiable legal entity somewhere in the US that can be prosecuted, sued, or served a restraining order for the harassment. And even cut outs and subcontractors were used, impossible to spoof callerID would still create a trail for discovery. And if the owner of the number (Or any of the steps on the way up to the real scum.) doesn't follow "know your customer" principles and took money from some dodgy overseas outfit, Delaware tax dodge, or anything else that doesn't lead back up to the real culprit; then you liquidate them. Do that though times and legitimate telecoms will refuse to do business with robocallers, scammers, pollsters, fundraisers, telemarketers, and the rest of their ilk.
And even if shitbag politicians keep or add new exemptions for their shitbag pollsters and fundraisers, impossible to spoof callerID would still at least make it a bit easier for individuals to block their noise.
And while we're at it, make the do-not-call registry the legal equivalent to a full-up judicial restraining order. Break it, and the caller (The actual person making the call or, oi the company refuses to identify that person, their supervisor or their supervisor and so on all the way up to whoever names names or to the CEO if the rest practice omerta.) automatically gets a warrant and goes to jail for doing so... until the callee agrees that they should be released.
I'll believe it when I (don't) see it (Score:2)
This won't get fixed until someone has the poorly-considered plan of spoofing their services or political ads behind an incumbent politician's office number.
So long as caller-ID can be spoofed, there's no way for the person actually receiving the calls to make a useful report on them. STIR/SHAKEN fails "open" is only useful for verifying that some intermediate provider okayed the caller-ID. A carrier willing to throw it all under the bus (what? A fly-by-night VoIP provider? Never!) can sign as many bo
text messages (Score:1)
Bye, Bye, miss am Ajit Pai! (Score:2)
Then it should be MORE illegal! (Score:1)