Caller ID Law Update Expands Anti-Spoofing Protections to Text Messaging

  • Email
  • Print
  • Printing Articles

    1. Click here to print!
    2. ...or print directly from your browser by choosing File > Print... from the menu or by pressing [Ctrl + P]. Our printer-friendly stylesheet will make sure extraneous website stuff isn't printed.
    3. You're done!

    Close this message.

  • Comments
  • RSS

The U.S. House of Representatives recently passed an update to the Communication Act that expands caller ID spoofing provisions to text messages and calls made over VoIP. The bill was sent to the Senate where it awaits committee action.

Reps. Grace Meng (D-N.Y.), Joe Barton (R-Texas), and Leonard Lance (R-N.J.) originally co-sponsored the bill, titled the Anti-Spoofing Act of 2014. The bill – HR 3670 — passed the House on a voice vote on September 9.

Building on the Truth in Caller ID Act of 2009, the bill is designed to “expand and clarify the prohibition on provision of inaccurate caller identification information.” Specifically, the new law would target caller ID spoofing in text messages and in calls made over recently accepted Internet technology like VoIP.

When the bill was introduced in 2013, Rep. Meng noted, “The purpose of caller ID is to know the identity of the person who is calling or texting you, but all too often, then name and number that is displayed is not the actual name and number of the caller or texter. It’s time to finally stop this outrageous and deceitful practice, and our legislation would go a long way toward putting an end to it.”

The Senate referred the bill to its Committee on Commerce, Science, and Transportation. There has been no official action since, and there probably will not be as Congress will be in recess until after the mid-term elections in November. But the bi-partisan bill could see consideration in the lame duck session before a new Congress is sworn in.

Two Senators last week did formally introduce the upper chamber companion bill called the Caller ID Scam Prevention Act. Sponsored by Sen. Amy Klobuchar (D-Minn.) and Sen. Roy Blunt (R-Mo.), the bill is identical to the one passed by the House.

Caller ID laws are very important for debt collectors, as the volume of calls made by the ARM industry warrants careful treatment of outgoing ID information. It has also come up in court as legal experts weigh whether caller ID information constitutes a communication under the FDCPA.

  • Email
  • Print
  • Printing Articles

    1. Click here to print!
    2. ...or print directly from your browser by choosing File > Print... from the menu or by pressing [Ctrl + P]. Our printer-friendly stylesheet will make sure extraneous website stuff isn't printed.
    3. You're done!

    Close this message.

  • Comments
  • RSS

Posted in Collection Laws and Regulations, Collection Technology, Debt Collection, Dialers, Featured Post .

×
Subscribe to our email newsletters

Continuing the Discussion

We welcome and encourage readers to comment and engage in substantive exchanges over topics on insideARM.com. Users must always follow our Terms of Use. Also know that your comment will be deleted if you: use profanity, engage in any kind of hate speech, post an incoherent or irrelevant thought, make a point of targeting anyone, or do anything else we find unsavory. Your comment will be posted under your current Display Name, shown below. If you'd like to change your Display Name, you must update it on the My Profile page.

  • avatar Jeffrey Weinstein says:

    I know I won’t make many friends by saying this, but I’ve always thought the practice of changing caller-ID names is wrong. I’m not talking about tweaking it so that it displays a correct name such as “Keith Menlo Law” instead of “Law Office of”. But when it displays “Chocolate Factory” instead of “Collection Agency” that is deceptive.

    The phone companies sold caller-ID to the public as a way of knowing who was calling before you pick up the phone. Enabling businesses to change it to whatever they want to is just wrong. The telemarketing industry is very adept at this. Almost every telemarketing call I’ve ever received is made to display as “Error,” “Unavailable,” “Out of Area” etc.

    And when it comes to collection agencies, do you REALLY believe that simply getting someone to pick up the phone who is avoiding your calls will produce a payment? I doubt it. Maybe I’m wrong, but I just don’t see a hard-core debtor suddenly paying their bill just because you got past the caller-ID.

  • avatar Jason Bexten says:

    The caller or collection agency only provides the telephone number that they are calling from when they make a call, the number is provided on the data channel of the call. The caller id name is provided by the company that charges the customer for the caller id service. Private, commercial databases are maintained that are similar to a dns for the internet that provide the naming instructions for a specific telephone number. These databases are occasionally out of date and may provide a name for the previous owner of the telephone number. Just like dns, if you submit a new caller id name to be attached to your number, it may take weeks to propagate through all caller id databases. For databases like opencnam, it may never propagate to the correct name.

    Should a collection agency be liable because a commercial entity sold and provided the consumer with incorrect callerid name information? The legislation and penalties should be directed at the commercial companies that sell this bad information.

    This bill just shows how little our legislators actually understand the world they legislate.

  • avatar Jason Bexten says:

    Here is a link for any legislator to gain a basic understanding of caller id.

    https://www.clearfly.net/kb/101/

  • avatar Newb Collector says:

    I hate to be a grammer nazi or what have you, but with my background this just bothers me:

    “There has been no official action since, and there probably will not be as Congress has convened until after the mid-term election in November.”

    Congress has recessed until after the mid-term elections in November, not convened.

  • avatar Patrick Lunsford says:

    @ Newb Collector – So what if the word means the exact opposite of what I was going for? English is a fluid and flexible language, bending to our will. I can use that word.

    (Thanks for the catch, the article has been updated)

  • avatar Jeffrey Weinstein says:

    Jason,

    I have SEEN caller-ID names changed by the party placing the call. In fact, I went to the link you provided and they CONFIRM that they will register any name the customer wants as long as it is 15 characters or less.

    Obviously, there should be ZERO liability if the provider of phone service to the called party uses and out of date database, since the business placing the call would have no control over that. To expect a business to know which CNAM provider would be used with each individual phone number would be unrealistic.

  • avatar Jason Bexten says:

    The site says that they will register a name that is less than 15 characters from ASCII with their CNAM provider. The CNAM provider they are referencing provides less than 1/1,000th of a percent of the daily cnam or caller id data. That is right, out of the 1.2 billion dips daily, they provide a whopping 12,000 of them. So you literally have a one in one hundred thousand chance that registering a bogus name with them will spoof the recipient’s caller id.

    Also, the website does give the impression that you can register any 15 characters as your caller id. In truth, they limit your caller id to some representation of your business name. Most other sip providers do as well.

    In fact, almost every sip provider will limit you to attaching a number on your data channel of the call to a telephone number the sip provider has confirmed does in fact belong to you. This standard practice prevents a voip/sip customer from attaching a local pizza hut number that would be the type of fraud used to get more people to answer the phone.

    Once again, this is something that is easily legislated at the carrier level and incorporated into Nanpa. Creating cottage legislation that puts the burden on the end user and not the commercial beneficiary of these systems is trickle up enforcement. It is tantamount to allowing the local stores to sell bath salts and then prosecuting someone when they purchase it.

    This is contrary to a very long history of consumer protection law that places the standards and expectations on the commercial beneficiary, in this case the CNAM provider. Are call centers and collection agencies so low of a form of filth that we are no longer considered to have any form of civil protections? Every single problem that could ever occur related to debt collections must be the collection agency’s fault?

    Did not get your validation letter in time? Oh, you didn’t get 12 pieces of mail from family either? That is ok, I am sure that the USPS did not error in delivery of the collection notice, the collection agency probably is scamming you or committing fraud.

    You received a telephone call to the number that you requested they call you at if you were late on your payment? They are clearly violating the law because the agreement is not specific enough on who, when and where the call will come from and therefor is not explicit. Disregard the fact that the purpose you gave your creditor the number was explicitly for debt collection, we treat these guys like dirt and can reshape any set of facts to make them scum.

    You received an email from hughspammer@gmail.com with V1@gara in the title? It was probably a collection agency trying to harass you and using a sophisticated ploy of contacting you from a completely unrelated number for a completely unrelated purpose. These guys do this because if they frustrate you with enough spam email, they think that you will be intimidated into paying your bill with them.

    Your telephone provider is responsible for verifying the integrity and accuracy of the data they provide you when someone calls you. If they don’t trust the source of the call, then they can simply not allow it to complete to you. They can issue a triple tone message informing the caller (originator) that they must complete security and bonding agreements with the terminating company before calls can be processed. It should not be so difficult that it prevents new start-up telecom companies from forming, but confirming basic integrity protocols is a short process and terminating the connection agreement when it is violated regulates the industry instead of the customer.

  • avatar Jason Bexten says:

    Jeffrey,
    I have heard people talk of real-time caller id name spoofing as well. It just isn’t a reality within telephony architecture. I have never been shown an example by the people who claim it exists. Technically, I suppose if the person you are calling is using “jax5 cheap voip phone service”, then his phone company may process the name you put in the sip tag instead of providing a caller id lookup. I have never heard of a telephone company that trusts a sip tag provided by an unknown network, but that company may exist somewhere. If you get your voip from unregulated markets in the congo, caveat emptor.

    Cellular networks don’t currently allow any channel to provide a caller id name tag. Bandwidth was so limited with the initial cellular networks that they had to use variable bit-rate compression and kick options to keep the service running. They certainly did not have room for 15 characters of ascii that would have added 15 bytes on a compression codec that was doing all it could to compress the 64 byte voice channel. The callerid number alone increases the payload by 4 bytes.

    The only access point for fraud that I have actually seen was the ability for a caller to provide an incorrect telephone number in the caller id number tag of a sip call. This existed because many sip customer would use did numbers purchased through other carriers or pots lines to broadcast on caller id. I don’t know of any sip networks that will still allow you to broadcast did on trust alone, they require some type of verification that the number does in fact terminate with you. Opening quick sip/voip access to customers in a growing market created these holes and they were closed where they should have been, at the commercial provider level.

  • avatar Jason Bexten says:

    My bad. Calls are 64kb and not 64 bytes. So the math percentage is wildly different in my tangent. It is true, however, that the decision to not allow additional tags on cellular networks came down to bandwidth considerations.

  • avatar Jason Bexten says:

    CNAM is a $20 Billion dollar per year industry in the USA that generates over $14 Billion per year in profits. Much of the CNAM activity still occurs within the baby bell organizations in the USA. The CNAM industry is many times over more profitable than the entire collection industry as a whole. The collection industry invests blood, sweat and tears to support the financial industry as a whole and then we thank God if we have enough money to pay the bills at the end of the month. The CNAM industry just charges a penny for a piece of data on each call that cost less than 1/100th of a penny the first time they need it and is free for the next 30 days. I think it is certainly fair that the collection industry should carry the regulatory and civil liability when the CNAM service is inaccurate. After all, we all take our helicopters to work everyday and then race our Gulfstreams on the way to the annual conference.

  • avatar heather-duff says:

    I don’t agree to the point that all service providers have problem with there services. The caller id name is provided by my service provider company at http://voicearray.com/ and I have never faced any of the problems mentioned above.

Leave a Reply