Attorney Generals from 35 states have called on the FCC to put an end to the rising tide of the very annoying robocalls that people are receiving not only on their landlines, but also on their mobile numbers.

Let's face it, robocallers are very annoying. If you are like me, you routinely get about 10 robocalls a day telling me "This is an important message, do not hang up the phone!" They then try to sell me some scam that includes getting my business in the top spot on Google, offering hotel packages, fixing credit card debt, stating my IP address is compromised, or strangely speaking to me in Chinese.

Yet no matter how many times you hang up on them, they never get the hint and simply call you back later or the next day!

It appears we are not alone and it has gotten to be such a problem that the attorney generals from 35 states have sent a bipartisan letter to the FCC. This letter asks the FCC to push telephone providers to implement new protocols that can identity legitimate calls and filter out spoofed calls.

"Virtually anyone can send millions of illegal robocalls and frustrate law enforcement with just a computer, inexpensive software (i.e., auto-dialer and spoofing programs), and an internet connection," stated the letter to the FCC. "Because “technology enables a cheap and scalable model,” illegal robocalls remain the “number one consumer complaint”8 for many of our Consumer Protection Offices, the FCC, and the Federal Trade Commission (“FTC”). Despite the 2017 Call Blocking Order, which increased providers’ ability to block illegally spoofed calls, the robocall problem appears to be getting worse."

In 2017, the FCC released the 2017 Call Blocking Order, which allowed providers to block calls from do-not-originate lists and those that were spoofing invalid phone numbers or ones that are not being used. Unfortunately, this has not stopped the rapid increase of robocallers or the use of new method called "neighbor spoofing", which spoofs a number, sometimes even your own, in your area in order to further convince you to pick up the phone.

"Based on available data, the number of illegal robocalls, and corresponding consumer complaints, increases every year," continued the letter to the FCC. "Last year, reports reflect that American landline and wireless subscribers received an estimated 30.5 billion illegal robocalls. This figure is up from the 2016 estimate of 29.3 billion illegal robocalls. By the end of this year, the industry expects a 33% increase, meaning spammers and scammers are going to disrupt our children’s homework, our dinner, our relaxation time, and even our sleep, to the tune of over 40 billion illegal robocalls."

This letter was signed by the Attorneys General of Pennsylvania, Arizona, Arkansas, Connecticut, Delaware, District of Columbia, Florida, Illinois, Indiana, Iowa, Kansas, Louisiana, Maryland, Massachusetts, Minnesota, Mississippi, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Oklahoma, Oregon, Rhode Island, Tennessee, Utah, Vermont, Virginia, Washington, Wisconsin, and the Hawaii Office of Consumer Protection.

Letter urges FCC to push for STIR/SHAKEN adoption

As these illegal telemarketing scams are estimated to have stolen 9.5 billion dollars from consumers,  the letter urges the FCC to push for new protocols that can further help to battle these scams. These protocols are STIR (Secure Telephone Identity Revisited) and SHAKEN (Secure Handling of Asserted information using toKENs) and can be used by telephone providers to identify legitimate calls and those from bad actors.

STIR & SHAKEN Workflow
STIR & SHAKEN Workflow

Similar to how SSL is used to create secure web connections, STIR and SHAKEN use public key cryptography and trusted authorities to validate a phone number. As explained by TransNexus:

"STIR and SHAKEN use digital certificates, based on common public key cryptography techniques, to ensure the calling number of a telephone call is secure. Each telephone service provider obtains their digital certificate from a certificate authority who is a trusted authority. The certificate technology enables the called party to verify that the calling number is accurate and has not been spoofed."

H/T: Gizmodo