Dear Brian, et al.:

0)   Thanks for sharing the Robocall situation in Italy. This confirms that the RoboCall phenomenon is now universal, not just in US. Although, from my experience, I am not surprised at all.

1)   Based on my best understanding, I believe that the entire issue has been handled backwards, upside down or outside in. I have been waiting for what FCC's latest STIR/SHAKEN directive might be able to do. Its technicality sounded very impressive. It did seem to have some effect on Robocalls. As a consumer, however, this current approach has defeated the basic purpose of the original Caller-ID service. Apparently, true telephony (common) carriers have begun to ask to be compensated for accessing their subscriber database in the process of validating a caller by other (such as VoIP) operators. (In the old days of monopoly, this was not an issue because it would be reciprocal within the same carrier, or among a limited few similar ones.) As a consequence, Caller-ID displays of most incoming telephone calls nowadays often lack the caller names which was the key ingredient of the feature. They are replaced by a duplicated "caller number", or at best prefixed such with a "[V]" symbol which took me awhile to realize what it meant. This is very annoying since most people can't correlate such to more than a couple phone numbers of close relatives or associates, on the fly. However, this resultant system behavior serves RoboCallers' purpose just fine, because the repeated and persisted ringing sound from unknown callers disturb the called party sufficiently to the point of answering, once again.

2)  The whole subject can be looked at from a very simple perspective such as a daily routine of accessing a premises for delivering something. We all know that the location of a property is publicly known by its street address. Any and every one can get to it. To control the access, a key to the lock on the door has to be given to only a welcomed few. For an establishment, a receptionist or a security guard serves the same purpose during business hours.

3)  For postal services, a mail box at the entrance to a property or a mail room at an establshiment has been used for the above "buffering" purpose to deal with the junk mail. So far, these traditional setups have worked reasonably well for centuries.

4)  When telephony was initially introduced, it was regarded as a novelty. Getting a call was a big event. No one had the notion about blocking any calls. Later on, the "caller pays only if a call is answered" convention led to the alerting device (the ringer) purposely made loud enough to be sure that the called party would be pressured to answer the call. During the manual switchboard days, operators screened the callers very effectively, because practically every caller was known to the operator.

5)  To avoid disturbing workers by random calls, a receptionist / telephone operator was tasked with this "buffering" duty at any sizable establishment. As telephone switching equipment got mechanized, the combined DID (Direct Inward Dialing), VM (Voice Mail) and AA (Auto-Attendant) technologies took over this function. So, majority workers at institutions and businesses (except those served by CENTREX - CENTRal EXchange, because each is on a direct public phone number) have hardly ever been bothered by unwanted calls, even to the modern days.

6)  As per-call charge dropped significantly, largely encouraged by bulk rates, then furthered by VoIP technology, the unwanted calls ranging from harassment, telemarketing to scam, etc. skyrocketed. Not knowing the extension numbers behind PABX (Private Automatic Branch eXchange) machines, Robocalls target private residences most of the time.

7)  By miniaturizing DID, VM and AA subsystems, even residential single line telephone service could be shielded from RoboCalls just as well, as disclosed by US Pat. No.5,596,631.  It was commercialized as a product called TriVOX VN100 (See URL below) that enabled a home owner to set a changeable combination lock at his telephone demarcation point for blocking all calls, except those welcomed callers who have been given the code (extension number). This effectively blocked all unwanted calls regardless the type, even though some might be legally exempted, such as political, religious or charitable, etc. However, FTC and FCC decided to take other routes.

  https://www.avinta.com/products-1/uwc/home/uwchme.htm

8)  The Internet SPAM eMail issue can be parsed down to very similar components. In the earlier days, digital communication was established end-to-end directly via dial-up modems. Following the PSTN protocol and log-in procedure, the involved steps discouraged most of the abuse. Once the electronic messaging traffic got consolidated to limited few providers with store-and-forward facility, the screening function became part of their services. Behind the scene, they often ratchet up the screening process against one another with various new "rules", making the users frustrated about why certain routine eMails all of a sudden got bounced. In the meantime, there has been an add-on function offered by certain eMail services that buffers messages from unknown origin until the intended recipient grants the permission to let it through. However, it never seems to have caught on.

9)  These days, RoboCalls and SPAMs are out-of-control activities wasting so much resources, not mentioning the aggravation imposed on ordinary citizens. However, looping these back to the "limited key distribution for the front door lock" analogy, STIR/SHAKEN and eMail servers policing one another may not be the optimal approaches. That is, if everyone has the freedom of having the key to any property, while the targeted party is at the mercy of remote unknown third party locksmiths who promise to do their best to disable those "illegal" keys somehow, how good the result could be? Since the basic nature of a communications provider, no matter whether it is a common carrier or a VoIP provider, is always to get the message delivered, the current screening schemes are against their very business model. This is kind like relying coyotes to guard a chicken coop. Does any of them have any incentive to perform well? Perhaps, FCC realizing fines aren't enough is finally validating this contradiction.

10)  This line of analysis may be similarly applied to a couple other Internet related issues. However, I shall withhold them for another day.

Regards,


Abe (2022-10-09 12:09 EDT)
P.S.: The VN100 mentioned in Pt. 7) above was a feasibility demonstration product. At that time, the size and cost of sub-systems involved were still bulky and expensive. All needed capabilities are now built into the basic SmartPhones. So, the required functionalities may be performed by a straightforward add-on APP. As well, the currently available IC devices make it feasible to build a compact stand-alone "VN100 + VM" module for supporting POTS (either landline or VoIP derived) configurations. So, an updated distributed defense system against RoboCall may now be deployed cost effectively. Since the enforceable life of US Pat. No. 5,596,631 has expired, any party recognizing the potential of applying this technology to benefit citizens of your region, please contact me offline. We will be glad to share our knowledge about this alternative.

 


On 2022-10-07 03:45, Brian Turnbow via NANOG wrote:
The federal law in 47 USC 227(e) says:

(1)In general

 It shall be unlawful for any person within the United  States, or any person
outside the United States if the recipient is  within the United States, in
connection with any voice service or text  messaging service, to cause any
caller identification service to  knowingly transmit misleading or inaccurate
caller identification  information with the intent to defraud, cause harm, or
wrongfully  obtain anything of value, unless such transmission is exempted
pursuant to paragraph (3)(B).

In (3)(B) is a narrow carve-out for law enforcement and court orders.

The important point is that spoofing is illegal with fraudulent intent, OK with
benign intent.
This is a very interesting conversation as there is a ongoing discussion on how to ban spoofed calls here in Italy..
Here operators must identify each customer and ensure that they are screening incoming numbers.
Most do, but some do not and become sources of spoofed traffic.
The biggest problem however comes from out of country originators that allow foreign call centers to use Italian numbers.
Thus the calls come in from an international carrier.
We are moving twords blocking incoming calls from international trunks containing Italian from numbers, something we see already in place for carriers in other EU countries such as France.
Most operators here have been against stir/shaken as a means to resolve the problems.

Brian



Virus-free.www.avast.com