Bipartisan House Lawmakers Announce Compromise Anti-Robocall Bill (thehill.com) 75
A bipartisan pair of House lawmakers on Thursday unveiled a compromise bill aimed at thwarting the scourge of robocalls dialing up U.S. consumers, about one month after the Senate adopted its own anti-robocall bill. From a report: House Energy and Commerce Committee Chairman Frank Pallone Jr. (D-N.J.) and ranking member Greg Walden (R-Ore.) on Thursday announced the legislation, which differs from the Senate's version on some points but seems to have significant overlap. Pallone and Walden's Stopping Bad Robocalls Act would require phone carriers to implement technology to authenticate whether calls are real or spam, and allow carriers to offer call-blocking services. The legislation specifies the carriers should make sure that legal calls, such as those from doctors offices or creditors, are not blocked, while opening the door for the government to broaden its definition of what constitutes a "robocall."
Or just stop phone number spoofing? (Score:5, Insightful)
A better solution would be to put an end to call spoofing, so incoming phone numbers can always be verified. Then, make it easier to sue spammers across state lines or out of country, and that $1,500 - $7,500 per call fine that consumers can sue for (and get the money from) will make robocalls and scams and fraudsters go away quite quickly...
Re: (Score:1)
A better solution would be to put an end to call spoofing, so incoming phone numbers can always be verified.
So you want businesses to have over 1000 different customer facing phone numbers when they have to call a customer back?
Re: (Score:2)
Any company of that size can do it's own infrastructure.
But lets say it's necessary for smaller companies, the phone companies can simply have registries for which phone numbers are allowed to be spoofed. Then any use of that spoofing service beyond their terms of use would result in termination of their contract and exposure of their call records to complainants so they can be sued.
Re:Or just stop phone number spoofing? (Score:5, Informative)
Exactly this. It's not like phone companies can't set up case-by-case exceptions for legitimate businesses. It's all computerized, so it would take little effort to have a X-to-Y allowed spoof list on outgoing calls.
The issue is the way it is right now: You can spoof your call as coming from ANY number, with no verification, limitations, or penalties. Limiting it to spoofing to a number that leads back to your own company would be a trivial verification step for a phone company to set up in comparison to the spam call blocking they're working on.
Re: (Score:3)
Please explain how the phone company bills them ...
Re:Or just stop phone number spoofing? (Score:5, Insightful)
Exactly this. It's not like phone companies can't set up case-by-case exceptions for legitimate businesses.
It doesn't even need to be case-by-case. If a company owns the originating number AND the displayed number, then the telecom (Verizon, AT&T, T-Mobile) can let it through. Otherwise, it should be illegal for the telecom to allow it.
The important thing is that the penalty for spoofed calls needs to be on the telecom company, not the originator, who is outside American jurisdiction. If the originator can't be 100% verified, then deny the spoofing.
Re:Or just stop phone number spoofing? (Score:4, Insightful)
I can't believe how bad the text spam/robocall situation is in the US. I mean, I'd read about it, but until a few days ago I'd both never had a US phone number and never had a robocall in my life. Then I activated a US SIM for travel, and within about fifteen minutes had text spam and several voicemails (which I've deleted without listening to them). Asked a US friend who said that she never answers phonecalls on her cellphone and has her SMS set to mute because it's so bad.
How do people live with this? It makes cellphones basically unusable.
Re: (Score:1)
Isn't that more of a PBX you are describing and not the call spoofing that robocallers use?
I think it would be more them calling you from a number that has the same area code and prefix as you - or from 000-000-0000 or some other obviously fake number is what OP meant.
Re: (Score:1)
Re:Or just stop phone number spoofing? (Score:5, Informative)
So you want businesses to have over 1000 different customer facing phone numbers when they have to call a customer back?
If they want to display 1000 different outgoing phone numbers, then they need to OWN THOSE NUMBERS.
If they want all their outgoing phones to display a single number, that is fine too, as long as they OWN THAT NUMBER, and it is a valid call-back number that leads to a human.
Overlaying calls onto numbers that belong to unsuspecting innocent people should not be allowed, and it is outrageous that this is currently legal.
Re: (Score:3)
Sorry, but no company is going to have 1000s of call back numbers that lead to a human.
Why not? Then can all lead to ONE human. If it takes more than one to deal with all the angry calls, then they have two choices:
1. Hire more people.
2. Stop spamming.
The staffing requirement alone would scare them all off.
Why is that a bad thing?
Further it would destroy call centers.
Only if they are in the business of making unsolicited robocalls.
Re: (Score:2)
Re: (Score:2)
A working solution is *off the table*
Really, right there in the headline: Compromise Anti-Robocall Bill
"Compromise" means what it always has meant, it's watered down...
Did anybody seriously have higher expectations of this congress? Wanna buy a fine authentic Romex watch?
Re: (Score:1)
change (Score:5, Interesting)
and allow carriers to offer call-blocking services
to this....
and require carriers to offer call-blocking services at no charge
Re: (Score:2)
Comment removed (Score:3)
Re: (Score:2)
Collectors? (Score:1)
OK. What many don't know is that Credit Bureaus do NOT use SSNs as a key. They use names.
I know, every fucking business demands your SSN, DOB, address and ever other piece of information they want. They are idiots. Especially medical practices. Watch out for them. MEDICAL practices are notorious for data leaks - I work for an insurer and well, posting as AC - for all the good it does me. ...baCK TO THE rant ...
Credit Bureaus are STUPID.
Now, when they SELL their lists to everyone, it's just a spreadsheet
As the Velveteen Rabbit once asked... (Score:2, Informative)
What is real?
But seriously -- ANI spoofing happens routinely in perfectly legitimate contexts, which (combined with the open nature of the legacy phone system) is part of what makes this a particularly tough nut to crack. It will be interesting to see the actual legislation to see how and where they try to strike the line between naughty and nice.
Re: (Score:2)
"ANI spoofing happens routinely in perfectly legitimate contexts,"
People don't understand this. They hear the word "spoofing" and their little minds break down and they start frothing out the mouth.
I think the problem here is one of badly chosen terminology. I would argue that ANI spoofing, by definition, means using a caller ID that is not under your control, which is by definition illegitimate.
All transmission of ANI data should either be done by the phone company or should be validated by the phone company that owns the line. There are exactly zero valid reasons for anyone who is not a telephone or VoIP company to send out ANI data using numbers that do not belong to either that entity or some ot
Re:As the Velveteen Rabbit once asked... (Score:5, Insightful)
ANI spoofing happens routinely in perfectly legitimate contexts
Please list a legitimate reason for a company to spoof a number that they do not own and do not have permission to use.
this a particularly tough nut to crack.
Yet many countries have banned the practice, and the world didn't end.
Even India bans anonymous spoofing for domestic calls.
Re: (Score:2)
"Please list a legitimate reason for a company to spoof a number that they do not own and do not have permission to use."
Did you read what you typed? Of course spoofing a number they do not own and do not have permission to use is not legit. But it is legit if "permission" has been granted though, even if they do not own the number and there are multiple reasons to allow this. 3rd party contracts to make calls for starters.
"Even India bans anonymous spoofing for domestic calls."
"anonymous spoofing" that
Re: (Score:2)
Please list a legitimate reason for a company to spoof a number that they do not own and do not have permission to use.
Who said there was? The issue is breaking the legacy system to put a mechanism in place so that companies that need to continue to spoof caller ID can prove ownership/permission. Maybe these days we're closer to a point where we can do that, but it's not a trivial decision.
Even India bans anonymous spoofing for domestic calls.
Clearly. [spoofhaus.com]
Re: (Score:2)
The issue is breaking the legacy system to put a mechanism in place so that companies that need to continue to spoof caller ID can prove ownership/permission. Maybe these days we're closer to a point where we can do that, but it's not a trivial decision.
That is not society's problem... Adapt to new regulations or go out of business.
Re: (Score:2)
I question how hard it *really* is. The telecom industry managed to adapt to number porting pretty easily, and that must have been a bit of a challenge.
Prior that, vast linear blocks of phone numbers had been assigned to specific carriers. If you were ATT and you had a customer wanting to terminate a call to a Verizon number, the routing table was tiny because 512-8xx-xxxx had already been assigned to Verizon.
Once you get number portability, that routing data is worthless. It's updated hourly, which mean
Re: (Score:1)
Please list a legitimate reason for a company to spoof a number that they do not own and do not have permission to use.
When a call comes into my PBX and the PBX needs to ring both a desk phone and cell phone to find the person, the number sent to the cell phone carrier has the source number set as the source phone number of the original call, not the directory number of my PBX. While I don't consider this "spoofing," it is an example of a legitimate use case where I am sending to my VOIP carrier a source DN which I don't own. This use case is technically indistinguishable from a spoofed call. If I don't do it this way cellp
Arrrrg (Score:2)
>"The legislation specifies the carriers should make sure that legal calls, such as those from doctors offices or creditors, are not blocked"
Then what is the point? NO opt-out or no-opt robocalls should be legal. NO random or serial-number calls ever should be legal. And that includes from the government, political parties, non-profits, polls, or so-called "emergency service announcements" (like my stupid locality does now without my permission and with NO OPT OUT).
>"while opening the door for the
Re: (Score:2)
Any call placed by and greeted by a computer and not a human is a robocall.
I get a robocall every time I have a doctor or dentist appointment. I also get robocalls from the city whenever there might be a problem with the water (broken main, etc). I even got a legit call that my credit card had some suspicious activity. Do you really have a problem with those?
Re: (Score:2)
>"I get a robocall every time I have a doctor or dentist appointment. I also get robocalls from the city whenever there might be a problem with the water (broken main, etc). I even got a legit call that my credit card had some suspicious activity. Do you really have a problem with those?"
Not if I opted into them. If I didn't opt into them, then yes, I have a problem with them. The part of the post you were replying to where was I was defining "robocall." Has nothing to do with if you like them or not,
Re: (Score:2)
That is pretty easy. Any call placed by and greeted by a computer and not a human is a robocall.
That would be a stupid and pointless law.
There are legitimate reasons for robocalls.
The illegitimate robocalls originate from outside America, where they would ignore the law.
We don't need more laws on what callers can and can't do. What we need are more laws on what the telecom companies can do. They are the enablers and facilitators.
Re: (Score:2)
>>"Any call placed by and greeted by a computer and not a human is a robocall."
>"That would be a stupid and pointless law."
Agreed. But that is what a "robocall" is. That was the point of what I said- the issue isn't "robocalls" it is lack of consent and accountability.
>"We don't need more laws on what callers can and can't do. What we need are more laws on what the telecom companies can do. They are the enablers and facilitators."
I am certainly in favor of forcing the telecoms to take some mea
Re: (Score:2)
They don't have to follow the law. The problem is not the lack of the U.S. government's inability to regulate foreign phone companies, but rather with their unwillingness to demand that U.S. phone companies require a certain level of standards compliance from any company that sends calls across American telephone networks.
The solution, then, is to pass a law that requires any U.S. phone company to provide a way for c
Re: (Score:3)
I always do this, because with any such incoming call, I have no way to immediately detect that it is not a phishing attempt. In general, I won't even listen to the whole message... I will just hang up and call my bank right away.
Spoofing is not the problem. (Score:4)
Spoofing is a bit of misnomer here. The spoofing that is going on is not the problem in and of itself. It is the fact that telco's allow this spoofing to happen anonymously.
I am okay with businesses being able to spoof their numbers so they can funnel all outbound calls on specific numbers for efficiency. The problem is that when "Butt Fucking Nagg ASS Salesman" calls me I want that fuckers ID popping up with that spoofed number. As long as that spoofed number is traced right back to the bullshit entity that called me, we are good. Because if "Butt Fucking Nagg ASS Salesman" keeps calling me after I told them to pound sand it will be easy to press charges or sue the "Butt Fucking Nagg ASS Salesman" that keeps fucking calling me or robo-calling me.
It's the corporate sanctioned anonymity of these phone numbers that is the problem, not "particularly" the spoofing itself.
I'm from the government! I'm here to help (Score:2, Insightful)
They've exempted it into not usefulness (Score:2)
Creditors, real and imagined (those knowingly trying to collect invalid debts) are among the biggest violators of existing law. There's absolutely no good reason they should be exempt other than their industry lining the pockets of politicians.
Re: (Score:2)
Charge-back, Another Solution (Score:3)
If it doesn't work right away, the amount may be increased over time, and/or the phone company gets a smaller percentage.
Anyone see any downsides?
add permission to flay perpetrators to the bill (Score:1)
Put political campaigns on the Do Not Call list. (Score:2)