Enhancing Know-Your-Upstream-Provider Requirements and Strengthening STIR/SHAKEN (Call Authentication Trust Anchor; Advanced Methods To Target and Eliminate Unlawful Robocalls)
In this document, the Federal Communications Commission (Commission) proposes steps to strengthen its robocall mitigation framework by enhancing Know-Your-Upstream-Provider (KYUP) requirements, improving oversight of voice service providers by the STIR/SHAKEN Governance Authority, raising caller ID attestation standards, and closing implementation gaps in STIR/SHAKEN implementation. Specifically, the Commission proposes establishing baseline KYUP information-collection, compliance review, verification, monitoring, and responsive-action requirements to ensure providers can identify and cut off bad-actor upstream providers. The Commission also proposes measures to expand the Governance Authority's vetting, enforcement, and reporting responsibilities to prevent misuse of STIR/SHAKEN certificates and to remove noncompliant providers from the authentication ecosystem. The Commission further proposes clarifying and strengthening STIR/SHAKEN attestation rules, including codifying attestation levels, defining improper attestations, and specifying permissible mechanisms for verifying number-to-customer associations. Additionally, the Commission proposes and seeks comment on additional steps to close caller ID authentication gaps, such as refining provider definitions, reconsidering exemptions, requiring providers serving end users to assign STIR/SHAKEN attestations, and ensuring calls maintain authentication information. The Commission also seeks comment on special circumstances, including addressing issues with foreign- originated calls.
What this item does
The short version, using the agency's own summary text.
In this document, the Federal Communications Commission (Commission) proposes steps to strengthen its robocall mitigation framework by enhancing Know-Your-Upstream-Provider (KYUP) requirements, improving oversight of voice service providers by the STIR/SHAKEN Governance Authority, raising caller ID attestation standards, and closing implementation gaps in STIR/SHAKEN implementation. Specifically, the Commission proposes establishing baseline KYUP information-collection, compliance review, verification, monitoring, and responsive-action requirements to ensure providers can identify and cut off bad-actor upstream providers. The Commission also proposes measures to expand the Governance Authority's vetting, enforcement, and reporting responsibilities to prevent misuse of STIR/SHAKEN certificates and to remove noncompliant providers from the authentication ecosystem. The Commission further proposes clarifying and strengthening STIR/SHAKEN attestation rules, including codifying attestation levels, defining improper attestations, and specifying permissible mechanisms for verifying number-to-customer associations. Additionally, the Commission proposes and seeks comment on additional steps to close caller ID authentication gaps, such as refining provider definitions, reconsidering exemptions, requiring providers serving end users to assign STIR/SHAKEN attestations, and ensuring calls maintain authentication information. The Commission also seeks comment on special circumstances, including addressing issues with foreign- originated calls.
Proposed rule.
Important dates
The dates that matter most for this item.
Published
Federal rulebook sections mentioned
These are the parts of the Code of Federal Regulations cited in the filing.