Dear Brian, et al.:
0) Thanks for sharing the Robocall situation in Italy. This confirms
that the RoboCall phenomenon is now universal, not just in US. Although,
from my experience, I am not surprised at all.
1) Based on my best understanding, I believe that the entire issue has
been handled backwards, upside down or outside in. I have been waiting
for what FCC's latest STIR/SHAKEN directive might be able to do. Its
technicality sounded very impressive. It did seem to have some effect on
Robocalls. As a consumer, however, this current approach has defeated
the basic purpose of the original Caller-ID service. Apparently, true
telephony (common) carriers have begun to ask to be compensated for
accessing their subscriber database in the process of validating a
caller by other (such as VoIP) operators. (In the old days of monopoly,
this was not an issue because it would be reciprocal within the same
carrier, or among a limited few similar ones.) As a consequence,
Caller-ID displays of most incoming telephone calls nowadays often lack
the caller names which was the key ingredient of the feature. They are
replaced by a duplicated "caller number", or at best prefixed such with
a "[V]" symbol which took me awhile to realize what it meant. This is
very annoying since most people can't correlate such to more than a
couple phone numbers of close relatives or associates, on the fly.
However, this resultant system behavior serves RoboCallers' purpose just
fine, because the repeated and persisted ringing sound from unknown
callers disturb the called party sufficiently to the point of answering,
once again.
2) The whole subject can be looked at from a very simple perspective
such as a daily routine of accessing a premises for delivering
something. We all know that the location of a property is publicly known
by its street address. Any and every one can get to it. To control the
access, a key to the lock on the door has to be given to only a welcomed
few. For an establishment, a receptionist or a security guard serves the
same purpose during business hours.
3) For postal services, a mail box at the entrance to a property or a
mail room at an establshiment has been used for the above "buffering"
purpose to deal with the junk mail. So far, these traditional setups
have worked reasonably well for centuries.
4) When telephony was initially introduced, it was regarded as a
novelty. Getting a call was a big event. No one had the notion about
blocking any calls. Later on, the "caller pays only if a call is
answered" convention led to the alerting device (the ringer) purposely
made loud enough to be sure that the called party would be pressured to
answer the call. During the manual switchboard days, operators screened
the callers very effectively, because practically every caller was known
to the operator.
5) To avoid disturbing workers by random calls, a receptionist /
telephone operator was tasked with this "buffering" duty at any sizable
establishment. As telephone switching equipment got mechanized, the
combined DID (Direct Inward Dialing), VM (Voice Mail) and AA
(Auto-Attendant) technologies took over this function. So, majority
workers at institutions and businesses (except those served by CENTREX -
CENTRal EXchange, because each is on a direct public phone number) have
hardly ever been bothered by unwanted calls, even to the modern days.
6) As per-call charge dropped significantly, largely encouraged by bulk
rates, then furthered by VoIP technology, the unwanted calls ranging
from harassment, telemarketing to scam, etc. skyrocketed. Not knowing
the extension numbers behind PABX (Private Automatic Branch eXchange)
machines, Robocalls target private residences most of the time.
7) By miniaturizing DID, VM and AA subsystems, even residential single
line telephone service could be shielded from RoboCalls just as well, as
disclosed by US Pat. No.5,596,631. It was commercialized as a product
called TriVOX VN100 (See URL below) that enabled a home owner to set a
changeable combination lock at his telephone demarcation point for
blocking all calls, except those welcomed callers who have been given
the code (extension number). This effectively blocked all unwanted calls
regardless the type, even though some might be legally exempted, such as
political, religious or charitable, etc. However, FTC and FCC decided to
take other routes.
https://www.avinta.com/products-1/uwc/home/uwchme.htm
8) The Internet SPAM eMail issue can be parsed down to very similar
components. In the earlier days, digital communication was established
end-to-end directly via dial-up modems. Following the PSTN protocol and
log-in procedure, the involved steps discouraged most of the abuse. Once
the electronic messaging traffic got consolidated to limited few
providers with store-and-forward facility, the screening function became
part of their services. Behind the scene, they often ratchet up the
screening process against one another with various new "rules", making
the users frustrated about why certain routine eMails all of a sudden
got bounced. In the meantime, there has been an add-on function offered
by certain eMail services that buffers messages from unknown origin
until the intended recipient grants the permission to let it through.
However, it never seems to have caught on.
9) These days, RoboCalls and SPAMs are out-of-control activities
wasting so much resources, not mentioning the aggravation imposed on
ordinary citizens. However, looping these back to the "limited key
distribution for the front door lock" analogy, STIR/SHAKEN and eMail
servers policing one another may not be the optimal approaches. That is,
if everyone has the freedom of having the key to any property, while the
targeted party is at the mercy of remote unknown third party locksmiths
who promise to do their best to disable those "illegal" keys somehow,
how good the result could be? Since the basic nature of a communications
provider, no matter whether it is a common carrier or a VoIP provider,
is always to get the message delivered, the current screening schemes
are against their very business model. This is kind like relying coyotes
to guard a chicken coop. Does any of them have any incentive to perform
well? Perhaps, FCC realizing fines aren't enough is finally validating
this contradiction.
10) This line of analysis may be similarly applied to a couple other
Internet related issues. However, I shall withhold them for another day.
Regards,
Abe (2022-10-09 12:09 EDT)
P.S.: The VN100 mentioned in Pt. 7) above was a feasibility
demonstration product. At that time, the size and cost of sub-systems
involved were still bulky and expensive. All needed capabilities are now
built into the basic SmartPhones. So, the required functionalities may
be performed by a straightforward add-on APP. As well, the currently
available IC devices make it feasible to build a compact stand-alone
"VN100 + VM" module for supporting POTS (either landline or VoIP
derived) configurations. So, an updated distributed defense system
against RoboCall may now be deployed cost effectively. Since the
enforceable life of US Pat. No. 5,596,631 has expired, any party
recognizing the potential of applying this technology to benefit
citizens of your region, please contact me offline. We will be glad to
share our knowledge about this alternative.
On 2022-10-07 03:45, Brian Turnbow via NANOG wrote:
The federal law in 47 USC 227(e) says:
(1)In general
It shall be unlawful for any person within the United States, or any person
outside the United States if the recipient is within the United States, in
connection with any voice service or text messaging service, to cause any
caller identification service to knowingly transmit misleading or inaccurate
caller identification information with the intent to defraud, cause harm, or
wrongfully obtain anything of value, unless such transmission is exempted
pursuant to paragraph (3)(B).
In (3)(B) is a narrow carve-out for law enforcement and court orders.
The important point is that spoofing is illegal with fraudulent intent, OK with
benign intent.
This is a very interesting conversation as there is a ongoing discussion on how
to ban spoofed calls here in Italy..
Here operators must identify each customer and ensure that they are screening
incoming numbers.
Most do, but some do not and become sources of spoofed traffic.
The biggest problem however comes from out of country originators that allow
foreign call centers to use Italian numbers.
Thus the calls come in from an international carrier.
We are moving twords blocking incoming calls from international trunks
containing Italian from numbers, something we see already in place for carriers
in other EU countries such as France.
Most operators here have been against stir/shaken as a means to resolve the
problems.
Brian
--
This email has been checked for viruses by Avast antivirus software.
www.avast.com
