The FCC has voted today in favor of a measure that requires phone providers to adopt anti-robocalling tech under the STIR/SHAKEN protocol. Previously the agency's chairman Ajit Pai had pleaded with phone providers to implement the technology but it wasn't mandated. With today's vote they must get it done by June 2021.
What's STIR/SHAKEN? — In the simplest terms, STIR/SHAKEN works to combat spoofed calls by issuing a digital certificate to every call before it's routed to the recipient. Spam callers often trick people into answering their calls by masking the phone number to appear as if the call is coming from a local number — when you see a phone call coming from someone in your area, it's easy to assume it's someone you might know, or a local business trying to follow up, for instance.
Now phone providers will have to reveal if a number is real or not, and if it fails to be authenticated where it's actually coming from, they must block the nefarious source from reaching customers.
As part of the TRACED Act that passed last year with bipartisan support, the FCC and the Justice Department were empowered to go after bad actors who use robocalls to scam Americans. In 2019 alone, more than 49 billion robocalls were made in the United States, often preying on demographics susceptible to falling for scams, particularly the elderly. The Justice Department has already been actively using this new mandate, suing two VoIP phone providers in January for allegedly offering services designed for spam calling. The bill also gave the FCC 18 months to mandate STIR/SHAKEN protocols for phone providers to implement, which is what we're seeing today.
Perfect is the enemy of good — Even with the new requirements, robocalls are unlikely to be eliminated completely. Phone providers will need to integrate their authentication systems with each other to ensure all spam calls are caught, for instance. If a call is sent over AT&T's network to a T-Mobile phone, that T-Mobile phone can't necessarily go back up the chain and verify the origin of the call. So your phone could still ring with an unauthenticated call and you won't know whether or not it's spam. The FCC's mandate does not require authentication systems to be integrated by 2021, only that every provider has their own authentication system in place.
Still, it's a good step towards alleviating the problem. Spam callers aren't just annoying, they can also be ruinous. The Justice Department has said that seniors lose more than $3 billion annually due to financial exploitation. The most common scam is impersonating the IRS to tell people they owe money that they actually don't, and then taking payment over the phone. It bears repeating but: the IRS will never take payment over the phone, people!