Federal Communications Commission DA 22-1033 Before the FEDERAL COMMUNICATIONS COMMISSION WASHINGTON, D.C. 20554 In the Matter of Southwest Arkansas Telecommunications and Technology, Inc ) ) ) ) EB-TCD-22-00033932 ORDER Adopted: October 3, 2022 Released: October 3, 2022 By the Acting Chief, Enforcement Bureau: I. INTRODUCTION 1. By this Order, we direct Southwest Arkansas Telecommunications and Technology, Inc (Southwest Arkansas Telecom or Company) to demonstrate why the Enforcement Bureau of the Federal Communications Commission (Commission or FCC) should not remove Southwest Arkansas Telecom from the Robocall Mitigation Database. Removal from the database would require all intermediate providers and terminating voice service providers to cease accepting the Company’s traffic. Call Authentication Trust Anchor, WC Docket No. 17-97, Second Report and Order, 36 FCC Rcd 1859, 1903, para. 83 & 1904, para. 86 (2020) (Second Caller ID Authentication Order); 47 CFR § 64.6305(c). If that were to occur, all calls from Southwest Arkansas Telecom’s customers would be blocked and therefore no traffic originated by Southwest Arkansas Telecom would reach the called party. Southwest Arkansas Telecom must provide its response to the Enforcement Bureau no later than October 18, 2022. II. BACKROUND A. Robocall Mitigation Database Requirements on Originating Providers 2. Protecting Americans from the dangers of unwanted and illegal robocalls is the Commission’s top consumer protection priority. The Commission receives more complaints about unwanted and illegal calls than any other issue. FCC, Consumer Complaint Data Center, https://www.fcc.gov/consumer-help-center-data (last visited May 10, 2022). As part of the Commission’s multipronged approach to combatting illegal robocalls, the Commission has mandated adoption of the Secure Telephony Identity Revisited/Signature-based Handling of Asserted Information using toKENs (STIR/SHAKEN) caller ID authentication framework. Call Authentication Trust Anchor, Implementation of TRACED Act Section 6(a)—Knowledge of Customers by Entities with Access to Numbering Resources, WC Docket Nos. 17-97 and 20-67, Report and Order and Further Notice of Proposed Rulemaking, 35 FCC Rcd 3241 (Mar. 31, 2020) (First Caller ID Authentication Report and Order and Further Notice). The Commission extended the implementation deadline for certain voice service providers on the basis of undue hardship or material reliance on a non-IP network. Second Caller ID Authentication Order, 36 FCC Rcd at 1892-93, para. 66; Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED Act), Pub. L. No. 116-105, 133 Stat. 3274, § 4(b)(5)(A)(i) (TRACED Act). On December 9, 2021, the Commission shortened the deadline to implement STIR/SHAKEN for non-facilities-based small voice services providers and small voice service providers of any kind suspected of originating illegal robocalls. Call Authentication Trust Anchor, WC Docket No, 17-97, Fourth Report and Order, FCC 21-122 at para. 9 (2021) (Fourth Caller Authentication Order); see also TRACED Act § 4(b)(5). Service providers that received an extension were required to implement a robocall mitigation program to prevent unlawful robocalls from originating on their networks. TRACED Act § 4(b)(5)(C)(i); 47 CFR § 64.6305(a); Second Caller ID Authentication Order, 36 FCC Rcd at 1897-98, para. 75. Furthermore, all voice service providers—not only those granted an extension—were required to file certifications with the Commission, stating whether their traffic is authenticated with STIR/SHAKEN or subject to a robocall mitigation program. 47 CFR § 64.6305(b); Second Caller ID Authentication Order, 36 FCC Rcd at 1902, para. 82. Voice service providers whose traffic is subject to a robocall mitigation program must detail in their certifications the specific reasonable steps that they have taken to avoid originating illegal robocall traffic. 47 CFR § 64.6305(b)(2)(ii); Second Caller ID Authentication Order, 36 FCC Rcd at 1902, para. 82 (quotations omitted). These certifications and robocall mitigation plans are publicly available in the Robocall Mitigation Database. FCC, Robocall Mitigation Database, FCC, https://fccprod.servicenowservices.com/rmd?id=rmd_welcome (last visited Oct. 1, 2021). 3. Commission rules prohibit any intermediate provider or terminating voice service provider from accepting voice traffic directly from any voice service provider that does not appear in the Robocall Mitigation Database. 47 CFR § 64.6305(c); Second Caller ID Authentication Order, 36 FCC Rcd at 1904, para. 86. The Enforcement Bureau may take enforcement action, including removal of a certification from the Robocall Mitigation Database, against voice service providers that have deficient certifications. Second Caller ID Authentication Order, 36 FCC Rcd at 1902, 1903, paras. 81 n.322, 83. A deficient certification includes one that fails to describe specific robocall mitigation steps as required by section 64.6305(b) of the Commission’s rules. 47 CFR § 64.6305(b)(2)(ii); see also Second Caller ID Authentication Order, 36 FCC Rcd at 1900-02, paras. 77-82. Prior to removing a certification from the Robocall Mitigation Database, the Enforcement Bureau must provide notice to the originating voice service provider and allow an opportunity to cure. Second Call Authentication Trust Anchor Order, 36 FCC Rcd at 1904-05, para. 88. We may take other enforcement actions such as requiring the voice service provider to submit more specific robocall mitigation measures or imposing a forfeiture. Id. at 1903, para. 83. B. Southwest Arkansas Telecom’s Deficient Certification 4. Southwest Arkansas Telecom filed a Robocall Mitigation Database certification on June 29, 2021. Southwest Arkansas Telecommunications and Technology, Inc, Robocall Mitigation Database, FCC (June 29, 2021), https://fccprod.servicenowservices.com/rmd?id=rmd_form&table=x_g_fmc_rmd_robocall_mitigation_database&sys_id=e29ca2691b0d74107ccf20ecac4bcb1e&view=sp (Robocall Mitigation Database Filing). Southwest Arkansas Telecom certified that it had implemented the STIR/SHAKEN framework on part of its network, and that the remainder of the calls originating on its network are subject to a robocall mitigation program. Id. The attachment to Southwest Arkansas Telecom’s certification states that it is seeking confidentiality for its mitigation plan, and that it will upload both a public and a redacted copy to the Robocall Mitigation Database. Id. Southwest Arkansas Telecom has not uploaded either a public or a confidential mitigation plan. The attachment submitted with Southwest Arkansas Telecom’s certification does not provide specific mitigation steps. Id. The FCC’s Wireline Competition Bureau (Wireline Bureau) contacted the Company on October 19, 2021, via the e-mail listed on its certification, to inform it that its robocall mitigation program attachment contained with its certification may have been uploaded in error as it did not satisfy the Commission’s rules to describe robocall mitigation efforts. E-mail from Wireline Bureau to Southwest Arkansas Telecommunications and Technology, Inc (Oct. 19, 2021) (Warning Notice). See also Exhibit A. The Wireline Bureau did not receive a response from Southwest Arkansas Telecom acknowledging or addressing the notice, and Southwest Arkansas Telecom did not correct its certification. III. DISCUSSION 5. Our review of the evidence finds that Southwest Arkansas Telecom apparently has filed a deficient Robocall Mitigation Database certification. The Company certified that it is subject to a robocall mitigation program, See Robocall Mitigation Database Filing (attesting that the Company has partial STIR/SHAKEN implementation and is performing robocall mitigation). but it failed to describe specific reasonable steps that the Company is taking to prevent the origination of illegal robocall traffic. See 47 CFR § 64.6305(b); Second Caller ID Authentication Order, 36 FCC Rcd at 1902, para. 82. The Company’s robocall mitigation program only states that it is seeking confidentiality rather than describing any robocall mitigation measures. Id. Voice service providers may seek confidential treatment of their robocall mitigation programs, but they must submit a description of their robocall mitigation plan; Second Caller ID Authentication Order, 36 FCC Rcd at 1903, para. 83. Southwest Arkansas Telecom did not do so. See 47 CFR § 64.6305(b)(2)(ii) (requiring voice service providers subject to a robocall mitigation program to provide specific reasonable robocall mitigation steps). Moreover, Southwest Arkansas Telecom did not take any corrective action after the Wireline Bureau informed it of the apparent deficiencies in its certification. See Warning Notice; Wireline Bureau Referral. 6. Accordingly, we direct Southwest Arkansas Telecom to explain why the Enforcement Bureau should not remove the Company’s certification from the Robocall Mitigation Database. See Second Caller ID Authentication Order, 36 FCC Rcd at 1903, para. 83 (“Enforcement Actions may include, among others, removing a defective certification from the database after providing notice to the voice service provider and an opportunity to cure the filing . . . .”). This Order affords Southwest Arkansas Telecom notice and an opportunity to cure any deficiencies in its robocall mitigation program filing or explain why its certification is not deficient. 7. Southwest Arkansas Telecom shall file its response with the Enforcement Bureau within fourteen (14) calendar days. Failure to respond or submit a response providing a reasonable basis for why Southwest Arkansas Telecom should retain its certification in the Robocall Mitigation Database will result in removal of the certification. Removal of Southwest Arkansas Telecom’s certification from the Robocall Mitigation Database will require any intermediate providers and terminating voice service providers to cease accepting traffic from the Company. 47 CFR § 64.6305(c); Second Caller ID Authentication Order, 36 FCC Rcd at 1904, para. 86. If Southwest Arkansas Telecom is removed from the Robocall Mitigation Database, Southwest Arkansas Telecom shall not refile, and the Wireline Bureau will not reinstate Southwest Arkansas Telecom to the database, until the Wireline Bureau and the Enforcement Bureau determine that Southwest Arkansas Telecom has addressed and resolved any deficiencies or shortcomings in its Robocall Mitigation Database certification. IV. ORDERING CLAUSES 8. Accordingly, IT IS ORDERED that, pursuant to sections 4(i), 4(j), 227(b) 251(e), and 403 of the Communications Act of 1934, as amended, sections 0.111, 0.311, 1.1, 1.102(b)(1), 64.1200, and 64.6305 of the Commission’s rules, 47 U.S.C. §§ 4(i), 4(j), 227(b), 251(e), 403; 47 CFR §§ 0.111, 0.311, 1.1, 1.102(b)(1), 64.1200, 64.6305. and the Second Caller ID Authentication Order, Second Caller ID Authentication Order, 36 FCC Rcd at 1902, 1903, paras. 81 n.322, 83. Southwest Arkansas Telecom SHALL FILE a written response to this Order within fourteen (14) calendar days from the release date of this Order. 9. The written response must either inform the Enforcement Bureau that Southwest Arkansas Telecom has corrected its filing in the Robocall Mitigation Database or explain why its certification should not be removed from the Robocall Mitigation Database. 10. The response must be mailed to the Office of the Secretary, Federal Communications Commission, 45 L Street NE, Washington, DC 20554, ATTN: Enforcement Bureau – Telecommunications Consumers Division. The response must also be e-mailed to Kristi Thompson, Division Chief, Telecommunications Consumers Division, at kristi.thompson@fcc.gov, and Daniel Stepanicich, Attorney Advisor, Telecommunications Consumers Division, at daniel.stepanicich@fcc.gov. 11. IT IS FURTHER ORDERED that copies of this Order shall be sent by e-mail and registered mail, return receipt requested, to: Marty Allen, General Manager, Southwest Arkansas Telecommunications and Technology, Inc, 2904 East 9th St, Texarkana, AR 71854; mallen@fourstatesfiber.com; and URS Agents, Inc, 1100 H Street NW, Washington, DC 20005. FEDERAL COMMUNICATIONS COMMISSION Loyaan A. Egal Acting Chief Enforcement Bureau EXHIBIT A 3