FCC Adopts Sixth Report and Order Expanding Robocall Obligations for Broad Universe of Providers
At its March 16, 2023 Open Meeting, the Federal Communications Commission (FCC or Commission) adopted a Sixth Report and Order and Further Notice of Proposed Rulemaking (Order and FNPRM, respectively), which adds anti-robocall regulatory obligations for all voice service providers, including intermediate providers and providers that have fully deployed the STIR/SHAKEN call authentication standard.
Specifically, the Order amends the FCC’s rules to require non-gateway intermediate providers that receive unauthenticated Session Initiation Protocol calls directly from an originating provider to authenticate the call. The Order also expands mitigation obligations to require all non-gateway intermediate providers and voice service providers that have fully implemented STIR/SHAKEN to meet the “reasonable steps” general mitigation standard that is currently applied to gateway providers and voice service providers that have not fully implemented STIR/SHAKEN under the FCC’s rules. Further, the Order builds on Robocall Mitigation Database (RMD) filing obligations, requiring that all providers file a robocall mitigation plan and a certification in the RMD, regardless of whether they are required to implement STIR/SHAKEN. Lastly, the Order strengthens the FCC’s robocall enforcement framework by adopting per-call forfeiture penalties and expedited procedures for removal of certain RMD certifications.
The FNPRM seeks comment on two specific issues pertaining to the STIR/SHAKEN authentication framework: (1) the use of third-party solutions to authenticate caller ID information; and (2) and whether to eliminate the STIR/SHAKEN implementation extension for providers that cannot obtain a service provider code token.
Once the final item is released, Wiley will provide a more detailed summary.
We have a deep and experienced robocalling bench, and our experts handle federal and state policy issues, compliance with federal and state requirements, and complex TCPA issues. For more information about the gateway provider obligations, please contact one of the authors listed on this alert.