robocalls

Auto Added by WPeMatico

Robocallers face $225M fine from FCC and lawsuits from multiple states

Two men embodying the zenith of human villainy have admitted to making approximately a billion robocalls in the first few months of 2019 alone, and now face an FCC fine of $225 million and a lawsuit from multiple attorneys general that could amount to as much or more — not that they’ll actually end up paying that.

John Spiller and Jakob Mears, Texans of ill repute, are accused of (and have confessed to) forming a pair of companies to make millions of robocalls a day with the aim of selling health insurance from their shady clients.

The operation not only ignored the national Do Not Call registry, but targeted it specifically, as it was “more profitable to target these consumers.” Numbers were spoofed, making further mischief as angry people called back to find bewildered strangers on the other end of the line.

These calls amounted to billions over two years, and were eventually exposed by the FCC, the offices of several attorneys general and industry anti-fraud associations.

Now the pair have been slapped with a $225 million proposed fine, the largest in the FCC’s history. The lawsuit involves multiple states and varying statutory damages per offense, and even a conservative estimate of the amounts could exceed that number.

Unfortunately, as we’ve seen before, the fines seem to have little correlation with the amounts actually paid. The FCC and FTC do not have the authority to enforce the collection of these fines, leaving that to the Department of Justice. And even should the DoJ attempt to collect the money, they can’t get more than the defendants have.

For instance, last year the FTC fined one robocaller $5 million, but he ended up paying $18,332 and the market price of his Mercedes. Unsurprisingly, these individuals performing white-collar crimes are no strangers to methods to avoid punishment for them. Disposing of cash assets before the feds come knocking on your door is just part of the game.

In this case the situation is potentially even more dire: the DoJ isn’t even involved. As FCC Commissioner Jessica Rosenworcel put it in a statement accompanying the agency’s announcement:

There’s something missing in this all-hands effort. That’s the Department of Justice. They aren’t a part of taking on this fraud. Why not? What signals does their refusal to be involved send?

Here’s the signal I see. Over the last several years the FCC has levied hundreds of millions in fines against robocallers just like the folks we have here today. But so far collections on these eye-popping fines have netted next to nothing. In fact, it was last year that The Wall Street Journal did the math and found that we had collected no more than $6,790 on hundreds of millions in fines. Why? Well, one reason is that the FCC looks to the Department of Justice to collect on the agency’s fines against robocallers. We need them to help. So when they don’t get involved—as here—that’s not a good sign.

While the FCC’s fine and the lawsuit will certainly put these robocallers out of business and place further barriers to their conducting more scam operations, they’re not really going to be liable for nine figures, because they’re not billionaires.

It’s good that the fines are large enough to bankrupt operations like these, but as Rosenworcel put it back in 2018 when another enormous fine was levied against a robocaller, “it’s like emptying the ocean with a teaspoon.” While the FCC and states were going after a pair of ne’er-do-wells, a dozen more have likely popped up to fill the space.

Industry-wide measures to curb robocalls have been underway for years now, but only recently have been mandated by the FCC after repeated warnings and delays. Expect the new anti-fraud frameworks to take effect over the next year.

Powered by WPeMatico

FCC mandates strict caller ID authentication to beat back robocalls

The FCC unanimously passed a new set of rules today that will require wireless carriers to implement a tech framework to combat robocalls. Called STIR/SHAKEN, and dithered over for years by the carriers, the protocol will be required to be put in place by summer of 2021.

Robocalls have grown from vexation to serious problem as predictable “claim your free vacation” scams gave way to “here’s how to claim your stimulus check” or “apply for coronavirus testing here” scams.

A big part of the problem is that the mobile networks allow for phone numbers to be spoofed or imitated, and it’s never clear to the call recipient that the number they see may be different from the actual originating number. Tracking and preventing fraudulent use of this feature has been on the carriers’ roadmap for a long time, and some have gotten around to it in some ways, for some customers.

STIR/SHAKEN, which stands for Secure Telephony Identity Revisited / Secure Handling of Asserted information using toKENs, is a way to securely track calls and callers to prevent fraud and warn consumers of potential scams. Carriers and the FCC have been talking about it since 2017, and in 2018 the FCC said it needed to be implemented in 2019. When that hadn’t happened, the FCC gave carriers a nudge, and at the end of the year Congress passed the TRACED Act to spur the regulator into carrying out its threat of mandating use of the system.

Rules to that effect were proposed earlier this month, and at the FCC’s open meeting today (conducted remotely), the measure passed unanimously. Commissioner Jessica Rosenworcel, who has been vocal about the lack of concrete action on this issue, gladly approved the rules but vented her frustration in a statement:

It is good news that today the Federal Communications Commission adopts rules to reduce robocalls through call authentication. I only wish we had done so sooner, like three years ago when the FCC first proposed the use of STIR/SHAKEN technology.

Commissioner Brendan Starks called the rules a “good first step,” but pointed out that the carriers need to apply call authentication technology not just on the IP-based networks but all over, and also to work with each other (as some already are) to ensure that these protections remain in place across networks, not just within them.

Chairman Ajit Pai concurred, pointing out there was much work to do:

It’s clear that FCC action is needed to spur across-the-board deployment of this important technology…Widespread implementation of STIR/SHAKEN will reduce the effectiveness of illegal spoofing, allow law enforcement to identify bad actors more easily, and help phone companies identify—and even block—calls with illegal spoofed caller ID information before those calls reach their subscribers. Most importantly, it will give consumers more peace of mind when they answer the phone.

There’s no silver bullet for the problem of spoofed robocalls. So we will continue our aggressive, multi-pronged approach to combating it.

Consumers won’t notice any immediate changes — the deadline is next year, after all — but it’s likely that in the coming months you will receive more information from your carrier about the technology and what, if anything, you need to do to enable it.

Powered by WPeMatico

FCC looks to mandate anti-robocall tech after prodding from Congress

The FCC is finally going to require wireless carriers to implement an anti-robocalling technology, after asking them nicely for more than a year to do so at their convenience. Of course, the FCC itself is now required to do this after Congress got tired of waiting on them and took action itself.

The technology is called Secure Telephony Identity Revisited / Secure Handling of Asserted information using toKENs, mercifully abbreviated to STIR/SHAKEN, and amounts to a sort of certificate authority for calls that prevents phone numbers from being spoofed. (This is a good technical breakdown if you’re curious.)

STIR/SHAKEN has been talked about for quite some time as a major part of the fight against robocalls, and in 2018 FCC Chairman Ajit Pai said that carriers would have until the end of 2019 to implement it. 2019 came and went, and while the FCC (and indeed carriers) took other actions against robocallers, STIR/SHAKEN went largely undeployed.

Meanwhile, Congress, perhaps tired of receiving scam calls themselves, managed to collectively reach across the aisle and pass the TRACED Act, which essentially empowers the FCC and other departments to take action against robocallers — and prevents carriers from charging for anti-robocall services.

It also ordered the FCC to set a timeline for STIR/SHAKEN implementation, which is what Pai is doing now.

“It’s clear that FCC action is needed to spur across-the-board deployment of this important technology. There is no silver bullet when it comes to eradicating robocalls, but this is a critical shot at the target,” he said in a statement issued today.

There does not, however, appear to be any great hurry. The proposal, which will be voted on at the FCC’s meeting later this month, would require voice service providers to implement STIR/SHAKEN by June 30… of 2021. And one-year extensions will be available to smaller providers who claim difficulty getting the system up and running.

In other words, you can expect to keep receiving strange calls offering discounts on cruises and warning you of IRS penalties for some time to come. Of course, there are some things you can do to stem the flow of scammers — check out our 101 on preventing robocalls for some simple tips to save yourself some aggravation.

Powered by WPeMatico

TRACED Act signed into law, putting robocallers on notice

The Pallone-Thrune TRACED Act, a bipartisan bit of legislation that should make life harder for the villains behind robocalls, was signed into law today by the president. It’s still possible to get things done in D.C. after all!

We’ve covered the TRACED Act several times previously, as robocalls are, in addition to being horribly annoying, a uniquely annoying high-tech threat. Using clever targeting and spoofing technology, scammers are placing millions of calls that at best irritate and at worst take advantage of the vulnerable.

The new law won’t end that practice overnight, but it does add some useful tools to regulators’ toolboxes. Here’s how I summarized the bill’s provisions earlier this month:

  • Extends FCC’s statute of limitations on robocall offenses and increases potential fines
  • Requires an FCC rulemaking helping protect consumers from spam calls and texts (this is already underway)
  • Requires annual FCC report on robocall enforcement and allows for it to formally recommend legislation
  • Requires adoption on a reasonable timeline of the STIR/SHAKEN framework for preventing call spoofing
  • Prevents carriers from charging for the above service, and shields them from liability for reasonable mistakes
  • Requires the attorney general to convene an interagency task force to look at prosecution of offenders
  • Opens the door to Justice Department prosecution of offenders
  • Establishes a handful of specific cutouts and studies to make sure the rules work and interested parties are giving feedback

Senate Minority Leader Chuck Schumer (D-NY) took a break from other business to laud the enactment of the law:

Americans were battered by 48 billion robocalls last year.

I get them, too. I hate them. They need to stop.

I’m so proud I fought for the #TRACEDact to protect Americans from these annoying, persistent, & dangerous calls.

And I’m so proud it’s now law.https://t.co/HgNjuRiQXe

— Chuck Schumer (@SenSchumer) December 31, 2019

And FCC Chairman Ajit Pai’s praise was effusive in a statement his office sent along:

I applaud Congress for working in a bipartisan manner to combat illegal robocalls and malicious caller ID spoofing.  And I thank the President and Congress for the additional tools and flexibility that this law affords us.  Specifically, I am glad that the agency now has a longer statute of limitations during which we can pursue scammers and I welcome the removal of a previously-required warning we had to give to unlawful robocallers before imposing tough penalties.

And I thank the American people for never letting us forget how fed up they are with scam, spoofed robocalls.  It’s their voices that power our never-ceasing push to fight back against the scourge of robocalls and malicious spoofing.

Of course the new law isn’t a magic wand; The FCC is still limited in what it can do and how quickly it can act. Even major fines like this $120 million one have had a negligible effect on the nefarious industry. “Like emptying the ocean with a teaspoon,” said Commissioner Jessica Rosenworcel at the time.

Here’s hoping the TRACED Act amounts to more than a bigger spoon. We’ll find out as regulators and the mobile industry grow into their new capabilities and begin the long process of actually applying them to the problem. It may take months or more to see any real abatement, but at least we’re taking concrete steps.

Powered by WPeMatico

Robocall-crushing TRACED act passes Senate and heads to Oval Office

Somehow during all the partisan furor of the last few days, the Senate found a moment to vote some bipartisan legislation into law — presuming, of course, it survives the president’s desk. The TRACED act pushes carriers to kill robocalls before they ring, and gives the FCC some extra juice to pursue the wicked ones perpetrating them.

“We’re delighted the Senate acted quickly to pass this legislation to shutdown illegal robocalls,” wrote the bill’s co-sponsors in the House Energy and Commerce Committee, in a statement. “We’re working hard to help the American people get real relief from these relentless and illegal calls. We look forward to the President signing this overwhelmingly bipartisan legislation into law very soon.”

Unlike many things called bipartisan, this one really is. Two different versions of the bill originated in the House and Senate and were passed individually with overwhelming majorities. The pertinent committees put their heads together and created a unified version of the bill they could both live with. Amazingly, that was just last month, and now the bill is off to the White House for the Executive signature.

You can read a summary of what the bill does here, but I’ll summarize further:

  • Extends FCC’s statute of limitations on robocall offenses and increases potential fines
  • Requires an FCC rulemaking helping protect consumers from spam calls and texts (this is already underway)
  • Requires annual FCC report on robocall enforcement and allows for it to formally recommend legislation
  • Requires adoption on a reasonable timeline of the STIR/SHAKEN framework for preventing call spoofing
  • Prevents carriers from charging for the above service, and shields them from liability for reasonable mistakes
  • Requires the Attorney General to convene an interagency task force to look at prosecution of offenders
  • Opens the door to Justice Department prosecution of offenders
  • Establishes a handful of specific cutouts and studies to make sure the rules work and interested parties are giving feedback

Overall it seems like a good bill and quite focused on this specific issue — no weird pork attached. Here’s hoping the TRACED act is signed into law quickly.

Powered by WPeMatico

US cell carriers team up to combat robocalls — but no deadline set

Twelve cell carriers, including the four largest — AT&T, Sprint, T-Mobile and Verizon — have promised to make efforts to prevent spoofed and automated robocalls.

Announced Thursday, the pledge comes after 51 U.S. attorneys general brokered a deal that would see the telecom giants roll out anti-robocalling technologies, including a way of cryptographically signing callers to wipe out phone number spoofing. Known as STIR/SHAKEN, the system relies on every customer phone number having a unique digital signature which, when checked against the cell networks, validates that a caller is real. The carrier near-instantly invisibly approves the call and patches it through to the recipient.

Robocalls are illegal, but are a billion-dollar industry. Many of these automated, robot-dialed calls imitate a cell number area code to convince unsuspecting victims into picking up the phone. Often robocalls try to sell products they don’t need — or worse, try to con victims out of cash.

The hope is that STIR/SHAKEN would weed out most robocalls. The system would verify real callers while the billions of illegal or spoofed robocalls made every year would fail.

So far to date, AT&T and Comcast have tested the new anti-robocalling system, and AT&T and T-Mobile have also teamed up to use the technology to fight robocalls. But the system works best when every carrier uses the technology, allowing calls to be checked even as they traverse between networks. By getting Verizon (which owns TechCrunch), Sprint and the other cell giants on board, the attorneys general hope the cooperation will vastly reduce the number of robocalls each year.

CenturyLink, Charter and U.S. Cellular have also signed up to the pledge.

There’s a catch: No deadline was set, allowing the carriers to take as long as necessary to roll out the technology. That may not be good news for those seeking immediate relief. Although all of the major networks have already made some progress in testing the new anti-robocalling system, few have said exactly when their service will be ready to roll out to consumers across the country.

The Washington Post first reported the news ahead of Thursday’s announcement.

The pledge comes just weeks after the Federal Trade Commission and the Justice Department took coordinated action against close to a hundred individuals and companies accused of making more than a billion illegal robocalls.

Powered by WPeMatico

FCC proposal would let it punish international robocallers

While the FCC and Congress hammer out new rules to (hopefully) banish robocalls forever, there are some short-term solutions that can help in the meantime — and one may arrive in just a few weeks. A new FCC proposal allows the agency to go after scam calls that originate overseas or use other methods to evade existing spoofing laws.

The rule isn’t exactly new in that it is a follow-up to Ray Baum’s Act, which was passed last year and, among other things, bulked up the Truth in Caller ID Act.

Previously, the latter law prohibited scammy spoofing of numbers, a practice that makes robocalling much easier — but it only applied to calls originating in the country. That opened up a huge loophole for scammers, who are not short on means to make calls internationally. Ray Baum’s Act modifies those rules to specifically prohibit international spoofing, as well as robocall techniques using modern infrastructure like VoIP.

But just making it illegal doesn’t necessarily make it possible for the FCC to go after the criminals. If there’s nothing in the agency’s official rules that formalize how it would go about locating and taking action against those in violation of the new law, it has no power to do so. That’s what this new rule is for.

Chairman Ajit Pai’s proposal will be made public later this week and voted on at the FCC’s August 1 open meeting. If adopted, the agency would be able to do what it’s been doing with U.S. robocallers, except abroad.

Naturally tracking down scammers in a foreign country — and perhaps not an overly friendly one — is a very different beast than catching and fining domestic operations. An FCC official on a press call relating to the new rules characterized the operations as extremely complex, involving multiple shell companies and sophisticated obfuscation techniques. (The FTC has encountered similar difficulties.)

But many robocallers may well have been operating hitherto on the justified assumption that they were essentially immune to pursuit by U.S. authorities. Once they are no longer guaranteed impunity it may (one hopes) be deemed an unnecessary risk to continue operations, and some of the scammers may cut and run with their gains and move on to something else.

As for more long-term solutions, the carriers are working on implementing a new system that would more comprehensively block robocalls, though there is some concern that they won’t enable it by default, or may charge for the service. A summit is being held Thursday where the industry’s progress and intentions will be gauged.

Powered by WPeMatico

FCC passes measure urging carriers to block robocalls by default

The FCC voted at its open meeting this week to adopt an anti-robocall measure, but it may or may not lead to any abatement of this maddening practice — and it might not be free, either. That said, it’s a start toward addressing a problem that’s far from simple and enormously irritating to consumers.

The last two years have seen the robocall problem grow and grow, and although there are steps you can take right now to improve things, they may not totally eliminate the issue or perhaps won’t be available on your plan or carrier.

Under fire for not acting quickly enough in the face of a nationwide epidemic of scam calls, the FCC has taken action about as fast as a federal regulator can be expected to, and there are two main parts to its plan to fight robocalls, one of which was approved today at the Commission’s open meeting.

The first item was proposed formally last month by Chairman Ajit Pai, and although it amounts to little more than nudging carriers, it could be helpful.

Carriers have the ability to apply whatever tools they have to detect and block robocalls before they even reach users’ phones. But it’s possible, if unlikely, that a user may prefer not to have that service active. And carriers have complained that they are afraid blocking calls by default may in fact be prohibited by existing FCC regulations.

The FCC has said before that this is not the case and that carriers should go ahead and opt everyone into these blocking services (one can always opt out), but carriers have balked. The rulemaking approved basically just makes it crystal clear that carriers are permitted, and indeed encouraged, to opt consumers into call-blocking schemes.

That’s good, but to be clear, Wednesday’s resolution does not require carriers to do anything, nor does it prohibit carriers from charging for such a service — as indeed Sprint, AT&T, and Verizon already do in some form or another. (TechCrunch is owned by Verizon Media, but this does not affect our coverage.)

BREAKING: The @FCC votes to authorize call blocking to help stop #robocalls. That’s good news. Now the bad news: it refuses to prevent new consumer charges and fees to block these awful calls. That’s not right. We should stop robocalls and do it for FREE.https://t.co/6bay6cnujN

— Jessica Rosenworcel (@JRosenworcel) June 6, 2019

Commissioner Starks noted in his approving statement that the FCC will be watching the implementation of this policy carefully for the possibility of abuse by carriers.

At my request, the item [i.e. his addition to the proposal] will give us critical feedback on how our tools are performing. It will now study the availability of call blocking solutions; the fees charged, if any, for these services; the effectiveness of various categories of call blocking tools; and an assessment of the number of subscribers availing themselves of available call blocking tools.

A second rule is still gestating, existing right now more or less only as a threat from the FCC should carriers fail to step up their game. The industry has put together a sort of universal caller ID system called STIR/SHAKEN (Secure Telephony Identity Revisited / Secure Handling of Asserted information using toKENs), but has been slow to roll it out. Pai said late last year that if carriers didn’t put it in place by the end of 2019, the FCC would be forced to take regulatory action.

Why the Commission didn’t simply take regulatory action in the first place is a valid question, and one some Commissioners and others have asked. Be that as it may, the threat is there and seems to have spurred carriers to action. There have been tests, but as yet no carrier has rolled out a working anti-robocall system based on STIR/SHAKEN.

Pai has said regarding these systems that “we [i.e. the FCC] do not anticipate that there would be costs passed on to the consumer,” and it does seem unlikely that your carrier will opt you into a call-blocking scheme that costs you money. But never underestimate the underhandedness and avarice of a telecommunications company. I would not be surprised if new subscribers get this added as a line item or something; watch your bills carefully.

Powered by WPeMatico

FTC smacks down robocallers, but the penalties don’t match their heinous crimes

The fight against robocallers is just getting started, and the wheel of justice turns slowly, but the FTC just took down a handful of major operations responsible for billions of unwanted calls, some of them adding additional fraud to the mix. The money coming out of the cases is surprisingly small, however — but there’s a reason for that.

In an announcement yesterday, the FTC said it had taken down four operations: NetDotSolutions, which did all kinds of marketing with a custom mass dialing platform; Higher Goals Marketing, which promised fake debt relief; Pointbreak Media, which threatened to delist companies from Google unless they paid; Veterans of America, AKA Saving Our Soldiers, AKA Act of Valor, whose creator Travis Deloy Peterson deserves a special place in hell for scamming people trying to donate vehicles to vets.

Together they accounted for some two billion calls, which in the context of the five billion made every month may seem to be a drop in the bucket, but at this point even a slight reduction is welcome.

What is less heartening is the scale of the penalties. Although the cases resulted in judgments totaling some 24 million dollars, the actual amount the scammers will end up paying will end up closer to $3-4 million. One scammer whose judgments totaled more than $5 million will be suspended when he pays just $18,332 — and whatever comes from the sale of his shiny new Mercedes.

I talked with an FTC spokesperson about why this is the case. They explained that the judgment amount is essentially a ceiling defined by how much consumer harm was done, but most times the defendants have nowhere near that much available as money or assets. You can only get as much as they have, and sometimes that’s not a lot.

Especially in Florida, they went on, where the Homestead rule means that houses can’t be seized in these proceedings — meaning a robocall scammer based in the state could make 10 million bucks, drop it all on a house, and then declare they have no assets when the FTC or whoever comes knocking. This seems likely to be the case with Mr “I only have 18 grand and a 2017 Mercedes CLS” above, who is indeed a Floridian.

The FTC goes to great lengths to investigate and enumerate a defendant’s assets, but they can’t seize what isn’t there. In the case of a large company like Dish, a massive judgment like last year’s $180 million one may end up being paid in full — but individuals and small, fly-by-night businesses are considerably harder to pin down.

Even so, the agency collects quite a bit of cash to return to affected consumers, which should happen with the money here as well. You won’t see a dime just for getting annoyed by calls, though — you’d need to show that it was one of these companies and that they defrauded you, or attempted to.

More importantly, the people and companies in question are immediately shut down and the people involved forbidden from doing anything like this again. Consumer relief is the FTC’s goal, and if they chose to litigate, the case could be drawn out for years, all while the company and call network continues to operate or develops layers of insulation against the law.

You can read the full release and order documents at the FTC’s site — but be warned it may make you angry to hear about these slimeballs living the high life.

Powered by WPeMatico

FCC slaps robocaller with record $120M fine, but it’s like ’emptying the ocean with a teaspoon’

Whoever thought we would leave telemarketing behind in this brave new smartphone world of ours lacked imagination. Robocalls are a menace growing in volume and even a massive $120 million fine leveled against a prominent source of them by the FCC likely won’t stem the flood.

The fine was announced today during the FCC’s monthly open meeting: a Mr Adrian Abramovich was responsible for nearly 100 million robocalls over a three-month period, and will almost certainly be bankrupted by this record forfteiture.

“Our decision sends a loud and clear message,” said FCC Chairman Ajit Pai in a statement. “This FCC is an active cop on the beat and will throw the book at anyone who violates our spoofing and robocall rules and harms consumers.”

That sounds impressive until you hear that these calls took place in 2016, and meanwhile there were 3.4 billion robocalls made last month alone. Commissioner Jessica Rosenworcel applauds the fine, but questions the practicality of pursuing damages when actions need to be taken to prevent the crimes in the first place.

“Let’s be honest,” she wrote in a statement, “Going after a single bad actor is emptying the ocean with a teaspoon.”

She points out that a set of rules designed to prevent robocalls was overturned a couple months ago, and that 20 petitions to the FCC under those rules for legal exemptions and such have yet to be addressed. And a technology designed to prevent robocalls altogether, recommended in a report more than a year ago and currently set to be implemented in Canada in 2019, has no such date here in the States.

As someone who gets these robocalls all the time, I fully support both this fine and the more serious measures Rosenworcel suggests. And the faster the better, I literally got one while writing this story.

Powered by WPeMatico