On January 25, 2024, the Federal Communications Commission (FCC or Commission) issued a Public Notice announcing compliance deadlines associated with the FCC's Sixth Caller ID Authentication Report and Order (Sixth Report and Order). As discussed in our earlier Client Alert, the Sixth Report and Order significantly expanded robocall regulatory obligations on all providers regardless of whether they are required to implement STIR/SHAKEN, including requiring all providers to register and certify in the Robocall Mitigation Database (RMD) and submit Robocall Mitigation Plans (RMPs), as well as prohibiting all providers from accepting traffic from any provider not listed in the RMD. Today's Public Notice establishes long-awaited compliance deadlines for several of these new obligations.
New RMP and RMD Certifications Required February 26
By February 26, 2024, all providers must submit an RMP and required certifications in the RMD. Certifications to the RMD must include, among other information, whether the provider has fully, partially, or not implemented the STIR/SHAKEN authentication framework in the IP portions of its network and the “specific reasonable steps” the voice service provider has taken to avoid originating illegal robocall traffic as part of its RMP. The Public Notice emphasizes that to the extent a non-gateway intermediate provider's filing was imported into the RMD via the Intermediate Provider Registry, that RMD entry is no longer sufficient. Such providers must submit an affirmative RMP filing and certification consistent with the filing requirements and instructions provided in this Public Notice.
As detailed in the Public Notice, all providers (e.g., voice service providers, non-gateway intermediate providers) must include a description of how they have complied with know-your-upstream provider requirements. Certifications to the RMD must also include a statement of the provider's commitment to respond within 24 hours to all traceback requests from the Commission, law enforcement, and the industry traceback consortium. Although this 24-hour obligation was originally limited to gateway providers, it now applies to all providers in the call path.
Finally, the FCC's Public Notice states that the RMD submission portal is now open to accept new and updated filings. The Public Notice also provides an overview of the expanded RMD filing requirements, along with filing instructions regarding the format of required submissions.
New Prohibition Against Non-RMD Traffic Starts May 28
By May 28, 2024, intermediate and voice service providers can accept calls directly from domestic voice providers, foreign providers, non-gateway intermediate providers, and gateway providers only if that service provider's filing appears in the RMD in accordance with the certification requirements discussed above and the filing has not been de-listed pursuant to an enforcement action.
The newly announced compliance deadlines are quickly approaching and all providers must be prepared to comply with the FCC's new requirements. Providers with existing RMP filings in the RMD will be required to update those submissions to include the new certifications and disclosures, and certain providers (e.g., non-gateway intermediate providers) will be required to draft RMPs and affirmatively register in the RMD.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.