At its March 16, 2023 Open Meeting, the Federal Communications Commission (FCC or Commission) adopted a Sixth Report and Order and Further Notice of Proposed Rulemaking (Order and FNPRM, respectively), which adds anti-robocall regulatory obligations for all voice service providers, including intermediate providers and providers that have fully deployed the STIR/SHAKEN call authentication standard.
Specifically, the Order amends the FCC’s rules to require non-gateway intermediate providers that receive unauthenticated Session Initiation Protocol calls directly from an originating provider to authenticate the call. The Order also expands mitigation obligations to require all non-gateway intermediate providers and voice service providers that have fully implemented STIR/SHAKEN to meet the “reasonable steps” general mitigation standard that is currently applied to gateway providers and voice service providers that have not fully implemented STIR/SHAKEN under the FCC’s rules. Further, the Order builds on Robocall Mitigation Database (RMD) filing obligations, requiring that all providers file a robocall mitigation plan and a certification in the RMD, regardless of whether they are required to implement STIR/SHAKEN. Lastly, the Order strengthens the FCC’s robocall enforcement framework by adopting per-call forfeiture penalties and expedited procedures for removal of certain RMD certifications.
The FNPRM seeks comment on two specific issues pertaining to the STIR/SHAKEN authentication framework: (1) the use of third-party solutions to authenticate caller ID information; and (2) and whether to eliminate the STIR/SHAKEN implementation extension for providers that cannot obtain a service provider code token.
Once the final item is released, Wiley will provide a more detailed summary.
[View source.]