Legal Articles

FCC Seeks to Enhance Robocall Mitigation Database Filings

The FCC aims to bolster the Robocall Mitigation Database (RMD) by proposing stricter filing requirements. New measures include mandatory updates within 10 business days and multi-factor authentication, ensuring more accurate data to combat illegal robocalls.

On August 3, 2024, the Federal Communications Commission (FCC) plans to issue a Notice of Proposed Rulemaking (NPRM) setting forth plans to improve the quality of Robocall Mitigation Database (RMD) filings submitted by voice service providers.

What is the Robocall Mitigation Database?

The FCC established the RMD as a part of its implementation of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act.

Since 2021, all U.S. Voice service providers, including intermediate and gateway providers, have been required to register with the RMD and to file annual certifications describing whether and to what extent they have implemented the STIR/SHAKEN caller ID authentication framework, their specific robocall mitigation practices, and the specific reasonable steps they are taking to avoid originating illegal robocall traffic. Any voice service provider’s failure to submit the required filings can result in fines, and the ultimate sanction of having its traffic blocked by other service providers.

Recently, the FCC has been heavily scrutinizing these filings, many of which appear to be lacking important details, or are otherwise inaccurate to a greater or lesser degree. Because the FCC believes that it is in the public interest to ensure that all RMD submissions are complete, accurate, and up to date, it has elected to issue the NPRM to seek comment on enhancing the filing requirements in the manner described below.

What the FCC Plans to Do

The NPRM will seek comment on additional steps that voice service providers should be required to take to ensure the accuracy of the information in the RMD, and that it remains correct over time, such as:

  • Adding a requirement that providers update the RMD with any information they have added to the Commission Registration System within 10 business days.
  • Mandating the use of multi-factor authentication every time a provider accesses the RMD, and
  • Requiring all voice service providers to obtain a unique identification number that must be provided before their RMD submissions are accepted.

The FCC will also use the NPRM to request feedback on potential technical measures that could be used to verify RMD submission data and identify discrepancies prior to its acceptance, and to establish a baseline forfeiture penalty to be assessed against providers that submit inaccurate or misleading information to the RMD, or neglect to keep their information current.

Finally, the NPRM will also discuss allowing downstream providers to optionally block traffic from recalcitrant RMD filers that have been notified of deficiencies in their mitigation plans and fail to address them within 48 hours.

Potential Impact of the NPRM

The goal of these proposed rules is to increase the FCC’s ability to combat illegal robocalls. However, enhanced filing requirements and the potential for harsh financial penalties will raise the stakes for voice service providers to ensure compliance. They will need to further invest in their compliance infrastructure and training, which may be particularly frustrating for smaller providers.

Whether and in what form these enhanced filing requirements will take effect remains to be seen, but companies should maintain a vigilant eye on the NPRM and the actions the FCC undertakes in response.

Robocall Mitigation Database