Compromise robocall legislation, called the Pallone-Thune TRACED Act (“Act”), is likely to be enacted soon. The Act enhances the Federal Communications Commission’s (“FCC”) enforcement powers, mandates adoption of the SHAKEN/STIR call authentication framework in the absence of voluntary implementation or hardship, and provides for the establishment of safe harbors for blocking calls, among numerous other provisions.

The Act will make for a busy time at the FCC. It directs the agency to initiate nearly a dozen rulemakings or proceedings over the next year along with a host of reports and studies. The Act does not, however, include provisions from the House Stopping Bad Robocalls Act that would have directed the FCC to conduct a rulemaking on the definition of an automatic telephone dialing system or defined the term “called party” as the current subscriber. Key provisions are summarized below.

Enhanced Enforcement Authority

The Act enhances the ability of the FCC to impose fines on persons that violate the TCPA, including the use of illegally spoofed numbers. The new legislation enhances the FCC’s existing authority in three ways: (1) it eliminates the need for the FCC to issue a citation before initiating forfeiture proceedings against entities over which it otherwise has no jurisdiction; (2) it adds an additional penalty of $10,000 for intentional violations; and (3) establishes a four-year statute of limitations for intentional violations. The Act also increases from two to four years the statute of limitations for violations of the Truth in Caller ID Act. The FCC has 270 days to adopt regulations implementing these changes.

Implementation of STIR/SHAKEN

In the absence of voluntary implementation, the Act directs the FCC, within 18 months, to require all IP-based voice service providers to implement STIR/SHAKEN, and it requires non-IP voice providers to “take reasonable measures” to implement “an effective authentication framework” (not necessarily STIR/SHAKEN). The FCC, however, need not mandate implementation by a VoIP provider if that provider, within 12 months, has (i) adopted and begun to implement STIR/SHAKEN in its IP network, (ii) voluntarily agreed to participate with other voice providers, and (iii) will be capable of fully implementing the framework within 18 months.

Although the same 12- and 18-month deadlines are set for traditional providers that use TDM technology, the Act directs the FCC to delay those deadlines until a call authentication framework for TDM service has been established and is reasonably available. In the meantime, TDM providers must implement a “robocall mitigation program to prevent unlawful robocalls” from originating on the provider’s network. The FCC must also identify alternative authentication mechanisms for small or rural providers while the deadline is being delayed.

The Act bars providers from adding line item charges to consumers or small businesses to recoup the costs of implementation.

Safe Harbor and Call Blocking

The Act requires the FCC to issue rules within one year establishing when voice providers may block a call, without charge to the consumer, based in whole or in part on STIR/SHAKEN information. It also requires the FCC to provide a safe harbor from liability for “unintended or inadvertent blocking or misidentification of the level of trust for individual calls.” By level of trust, the act presumably refers to one of the three levels of attestation contemplated under STIR/SHAKEN. The rules must also establish a process to permit a calling party whose calls are blocked or mislabeled to verify the authenticity of its calls and to prevent blocking calls from providers whose implementation deadline has been delayed by the FCC. The FCC must also ensure that robocall blocking services provided on an opt-out or opt-in basis include effective and transparent redress options for consumers and callers. Call blockers cannot impose charges for invoking the redress mechanism to reverse erroneously blocked calls.

Revisiting TCPA Exemptions

The FCC has carved out various exemptions from the TCPA’s calling restrictions, such as certain health-related calls or time-sensitive financial alerts. The Act requires the FCC, within one year, to revisit those exemptions to ensure that they contain requirements related to the classes of callers or called parties making or receiving the exempt calls and limitations on the number of exempt calls made to a called party. These considerations also apply to any new exemptions the FCC may adopt.

Potential New Obligations for VoIP Providers

The FCC must decide whether VoIP providers should provide contact information to the FCC and to retain call records sufficient to trace the call back to the source of the call. The FCC must report to Congress within 18 months on the result of this study. This provision applies to VoIP services that enable calls to and from the public switched telephone network (interconnected VoIP providers) and those that enable outgoing calls to the PSTN.

Access to Telephone Numbers

The Act directs the FCC to reexamine access to toll-free and non-toll-free numbers, including setting registration and compliance obligations and “know your customer” rules for voice providers given access to numbers. If the FCC must issue rules if it finds that such actions could help reduce TCPA violations. The Act also establishes specific authority to levy fines for violations of such rules by any person that “is a party to obtaining number resources.”

Trace Back Consortium

The Act requires the FCC to establish a single consortium to conduct private-led trace back efforts. The consortium will maintain a set of best practices regarding voice providers’ participation in such efforts. The FCC has 90 days to issue rules establishing a process for setting up the consortium. The FCC is authorized to publish a list of, and to take enforcement action against, voice service providers that fail to cooperate with trace back efforts.

Rulemakings, Reports and Studies

In addition to the foregoing, the Act directs the FCC, sometimes in conjunction with other federal agencies, to conduct a number of rulemakings or studies or to issue various reports. The FCC must:

  • Annually report to Congress on FCC and FTC on TCPA enforcement efforts, including number and types of complaints, number of enforcement actions, amount of fines imposed and collected, proposals for reducing illegal calls, and an analysis of the contribution by VoIP providers that “discount high-volume, unlawful, short duration calls” to the total number of illegal calls.
  • Within one year, start a rulemaking proceeding to help protect subscribers from receiving “unwanted calls or text messages from a caller using an unauthenticated number.”
  • Within one year, report on the status of the reassigned number database, including review of a safe harbor for persons that check the database before calling and receive inaccurate information.
  • Must consult with the Attorney General to establish an interagency working group to study and report to Congress on ways to better coordinate among federal agencies and with states or foreign governments, and to assess further regulation of potential violators.
  • Within 18 months, issue regulations to establish a streamlined process for consumers to voluntarily share information with the agency regarding calls or texts made in violation of the TCPA or that used misleading or inaccurate caller identification information.
  • Annually issue a report on private-led trace-back efforts.
  • Annually report on TCPA violation referrals to the Attorney General.
  • Within 120 days, begin a proceeding to protect consumers from “one ring scams,” in which callers ring once then hang up, hoping the consumer will call back and incur charges.
  • Within 180 days, establish an advisory committee of interested stakeholders to develop best practices to combat robocalls to hospitals.

The Act affords numerous opportunities for stakeholders to engage with the FCC and other policymakers on the contours of robocall rules and requirements.