Dear Brian, et al.:
0) Thanks for sharing
the Robocall situation in Italy. This confirms that the RoboCall
phenomenon is now universal, not just in US. Although, from my
experience, I am not surprised at all.
1) Based on my best
understanding, I believe that the entire issue has been handled
backwards, upside down or outside in. I have been waiting for
what FCC's latest STIR/SHAKEN directive might be able to do. Its
technicality sounded very impressive. It did seem to have some
effect on Robocalls. As a consumer, however, this current
approach has defeated the basic purpose of the original
Caller-ID service. Apparently, true telephony (common) carriers
have begun to ask to be compensated for accessing their
subscriber database in the process of validating a caller by
other (such as VoIP) operators. (In the old days of monopoly,
this was not an issue
because it would be reciprocal within the same carrier, or among
a limited few similar ones.) As a consequence, Caller-ID
displays of most incoming telephone calls nowadays often lack
the caller names which was the key ingredient of the feature.
They are replaced by a duplicated "caller number", or at best
prefixed such with a "[V]" symbol which took me awhile to
realize what it meant. This is very annoying since most people
can't correlate such to more than a couple phone numbers of
close relatives or associates, on the fly. However, this
resultant system behavior serves RoboCallers' purpose just fine,
because the repeated and persisted ringing sound from unknown
callers disturb the called party sufficiently to the point of
answering, once again.
2) The whole subject
can be looked at from a very simple perspective such as a daily
routine of accessing a premises for delivering something. We all
know that the location of a property is publicly known by its
street address. Any and every one can get to it. To control the
access, a key to the lock on the door has to be given to only a
welcomed few. For an establishment, a receptionist or a security
guard serves the same purpose during business hours.
3) For postal services,
a mail box at the entrance to a property or a mail room at an
establshiment has been used for the above "buffering" purpose to
deal with the junk mail. So far, these traditional setups have
worked reasonably well for centuries.
4) When telephony was
initially introduced, it was regarded as a novelty. Getting a
call was a big event. No one had the notion about blocking any
calls. Later on, the "caller pays only if a call is answered" convention led to the alerting
device (the ringer) purposely made loud enough to be sure that
the called party would be pressured to answer the call. During
the manual switchboard days, operators screened the callers very
effectively, because practically every caller was known to the
operator.
5) To avoid disturbing
workers by random calls, a receptionist / telephone operator was
tasked with this "buffering" duty at any sizable establishment.
As telephone switching equipment got mechanized, the combined
DID (Direct Inward Dialing), VM (Voice Mail) and AA (Auto-Attendant)
technologies took over this function. So, majority workers at
institutions and businesses (except those served by CENTREX -
CENTRal EXchange, because each is on a direct public phone
number) have hardly ever been bothered by unwanted calls, even
to the modern days.
6) As per-call charge
dropped significantly, largely encouraged by bulk rates, then
furthered by VoIP technology, the unwanted calls ranging from
harassment, telemarketing to scam, etc. skyrocketed. Not knowing
the extension numbers behind PABX (Private Automatic Branch
eXchange) machines, Robocalls target private residences most of
the time.
7) By miniaturizing
DID, VM and AA subsystems, even residential single line
telephone service could be shielded from RoboCalls just as well,
as disclosed by US Pat. No.5,596,631. It was commercialized as
a product called TriVOX VN100 (See URL below) that enabled a
home owner to set a changeable combination lock at his telephone
demarcation point for blocking all calls, except those welcomed
callers who have been given the code (extension number). This effectively blocked all unwanted calls
regardless the type, even though some might be legally
exempted, such as political, religious or charitable, etc. However,
FTC and FCC decided to take other routes.
8) The Internet SPAM
eMail issue can be parsed down to very similar components. In
the earlier days, digital communication was established
end-to-end directly via dial-up modems. Following the PSTN
protocol and log-in procedure, the involved steps discouraged
most of the abuse. Once the electronic messaging traffic got
consolidated to limited few providers with store-and-forward facility, the
screening function became part of their services. Behind the
scene, they often ratchet up the screening process against one
another with various new "rules", making the users frustrated
about why certain routine eMails all of a sudden got bounced. In
the meantime, there has been an add-on function offered by
certain eMail services that buffers messages from unknown origin
until the intended recipient grants the permission to let it
through. However, it never seems to have caught on.
9) These days,
RoboCalls and SPAMs are out-of-control activities wasting so
much resources, not mentioning the aggravation imposed on
ordinary citizens. However, looping these back to the "limited key distribution for
the front door lock" analogy, STIR/SHAKEN and eMail servers
policing one another may not be the optimal approaches. That is,
if everyone has the freedom of having the key to any property,
while the targeted party is at the mercy of remote unknown third party locksmiths
who promise to do their best to disable those "illegal" keys
somehow, how good the result could be? Since
the basic nature of a communications provider, no matter whether
it is a common carrier or a VoIP provider, is always to get the
message delivered, the current screening schemes are against
their very business model.
This is kind like relying
coyotes to guard a chicken coop. Does any of them have any incentive to
perform well? Perhaps, FCC realizing fines
aren't enough is finally validating this
contradiction.
10) This line of
analysis may be similarly
applied to a couple other Internet related issues.
However, I shall withhold them for another day.
Regards,
Abe (2022-10-09 12:09
EDT)
P.S.: The VN100
mentioned in Pt. 7) above was a feasibility demonstration
product. At that time, the size and cost of sub-systems involved
were still bulky and expensive. All needed capabilities are
now built into the basic SmartPhones. So, the required
functionalities may be performed by a straightforward add-on
APP. As well, the currently available IC devices make it
feasible to build a compact stand-alone "VN100 + VM" module for
supporting POTS (either landline
or VoIP derived) configurations. So, an updated
distributed defense system against RoboCall may now be deployed
cost effectively. Since the enforceable life of US Pat. No. 5,596,631 has expired, any party recognizing the
potential of applying this technology to benefit citizens of
your region, please contact me offline. We will be glad to share
our knowledge about this alternative.
On 2022-10-07 03:45,
Brian Turnbow via NANOG wrote:
The federal law in 47 USC 227(e) says:
(1)In general
It shall be unlawful for any person within the United States, or any person
outside the United States if the recipient is within the United States, in
connection with any voice service or text messaging service, to cause any
caller identification service to knowingly transmit misleading or inaccurate
caller identification information with the intent to defraud, cause harm, or
wrongfully obtain anything of value, unless such transmission is exempted
pursuant to paragraph (3)(B).
In (3)(B) is a narrow carve-out for law enforcement and court orders.
The important point is that spoofing is illegal with fraudulent intent, OK with
benign intent.
This is a very interesting conversation as there is a ongoing discussion on how to ban spoofed calls here in Italy..
Here operators must identify each customer and ensure that they are screening incoming numbers.
Most do, but some do not and become sources of spoofed traffic.
The biggest problem however comes from out of country originators that allow foreign call centers to use Italian numbers.
Thus the calls come in from an international carrier.
We are moving twords blocking incoming calls from international trunks containing Italian from numbers, something we see already in place for carriers in other EU countries such as France.
Most operators here have been against stir/shaken as a means to resolve the problems.
Brian