Federal Communications Commission Washington, D.C. 20554 September 28, 2021 DA 21-877 SMALL ENTITY COMPLIANCE GUIDE Private Entity Robocall and Spoofing Information Submission Portal FCC 21-75 EB Docket No. 20-374 Released: June 17, 2021 This Guide is prepared in accordance with the requirements of Section 212 of the Small Business Regulatory Enforcement Fairness Act of 1996. It is intended to help small entities—small businesses, small organizations (non-profits), and small governmental jurisdictions—comply with the revised rules adopted in the above-referenced Federal Communications Commission (FCC or Commission) rulemaking docket. This Guide is not intended to replace or supersede these rules, but to facilitate compliance with the rules. Although we have attempted to cover all parts of the rules that might be especially important to small entities, the coverage may not be exhaustive. This Guide cannot anticipate all situations in which the rules apply. Furthermore, the Commission retains the discretion to adopt case-by-case approaches, where appropriate, that may differ from this Guide. Any decision regarding a particular small entity will be based on the statute and any relevant rules. In any civil or administrative action against a small entity for a violation of rules, the content of the Small Entity Compliance Guide may be considered as evidence of the reasonableness or appropriateness of proposed fines, penalties, or damages. Interested parties are free to file comments regarding this Guide and the appropriateness of its application to a particular situation. The FCC will then consider whether the recommendations or interpretations in the Guide are appropriate in that situation. The FCC may decide to revise this Guide without public notice to reflect changes in the FCC’s approach to implementing a rule, or it may clarify or update the text of the Guide. Direct your comments and recommendations, or calls for further assistance, to the FCC’s Consumer Center: 1-888-CALL-FCC (1-888-225-5322) TTY: 1-888-TELL-FCC (1-888-835-5322) Videophone: 1-844-4-FCC-ASL (1-844-432-2275) Fax: 1-866-418-0232 TABLE OF CONTENTS I. OBJECTIVES OF THE PROCEEDING 1 II. COMPLIANCE REQUIREMENTS 1 III. RECORDKEEPING AND REPORTING REQUIREMENTS 2 IV. IMPLEMENTATION DATE 2 V. INTERNET LINKS 2 I. OBJECTIVES OF THE PROCEEDING In this Report and Order in EB Docket No. 20-374, the Commission adopted rules to create an online portal for private entities to submit information about suspected robocall and spoofing violations to the Enforcement Bureau (Bureau). In the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), Congress directed the Commission to establish regulations to create a process that “streamlines the ways in which a private entity may voluntarily share with the Commission information relating to” a call or text message that violates prohibitions regarding robocalls or spoofing set forth section 227(b) and 227(e) of the Communications Act of 1934, as amended. This portal will be available on the Commission’s website and will be monitored by the Enforcement Bureau (Bureau). The portal created by this Report and Order will be particularly useful to corporations or associations experiencing a deluge of robocalls overwhelming their internal phone network; to private entities that have had their number spoofed; or to a voice service provider that found evidence of illegal robocalls traversing its network. The Commission’s past robocall enforcement actions have benefited from such information from private entities. In two enforcement actions, a medical paging company informed the Bureau that its phone lines were being bombarded by spoofed robocalls. In a similar instance, a travel company provided information to the Bureau about robocalls that unlawfully used the company’s name in prerecorded voice messages sent to millions of Americans. This portal will help private entities receive better relief from robocall and spoofing incidents while also furthering the Commission’s goals in combatting illegal robocallers. II. COMPLIANCE REQUIREMENTS The Report and Order makes rule changes to the functions of the Bureau (47 CFR § 0.111) and adds sections to the rules for the submission of robocall and spoofing violations (47 CFR §§ 64.1204, 64.1606). Functions of the Bureau (47 CFR § 0.111) · The Bureau now has the authority to collect and review information received from private entities related to violations of the Telephone Consumer Protection Act (TCPA) (47 CFR § 1200(a)) and the Truth in Caller ID Act (47 CFR § 64.1604). · The Bureau will collect this information via an online web portal located on the Commission’s website. · This portal is distinct from the informal complaint process managed by the Consumer and Governmental Affairs Bureau. Private entities may continue to use the informal complaint process. Private Entity Submission of Suspected Robocall and Spoofing Violations (47 CFR §§ 64.1204; 64.1606) · The portal is intended to be used by private entities. The rules define private entity as “any entity other than a natural individual person or a public entity.” This definition excludes individual consumers who already can submit robocall and spoofing complaints to the Commission through the informal complaint process managed by the Consumer and Governmental Affairs Bureau. If an individual consumer mistakenly files a complaint with the new portal, however, the Bureau will forward the complaint to the Consumer and Governmental Affairs Bureau. The definition also excludes public entities as the TRACED Act limits the portal to private entities. A public entity means a governmental entity, such as a state government or one of its political subdivisions. · The portal will request private entities to submit certain minimum information about the robocall or spoofing incident, such as the name of the reporting private entity, contact information, including at least one individual name and means of contacting the entity (e.g., a phone number), the caller ID information displayed, the phone number(s) called, the date(s) and time(s) of the relevant calls or texts, the name of the reporting private entity’s service provider, and a description of the problematic calls or texts. · Bureau staff will review submitted information and may use the information in investigations. Staff may follow-up with the private entity to obtain additional information. Therefore, it is imperative that private entities provide accurate information and complete contact information for someone knowledgeable about the robocall or spoofing incident. Submitting false information is a violation of Commission rules and may result in sanction. · The Bureau may share submitted information with the Department of Justice, Federal Trade Commission, other federal agencies combatting robocalls, state attorney general offices, other law enforcement entities with which the Commission has information-sharing agreements, and the registered traceback consortium. III. RECORDKEEPING AND REPORTING REQUIREMENTS The Commission’s actions in the Report and Order did not create any new recordkeeping or reporting requirements. Private entities should consider retaining records of the suspected robocall or spoofing violations to assist Bureau staff with any subsequent investigation. IV. IMPLEMENTATION DATE The following rules in the Report and Order require approval by the Office of Management and Budget (OMB) under the Paperwork Reduction Act: 47 CFR 0.111, 47 CFR 64.1204, 47 CFR 64.1606. These rules shall become effective after the Commission publishes a notice in the Federal Register announcing OMB approval and the relevant effective date. V. INTERNET LINKS A copy of the Private Entity Robocall Portal Order is available at: https://docs.fcc.gov/public/attachments/FCC-21-75A1.pdf. A copy of the Federal Register Summary of the [Order Short Name] is available at: https://www.govinfo.gov/content/pkg/FR-2021-09-23/pdf/2021-14711.pdf.