FCC Hears Hawaiian Struggles With Robots And Identity Theft: Broadband Breakfast
The requirements for voice service providers stemming from the TRACED Act and subsequent Federal Communications Commission orders have changed the risks and threats for voice service providers.
Voice service providers have just taken major steps: Certifying SHAKEN and / or Automated Call Mitigation in the FCC database and rejecting calls from unregistered upstream providers. Does that mean it’s time to kick back and relax?
Not at all. The legal landscape of the new STIR / SHAKEN era is much larger and more diverse than mere technical compliance with FCC requirements.
We are already seeing clear and unmistakable signs that meeting the minimum requirements set by the FCC – implementing STIR / SHAKEN procedures and the robocall mitigation plan – is insufficient to mitigate the myriad of business risks resulting from the government attack on the scourge of illegal robocalls. .
Reading tea leaves, the greatest risk or threat is likely to come from the coercive actions of state attorneys general and civil litigation initiated by private parties. Wherever the legal landscape offers the possibility of recovering damages, lawyers for class action claimants and lawyers for large companies consuming voice services, such as call center operators, are certain to seize these opportunities.
Know Your Customer Rules Are Coming to the Telecommunications Industry
We anticipate that questions about what and to what extent the “Know Your Customer” requirements apply in different contexts will ultimately be answered through litigation and enforcement, and less through litigation. FCC regulatory rule making process. Questions regarding damage and who is or can be held responsible for the origin, transmission or termination of illegal automated calls will also be fleshed out through law enforcement and private litigation.
Perhaps the biggest risk, even more so than the FCC, lies in the federal and state consumer protection laws that are being developed around robotic call mitigation. Starting with the Federal Trade Commission (FTC), where the FTC’s strict “known or should have known” standard is enforced to hold voice service providers accountable for illegal robocalls using their networks.
Many telecommunications service providers and consultants look to FCC regulations to try to understand the requirements. Is it sufficient ? Are there other things they need to worry about?
FCC regulations are a good place to start, and telecom providers should keep abreast of regulations and updated versions. However, FCC regulatory compliance alone may not be sufficient to defend an action if the vendor faces the “known or should have known” standard of the FTC and state attorneys general or policy. creative and evolving litigation of the plaintiff’s bar.
Marriott has filed a lawsuit in federal court against unknown perpetrators, “John Does,” who made illegal robocalls by misusing Marriott’s name. Why would Marriott do this? What’s the point?
This is pure speculation, but as it often turns out, the actual perpetrators who harmed Marriott will likely be insolvent or beyond Marriott’s reach. By using “John Does”, Marriott retains its ability to modify its complaint to implicate carriers and suppliers who transported or carried the fraudulent traffic.
Marriott could use the FTC’s “known or should have known” standard to show that the underlying carriers are the “John Does” who took advantage of the bad actors (now insolvent or out of court). Marriott is unlikely to initiate this litigation without a strategy outside of positive public relations to pursue bad actions; instead, the “John Does” will likely turn out to be bad traffic carriers who settle Marriott’s claims.
The Call Authentication Trust Anchor Working Group has published Caller Authentication Best Practices, which the FCC has published and approved as voluntary measures. Then the Fourth Report and the Automated Call Prevention Ordinance imposed positive obligations to prevent service providers from initiating automated calls. The momentum appears to be building for service providers to be held accountable for knowing their customers and the nature of their calls.
Based on recent trends, there is certainly momentum in this direction and Know Your Customer will likely continue to gain importance. Thus, suppliers should ensure that they have a good KYC policy in place, especially as new risks emerge and scrutiny intensifies. However, as noted above, this appears to be largely motivated by the actions of the FTC and the state attorney general.
It should be noted that the Industry Traceback Group published in July 2021 a policies and procedures booklet with a section on best practices. All voice service providers should review the booklet, and in particular the best practices. Liability will continue to grow and the weakest link – the weakest KYC policy – will be the first to break, and that provider will be accountable and ‘keep the bag’.
Jonathan Marashlian is Managing Partner of Marashlian & Donahue, PLLC, The CommLaw Group, a full-service telecommunications law firm located in the Washington, DC area that serves companies operating in and around dynamic and diverse industries. communications and information technology. Their customers include VoIP, wireless and traditional telecommunications service providers, SaaS and cloud computing technologists, and Internet of Things network and application providers. The CommLaw Group has formed an Automated Call Mitigation Response Team to help clients achieve the level of compliance necessary to avoid emerging threats from litigation and enforcement. Jonathan S. Marashlian can be reached by email or by phone at 703-714-1313.
An earlier version of this article was posted on October 6, 2021 on TransNexus. This slightly edited expert opinion is reprinted with permission. Broadband Breakfast accepts comments from observers of the broadband scene. Please send articles to [email protected] The opinions expressed in expert opinion articles do not necessarily reflect the opinions of Broadband Breakfast and Breakfast Media LLC.