I dispute their contention that an "ideal" solution would not block political or charity robocalls. Ideally we close these loopholes in the No-Call List, so these all are illegal.
It seems to me a lot of the problem results from allowing the caller ID information to be spoofed. Any serious attempt to fix this problem would seem to involve tracking down real numbers, defeating the spoofing.
Most satisfying (and effective!) thing I have ever done to eliminate a repeated scam call (to lower credit card interest rates, never admitting who they're with, except some vague reference to imply they're associated with the credit card companies) is to string the guy along, when I am "going to get my credit card", setting the phone down and going about my other business, until it's clear he finally hung up. Then he called back, and I said "when I got back to the phone you weren't there!", and repeated the game a bunch of times over the day, with the guy getting more & more exasperated. Funnily enough, I never get those calls anymore...
Caller ID spoofing is a true misfeature. The ability should be removed, or consumers should have out-of-band access to the real number in order to be able to at least blacklist it.
Phone numbers are to the telephone network like IP addresses are to the internet. Caller ID is to phone numbers as DNS is to IPs. I don't think getting rid of caller ID would really help anything, and you can't fix the caller ID to specific numbers, as phone numbers are as transient as IPs -- they can terminate to an IP phone in Pakistan one day, and to a Twilio gateway used by some other company's apps the next day. Blacklisting the number can be both ineffective and harmful.
Letting the caller set the caller ID is the only way someone calling you from Comcast about your bill can have Comcast show up on the ID. Most large companies like that don't own the numbers they call from, or the call centers -- they outsource both inbound and outbound phone support and sales. Typically to multiple phone center companies at the same time, who all have to call "as" Comcast, and ramp up or scale down with more or less phone numbers as needed. They'll use autodialers too, with real people rather than recordings, to minimize the delay between one outbound call ending and there being another person for that now-available rep to talk to.
The ability to set caller-id is important. I was surprised by how easy it is. With the free X-Lite SIP softphone and a flowroute.com account, I can set an arbitrary caller-id number and place a call to anyone. This is very useful, as it lets me place cheap VoIP calls "from" my mobile phone number. It could also be used to get into voicemail and other systems that trust caller-id.
Businesses can detect your billing number, the ANI. Having been involved in a system where employees logged in and out of work via the telephone it was very important that we could prove where they were. We had many people attempt to spoof it which never worked.
So the information is there. However it is worth a lot of money to the phone company and they sometimes resell that information to others who repackage it. They also in turn don't always give you this information even when you pay for caller id which is similar but not the same. Originators can block paid caller id, I have never seen a case where you can block ANI subs
I was under the impression that ANI was forced on WATS lines, but that it didn't necessarily exist for residential, shall I shift my understanding? I think this could actually be a good lever, putting the problem purely into the policy domain.
In the good old ISDN/SS7, both the network-provided caller-id as well as the user-provided caller id are transported, even in case the caller wants to perform an anonymous call. Usually the last hop before delivering the call to the called party is responsible for removing the relevant information. In SIP, the same exists with From- and P-Asserted-Identity headers.
The SS7 interconnection partners usually go through extensive tests before allowing you to hand over signaling traffic via SS7, but this is not so much the case for SIP interconnects, where we're lacking a bit of clear standards (however working groups like http://www.sipforum.org/sipconnect exist and are taken more seriously nowadays).
If you are allowed to do "CLIP no screening" - which means you can set arbitrary caller ids in the user-provided part, the terminating system (the hop delivering it to the called party) is still able to check both fields, so this could be a way to pin down the real calling party, even if it "spoofs" its caller id.
>phone numbers are as transient as IPs -- they can terminate to an IP phone in Pakistan one day, and to a Twilio gateway used by some other company's apps the next day. Blacklisting the number can be both ineffective and harmful.
Right after I get a call I don't want, have another number that I can call. If I call that number, I'm telling the government, "My last call was an unwanted robocall."
Trace that call to its source (as best as that can be determined). If that source has generated a lot of calls recently, and is not on a white list, it is blocked. Any attempts from that number to make a phone call go to a recorded message saying that it is blocked, with instructions for how to get unblocked.
Any phone number that gets blocked several times in a week is permanently blocked.
After I get an unwanted robocall, I want to dial "*RC" for "RoboCall". I get a credit on my next phone bill for 25 cents. The phone company charges the originator 50 cents. Now the phone company has an incentive to track all robocalls. And I have a little compensation for my time.
If the phone company is going to charge the originator, they'd have to verify that the call you reported was actually an illegal RoboCall. Some dishonest people might report people whom they know but don't want to hear from as RoboCalls. Others might erroneously report organizations that are legally allowed to call them, like companies with which they had a business relationship or political candidates. Verifying that each claim was valid would probably cost the phone company much more than 50 cents.
> If the phone company is going to charge the originator, they'd have to verify that the call you reported was actually an illegal RoboCall
If I'm getting unwanted calls, I don't really care whether the government thinks they are legal, I just want them stopped.
How about this solution: if the caller ID is on a whitelist, it goes straight through. If not, the caller gest asked a question (which should filter out robots). If there are determined human unwanted callers, a second line of defence would be to ask them to key in a 4 digit code (and I'd only give the solution to people who wanted to call me).
Google voice lets you do something along those lines. I personally found it incredibly tedious and quickly turned it off.
I think the grandparents idea of *RC is spot on. Verification can be done through volume; i.e. a one-off may do nothing but repeated reports indicate something is up. Just like reporting spam in email.
Along those lines, some sort of charge-to-call system may work. Like calling collect in reverse, but the receiving party can decide to not charge the fee if its someone they know (or flip it, hitting # within 30 seconds of an inbound call will capture the fee and disconnect)
I would improve it even further:
Charge not $0.50, but amount depending on how many complaints that caller is getting. The more complaints - the higher is per-complaint charge. All the way to $10 per unwanted call.
First few complaints per month - no charges.
After that fines go to $1 per reported unwanted call and up.
Phone company gets 50% or the charges. The remainder is deducted from call recipient bill.
If caller is legally allowed to harass call recipient (for example in debt collection case) - that could be solved by special amendment.
Whether the call is robocall or any other unwanted call - it does not really matter.
Maybe instead of blocking, put this caller on a "hellban" list, where the calls go through but are redirected to robolisteners. Perhaps patch two robocallers with each other.
That's exactly the solution I imagined. Dial something like *69 and have the sender marked as a robocaller. It shouldn't be hard to find the people getting thousands of reports every day and shut off their phone service.
There actually was a mechanism designed into the * 69 service for a situation like this, but it was meant more for threatening calls or things that required police action.
You could dial * 57 after hanging up on the caller and the calling number would be recorded at the phone company, where the police could obtain it if was determined to be necessary.
tldr; the mechanism is there, but probably will never be used.
Several months ago I was getting fax calls at 1am-2am repeatedly. The phone company told me to use this service to mark the calls. However, it turns out that since the nature of the calls weren't technically "harassing", they couldn't do anything about it. Apparently if someone calls me in the middle of the day and says "penis", that could get them in trouble; but waking my wife and I night after night is not harassing. Go figure.
So the police couldn't legally do anything, and the phone company wouldn't do anything. That's when I finally dumped traditional telephone service. If the phone company isn't interested in giving me a product with the features I want, I'll find someone else who will.
Now I've got VoIP service. I can see a complete record of who called me (subject to CID spoofing), and I can set up blacklists for incoming numbers according to my own whims.
You'd have to get the victim to call you before you could mark them as a robo-caller, so it's hard to see how there could be false positives for anyone who wasn't calling lots and lots of people.
I don't just want robocalls killed. I don't want calls from politicians, charities, pollsters or any other exempt organizations either. I don't want calls from the debt collectors trying to reach the person who used to have my number. For me, and people like me, a telco-based solution won't work because they have to adhere to the regulations that have these giant exemptions.
In volume, you could make a device for landlines for probably <$50. Connect the device to the primary incoming line. Connect phone(s) to the device.
User dials #4321 (some non-secret activation code, printed in instructions and sticker on device) from house phone. Follows prompts to record (a) his name, (b) names of other individuals at the house, (c) one or more bogus names. May also follow prompt to enable a bypass code. May also follow prompts to add CID numbers to whitelist (see below; this is for DESIRABLE robocalls, e.g. from the school district in case of emergency or school cancellation). User hangs up; device is programmed.
Incoming call, 2 rings, CID/CNAM captured (FWIW), house phones do not ring. Device answers: "Calls may be recorded. Press 1 for Bogus John, 2 for Real Alice, 3 for Real Bob, 4 for Bogus Carol". Caller presses 1/4, "Please leave a message after the tone", tone plays, incoming voice goes to /dev/null for 10s, call is dropped. Caller presses 2/3, house phones ring, stored CID/CNAM is provided.
If the incoming caller uses the bypass code, the call goes straight through.
Bonus: distinctive ring for Alice vs Bob.
Bonus: after an annoying human caller "leaks" through, user can hang up, pick back up, and dial #5432 [some other non-secret access code]. Incoming CID put on block list. Calls from blocked numbers are unanswered (will go to VM if user subscribes to VM from telco).
Bonus: similar to blacklist, user can dial #2222 (for "whitelist to Alice") or #3333 ("whitelist to Bob") to whitelist a just-received call. Whitelisted calls immediately go through. DR means that I don't have to check CID to know it's my MIL calling for wife. Numbers can be whitelisted during programming (see above) because desirable robocalls (e.g. kids' school) will otherwise never get through and can't get #2222 treatment.
Bonus: pressing ## (or some other code) during a call starts a recording. Saved as <cid>-<date/time>.wav to removable flash or USB on the device.
Bonus: insert flash/USB, dial #9876 from house phone. Device upgrades itself from the flash.
We use an answering machine to screen calls. I put SIT tones (the tones usually followed by a network message such as "we're sorry but the call cannot be completed as dialed" -- google SIT.WAV) at the beginning of our outgoing message. We don't pick up until the message ends.
We get a lot of 'ghosts', calls dropped before the message is done -- those were automated calls. We get callers which are partway through delivering a canned spiel at that point because their delivery system triggered on the tones as if 'your-turn' beep -- those were automated calls intended to be left as recorded messages.
It's not exactly what the contest is about, but it does provide some personal relief on a landline.
So AT&T has the technology to bill each subscriber down to the bit of data used, but they can't detect when an entity is making 10s of thousands of calls . . . . ?
10s of thousands of calls isn't necessarily illegal, nor unwanted.
Phone companies will probably claim to be just a pipe for data, and that they cannot interfere with that data, and that regulation is for other people. They'll stop you if you're damaging their network.
Cynically I'd say that a company making tens of thousands of calls is worth more to the telco than me, making very few calls. (I doubt that's actually the reason.)
Help me out here as a UK person: What sort of Robocalls are there ?
Here in the UK there are variants.
1) Pause to hear you pickup, then they connect to a human salesperson
2) Full blown automated call
3) Human on the other end but how did they get your number ?
I have a solution, but can't enter as I'm outside the US :(
In this U.S. the most annoying are the full-blown automated calls. Many of us get calls from a robocaller ("This is Ann from card services") that calls day after day with the same message.
I feel like robot calls used to be much more common. I think I only get maybe 2-3 a year now. I think most recently they were from DirecTV and GNC. I tend to give out my Google Voice phone number to businesses and non personal contacts so I can block them if they sell my number or start robo calling it. Although I've only had to block maybe 1 or 2 numbers on google voice in the last few years.
I wish the iphone had a way to create a black list and block callers. I'm not sure why they've never implemented this. I know it can be done by jailbreaking but it seems like it should be part of the os.
Penalty should not just be on the illegal robocalling telemarketers, but should also on the businesses contracting the telemarketers. Cut the funding off from the sources.
"To complete this call, a payment of $NOMINAL_AMOUNT is required. This may be refunded at the discretion of the caller."
In actuality, you'd whitelist numbers not required to make payment, and/or clear other numbers at the end of your billing cycle if desired. Payment options would be provided. The call would not ring through until authorized or paid.
This would increase the costs of phone spam markedly.
Survey organizations would have a bit of a problem. Oh well.
Would it be possible to use the same technology of SSL with phones? Have the telco, who presumably knows the endpoint of the call can either apply an SSL certificate (or equivalent) to the call so that the receiver can confirm their validity?
Or, alternatively, much like how websites currently operate, the person making the call would have to attach their certificate which the receiver could check against CA(s). This would be nice because if certain CAs had rules where they wouldn't sign up certain numbers (telemarketers, politicians), you simply wouldn't use that CA to validate calls.
I definitely know where you're coming from. I get calls like that a lot and I With all the consumer complaints these nuisance calls created, I don't understand WHY these companies still operate!
Well, yeah, there's that thing they call the freedom to "advertise" but what the ?? They're already trespassing into our freedom to privacy!
I don't know anybody who'd disagree but if these companies continue this unethical business practice, I would surely be happy to see them shut down!!!!
Sure. If you plan on implementing this as some sort of end-user device that would be hooked up to a phone handset or a software "app" you would install on a smart phone, then all you've got to work with is caller ID. Caller ID can be blocked by the caller (e.g., by dialing *67 first) and spoofed, including the purported outgoing number. In fact, VoIP systems like Skype have made spoofing caller ID and now even ANI, a toll network analog of caller ID, trivial.
So even if you keep some sort of constantly updated database of numbers used by robocallers, you are still relying on the robocallers 1) not blocking outgoing caller ID and 2) not spoofing the numbers of legitimate users resulting in them getting blacklisted.
>VoIP systems like Skype have made spoofing caller ID and now even ANI . . . trivial.
Is there any way for hardware connected to an ordinary phone line to distinguish between an incoming call from a VoIP system versus an incoming call from an ordinary phone line?
Not completely true. Spam is relatively easy to block because you have a complete copy of the communication to work with and not just the envelope.
In the spam world, honeypots are set out. If an email is sent to a honeypot (a fake address), then it is, with high probability, spam. If the email is sent to multiple honeypots, you can be sure it is spam. If a variety of humans mark the email as spam, you can be reasonably sure it is spam. In principal, you can now compare some signature of an email with known spam messages.
These techniques can be used with phone calls, but there is less data to work with.
The approach that applies a turing test to each incoming phone call will filter out robocalls nicely. And it increases the costs of humans calling enough to filter out many of them. For persistent humans, I like the approach of having the sender send a token payment to the receiver which the receiver can easily refund.
You pass a law saying that all robocalls must comply with ROBOCALL_STANDARD.
You include a regulator in that law. The regulator is responsible for updating the standard as needed, and for taking reports from people who receive a robocall, and for imposing sanctions on companies who i) do the robocalling and ii) ask other companies to do the robocalling for them.
Sanctions include fines for the companies; potential prison time for the directors of those companies (obviously this would need to go through court) and 'blocking of numbers by telecom companies' (not sure how realistic that is.
The regulator has an "opt out" list. Every one with a phone who doesn't want to receive calls registers on that list. New numbers are added by default. (They can maintain an "Opt in" list, so people who want to receive junk calls can).
Then the regulators set up a website. This site contains a simple report form; the opt in and out lists; links to the current standard; links to the law; links to previous adjudications.
If CompanyX uses a robocall company in a different country you can still go after CompanyX. Not sure what you'd do if both CompanyX and the robocall company are overseas with no US presence.
Hey, Shazam there's an almost "free" prize waiting for you.
Just make an app that hooks into you calls on demand and records & forwards suspected robocall's to match them against validated malicous ones.
Someone else might figure out the telco backtrace part with timestamps and so on.
And guess what? All you trespassers out there, be aware that I am reporting your phone numbers to Callercenter.com every time you call. Just so you know, in case you start wondering why your calls seemed to be blocked.
You want publicity by harassing me? I give you just that. Negative publicity!
I believe Google Voice has already solved this problem. Just as with email, click report spam and the whole user-base benefits. I suppose Google could share that phone number list with others providers.
This just reeks of the FTC abdicating its responsibilities to enforce the existing laws. Show me the budget the FTC spends on prosecuting violators of the law and maybe I'll change my mind.
What I think would be cool is to be able to forward the call to a smart enough bot that wastes like 5 minutes of their time every call. This will surely kill their spammy business model
You're reading it wrong: if the winning team has fewer than 10 employees, the team gets $50,000. 10 or more, the team gets no cash, just bragging rights.
they probably want a company that can actually develop said idea instead of just squat on the idea or any patent. I can come up with a good idea but execution counts.
And why isn't this a problem in Europe? E.g. Germany? I'm not getting any unsolicited phone calls anymore - robot or not (this used to be a problem 15 years ago, but not isn't anymore).
There are national do-not-call registries. Companies are required to check those before calling. If they don't then they get fined, which usually starts at around 25,000 euro.
This is for The Netherlands, but I believe it's similar throughout Europe.
The U.S. also has a do-not-call registry that you get fined for violating (donotcall.gov). The problem is that they don't know who to fine, because it's really easy to spoof caller ID and the businesses aren't dumb enough to identify themselves.
How can those businesses try to sell you something without identifying themselves?
Also, there must be some weird political or legal reason why they can't (or won't) get the identity from the phone companies. It can't be a technical reason, because they're already capable of tapping everything, and the phone companies are already in full cooperation with that, even developing and providing specific technical interfaces for law enforcement.
And, maybe someone can tell me if this is actually possible (as opposed to a "CSI" type exaggeration): In many police series you see them requesting full cell-phone logs of all incoming and outgoing calls to a certain phone in the past few weeks or so.
In case that's realistic, I certainly hope that it can't be foiled by something as simple as spoofing the caller ID? Because, you know, that'd make it really easy to frame someone.
I haven't seen or heard one of these calls actually play out, but they might not even be trying to sell something - they could just be scammers out to steal credit card information. (I get one all the time that's a prerecorded message from "Rachel from Cardholder Services")
I'm sure telephone companies could technically stop them if they really wanted to, but telephone companies make a profit from these people. What incentive do they have to stop them? Same with text message spam. If they tracked it (which they surely collect enough money per message to do), they could easily notice one number sending a hundred spam texts and stop it before it sends tens of thousands of them. They don't, though, because each of these messages means anywhere from another 5 to 25 cents in their pocket. Most people don't even contest getting charged for receiving spam texts, because who's going to argue over a quarter?
The biggest issue seems to be that all of this data is ephemeral - even if they had a "more powerful" caller ID (which I believe 911 dispatchers do), you would have to catch them in the act and personally have access to check where the other end of the call is terminating, and you'd have to do it before they hung up. For IP calls, I think it's unlikely they would even be able to fully trace it.
This law was passed (in NL) only some 5-7 years ago, IIRC? Because I also don't recall any "robocalls" to landlines before that time. There were the unsolicited phonecalls, but they were human, you could always request to be taken off their list and taking some basic privacy precautions I only got them very very rarely.
But I don't remember getting mass-phonecalls with pre-recorded messages, nor heard about people that did. I could be wrong, of course.
Calls where you already have a business relationship with the company are legal. "Robocalls" in this context specifically means auto-dialed telemarketing calls, usually with a prerecorded spam message, where you have no business relationship with the caller.
"Contestant further represents, warrants, and agrees that any use of the Submission by the Sponsor, Administrator, and/or Judges (or any of their respective partners, subsidiaries, and affiliates) as authorized by these Official Rules, shall not:
a. infringe upon, misappropriate or otherwise violate any intellectual property right or proprietary right including, without limitation, any statutory or common law trademark, copyright or patent, nor any privacy rights, nor any other rights of any person or entity;
b. constitute or result in any misappropriation or other violation of any person’s publicity rights or right of privacy."
I find this clause rather disturbing, I think I know what they meant to say, but they instead wrote something so overly general, that if enforced, effective makes this competition un-winnable. Maybe someone else can weigh in on this.
It seems to me a lot of the problem results from allowing the caller ID information to be spoofed. Any serious attempt to fix this problem would seem to involve tracking down real numbers, defeating the spoofing.
Most satisfying (and effective!) thing I have ever done to eliminate a repeated scam call (to lower credit card interest rates, never admitting who they're with, except some vague reference to imply they're associated with the credit card companies) is to string the guy along, when I am "going to get my credit card", setting the phone down and going about my other business, until it's clear he finally hung up. Then he called back, and I said "when I got back to the phone you weren't there!", and repeated the game a bunch of times over the day, with the guy getting more & more exasperated. Funnily enough, I never get those calls anymore...