As we’ve previously discussed the FCC is allowing service providers with fewer than 100K subscribers to file for a 2-year extension to the deadline to implement STIR/SHAKEN in their networks – but ONLY if they implement robocall mitigation measures in their network (and tell the FCC what these are).
(If you’re brand new to STIR/SHAKEN, I recommend you watch this short video to get up to speed.)
We’re still waiting for specific instructions from the FCC, but in this article I’d like to share a few ideas for how you could put together a robocall mitigation program with no additional software. I should stress at this point that I am not a lawyer, and that everyone’s situation will be different – but hopefully this gives you some ideas as you put together your plan.
Robocall Mitigation means what now?
Robocall mitigation is all about preventing illegal robocalls from originating in your network – i.e. you don’t want to be the source of the robocalls.
The FCC hasn’t said explicitly how you should do this, but if you are (say) a small ILEC with a mix of residential and small business customers, you have some advantages as you think about this program.
- Residential lines will generally only be able to place one call at a time, and will only be able to place calls originating from their own phone number (since the number is usually supplied by your switch, not the access equipment). If this is the case, and you have systems in place to ensure it remains true, then you can easily make the case that no robocalls are going to originate from your residential subscribers.
- Some business lines will have similar limits. You may have configured your switch to only accept calls from DNs they own (using the Calling number / connected line ID screening field on a Metaswitch PBX Line) and you may well have configured capacity limits. If you can verify this, and have systems in place to enforce it in the future, then you can demonstrate to the FCC that all businesses will be making calls using their own DNs and no business on your switch is configured to allow more than (e.g.) 24 concurrent calls.
For some service providers, that’s the end of the story. Your subscribers can only make calls from their own numbers, and no-one is permitted to make a large volume of simultaneous calls. As long as that’s true, and you can show that it will remain true, then that sounds like a pretty good basis for your robocall mitigation to me. [Again, I’m not a lawyer or a regulatory expert.]
It may be prudent to analyze your Shadow Configuration Database to validate that all your subscribers and PBXs are configured the right away – and you could even include a regular verification procedure as part of the process you share with the FCC.
What if that doesn’t work for us?
Of course, there are situations that are less simple. Sometimes a business will have multiple PBXs and they want to be able to route calls via either connection. In this case you’ll usually have to accept whatever calling number the business provides. And suddenly, you can no longer guarantee all the calling numbers that you’re sending.
There may still be ways around this (e.g. caller ID screening in translations or something), but if this situation is common then maybe it’s best to implement a robocall mitigation tool in software.
Learn more about Robocall Mitigation
If you want a more in-depth look at this topic, there seem to be a lot of webinars going on at the moment.
- Metaswitch have a webinar for their customers scheduled for Thursday January 28 (if you’re on their email list you should have received an invitation)
- The NTCA hosted a joint webinar with TransNexus a couple of weeks ago (January 14) which is available here.
I am looking forward to hearing more from the FCC about how to file for the extension and provide this paperwork. My guess is that your response will need input from regulatory experts and technical experts to cover all the bases.