Investigating Robocalls

Researchers in the computer science department at NC State undertook a study to investigate robocalls. The study is the first step in a broader effort to find tools to reduce robocalls. The premise for the study is that we can’t easily fix the robocalling problem without first understanding how robocallers work. The first findings of the team were published in August in a paper, Who’s Calling. Characterizing Robocalls through Audio and Metadata Analysis.

In order to study masses of robocalls, the researches worked with Bandwidth, Inc. to set up 66,606 telephone numbers. They monitored these lines for eleven months ending early in 2020. During that time, they received almost 1.5 million unsolicited calls.

The team’s next goal is to be able to identify the source of robocalls so that some of the bigger offenders can be shut down. The team says they have made progress towards that end and will be publishing more results as they reach conclusions. Ultimately, the team wants to develop tools to help combat robocalling.

The first round of research did reveal some facts about robocalling that contradicts commonly held beliefs about robocalling.

First, they found that the volumes of robocalls received were nearly identical month to month and were not increasing as the public believes – at least during the eleven-month period.

The team answered and recorded incoming calls and made an unexpected finding that 62% of robocalls included practically no audio. I’ve received many calls over the years that had silence at the other end and always wondered why such calls were made. It’s a mystery why somebody is taking the trouble of making huge volumes of calls that are delivering no message. Perhaps it’s from faulty audio technology at the robocaller’s end, but the percentage of empty calls is surprising.

The only other explanation I can think of is that somebody is somehow profiting from the call volumes of empty calls and that the calls are generated to pump telecom settlements. But the amount of compensation between carriers for calls has been so greatly reduced or eliminated that it’s hard to picture somebody making much money from even huge volumes of short calls.

They also found phones that answer robocalls did not see an increased volume of robocalls. The popular wisdom is that people shouldn’t answer calls from numbers they don’t recognize because that leads to even more robocalls. The team found that phones that always answer robocalls didn’t receive any more calls than phones that never answer.

The team did witness the event they labeled as a call storm. A few of their phones received huge volumes of calls for a day or two. They figure that a robocaller had mimicked the caller ID from one of these numbers and that the huge volume of calls came from people calling back to ask who had called them.

Finally, the most promising research is the ability to identify robocaller campaigns. These are events when a given robocaller is making a lot of calls in a short period of time. During the research, they identified 2,687 specific robocalling campaigns where the same robocaller was calling multiple numbers in the pool. The researchers believe that it is these campaigns that account for a large percentage of the robocalls being made. Their next research direction is looking for ways to identify a robocaller campaign early so that carriers can shut it down.

I was hoping that the research might explain why I get one robocall every month from the 202 area code. The recording is in Chinese and the best I can tell it comes from a telecom company. I’ve always figured this was Huawei telling me that they are no threat and that there is no 5G race.

Robocalls and Small Carriers

In July, NTCA filed comments in the FCC docket that is looking at an industry-wide solution to fight against robocalls. The comments outline some major concerns about the ability of small carriers to participate in the process.

The industry solution to stop robocalls, which I have blogged about before, is being referred to as SHAKEN/STIR. This new technology will create an encrypted token that verifies that a given call really originated with the phone number listed in the caller ID. Robocalls can’t get this verification token. Today, robocallers spoof telephone numbers, meaning that they insert a calling number into the caller ID that is not real. These bad actors can make a call look like it’s coming from any number – even your own!

On phones with visual caller ID, like cellphones, a small token will appear to verify that the calling party is really from the number shown. Once the technology has been in place for a while, people will learn to ignore calls that don’t come with the token. If the industry does this right, it will become easier to spot robocalls, and I imagine a lot of people will use apps that will automaticlly block calls without a token.

NTCA is concerned that small carriers will be shut out of this system, causing huge harm to them and their customers. Several network prerequisites must be in place to handle the SHAKEN/STIR token process. First, the originating telephone switch must be digital. Most, but not all small carriers now use digital switches. Any telco or CLEC using any older non-digital switch will be shut out of the process, and to participate they’d have to buy a new digital switch. After the many-year decline in telephone customers, such a purchase might be hard to cost-justify. I’m picturing that this might also be a problem for older PBXs – the switches operated by private businesses. The world is full of large legacy PBXs operated by universities, cities, hospitals and large businesses.

Second, the SHAKEN/STIR solution is likely to require an expensive software upgrade for the carriers using digital switches. Again, due to the shrinking demand for selling voice, many small carriers are going to have a hard time justifying the cost of a software upgrade. Anybody using an off-brand digital switch (several switch vendors folded over the last decade) might not have a workable software solution.

The third requirement to participate in SHAKEN/STIR is that the entire path connecting a switch to the public switched telephone network (PSTN) must be end-to-end digital. This is a huge problem and most small telcos, CLECs, cable companies, and other carriers connect to the PSTN using the older TDM technology (based upon multiples of T1s).

You might recall a decade ago there was a big stir about what the FCC termed a ‘digital transition’. The FCC at the time wanted to migrate the whole PSTN to a digital platform largely based upon SIP trunking. While there was a huge industry effort at the time to figure out how to implement the transition, the effort quietly died and the PSTN is still largely based on TDM technology.

I have clients who have asked for digital trunking (the connection between networks) for years, but almost none of them have succeeded. The large telcos like AT&T, Verizon, and CenturyLink don’t want to spend the money at their end to put in new technology for this purpose. A request to go all-digital is either a flatly refused, or else a small carrier is told that they must pay to transport their network traffic to some distance major switching point in places like Chicago or Denver – an expensive proposition.

What happens to a company that doesn’t participate in SHAKEN/STIR? It won’t be pretty because all of the calls originating from such a carrier won’t get a token verifying that the calls are legitimate. This could be devastating to rural America. Once SHAKEN/STIR is in place for a while a lot of people will refuse to accept unverified calls – and that means calls coming from small carriers won’t be answered. This will also affect a lot of cellular calls because in rural America those calls often originate behind TDM trunking.

We already have a problem with rural call completion, meaning that there are often problems trying to place calls to rural places. If small carriers can’t participate in SHAKEN/STIR, after a time their callers will have real problems placing calls because a lot of the world won’t accept calls that are not verified with a token.

The big telcos have assured the FCC that this can be made to work. It’s my understanding that the big telcos have mistakenly told the FCC that the PSTN in the country is mostly all-digital. I can understand why the big telcos might do this because they are under tremendous pressure from the FCC and Congress to tackle the robocall issue. These big companies are only looking out for themselves and not the rest of the industry.

I already had my doubts about the SHAKEN/STIR solution because my guess is that bad actors will find a way to fake the tokens. One has to only look back at the decades-old battles against spam email and against hackers to understand that it’s going to require a back-and-forth battle for a long time to solve robocalling – the first stab of SHAKEN/STIR is not going to fix the problem. The process is even more unlikely to work if it doesn’t function for large parts of the country and for whole rural communities. The FCC needs to listen to NTCA and other rural voices and not create another disaster for rural America.

The End of Robocalls?

The FCC took action recently to block certain kinds of robocalls. These are the automated calls we are all familiar with where you hear a recording when you pick up the phone. The FCC estimates that there are over 2.4 billion robocalls per month. If you read the news articles that came out after the FCC order you would assume that this order means the end of all robocalls – but it doesn’t.

The FCC action is intended to eliminate robocalls that come from spoofed sources. Spoofing is when the caller hides their phone number or changes the originating number for caller ID. Callers have numerous reasons to spoof calls. Some spoofers are scammers and use robocalls to initiate fraud. For example, the IRS says that over $26 M in fraud is done each year from robocalls posing as tax collection calls. Other callers use spoofing to avoid the Do-Not-Call rules which is supposed to prevent solicitation calls to people who have elected to not receive them. If the number that shows up on caller ID is wrong, then there is no way for the FCC to catch or fine a caller from violating those calling rules.

The FCC accepted a proposal from a ‘strike force’ of large companies like AT&T, Google, Apple and Comcast to tackle the issue. Some spoofed calls will be relatively easy to block, like when spoofers use numbers that can’t be real such as 000-000-0000. But spoofers also use disconnected or unused numbers and these will be more challenging to find. A spoofer could use a legitimate number for a short time and abandon it before being blocked. Spoofing is similar to computer hacking in that it’s a game of cat and mouse – and you’d expect spoofers to figure ways around any schemes to catch them. It will be interesting to see how effective the strike force is at blocking spoofed calls.

But it’s important to remember that a lot of robocalls are legitimate and will continue. First, anybody is allowed to make a legitimate robocall to people who are not on the Do-Not-Call list. But even if you are on that list, all sorts of entities are allowed to call you. For example, any merchant like a bank, credit card, insurance company, cell phone provider, etc. is allowed to call their own customers. Government are allowed to call citizens and that means that political robocalls are legitimate as well as calls from other parts of the government. Certainly nobody is against localities that send out robocalls to warn of tornados, flooding or hurricane evacuations.

And some robocalls are useful. For example, the high school where our daughter goes calls once a week to tell us about things going on at the school. For the most part these are things that you would never hear about from your child.

There is no doubt that robocalls are a huge issue. The FCC says they are by far the number one type of complaint they get. I haven’t had a landline in twenty years, but the last time I spent a few days at my mother-in-law’s house, who still has a landline, I was amazed at the number of solicitation calls she got per day – both robocalls and from live callers. She’s on the Do-Not-Call list and still gets 5 – 10 calls per day.

I think a lot of people will be surprised to find that the FCC’s action won’t stop legitimate robocalls – and that has to be a huge percentage of the calls made. Your bank and other vendors that call you are doing so legitimately and do not try to hide who they are when they call. And I think that when that sinks in that the public they will be disappointed. That fault lies with the many misleading news articles declaring the end of robocalling. The FCC was clear in its own declaration that this was an action taken to try to eliminate scam calls. But if history has taught us anything it is that scammers will always find a way to do what they do. This order may slow scammers down, but they will find other ways to scam people – including figuring out how to still call using robocalls. I hope the strike force can find a way to stop this, but my guess is they will just slow it down, at best.

The FCC’s Plate is Full

FCC_New_LogoI don’t think I can remember a time when the FCC had more major open dockets that could impact small carriers. Let’s look at some of the things that are still hanging open:

Net Neutrality. This is the granddaddy of all FCC dockets, if for no other reason than the number of responses filed in the docket. The network neutrality docket asks the basic question if there is any legal mechanism that the FCC can use to ensure that the Internet remains open. The public debate on the issue has concentrated on discussion of whether there should be Internet fast lanes, meaning that some companies could buy priority access to customers. Of course, the flip side of that question is if most of the Internet can be made slower in favor of a handful of large companies willing to pay a premium price to ISPs to be faster.

The issue has become political and there are polarized positions on opposite sides of the topic. The large players in the industry have also lined up in predictable ways with the giant cable companies and telcos against any form of regulation on broadband and almost everybody else on the opposite side of the fence.

Municipal Broadband. Petitions filed by Chattanooga TN and Wilson NC prompted the FCC to investigate if they should overturn the various state restrictions against broadband. There are roughly twenty states that have some sort of restriction against municipalities either entering the business or for operating as a retail provider of services. In some state there is an outright ban against any form of municipal broadband competition. In others, municipalities can build networks but can only provide wholesale access to the networks.

This issue is a classic case of pitting states’ rights against the ability of the a federal agency to preempt them. The FCC has overturned numerous state laws in the past and certainly has that ability in terms of telecom law. But in most past cases the FCC overturned rules established by state commissions and here they would be overturning laws created by state legislatures. There are a number of states that say they will sue over the issue as well as some members of congress that are vehemently against overturning state laws.

IP Transition. The IP transition can have huge repercussions on LECs and CLECs. At issue is the replacement of the traditional TDM network with an all-IP network. From a technical perspective this transition if very straightforward and the carrier world is already in the process of implementing IP connections in the voice network.

But there is a long list of carrier compensation issues that are tied deeply to TDM network rules that must be dealt with. For example, one the primary principles that help to make CLECs competitive is that they can choose to meet incumbent networks at any technically feasible point of their choice. The RBOCs view the IP transition as a way to change this balance and they want CLECs to pay to bring all voice traffic to them.

And rural consumers have a huge stake in this docket since the large telcos see this as an opportunity to ditch customers on rural copper. AT&T, for example, has made it clear that they would like to cut the copper to millions of rural customers.

Mergers. The FCC is processing two large merges between Comcast and Time Warner and between AT&T and DirecTV. The Comcast merger is the one with the most practical market consequences since it merges the two largest incumbent cable companies. The cable industry already suffers from the lowest customer satisfaction among all industries and the two companies are near the bottom of the pack in the industry.

So customers are worried that the merger will lead to even worse service. And competitors worry that the mega-company that would result from these two mergers will have too much market power. The FCC Chairman Tom Wheeler has publically expressed some concern about this merger being good for the industry, so it doesn’t sound like a slam dunk.

Internet TV. The FCC is looking at whether it should regulate Internet TV. For example, should a channel line-up broadcast over the Internet have to follow the same rules as a broadcast over a cable network? This ruling is going to have a huge influence over how small companies deliver cable TV.

Everything Else. In addition to these big issues the FCC has a lot of other open dockets. Some of them are relatively small, such as the docket that looks at whether the FCC should regulate robocalls. But some cover large issues, such as the docket that is examining how the FCC sells wireless spectrum.

Can Telcos Block Robocalls?

Robot phonesThe FCC has opened an inquiry to ask about the legality of blocking robocalls. We just finished a time where we were peppered with robocalls from political candidates. Robocalls are also those telemarketing calls where you answer and then there is a pause before a telemarketer comes on-line.

The FCC has allowed other kinds of call blocking in the past:

  • The FCC has allowed call blocking for years when a customer wants to block a specific telephone number. This has been sold in two ways in the past. One is selective call blocking, or *60 which allows customers to block specific numbers. The other is selective call acceptance, or *64 which allows customers to only accept calls from a defined list of numbers and block everything else.
  • In 1996 the FCC ruled that carriers could block fraudulent international calls to business customers. If you recall, third party or collect calls were routinely being made to businesses from African countries and then billed at exorbitant rates.
  • In 2004 the FCC rules that TRS services (the service that provides calling for deaf and hard-of-hearing customers) could provide anonymous call rejection as long as the ultimate end user had subscribed to this service.

But other than these examples the FCC has generally held that carriers can’t block calls. The general principle has been that carriers are obligated to try their best to complete calls. You may recall a few years ago when a number of carriers blocked calls that went to rural exchanges that had very high access charge rates. The FCC ruled that such blocking was unlawful. They have always ruled that customer must be protected over carriers.

The primary question being asked is if customers can block a certain type of call rather than blocking calls one number at a time. The FCC is further worried that a technology that blocks calls in this manner will not be perfect and that it will block some calls that should go through while also failing to block calls that are supposed to be blocked.

This proceeding was initiated by a letter signed by the Attorney Generals of 39 states. The states are in favor of blocking robocalls since they field a lot of complaints about the practice. It is supposed to be illegal to place a robocall to cellphones, but I probably still receive a dozen of them per year. But my mother-in-law said she was getting numerous robocalls per day during the recent election season on her landline. There certainly comes a point where the sheer volume of such calls are a nuisance.

To some degree the FCC has to reconcile two different legal obligations under exiting telecom law. First, the Telecom Act of as amended creates a requirement that carriers must complete calls. But the FCC also has a mandate from the Telephone Protection Act to protect consumers from unwanted calls.

The FCC asks an interesting question and asks if the technology can somehow tell the difference between telemarketing calls and emergency calls. For example, I know of several cities along the Gulf of Mexico that use robocalls as one of their methods to notify people of a hurricane evacuation.

The question is of some importance for several reasons. Certainly getting this request from the numerous Attorney Generals forces the FCC to look at the request. But it has also come to the FCC’s attention that there are several products in the market that are already offering this service and this also forces them to determine if these services are legal.

This proceeding ought to be of interest to anybody who offers voice, because these rules would apply both the landlines and VoIP lines. One would think that if the FCC allows robocall blocking that customers everywhere will be demanding it, and so carriers will all be looking to gain the technology.