Last year, the FCC set forth two deadlines for voice service providers to register and file within the Robocall Mitigation Database, the repository used to track which service providers have or have not yet implemented the framework.
The Database breaks down into 4 implementation categories:
Complete STIR/SHAKEN Implementation
N/A (reserved for intermediate providers, small providers, and gateway providers)
Those who fall into the category of ‘Partial’ and ‘No’ implementation have at least filed the required Robocall Mitigation Plan which clearly states their intent to fully implement the framework and the reasonable steps they are currently taking to significantly reduce illegal robocalls from originating or traversing their networks in the meantime.
A New Milestone Reached
After keeping a close watch on the implementation count of the Robocall Mitigation Database in our previous Implementation Reports (see Footnotes 2 & 3), the Database has now hit a milestone of 7,000 total service providers who have filed their intentions and plans to reduce illegal robocalls traffic on their networks.
Since September 28th, providers have continued to trickle into the database, with only a few more added each day. Now three months after the second deadline, the Database has now hit a total of 7,002 implementations with the majority of providers still relying on their Robocall Mitigation Plans, and not full STIR/SHAKEN implementation, to reduce robocalls on their network.
However, steadily growing alongside the overall count is the number of providers who are fully implementing the standard which is close to reaching 2,000 and is 928 behind the count of those who have only partially implemented so far.
Implementation by Gateway Providers
Proposals from the FCC
When the STIR/SHAKEN standards were being defined, they were written as if from a single country perspective and not as a US-specific technology. The United States has led the initiative towards protecting the voice network by being the first to require the implementation of STIR/SHAKEN and traceback procedures. The next focus is on gateway providers that are the point of entry for foreign calls into the U.S. that may be originating bad actor traffic abroad.
The FCC issued Fourth (WC Docket No. 17-97) and Fifth (CG Docket No. 17-59) Notices of Proposed Rulemaking with proposals in the Further Notice (see Footnote 4) to place additional efforts on gateway providers that are the point of entry for foreign calls into the U.S.
Responses to the FCC
In response, all fifty-one State Attorneys General responded to the FCC’s proposal in full support of requiring gateway providers to fully implement the STIR/SHAKEN framework to verify foreign-originated calls that spoof U.S. phone numbers and advocated for an earlier implementation deadline than the March 1, 2023 date proposed by the FCC (see Footnote 5).
They also pledged their support of requiring gateway providers to file Plans in the Robocall Mitigation Database until they can fully implement the framework, including practices like 24-hour tracebacks procedures, mandatory call blocking, and Know Your Customer requirements.
The Database will continue to grow
The FCC is currently still reviewing the collected responses and has not yet determined if the March 1, 2023 deadline for gateway providers will be pushed sooner. There are still many questions that need to be answered before cross-border communications can be made seamless, including a standard global definition for terms like ‘robocall’ or ‘gateway provider’ between countries as well as how regulatory changes could potentially hurt legal enterprise communications.
With the amount of media attention currently surrounding what the FCC will do next to curtail illegal voice traffic originating from or entering the US, we can predict one thing to change in the Database so far: the N/A category previously reserved for gateway providers will decrease and the number of full STIR/SHAKEN implementations will then have to slowly increase.