On December 30, President Donald Trump signed new legislation aimed at addressing illegal robocalls and, particularly, scam calls. The legislation passed the US House and Senate by overwhelming bipartisan votes earlier in December.
The law gives new tools to the Federal Communications Commission and the US Department of Justice to target and punish illegal robocalls. Additionally, it requires the FCC to review its standards for autodialed calls that are not subject to the telemarketing rules and, potentially, narrow the exemptions from those rules. It also requires voice service providers to adopt call authentication methodologies, notably STIR/SHAKEN, which could be used to block calls; to take steps to be able to trace calls back to their sources; and to provide call authentication and robocall blocking services without imposing additional fees. In addition, the FCC must consider requiring voice service providers to know the identities of their customers.
Some elements of this law could have effects that extend far beyond telemarketing. Any changes to the current exemptions from the telemarketing rules could have impacts on many types of customer service calls and texts, such as updates on flight schedules or service appointments. In addition, the possibility of requiring carriers to determine the identities of customers could have an impact, in particular, on the prepaid wireless business and even on how wireless carriers offer family plans.
Impacts on companies that initiate calls
Although the focus of the law is on stopping illegal robocalls at the source, it includes several provisions that target parties that initiate calls. They include the following:
- The FCC has new, explicit authority to impose fines on parties that initiate illegal robocalls and will have four years to impose fines from the time a violation occurs, up from two years under the current law.
- The FCC is required to make referrals to the Justice Department for calling parties that commit willful, knowing and repeated robocall violations with an intent to defraud, cause harm or wrongfully obtain anything of value.
- The US attorney general is required to report to US Congress on prosecutions for violation of the telemarketing requirements in the federal Communications Act. This provision, combined with the referral provision, likely will result in more prosecutions.
- The FCC is required to review the current exemptions from the robocall rules for calls that are not made for commercial purpose, calls that are made for commercial purposes but do not include unsolicited advertisements and calls that are made to mobile phones but do not impose a charge on the called party. In that review, the FCC must consider whether those exemptions should be limited to particular types of calling parties, to particular types of called parties or to a certain number of calls from one party to another. Any changes in the exemptions could affect calls and texts for customer service and similar purposes, which today are subject to less stringent requirements than sales calls.
- The FCC must adopt rules that create a process to allow parties that initiate calls of any kind (not just autodialed calls) to verify the authenticity of their calls to prevent blocking or mislabeling of those calls. This process will not prevent consumers from blocking calls that they wish to block; it is focused only on erroneous blocking.
Impacts on companies that provide voice services
Most of the law is devoted to new or modified requirements for voice service providers, all of which are intended to allow illegal robocalls to be identified, blocked and traced to their original sources. These are the key elements of those requirements:
- Voice providers are required to adopt a framework for authentication of all calls – STIR/SHAKEN for Voice over Internet Protocol (VoIP) calls and a yet-to-be-determined framework for other types of calls. In general, VoIP providers have 18 months to implement STIR/SHAKEN, but the FCC may grant extensions in some cases. The deadline for other providers will be extended until reasonable authentication measures are identified. Providers that are granted extensions must adopt robocall mitigation measures. The FCC also will issue best practices for call authentication and is required to review the call authentication requirements every three years.
- The FCC will adopt a safe harbor to protect voice service providers from liability if they block calls that fail call authentication, including if the blocking is accidental or mistaken. This safe harbor must ensure that calls from areas where authentication has not been implemented are completed.
- The FCC must open proceedings on how to protect customers from receiving calls or texts from unauthenticated numbers and on whether to require carriers to know the actual identities of their customers.
- Voice service providers cannot impose separate charges on their residential and small business customers for call authentication or robocall blocking services. They can include the costs of those services when calculating their overall rates.
- The FCC must take steps to promote efforts to trace back illegal robocalls to their origins and to protect customers from one-ring scams that involve calls from pay-per-call or international numbers that are hung up after one ring in the hope that consumers will return the calls.