With robocalls plaguing both consumers and carriers for long enough, the Federal Communications Commission (“the FCC” or “the Commission”) decided to take action by requiring voice service providers to implement a caller authentication framework, known as STIR/SHAKEN, in order to validate the identity and source behind a call. A deadline for the implementation was set for June 30th, 2021. To keep track of how many had implemented, and how many were in the process of doing so, the FCC’s Wireline Competition Bureau announced the opening of the Robocall Mitigation Database.
The FCC structured the Robocall Mitigation Database and filing deadline of June 30, 2021 for voice service providers to certify full or partial implementation of the STIR/SHAKEN standard. Any providers not completing full STIR/SHAKEN implementation by June 30 were required to file a certified Robocall Mitigation Plan detailing plans to reasonably reduce the origination of illegal calls via an alternative methodology.
The June 30, 2021 STIR/SHAKEN deadline has come and gone, and many providers were left wondering if their calls would be blocked come July 1st if they had not fully implemented the standard yet. According to Chris Wendt, member of the ATIS/SIP Forum IP-NNI Joint Task Force and the STI-GA Technical Committee, the June deadline was a certification and registration deadline. It marked the date for major providers who were required to file their intention or plans to implement the framework. This was not a deadline to hereafter mark the beginning of widespread call blocking.
The September 28th deadline, which has been softly mentioned, marks the prohibition on service providers or intermediate providers from directly accepting and passing traffic from service providers who are not listed in the database. Traffic originators must be in the database and terminators of traffic must check the database to ensure they are passing legal traffic. Terminating providers do not have to give notice before blocking unregistered voice traffic.
”The Commission prohibited intermediate and terminating voice service providers from accepting calls directly from a voice service provider not listed in the Robocall Mitigation Database, finding that such a prohibition would ‘encourage all voice service providers to implement meaningful and effective mitigation programs...during the period of extension from the STIR/SHAKEN mandate. The Commission extended this prohibition to traffic originated by foreign voice service providers that use ‘North American Numbering Plan resources that pertain to the United States to send voice traffic to residential or business subscribers in the United States. This prohibition became effective on September 28, 2021.”
— Second Caller ID Authentication Report and Order, 36 FCC Rcd at 1904, para. 87
From the June 30th to the September 28th deadline, it’s clear voice service providers are actively working to file and implement STIR/SHAKEN and/or alternative Robocall Mitigation Plans. Here is where cross-industry implementation currently stands:
Count as of 9/27/21
Implementation Count: 1077
Partial Implementation: 1139
No Implementation: 2211
Total Robocall Mitigation Plans: 3350
Total in Database: 5211
*Voice service providers with Partial or No Implementation were required to file a certified Robocall Mitigation Plan by June 30, 2021.
With only one day to go until the September 28th deadline, service providers have been steadily implementing the standard, at least partially, based on certified plans filed within the Robocall Mitigation Database. Following the June 30th deadline, where it was feared that voice traffic would be immediately blocked, the industry saw a rapid growth in the number of Robocall Mitigation Plans filed.
The rate of complete STIR/SHAKEN implementation seems to be catching up this month, but most are still relying on partial implementation of the standard supplemented by detailed Robocall Mitigation Plans to reasonably reduce the amount of illegal robocall traffic in support of industry-defined expectations..
With the overall rate of implementation more than doubling between the June and September deadlines, it will need to be monitored after the September 28th deadline as well. Will there be a rapid spike in the amount of implementation if too much voice traffic is getting blocked at the network level? How long will it take for the rate of full implementation to catch up with the amount of Robocall Mitigation Plans that have been filed?
A Focus on Gateway Providers
As we move closer to this deadline, the FCC issued Fourth (WC Docket No. 17-97) and Fifth (CG Docket No. 17-59) Notices of Proposed Rulemaking on September 9th. Proposals in the Further Notice place additional focus on gateway providers that are the point of entry for foreign calls into the United States and their part in the fight against illegal robocalls originating abroad. Thoughts on the enforceability of the Robocall Mitigation Database have come into question, and the FCC is seeking clarity on how it addresses foreign voice traffic into U.S. networks.
Check back in with us for our follow-up thoughts post the September 28th deadline and observations on how this deadline has affected voice traffic. With the comment period currently open for responses to the Further Notice, the big question remains: do the benefits of maintaining the Robocall Mitigation Database outweigh the burdens of filing, monitoring, and enforcing, both domestically and where cross-border traffic is concerned?
For Part II of this report, read our follow-up report, "The Post-Deadline Analysis."
To learn more about the expectations and process of filing a Robocall Mitigation plan, check out our Tuesday Talks Podcast episode with Kevin Rupy or read our blog post: “Robocall Mitigation Plans: The Last Mile.”
To Learn more about STIR/SHAKEN Implementation, listen to our two-part Tuesday Talks Podcast episodes featuring Chris Wendt, co-author of the STIR/SHAKEN standards.