Consumer Electronics Daily was a Warren News publication.
Different From Voice

Commenters Disagree on Need for FCC to Impose Scam Text Rules

The Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) and other commenters questioned whether the FCC needs to impose rules on text messaging similar to those in place for robocalls, in comments responding to a September NPRM. A few commenters said text spoofing can be an issue, and consumer groups said there are things the FCC can do. Comments were due Thursday and posted last week and Monday in docket 21-402.

The NPRM proposes to curb illegal text messaging “with the same kind of regulatory action … now used to defend against spoofed telephone calls,” but “the U.S. mobile text messaging and voice telephony ecosystems differ significantly,” M3AAWG said. “Although spoofing is a major issue in voice calling, it is nearly absent in U.S. text messaging,” the group said: “Nearly all illegal and abusive text messages are originated using valid phone numbers by a sending or hosting party who has access to the corresponding sending account. There is no need for mandating technologies to identify what is already generally known -- the true service provider and customer phone number originating a text message.”

Consumer and public interest groups said the FCC should clarify its regulations and act to reduce the number of scam texts. “Ensure that the voluntary efforts employed by CTIA and its industry partners to place meaningful limits on unwanted texts sent by law-abiding groups for fundraising, political, survey, or other purposes remain effective,” they said: “Prioritize the development of ways to eliminate scam texts, especially those that include URLs. Scam robotexts often contain malware that leads imposter websites to solicit personal information from the subscriber used for theft of funds from bank accounts, identity theft, and other scams.” Among those signing the filing were the Electronic Privacy Information Center, the National Consumer Law Center, Consumer Action, the Consumer Federation of America, the National Association of Consumer Advocates, the National Consumers and Public Knowledge.

The commission’s robocall blocking rules and caller ID authentication mandate “were purpose-built for voice calls and are not applicable to text messaging,” CTIA commented: “The Notice’s proposal to extend regulation adopted against illegal phone calls to text messages will not protect consumers from spam text messages because different challenges and technologies require different solutions.”

Rules addressing spoofed texts would not protect consumers because there is no spoofing problem to fix,” Verizon said. “The Commission’s anti-robocall regime is targeted at the primary sources of illegal robocalls -- unverified telephone caller ID information and a common carrier regulatory regime that left voice service providers uncertain about whether to block certain calls from reaching consumers,” T-Mobile said: “Neither of these factors apply to text messages, and, therefore, the proposals in the Notice to extend robocall solutions to messaging will not be effective against the primary sources of spam text messages.”

Unlike voice, where Caller ID spoofing is a well-documented source of consumer spam, we have found that text messaging in the United States does not see any significant form of number spoofing,” agreed Telesign, which offers digital identity software. “As a gateway to the messaging ecosystem for some of the world’s largest brands, Telesign does not allow users to initiate messages from numbers they do not own and operate,” the company said: “Mandating that an authentication protocol such as STIR/SHAKEN be implemented within text messaging would be largely ineffective at reducing spam.”

The Consumer Relations Consortium, which represents debt collectors, said the FCC must be careful not to conflate “unwanted” text messages with “illegal” messages. “Many CRC members were hopeful about their ability to utilize text messaging as a way to communicate with consumers as that is preferred method of communication according to the Consumer Financial Protection Bureau,” the group said: “Whether a text message is ‘unwanted’ is going to be subjective based on the consumer; whereas an ‘illegal’ text message must objectively violate some statute or regulation.” At a minimum, “the FCC should ensure that any rule related to text messaging does not create a conflict with the text messaging rules promulgated by the CFPB related to debt collection,” CRC said.

Pinger, an over-the-top text provider, urged the FCC to consider “how messages are categorized and routed as well as how increased costs will affect consumers and small businesses” as part of the proceeding. “In the NPRM, the Commission proposes that ‘all tools that service providers use to determine whether a text is highly likely to be illegal be applied in a non-discriminatory, competitively- and content-neutral manner,’” Pinger said: “Pinger absolutely agrees and believes that this principle should be applied to the messaging ecosystem in its entirety -- including OTT Messaging -- to ensure that all ecosystem players’ traffic is treated equally.” The FCC should “eschew mandates and instead facilitate and encourage the use of existing tools available to providers, the other various parties in the messaging ecosystem, and consumers, in order to attack the robotext problem,” said NTCA.

But financial services groups said spoofing of texts can be an issue. “Our members report that bad actors illegally ‘spoof’ phone numbers belonging to legitimate businesses when sending text messages -- i.e., the bad actor sends a text message from a number that appears to belong to the legitimate business or sends a text message from the bad actor’s own number, making it appear that it is from a legitimate business, with the intent to defraud the recipient,” said the filing by the American Bankers Association, the American Financial Services Association, the Credit Union National Association, the Mortgage Bankers Association and other groups.