May 27, 2021 FCC Fact Sheet* Implementing Section 10(a) of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act) Report and Order  EB Docket No. 20-374 Background: Congress enacted the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act) in part to enhance the Commission s tools in the fight against illegal robocalls and spoofed calls. Section 10(a) of the TRACED Act directs the Commission to establish regulations to create a process that  streamlines the ways in which a private entity may voluntarily share with the Commission information relating to a call or text message that violates prohibitions regarding robocalls or spoofed caller ID set forth section 227(b) and 227(e) of the Communications Act of 1934, as amended. The Commission has a well-established process for individual consumers to submit complaints: the Commission s informal consumer complaint process. In addition, Commission staff routinely coordinate with public entities about robocall and caller ID spoofing enforcement and mitigation efforts. Against that background, Congress directed the Commission to develop a streamlined process for private entities to submit to the Commission information about suspected unlawful robocalls and spoofing. This Report and Order finalizes the rules that the Commission proposed on December 8, 2020. What the Report and Order Would Do: " Creates an online portal located on the FCC website where private entities can submit information about suspected robocall and spoofing violations directly to the Enforcement Bureau. " Private entities that use the portal will be asked to submit certain minimum information including, but not necessarily limited to, the name of the reporting private entity, contact information, including at least one individual name and means of contacting the entity (e.g., a phone number), the caller ID information displayed, the phone number(s) called, the date(s) and time(s) of the relevant calls or texts, the name of the reporting private entity s service provider, and a description of the problematic calls or texts. " Defines  private entity as anyone other than a public entity or an individual natural person (i.e. an individual consumer). " The new process will not affect the current informal complaint process that the Consumer and Governmental Affairs Bureau manages. " The Enforcement Bureau will implement the portal once it receives the requisite OMB approvals. * This document is being released as part of a  permit-but-disclose proceeding. Any presentations or views on the subject expressed to the Commission or its staff, including by email, must be filed in EB Docket No. 20-374, which may be accessed via the Electronic Comment Filing System (https://www.fcc.gov/ecfs/). Before filing, participants should familiarize themselves with the Commission s ex parte rules, including the general prohibition on presentations (written and oral) on matters listed on the Sunshine Agenda, which is typically released a week prior to the Commission s meeting. See 47 CFR § 1.1200 et seq. Federal Communications Commission FCC-CIRC2106-08 Before the Federal Communications Commission Washington, D.C. 20554 In the Matter of ) ) Implementing Section 10(a) of the Pallone-Thune ) EB Docket No. 20-374 Telephone Robocall Abuse Criminal Enforcement ) and Deterrence Act (TRACED Act) ) ) ) REPORT AND ORDER* Adopted: [] Released: [] By the Commission: I. INTRODUCTION 1. This Report and Order establishes a streamlined process for private entities to submit information about unlawful, unwanted calls. In the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act),1 Congress directed the Commission to establish regulations to create a process that  streamlines the ways in which a private entity may voluntarily share with the Commission information relating to a call or text message that violates prohibitions regarding robocalls or spoofing set forth section 227(b) and 227(e) of the Communications Act of 1934, as amended.2 We adopt rules to establish an online web portal where private entities may submit information about suspected violations of sections 227(b) and 227(e). The Commission s Enforcement Bureau (Bureau) will monitor the portal. II. BACKGROUND 2. Section 227 of the Communications Act of 1934, as amended (the Communications Act), is designed to protect consumers from unlawful robocalls. Sections 227(b), (c), and (d) impose specific requirements on telemarketing and prerecorded voice message calls to give consumers the ability to know who is calling and to control the calls they receive.3 Section 227(e) prohibits unlawful spoofing the * This document has been circulated for tentative consideration by the Commission at its June 17, 2021 open meeting. The issues referenced in this document and the Commission s ultimate resolution of those issues remain under consideration and subject to change. This document does not constitute any official action by the Commission. However, the Acting Chairwoman has determined that, in the interest of promoting the public s ability to understand the nature and scope of issues under consideration, the public interest would be served by making this document publicly available. The FCC s ex parte rules apply and presentations are subject to  permit- but-disclose ex parte rules. See, e.g., 47 C.F.R. §§ 1.1206, 1.1200(a). Participants in this proceeding should familiarize themselves with the Commission s ex parte rules, including the general prohibition on presentations (written and oral) on matters listed on the Sunshine Agenda, which is typically released a week prior to the Commission s meeting. See 47 CFR §§ 1.1200(a), 1.1203. 1 Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, Pub. L. No. 116-105, 133 Stat. 3274 (2019) (TRACED Act). 2 TRACED Act § 10(a). 3 47 U.S.C. §§ 227(b)-(d). Federal Communications Commission FCC-CIRC2106-08 transmission of misleading or inaccurate caller ID information with the intent to defraud, cause harm, or wrongfully obtain anything of value.4 The Commission vigorously enforces violations of section 227.5 3. The Commission has a well-established process for individual consumers to submit complaints about unwanted and suspected illegal robocalls and spoofed calls: the Commission s informal consumer complaint process, which the Consumer and Governmental Affairs Bureau oversees.6 We also have a process for obtaining information from certain public entities: federal and state law enforcement agencies routinely coordinate with the Enforcement Bueau about robocall and caller ID spoofing enforcement and mitigation efforts. In addition, public entities often contact Enforcement Bureau staff directly about robocalling and spoofing matters. Against that background, Congress directed the Commission to develop a streamlined process for private entities to submit robocall information to the Commission. 4. Timely and thorough information from private entities is crucial to enable the Commission to mitigate illegal robocall incidents and bring swift enforcement actions. Our past robocall enforcement actions have relied extensively upon information from private entities. For example, in two enforcement actions, a medical paging company was a key source; it informed the Bureau that the paging company s phone lines were being bombarded by spoofed robocalls.7 Another enforcement action relied extensively on information from an industry group, the USTelecom s Industry Traceback Group (Traceback Group).8 5. The TRACED Act directs the Commission no later than June 30, 2021 to  prescribe regulations to establish a process that streamlines the ways in which a private entity may voluntarily share with the Commission information relating to violations of section 227(b) or 227(e) of the Communications Act.9 We released a Notice of Proposed Rulemaking (NPRM) on December 8, 2020, proposing to establish a streamlined process for private entities to submit information about robocall violations to the Commission.10 CTIA, SAFE Credit Union (SAFE), Twilio, Inc., and USTelecom-The Broadband Association (USTelecom) filed comments. III. DISCUSSION 6. We amend our rules to establish a streamlined process for private entities to submit information about violations of Sections 227(b) and 227(e) of the Act to the Commission.11 To achieve this objective, we direct the Enforcement Bureau to create and monitor an online portal located on the 4 47 U.S.C. § 227(e). 5 See, e.g., Philip Roesel, dba Wilmington Insurance Quotes, and Best Insurance Contracts, Inc., Forfeiture Order, 33 FCC Rcd 9204 (2018) (Roesel Forfeiture Order); Adrian Abramovich, Marketing Strategy Leaders, Inc., and Marketing Leaders, Inc., Forfeiture Order, 33 FCC Rcd 4663 (2018) (Abramovich Forfeiture Order). 6 Consumer Complaint Center, FCC, https://consumercomplaints.fcc.gov/hc/en-us (last visited May 4, 2021). 7 Roesel Forfeiture Order, 33 FCC Rcd at 9205-06, para. 4; Abramovich Forfeiture Order, 33 FCC Rcd at 4664, para. 5. 8 John C. Spiller; Jakob A. Mears; Rising Eagle Capital Group LLC; JSquared Telecom LLC; Only Web Leads LLC; Rising Phoenix Group; Rising Phoenix Holdings; RPG Leads; and Rising Eagle Capital Group  Cayman, Forfeiture Order, FCC 21-35, para. 5 (2020). The Traceback Group is an industry led collaborative effort of voice service providers to identify the source of suspected illegal robocalls. About ITG & FAQs, USTelecom, https://www.ustelecom.org/the-industry-traceback-group-itg/about-itg-faqs/ (last visited Apr. 19, 2021). 9 TRACED Act § 10(a). 10 Implementing Section 10(a) of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), EB Docket No. 20-374, Notice of Proposed Rulemaking, 35 FCC 14263 (2020) (NPRM). 11 The Commission adopted rules implementing sections 227(b) and 227(e) at 47 CFR § 64.1200(a) and 47 CFR § 64.16014(a). 2 Federal Communications Commission FCC-CIRC2106-08 Commission website. We anticipate that this portal will be particularly useful to private entities experiencing large scale robocall incidents and voice service providers that have network analytic information. This robocall  tip line will provide a streamlined process for reporting potential violations, and will enable the Enforcement Bureau to respond quickly to disruptive robocalling events. 7. Definition of Private Entity. We define  private entity as any entity other than (1) an individual natural person or (2) a public entity. In the NPRM, we proposed to include individuals in the definition of  private entity but sought comment on the proposed interpretation, and whether there was a basis for a different interpretation of the term.12 Commenters suggested that the Commission consolidate the new portal and its existing informal consumer complaint process, which the Consumer and Governmental Affairs Bureau administers,13 or better distinguish the two processes by defining  private entity to exclude consumers.14 Commenters were concerned that the definition proposed in the NPRM would create consumer confusion and duplicate existing Commission robocall information collection efforts.15 8. We agree with the commenters and therefore exclude individual natural persons from the definition of private entity. First, we find that interpreting the term to exclude individual consumers from the definition of private entity is consistent with Congress s other uses of that term and similar terms. Congress did not define  private entity in the TRACED Act. Elsewhere in the Communications Act, however, Congress used the term  person to include individuals and organizational entities.16 Thus, if Congress had intended to include individuals, we presume that it would have used the term  person. Moreover, in other statutes the term  private entity is often used to refer to organizations rather than individuals.17 Black s Law Disctionary defines  entity as  [a]n organization (such as a business or a governmental unit) that has a legal identity apart from its members or owners. 18 Second, we find that, as a policy matter, we should exclude individuals from the definition of private entity as the term is used in section 10(a) of the TRACED Act. We agree with commenters that including individuals within the definition of private entity would undermine the intent of the statute to streamline information collection about robocalls and spoofed calls,19 and would create confusion for consumers about whether to use the existing informal complaint process or the new portal, or both.20 Consumers are already served by the existing informal complaint intake process, and the TRACED Act gives no indication that Congress intended to upset or replace that process. Third, consumers will not be adversely affected by our decision to exclude them from the definition of private entity. If an individual consumer mistakenly files a 12 NPRM at para. 7. 13 Twilio Comments at 5. 14 CTIA Comments at 6. 15 See CTIA Comments at 6; Twilio Comments at 4. 16 See 47 U.S.C. § 153(39) ( The term  person includes an individual, partnership, association, joint-stock company, trust, or corporation. ). 17 See, e.g., 6 U.S.C. § 763a ( . . . Center for Domestic Preparedness may provide training to emergency response providers from the Federal Government, foreign governments, or private entities . . . . ); 42 U.S.C. § 2297h-5(h)(1) ( . . . guidelines relating to the authority of the Department of Energy s contractors (including any federal agency, or private entity operating a gaseous diffusion plant . . . .)); 42 U.S.C. § 12181(6) ( the term  private entity means any entity other than a public entity. ); 42 U.S.C. § 12181(7) (listing types of private entities such as hotels, restaurants, theaters, stores, and schools). But see 28 CFR Pt. 36, App. C (interpreting private entity as used in 42 U.S.C. § 12181(6) to include individuals as consistent with the purpose of the Americans with Disabilities Act). 18 Entity, Black's Law Dictionary (11th ed. 2019). 19 See CTIA Comments at 6; Twilio Comments at 4. 20 CTIA Comments at 6. 3 Federal Communications Commission FCC-CIRC2106-08 complaint with the new portal, the Bureau will forward the complaint to the Consumer and Governmental Affairs Bureau. 9. We also clarify that a  public entity is any governmental organization at the federal, state, or local level.21 This definition is consistent with common usage. Black s Law Dictionary defines  public entity as  a governmental entity, such as a state government or one of its political subdivisions. 22 At least one statute, the Americans with Disabilities Act, defines public entity as any state or local government and  any department, agency, special purpose district, or other instrumentality of a State or States or local government. 23 10. Streamlined Process. The rules we adopt today create a streamlined process by which a private entity may submit information about suspected robocall and spoofing violations directly to the Bureau via an online portal located on the FCC website. We interpret section 10(a) of the TRACED Act to encompass  suspected or  alleged violations of section 227(b) or section 227(e) as the most natural reading the of the statute. A private entity cannot determine whether a call violated the TCPA or the Truth in Caller ID Act this determination is left to the Commission,24 an action brought by state law enforcement,25 or a judicial outcome from a private right of action.26 Thus, a private entity is only in a position to provide information about calls that it suspects are violations of the law. The portal will request private entities to submit certain minimum information including, but not necessarily limited to, the name of the reporting private entity, contact information, including at least one individual name and means of contacting the entity (e.g., a phone number), the caller ID information displayed, the phone number(s) called, the date(s) and time(s) of the relevant calls or texts, the name of the reporting private entity s service provider, and a description of the problematic calls or texts.27 Although the portal will not reject submissions that fail to include the above information, such failure will make it more difficult for the Bureau to investigate fully and take appropriate enforcement action. Once submitted, the Bureau will review to determine whether the information presents evidence of a violation of our rules. 11. We agree with comments expressing the importance of vetting submitted information and protecting confidentiality.28 The Bureau will review information submitted through the portal to assess violations of the rules in the same manner that it reviews information submitted to the Commission through other means. All persons are required to submit truthful and accurate statements to the Commission.29 To protect law enforcement methods and techniques, we decline to adopt SAFE Credit Union s suggestion to detail the exact steps and criteria that the Bureau will use to evaluate the information submitted.30 Furthermore, we agree with commenters that the Bureau should protect the confidentiality of information submitted through the portal, especially because the data may include 21 No one commented on how to define a public versus a private entity. 22 Entity, Black's Law Dictionary (11th ed. 2019). 23 42 U.S.C. § 12131(1). The definition also includes the National Railroad Passenger Corporation and any commuter authority. Id. 24 47 U.S.C. §§ 227(b)(4),(e)(5). 25 47 U.S.C. § 227(g). 26 47 U.S.C. § 227(b)(3). To require a private entity to receive a favorable judgement in court before submitting information about a robocall or spoofed call would be an absurd interpretation of the TRACED Act. 27 Private entites are highly encouraged to submit as much information about the robocall or spoofing incident as possible and their contact information to ensure that their submission is actionable by the Bureau. 28 See CTIA Comments at 6-7; SAFE Comments at 1. 29 47 CFR § 1.17. 30 SAFE Credit Union at 1. 4 Federal Communications Commission FCC-CIRC2106-08 personally identifiable information or customer proprietary network information.31 Consistent with these privacy protections, however, the Bureau may share information gathered from the portal with other government agencies combatting robocalls.32 To the extent allowed by the Privacy Act of 1974 and our rules, the portal will clearly state that the Bureau may share submitted information with the Department of Justice, Federal Trade Commission, other federal agencies combatting robocalls, state attorney general offices, other law enforcement entities with which the Commission has information sharing agreements, and the registered traceback consortium. 12. The purpose of the portal is to provide private entities a streamlined method to submit information to the Bureau about suspected robocall or spoofing violations. USTelecom requests that we encourage private entities to first coordinate with the registered traceback consortium prior to filing information in the portal.33 While we encourage private entities to make use of the registered consortium s resources, we decline to mandate that private entities must coordinate with the consortium prior to submitting information to the Commission. 13. No Impact on Informal Consumer Complaint Process. This new portal will not affect the process by which a consumer submits an informal complaint about a robocall or spoofed call, using the long-standing process located on the Consumer and Governmental Affairs Bureau s homepage.34 The current informal consumer complaint process is a vital tool for the Commission. The Consumer and Governmental Affairs Bureau uses this information to inform Commission consumer protection policies as well as for analytical and consumer education purposes. The Consumer and Governmental Affairs Bureau also forwards complaints to the Enforcement Bureau, which may use them to pursue enforcement actions. Commenters raise concerns that the new streamlined portal will create consumer confusion or duplicate current processes.35 We find that our decision to exclude individual consumers from the definition of private entity will greatly reduce, if not eliminate, potential confusion. 14. Twilio recommends that the Commission create one centralized mechanism for reporting all information regarding robocalling and spoofing, whether it is from a whistleblower, company, or consumer.36 We agree with Twilio that private entities and consumers should be directed to a centralized reporting mechanism, but we also find that the new portal should be distinct from the existing informal 31 Any disclosure of customer proprietary network information through the portal that might otherwise be prohibited by section 222 of the Communications Act would be permitted by the exception in subsection (d)(2) of that section. See 47 U.S.C. § 222(d)(2) (permitting disclosure of Customer Proprietary Network Information  to protect the rights or property of the carrier, or to protect users of those services and other carriers from fraudulent, abusive, or unlawful use of . . . such services. ); see also TRACED Act § 13(d) (stating that the call traceback consortium must focus private-led traceback efforts on  fraudulent, abusive, or unlawful traffic consistent with section 222(d)(2) of the Communications Act). 32 See CTIA Comments at 7 ( [T]he Commission should strike the right balance between providing appropriate confidentiality and security for information submitted into the portal with the need to allow sharing of submitted information between the Enforcement Bureau and other relevant entities to pursue leads. ). 33 USTelecom comments at 3-7. See also Twilio Comments at 5 ( The Commission can bolster the expediency and efficiency of the reporting process, as well as the investigation and remediation process, by encouraging sophisticated private entities to coordinate with the [registered traceback consortium] in advance on their submissions to the information portal. ). USTelecom also suggests that the Commission regularly publicly identify non-cooperative voice service providers. USTelecom Comments at 7. We agree with USTelecom that bad actor providers that refuse to cooperate with traceback should be publicly named, and the TRACED Act permits the Commission to take this action; however, USTelecom s suggestion is outside the scope of this proceeding. See TRACED Act § 13(e) (permitting the Commission to publish a list of voice service providers that refuse to participate in private-led efforts to trace back the origin of suspected unlawful robocalls). 34 Consumer Complaint Center, FCC, https://consumercomplaints.fcc.gov/hc/en-us (last visited May 4, 2021). 35 CTIA Comments at 6; SAFE at 1; Twilio Comments at 4-5. 36 Twilio Comments at 5. 5 Federal Communications Commission FCC-CIRC2106-08 consumer complaint process. First, we find that there is value in maintaining the separate informal consumer complaint process. That process is a well-established one that consumers have come to understand and depend upon. In addition, it serves as a valuable clearinghouse for the Commission to identify trends and activities that are negatively affecting consumers. The data in turn informs the Commission s policy work, serves as a deterrent to companies the Commission regulates and contributes to consumer protection efforts. Second, we find that establishing a stand-alone process designed specifically to handle concerns from private entities (i.e., not individual consumers) about robocalls and spoofing best aligns with the TRACED Act requirement. Congress adopted the requirement to create a streamlined process to collect information about robocalls and spoofing against the backdrop of the existing informal consumer complaint process. Instead, the new portal will be integrated with, but distinct from, the existing consumer complaint process. Private entities and consumers who wish to submit information or complaints about robocalls will be directed on the FCC website to the appropriate intake process for their situation the new portal for private entities or the existing informal consumer complaint process for consumers. We find that adopting a distinct intake process for private entities best satisfies the statutory language, while integrating it with the existing process managed by the Consumer and Governemtnal Affairs Bureau will reduce administrative costs and consumer confusion. 15. We acknowledge commenters concerns that, at least initially, private entities might be confused about whether the consumer complaint process or the new streamlined process is a more appropriate place to submit information. Thus we adopt SAFE Credit Union s suggestion that the portal  clearly explain its purpose and intended use. 37 To that end, the new portal s home page will include prominent language that not only explains its purpose and use, but also distinguishes that portal from the existing informal consumer complaint process so as to minimize possible confusion. The portal is available for use by private entities that wish to submit information about suspected robocall or spoofing violations. Relevant incidents might include a corporation or association experiencing a deluge of robocalls overwhelming their internal phone network or a voice service provider that found evidence of illegal robocalls traversing its network. The portal is also available for use by private entities that have had their number(s) spoofed. Consumers, meanwhile, should continue to submit individual complaints about unwanted robocalls and spoofed calls that they receive through the Consumer and Governmental Affairs Bureau s informal consumer complaint process. We recognize that consumers might mistakenly file complaints through the new streamlined process rather than the existing consumer complaint process. In such cases, the Enforcement Bureau will forward such consumer complaints to the Consumer and Governmental Affairs Bureau. 16. Delegated Authority. Lastly, we delegate authority to the Bureau to make further decisions about administration of the portal. Additional technical issues may arise in the future, and those decisions can be made by the Bureau. IV. PROCEDURAL MATTERS 17. Final Regulatory Flexibility Analysis. As required by the Regulatory Flexibility Act of 1980, as amended (RFA),38 the Commission has prepared a Final Regulatory Flexibility Analysis (FRFA) relating to this Report and Order. The FRFA is set forth in Appendix C. 18. Paperwork Reduction Act of 1995 Analysis. The Report and Order contains new or modified information collection requirements subject to the Paperwork Reduction Act of 1995 (PRA).39 It will be submitted to the Office of Management and Budget (OMB) for review under section 3507(d) of the PRA.40 OMB, the general public, and other Federal agencies are invited to comment on the new or modified information collection requirements contained in this proceeding. In addition, we note that 37 SAFE at 1. 38 5 U.S.C. § 601 et seq. 39 Pub. L. No. 104-13, 109 Stat 163 (1995) (codified at 44 U.S.C. §§ 3501-3520). 40 44 U.S.C. § 3507(d). 6 Federal Communications Commission FCC-CIRC2106-08 pursuant to the Small Business Paperwork Relief Act of 2002,41 we previously sought specific comment on how the Commission might further reduce the information collection burden for small business concerns with fewer than 25 employees.42 19. In this document, we have created a new online portal located on the Commission website where private entities, including small businesses, may submit information about robocall or spoofing violations. The portal will collect contact information of the reporting entity, information about the suspected illegal robocall, and a description of the robocall incident. Use of the portal is completely voluntary and we impose no new requirements on small businesses. Thus, we have minimized the impact on small businesses. 20. Congressional Review Act. [The Commission will submit this draft Report and Order to the Administrator of the Office of Information and Regulatory Affairs, Office of Management and Budget, for concurrence as to whether this rule is  major or  non-major under the Congressional Review Act, 5 U.S.C. § 804(2).] The Commission will send a copy of this Report and Order to Congress and the Government Accountability Office pursuant to 5 U.S.C. § 801(a)(1)(A). 21. People with Disabilities. To request material in accessible formats for people with disabilities (braille, large print, electronic files, audio format), send an e-mail to fcc504@fcc.gov or call the Consumer and Governmental Affairs Bureau at 202-418-0530 (voice). 22. Further Information. For further information, contact Daniel Stepanicich, Attorney, Telecommunications Consumers Division, Enforcement Bureau, at (202) 418-7451 or daniel.stepanicich@fcc.gov. V. ORDERING CLAUSES 23. Accordingly, IT IS ORDERED, pursuant to sections 4(i), 4(j), and 227 of the Communications Act of 1934, as amended, 47 U.S.C. §§ 154(i), 154(j), and 227, and section 10(a) of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, Pub. L. 116-105, 133 Stat. 3274, this Report and Order, is hereby ADOPTED. 24. IT IS FURTHER ORDERED that parts 0 and 64 of the Commission s rules ARE AMENDED as set forth in Appendix A. 25. IT IS FURTHER ORDERED that, pursuant to sections 1.4(b)(1) and 1.427(a) of the Commission s rules, 47 CFR §§ 1.4(b)(1), 1.427(a), this Report and Order and the amendments to parts 0 and 64 of the Commission s rules, as set forth in Appendix A, SHALL BE EFFECTIVE 30 days after publication in the Federal Register. Sections 64.1204(a) and 64.1606(a) contain new or modified information collection requirements that require review by OMB under the PRA. The Commission directs the Enforcement Bureau to announce the effective date for those information collections in a document published in the Federal Register after OMB completes its review, and directs the Enforcement Bureau to cause sections 64.1204 and 64.1606 to be revised accordingly. 26. IT IS FURTHER ORDERED that the Commission SHALL SEND a copy of this Report and Order Rulemaking, including the Final Regulatory Flexibility Analysis, in a report to Congress and the Government Accountability Office pursuant to the Congressional Review Act, see 5 U.S.C. § 801(a)(1)(A). 27. IT IS FURTHER ORDERED that the Commission s Consumer and Governmental Affairs Bureau, Reference Information Center, SHALL SEND a copy of this Report and Order 41 Pub. L. No. 107-198, 116 Stat. 729 (2002); 44 U.S.C. § 3506(c)(4). 42 Call Blocking Order and Further Notice, 35 FCC Rcd at 7668-77, Appx. E. 7 Federal Communications Commission FCC-CIRC2106-08 Rulemaking, including the Final Regulatory Flexibility Analysis, to the Chief Counsel for Advocacy of the Small Business Administration. FEDERAL COMMUNICATIONS COMMISSION Marlene H. Dortch Secretary 8 Federal Communications Commission FCC-CIRC2106-08 APPENDIX A Final Rules For the reasons discussed in the preamble, the Federal Communications Commission proposes to amend 47 CFR parts 0 and 64 as follows: Part 0  COMMISSION ORGANIZATION 1. The authority citation for part 0 continues to read as follows: Authority: 47 U.S.C. 151, 154(i), 154(j), 155, 225, and 409, unless otherwise noted. 2. Amend section 0.111 by redesignating paragraph (j) as paragraph (k) and revising paragraph (j) as follows: § 0.111  Functions of the Bureau * * * * * (j) Collects and reviews information received from private entities related to violations of § 64.1200(a) and § 64.1604(a) of this Title. (k) Perform such other functions as may be assigned or referred to it by the Commission. Part 64  MISCELLANEOUS RULES RELATING TO COMMON CARRIERS 3. The authority citation for part 64 continues to read as follows: Authority: 47 U.S.C. 151, 152, 154, 201, 202, 217, 218, 220, 222, 225, 226, 227, 227b, 228, 251(a), 251(e), 254(k), 262, 276, 403(b)(2)(B), (c), 616, 620, 1401-1473, unless otherwise noted, Pub. L. 115-141, Div. P, sec. 503, 132 Stat 348, 1091. 4. Add section 64.1204 to read as follows: § 64.1204  Private Entity Submissions of Robocall Violations (a) Any private entity may submit to the Enforcement Bureau information related to a call made or a text message sent that the private entity has reason to believe was in violation of § 64.1200(a) or 47 U.S.C. 227(b). (b) For the purposes of this section, the term  private entity shall mean any entity other than a natural individual person or a public entity. (c) Compliance date. Paragraph (a) of this section contains a voluntary information collection. Compliance with the requirements of that information collection will not be required until after approval by the Office of Management and Budget. The Commission will publish a document in the Federal Register announcing that compliance date and revising this paragraph accordingly. 5. Add section 64.1606 to read as follows: § 64.1606  Private Entity Submissions of Spoofing Violations (a) Any private entity may submit to the Enforcement Bureau information related to a call or text message that the private entity has reason to believe included misleading or inaccurate caller identification information in violation of § 64.1604(a) or 47 U.S.C. 227(e). (b) For the purposes of this section, the term  private entity shall mean any entity other than a natural individual person or a public entity. (c) Compliance date. Paragraph (a) of this section contains a voluntary information collection. Compliance with the requirements of that information collection will not be required until after approval by the Office of Management and Budget. The Commission will publish a document in the Federal Register announcing that compliance date and revising this paragraph accordingly. 9 Federal Communications Commission FCC-CIRC2106-08 APPENDIX B Comments Filed Commenter Abbreviation CTIA CTIA SAFE Credit Union SAFE Twilio, Inc. Twilio USTelecom  The Broadband Association USTelecom 10 Federal Communications Commission FCC-CIRC2106-08 APPENDIX C Final Regulatory Flexibility Analysis 1. As required by the Regulatory Flexibility Act of 1980 (RFA),43 as amended, an Initial Regulatory Flexibility Analysis (IRFA) was incorporated into the Notice of Proposed Rulemaking (NPRM).44 The Commission sought written public comment on the proposals in the NPRM, including comment on the IRFA. The comments received are discussed below. This Final Regulatory Flexibility Analysis (FRFA) conforms to the RFA.45 A. Need for, and Objectives of, the Order 2. In this Report and Order, the Commission streamlines the process for private entities to submit information to the Commission about a violation of 47 U.S.C. § 227(b) or 47 U.S.C. § 227(e) as required by the TRACED Act. The Commission will create a web portal where private entities can submit robocall violation information that will be monitored and reviewed by the Enforcement Bureau. A  private entity is any entity other than a natural individual person or a public entity (e.g. a federal, state, or local governmental organization). The portal will request that private entities provide information about the robocall or spoofing incident such as the telephone number displayed as caller ID, the called number, the date and time of the call, and a description of the incident as well as the private entity s contact information. To avoid duplicating current information collection efforts and creating consumer confusion, the new portal will be distinct from the existing informal consumer complaint process. Private entities and consumers who wish to submit information or complaints about robocalls will be directed to the appropriate intake processs for their situation the new portal for private entities or the existing informal consumer complaint process for consumers. The new portal will include prominent language that not only explains its purpose and use but also distinguishes that portal from the existing informal consumer complaint process so as to minimize possible confusion. The portal is available for use by private entities that wish to submit information about suspected robocall or spoofing violations. Relevant incidents might include a corporation or association experiencing a deluge of robocalls overwhelming their internal phone network or a voice service provider that found evidence of illegal robocalls traversing its network. B. Summary of Significant Issues Raised by Public Comments in Response to the IRFA 3. In the NPRM, we solicited comments on how to minimize the economic impact of the new rules on small business. There were no comments filed specifically in response to the IFRA, but we received comments that addressed issues implicating small entities. Twilio recommended that the Commission create a new interface for submitting information or complaints about robocalls to avoid creating consumer confusion.46 SAFE commented that the Commission should provide more clarity on the purpose of the portal to avoid erroneous filings.47 C. Response to Comments by the Chief Counsel for Advocacy of the Small Business Administration 43 5 U.S.C. § 603. The RFA, 5 U.S.C. §§ 601-612, has been amended by the Contract With America Advancement Act of 1996, Public Law No. 104-121, 110 Stat. 847 (1996) (CWAAA). Title II of the CWAAA is the Small Business Regulatory Enforcement Fairness Act of 1996 (SBREFA). 44 Implementing Section 10(a) of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), EB Docket No. 20-374, Notice of Proposed Rulemaking, 35 FCC 14263 (2020) (NPRM). 45 See 5 U.S.C. § 604. 46 Twilio Comments at 5. 47 SAFE Comments at 1. 11 Federal Communications Commission FCC-CIRC2106-08 4. Pursuant to the Small Business Jobs Act of 2010, which amended the RFA, the Commission is required to respond to any comments filed by the Chief Counsel for Advocacy of the Small Business Administration (SBA), and to provide a detailed statement of any change made to the proposed rules as a result of those comments.48 The Chief Counsel did not file any comments in response to the proposed rules in this proceeding. D. Description and Estimate of the Number of Small Entities to Which the Rules Will Apply 5. The RFA directs agencies to provide a description of, and where feasible, an estimate of the number of small entities that may be affected by the rules adopted herein.49 The RFA generally defines the term  small entity as having the same meaning as the terms  small business,  small organization, and  small governmental jurisdiction. 50 In addition, the term  small business has the same meaning as the term  small-business concern under the Small Business Act.51 A  small-business concern is one which: (1) is independently owned and operated; (2) is not dominant in its field of operation; and (3) satisfies any additional criteria established by the SBA.52 6. Small Business, Small Organizations, and Small Governmental Jurisdictions. Our action may, over time, affect small entities that are not easily categorized at present. We therefore describe here, at the outset, three broad groups of small entities that could potentially be directly affected herein.53 First, while there are industry specific size standards for small businesses that are used in the RFA, according to data from the SBA s Office of Advocacy, in general a small business is an independent business having fewer than 500 employees.54 These types of small businesses represent 99.9 percent of all businesses in the United States, which translates to 30.7 million businesses.55 7. Next, the type of small entity described as a  small organization is generally  any not-for- profit enterprise which is independently owned and operated and is not dominant in its field. 56 The Internal Revenue Service (IRS) uses a revenue benchmark of $50,000 or less to delineate its annual electronic filing requirements for small exempt organizations.57 Nationwide, for tax year 2018, there 48 5 U.S.C. § 604(a)(3). 49 See 5 U.S.C. § 603(b)(3). 50 See 5 U.S.C. § 601(6). 51 See 5 U.S.C. § 601(3) (incorporating by reference the definition of  small-business concern in the Small Business Act, 15 U.S.C. § 632). Pursuant to 5 U.S.C. § 601(3), the statutory definition of a small business applies  unless an agency, after consultation with the Office of Advocacy of the Small Business Administration and after opportunity for public comment, establishes one or more definitions of such term which are appropriate to the activities of the agency and publishes such definition(s) in the Federal Register. 52 See 15 U.S.C. § 632. 53 See 5 U.S.C. § 601(3)-(6). 54 See SBA, Office of Advocacy,  What s New With Small Business? , https://cdn.advocacy.sba.gov/wpcontent/uploads/2019/09/23172859/Whats-New-With-Small-Business-2019.pdf (Sept. 2019). 55 Id. 56 5 U.S.C. § 601(4). 57 The IRS benchmark is similar to the population of less than 50,000 benchmark in 5 U.S.C § 601(5) that is used to define a small governmental jurisdiction. Therefore, the IRS benchmark has been used to estimate the number small organizations in this small entity description. We note that the IRS data does not provide information on whether a small exempt organization is independently owned and operated or dominant in its field. 12 Federal Communications Commission FCC-CIRC2106-08 were approximately 571,709 small exempt organizations in the U.S. reporting revenues of $50,000 or less according to the registration and tax data for exempt organizations available from the IRS.58 8. Finally, the small entity described as a  small governmental jurisdiction is defined generally as  governments of cities, counties, towns, townships, villages, school districts, or special districts, with a population of less than fifty-thousand. 59 This Report and Order excludes public entities and therefore the adopted rules do not apply to small governmental jurisdictions. E. Description of Projected Reporting, Recordkeeping, and Other Compliance Requirements for Small Entities 9. The Commission does not expect the rules in this Report and Order will impose any new and/or additional reporting or recordkeeping and/or compliance obligations on small entities. The web portal is a completely voluntary process that small entities may use to submit information about robocall or spoofing violations. Small entities may wish to retain copies of their submissions to the Commission as well any supporting documentation should the Bureau wish to follow-up with the complainant for more information. F. Steps Taken to Minimze the Significant Economic Impact on Small Entities, and Signitifcant Alternatives Considered 10. The RFA requires an agency to describe any significant alternatives that it has considered in reaching its approach, which may include the following four alternatives, among others: (1) the establishment of differing compliance or reporting requirements or timetables that take into account the resources available to small entities; (2) the clarification, consolidation, or simplification of compliance or reporting requirements under the rule for small entities; (3) the use of performance, rather than design, standards; and (4) an exemption from coverage of the rule, or any part thereof, for small entities.60 11. Congress directed the Commission to streamline the process for private entities to submit information about robocall violations. We determined that creating a web portal will best meet the Congressional mandate while also placing as few burdens as possible on private entities. The portal will clearly state its purpose to avoid creating confusion to small entities. The portal should be used by private entities that wish to submit information about suspected robocall or spoofing violations. For example, this might include a business experiencing a deluge of robocalls overwhelming its internal phone network or a voice service provider that found evidence of illegal robocalls traversing its network. The portal should also be used by private entities that have had their number(s) spoofed by a robocaller. The use of this portal is entirely voluntary and does not impose any new requirements on small entities. 12. We also considered whether to make changes to the existing informal consumer complaint process as suggested by Twilio, but we determined that any such changes would be disruptive and counterproductive to consumers and small entities. The Report and Order gives maximum flexibility to small entities as they may still continue to submit robocall complaints through the existing informal consumer complaint process. This flexibility limits any undue burdens on small entities. B. Report to Congress 13. The Commission will send a copy of the Report and Order, including this FRFA, in a 58 See Exempt Organizations Business Master File Extract (EO BMF), "CSV Files by Region," https://www.irs.gov/charities-non-profits/exempt-organizations-business-master-file-extract-eo-bmf. The IRS Exempt Organization Business Master File (EO BMF) Extract provides information on all registered taxexempt/non-profit organizations. The data utilized for purposes of this description was extracted from the IRS EO BMF data for Region 1-Northeast Area (76,886), Region 2-Mid-Atlantic and Great Lakes Areas (221,121), and Region 3-Gulf Coast and Pacific Coast Areas (273,702) which includes the continental U.S., Alaska, and Hawaii. This data does not include information for Puerto Rico. 59 5 U.S.C. § 601(5). 60 5 U.S.C. § 603. 13 Federal Communications Commission FCC-CIRC2106-08 report to be sent to Congress and the Government Accountability Office pursuant to the Congressional Review Act.61 In addition, the Commission will send a copy of the Report and Order, including this FRFA, to the Chief Counsel for Advocacy of the Small Business Administration. A copy of the Report and Order (or summaries thereof) will also be published in the Federal Register.62 61 5 U.S.C. § 801(a)(1)(A). 62 See id. § 604(b). 14