Rebekah Johnson: Welcome to Tuesday Talks, a live discussion series where we bring truth and shed light across the brand identity and the communications industry. I'm Rebekah Johnson, Founder and CEO of Numeracle and I'll be co-hosting today's session with Mitch Roth, founding member of Roth Jackson. While we have day jobs in those two roles, we are also very active in our Coalition, which is called the Enterprise Communications Advocacy Coalition (ECAC), focused on FTC, FCC, and state matters. Welcome back, Mitch, it's so good to have you on Tuesday Talks again.
Mitch Roth: Great to be here, Rebekah, thanks for the invitation.
Rebekah Johnson: Absolutely. We definitely have a lot to update since the last time we talked, which I think was close to the end of last year, or at least, in the last quarter. Just when we think that the Federal Government is going to take a break over the holidays, we think again. They don't ever stop. Today we're going to cover some of the activities that are happening with the FCC, the FTC, and some industry standards.
We don't often provide some of those updates, but I think it's important for us to track what's happening as it relates to STIR/SHAKEN because the standards are intertwined with the TRACED Act and with rulemakings from the FCC. It all goes hand in hand.
Mitch Roth: And call blocking and gateway providers, and it never ends.
Rebekah Johnson: It doesn't, and I also feel like there are new characters that get added underneath this little family of 'regulations' who weren't necessarily as regulated but now these new rules and things come down the pipeline and it stretches and expands companies to be and to do things that they never did before.
For the preservation of staying within their businesses, it's real things that they're facing that they have to address. We absolutely cannot ignore when a ruling comes down and that's why the ECAC exists. To try to advocate and speak on behalf of the impacts that these proposed rules would have ultimately on enterprises. This infrastructure exists for communications, for businesses to consumers, not just teenagers communicating back and forth.
I want to start first with the FCC. The ECAC did talk about this, and it was in the Fourth and Fifth Notices of Proposed Rulemaking (FNPRM) on the gateway provider requirements for robocall mitigation. We did provide some reply comments to that, and we also did a deep dive on Tuesday Talks, but I thought I'd give you the opportunity to update us with what you're hearing from gateway providers since that's been published. Obviously, no activity, no rules have been proposed, but it's still a worthy topic.
Mitch Roth: You and I have been all over this, and we probably talk about this issue probably once a week, if not more frequently than that. The FCC had the Fourth and Fifth Notices of Proposed Rulemaking and what they tried to do, or what they're trying to do or proposing to do is to get gateway providers to get involved in the blocking game.
The gateway provider is generically considered to be the first carrier that touches the call in the United States. What the FCC wants to do is require them to block calls based on reasonable analytics that the call is highly likely to be illegal. Reasonable analytics that the call is highly likely to be illegal. What the heck does that mean and how do you figure that out? That was the essence of the comments that I know ECAC submitted, which was basically, for one thing, we don't think the gateway providers need to be the ones blocking the calls.
The terminating providers should be the ones who are blocking calls, and in fact, they're the ones who are required to block calls as of now. But also, the Commission can't throw it out there and simply say, "use reasonable analytics to figure out what calls illegal or illegal." It's going to result in a hodgepodge of different standards or inconsistent standards amongst different carriers, amongst different groups, amongst different enterprises, and no one's going to have any sense of reliability in knowing what calls are going to be blocked and what calls are not going to be blocked.
That's the big issue that came out of that rulemaking and I know ECAC and a few of my other clients participated in the rulemaking and said, "No, it doesn't work like that FCC." First of all, we need to have the blocking done by the terminating carriers and we need more input and information from the FCC as to which calls are going to be blocked so that there's consistency across the spectrum.
Rebekah Johnson: I know one of the counterarguments to that is, and I think the spirit of what the FCC is trying to do here is to just keep the calls from ever traversing the network. I think that's a great idea, I don't think anyone would disagree, they would prefer that these calls never enter the network. But it's putting a huge onus onto the gateway provider to be that gatekeeper. They're providing the way and now they must be the gatekeeper for that traffic.
That's where it feels unbalanced between what's being requested and what's required of the terminating carriers versus the gateway provider. There is an element of unbalanced rulemaking. It feels like a slap on the hand of the gateway provider even though they're just showing up to the game. I know you have some thoughts on that.
Mitch Roth: It gets even worse for gateway providers. Don't forget about the part about the KYC (Know Your Customer) components where the FCC wants the gateway providers to KYC, in essence, the call originator or the originating carrier. Despite the fact that the gateway provider probably doesn't know who that person or that entity is and that entity could be four, five, or six hops removed from the gateway provider.
There were a lot of comments and a lot of participation in the industry regarding that issue. It just didn't make sense and doesn't make sense to require the gateway providers to KYC the originating carrier when they have no reason to know who that originating carrier is.
Rebekah Johnson: I say this a lot and may sound like a broken record, but we've put out a lot of different rules, and when I say 'we' I mean the FCC. I'm on board with some of the things that are coming out so I feel as though I'm a part of it. But they've put out a lot of rules, they've put out guidance, direction, best practices, and I still feel like we haven't allowed for all the good work that's already been done up to this point to actually take effect and then see how effective it's being before we go to the extreme of the gateway provider side. That's just my personal opinion and how I see it.
I wish that we would be patient and allow for some of that good work to come to fruition and then make the right decisions on what else is missing. Because maybe that's not even a pain point once we implement the KYC that we have at the originating point, for those who are putting traffic onto the network. There's just a lot of work that we could still implement, and this might just be a moot point.
Mitch Roth: The gateway providers are the easy targets for the FCC. They're not the tier one carriers, they're not the tier two carriers, they're probably not even tier three carriers, and they don't have much representation before the FCC. There are thousands of them out there, and the FCC is trying to get a handle on them. The larger carriers, the tier one, and tier two carriers are pointing fingers and saying, hey, don't look at us it's all with the gateway providers where all these problems are caused. It's by the gateway providers so go pick on them or else it's not a fair fight.
Rebekah Johnson: Let's move on to the Sixth Further Notice of Proposed Rulemaking... I wonder how high this will go. This is one that has been getting a lot of attention and there have been some recent ex-partes filed as well. For those who may not be aware, there are SIP codes 603, 607, and 608.
In the Sixth FNPRM, the Commission sought comments on potential costs and benefits associated with phasing out SIP code 603, which represents a decline of the call, for purposes of immediate notification of call blocking requirements and the burden, if any, on small businesses for implementing this. Now, SIP code 603 is a standard, it's over in the world where the geniuses write the standards for how we have interoperability in communications.
One thing to note is that the Commission adopted an order for reconsideration in December and released December 14, that granted USTelecom's request to allow voice service providers originating IP-networks the flexibility to use SIP code 603 (already in existence), to meet the immediate notification requirement beginning January 1st of this year. At that time, the Commission also granted the request to clarify that the immediate notification requirements apply to all analytics-based blocking and do not apply to non-analytics-based blocking programs and that the blocked calls list requirements applies only to opt-in or opt-out analytics-based blocking and not to other blocking programs. Clear as mud. Absolutely clear as mud.
I could have sworn I filed comments on this one years ago, I feel like I did just individually before we developed the ECAC. At its root core, I never thought it was a good idea to notify bad guys that, the number they're using, is going to be blocked. We're letting them know and they'll just rotate another number, give that a whirl and see if they can get through and they'll just keep notifying them and they'll just keep dodging it. I know I wasn't alone in viewing this as a bad idea. The FCC got wind from somebody else that it's a good idea and then, all of a sudden, this pops up and we're confused to now be considering this in this FMPRM, this is real.
What came out of that is, basically in layman's terms, the proposal of a 607 and a 608 error code, which is blocking a call based on analytics or blocking a call based on the consumer marketing it as blocked. I think it's a Privacy issue and I would rather not see that. But focusing on the analytics, what this means is that carriers will be taking in the analytics that they use today, and it's the same reasonable analytics that we hear talked about a lot, to block a call. But instead of just blocking it and the originator not really knowing that it was being blocked with analytics, we're going to see an increase in 603. I do believe that there are other options for why a carrier might use 603, it might not be related to analytics, but it's going to be brought up underneath that error code.
From Numeracle's perspective, what we hear from enterprises that come to us is that they saw an increase in blocked calls. We have to believe that carriers are implementing this today because they had to meet the January 1, 2022 deadline. USTelecom did a great job with regards to the petition to just use the 603. We don't have a standard for 607 and 608, so it'd be asking for a lot.
From what I've seen in the recent ex-partes, I think that will be what the carriers are looking for, to continue on with 603 since it's already in the network and they've got it up and running so that they don't have to implement 607 and 608, which means the standards have to come up with something.
I'll pause on that because I know you've got clients coming to you as well with questions around that.
Mitch Roth: To your point, 603 is already there and companies have been using it. I get the feeling that someone in Washington thought that you could just click your heels and come up with 607 and 608 really quick. What I'm hearing in the industry with my clients is that it's not that easy. It takes a lot of time and a lot of effort, and as you can imagine, a lot of money to develop the technology to be able to accommodate those error codes. We'll see what happens but in the meantime, the FCC is going along with 603 for the time being. My guess is that they will mandate the use of 607/ 608, it just may take a while until they get everybody on board.
Rebekah Johnson: If we don't make good progress on just being able to leverage the use of 603, then I think we have to bring up the conversation of consumer privacy and hear from the consumer groups and ask how we feel if a consumer blocks a call and that specific code is sent back to the originator? I think it begs some privacy questions. Maybe the consumer doesn't want them to know that they've blocked them, I don't know. Mitch, you work in the world of privacy but I don't know if that's something that you've thought about. We don't talk about it, really.
Mitch Roth: I'm sure my kids don't want me to know that they're blocking.
Rebekah Johnson: "Sorry I just missed your call, I don't know what's happening." This is one of the concepts I have, so if you look into the rules at 603, or the call blocking, or the gateway providers... the FCC has stated very clearly that anybody in the call path, is wanted to participate and join in on the call blocking. Now it's not going to be good enough to get back a 603 or whatever 600 code that you want to use.
If the enterprise is being blocked and they're a legal entity that feels that they've been wronged in being blocked because we don't know what analytics were used to determine how to block them, how do they figure out who in the call path was the one who blocked the call? What we're going to find ourselves in, since we already have traceback, we're going to be in a trace-forward. 'Did you block my call?' 'No.' They'll go down the line. 'Did you block my call?' Is this what we're going to have to do for enterprises to be able to identify who blocked their call and why? It's not enough to be told your call got blocked because of analytics.
Mitch Roth: This also intertwines with the gateway provider issue that we've been talking about. To your point, it's all intertwined when you start talking about the TRACED Act. If the gateway provider is the one that's going to be blocking the calls and not the terminating carrier, or someone closer to the terminating carrier, the originating carrier and the call initiator are going to have no way of knowing who blocked the call and why those calls were blocked without doing that trace-forward, I'll let you coin that term, but you're right.
Rebekah Johnson: If people start using it, you heard it here first. Is that really exciting that I can take credit for new terms in telco? I really have to get a more exciting life.
Anyway, the other point that I want to make about 607/608, if we look at where it's originally from and what the FCC is looking at, is they're still focused on unwanted and illegal calls. 'Unwanted' and 'illegal' are still terms that we're trying to figure out. How do we define them within the use of reasonable analytics? The more decisions we keep making on top of a foundation where we refuse to define what it is, we just create more issues for the industry.
Even for the carriers who are doing this blocking, they're going to deal with requests that come in asking if they blocked the call if they don't know the system around calls marked 603. Are they going to be able to investigate this to even determine this? It's an algorithm so they won't know why they blocked it. How will be unblocked in the future? What if you're using a provider who does routing?
One day, your calls are routing through a particular path that does the blocking, and the next day it's routing through another path that doesn't use the same analytics that determined you should be blocked. This opens a can of worms where the FCC thinks it's visibility. We're getting less visibility into what's really going on and the decision points in the network that are being used to deliver and not deliver calls.
Mitch Roth: That's why it's so important. The issue is so important in the context of the gateway provider rulemaking for the FCC to provide clear standards as to why calls are being blocked. To only require blocking based on reasonable analytics that the call is highly likely to be illegal is not going to cut it. It's going to result in one carrier blocking the call, but then that call will just roll over to another carrier and so on and so on until the call gets through.
Rebekah Johnson: This is why going back to letting some of the activities that we've already started down the path of verifying, if we implement the identification and implement SHAKEN, (and I get that there are still some carriers that can't implement that, but there are some out of band solutions as well), if we can start putting identity into the communication infrastructure, then this whole notification of what happens to calls becomes a whole lot easier to solve.
We're doing all of these little things and throwing darts on a board to try to stop the bad guys, and it's not really creating something sustainable within the ecosystem. Let's establish identity. The TRACED Act was great, it was awesome, but let's implement what the overall objective is for that. Let's see how things shake out and stop doing these little onesies and twosies. Or else we're going to create a nightmare for us to be able to support this. Maybe it keeps you a job as a lawyer though, maybe that's a good part of it.
Mitch Roth: That's not a bad thing.
Rebekah Johnson: I want to move on to the ECAC's petition for Declaratory Ruling. This is all you, Mitch. Can you tie it into the overall privacy activities as well, and what you're doing there?
Mitch Roth (20:17): ECAC filed a petition for Declaratory Ruling to preempt the Florida Telemarketing Statute within the TCPA out of Florida. The grounds for doing so was the FCC's order back in 2003 when they created the promulgated rules implemented in the TCPA, which included Do Not Call, Call Abandonment, and things like that.
The FCC, specifically in that order, preempted state laws that were less restrictive than the FCC's rules but they left open the state rules that are more restrictive than the TCPA rules. What the FCC actually said was, while they're not ruling on it now, any state that enacts laws, rules, and regulations that are more restrictive than TCPA "almost certainly would be preempted by the FCC" and then invited anybody who's aggrieved by more restrictive rules to file a petition for Declaratory Ruling with the FCC seeking a Declaratory Ruling that the more restrictive rule is in fact preemptive.
There were a lot of talks last year when Florida promulgated or enacted a law that was significantly more restrictive than the FCC's rules and regulations. A lot of the ambiguity in the TCPA world had been around the definition of automatic telephone dialing systems. Florida's law was significantly more restrictive than that, even on a good day, and basically preempted any call which is dialed automatically or randomly, I don't remember the specific language, but suffice it to say, was significantly more restrictive than the TCPA restrictions on automatic telephone dialing systems. There are also probably half a dozen other areas where the Florida law was more restrictive than the FCC.
As I alluded to, ECAC filed a petition with the FCC to preempt the Florida rule. That was filed back in July or August of 2021 and surprisingly, or not surprisingly depending on how cynical you are, absolutely nothing has happened. Notwithstanding the fact that the FCC has a regulatory obligation to promptly put requests for declaratory rulings out for public notice. Then they can sit on it and do nothing, but they shouldn't be sitting on it and doing nothing before they put it off the public notice.
Last week, my correspondent with the FCC inquired to ask what was going on because it's been on file for a good six months or so and we haven't seen anything, when is this going to go out for public notice? I sent that correspondence last week and I have not heard back from them, so we'll see.
Now, I will tell you that back in the 2004 - 2005 time period, there were a lot of petitions that were filed by various trade groups and trade associations seeking preemption of various state laws, and those were never ruled on by the FCC. We're starting to see a pattern here where they don't like these preemption petitions. I filed one of them in 2008 but never got ruled on so I figured I'd file another one and see if we can get some action.
Ironically, since Florida was the state law that was the target of our petition, there was a lot of talk during the Florida legislative session that it was going to be amended to address some of the issues that I raised and that others have raised. That bill never got out of committee and never got presented to the governor so the law, which was the subject of our petition, remains on the books and is still out there.
In the meantime, there are probably two or three other States, I think Oklahoma is one but there are several others, that also enacted many TCPA laws which also go above and beyond what the FCC had promulgated in the TCPA regulations. So those laws potentially could be subject to petitions for preemptions. We have to wait and see what happens but it's an interesting issue. Like I said before, the FCC has not ruled on these petitions before, although they have specifically invited these petitions so we'll have to see what happens.
Rebekah Johnson: Does it help to continue to have a record of that activity, even if it's not moving the needle anywhere?
Mitch Roth: I think so. I think you always want to create as much of an administrative record as you can. Down the road, if it ever winds up in litigation, you need to have that administrative record in front of you so you can see throughout the course.
Rebekah Johnson: I want to end on something that I'm not sure will have us end on a good note but I think it needs to be discussed, which is all of the enforcement action that is a result of the activity around STIR/SHAKEN and the Robocall Mitigation Database. It's important to see that the FCC means business in this case. They're not sweet little requests asking if everybody can just do what they say.
They're showing up with enforcement and I think there are some lessons that our listeners need to take from this, both from the FCC, the FTC, and State AG's. Everybody is involved with this, and you, as a service provider or the enterprise or the call center that's delivering the calls, you could get hit by one or all three based on your activity because it's centered around the same action.
The most recent one from the FCC was a proposed civil forfeiture of $45 million for allegedly making just a little over 500,000 illegal robocalls to consumers. Of those calls, about half were made to consumers on the Do Not Call Registry. Are we really still here, folks? Are we really still doing this? The calls were related to a false claim. Of course, we're still seeing COVID-19 kind of scam activities coming through but I'm calling out that number is significant, half a million calls is not much. You can get half a million calls out before your coffee in the morning.
We have to be really careful of who we are delivering calls for. If you're a BPO or if you're a carrier, you don't want to be participating in that kind of activity. When we look at the FTC, the FTC issued refunds totaling more than $1.8 million to consumers defrauded. This one was by Life Switch and it had to do with a deceptive medical alert telemarketing scheme. I always remind people that the FTC is there for unfair and deceptive practices so we've got to be careful about what we're really communicating. Don't fudge. Be truthful and be honest in your communications and make sure that you have consent.
My background is in regulatory compliance for TSR, TCPA, and the CAN-SPAM Act and I will argue every time that it was really quite simple to stay in compliance. It's when you start to get greedy and start pushing the truth on what you're really doing, don't do it, you're going to get in trouble. There are multiple examples of this from the FTC and the messages. They're very serious about coming after this and shutting it down.
We also see the State AG's with regards to the collaboration and unification of the Attorneys Generals and how they're going after robocalls. They're making themselves known in that we're all in agreement and all in alignment on needing to protect citizens from fraudulent robocallers. A lot of time these are legitimate businesses, it's not often overseas and you can't find who they are. No, these are businesses right here in the US that maybe didn't realize that they were doing something nefarious.
It's too easy to set up your outbound communications so be aware of what you're doing if you get into the communications space. It's heavily regulated and there are a lot of rules, but if you stay on the straight and narrow, I think you'll be just fine. Mitch, I know that you help clients in this space as well. Do you have any thoughts or words of wisdom for them when they enter into this market?
Mitch Roth: There's a lot of law enforcement out there, the Attorney General's, the FTC, the FCC, and the Traceback group because there needs to be accountability, transparency, and policies, and having a system in place in order to respond to and address any issues, concerns, et cetera, that a law enforcement group may have. That includes subpoenas and that includes traceback requests.
Rebekah Johnson: You can't hide so don't ignore it. Those would not be good choices. I want to close with the Enterprise Communications Advocacy Coalition (ECAC), which Mitch and I both represent, serves as a coalition to support the interests of enterprise communications in this highly regulated space. If you are looking to get more involved on the Hill with these types of matters, either directly or speaking on your behalf, we would definitely love to have you join us and answer any questions that you may have. This is an area that needs representation and that's what we're focused on.
I'd like to thank Mitch for joining us again on Tuesday Talks, and thank all of you as well. Our next episode is going to be Tuesday, March 29th where we'll be joined by Gerry Christensen, VP of Business Development and Partnerships at YouMail, to discuss a few predictions and best practices for safe voice communications and what to watch for in 2022 and beyond. We hope to see you there!