To be clear, I am not for or against the policies, I am just stating my understanding, namely: the requirement highlighted in the document you attached only mandates disclosure of 3rd party vendors used for analytics. I do not believe that sentence requires disclosure of upstreams used simply for voice traffic,
Jeff On Thu, Dec 12, 2024, 6:26 PM Mary Lou Carey <[email protected]> wrote: > How is it fair that if you use your upstream carrier for analytics that > you have to list their name? The FCC has no business asking that. > Especially when they don't force everyone who uses a separate analytic > provider to list their upstream vendor's name? I have no problem with > explaining the processes used, but asking for any vendor name is just not > appropriate. > > MARY LOU CAREY > BackUP Telecom Consulting > Office: 615-791-9969 > Cell: 615-796-1111 > > > On 2024-12-12 05:15 PM, Jeff Bilyk wrote: > > Perhaps I'm misunderstanding the verbiage, but that appears to relate only > to vendors of call analytics 3rd parties, and not all upstreams? > > On Thu, Dec 12, 2024, 6:03 PM Mary Lou Carey via VoiceOps < > [email protected]> wrote: > >> See the attached document. I highlighted the verbiage that states you >> must provide the names of your 3rd party vendors. A lot of companies have >> their upstream providers sign their calls and do their analytics for them. >> >> MARY LOU CAREY >> BackUP Telecom Consulting >> Office: 615-791-9969 >> Cell: 615-796-1111 >> >> >> On 2024-12-11 07:23 PM, Nathan Anderson via VoiceOps wrote: >> >> I agree with your stance on this, assuming this is in fact a >> requirement. However...I must be dense, because I have now skimmed over >> the Sixth, Seventh, and Eighth "Caller ID Authentication Report and >> Orders", the "Improving the Effectiveness of the Robocall Mitigation >> Database" docket, the updated RMD deadlines and compliance info in DA 24-73 >> posted in January, and I re-read paragraph II.3 of the so-called "naughty >> list" document that kick-started this thread. And I can find zero mention >> anywhere that supplying a detailed and accurate itemized list of your >> upstreams is any sort of requirement in one's RMD filing. There seems to >> be plenty of talk about having "*know* your upstreams" procedures, but >> that is not defined as *disclosing* your upstreams. >> >> >> >> So what am I missing? I'm sure I am just ignorant about where I should >> be looking ("I'm a doctorengineer, not a lawyer, dammit!"), but this is >> a rather well-hidden requirement... >> >> >> >> -- Nathan >> >> >> >> *From:* Mary Lou Carey [mailto:[email protected]] >> *Sent:* Wednesday, December 11, 2024 09:09 >> *To:* Nathan Anderson >> *Cc:* Voiceops >> *Subject:* Re: [VoiceOps] FCC RMD Naughty List >> >> >> >> The requirement to disclose who your underlying carriers and additional >> contact information were just added THIS YEAR. If you're up to date on >> everything else, you might not have made the list because there were so >> many less complaint than you, I wouldn't take that as a sign that the FCC >> won't ever contact you about missing information. >> >> I'm a consultant so I'm exposed to a lot more problems than one company >> may run into. I personally spoke with the FCC and FBI about the scamming >> situation because someone approached us for help when they realized someone >> had contacted one of their upstream carriers and was impersonating them. >> The FCC and FBI had no answers......I'm the one that made the connection >> between the information scammers got and where they could have gotten it >> from. >> >> >> >> I was helping carriers with STIR/SHAKEN compliance long before the RMD >> was required. The FCC came up with it as a work around because not every >> carrier could qualify for a STIR/SHAKEN certificate under the original >> requirements. (The original requirement the RMD replaced was having access >> to numbering resources. As in NXXs - not DIDs). >> >> In my opinion what started out as a method to identify all the players in >> the industry has turned into an information grab that should not be >> happening. Not only because it would be a nightmare to keep the upstream >> carrier list updated, but because it creates way too much temptation for >> fraudsters and the anti-competitive to abuse it. >> >> MARY LOU CAREY >> BackUP Telecom Consulting >> Office: 615-791-9969 >> Cell: 615-796-1111 >> >> >> >> On 2024-12-10 08:09 PM, Nathan Anderson via VoiceOps wrote: >> >> Wait, say what now? I'm not even sure I understand how that kind of >> hijacking is possible. You'd have to be able to deduce who that provider's >> underlying carriers are before you could attempt to engage in that kind of >> social engineering with them, and as an IPES, there's nowhere either in our >> 499 filings or in the RMD filing where we are required to disclose that, >> either publicly or privately/redacted. (Unless I'm missing something? We >> have never disclosed that in any FCC filings, and yet we didn't get added >> to this "naughty" list. Furthermore, a read through of the required >> information listed in this notice under II.3 absolutely does not say >> anywhere that you are required to itemize who your specific upstreams >> are.) I suppose you could voluntarily disclose it in your RMD plan >> write-up, but...why would you, as that just unnecessarily ties your hands >> and results in a bunch of self-inflicted busy work (if you're going to list >> it, then you either have to maintain that list, avoid bringing up new or >> tearing down old SIP trunks with various underlying carriers, or risk >> having the disclosure become "stale"). >> >> >> >> Also, on a different but related note, this whole incomplete-RMD-filing >> issue is a problem that the FCC kinda/sorta created themselves, and then >> decided shirk their responsibility for doing so and saddle all of us with >> the downstream consequences and threats. Just to remind everybody of the >> history here, this database as originally conceived by the brilliant minds >> in Washington required that filers EITHER certified themselves as being >> wholly S/S compliant, OR if not, then they had to supply a written >> mitigation plan. If you selected the "I am 100% S/S compliant" checkbox, >> it would NOT allow you to upload a document attachment with any kind of >> written plan. And if you first filed as only partially compliant or >> not-yet-compliant, and added such a document/attachment to your filing, and >> then after finishing your S/S implementation you went back and UPDATED your >> filing to reflect your new compliance, the system would DELETE your >> previous attachment from your filing, and not give you any option to submit >> a new one. If you filed as 100% compliant, you could not add an >> attachment, PERIOD. 100% compliance and document attachments were *mutually >> exclusive*. >> >> >> >> Then one day they decided that maybe that was a bad idea, and required >> everybody who was 100% complaint to drop everything & go back and add >> written mitigation plans to their filings. >> >> >> >> So far in the (admittedly few) minutes I've taken to check out a handful >> of companies on this "naughty" list, virtually all of them are in the boat >> of having checked the "100% compliant" checkbox, but not having gone back >> after the rule change to submit a written RM plan document attachment to >> their filing. >> >> >> >> -- Nathan >> >> >> >> *From:* VoiceOps [mailto:[email protected] >> <[email protected]>] *On Behalf Of *Mary Lou Carey via >> VoiceOps >> *Sent:* Tuesday, December 10, 2024 14:08 >> *To:* [email protected] >> *Subject:* Re: [VoiceOps] FCC RMD Naughty List >> >> >> >> The requirements for RMD changed and you now need to add a lot more >> information. You only have 14 days to respond to the FCC, but MAKE SURE YOU >> FILE YOUR 499 CONFIDENTIALLY! We have already learned of incidents where >> scammers got ahold of company information and attempted to get the >> company's underlying carriers to change the IP addresses for their SIP >> trunks so they could hijack their network. We've brought this to the >> attention of the FBI and FCC, but the FCC's only offer was to file them >> confidentially. I personally think they're asking for way too much >> information and stupid to allow anyone's information to be listed on a >> public site, but until they fix the problem its up to carriers themselves >> to make sure their information is secure. >> >> Ashley (with Equitel Compliance) and I (BackUP Telecom can help anyone >> that needs to update their RMDs or get STIR/SHAKEN certified. >> >> MARY LOU CAREY >> BackUP Telecom Consulting >> Office: 615-791-9969 >> Cell: 615-796-1111 >> >> >> >> On 2024-12-10 03:42 PM, Dave Russo via VoiceOps wrote: >> >> Here is the FCC order & list mentioned: >> https://docs.fcc.gov/public/attachments/DA-24-1235A1.pdf >> >> >> >> Also somewhat related, I'm curious how some companies that claim to be >> STIR/SHAKEN compliant and are listed on iconectiv's authorized provider >> list get away with not being fully FCC compliant? >> >> >> >> For example when we were looking for a new provider it came to my >> attention that Atheral is 5 years behind on its FCC 499 filings... Looks >> like it last filed in 2019: >> https://apps.fcc.gov/cgb/form499/499detail.cfm?FilerNum=832820 >> >> >> >> Does this mean it can get shut down any time the FCC decides to do that? >> Will resellers that use them be at risk of losing service or subject to >> some FCC action themselves? >> >> >> >> -dr >> >> >> >> >> >> On Tue, Dec 10, 2024, at 2:17 PM, Mike Hammett via VoiceOps wrote: >> >> How many of you are on the Robocall Mitigation Database naughty list that >> the FCC just sent out? >> >> >> >> It'd be nice if they told you *WHY* your filing was deficient. Instead, >> they just generically list broad categories that you may or may not fit >> into. >> >> >> >> >> >> >> >> ----- >> >> Mike Hammett >> >> Intelligent Computing Solutions >> >> http://www.ics-il.com >> >> >> >> >> >> >> >> Midwest Internet Exchange >> >> http://www.midwest-ix.com >> >> >> >> >> >> _______________________________________________ >> >> VoiceOps mailing list >> >> [email protected] >> >> https://puck.nether.net/mailman/listinfo/voiceops >> >> >> >> >> >> >> >> _______________________________________________ >> VoiceOps mailing list >> [email protected] >> https://puck.nether.net/mailman/listinfo/voiceops >> >> >> >> _______________________________________________ >> VoiceOps mailing list >> [email protected] >> https://puck.nether.net/mailman/listinfo/voiceops >> >> >> _______________________________________________ >> VoiceOps mailing list >> [email protected] >> https://puck.nether.net/mailman/listinfo/voiceops >> >> _______________________________________________ >> VoiceOps mailing list >> [email protected] >> https://puck.nether.net/mailman/listinfo/voiceops > >
_______________________________________________ VoiceOps mailing list [email protected] https://puck.nether.net/mailman/listinfo/voiceops
