Congress slaps robocallers with $10,000 penalty—per call

The US Senate unanimously passed legislation Thursday that aims to end the scourge of robocalls. The TRACED Act had already passed the House of Representatives, so it’s now headed to President Donald Trump’s desk for signature.

The new legislation allows federal authorities to seize the profits of robocall operators and assess an additional penalty of up to $10,000 per call. It also pushes telephone companies to implement SHAKEN and STIR, a suite of authentication protocols that will help the fight against robocalls.

Currently, the American telephone system makes it easy for fraudsters to spoof caller-ID information on a phone call. That makes it difficult for providers to detect and block automated and fraudulent calls. SHAKEN and STIR are industry-developed standards that use public-key cryptography to allow phone networks to authenticate calls to one another, ensuring that caller ID information is accurate.

All year, the Federal Communications Commission has been pushing phone-service providers to adopt the standard. But some companies have lagged behind, and the FCC has not yet established a hard deadline for adopting the technology.

Now Congress is setting a deadline, ordering companies with IP-based voice networks to adopt SHAKEN/STIR within 18 months. Companies with old-fashioned non-IP networks must take “reasonable measures to implement an effective call authentication framework” in the same timeframe.

That’s a fairly lenient deadline. FCC Chairman Ajit Pai had urged voice providers to adopt SHAKEN/STIR by the end of 2019, and most of the larger providers were on track to meet that deadline. Some consumer groups were pushing the agency to set a hard mid-2020 deadline. The new 18-month deadline should give the laggards plenty of time to catch up.

The implementation of SHAKEN/STIR won’t end robocalls on its own. The technology aims to prevent scammers from making calls with inaccurate caller-ID information. But people might find ways to make robocalls anyway. Perhaps they’ll find networks that do a poor job of monitoring outgoing calls on their networks. Maybe they’ll find ways to call from international numbers. Or maybe they’ll find other loopholes in the system. Preventing abuse will require coordinated effort among service providers and may take years to get right.