April 27, 2023 FACT SHEET* Combatting Illegal Robocalls Seventh Report and Order, Eighth Further Notice, and Third Notice of Inquiry in CG Docket 17-59, Seventh Report and Order in WC Docket 17-97 Background: Stopping illegal calls is one of the Commission’s top consumer protection priorities. The Commission has long taken a multi-pronged approach to this problem and the Report and Order, Notice of Proposed Rulemaking, and Notice of Inquiry continues this approach by extending existing rules to new categories of providers and exploring additional options to combat these calls. What the Order Would Do: • Extend several call blocking requirements for gateway providers to other voice service providers to ensure even greater protection for consumers. New requirements include extending the 24- hour traceback requirement to cover all voice service providers in the call path, expanding to originating providers the requirement to block illegal traffic when notified of such traffic by the Commission, and extending the know-your-upstream-provider requirement to all voice service providers. What the Further Notice Would Do: • Propose and seek comment on further action to combat illegal robocalls, including by requiring all terminating providers to offer analytics-based blocking, requiring all voice service providers to block calls based on a reasonable do-not-originate list, and requiring non-gateway intermediate and terminating providers to block in certain instances. • Propose to set a base forfeiture for failure to comply with the rule requiring voice service providers to take affirmative, effective measures to prevent new and renewing customers from originating illegal calls and to allow that forfeiture to be increased up to the maximum for non- common carriers. • Seek comment on a number of other call blocking issues, including on requiring a single Session Initiation Protocol (SIP) Code for immediate notification to callers whose calls are blocked based on analytics and requiring terminating providers to display caller name information when they provide an indication to the call recipient that the call has received “full” or “A” attestation. What the Notice of Inquiry Would Do: • Seek comment on tools voice service providers use to combat illegal calls, including honeypots. • Seek comment on the current state of call labeling, including the extent of it use and its accuracy. * This document is being released as part of a “permit-but-disclose” proceeding. Any presentations or views on the subject expressed to the Commission or its staff, including by email, must be filed in CG Docket No. 17-59 and WC Docket No. 17-97, which may be accessed via the Electronic Comment Filing System (http://www.fcc.gov/ecfs). Before filing, participants should familiarize themselves with the Commission’s ex parte rules, including the general prohibition on presentations (written and oral) on matters listed on the Sunshine Agenda, which is typically released a week prior to the Commission’s Meeting. See 47 CFR § 1.1200 et seq. Federal Communications Commission FCC-CIRC2305-03 Before the Federal Communications Commission Washington, D.C. 20554 In the Matter of ) ) Advanced Methods to Target and Eliminate ) CG Docket No. 17-59 Unlawful Robocalls ) ) Call Authentication Trust Anchor ) WC Docket No. 17-97 SEVENTH REPORT AND ORDER IN CG DOCKET 17-59 AND WC DOCKET 17-97, EIGHTH FURTHER NOTICE OF PROPOSED RULEMAKING IN CG DOCKET 17-59, AND THIRD NOTICE OF INQUIRY IN CG DOCKET 17-59* Adopted: "Insert Adopted Date" Released: "Insert Release Date" Comment Date (30 days after date of publication in the Federal Register) Reply Comment Date (60 days after date of publication in the Federal Register) By the Commission: TABLE OF CONTENTS Heading Paragraph # I. INTRODUCTION .................................................................................................................................. 1 II. BACKGROUND .................................................................................................................................... 6 III. REPORT AND ORDER ...................................................................................................................... 20 A. 24-Hour Traceback Requirement ................................................................................................... 21 B. Mandatory Blocking Following Commission Notification............................................................ 28 C. “Know Your Upstream Provider” .................................................................................................. 48 D. Other Issues .................................................................................................................................... 51 E. Summary of Costs and Benefits ..................................................................................................... 58 F. Legal Authority .............................................................................................................................. 64 IV. FURTHER NOTICE OF PROPOSED RULEMAKING ..................................................................... 69 A. Mandatory Blocking Programs to Protect Consumers from Illegal Calls ...................................... 70 1. Requiring Opt-Out Analytics-Based Blocking of Calls That Are Highly Likely to be Illegal ....................................................................................................................................... 70 * This document has been circulated for tentative consideration by the Commission at its May open meeting. The issues referenced in this document and the Commission’s ultimate resolution of those issues remain under consideration and subject to change. This document does not constitute any official action by the Commission. However, the Chairwoman has determined that, in the interest of promoting the public’s ability to understand the nature and scope of issues under consideration, the public interest would be served by making this document publicly available. The FCC’s ex parte rules apply and presentations are subject to “permit-but-disclose” ex parte rules. See, e.g., 47 C.F.R. §§ 1.1206, 1.1200(a). Participants in this proceeding should familiarize themselves with the Commission’s ex parte rules, including the general prohibition on presentations (written and oral) on matters listed on the Sunshine Agenda, which is typically released a week prior to the Commission’s meeting. See 47 CFR §§ 1.1200(a), 1.1203. Federal Communications Commission FCC-CIRC2305-03 2. Requiring Blocking Based on a Reasonable Do-Not-Originate List ....................................... 75 3. Further Strengthening the Requirements to Block Following Commission Notification .............................................................................................................................. 79 B. SIP Codes for Immediate Notification of Blocked Calls ............................................................... 89 C. Increasing Trust in Caller ID By Providing Accurate Caller Name to Call Recipients ................. 94 D. Enforcement Against Voice Service Providers that Allow Customers to Originate Illegal Calls ............................................................................................................................................. 100 E. Legal Authority ............................................................................................................................ 104 V. NOTICE OF INQUIRY ..................................................................................................................... 105 A. Technology for Fighting Illegal Calls .......................................................................................... 106 B. Call Labeling ................................................................................................................................ 109 C. Digital Equity and Inclusion ........................................................................................................ 112 VI. PROCEDURAL MATTERS .............................................................................................................. 113 VII. ORDERING CLAUSES .................................................................................................................... 123 Appendix A Final Rules Appendix B Proposed Rules Appendix C Final Regulatory Flexibility Analysis Appendix D Initial Regulatory Flexibility Analysis I. INTRODUCTION 1. Frustration and anger at unwanted robocalls is something we all agree on. Many of us no longer answer calls from unknown numbers and, when we do, all too often find them annoying, harassing, and possibly fraudulent. Consumers are not the only losers when this happens; legitimate callers have a hard time completing the calls consumers do want to receive. Over the last several years, the Commission has made significant strides to protect consumers, employing a multi-pronged approach to this complex problem because there is no “silver bullet” fix. In this Report and Order, Further Notice of Proposed Rulemaking, and Notice of Inquiry, we continue our efforts by expanding certain rules to protect all American consumers from illegal calls and seeking comment on other options to further the cause. 2. We do so recognizing certain foundational principles: providing greater choice to consumers as to what calls reach their phones while also protecting them from illegal calls; making it easier to identify bad actors, whether callers or voice service providers,1 and improving faith in caller ID; 1 For purposes of this Seventh Report and Order, Eighth Further Notice, and Third Notice of Inquiry, we use the definition of “voice service provider” that the Commission adopted in the July 2020 Call Blocking Order. Specifically, “voice service provider” means any entity originating, carrying, or terminating voice calls through time-division multiplexing (TDM), Voice over Internet Protocol (VoIP), or commercial mobile radio service (CMRS). Advanced Methods to Target and Eliminate Unlawful Robocalls, CG Docket No. 17-59, Third Report and Order, Order on Reconsideration, and Fourth Further Notice of Proposed Rulemaking, 35 FCC Rcd 7614, 7615 n.3 (2020) (July 2020 Call Blocking Order). As the Commission explained there, this definition is consistent with the use of this term in previous call-blocking actions and existing call-blocking rules, but is more extensive than the definition of “voice service” in section 4 of the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act and in the Commission’s work on caller ID authentication; that definition does not include intermediate providers. See TRACED Act § 4(a)(2) (codified at 47 U.S.C. § 227b(a)(2)) (2019); see also Call Authentication Trust Anchor, Implementation of TRACED Act Section 6(a)—Knowledge of Customers by Entities with Access to Numbering Resources, WC Docket Nos. 17-97 and 20-67, Report and Order and Further Notice of Proposed Rulemaking, 35 FCC Rcd 3241, 3300-01, Appx. A (2020) (First Caller ID Authentication Order). Adopting the narrower definition used in the TRACED Act in this proceeding would create inconsistency with our existing call blocking rules. We use the phrases “originating provider,” “gateway provider,” “intermediate provider,” and “terminating provider” to mean “originating voice service provider,” “gateway voice service provider,” “intermediate voice service provider,” and “terminating voice service provider,” respectively. 2 Federal Communications Commission FCC-CIRC2305-03 and holding voice service providers responsible as the first line of defense against these calls and ensuring that they are not shielding callers placing illegal calls from detection and enforcement. 3. We begin by extending several requirements adopted in May 2022 for gateway providers2 to other voice service providers to ensure even greater coverage for consumers. First, we extend the 24- hour traceback requirement to cover all voice service providers in the call path. Second, we enhance the existing requirement to effectively mitigate illegal traffic when notified by the Commission to require originating providers to block this traffic and make it clear that, while terminating and non-gateway intermediate providers are not generally required to block, they are required to respond and provide accurate information regarding where they received the traffic. We similarly require voice service providers immediately downstream from a provider that fails to comply with the Commission’s directive to block their traffic. Finally, we expand our know-your-upstream-provider requirement to include all voice service providers. We also update the information that voice service providers must file in the Robocall Mitigation Database and commit to in their filing and mitigation plan to reflect the new traceback requirements. Taken together, these expanded requirements will help identify bad actors more quickly and make clear that voice service providers are responsible for the calls they originate, carry, or transmit. 4. Next, we propose and seek comment on several options to further enhance consumer choice, increase consumer trust in caller ID, and hold voice service providers responsible for the calls they originate, carry, or transmit. To provide greater consumer choice and protect all consumers against illegal calls, we propose to require terminating providers to offer analytics-based blocking of calls that are highly likely to be illegal, without charge to consumers. We also propose to require all voice service providers to block calls based on a reasonable do-not-originate (DNO) list. Additionally, we seek comment on the appropriate Session Initiation Protocol (SIP) code to use for immediate notification to callers when calls are blocked based on reasonable analytics. To improve trust in caller ID and ensure consumers have access to information, we seek comment on requiring terminating providers that choose to display caller ID authentication status to also provide some version of caller name to call recipients free of charge. To hold voice service providers responsible, we propose to set a base forfeiture for failure to comply with the requirement that voice service providers take affirmative, effective measures to prevent new and renewing customers from originating illegal calls. 5. Finally, we seek comment on whether and how the Commission can leverage technologies currently in use or in development to combat illegal calls, including honeypots. We also seek comment on the status of call labeling, including whether and how the Commission could improve the call labeling ecosystem. II. BACKGROUND 6. An Ongoing Problem. Despite progress made by the Commission, law enforcement, and industry to combat them, consumers continue to receive an unacceptably high number of unwanted and illegal calls. In fact, these calls continue to be the Commission’s top source of consumer complaints.3 2 Advanced Methods to Target and Eliminate Unlawful Robocalls, Call Authentication Trust Anchor, CG Docket No. 17-59, WC Docket No. 17-97, Sixth Report and Order in CG Docket No. 19-59, Fifth Report and Order in WC Docket No. 17-97, Order, Seventh Further Notice of Proposed Rulemaking in CG Docket No. 17-59 & Fifth Further Notice of Proposed Rulemaking in WC Docket No. 17-97, FCC 22-37, at 10-50, paras. 19-121 (May 20, 2022) (Gateway Provider Order and Further Notice). 3 The Commission received approximately 157,000 in 2020, 164,000 in 2021, 119,000 in 2022, and 28,000 in 2023 as of April 15, 2023. FCC, Consumer Complaint Data Center, https://www.fcc.gov/consumer-help-center-data (last visited Apr. 24, 2023). Multiple factors can affect these numbers, including outreach efforts and media coverage on how to avoid unwanted calls. Complaint numbers declined significantly during the first four months of the COVID- 19 pandemic, reducing the total number of complaints the Commission received in 2020. 3 Federal Communications Commission FCC-CIRC2305-03 Still more complaints are filed with the Federal Trade Commission (FTC).4 One industry estimate indicates that the average U.S. consumer receives 14 spam or fraud calls per month.5 While some of these calls may be simple annoyances, others lead to significant harm, including financial loss.6 Stopping these calls remains one of our top consumer protection priorities. 7. The Commission has taken an incremental, multi-pronged approach to stopping unwanted and illegal calls. In particular, the Commission has focused on three key areas: ensuring that consumers have a say in what calls ring their phones and protecting them from illegal calls; making the source of calls easier to identify through traceback, caller ID authentication, and restoring trust in caller ID; and holding voice service providers responsible for the calls they originate or transmit. Each is essential to stopping bad actor callers constantly seeking to sidestep consumer protections. When illegal calls do get through, the Commission’s rules under the Telephone Consumer Protection Act (TCPA) require callers to obtain consent for certain calls, and consumers have a private right of action for violations.7 8. Enhancing Consumer Choice While Protecting All Consumers From Illegal Calls. Consumers deserve a say in what lawful calls ring their phones. The Commission has taken steps to incentivize, and in some cases require, voice service providers to stop unwanted and illegal calls before the phone ever rings, while ensuring that consumers have a say in what calls they want to receive.8 While no reasonable consumer would want to receive illegal calls,9 many lawful calls are still unwanted—and only the consumer knows what calls they want to receive. To ensure that consumers have this say, the Commission has made clear that voice service providers may block unwanted calls on an opt-in or opt-out basis, and has also established a safe harbor for this blocking. The safe harbor protects voice service providers from liability under the Commission’s rules if they block calls based on reasonable analytics that incorporate caller ID authentication information where available and are designed to identify 4 The FTC reports it received over 300,000 complaints per month about illegal calls, especially robocalls, in the first three quarters of fiscal year 2021, in additional to approximately 175,000 complaints about unwanted calls that year. FTC, Biennial Report to Congress Under the Do Not Call Registry Fee Extension Act of 2007 at 3 (2021), https://www.ftc.gov/system/files/documents/reports/biennial-report-congress-under-do-not-call-registry-fee- extension-act-2007/p034305dncreport.pdf. 5 Hiya, State of the Call 2023 at 7 (2023), https://www.hiya.com/state-of-the-calll; see also YouMail, Historical Robocalls by Time, https://robocallindex.com/history/time (last visited March 20, 2023) (showing data from YouMail regarding how many robocalls are placed by month). 6 The FTC reports that 20% of the fraud reports it received in 2022 had a phone call as the contact method, with another 22% from contact via text message. American consumers reported a total of $798 million lost to fraud via phone call, with a median loss of $1,400. FTC, Consumer Sentinel Network Data Book 2022 at 12 (2023), https://www.ftc.gov/system/files/ftc_gov/pdf/CSN-Data-Book-2022.pdf. 7 47 CFR §§ 64.1200(a)(1)-(3); Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991, CG Docket No. 02-278, Report and Order, 18 FCC Rcd 14014, 14115, para. 165 (2003) (2003 TCPA Order). The Do Not Call rules apply to calls to wireline and wireless phones. 2003 TCPA Order, 18 FCC Rcd at 14115-16, paras. 165-66. 8 See, e.g., Advanced Methods to Target and Eliminate Unlawful Robocalls, CG Docket No. 17-59, Report and Order and Further Notice of Proposed Rulemaking, 32 FCC Rcd 9706, 9710-21, paras. 10-40 (2017) (2017 Call Blocking Order); Advanced Methods to Target and Eliminate Unlawful Robocalls, CG Docket No. 17-59, Declaratory Ruling and Third Further Notice of Proposed Rulemaking, 34 FCC Rcd 4876, 4884-88, paras. 26-35 (2019) (Call Blocking Declaratory Ruling); July 2020 Call Blocking Order, 34 FCC Rcd at 7625-27, paras. 25-34; Advanced Methods to Target and Eliminate Unlawful Robocalls, CG Docket No. 17-59, Fourth Report and Order, 35 FCC Rcd 15211, 15234-38, paras. 39-47 (2020) (December 2020 Call Blocking Order); Gateway Provider Order and Further Notice at 37-38, paras 87-91. 9 See 2017 Call Blocking Order, 32 FCC Rcd at 9721, paras. 44-47. 4 Federal Communications Commission FCC-CIRC2305-03 unwanted calls on an opt-out basis.10 The Commission has also addressed calls that are highly likely to be illegal, ensuring that voice service providers can block certain categories of calls without needing consumer consent.11 9. Recognizing that even well-calibrated reasonable analytics can lead to blocking errors, the Commission responded to voice service providers’ concerns that they could face liability for erroneous blocking by adopting a safe harbor to ensure voice service providers are protected when their blocking programs meet certain criteria.12 As an added protection for consumers, voice service providers must also provide, on request, a list of calls blocked on an opt-in or opt-out basis within the last 28 days prior to the request.13 10. While reasonable consumers may differ on what calls are wanted, none want to receive illegal calls. The Commission has therefore made clear that voice service providers may block calls that are highly likely to be illegal without consumer consent in certain instances. In the 2017 Call Blocking Order, the Commission made clear that voice service providers can block calls purporting to originate from certain categories of numbers.14 Because the numbers in these categories should not originate calls, there is a low risk of blocking wanted calls. In the Gateway Provider Order and Further Notice, the Commission took further steps to address the major problem of foreign-originated illegal calls and required gateway providers to block calls with a U.S. North American Number Plan (NANP) number in the caller ID field using a reasonable DNO list.15 We have also acted to stop illegal robotexts by requiring mobile service providers to block texts based on a reasonable DNO list.16 That action will stop robotexts that are highly likely to be illegal. And we have sought comment on additional steps we could take to stop more illegal robotexts.17 11. Blocking solely based on originating number, while particularly valuable in the case of impersonation scams, is unlikely to block all, or even most, illegal calls. Thus in the December 2020 Call 10 See 47 CFR § 64.1200(k)(3); July 2020 Call Blocking Order, 35 FCC Rcd at 7625-27, paras. 25-34 (establishing a safe harbor for blocking of calls based on reasonable analytics designed to identify unwanted calls); see also Call Blocking Declaratory Ruling, 34 FCC Rcd at 4884-90, paras. 26-42 (making clear that voice service providers can offer opt-out call blocking programs to block unwanted calls). 11 See 47 CFR §§ 64.1200(k)(1)-(2); 2017 Call Blocking Order, 32 FCC Rcd at 9710-21, paras. 10-40 (permitting voice service providers to block calls from numbers that indicate that the call is highly likely to be illegal); see also December 2020 Call Blocking Order, 35 FCC Rcd at 15234-38, paras. 39-47 (expanding the safe harbor for blocking based on reasonable analytics to include calls that are highly likely to be illegal, without requiring consumer consent). 12 47 CFR §§ 64.1200(k)(3); July 2020 Call Blocking Order, 35 FCC Rcd at 7625-27, paras. 25-34 (providing a safe harbor for terminating providers that block unwanted calls on an opt-out basis based on reasonable analytics, which must incorporate caller ID authentication where available, so long as consumers are provided with sufficient information to make an informed decision, analytics are applied in a non-discriminatory, competitively neutral manner, and these services are provided with no additional line item charge to consumers). 13 47 CFR § 64.1200(k)(10); December 2020 Call Blocking Order, 35 FCC Rcd at 15242-45, paras. 62-70. 14 See 2017 Call Blocking Order, 32 FCC Rcd at 9710-21, paras. 10-40. 15 The Gateway Provider Order and Further Notice made clear that a “reasonable DNO list” may include numbers in any of the categories covered in the 2017 Call Blocking Order authorization, but that it need not include all numbers in those categories. Gateway Provider Order and Further Notice at 37-38, paras. 87-91. 16 Targeting and Eliminating Unlawful Text Messages, Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991, CG Docket Nos. 21-402, 02-278, Report and Order and Further Notice of Proposed Rulemaking, FCC 23-21, at 8-12, paras. 16-26 (2023) (Text Blocking Order). 17 Id. 5 Federal Communications Commission FCC-CIRC2305-03 Blocking Order, the Commission expanded the safe harbor adopted in the July 2020 Call Blocking Order to cover blocking by terminating providers of calls that are highly likely to be illegal, rather than simply unwanted, based on reasonable analytics and without consumer opt-in or opt-out.18 Along with this expansion of the safe harbor, the Commission adopted processes to ensure that lawful callers can work with voice service providers to stop erroneous blocking.19 These processes include a requirement for voice service providers that block based on reasonable analytics to provide an immediate notification to the caller.20 12. Identifying Bad Actors and Increasing Trust in Caller ID. Blocking calls before they reach consumers is not a complete solution to the ongoing problem of illegal calls. Bad-actor callers adapt and may circumvent blocking. So long as these callers reach a few consumers who fall for their scams, the economic incentive to continue to harm and defraud consumers remains. Identifying these callers and the voice service providers that protect them allows us to stop these calls at the source. As we identify bad actors, we also aim to restore consumer trust in Caller ID so they can again feel confident answering their phones. Both the STIR/SHAKEN caller ID authentication framework and the traceback process further these goals. 13. The STIR/SHAKEN caller ID authentication framework is an industry-developed framework to authenticate caller ID and address unlawful spoofing on Internet Protocol (IP) networks.21 Voice service providers can use STIR/SHAKEN information to decide how to handle a call and what information to display to the call recipient. STIR/SHAKEN attestation can also help industry and law enforcement more quickly identify the originating provider and the caller. The Commission, consistent with Congress’s direction in the TRACED Act,22 required originating and terminating providers to implement STIR/SHAKEN in the IP portions of their voice networks by June 30, 2021,23 subject to certain exceptions.24 Originating and terminating providers that have non-IP portions of their networks must either fully upgrade to IP and implement the framework or participate in developing non-IP solutions.25 In May 2022, the Commission required gateway providers to implement STIR/SHAKEN to authenticate SIP calls that carry a U.S. number in the caller ID field by June 30, 2023.26 Most recently, we expanded STIR/SHAKEN caller ID authentication requirements to cover certain non-gateway 18 December 2020 Call Blocking Order, 35 FCC Rcd at 15234-38, paras. 39-47. 19 47 CFR §§ 64.1200(k)(8)-(9); December 2020 Call Blocking Order, 35 FCC Rcd at 15239-47, paras. 52-78; see also Advanced Methods to Target and Eliminate Unlawful Robocalls, CG Docket No. 17-59, Order on Reconsideration, Sixth Further Notice of Proposed Rulemaking, and Waiver Order, 36 FCC Rcd 17962, 17967-77, paras. 13-35 (2021) (Transparency and Redress Reconsideration Order). 20 47 CFR § 64.1200(k)(9); December 2020 Call Blocking Order, 35 FCC Rcd at 15239-42, paras. 52-61; Transparency and Redress Reconsideration Order, 36 FCC Rcd at 17967-77, paras. 13-35. 21 STIR/SHAKEN caller ID authentication helps confirm that the caller ID is not spoofed, or otherwise provides information regarding what the signing voice service provider knows to be true about the caller and its right to use the number. Protocols developed by the Secure Telephony Identify Revisited (STIR) working group of the Internet Engineering Task Force (IETF) work with the Signature-based Handling of Asserted information using toKENs (SHAKEN) implementation standards created by the Alliance for Telecommunications Industry Solutions (ATIS) and the SIP Forum. 22 Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, Pub. L. No. 116-105 (2019) (codified in 47 U.S.C. § 227b) (TRACED Act). 23 47 CFR § 64.6301; First Caller ID Authentication Order, 35 FCC Rcd at 3252, para. 24. 24 47 CFR §§ 64.6304, 64.6306; see also Call Authentication Trust Anchor, WC Docket No. 17-97. Second Report and Order, 36 FCC Rcd 1859, 1876-83, 1897-907, paras. 36-51, 74-94 (Second Caller ID Authentication Order). 25 Second Caller ID Authentication Order, 36 FCC Rcd at 1870-75, paras. 24-35. 26 Gateway Provider Order and Further Notice at 22-30, paras. 51-63. 6 Federal Communications Commission FCC-CIRC2305-03 intermediate providers.27 14. Traceback, the process of following the call path back to the point of origin, works with STIR/SHAKEN to identify the source of a particular call. Traceback provides information for enforcement, helps inform call blocking analytics, and supplements caller ID attestation information when calls originate on or transit non-IP networks. In July 2020, the Enforcement Bureau named USTelecom’s Industry Traceback Group as the registered consortium to conduct private-led traceback efforts (industry traceback consortium).28 Our rules require all voice service providers to respond to traceback requests from the Commission, civil and criminal law enforcement, and the industry traceback consortium “fully and in a timely manner,” and gateway providers to respond within 24 hours.29 15. Holding Voice Service Providers Responsible. Callers may be the ones who place illegal calls, but voice service providers can—and sometimes do—facilitate, or even protect, these bad-actor callers. When bad-actor callers are shielded by bad-actor voice service providers, it is significantly more difficult to stop the calls. The Commission and other law enforcement agencies can only bring enforcement actions against callers they can identify.30 For this reason, the Commission has taken steps to hold voice service providers responsible for the calls they carry or process and has taken enforcement action against voice service providers that fail to do so. 16. As with its general approach to stopping illegal calls, the Commission has taken a multi- pronged approach to holding voice service providers responsible. First, gateway, originating, and terminating providers that have not fully implemented STIR/SHAKEN must take “reasonable steps” to mitigate illegal robocall traffic, including implementing a robocall mitigation program and filing a description of that program in the Robocall Mitigation Database.31 Earlier this year, the Commission extended these requirements to non-gateway intermediate providers and all originating and terminating providers, including those that have fully implemented STIR/SHAKEN and those that do not have the facilities necessary to implement STIR/SHAKEN.32 In November 2022, the Enforcement Bureau made 27 See Call Authentication Trust Anchor, WC Docket No. 17-97, Sixth Report and Order and Further Notice of Proposed Rulemaking, FCC 23-18, at 8-16, paras. 15-27 (2023) (2023 Caller ID Authentication Order). 28 Implementing Section 13(d) of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), EB Docket No. 20-22, Report and Order, 35 FCC Rcd 7886 (EB 2020). The Enforcement Bureau selected USTelecom’s Industry Traceback Group as the industry traceback consortium in subsequent years as well. Implementing Section 13(d) of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), EB Docket No. 20-22, Report and Order, DA 22-870 (EB 2022). 29 47 CFR § 64.1200(n)(1); December 2020 Call Blocking Order, 35 FCC Rcd at 15227-29, paras. 15-21; Gateway Provider Order and Further Notice at 30-33, paras. 65-71. 30 Callers placing illegal calls may be liable under a number of state and federal statutes, including the Telephone Consumer Protection Act of 1991 or the Truth in Caller ID Act of 2009, depending on the specifics of the call. See, e.g., 47 U.S.C. § 227; 47 CFR §§ 64.1200, 64.1604; 16 CFR pt. 310. 31 47 CFR §§ 64.6305(a), (b) (mitigation plan requirements). Notably, gateway providers must commit in their Robocall Mitigation Database certification and in their mitigation plans to respond to tracebacks within the required 24-hour period. Id. § 64.6305(d) (Robocall Mitigation Database filing requirements). 32 2023 Caller ID Authentication Order at 16-29, paras. 28-52. Once the extension of this requirement to all voice service providers, including intermediate providers, adopted in the 2023 Caller ID Authentication Order is effective, all voice service providers will be required to block traffic from upstream providers not in the database. 2023 Caller ID Authentication Order at 26-27, para. 50. This requirement is already in effect for certain categories of providers. Second Caller ID Authentication Order, 36 FCC Rcd at 1904-05, paras. 86-89 (requiring intermediate and terminating providers to block traffic from originating providers not in the database); Gateway Provider Order and Further Notice at 19-21, paras. 44-46 (requiring intermediate and terminating providers to block traffic from gateway providers not in the database). 7 Federal Communications Commission FCC-CIRC2305-03 the first announcement of removal of a voice service provider from the Robocall Mitigation Database, which requires all U.S.-based intermediate and terminating providers to cease accepting traffic from that provider.33 17. Along with the Robocall Mitigation Database requirement, the Commission has required voice service providers to effectively mitigate, and in some cases block, illegal traffic when notified of such traffic by the Commission.34 First, in the July 2020 Call Blocking Order, the Commission established a safe harbor for the blocking of all calls from bad-actor voice service providers.35 However, while permissive blocking may deter voice service providers that might have otherwise turned a blind eye to callers using their networks to place illegal calls, it is not a complete solution. To make it clear that the Commission will hold voice service providers responsible for illegal calls on their networks, the Commission required voice service providers to effectively mitigate illegal traffic when notified by the Commission.36 The Enforcement Bureau has used these rules to hold responsible voice service providers that fail to effectively mitigate illegal traffic.37 The Commission later built on these rules to require gateway providers to block substantially similar traffic when notified of illegal traffic by the Commission and, if the gateway provider fails to comply, require voice service providers immediately downstream from the gateway provider to block all of that provider’s traffic.38 18. The Commission has also adopted know-your-customer style rules to ensure that voice service providers take steps to stop illegal calls before they are placed. In the December 2020 Call Blocking Order, the Commission required voice service providers to implement affirmative, effective measures to prevent new and renewing customers from originating illegal calls.39 Additionally, as of January 16, 2023, gateway providers must take reasonable and effective steps to ensure that the voice service provider immediately upstream is not using the gateway provider to carry or process a high volume of illegal traffic onto the US network.40 Gateway providers must also describe in their Robocall Mitigation Database filing how they are complying with the requirement to know their upstream provider.41 19. Gateway Provider Order and Further Notice. On May 19, 2022, the Commission adopted the Gateway Provider Order and Further Notice, which included a number of requirements for gateway providers and proposed to extend certain requirements to all voice service providers in the call path.42 It sought comment on: extending our caller ID authentication requirements and robocall mitigation requirements to additional providers; ways to enhance enforcement; clarifying certain aspects of our caller ID authentication rules; and placing limitations on the use of U.S. NANP numbers for 33 October 2022 Robocall Mitigation Database Compliance/Removal Actions, EB-TCD-22-00034406, Public Notice, DA 22-1220 (EB Nov. 22, 2022). 34 47 CFR §§ 64.1200(n)(2), (5)-(6). 35 47 CFR § 64.1200(k)(4); July 2020 Call Blocking Order, 35 FCC Rcd at 7627-31, paras 35-45. 36 47 CFR § 64.1200(n)(2); December 2020 Call Blocking Order, 35 FCC Rcd at 15229-32, paras. 22-31. 37 See, e.g., FCC Enforcement Bureau Warns All U.S.-Based Voice Service Providers to Avoid or Cease Carriage of Auto Warranty Robocall Traffic from Cox/Jones/Sumco Panama Operation, Order, EB-TCD-21-00031913, DA 22- 784 at 1, para. 1 (EB 2022) (Sumco Panama Operation Order). 38 47 CFR § 64.1200(n)(5)-(6); Gateway Provider Order and Further Notice at 33-37, paras. 74-86. 39 47 CFR § 64.1200(n)(3); December 2020 Call Blocking Order, 35 FCC Rcd at 15232-33, paras 32-36. 40 47 CFR § 64.1200(n)(4); Gateway Provider Order and Further Notice at 41-43, paras. 96-101. 41 Gateway Provider Order and Further Notice at 17, para. 37. 42 See generally Gateway Provider Order and Further Notice. 8 Federal Communications Commission FCC-CIRC2305-03 foreign-originated calls and indirect number access.43 The Commission addressed several of these proposals in the 2023 Caller ID Authentication Order.44 Here, we address the proposals for the extension of the robocall mitigation requirements found in section 64.1200 of the Commission’s rules, including: extending the requirement to respond to traceback requests within 24 hours; further clarifying the requirement to take affirmative, effective measures to prevent new and renewing customers from using the network to originate illegal calls; requiring all voice service providers to block, rather than effectively mitigate, illegal traffic when notified by the Commission; and requiring downstream voice service providers to block calls from non-gateway providers when those providers fail to comply with a Commission directive to block or effectively mitigate. We also make corresponding revisions to our Robocall Mitigation Database filing rules to bring them in line with these new obligations.45 III. REPORT AND ORDER 20. In this item, we extend some of the requirements the Commission adopted in the Gateway Provider Order and Further Notice to other voice service providers in the call path. First, we require all voice service providers, rather than only gateway providers, to respond to traceback requests within 24 hours. Second, we extend the requirements to block calls following Commission notification. Finally, we expand the know-your-upstream-provider requirement to cover all voice service providers. We also make other changes to voice service providers’ Robocall Mitigation Database filing and mitigation obligations to be consistent with these new rules. Taken together, the expansion of these rules protects consumers from illegal calls, holds voice service providers responsible for the calls they carry, and aids in the identification of bad actors. A. 24-Hour Traceback Requirement 21. We require all voice service providers, regardless of their position in the call path, to fully respond to traceback requests from the Commission, civil and criminal law enforcement, and the industry traceback consortium within 24 hours of receipt of such a request.46 This extends the rule the Commission previously adopted for gateway providers to all voice service providers47 and replaces the existing requirement to respond “fully and in a timely manner.”48 While some commenters opposed the 43 Gateway Provider Order and Further Notice at 63-90, paras. 157-232. 44 For example, we required intermediate providers that receive unauthenticated SIP calls directly from originating providers to authenticate those calls; required all voice service providers, regardless of their STIR/SHAKEN implementation status, to take “reasonable steps” to mitigate illegal robocall traffic, including implementing a robocall mitigation plan and submitting a certification to the Robocall Mitigation Database; expanded the information that all voice service providers must file in the database; and adopted new tools to hold illegal robocallers accountable for violations of our rules. 2023 Caller ID Authentication Order at 8-47, paras. 14-96. 45 Gateway Provider Order and Further Notice at 69-72, paras. 176-187. 46 The 24-hour clock, consistent with our proposal to adopt the clock as adopted for gateway providers, does not start outside of business hours of the local time for the responding office. Requests received outside of business hours as defined in our rules are deemed received at 8:00 a.m. on the next business day. Similarly, if the 24-hour response period would end on a non-business day, either a weekend or a federal legal holiday, the 24-hour clock does not run for the weekend or the holiday in question, and restarts at 12:01 a.m. on the next business day following when the request would otherwise be due. “Business day” for these purposes is Monday through Friday, excluding federal legal holidays, and “business hours” are 8:00 a.m. to 5:30 p.m. on a business day, consistent with the definition of office hours in the Commission’s rules. 47 CFR § 0.403; 47 CFR § 64.1200(n)(1)(ii); Gateway Provider Order and Further Notice at 30, n.211. 47 47 CFR § 64.1200(n)(1)(ii). The Commission sought comment on extending this requirement to all voice service providers in the Gateway Provider Order and Further Notice. Gateway Provider Order and Further Notice at 69- 70, paras. 177-180. 48 47 CFR § 64.1200(n)(1)(i). 9 Federal Communications Commission FCC-CIRC2305-03 24-hour requirement in general, none argued that non-gateway providers are less capable of complying with such a requirement. 22. Rapid traceback is essential to identifying both callers placing illegal calls and the voice service providers that facilitate them. Time is of the essence in all traceback requests, including domestic-only tracebacks. While gateway providers play a critical role, they are not the only voice service providers with an important role to play. As one commenter noted, voice service providers do not retain call detail records for a consistent period of time, so the traceback process must finish before any voice service providers in the call path seeking to shield bad actors dispose of their records.49 We therefore agree with commenters that argue a general 24-hour traceback requirement is a prudent measure, with benefits that outweigh the burdens.50 In particular, we find that the benefits of having a single, clear, equitable rule for all traceback requests outweigh the burdens of requiring a response within 24 hours.51 Further, the Commission made clear in adopting the existing requirement to respond “fully and in a timely manner” that it expected responses “within a few hours, and certainly not more than 24 hours absent extenuating circumstances.”52 As a result, this modification is primarily a matter of codifying our existing expectation, rather than significantly modifying the standard. 23. Out of an abundance of caution, the Commission initially limited the strict 24-hour requirement to gateway providers, based on their particular position in the call path and the need for especially rapid responses in the case of foreign-originated calls.53 Many calls, however, transit multiple U.S.-based intermediate providers’ networks after passing through a gateway provider’s network, and delay by any of the intermediate providers in responding to traceback requests has the same impact as delay by the gateway provider. When an intermediate provider receives a traceback request, it may not know if the call originated from outside the United States, making it impossible to apply different standards to foreign-originated calls versus domestic calls through the entire call path. 24. We disagree with commenters that argue against a strict 24-hour requirement.54 While we understand that some smaller voice service providers that have not received previous traceback requests may be unfamiliar with the process,55 they will have ample time to become familiar before the requirements take effect. Additionally, the Commission adopted rules that require a response from all voice service providers “fully and in a timely manner” in December 2020, more than two years ago. In adopting that rule, the Commission made clear its expectation that responses would be made “within a few hours, and certainly in less than 24 hours absent extenuating circumstances.”56 Voice service providers have therefore had a significant amount of time to improve their processes so that they can respond within 24 hours in the vast majority of cases. Similarly, voice service providers can identify a clear point of contact for traceback requests and provide it to the entities authorized to make traceback 49 51 State AGs Reply Comments at 8-9. 50 See, e.g., 51 State AGs Reply Comments at 8-9; PACE Comments at 3-4; Telnyx Comments at 2; Youmail Comments at 15-16. 51 51 State AGs Reply Comments at 8-9. 52 December 2020 Call Blocking Order, 35 FCC Rcd at 15228, n.52. 53 Gateway Provider Order and Furter Notice at 30-33, paras. 65-70. 54 See, e.g., ACA Connects Comments at 8-9; CCA Comments at 4-5; VON Comments at 2; ACA Connects Reply Comments at 4. 55 ACA Connects Comments at 8-9; ACA Connects Reply Comments at 4. 56 December 2020 Call Blocking Order, 35 FCC Rcd at 15228, n.52. 10 Federal Communications Commission FCC-CIRC2305-03 requests.57 By doing so, voice service providers can significantly reduce the risk that traceback requests will be missed or delayed. For those voice service providers for which requests outside of business hours pose a problem,58 we adopt the same restrictions on the 24-hour clock that the Commission imposed for gateway providers.59 Other objections to the requirement were vague and unsupported, e.g., the requirement “will likely result in increased enforcement activity and expenses for good actors who for legitimate reasons (and on an infrequent basis) may not respond in a timely manner”60 or is “unnecessary and unwarranted.”61 25. We further decline to adopt the tiered approach62 that the Commission sought comment on in the Gateway Provider Order and Further Notice.63 We find that the tiered approach is too complicated; voice service providers and other entities would not easily know when each response is due with a tiered approach. A uniform rule for all types of voice service providers is significantly easier to follow and enforce.64 While a tiered approach might benefit some smaller voice service providers that receive few requests,65 the benefits do not outweigh the overall burdens of administering such a complex system. This 24-hour requirement is a clear standard that we believe all voice service providers will be able to implement because for several years they have already complied with the “timely manner" requirement. 26. We are similarly unpersuaded by arguments that the current efficiency of the traceback system, where many voice service providers do respond rapidly, indicates that a strict rule is inappropriate.66 We applaud the industry for its work at improving traceback and recognize that many, if not most, voice service providers already respond in under 24 hours.67 There are, however, a large number of voice service providers, and experience indicates that some may not be incentivized to respond without delay. The failure of any one voice service provider to do so presents a potential bottleneck. For 57 We will consider limited waivers where a voice service provider that normally responds within the 24-hour time frame has a truly unexpected or unpredictable issue that leads to a delayed response in a particular case or for a short period of time. This may, in some instances, include problems with the point of contact or other delays caused by the request not being properly received. Voice service providers for which this requirement poses a unique and significant burden may apply for a waiver of this rule under the “good cause” standard of section 1.3 of our rules. Under that standard, for example, waivers may be available in the event of sudden unforeseen circumstances that prevent compliance for a limited period or for a limited number of calls. WAIT Radio v. FCC, 418 F.2d 1153, 1159 (D.C. Cir. 1969); see also Northeast Cellular Tel. Co. v. FCC, 897 F.2d 1164, 1166 (D.C. Cir. 1990). 58 See, e.g., CCA Comments at 6; VON Comments at 2. 59 47 CFR § 64.1200(n)(1)(ii); see also Gateway Provider Order and Further Notice at 30, n.211. 60 VON Comments at 2. 61 ACA Connects Comments at 8-9. 62 The Commission sought comment on a tiered approach based on the number of tracebacks received per month in the Gateway Provider Order and Further Notice. Those voice service providers that receive the fewest requests would only have to respond “fully and in a timely manner,” those that receive slightly more would need to maintain an average 24-hour response time, and those that receive the most requests would need to respond to all requests within 24 hours. Gateway Provider Order and Further Notice at 69, para. 179. 63 Id. at 69-70, paras. 179-80. 64 See Telnyx comments at 2. 65 See, e.g., VON Comments at 2. 66 See, e.g., CCA Comments at 4-5; ACA Connects Comments at 8-9. 67 Industry Traceback Group, Combating Illegal Robocalls at 3 (2021), https://tracebacks.org/wp- content/uploads/2021/08/ITG-Report-Combatting-Illegal-Robocalls.pdf (ITG Robocall Report). 11 Federal Communications Commission FCC-CIRC2305-03 those voice service providers that already respond within 24 hours, this requirement presents no new burden; those voice service providers can simply continue what they have been doing. It is voice service providers that do not respond within that timeframe that present a problem, and this requirement puts them clearly on notice that any delaying tactics will not be tolerated in a way that a “timely” requirement does not. 27. This rule requires approval under the Paperwork Reduction Act (PRA), and will become effective 30 days after the Commission’s publication of a notice in the Federal Register of approval. In the interim, gateway providers must respond within 24 hours and all other voice service providers must respond “fully and in a timely manner.”68 B. Mandatory Blocking Following Commission Notification 28. We next extend two of the mandatory blocking requirements adopted in the Gateway Provider Order and Further Notice to a wider range of voice service providers. First, we modify the existing requirement for voice service providers to effectively mitigate illegal traffic; we now require all originating providers to block such traffic when notified by the Commission, consistent with the existing requirement for gateway providers.69 Second, we make it clear that, while terminating and non-gateway intermediate providers are not generally required to block, they are required to respond and provide accurate information regarding the source from which they received the traffic. Finally, we require voice service providers immediately downstream from a bad-actor voice service provider that has failed to meet these obligations to block all traffic from the identified provider when notified by the Commission that the upstream provider failed to meet its obligation to block illegal traffic or inform the Commission as to the source of the traffic.70 29. Consistent with the rules the Commission adopted in the Gateway Provider Order and Further Notice, we ensure that all voice service providers are afforded due process; the rule we adopt here includes a clear process that allows ample time for a notified voice service provider to remedy the problem and demonstrate that it can be a good actor in the calling ecosystem before the Commission directs downstream providers to begin blocking. This process, adopted for gateway providers in the Gateway Provider Order and Further Notice,71 includes the following steps: 1) the Enforcement Bureau shall provide the voice service provider with an initial Notification of Suspected Illegal Traffic; 2) the provider shall be granted time to investigate and act upon that notice; 3) if the provider fails to respond or its response is deemed insufficient, the Enforcement Bureau shall issue an Initial Determination Order, providing a final opportunity for the provider to respond; and 4) if the provider fails to respond or that response is deemed insufficient, the Enforcement Bureau shall issue a Final Determination Order, directing downstream voice service providers to block all traffic from the identified provider. In the Gateway Provider Order and Further Notice, we sought comment on extending this process to all voice service providers.72 30. Blocking Following Commission Notification of Suspected Illegal Traffic. We first extend the requirement to block and cease carrying or transmitting illegal traffic when notified of such traffic by the Commission through the Enforcement Bureau; in extending the rule, we apply it to 68 47 CFR § 64.1200(n)(1). 69 See December 2020 Call Blocking Order, 35 FCC Rcd at 15229-32, paras. 22-31; Gateway Provider Order and Further Notice at 33-37, 70, paras. 74-86, 181-182. 70 Id. at 71-72, para. 187. 71 Gateway Provider Order and Further Notice at 33-37, paras. 74-86. To ensure that originating providers are fully aware of the process, we lay out the process in detail in this Order, as the Commission did in the Gateway Provider Order and Further Notice. 72 Id.. 12 Federal Communications Commission FCC-CIRC2305-03 originating providers as well as gateway providers. To comply with this requirement, originating providers must block or cease accepting traffic that is substantially similar to the identified traffic on an ongoing basis.73 Any voice service provider that is not an originating or gateway provider and is notified by the Commission of illegal traffic must still identify the upstream voice service provider(s) from which it received the identified traffic and, if possible, take lawful steps to mitigate this traffic.74 We find that, in most instances, blocking is the most effective means of mitigating illegal traffic and nothing in the record contradicts this conclusion. Further, this modification eliminates potential ambiguity and provides certainty to voice service providers that may otherwise be unsure how to comply. 31. In expanding this requirement, we make clear that nothing in this rule precludes the originating provider from taking steps other than blocking the calls to eliminate this traffic, provided it can ensure that the method has the same effect as ongoing blocking. For example, if the originating provider stops the calls by terminating the customer relationship, it must ensure that it terminates all related accounts and does not permit the customer to open a new account under the same or a different name in order to resume originating illegal calls.75 32. The record supports extending this rule and creating a uniform process, rather than treating gateway and originating providers differently.76 A single, clear standard requiring blocking by the first domestic voice service provider in the call path eliminates possible confusion, better aligns with industry practices,77 and provides greater certainty to voice service providers while also protecting consumers. Because voice service providers further down the call path from the originator may find it challenging to detect and block illegal traffic, we limit the blocking requirement to originating and gateway providers but still require non-gateway intermediate providers to play their part by identifying the source of the traffic and taking steps, if possible, to mitigate that traffic.78 By requiring blocking by originating and gateway providers, we properly balance the burden of identifying and blocking 73 In expanding this rule to include originating providers, we revise the existing section 64.1200(n)(5), move it to section 64.1200(n)(2), and remove existing section 64.1200(n)(2) of the rules, which requires all voice service providers to “effectively mitigate” illegal traffic. See 47 CFR § 64.1200(n)(2) (2020). Since originating and gateway providers are now required to block identified traffic, and current section 64.1200(n)(5) already requires all other voice service providers to identify the upstream providers from which they received the traffic and, if possible, take steps to mitigate the identified traffic, the obligations in current section 64.1200(n)(2) is now redundant; we see no reason to retain that section. Compare 47 CFR § 64.1200(n)(2) (2020) (“Should the notified provider find that the traffic comes from an upstream provider with direct access to the U.S. Public Switched Telephone Network, that provider must promptly inform the Enforcement Bureau of the source of the traffic and, if possible, take steps to mitigate this traffic . . . .”), with 47 CFR § 64.1200(n)(5)(i)(B) (2022) (“[I]f [the notified provider] is a non-gateway intermediate or terminating provider for the identified traffic, it must identify the upstream provider(s) from which it received the identified traffic and, if possible, take lawful steps to mitigate this traffic.”). 74 See Appendix A, 47 CFR § 64.1200(n)(2)(i)(B). We discuss the obligations of terminating and non-gateway intermediate providers further below. Supra para. 35. 75 To that end, new section 64.1200(n)(2) directs both originating and gateway providers to either block or “cease accepting” the relevant traffic. Appendix A, 47 CFR § 64.1200(n)(2). This does not alter gateway providers’ obligations to block, adopted in the Gateway Provider Order and Further Notice, as traffic that a gateway provider “ceases to accept” is blocked because it is not allowed to travel further on the network. Gateway Provider Order and Further Notice at 33-37, paras. 74-86. 76 See, e.g., Comcast Comments at 7-9; YouMail Comments at 16-17; ZipDX Comments at 8; 51 State AGs Reply Comments at 9; see also CCA Comments at 7 (supporting extension generally, but raising concerns about specific pieces of the requirement). 77 Comcast Comments at 8. 78 Comcast Comments at 8-9 (“[T]he farther down the call path a provider is from the origin of the illegal traffic, the more difficult it is for that provider to reliably detect and block that traffic.”). 13 Federal Communications Commission FCC-CIRC2305-03 substantially similar traffic on an ongoing basis with the benefit to consumers. 33. With these modifications to our rules, all traffic that transits the U.S. network will be subject to our blocking requirements, even if non-gateway intermediate providers are not generally required to block. While we agree with the 51 State AGs that no traffic should be exempt from our blocking mandate, we do not agree that there should be no variation “across provider types or roles.”79 We believe the key is to ensure that all traffic is subject to the rule so that bad actors can be identified and stopped. The rule we adopt today holds originating providers responsible for the traffic their customers originate. 34. We further decline to remove the requirement to block “substantially similar traffic” as one commenter asks.80 A rule that only requires an originating provider to block the traffic specifically identified in the initial notice would arguably block no traffic at all, as the Enforcement Bureau cannot identify specific illegal traffic before it has been originated. The requirement to block substantially similar traffic is therefore essential to the operation of the rule. 35. Obligations of a Terminating or Non-Gateway Intermediate Provider When Notified by the Commission. Any terminating or non-gateway intermediate provider that is notified under this rule must promptly inform the Commission that it is not the originating or gateway provider for the identified traffic, specify which upstream voice service provider(s) with direct access to the U.S. public switched telephone network it received the traffic from, and, if possible, take lawful steps to mitigate this traffic.81 Voice service providers are already required to take these steps under our existing rules,82 reflecting their affirmative obligations to identify and mitigate traffic when notified by the Commission. However, we are concerned that some voice service providers may provide inaccurate information, avoid responding, or continue to facilitate illegal traffic. We make clear that failing to respond or providing inaccurate information83 is unacceptable; in such cases, the Enforcement Bureau may make use of the downstream provider blocking requirement and move to the Initial Determination Order and Final Determination Order, consistent with the process we discuss further below. We have determined that a uniform set of procedures for all voice service providers reduces the burden of compliance with these rules and ensures due process in the event the Commission pursues enforcement action against providers carrying suspected illegal robocall traffic. Nothing in the record opposes this conclusion. 36. Downstream Provider Blocking. We also require blocking by voice service providers immediately downstream from any voice service provider when notified by the Commission that the voice service provider has failed to satisfy its obligations under these rules. This expands our requirement for voice service providers immediately downstream from a gateway provider to block all traffic from the 79 51 State AGs Reply Comments at 9. 80 CCA Comments at 7. 81 Voice service providers that fail to take available steps to effectively mitigate illegal traffic may be deemed to have knowingly and willfully engaged in transmitting unlawful robocalls. See, e.g., Sumco Panama Operation Order at 1, para. 1; In the Matter Of Urth Access, LLC, Order, EB-TCD-22-00034232, DA 22-1271 at 1, para. 1 (EB 2022) (Urth Access Order). We note that one clearly available tool is our safe harbor that, once the upstream provider has been notified of the identified illegal traffic by the Commission, permits the downstream provider to block all traffic from that upstream provider if the upstream provider fails to effectively mitigate the illegal traffic within 48 hours or fails to implement effective measures to prevent new and renewing customers from using its network to originate illegal calls. 47 CFR § 64.1200(k)(4). 82 47 CFR §§ 64.1200(n)(2), (5). 83 For example, the notified provider informing the Enforcement Bureau it received the traffic from a different voice service provider than the provider that actually sent it the traffic would be inaccurate. 14 Federal Communications Commission FCC-CIRC2305-03 identified provider when notified by the Commission that the gateway provider failed to block.84 If the Enforcement Bureau determines a voice service provider has failed to satisfy section 64.1200(n)(2), it shall publish and release an Initial Determination Order as described below, giving the provider a final opportunity to respond to the Enforcement Bureau’s initial determination. If the Enforcement Bureau determines that the identified provider continues to violate its obligations, the Enforcement Bureau shall release and publish a Final Determination Order in EB Docket No. 22-174 to direct downstream providers to both block and cease accepting all traffic they receive directly from the identified provider starting 30 days from the release date of the Final Determination Order.85 37. The record supports extending this requirement.86 We agree with commenters that urge us to limit this requirement to voice service providers immediately downstream from the identified provider.87 This limitation is consistent with the rule adopted in the Gateway Provider Order,88 and we see no reason to take a different approach here. If the voice service provider immediately downstream from the identified provider complies with our rules, then the calls should never reach any voice service providers further downstream. Further, voice service providers more than one step downstream from the identified provider may not know in real time that the call came from the identified provider, making it unreasonable to require them to block the calls. We also agree that this requirement should include the blocking of all traffic from the identified provider, rather than requiring the immediate downstream voice service provider to determine which calls to block.89 Because we require the blocking of all traffic from the identified provider, we see no reason to provide detailed information regarding what traffic must be blocked.90 38. Process for Issuing a Notification of Suspected Illegal Traffic. The Enforcement Bureau shall make an initial determination that the voice service provider is originating, carrying, or transmitting suspected illegal traffic and notify the provider by issuing a written Notification of Suspected Illegal Traffic. The Notification of Suspected Illegal Traffic shall: (1) identify with as much particularity as possible the suspected illegal traffic; (2) provide the basis for the Enforcement Bureau’s reasonable belief that the identified traffic is unlawful;91 (3) cite the statutory or regulatory provisions the suspected illegal traffic appears to violate; and (4) direct the provider receiving the notice that it must comply with section 64.1200(n)(2)92 of the Commission’s rules. 84 In making these changes, we revise the existing section 64.1200(n)(6) and move it to section 64.1200(n)(3). Gateway Provider Order and Further Notice at 34-35, paras. 78-79. 85 Ignorance of a Final Determination Order’s release is not sufficient reason for a downstream provider to fail to block all traffic from the gateway provider. 86 See, e.g., CCA Comments at 7-8; Comcast Comments at 9-10; NCTA Comments at 3; VON Comments at 3; ZipDX Comments at 10; CCA Reply Comments at 5. 87 Comcast Comments at 9-10; NCTA Comments at 3. 88 Gateway Provider Order at 34-35, paras. 78-79. 89 See, e.g. VON Comments at 3. 90 See, e.g., CCA Comments at 7-8. 91 The notice should include any relevant nonconfidential evidence from credible sources such as the industry traceback consortium or law enforcement agencies. 92 Though we do not modify the substance of these rules as they apply to gateway providers, the modifications change the relevant rule from section 64.1200(n)(5) and (n)(6) of the Commission’s rules to sections 64.1200(n)(2) and (n)(3). Therefore, the Enforcement Bureau will direct an originating provider or gateway provider to comply with section 64.1200(n)(2) rather than (n)(5) after the modification goes into effect. Because the process is identical for both categories of voice service provider, we see no reason to adopt separate rules for each provider type. 15 Federal Communications Commission FCC-CIRC2305-03 39. The Enforcement Bureau’s Notification of Suspected Illegal Traffic shall specify a timeframe of no fewer than 14 days for a notified provider to complete its investigation and report its results. Upon receiving such notice, the provider must promptly investigate the traffic identified in the notice and begin blocking the identified traffic within the timeframe specified in the Notification of Suspected Illegal Traffic unless its investigation determines that the traffic is legal. 40. We make clear that the requirement to block on an ongoing basis is not tied to the number in the caller ID field or any other single criterion. Instead, we require the notified provider to block on a continuing basis any traffic that is substantially similar to the identified traffic and provide the Enforcement Bureau with a plan as to how it expects to do so. We do not define “substantially similar traffic” in any detail here because that will be a case-specific determination based on the traffic at issue.93 If the notified provider is an originating provider, the identity of the caller may be a material factor in identifying whether the traffic is substantially similar. However, an originating provider may not assume, without evidence, that the caller only has one subscriber line from which it is placing calls and must maintain vigilance to ensure that the caller does not use different existing accounts or open new accounts, under the same or a different name, to continue to place illegal calls.94 If the notified provider is a terminating or non-gateway intermediate provider, it must promptly inform the Commission that it is not the originating or gateway provider for the identified traffic, specify which upstream voice service provider(s) with direct access to the U.S. public switched telephone network it received the traffic from and, if possible take lawful steps to mitigate this traffic. 41. Each notified provider will have flexibility to determine the correct approach for each particular case, but must provide a detailed plan in its response to the Enforcement Bureau so that the Bureau can assess the plan’s sufficiency. If the Enforcement Bureau determines that the plan is insufficient, it shall provide the notified provider an opportunity to remedy the deficiencies prior to taking further action. We will consider the notified provider to be in compliance with our mandatory blocking rule if it blocks traffic in accordance with its approved plan. The Enforcement Bureau may require the notified provider to modify its approved plan if it determines that the provider is not blocking substantially similar traffic. Additionally, if the Enforcement Bureau finds that the notified provider continues to allow suspected illegal traffic onto the U.S. network, it may proceed to an Initial Determination Order or Final Determination Order, as appropriate. 42. Provider Investigation. Each notified provider must investigate the identified traffic and report the results of its investigation to the Enforcement Bureau in the timeframe specified in the Notification of Suspected Illegal Traffic, as follows: • If the provider’s investigation determines that it served as the originating provider or gateway provider for the identified traffic, it must block the identified traffic within the timeframe specified in the Notification of Suspected Illegal Traffic (unless its investigation determines that the traffic is not illegal) and include in its report to the Enforcement Bureau: (1) a certification that it is blocking the identified traffic and will continue to do so; and (2) a description of its plan to identify and block substantially similar traffic on an ongoing basis. • If the provider’s investigation determines that the identified traffic is not illegal, it shall provide an explanation as to why the provider reasonably concluded that the identified traffic is not illegal 93 We note that each calling campaign will have unique qualities that are better addressed by tailoring the analytics to the particular campaign on a case-by-case basis. We nevertheless encourage originating providers to consider common indicia of illegal calls including, but not limited to: call duration; call completion ratios; large bursts of calls in a short time frame; neighbor spoofing patterns; and sequential dialing patterns. 94 Additionally, we strongly encourage any voice service provider that has been previously notified of illegal traffic as an originating provider to notify the Commission if it has reason to believe that the caller has moved to a different originating provider and is continuing to originate illegal calls. 16 Federal Communications Commission FCC-CIRC2305-03 and what steps it took to reach that conclusion. Absent such a showing, or if the Enforcement Bureau determines based on the evidence that the traffic is illegal despite the provider’s assertions, the identified traffic will be deemed illegal. • If the provider’s investigation determines it did not serve as an originating provider or gateway provider for any of the identified traffic, it shall provide an explanation as to how it reached that conclusion, identify the upstream provider(s) from which it received the identified traffic, and, if possible, take lawful steps to mitigate this traffic.95 If the notified provider determines that the traffic is not illegal, it must inform the Enforcement Bureau and explain its conclusion within the specified timeframe. 43. Process for Issuing an Initial Determination Order. If the notified provider fails to respond to the notice within the specified timeframe, the Enforcement Bureau determines that the response is insufficient, the Enforcement Bureau determines that the notified provider is continuing to originate, carry, or transmit substantially similar traffic onto the U.S. network, or the Enforcement Bureau determines based on the evidence that the traffic is illegal despite the provider’s assertions, the Enforcement Bureau shall issue an Initial Determination Order to the notified provider stating its determination that the provider is not in compliance with section 64.1200(n)(2). This Initial Determination Order must include the Enforcement Bureau’s reasoning for its determination and give the provider a minimum of 14 days to provide a final response prior to the Enforcement Bureau’s final determination as to whether the provider is in compliance with section 64.1200(n)(2). 44. Process for Issuing a Final Determination Order. If the notified provider does not adequately respond to the Initial Determination Order or continues to originate substantially similar traffic, or the Enforcement Bureau determines based on the evidence that the traffic is illegal despite the provider’s assertions, the Enforcement Bureau shall issue a Final Determination Order. The Enforcement Bureau shall publish the Final Determination Order in EB Docket No. 22-174 to direct downstream providers to both block and cease accepting all traffic they receive directly from the identified provider starting 30 days from the release date of the Final Determination Order. The Final Determination Order may be adopted up to one year after the release date of the Initial Determination Order and may be based on either an immediate failure to comply with section 64.1200(n)(2) or a determination that the provider has failed to meet its ongoing obligation to block substantially similar traffic under that rule. 45. Each Final Determination Order shall state the grounds for the Enforcement Bureau’s determination that the identified provider has failed to comply with its obligation to block illegal traffic and direct downstream providers to initiate blocking 30 days from the release date of the Final Determination Order. A provider that chooses to initiate blocking sooner than 30 days from the release date may do so, consistent with our existing safe harbor in section 64.1200(k)(4). 46. Safe Harbor. We extend the limited safe harbor from liability under the Communications Act or our rules, which the Commission adopted in the Gateway Provider Order,96 to include any voice service provider that inadvertently blocks lawful traffic as part of the requirement to block substantially similar traffic in accordance with the originating provider’s approved plan. The record supports extending this safe harbor to protect voice service providers that take steps to prevent illegal calls from reaching consumers and we see no reason not to provide this protection.97 47. Protections for Lawful Callers. Consistent with our existing blocking rules, voice service 95 Such steps could include, for example, enforcing contract terms or blocking the calls from bad-actor providers consistent with the safe harbor found at 47 CFR § 64.1200(k)(4). 96 Gateway Provider Order and Further Notice at 36, para. 83. 97 Comcast Comments at 9; VON Comments at 3; YouMail Comments at 3. 17 Federal Communications Commission FCC-CIRC2305-03 providers must never block emergency calls to 91198 and must make all reasonable efforts to ensure that they do not block calls from public safety answering points (PSAPs) and government emergency numbers.99 We decline to adopt additional transparency and redress requirements at this time or extend any other existing requirements that would not already apply to the blocking mandates we adopt today. These rules require the Commission to direct which types of calls voice service providers should block, so the blocking provider is not in a position to provide redress. We did not receive specific comment on the need for additional protections for lawful calls. C. “Know Your Upstream Provider” 48. We require all voice service providers accepting traffic from an upstream provider to take steps to “know” that immediate upstream provider. This extends our existing requirement for gateway providers100 to all voice service providers; it holds all voice service providers in the call path responsible for the calls that transit their networks. Specifically, we require every voice service provider to take reasonable and effective steps to ensure that the immediate upstream provider is not using it to carry or process a high volume of illegal traffic.101 We therefore agree with commenters urging us to adopt a rule that would hold all providers in the call path responsible for the traffic that transits their network.102 We agree with USTelecom that the best method to do so is by adopting a know-your-upstream-provider requirement.103 49. We find that, while intermediate providers may be unable to identify the calling customer with sufficient accuracy to know whether they are placing illegal calls, the Commission cannot permit them to “intentionally or negligently ignore red flags from their upstream providers.”104 As YouMail noted, “the goal of every network should be to transit only legal calls.”105 Extending this requirement to every voice service provider that receives traffic from an upstream provider, rather than solely to gateway providers, ensures that all voice service providers in the call path are responsible for keeping illegal traffic off the U.S. network. Consistent with our existing rules,106 we do not require voice service providers to take specific, defined steps to meet this requirement, and instead allow each voice service provider flexibility to determine the best approach for its network, so long as the steps are effective. In general, we expect voice service providers will need to exercise due diligence before accepting traffic from an upstream provider, and may want to collect information such as “obtaining the [voice service provider’s] physical business location, contact person(s), state or country of incorporation, federal tax ID (if applicable), and the nature of the [voice service provider’s] business.”107 We do not find that collecting this information is either uniformly necessary or sufficient, and voice service providers may 98 47 CFR § 64.1200(k)(5). 99 47 CFR § 64.1200(k)(6). 100 47 CFR § 64.1200(n)(4). 101 In making this change, we revise the existing section 64.1200(n)(5) and move it to section 64.1200(n)(6). 102 See, e.g., CCA Comments at 8-9; USTelecom Comments at 16-17; ZipDX Comments at 8; USTelecom Reply Comments at 6-8. 103 USTelecom Comments at 16-17; USTelecom Reply Comments at 6-8. Other commenters supported similar approaches, urging us to either apply to all providers in the call path an affirmative obligation to keep illegal calls off the network or to require a vetting process for all voice service providers, including “intermediate providers serving upstream providers.” See CCA Comments at 8-9; ZipDX Comments at 8. 104 USTelecom Comments at 6. 105 YouMail Comment at 18-19. 106 See 47 CFR § 64.1200(n)(4); see also 47 CFR § 64.1200(n)(3). 107 CCA Comments at 8-9. 18 Federal Communications Commission FCC-CIRC2305-03 need to take additional steps, such as adopting contract terms that allow for termination and acting on those terms in the event that the upstream provider attempts to use the network to carry or process a high volume of illegal traffic. As the Commission made clear in the Gateway Provider Order and Further Notice, we do not expect perfection.108 However, all voice service providers must take effective steps, and if a voice service provider carries or transmits a high volume of illegal traffic that primarily originates from one or more specific upstream providers, the steps that provider has taken are not effective and must be modified for that provider to be in compliance with our rules. We encourage voice service providers to regularly evaluate and adjust their approach so that that it remains effective. 50. Lastly, in the 2023 Caller ID Authentication Order, the Commission adopted a requirement that originating, terminating, and intermediate providers describe any procedures in place to know their upstream providers in their robocall mitigation plans.109 Now that all voice service providers, including intermediate providers, will be required to take reasonable and effective steps to know their upstream providers, all such providers will also be required to describe those steps in their robocall mitigation plans filed in the Robocall Mitigation Database, pursuant to the requirement adopted in the 2023 Caller ID Authentication Order.110 D. Other Issues 51. Updating Robocall Mitigation Database Certifications to Include Traceback Compliance. In this Report and Order, we modify 47 CFR § 64.1200(n)(1) to require all voice service providers to respond to traceback requests within 24 hours.111 Consistent with our rule applicable to gateway providers, which already were required to respond to traceback requests within 24 hours,112 we now require voice service providers to commit to responding fully and within 24 hours to all traceback requests consistent with the requirements we adopt today in section 64.1200 of our rules, and to include a statement in their Robocall Mitigation Database filings certifying to this commitment.113 We conclude that these limited rule modifications will ensure that voice service providers’ mitigation and filing obligations are in line with their underlying compliance duties, enhance the usefulness of the Robocall Mitigation Database to both the Commission and voice service providers, and promote rule uniformity and administrability. While no party commented on these specific changes, there was significant support to adopt Robocall Mitigation Database filing and mitigation obligations for all voice service providers in the call path.114 We also update cross-references to section 64.1200 in our Robocall Mitigation Database 108 Gateway Provider Order and Further Notice at 42, para. 99. 109 2023 Caller ID Authentication Order at 21, para. 40. 110 Gateway providers are already subject to this requirement under the Commission’s rules. 47 CFR § 64.6305(d)(2)(ii). 111 See supra paras. 21-27. 112 47 CFR §§ 64.6305(b)(2) (requiring gateway providers to commit to responding to traceback within 24 hours in their robocall mitigation plans), (d)(2)(iii) (requiring gateway provider to certify to this commitment in the Robocall Mitigation Database). 113 In the Gateway Provider Order and Further Notice, we sought comment on expanding certain mitigation plan and Robocall Mitigation Database filing requirements for gateway providers to all providers. Gateway Provider Order and Further Notice at 72-73, paras. 188-89 (proposing uniform mitigation obligations for all providers); id. at 75-6, para. 197 (proposing uniform Robocall Mitigation Database filing obligations). In the 2023 Caller ID Authentication Order we expanded Robocall Mitigation Database filing obligations for all providers but noted that were continuing to consider whether to require providers other than gateway providers to respond to traceback requests within 24 hours. 2023 Caller ID Authentication Order at 23, n. 158. 114 See 2023 Caller ID Authentication Order at 17, para. 30 (noting that “there was significant record support” for expanding the “reasonable steps” mitigation standard, including the obligation to implement a robocall mitigation program and that it “will ensure that every provider in the call chain is subject to the same duty to mitigate illegal (continued….) 19 Federal Communications Commission FCC-CIRC2305-03 certification rules to account for the amendments we adopt in this Report and Order.115 52. Effective Measures to Prevent New and Renewing Customers from Originating Illegal Calls. We decline to further clarify our existing requirement for voice service providers to take affirmative, effective measures to prevent new and renewing customers from using their networks to originate illegal calls, as some commenters request.116 We agree with commenters that support the Commission’s existing flexible approach under this rule.117 Flexibility to adapt to changing calling patterns is necessary to avoid giving the “playbook” to bad actor callers, thus an outcomes-based standard is most appropriate.118 We thus decline to be more prescriptive on the steps voice service providers should take to block, as requested by some commenters.119 53. We further decline a commenter’s request that we clarify that “adopting a know-your- customer or upstream-provider standard for new or renewing customers satisfies the effective measures standard.”120 The commenter did not define “know-your-customer” and we are not aware of any universally accepted minimum standard in the industry. Without such a definition or minimum standard, there is no guarantee that a process that an individual voice service provider describes as “know-your- customer” would be sufficient. The rule requires “effective” measures;121 blanket approval of measures voice service providers deem “know-your-customer” clearly does not satisfy this requirement and could lead to voice service providers adopting ineffective processes. We also decline to remove the “new and renewing customer” language, as one commenter requests.122 This limitation will have less impact the longer the rule is in effect; more contracts will include the new provision as they are renewed over time. This limitation recognizes the challenge of modifying existing, in-force contracts. 54. Differential Treatment of Non-Conversational Traffic. We decline to adopt a requirement that originating voice service providers ensure that customers originating non-conversational traffic only seek to originate lawful calls.123 While many illegal calls are of short duration, it does not follow that all (Continued from previous page) robocalls, promoting regulatory symmetry and administrability); id. at 20, para. 38 (noting that “there was overwhelming record support” for broadening the Robocall Mitigation Database filing obligation, and that it will “increase transparency and accountability” because “every provider in the call chain is covered by the same basic set of rules”). 115 See Appendix A, 47 CFR §§ 64.6305(d)(2)(ii), (e)(2)(ii)]. 116 Gateway Provider Order and Further Notice, XX FCC Rcd at XX, paras. 183-186. 117 See, e.g., EPIC/NCLC Comments at 7-8; VON Comments at 3. 118 EPIC/NCLC Comments at 7-8. 119 See, e.g., CCA Comments at 8-9; YouMail Comments at 18-19; ZipDX Comments at 8; see also Letter from Rebekah Johnson, Founder and CEO, Numeracle, to Marlene H. Dortch, Secretary, FCC, CG Docket No. 17-59, WC Docket No. 17-97, 4-10 (filed Oct. 3, 2022) (calling for the Commission to establish rules for know your customer and customer due diligence). 120 CCA Comments at 8-9. 121 47 CFR § 64.1200(n)(3). 122 ZipDX Comments at 8. 123 Gateway Provider Order and Further Notice at 70-71, paras. 184-186. ZipDX defined “non-conversational traffic” as “traffic that has an average call duration of less than two minutes.” Letter from David Frankel, CEO, ZipDX LLX, to Marlene Dortch, Secretary, Federal Communications Commission, CG Docket No. 17-59, WC Docket No. 17-97 (filed Apr. 19, 2022) at 9; see also Gateway Provider Order and Further Notice at 71, para. 185. Under this definition, non-conversational traffic is inherently of short duration. However, because the definition looks at average duration, rather than per-call duration, there is short duration traffic that would not be considered non-conversational. 20 Federal Communications Commission FCC-CIRC2305-03 calls of short duration are inherently suspect.124 We agree with commenters that argue against such requirements125 and are persuaded that this sort of traffic segmentation is likely to harm wanted, or even essential, traffic.126 In fact, only one commenter urged us to adopt a rule treating non-conversational traffic differently from conversational traffic,127 and even that commenter acknowledged that not all non- conversational traffic is illegal.128 Such a rule could, for example, make it impossible for medical centers or schools in rural areas with few voice service providers to find a provider willing to carry their traffic, which may include emergency notifications, appointment reminders, or other important notifications; we will not throw the baby out with the bathwater. 55. Moreover, we do not believe that a strict rule for non-conversational traffic would lead to any real benefit.129 To do so, we would need to adopt standards for whether calls are “non- conversational” or “conversational,” which bad actors could use ensure that their traffic does not meet the criteria for stricter treatment.130 As a result, not only is the risk of such a rule unacceptably high, but the potential benefit is low. 56. Strict Liability. We similarly decline to adopt a strict liability standard for an originating provider when its customer originates illegal calls.131 The Commission asked about a strict liability standard in the Gateway Provider Order and Further Notice in the context of differential treatment of 124 See, e.g., PACE Comments at 5-6. 125 See, e.g., CUNA et al. Comments at 2-3 (citing to valuable non-conversational traffic such as emergency alerts and raising concerns that such a rule would block legitimate, lawful calls); PACE Comments at 4-18 (stating that high volume, short duration traffic is not inherently illegal or dangerous, particularly if the call goes to voicemail and urging the Commission and others to “look for multiple characteristics that are commonly associated with illegal traffic” rather than focusing only on duration); Telnyx Comments at 4 (urging against creating “tiers” based on traffic type and stating that doing so would simply move bad actors to other types of traffic while harming callers placing lawful calls); VON Comments at 4 (noting the serious impact on legitimate uses, including medical centers, schools, and two factor authentication); YouMail Comments at 20-21 (discussing the risk that bad actors would “game” the system to avoid such standards and noting that many valuable calls are non-conversational); ABA et al. Reply Comments at 3-5 (noting that non-conversational calls include account-related calls and urging the Commission not to adopt a rule that targets this type of traffic); USTelecom Reply Comments at 11 (agreeing generally with other commenters that “such proposals would be impractical and could harm legitimate providers and legitimate traffic”). 126 See, e.g., CUNA et al. Comments at 2 (citing the risk to calls such as fraud alerts, school closings, and payment reminders, among others); PACE Comments at 8-9 (noting that such a policy would jeopardize: calls from law- abiding businesses; public opinion polls and political surveys; outreach calls on behalf of state and federal officials and candidates; calls from charities, nonprofits, and religious institutions to donors; and outreach by labor unions); VON Comments at 4 (citing likely issues for medical institutions and schools in finding voice service providers that will carry their legitimate notifications, as well as problems for use cases such as two factor authentication); ABA et al. Reply Comments at 4-5 (noting that banks regularly place valuable calls that would fall under the “non- conversational” threshold). 127 ZipDX Comments at 8-10; ZipDX Reply Comments at 8-9. 128 ZipDX Reply Comments at 8. 129 See, e.g., PACE Comments at 9; Telnyx Comments at 4; YouMail Comments at 20-21. 130 See, e.g., PACE Comments at 9; YouMail Comments at 20-21. For example, YouMail describes how a bad actor might attempt to “‘game’ behavioral analytics tools by only transiting long duration calls to targeted lists of potential victims,” such as to individuals that are “known to be of an older, more susceptible demographic” and thereby bring their average duration over any threshold we might set. YouMail Comments at 20-21. 131 Gateway Provider Order and Further Notice at 70-71, para. 184. Some commenters urged us to adopt a strict liability standard. See EPIC/NCLC Comments at 10-11; ZipDX Comments at 8-9. We rejected similar arguments for strict liability in the 2023 Caller ID Authentication Order. 2023 Caller ID Authentication Order at 40, para. 75. 21 Federal Communications Commission FCC-CIRC2305-03 non-conversational traffic,132 which we have declined to adopt. We disagree with commenters that ask us to adopt this standard more broadly133 and agree with those who argue strict liability is inappropriate.134 Protecting consumers from illegal calls cannot come at the cost of blocking high volumes of lawful traffic in order to avoid the possibility that some of those calls might be illegal—which is the behavior many voice service providers would have to undertake if we imposed strict liability. 57. Public Traceback. We decline to require that the industry make traceback information publicly available, as one commenter asks.135 We believe this approach places too much weight on receipt of traceback requests as an indicator that a voice service provider is a bad actor. Voice service providers that handle a large volume of calls, especially as intermediate providers, are likely to receive a high volume of traceback requests even if they are not bad actors. A general rule requiring the publication of traceback information could hamper industry efforts by discouraging voice service providers from initiating traceback requests without law enforcement intervention.136 E. Summary of Costs and Benefits 58. The record in this proceeding supports our conclusion in the Gateway Provider Order and Further Notice that our proposed rules and actions, some of which we address in this Order, “will account for another large share of the annual $13.5 billion minimum benefit we originally estimated” and that the benefits “will far exceed the costs imposed on providers.”137 59. In this Order, we reaffirm that all voice service providers are responsible for all calls they originate, carry, or transmit. In doing so, we expand several of our rules to cover a wider group of voice service providers. First, we codify our existing expectation that voice service providers respond to traceback requests within 24 hours138 by expanding the strict 24-hour requirement we adopted for gateway providers to all providers in the call path. Requiring rapid response to traceback complements our STIR/SHAKEN caller ID authentication rules by making it easier to identify bad actors even where caller 132 Gateway Provider Order and Further Notice at 70-71, para. 184. 133 EPIC/NCLC Comments at 10-11 (calling for strict liability for the processing of illegal calls for all voice service providers); ZipDX Reply Comments at 9-10 (urging us to adopt a strict liability standard where an originating or intermediate provider has notice that they are facilitating illegal traffic, whether that notice comes from the Commission, a traceback request, another voice service provider, or any other source). 134 See, e.g., CUNA Comments at 3; INCOMPAS Comments at 13-14; CCA Reply Comments at 4. 135 EPIC/NCLC Comments at 6, 32-33 (urging us to adopt a requirement to make traceback information available to all voice service providers, “enable a market-based methodology for providers to enforce the rules,” and “allow legal robocallers to ensure that their calls are not routed through providers with a history of tracebacks”). We also believe this request is outside the scope of this proceeding. We did not seek comment on this matter in the Gateway Provider Order and Further Notice and do not have any record supporting such a measure outside of the comments filed by EPIC and NCLC. EPIC/NCLC Comments at 6, 32-33. 136 Publication of traceback information may be appropriate and beneficial in certain instances, particularly when the information is published in aggregate, rather than tied to individual, specific requests. Nothing here limits the ability of the Commission or another entity to publish such information. As of November 2022, the Industry Traceback Group indicates that it initiates an average of 270 tracebacks per month. Letter from Joshua M. Bercu, Executive Director, Industry Traceback Group, to Marlene H. Dortch, Secretary, FCC, EB Docket No. 20-195, at 1 (filed Nov. 1, 2022). The letter indicates that the originating provider terminates the calling party in approximately 50% of cases and warns the calling party in another 21%. Id. at 5. These actions, particularly termination, strongly indicate that at least some originating providers that receive traceback requests are not bad actors, which undercuts the potential justification for public disclosure. 137 Gateway Provider Order and Further Notice at 63, para. 159. 138 December 2020 Call Blocking Order, 35 FCC Rcd at 15228, n. 52. 22 Federal Communications Commission FCC-CIRC2305-03 ID authentication information is unavailable. This codification is a key piece of our comprehensive approach to combating illegal calls and supports the benefits of that approach without incurring a significant practical cost when compared to our existing requirements.139 60. Second, we extend our requirement to block following Commission notification to originating providers and make clear that any voice service provider that receives such a notification is required to respond to the Commission and, if it is not an originating or gateway provider, inform the Commission where it got the traffic. If any voice service provider refuses to comply with this requirement, all voice service providers immediately downstream from the non-compliant provider may be required to block all traffic from that provider. Voice service providers must comply with Commission rules, and this rule provides clear, immediate consequences for voice service providers that refuse to do so, even if that voice service provider would be unable to pay a forfeiture. We do not expect that originating providers will incur significant costs as a result of this rule because action by providers is required only when the Commission notifies the provider. Further, because providers generally adhere to Commission rules, we expect that downstream providers will receive Commission notification to block only rarely. If the Commission were to issue such a blocking notification to a downstream provider, it would benefit consumers by stopping illegal calls while causing disruption to provider relationships and possibly stopping some legal calls. While the disruption of legal calls would harm consumers, we expect this scenario to arise infrequently. The power of this aspect of the rule is that it gives providers strong incentives to comply with our blocking rules. Because illegal calls cause large harms to consumers, stopping even a small share of illegal calls benefits consumers significantly and, as explained above, we expect this rule to have minimal costs. Therefore, we find that the benefits of this rule outweigh its costs. 61. Finally, we expand the know-your-upstream-provider requirement to all voice service providers. This expanded requirement codifies that all voice service providers, regardless of their position in the call path, are responsible for preventing illegal calls. Because voice service providers should already be exercising due diligence by knowing their upstream call providers, this new rule has small costs. It has greater benefits in deterring providers from shirking their due-diligence responsibility. 62. These expanded rules will ultimately prevent illegal calls from ringing consumers’ phones, both by deterring callers from placing them in the first instance and by stopping the calls before they reach the consumer. The rules also make bad actors, whether callers or voice service providers, easier to identify. Taken together, these new and expanded rules increase the effectiveness of all of our efforts to combat illegal calls, including our existing affirmative obligations and Robocall Mitigation Database filing requirements. These rules, together with our existing rules, make it easier to identify and stop illegal calls before they reach consumers. As we found previously, an overall reduction in illegal calls will lower network costs by eliminating both unwanted traffic congestion and the labor costs of handling numerous customer complaints,140 and these new rules contribute to this overall reduction. This reduction in illegal calls will also help restore confidence in the U.S. telephone network and facilitate reliable access to emergency and healthcare services. 63. Although sparse in quantitative estimates, the record in this proceeding supports our conclusion that the benefits of these rules exceed their costs. A more uniform blocking standard will “provide additional benefits and reduce the overall burden” on providers.141 Extending these rules, originally adopted for gateway providers, to all voice service providers will not be overly costly or 139 See supra para. 22 (“this modification is primarily a matter of codifying our existing expectation, rather than significantly modifying the standard”). For example, a commenter observed, "the 24-hour response time is not overly burdensome to providers." 51 State AGs Reply Comments at 8-9. 1402023 Caller ID Authentication Order at 44, para. 87; Gateway Provider Order and Further Notice at 47, para. 111. 141 Comcast Comments at 28. 23 Federal Communications Commission FCC-CIRC2305-03 burdensome.142 The incremental costs of compliance with our new rules is “relatively small.”143 Given that robocalls reduce public welfare by billions of dollars annually, even a small percentage reduction in robocalls implies benefits that exceed the costs of our new rules. F. Legal Authority 64. Our legal authority to adopt these requirements stems from sections 201(b), 202(a), and 251(e) of the Communications Act of 1934, as amended (the Act) as well as from the Truth in Caller ID Act and our ancillary authority. Sections 201(b) and 202(a) grant us broad authority to adopt rules governing just and reasonable practices of common carriers.144 65. Our section 251(e) numbering authority provides independent jurisdiction to prevent the abuse of NANP resources; this particularly applies where callers spoof caller ID for fraudulent purposes and therefore exploit numbering resources, regardless of whether the voice service provider is a common carrier.145 Similarly, the Truth in Caller ID Act grants us authority to prescribe rules to make unlawful the spoofing of caller ID information with the intent to defraud, cause harm, or wrongfully obtain something of value.146 Taken together, section 251(e) of the Communications Act and the Truth in Caller ID Act grant us authority to prescribe rules to prevent the unlawful spoofing of caller ID and abuse of NANP resources by all voice service providers.147 66. We further find that these rules reduce the chance of unlawfully spoofed calls reaching consumers and thus are within our authority under the statutes referenced above. In particular, the requirement to respond to traceback requests within 24 hours directly impacts a caller’s ability to unlawfully spoof caller ID by making it easier to detect the originator of the call. The other requirements are aimed at curbing the use of NANP numbers (whether spoofed or not) for unlawful purposes as they are focused on mitigating and preventing illegal calls. 67. While we conclude that our direct sources of authority provide an ample basis to adopt our proposed rules for all voice service providers, our ancillary authority in section 4(i)148 provides an independent basis to do so with respect to providers that have not been classified as common carriers.149 The Commission may exercise ancillary jurisdiction when two conditions are satisfied: (1) the Commission's general jurisdictional grant under Title I [of the Communications Act] covers the regulated subject; and (2) the regulations are reasonably ancillary to the Commission's effective performance of its statutorily mandated responsibilities.150 We conclude that the regulations adopted in this Report and 142 NYPSC Comments at 3. 143 YouMail Comments at 11. 144 47 U.S.C. §§ 201(b), 202(a). 145 Interconnected VoIP providers can obtain numbering resources directly under our rules, supporting our claim of authority over these providers. See, e.g., 47 CFR § 52.15(g)(3). 146 Id. § 227(e)(1). 147 We have long relied on both section 241(e) and the Truth in Caller ID Act as sources of authority for our call blocking rules. 2017 Call Blocking Order, 32 FCC Rcd at 9727, paras. 61-62; July 2020 Call Blocking Order, 35 FCC Rcd at 7637-38, paras. 64-65; December 2020 Call Blocking Order, 35 FCC Rcd at 15237-38, para. 47; Gateway Provider Order and Further Notice at 48, para. 115. 148 47 U.S.C. § 154(i). 149 We previously found such rules to be covered under our ancillary authority in the Gateway Provider Order and Further Notice. See Gateway Provider Order and Further Notice at 49, paras. 118-19. 150 See, e.g., Comcast Corp. v. FCC, 600 F.3d 642, 646 (D.C. Cir. 2010); American Library Ass’n v. FCC, 406 F.3d 689 (D.C. Cir. 2005). 24 Federal Communications Commission FCC-CIRC2305-03 Order satisfy the first prong because providers that interconnect with the public switched telephone network and exchange IP traffic clearly offer “communication by wire and radio.”151 68. With regard to the second prong, requiring voice service providers to comply with our proposed rules is reasonably ancillary to the Commission’s effective performance of its statutory responsibilities under sections 201(b), 202(a), and 251(e) of the Communications Act and the Truth in Caller ID Act as described above. With respect to sections 201(b) and 202(a), absent application of our proposed rules to providers that are not classified as common carriers, originators of illegal calls could circumvent our proposed scheme by sending calls only via providers that have not yet been classified as common carriers. IV. FURTHER NOTICE OF PROPOSED RULEMAKING 69. In the Report and Order and the 2023 Caller ID Authentication Order we made clear that all voice service providers play a key role in stopping illegal calls by extending existing obligations and closing potential loopholes. In this Further Notice of Proposed Rulemaking, we propose and seek comment on several additional steps that could ensure that all consumers have access to call blocking solutions, restore trust in caller ID, and hold voice service providers responsible for illegal traffic. First, we propose to require that all terminating providers offer, at a minimum, analytics-based blocking of calls that are highly likely to be illegal on an opt-out basis, without charge. Second, we propose to require that all voice service providers, rather than just gateway providers, block calls based on a reasonable DNO list. Third, we seek comment on the correct SIP Code for providing callers with immediate notification of blocked calls on an ongoing basis. Fourth, we seek comment on whether, and if so how, to require terminating providers that choose to display an indication as to caller ID authentication status to provide some version of caller name to call recipients. Finally, we propose to establish a base forfeiture for any violation of the requirement for voice service providers to take affirmative, effective measures to prevent new and renewing customers from originating illegal calls. A. Mandatory Blocking Programs to Protect Consumers from Illegal Calls 1. Requiring Opt-Out Analytics-Based Blocking of Calls That Are Highly Likely to be Illegal 70. We propose to require that terminating providers offer analytics-based blocking of calls that are highly likely to be illegal on an opt-out basis without charge to consumers. Our rules currently permit,152 but do not require, such blocking. As a result, while many terminating providers offer these services, they may not be available to all consumers. We believe that this requirement will better protect all consumers from illegal calls. 71. We seek comment on this proposal. Would our proposal help protect consumers from calls they do not want to receive? The Commission has previously provided a non-exhaustive list of factors that a voice service provider might consider when blocking based on reasonable analytics rather than specifically defining the categories of “highly likely to be illegal” or “unwanted.”153 If we were to 151 47 U.S.C. § 152(a). 152 47 CFR §§ 64.1200(k)(3), (k)(11); Call Blocking Declaratory Ruling, 34 FCC Rcd at 4884-90, paras. 26-42 (making clear that voice service providers can offer opt-out call blocking programs); July 2020 Call Blocking Order, 35 FCC Rcd at 7625-27, paras. 25-34 (establishing a safe harbor for the blocking of calls based on reasonable analytics designed to identify unwanted calls on an opt-out basis); December 2020 Call Blocking Order, 35 FCC Rcd at 15234-38, paras. 39-47 (expanding the safe harbor for the blocking of calls based on reasonable analytics to include calls that are highly likely to be illegal without requiring consumers to opt out). 153 For example, in the Call Blocking Declaratory Ruling, the Commission provided a non-exhaustive list of factors such as large bursts of calls in a short timeframe, low average call duration; low call completion ratios, and invalid numbers placing a large volume of calls. Call Blocking Declaratory Ruling, 34 FCC Rcd at 4888, para 35. 25 Federal Communications Commission FCC-CIRC2305-03 adopt our proposal, should we provide further guidance, or does our flexible approach remain appropriate? If we should provide further guidance, what should we include? What lessons can we take from existing analytics-based blocking to ensure any requirement is effective? How can we ensure that bad actors cannot use any guidance we provide to more easily circumvent blocking? We propose to require terminating providers to offer these blocking services 30 days after publication of an Order in the Federal Register; we seek comment on this proposal. Will some providers need more time to implement this requirement because they do not already offer any analytics-based blocking? If so, how long should we allow for implementation? 72. To minimize the burden to terminating providers, we propose to consider analytics-based blocking of calls that are highly likely to be illegal on an opt-out basis to be a minimum standard. Terminating providers that already do more, or that choose to do more, would therefore be in compliance with this requirement. In particular, we recognize that many terminating providers already offer opt-out blocking services. We believe that terminating providers that already block calls that are unwanted based on reasonable analytics on an opt-out basis, consistent with our existing safe harbor at section 64.1200(k)(3),154 would be in compliance because unwanted calls inherently include calls that are highly likely to be illegal. We seek comment on this belief. Is there any reason that these terminating providers would not already be in compliance? If so, are there any modifications we could make to this safe harbor to address this issue? How should we handle a situation where a terminating provider only offers such blocking on an opt-in basis? We believe that more consumers will benefit from blocking that is offered on an opt-out basis, because many consumers who would benefit from blocking will not opt in. Is this correct? Is there any way we could address this issue without requiring terminating providers that offer opt-in blocking to switch to opt-out blocking? Alternatively, is the benefit of requiring these terminating providers to switch to opt-out blocking enough to justify the cost of doing so? 73. Some terminating providers already block calls that are highly likely to be illegal without consumer consent, consistent with our safe harbor under section 64.1200(k)(11).155 We believe that terminating providers that engage in this blocking would also be in compliance with the mandate we propose today. We seek comment on this belief. Is there any reason we should not consider these terminating providers in compliance? If so, are there any modifications that we should make to the safe harbor to address this? Because blocking without consumer consent would mean that more consumers would benefit than blocking on either an opt-in or opt-out basis, we do not believe there is any reason to require terminating providers to offer consumers the opportunity to opt out when blocking targets calls that are highly likely to be illegal, rather than unwanted. Is this correct? Are there any reasons for us to require the terminating provider to allow consumers to opt out? If we do so, would this create any issues for terminating providers that already block under the existing safe harbor? Do any terminating providers that would be impacted by this modification not offer opt-out blocking of unwanted calls? How might we address these issues if we do take this approach? 74. Terminating providers that block consistent with our existing safe harbors will be protected by those safe harbors when blocking under this proposed rule.156 We believe the safe harbors provide sufficient protection. We seek comment on this belief. Is there any reason to modify or expand our existing safe harbors to protect terminating providers that block under this rule? If so, what modifications would be appropriate? What impact would these modifications have on lawful calls? If we do adopt certain modifications to our safe harbors, should we modify our rules protecting lawful calls157 154 47 CFR § 64.1200(k)(3). 155 47 CFR § 64.1200(k)(11). 156 47 CFR §§ 64.1200(k)(3), (11). We do not propose to require terminating providers to comply with the specific rules of the safe harbors in order to comply with our proposed rule, nor do we propose to eliminate the safe harbors. 157 47 CFR §§ 64.1200(k)(5)-(6), (8)-(10). 26 Federal Communications Commission FCC-CIRC2305-03 and, if so, how? Finally, we believe that our existing protections for lawful calls are sufficient and propose to extend them to calls blocked under this requirement.158 We seek comment on this belief and whether there are any other protections we should adopt. Are there any other issues we should consider in adopting such a requirement? 2. Requiring Blocking Based on a Reasonable Do-Not-Originate List 75. We propose to require all voice service providers to block calls using a reasonable DNO list. A DNO list is a list of numbers that should never be used to originate calls, and therefore any calls that include a listed number in the caller ID field can be blocked.159 Consistent with our requirement for gateway providers for voice calling and mobile wireless providers for text messaging, we propose to allow voice service providers to use any DNO list so long as the list is reasonable and not so limited in scope that it leaves out obvious numbers that could be included with little effort. Specifically, we propose to limit the numbers that can be included on the list to invalid, unallocated, and unused numbers, as well as numbers for which the subscriber to the number has requested blocking.160 76. We seek comment on this proposal. Should the list include any additional categories of numbers, or should we exclude any particular categories? We note that the categories we propose to include are consistent both with the requirement for gateway providers and the Commission’s long- standing authorization of this type of blocking,161 so we are reluctant to change this scope unless it provides a clear benefit to consumers. We therefore seek specific comment on the benefits of any change. 77. As noted in the Gateway Provider Order and Further Notice, we do not believe every possible number must be included in a DNO list in order for such a list to be reasonable.162 Consistent with our rule for gateway providers, we believe that, at a minimum, a reasonable list would need to include any inbound-only government numbers where the government entity has requested the number be included.163 Additionally, we believe it should include private inbound-only numbers that have been used in imposter scams, when a request is made by the private entity assigned such a number.164 We seek comment on this approach. Is there any reason to change the minimum scope of what must be included on a reasonable DNO list? 78. Finally, we seek comment on whether it is appropriate to require all voice service providers to block based on a reasonable DNO list, rather than limiting the requirement to certain voice service provider types. Because we do not mandate blocking using a specific list, the content of the list may vary from one voice service provider to another. We therefore believe that broad application of the rule will result in more calls that are highly likely to be illegal being blocked before they reach a consumer. Is this belief correct? Are there any other factors we should consider in determining which voice service providers should be required to block? For example, are there technical limitations that would make it difficult or impossible for voice service providers to implement blocking across the network? If we do limit the blocking requirement to only specific types of voice service providers, what categories of providers should be required to block? For example, should the rule only apply to 158 47 CFR §§ 64.1200(k)(5)-(6), (8)-(10). 159 See, e.g., 2017 Call Blocking Order, 32 FCC Rcd at 9709-21, paras. 9-40; Gateway Provider Order and Further Notice at 37-38, paras. 87-91. 160 47 CFR §§ 64.1200(k)(1)-(2)(i)-(iii), (o); 2017 Call Blocking Order, 32 FCC Rcd at 9709-21, paras. 9-40; Gateway Provider Order and Further Notice at 37-38, paras. 87-91. 161 47 CFR §§ 64.1200(k)(1)-(2)(i)-(iii), (o). 162 Gateway Provider Order and Further Notice at 37, para. 88. 163 Id. at 37-38, para. 89. 164 Id. 27 Federal Communications Commission FCC-CIRC2305-03 originating providers, along with gateway providers? We further seek comment on the appropriate implementation timeline for this requirement. Given that this rule will need to be approved through the Paperwork Reduction Act process, does requiring compliance 30 days after publication of a notice of that approval in the Federal Register suffice, or should we allow additional time? Should we consider a different timeline if not all providers are covered by the final rule? Are there any other issues that we should consider? 3. Further Strengthening the Requirements to Block Following Commission Notification 79. In the Order, we require originating providers to block illegal traffic when notified by the Commission, as gateway providers are already required to do.165 While we believe that, in the vast majority of cases, responsibility for blocking illegal calls should fall to originating and gateway providers, we are concerned that requiring terminating or non-gateway intermediate providers to merely respond with information regarding where they received the traffic could leave some loopholes that bad actors might attempt to exploit. For this reason, we propose to require blocking by other voice service providers in certain situations and seek comment on other steps we could take to ensure that bad actors cannot circumvent our rules. 80. First, we propose to require a terminating or non-gateway intermediate provider to block if that provider, upon receipt of a Notice of Suspected Illegal Traffic, cannot identify the upstream provider from which it received any or all of the calls. We propose that the terminating or non-gateway intermediate provider be required to block consistent with the original Notice of Suspected illegal traffic, including developing a blocking plan, following the same subsequent steps that originating and gateway providers follow when they are notified of suspected illegal traffic. Second, we propose to allow the Enforcement Bureau to direct a terminating or non-gateway intermediate provider that has received at least one prior Notice of Suspected Illegal Traffic to both block substantially similar traffic and identify the upstream provider from which it received the traffic. Finally, we seek comment on any other scenarios that we should address. 81. Blocking When Information Regarding the Upstream Provider is Unavailable. We propose to require terminating and non-gateway intermediate providers to block illegal traffic when notified by the Commission if, for any reason, the provider responds to the Enforcement Bureau that it cannot identify the upstream provider from which it received any or all of the calls identified in the Notice of Suspected Illegal Traffic. As part of this requirement, terminating and non-gateway intermediate providers would be required to block traffic that is substantially similar to the traffic identified in the Notice of Suspected Illegal Traffic. We believe that this requirement is necessary to ensure that all traffic on the U.S. network is subject to blocking when the Enforcement Bureau has determined that such traffic is illegal, as well as to avoid situations in which a bad-actor provider would otherwise be shielded from consequences under our existing rules. 82. We seek comment on this proposal. We believe there are two ways the issue could arise. First, a bad-actor provider might intentionally discard the information necessary to identify the upstream provider so that it cannot provide that information to the Enforcement Bureau. Second, a voice service provider that is trying to be a good actor in the ecosystem might receive a Notice of Suspected Illegal Traffic that includes calls for which it no longer has records. Are there any other instances in which a provider would be unable to identify the upstream provider from which it received traffic? Does extending the requirement to block in these cases present a significant burden to terminating or non- gateway intermediate providers? How might we reduce these burdens? Are there any situations in which we should not require blocking even though the notified provider cannot identify the upstream provider(s)? How might we address these situations? We see no reason why voice service providers 165 Supra Section III.B. 28 Federal Communications Commission FCC-CIRC2305-03 would not be able to develop a blocking plan and start blocking in response to the initial Notice of Suspected Illegal Traffic, without requiring additional action by the Enforcement Bureau. The voice service provider will know that it cannot provide the identity of the upstream provider from its investigation, and can act on this knowledge more quickly than the Enforcement Bureau. We seek comment on this belief. 83. We propose to require blocking of “substantially similar” traffic, consistent with our rules for originating and gateway providers.166 Is this standard appropriate for use with terminating and non- gateway intermediate providers, or should we adopt a different standard? Should we provide guidance specific to terminating and non-gateway intermediate providers on meeting this standard, in recognition of the fact that they are further from the source of the call and are not the first point of entry onto the U.S. network? If so, what guidance might we provide? If we adopt a different standard, what standard should we adopt? As we stated in the Order, “[a] rule that only requires an originating provider to block the traffic specifically identified in the initial notice would arguably block no traffic at all, as the Enforcement Bureau cannot identify specific illegal traffic before it has been originated.”167 We therefore think that some standard is essential to avoid a rule that would allow illegal traffic to continue unimpeded. 84. Are there other approaches we should take instead of, or in addition to, this rule? For example, should we require all U.S.-based providers to retain call detail records for a set amount of time? How long do voice service providers currently retain these records, and what information do they include? Is there an industry best practice we could mandate? If so, is that retention period sufficient to allow the Enforcement Bureau time to investigate before sending a Notice of Suspected Illegal traffic, or is it possible that a Notice would be sent after the records are no longer retained? How much does it cost voice service providers to retain these records? Does the cost to retain records increase substantially the longer the records are required to be held? Should we require a shorter records retention period that would cover most cases, but still require the notified provider to block substantially similar traffic if it receives a notice when it can no longer identify the upstream provider? Is there anything else we should consider in adopting a rule to cover these situations? 85. Repeated Notifications of Suspected Illegal Traffic to the Same Terminating or Non- Gateway Intermediate Provider. We propose to require terminating and non-gateway intermediate providers to block when the Enforcement Bureau determines that it is necessary, so long as the terminating or non-gateway intermediate provider has previously received at least one Notice of Suspected Illegal Traffic. Specifically, if the Enforcement Bureau has previously sent a Notification of Suspected Illegal Traffic to the identified provider, it may require that provider to block substantially similar traffic if it determines, based on the totality of the circumstances, that the terminating or non- gateway intermediate provider is either intentionally or negligently allowing illegal traffic onto its network. In such a case, we propose to allow the Enforcement Bureau to direct, in a Notification of Suspected Illegal Traffic or Initial Determination Order, a terminating or non-gateway intermediate provider to both identify the upstream provider(s) from which it received the identified traffic and block the traffic. 86. We seek comment on this proposal. We are concerned that our current rules may not fully address situations in which the terminating or non-gateway intermediate provider may respond with information regarding the upstream provider from which it received identified traffic, but nonetheless is taking steps to shield other bad-actor providers or bad-actor callers.168 Does this rule appropriately 166 Appendix A, 47 CFR § 64.1200(n)(2). 167 Supra para. 34. 168 For example, a bad actor might intentionally set up a chain of voice service providers specifically to shield earlier providers in the chain from liability or to allow illegal traffic to continue even if one or more provider in the chain is removed. 29 Federal Communications Commission FCC-CIRC2305-03 address this concern? Is requiring at least one Notice of Suspected Illegal Traffic an appropriate threshold before the Enforcement Bureau may take this step? Should we allow the Enforcement Bureau to take this step without having sent a prior Notice of Suspected Illegal Traffic, or should we instead adopt greater restrictions on when it can do so? We propose to require the Enforcement Bureau to consider both the number of prior Notices of Suspected Illegal Traffic and how recently the prior Notices were sent, but not to set specific thresholds beyond requiring at least one prior Notice. Is this the correct approach? Should we limit the length of time since the prior Notice? If so, how long should we allow? Should this time vary if the voice service provider has previously received multiple Notices of Suspected Illegal Traffic? 87. Beyond these threshold questions, we expect but do not propose to require the Enforcement Bureau to consider specific criteria in determining whether a provider is either intentionally or negligently allowing illegal traffic onto its network. Such criteria could include how frequently the notified provider appears in traceback requests, how cooperative the notified provider has been previously, what percentage of the notified provider’s traffic appears to be illegal, evidence that the notified provider is involved in actively shielding illegal traffic, and any other evidence that indicates the notified provider is a bad actor. Is this the correct approach? Should we adopt specific criteria that the Enforcement Bureau must consider? If so, what should we include in those criteria? We seek comment on any other issues we should consider. 88. Other Loopholes. We seek comment on any other potential loopholes to our requirements to block following Commission notification. We are concerned about either instances where illegal traffic would still reach consumers even after notification because no provider would be required to block it or any issues that bad-actor providers could exploit to protect themselves or other bad actors. Do the two proposals we discuss above sufficiently cover these concerns? If not, what is the concern and how might we address it? Are there any other issues we should consider? B. SIP Codes for Immediate Notification of Blocked Calls 89. We seek comment on which SIP Code(s)169 to require terminating providers with IP networks170 to use to notify callers that calls have been blocked, consistent with the TRACED Act’s directive to provide “transparency and effective redress.”171 Specifically, we seek comment on whether we should require use of the newly developed SIP Code 603+ for immediate notification, require use of SIP Code 608,172 or require use of SIP Code 603.173 90. Background. In response to the TRACED Act, in December 2020, the Commission required that terminating providers blocking calls on an IP network use SIP Code 607, “Unwanted,” or SIP Code 608, “Rejected,” as appropriate, to notify callers or originating providers of a blocked call.174 169 SIP Codes (used for calls carried over IP) and ISUP codes (used for calls carried over traditional TDM network technology) allow a terminating provider to send a response code when a call cannot be completed. These codes tell the caller or the originating provider why the call attempt failed. Internet Engineering Task Force, Integrated Service Digital Network (ISDN) User Part (ISUP) to Session Initiation Protocol (SIP) Mapping (Dec. 2002), https://tools.ietf.org/html/rfc3398 (ISUP and SIP Code Mapping Specification). 170 Our rules already require terminating providers with non-IP networks to use ISDN User Part (ISUP) Code 21 with the cause location “user” for this purpose. 47 CFR § 64.1200(k)(9)(ii). For calls that transit both IP and non-IP networks, ISUP Code 21 must be mapped to SIP Code 603, 607, or 698 where the cause location is “user.” 47 CFR §§ 64.1200(k)(9)(iii)-(iv). Our rules also require all voice service providers in the call path to transmit the appropriate SIP or ISUP code. 47 CFR § 64.1200(k)(9). 171 TRACED Act § 10(b) (codified at 47 U.S.C. § 227(j)). 172 December 2020 Call Blocking Order, 35 FCC Rcd at 15240-42, paras. 56-60. 173 Transparency and Redress Reconsideration Order, 36 FCC Rcd at 17966-67, paras. 13-22. 174 December 2020 Call Blocking Order, 35 FCC Rcd at 15240-42, paras. 56-60. 30 Federal Communications Commission FCC-CIRC2305-03 Following a petition seeking reconsideration from USTelecom, in 2021, the Commission permitted terminating providers with IP networks to use existing SIP Code 603, “Decline,” to meet the immediate notification requirement.175 However, the Commission made clear that it viewed this as an “interim measure as industry moves to full implementation of SIP Codes 607 and 608,”176 and reaffirmed its belief that “we should retain the requirement that terminating providers ultimately use only SIP Codes 607 or 608 in IP networks.”177 At the same time, the Commission sought comment on the status of the implementation of SIP Codes 607 and 608, as well as whether and how to best transition away from SIP Code 603 for use as a response for call blocking.178 We also sought comment on whether SIP Code 603 provides adequate information to callers and thus should not be phased out, or whether SIP Code 603 requires modification to make it useful to callers.179 After the comment period for the rulemaking had ended, industry presented a new potential solution for the immediate notification problem, generally referred to as SIP Code 603+, “Network Blocked,” which builds on the existing SIP Code 603 to provide greater information to callers.180 91. Competing Standards. We believe that either SIP Code 608 or SIP Code 603+ has the best potential to provide callers with meaningful information when calls are blocked based on reasonable analytics, allowing for transparency and effective redress. We seek comment on this belief. We note that, because we have not previously sought comment on SIP Code 603+, we are particularly interested in the benefits and disadvantages of that particular code relative to SIP Code 608.181 Are both standards capable of satisfying the TRACED Act’s requirement that we provide transparency and effective redress to callers? What are the advantages or disadvantages of each standard? Are either or both of these SIP Codes more advantageous than requiring use of SIP Code 603, and if so, why? Given that SIP Code 607 is not intended for use when block is based on reasonable analytics, we no longer believe that it would be appropriate to continue to allow use of SIP Code 607 for this purpose, particularly given that there are now two options that specifically address this type of blocking available in SIP Codes 603+ and 608.182 Is this belief correct? 92. Implementation Details and Issues. We seek comment on the implementation process and costs for each code. Voice service providers have argued that SIP Code 603+ is easier to implement.183 Is this correct? How long will it take voice service providers to implement SIP Codes 175 See Transparency and Redress Reconsideration Order, 36 FCC Rcd at 17966-67, paras. 9-22; 47 CFR § 64.1200(k)(9)(i) (requiring providers that terminate calls on an IP network to use SIP Code “603, 607, or 608”). 176 Id. at 17969-70, para. 17. 177 Transparency and Redress Reconsideration Order, 36 FCC Rcd at 17979, para. 43. 178 Id. at 17979-81, paras. 43-47. 179 See id. at 17979-80, para. 44. 180 Letter from Joshua M. Bercu, Vice President, Policy & Advocacy, USTelecom to Marlene H. Dortch, Secretary, FCC, CG Docket No. 17-59 (filed Sept. 14, 2022) (603+ Ex Parte); see generally ATIS, ATIS-1000099, Robocall Call Blocking Notification, https://access.atis.org/apps/group_public/download.php/67424/ATIS-1000099.pdf. 181 Prior to the release of the SIP Code 603+ standard, some callers raised concerns about whether SIP Code 603 would actually provide actionable information to callers in real time. See, e.g., ABA et al. Jan. 31, 2022 Comments at 6-7. USTelecom’s more recent filing appears to resolve these issues. 603+ Ex Parte at 1. We have not, however, received many filings from callers since the adoption of the 603+ standard. 182 47 CFR § 64.1200(k)(9)(i); see also Transparency and Redress Reconsideration Order, 36 FCC Rcd at 17973- 75, paras. 23-30. 183 See 603+ Ex Parte. Some callers have indicated that this new code may meet their needs, but urged us not to remove SIP Code 608 from the rules until it has been tested and implemented. Letter from Jonathan Thessin, Vice President/Senior Counsel, American Bankers Association to Marlene H. Dortch, Secretary, FCC, CG Docket No. 17-59 (filed Oct. 7, 2022) at 3. 31 Federal Communications Commission FCC-CIRC2305-03 603+, 607, or 608, respectively? Would the implementation timeline for SIP Code 608 vary if we require the jCard184 or if we do not, and if so, how? Should the Commission require a faster implementation for the code it adopts, considering the Commission's directive in the December 2020 Call Blocking Order?185 What should the implementation deadline be? How can the Commission ensure it is met? What are the respective costs of implementation? Other than amending our mapping rule to reflect whatever SIP Code (or possibly SIP Codes) that we require to be used,186 do we need to take any additional steps to ensure the SIP Code(s) appropriately map to or from ISUP code 21 when calls transit non-IP networks, or is our current rule sufficient? 93. Value to Callers. Which SIP Code is most helpful for callers to receive and use for immediate notification of blocking based on an analytics program, or are the codes comparable for callers? What is the cost to callers to adapt their systems to receive SIP Code 603+, 607, or 608? Is there any information that would be available under SIP Code 608, either with or without the jCard, that is not available under SIP Code 603+? If so, does the benefit of this information outweigh any additional costs that voice service providers might incur to implement SIP Code 608 throughout the network? Should we require voice service providers to use one of these SIP Codes or continue to allow voice service providers to choose from several SIP Codes. and if so, which Codes are most appropriate? Should we continue to allow use of SIP Code 603? What impact would each approach have on callers? What is the timeline for callers to be able to receive SIP Code 603+, 607, and 608? Is there anything else we should consider? C. Increasing Trust in Caller ID By Providing Accurate Caller Name to Call Recipients 94. Caller Name for Voice Calls. We seek comment on whether and how to provide accurate caller name information to call recipients when the terminating voice service provider displays an indication that the call received A-level attestation.187 Some terminating providers have chosen to display an indication of caller ID authentication status to the call recipient, such as through a green checkmark. While this may tell an informed consumer that the caller ID is either not spoofed or spoofed with authorization,188 it does not tell them anything about the identity of the caller. Mobile phones do not 184 The “jCard” is a JSON format for representing and exchanging information about individuals and other entities. Internet Engineering Task Force, jCard: The JSON Format for vCard (Jan. 2014), https://www.rfc- editor.org/rfc/rfc7095.html. The SIP Code 608 specification includes use of the jCard with a cryptographic signature to provide the redress information. Internet Engineering Task Force, A Session Initiation Protocol (SIP) Response Code for Rejected Calls (Dec. 2019), https://www.rfc-editor.org/rfc/rfc8688.html. 185 TRACED Act § 10(b) (codified at 47 U.S.C. § 227(j)); December 2020 Call Blocking Order, 35 FCC Rcd at 15239-42, paras. 52-61. 186 See 47 CFR §§ 64.1200(k)(9)(iii), (iv). 187 The STIR/SHAKEN caller ID authentication framework allows for three levels of attestation. A-level attestation, sometimes called “full” attestation, requires that the signing voice service provider: 1) is responsible for the origination of the call onto the network; 2) “[h]as a direct authenticated relationship with the customer and can identify the customer”; and 3) “[h]as established a verified association with the telephone number used for the call.” By contrast, B-level attestation, sometimes called “partial” attestation, only requires that the first two requirements be met. Finally, C-level attestation, sometimes called “gateway” attestation, is the most limited form of attestation, requiring only that the signing voice service provider both be “the entry point of the call into its VoIP network” and have “no relationship with the initiator of the call (e.g., international gateways).” ATIS & SIP Forum, Joint ATIS/SIP Forum Standard—Signature-Based Handling of Asserted Information Using toKENs (SHAKEN) at 12-13 (Aug. 16, 2022), https://access.atis.org/apps/group_public/download.php/67436/ATIS-1000074.v003.pdf. 188 While caller ID spoofing can be used to cause harm, it also has valid uses. For example, a doctor may choose to spoof their office line when placing calls from a personal cell phone, or a crisis center or domestic abuse shelter may wish to hide their number to protect clients. 32 Federal Communications Commission FCC-CIRC2305-03 routinely display information from caller ID name (CNAM) databases,189 and an unfamiliar number without a display name is still an unfamiliar number, even if the recipient knows that it was not spoofed. 95. We believe that combining the display of caller name information with the information that the number itself was not spoofed could provide real benefit to consumers, who would then have more data to use when deciding whether or not to answer the phone. We seek comment on this belief. Does the caller ID attestation information display alone significantly benefit the consumer? If so, how does that benefit compare to the benefit of caller name data alone? Is the combined information more beneficial than either single piece of information? What would we need to do to ensure that these benefits are realized? 96. Caller name information is only valuable if it is accurate. We therefore seek comment on the source of caller name information for display. For example, should we rely on existing CNAM databases for this purpose? Is it true that the accuracy of these databases varies and is impacted by whether the caller provides accurate information? How can we ensure that this information is more accurate? We believe that a caller that provides inaccurate information to populate CNAM databases with the intent to defraud, cause harm, or otherwise obtain something of value is in violation of the Truth in Caller ID Act.190 We seek comment on this belief. Are there other steps we could take to ensure CNAM accuracy? 97. Alternatively, are there other sources that would be more accurate for caller name display? We know that industry has been working on branded calling options, such as Rich Call Data, which makes use of the STIR/SHAKEN framework to provide caller name and other branding for display to the consumer.191 Unlike the traditional CNAM databases, Rich Call Data is not widely deployed and may not work on some networks;192 furthermore, the primary use case appears to be for enterprise calling, rather than caller name generally. However, its incorporation into the STIR/SHAKEN caller ID authentication framework should increase the reliability of the information. Is this a correct assumption? Would Rich Call Data, or some other option, be a better choice for caller name display data? If so, what limitations and strengths do those options have, and how might we craft a rule to ensure that the limitations are addressed? How long is it likely to take for these tools to be broadly available in the network? Given that these technologies are generally focused on enterprise callers, how should we handle A-level attested calls for which there is no caller name information? 98. Instead of requiring use of a specific technology for the caller name display, should we adopt a technology-neutral standard? For example, could we simply require any terminating provider to display caller name information if it displays an indication that the call received A-level attestation? Such a rule would mean that, if the database or technology the terminating provider chooses to use for this information does not include caller name data for a particular caller, the terminating provider would not be permitted to display an indication that the caller ID received A-level attestation. Are there any issues with this approach? Should we set any specific requirements to ensure the accuracy of the data? Are 189 Terminating providers that provide caller name information to customers will generally check the database and display whatever information is available to the customer. This information is provided by the caller, through their originating provider, but it may or may not be actively managed by the originating provider. Some databases are more routinely updated than others. Terminating providers may pay a fee each time they access this information. 190 See 47 U.S.C. § 227(e)(1). 191 See, e.g., TransNexus, Rich Call Data and STIR/SHAKEN, https://transnexus.com/whitepapers/rich-call-data/ (last visited Mar. 21, 2023); First Orion, Rich Call Data (RCD) – What Is It and Why Is It Important?, https://firstorion.com/rich-call-data-what-is-it/ (last visited Mar. 21, 2023). 192 Because Rich Call Data relies on the STIR/SHAKEN caller ID authentication framework, it will not work on non-IP networks, including where a call originates and terminates in IP, but transits a non-IP network or interconnection. 33 Federal Communications Commission FCC-CIRC2305-03 there alternative ways to handle this that would benefit consumers? 99. Our understanding is that terminating providers that choose to display caller ID authentication information only do so when the call receives A-level attestation. Are there terminating providers that display an indication when there is a different level of attestation? If so, should we also require these terminating providers to display caller name information, even though there is a risk that the caller ID was spoofed? Are there any other issues we should consider, such as the appropriate implementation timeline? D. Enforcement Against Voice Service Providers that Allow Customers to Originate Illegal Calls 100. We propose to authorize a base forfeiture of $11,000 for any voice service provider that fails to take affirmative, effective measures to prevent new and renewing customers from using its network to originate illegal calls, including knowing its customers and exercising due diligence in ensuring that its services are not used to originate illegal traffic.193 We further propose to authorize this forfeiture to be increased up to the maximum forfeiture that our rules allow us to impose on non-common carriers.194 Additionally, we seek comment on whether we should adopt a similar forfeiture for failure to comply with our requirement to know the upstream provider.195 101. We seek comment on these proposals. We believe that establishing a base forfeiture well below the maximum is appropriate, as it will allow us to adjust the total forfeiture upward or downward on a case-by-case basis consistent with section 503 of the Act and section 1.80 of the Commission’s rules.196 We seek comment on this belief. Is the base forfeiture we propose sufficient incentive to encourage voice service providers that are not actively trying to prevent callers from placing illegal calls to take steps to ensure that the measures they take are truly effective? Would some other threshold be appropriate? If so, what would be an appropriate base forfeiture? Similarly, is our proposal to set the maximum forfeiture amount at the maximum our rules permit for non-common carriers appropriate? We do not believe that there is any reason to penalize common carriers more harshly than non-common carriers. We seek comment on this belief. For this purpose, how should we define an individual violation of this rule? For example, should we consider each customer for which the voice service provider fails to take effective measures a single violation? If so, if a voice service provider allows that customer to originate illegal calls over the course of several days, should we consider this a continuing violation such that we may impose a forfeiture of up to $23,727 per day?197 In general, we do not believe that this will interact with the forfeiture we adopted earlier this year for failure to block.198 However, we seek comment on any potential interactions and whether, and how, we should address them. Is there anything else we should consider in authorizing these forfeitures? 102. We also seek comment on whether it would be appropriate to impose specific forfeitures for violations of our rules requiring a voice service provider to know its upstream provider.199 Should we 193 47 CFR § 64.1200(n)(3). 194 See 47 CFR § 1.80(b)(9); see also 47 U.S.C. § 503(b)(2)(D). 195 47 CFR § 64.1200(n)(4); supra Section III.C. When the rules adopted in the accompanying Report and Order are published in the CFR, 47 CFR § 64.1200(n)(4) will become 47 CFR § 64.1200(n)(5). 196 See 47 U.S.C. § 503(b)(2)(E); 47 CFR § 1.80(b)(10), tbl. 3. 197 See 47 CFR § 1.80(b)(9) (“[T]he amount of any forfeiture penalty determined under this section shall not exceed $23,727 for each violation or each day of a continuing violation, except that the amount assessed for any continuing violation shall not exceed a total of $177,951 for any single act or failure to act . . . .”). 198 2023 Caller ID Authentication Order at 29-30, paras. 54-55. 199 47 CFR § 64.1200(4); supra Section III.C. 34 Federal Communications Commission FCC-CIRC2305-03 take the same approach for violations of these rules, or would a different approach be appropriate? For example, since the know-your-upstream-provider requirements apply to a high volume of illegal traffic, rather than the origination of any illegal traffic, should the base forfeiture be higher or lower? 103. We believe that establishing a new base forfeiture is appropriate in part because bad-actor voice service providers profit from the callers that they protect. We seek comment on this belief. For example, do bad-actor voice service providers profit from fees paid by downstream providers, such as CNAM database dip fees? Is there some other approach we could take that would better address these economic incentives? Is there anything else we should consider? E. Legal Authority 104. We propose to find our legal authority for the proposed rules consistent with our authority under sections 201(b), 202(a), and 251(e) of the Communications Act of 1934, as amended (the Act) as well as from the Truth in Caller ID Act and our ancillary authority.200 In order for the rules addressing voice calls to provide benefit, they must include all voice service providers, including non- Title II providers. We further propose to rely on our authority under the TRACED Act for establishing a specific SIP Code to be used for immediate notification of call blocking.201 The Act and the Truth in Caller ID Act have long formed the basis for the Commission’s prohibitions on call blocking.202 We believe that these source of authority grant us sufficient authority to adopt the proposed rules, and we seek comment on this belief. We propose that we have authority for some matters we seek comment on here under section 251(e) of the Act, which provides us “exclusive jurisdiction over those portions of the North American Numbering Plan that pertain to the United States.”203 Are there any other sources of authority we should rely on? Do any of these sources of authority not apply to the rules we propose today? V. NOTICE OF INQUIRY 105. Voice service providers have a wide array of tools they can use to fight the ever-changing landscape of illegal calls. While some of these tools are mandated or otherwise regulated directly by the Commission, some may not be directly subject to our rules. Even where we do not directly regulate, it is important for us to be aware of the options voice service providers have and whether tools are working as intended to benefit and protect consumers. With this Notice of Inquiry, we seek information regarding the current state of technology for identifying and combating illegal calls, as well as the current state of call labeling. A. Technology for Fighting Illegal Calls 106. We seek comment on the tools voice service providers currently use to identify and combat illegal calls. We also seek comment on tools that are in development that show particular promise. What tools do voice service providers use, and how do these tools help identify and combat illegal calls? Are there any tools that are particularly valuable? If so, is there anything we can do to improve or promote these tools? Are voice service providers reluctant to use certain tools due to fear of liability? 107. We are particularly interested in the use of honeypots and whether there is any way for us to leverage or facilitate the use of honeypots more broadly. A honeypot is an unassigned phone number 200 47 U.S.C. §§ 154(i), 201(b), 202(a), 251(e). 201 TRACED Act § 10(b) (codified at 47 U.S.C. § 227(j)). 202 See, e.g., 2017 Call Blocking Order, 32 FCC Rcd at 9726-27, paras. 60-62; July 2020 Call Blocking Order, 35 FCC Rcd at 7637-38, paras. 61-68; December 2020 Call Blocking Order, 35 FCC Rcd at 15233-34, paras. 37-38. 203 47 U.S.C. § 251(e). 35 Federal Communications Commission FCC-CIRC2305-03 that is used by a voice service provider, researcher, or other third party to receive (and, where permissible, record) calls to those numbers.204 It allows the voice service provider (or other holder) to “listen in” on such calls. One potential advantage of a honeypot is that it allows “listening in” without violating any actual customer’s privacy. We seek comment on this anticipated benefit, and whether the use of honeypots involves any privacy risk (e.g., the receipt of inadvertent calls or voicemails in which the caller reveals personally identifiable information (PII)). We additionally seek comment on whether we should take steps to further the use of honeypots. Are there any barriers to their use we could remove? Can honeypots be utilized lawfully in every state, or are there state laws that might restrict or limit their use? Alternatively, should we consider implementing a Commission-operated honeypot? If so, what benefits would that bring that cannot be realized through private-sector use? Are there any privacy or other concerns we should be aware of? Alternatively, are there other options that fill the same role as honeypots more efficiently, or without those concerns? 108. We recognize that, in some cases, voice service providers may be reluctant to publicly disclose information regarding the tools they use to combat illegal calls. Where possible, we encourage voice service providers to file public comments. If a voice service provider has particular competitive concerns, however, or is concerned that their filing may allow bad actors to circumvent these tools, we also welcome confidential filings. B. Call Labeling 109. Call labeling, which comes in several forms, is a popular tool because it gives call recipients information they can use to decide whether to answer a call. Some labels seek to warn the call recipient of the level of risk the call presents; these are generally based on analytics and may include phrases like “scam likely” or “fraud risk.” Other labels seek to provide information as to the content of the call, such as “telemarketing” or “survey.” 110. We seek comment on the current state of call labeling. Are there any voice service providers that do not offer call labeling services to their customers? If so, why not? What labels are most commonly used, and how are these labels determined? How often do voice service providers receive complaints about inaccurate labels from call recipients? From callers? How have voice service providers responded to these issues? Is there data regarding how often call recipients answer calls with negative labels compared to how often they answer calls that display just a number? Do labels ever override a caller name that the call recipient has saved to their phone, or does the saved name take precedence? 111. Is there anything the Commission can do to improve the availability and accuracy of call labeling, or make it more valuable to consumers and accurate for callers? Should the Commission do so? What is our legal authority to do so? C. Digital Equity and Inclusion 112. The Commission, as part of its continuing effort to advance digital equity for all,205 including people of color and others who have been historically underserved, marginalized, and adversely 204 For example, researchers from North Carolina State University conducted a study using a honeypot of 66,606 lines over 11 months to examine unsolicited calls. Sathvik Prasad, Elijah Bouma-Sims, Athishay Kiran Mylappan, Bradley Reaves, Who’s Calling? Characterizing Robocalls through Audio and Metadata Analysis (2020), https://www.usenix.org/system/files/sec20-prasad.pdf. The Canadian Radio-television and Telecommunications Commission has also made use of honeypots. Canadian Radio-television and Telecommunications Commission, The National Do Not Call List’s (DNCL) 10-Year Anniversary (2018), https://crtc.gc.ca/eng/dncl/10ann.htm. 205 Section 1 of the Communications Act of 1934 as amended provides that the FCC “regulat[es] interstate and foreign commerce in communication by wire and radio so as to make [such service] available, so far as possible, to all the people of the United States, without discrimination on the basis of race, color, religion, national origin, or sex.” 47 U.S.C. § 151. 36 Federal Communications Commission FCC-CIRC2305-03 affected by persistent poverty and inequality, invites comment on any equity-related considerations206 and benefits (if any) that may be associated with the proposals and issues discussed herein. Specifically, we seek comment on how our proposals may promote or inhibit advances in diversity, equity, inclusion, and accessibility. VI. PROCEDURAL MATTERS 113. Regulatory Flexibility Act. The Regulatory Flexibility Act of 1980, as amended (RFA),207 requires that an agency prepare a regulatory flexibility analysis for notice and comment rulemakings, unless the agency certifies that “the rule will not, if promulgated, have a significant economic impact on a substantial number of small entities.”208 Accordingly, we have prepared a Final Regulatory Flexibility Analysis (FRFA) concerning the possible impact of the rule changes contained in this Report and Order on small entities. The FRFA is set forth in Appendix C. 114. We have also prepared an Initial Regulatory Flexibility Analysis (IRFA) concerning the potential impact of the rule and policy changes contained in the Further Notice. The IRFA is set forth in Appendix D. Written public comments are requested on the IRFA. Comments must be filed by the deadlines for comments on the Further Notice indicated on the first page of this document and must have a separate and distinct heading designating them as responses to the IRFA. 115. Paperwork Reduction Act. This document contains modified information collection requirements subject to the Paperwork Reduction Act of 1995 (PRA), Public Law 104-13. Specifically, the rules adopted in sections 64.1200(n)(1) and 64.6305(d)(2)(iii) and (f)(2)(iii) require modified information collections. These documents will be submitted to the Office of Management and Budget (OMB) for review under Section 3507(d) of the PRA. OMB, the general public, and other Federal agencies will be invited to comment on the new or modified information collection requirements contained in this proceeding. 116. The Further Notice also contains a proposed revised information collection requirement. The Commission, as part of its continuing effort to reduce paperwork burdens, invites the general public and OMB to comment on the information collection requirement contained in this document, as required by the Paperwork Reduction Act of 1995, Public Law 104-13. In addition, pursuant to the Small Business Paperwork Relief Act of 2002, Public Law 107-198, see 44 U.S.C 3506(c)(4), we seek specific comment on how we might further reduce the information collection burden for small business concerns with fewer than 25 employees. 117. Congressional Review Act. [The Commission will submit this draft Report & Order, Further Notice of Proposed Rulemaking, and Notice of Inquiry to the Administrator of the Office of Information and Regulatory Affairs, Office of Management and Budget, for concurrence as to whether this rule is “major” or “non-major” under the Congressional Review Act, 5 U.S.C. § 804(2).] The Commission will send a copy of this Report & Order, Further Notice of Proposed Rulemaking, and 206 We define the term “equity” consistent with Executive Order 13985 as the consistent and systematic fair, just, and impartial treatment of all individuals, including individuals who belong to underserved communities that have been denied such treatment, such as Black, Latino, and Indigenous and Native American persons, Asian Americans and Pacific Islanders and other persons of color; members of religious minorities; lesbian, gay, bisexual, transgender, and queer (LGBTQ+) persons; persons with disabilities; persons who live in rural areas; and persons otherwise adversely affected by persistent poverty or inequality. See Exec. Order No. 13985, 86 Fed. Reg. 7009, Executive Order on Advancing Racial Equity and Support for Underserved Communities Through the Federal Government (Jan. 20, 2021). 207 5 U.S.C. §§ 601–612. The RFA has been amended by the Small Business Regulatory Enforcement Fairness Act of 1996 (SBREFA), Pub. L. No. 104-121, Title II, 110 Stat. 857 (1996). 208 5 U.S.C. § 605(b). 37 Federal Communications Commission FCC-CIRC2305-03 Notice of Inquiry to Congress and the Government Accountability Office pursuant to 5 U.S.C. § 801(a)(1)(A). 118. Ex Parte Presentations—Permit-But-Disclose. The proceeding this Further Notice initiates shall be treated as a “permit-but-disclose” proceeding in accordance with the Commission’s ex parte rules.209 Persons making ex parte presentations must file a copy of any written presentation or a memorandum summarizing any oral presentation within two business days after the presentation (unless a different deadline applicable to the Sunshine period applies). Persons making oral ex parte presentations are reminded that memoranda summarizing the presentation must (1) list all persons attending or otherwise participating in the meeting at which the ex parte presentation was made, and (2) summarize all data presented and arguments made during the presentation. If the presentation consisted in whole or in part of the presentation of data or arguments already reflected in the presenter’s written comments, memoranda or other filings in the proceeding, the presenter may provide citations to such data or arguments in his or her prior comments, memoranda, or other filings (specifying the relevant page and/or paragraph numbers where such data or arguments can be found) in lieu of summarizing them in the memorandum. Documents shown or given to Commission staff during ex parte meetings are deemed to be written ex parte presentations and must be filed consistent with section 1.1206(b) of the Commission’s rules. In proceedings governed by section 1.49(f) of the Commission’s rules or for which the Commission has made available a method of electronic filing, written ex parte presentations and memoranda summarizing oral ex parte presentations, and all attachments thereto, must be filed through the electronic comment filing system available for that proceeding, and must be filed in their native format (e.g., .doc, .xml, .ppt, searchable .pdf). Participants in this proceeding should familiarize themselves with the Commission’s ex parte rules.210 119. Filing of Comments and Reply Comments. Pursuant to sections 1.415 and 1.419 of the Commission’s rules, 47 CFR §§ 1.415, 1.419, interested parties may file comments and reply comments on or before the dates indicated on the first page of this document. Comments may be filed using the Commission’s Electronic Comment Filing System (ECFS). See Electronic Filing of Documents in Rulemaking Proceedings, 63 FR 24121 (1998). • Electronic Filers: Comments may be filed electronically using the Internet by accessing the ECFS: http://apps.fcc.gov/ecfs/. • Paper Filers: Parties who choose to file by paper must file an original and one copy of each filing. • Filings can be sent by commercial overnight courier, or by first-class or overnight U.S. Postal Service mail. All filings must be addressed to the Commission’s Secretary, Office of the Secretary, Federal Communications Commission. • Commercial overnight mail (other than U.S. Postal Service Express Mail and Priority Mail) must be sent to 9050 Junction Drive, Annapolis Junction, MD 20701.U.S. Postal Service first- class, Express, and Priority mail must be addressed to 45 L Street NE, Washington, DC 20554. • Effective March 19, 2020, and until further notice, the Commission no longer accepts any hand or messenger delivered filings. This is a temporary measure taken to help protect the health and safety of individuals, and to mitigate the transmission of COVID-19. See FCC Announces Closure of FCC Headquarters Open Window and Change in Hand-Delivery Policy, Public 209 47 CFR §§ 1.1200 et seq. 210 47 CFR § 1.49(f). 38 Federal Communications Commission FCC-CIRC2305-03 Notice, DA 20-304 (March 19, 2020). https://www.fcc.gov/document/fcc-closes-headquarters- open-window-and-changes-hand-delivery-policy. 120. People with Disabilities. To request materials in accessible formats for people with disabilities (Braille, large print, electronic files, audio format), send an e-mail to fcc504@fcc.gov or call the Consumer and Governmental Affairs Bureau at 202-418-0530 (voice). 121. Availability of Documents. Comments, reply comments, ex parte submissions, and the Report and Order and Further Notice will be available via ECFS. Documents will be available electronically in ASCII, Microsoft Word, and/or Adobe Acrobat. When the FCC Headquarters reopens to the public, documents will also be available for public inspection during regular business hours in the FCC Reference Center, Federal Communications Commission, 45 L Street NE, Washington, D.C. 20554. 122. Additional Information. For further information about the Further Notice and Notice of Inquiry, contact Jerusha Burnett, Attorney Advisor, Consumer Policy Division, Consumer and Governmental Affairs Bureau, at jerusha.burnett@fcc.gov, (202) 418-0526. VII. ORDERING CLAUSES 123. IT IS ORDERED that, pursuant to sections 4(i), 201, 202, 217, 227, 227b, 251(e), 303(r), and 403 of the Communications Act of 1934, as amended, 47 U.S.C. §§ 154(i), 201, 202, 217, 227, 251(e), 303(r), 403, this Report and Order IS ADOPTED. 124. IT IS FURTHER ORDERED that, pursuant to sections 4(i), 201, 202, 227, 227b 251(e), 303(r), 403, and 503 of the Communications Act of 1934, as amended, 47 U.S.C. §§ 154(i), 201, 202, 227, 251(e), 303(r), 403 and 503, and section 7 of the Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, Pub. L. No. 116-105, 133 Stat. 3274, this Further Notice of Proposed Rulemaking and Notice of Inquiry IS ADOPTED. 125. IT IS FURTHER ORDERED that the rule amendments set forth in Appendix A, with the exception of the revised sections 64.1200(n)(1) and 64.6305(d)(2)(iii) and (f)(2)(iii) SHALL BE EFFECTIVE 180 days after their publication in the Federal Register. 126. IT IS FURTHER ORDERED that the revised sections 64.1200(n)(1) and 64.6305 SHALL BE EFFECTIVE 30 days after the Commission’s publication of a notice in the Federal Register, which will announce approval of portions of the rules requiring approval by OMB under the PRA. 127. IT IS FURTHER ORDERED that, pursuant to applicable procedures set forth in sections 1.415 and 1.419 of the Commission’s Rules, 47 C.F.R. §§ 1.415, 1.419, interested parties may file comments on the Further Notice of Proposed Rulemaking and Notice of Inquiry on or before 30 days after publication in the Federal Register, and reply comments on or before 60 days after publication in the Federal Register. 128. IT IS FURTHER ORDERED that the Office of the Managing Director, Performance Evaluation and Records Management, SHALL SEND a copy of this Report and Order, Notice of Proposed Rulemaking, and Notice of Inquiry to Congress and the Government Accountability Office pursuant to the Congressional Review Act, see 5 U.S.C. § 801(a)(1)(A). 129. IT IS FURTHER ORDERED that the Commission’s Office of the Managing Director, Reference Information Center, SHALL SEND a copy of this Report and Order, Notice of Proposed Rulemaking, and Notice of Inquiry, including the Regulatory Flexibility Analysis, to the Chief Counsel for Advocacy of the Small Business Administration. 39 Federal Communications Commission FCC-CIRC2305-03 FEDERAL COMMUNICATIONS COMMISSION Marlene H. Dortch Secretary 40 Federal Communications Commission FCC-CIRC2305-03 APPENDIX A Final Rules The Federal Communications Commission amends Parts 0 and 64 of Title 47 of the Code of Federal Regulations as follows: PART 0—COMMISSION ORGANIZATION Subpart A—Organization 1. Amend section 0.111(a) by revising paragraph (27) to read: (27) Identify suspected illegal calls and provide written notice to voice service providers. The Enforcement Bureau shall: (1) identify with as much particularity as possible the suspected traffic; (2) cite the statutory or regulatory provisions the suspected traffic appears to violate; (3) provide the basis for the Enforcement Bureau’s reasonable belief that the identified traffic is unlawful, including any relevant nonconfidential evidence from credible sources such as the industry traceback consortium or law enforcement agencies; and (4) direct the voice service provider receiving the notice that it must comply with section 64.1200(n)(2) of the Commission’s rules. PART 64—MISCELLANEOUS RULES RELATING TO COMMON CARRIERS Subpart L—Restrictions on Telemarketing, Telephone Solicitation, and Facsimile Advertising 2. Amend section 64.1200 by redesignating paragraph (n)(3) as (n)(4); revising paragraphs (k)(5), (k)(6), and (n)(1); revising and redesignating paragraphs (n)(4) to (n)(5), (n)(5) to (n)(2), and (n)(6) to (n)(3); adding new paragraph (n)(5); and removing paragraph (n)(6) to read: (k)(5) A provider may not block a voice call under paragraphs (k)(1) through (4), (11), (n)(2)-(3), (5), or (o) of this section if the call is an emergency call placed to 911. (k)(6) When blocking consistent with paragraphs (k)(1) through (4), (11), (n)(2)-(3), (5), or (o) of this section, a provider must make all reasonable efforts to ensure that calls from public safety answering points and government emergency numbers are not blocked. (n)(1) Upon receipt of a traceback request from the Commission, civil law enforcement, criminal law enforcement, or the industry traceback consortium, the provider must fully respond to the traceback request within 24 hours of receipt of the request. The 24-hour clock does not start outside of business hours, and requests received during that time are deemed received at 8:00 a.m. on the next business day. If the 24-hour response period would end on a non-business day, either a weekend or a federal legal holiday, the 24-hour clock does not run for the weekend or holiday in question, and restarts at 12:01 a.m. on the next business day following when the request would otherwise be due. For example, a request received at 3:00 p.m. on a Friday will be due at 3:00 p.m. on the following Monday, assuming that Monday is not a federal legal holiday. For purposes of paragraph (n)(1), “business day” is defined as Monday through Friday, excluding federal legal holidays, and “business hours” is defined as 8:00 a.m. to 5:30 p.m. on a business day. For purposes of paragraph (n)(1), all times are local time for the office that is required to respond to the request. (n)(2) Upon receipt of a Notice of Suspected Illegal Traffic from the Commission through its Enforcement Bureau, take the applicable actions with respect to the identified traffic described in paragraphs (i)-(iii) below. The provider will not be held liable under the Communications Act or the Commission’s rules in this chapter for providers that inadvertently block lawful traffic as part of the requirement to block substantially similar traffic so long as it is blocking consistent with the requirements of paragraph (n)(2)(i)-(iii). For purposes of paragraph (n)(2), “identified traffic” means the illegal traffic identified in the Notification of Suspected Illegal Traffic issued by the Enforcement Bureau. The 41 Federal Communications Commission FCC-CIRC2305-03 following procedures shall apply: (i)(A) The Enforcement Bureau will issue a Notification of Suspected Illegal Traffic that identifies with as much particularity as possible the suspected illegal traffic; provides the basis for the Enforcement Bureau’s reasonable belief that the identified traffic is unlawful; cites the statutory or regulatory provisions the identified traffic appears to violate; and directs the provider receiving the notice that it must comply with this section. The Enforcement Bureau’s Notification of Suspected Illegal Traffic shall give the identified provider a minimum of 14 days to comply with the notice. Each notified provider must promptly investigate the identified traffic and report the results of that investigation to the Enforcement Bureau within the timeframe specified in the Notification of Suspected Illegal Traffic. If the provider’s investigation determines that it served as the gateway or originating provider for the identified traffic, it must block or cease accepting the identified traffic and substantially similar traffic on an ongoing basis within the timeframe specified in the Notification of Suspected Illegal Traffic. The provider must include in its report to the Enforcement Bureau: (1) a certification that it is blocking the identified traffic and will continue to do so; and (2) a description of its plan to identify and block or cease accepting substantially similar traffic on an ongoing basis. (B) If the provider’s investigation determines that the identified traffic is not illegal, it shall provide an explanation as to why the provider reasonably concluded that the identified traffic is not illegal and what steps it took to reach that conclusion. Absent such a showing, or if the Enforcement Bureau determines based on the evidence that the traffic is illegal despite the provider’s assertions, the identified traffic will be deemed illegal. If the notified provider determines during this investigation that it did not serve as the gateway provider or originating provider for any of the identified traffic, it shall provide an explanation as to how it reached that conclusion and, if it is a non-gateway intermediate or terminating provider for the identified traffic, it must identify the upstream provider(s) from which it received the identified traffic and, if possible, take lawful steps to mitigate this traffic. If the Enforcement Bureau finds that an approved plan is not blocking substantially similar traffic, the identified provider shall modify its plan to block such traffic. If the Enforcement Bureau finds that the identified provider continues to allow suspected illegal traffic onto the U.S. network, it may proceed under paragraph (n)(2)(ii) or (iii) of this section, as appropriate. (ii) If the provider fails to respond to the Notification of Suspected Illegal Traffic, the Enforcement Bureau determines that the response is insufficient, the Enforcement Bureau determines that the provider is continuing to originate substantially similar traffic or allow substantially similar traffic onto the U.S. network after the timeframe specified in the Notification of Suspected Illegal Traffic, or the Enforcement Bureau determines based on the evidence that the traffic is illegal despite the provider’s assertions, the Enforcement Bureau shall issue an Initial Determination Order to the provider stating the Bureau’s initial determination that the provider is not in compliance with this section. The Initial Determination Order shall include the Enforcement Bureau’s reasoning for its determination and give the provider a minimum of 14 days to provide a final response prior to the Enforcement Bureau making a final determination on whether the provider is in compliance with this section. (iii) If the provider does not provide an adequate response to the Initial Determination Order within the timeframe permitted in that Order or continues to originate substantially similar traffic onto the U.S. network, the Enforcement Bureau shall issue a Final Determination Order finding that the provider is not in compliance with this section. The Final Determination Orders shall be published in EB Docket No. 22-174 at https://www.fcc.gov/ecfs/search/search-filings. A Final Determination Order may be issued up to one year after the release date of the Initial Determination Order, and may be based on either an immediate failure to comply with this rule or a determination that the provider has failed to meet its ongoing obligation under this rule to block substantially similar traffic. 42 Federal Communications Commission FCC-CIRC2305-03 (n)(3) When notified by the Commission through its Enforcement Bureau that a Final Determination Order has been issued finding that an upstream provider has failed to comply with paragraph (n)(2) of this section, block and cease accepting all traffic received directly from the upstream provider beginning 30 days after the release date of the Final Determination Order. Paragraph (n)(3) applies to any provider immediately downstream from the upstream provider. The Enforcement Bureau shall provide notification by publishing the Final Determination Order in EB Docket No. 22-174 at https://www.fcc.gov/ecfs/search/search-filings. Providers must monitor EB Docket No. 22-174 and initiate blocking no later than 30 days from the release date of the Final Determination Order. A provider that chooses to initiate blocking sooner than 30 days from the release date may do so consistent with paragraph (k)(4) of this section. (n)(5) Take reasonable and effective steps to ensure that any originating provider or intermediate provider, foreign or domestic, from which it directly receives traffic is not using the provider to carry or process a high volume of illegal traffic onto the U.S. network. Subpart HH—Caller ID Authentication. 3. Amend Section 64.6305 by amending paragraphs (a)(2), (c)(2), (d)(2)(ii), (d)(2)(iii), (e)(2)(ii), and (f)(2)(iii). (a) * * * (a)(2) Any robocall mitigation program implemented pursuant to paragraph (a)(1) of this section shall include reasonable steps to avoid originating illegal robocall traffic and shall include a commitment to respond within 24 hours to all traceback requests from the Commission, law enforcement, and the industry traceback consortium, and to cooperate with such entities in investigating and stopping any illegal robocallers that use its service to originate calls. * * * * * (c)(2) Any robocall mitigation program implemented pursuant to paragraph (c)(1) of this section shall include reasonable steps to avoid carrying or processing illegal robocall traffic and shall include a commitment to respond within 24 hours to all traceback requests from the Commission, law enforcement, and the industry traceback consortium, and to cooperate with such entities in investigating and stopping any illegal robocallers that use its service to carry or process calls. * * * * * (d)(2)(ii) The specific reasonable steps the voice service provider has taken to avoid originating illegal robocall traffic as part of its robocall mitigation program, including a description of how it complies with its obligation to know its customers pursuant to § 64.1200(n)(4), any procedures in place to know its upstream providers, and the analytics system(s) it uses to identify and block illegal traffic, including whether it uses any third-party analytics vendor(s) and the name(s) of such vendor(s). 43 Federal Communications Commission FCC-CIRC2305-03 (d)(2)(iii) A statement of the voice service provider’s commitment to respond within 24 hours to all traceback requests from the Commission, law enforcement, and the industry traceback consortium, and to cooperate with such entities in investigating and stopping any illegal robocallers that use its service to originate calls; and * * * * * (e)(2)(ii) The specific reasonable steps the gateway provider has taken to avoid carrying or processing illegal robocall traffic as part of its robocall mitigation program, including a description of how it complies with its obligation to know its upstream providers pursuant to § 64.1200(n)(5), the analytics system(s) it uses to identify and block illegal traffic, and whether it uses any third-party analytics vendor(s) and the name(s) of such vendor(s); * * * * * (f)(2)(iii) A statement of the non-gateway intermediate provider’s commitment to respond within 24 hours to all traceback requests from the Commission, law enforcement, and the industry traceback consortium, and to cooperate with such entities in investigating and stopping any illegal robocallers that use its service to carry or process calls; and * * * * * 44 Federal Communications Commission FCC-CIRC2305-03 APPENDIX B Proposed Rules The Federal Communications Commission amends parts 1 and 64 of Title 47 of the Code of Federal Regulations as follows: PART 1—PRACTICE AND PROCEDURE Subpart A—General Rules of Practice and Procedure 1. Amend section 1.80 by adding a row to Table 1 to paragraph (b)(10) to read: Failure to prevent customers from originating illegal calls 11,000 PART 64—MISCELLANEOUS RULES RELATING TO COMMON CARRIERS Subpart L—Restrictions on Telemarketing, Telephone Solicitation, and Facsimile Advertising 2. Amend section 64.1200 by adding paragraph (s) and revising paragraphs (n)(2) and (o) to read: (n)(2) * * * * * (B) If the provider’s investigation determines that the identified traffic is not illegal, it shall provide an explanation as to why the provider reasonably concluded that the identified traffic is not illegal and what steps it took to reach that conclusion. Absent such a showing, or if the Enforcement Bureau determines based on the evidence that the traffic is illegal despite the provider’s assertions, the identified traffic will be deemed illegal. If the notified provider determines during this investigation that it did not serve as the gateway provider or originating provider for any of the identified traffic, it shall provide an explanation as to how it reached that conclusion, identify the upstream provider(s) from which it received the identified traffic, and, if possible, take lawful steps to mitigate this traffic. If the provider responds to the Enforcement Bureau that it cannot identify any or all of the upstream provider(s) from which it received the traffic, it must block substantially similar traffic consistent with the obligations of gateway and originating providers in section (n)(2)(i)(A). If the Enforcement Bureau finds that an approved plan is not blocking substantially similar traffic, the identified provider shall modify its plan to block such traffic. If the Enforcement Bureau finds that the identified provider continues to allow suspected illegal traffic onto the U.S. network, it may proceed under paragraph (n)(2)(ii) or (iii) of this section, as appropriate. * * * * * (C) If the Enforcement Bureau has previously sent a Notification of Suspected Illegal Traffic to the identified provider, it may require that provider to block substantially similar traffic consistent with the obligations of gateway and originating providers in section (n)(2)(i)(A) of this rule and to identify the upstream provider(s) from which it received the identified traffic— if it determines, based on the totality of the circumstances, that the terminating or non-gateway intermediate provider is either intentionally or negligently allowing illegal traffic onto its network. (o) A voice service provider must block any calls purporting to originate from a number on a reasonable do-not-originate list. A list so limited in scope that it leaves out obvious numbers that could be included with little effort may be deemed unreasonable. The do-not-originate list may include only: 45 Federal Communications Commission FCC-CIRC2305-03 (1) Numbers for which the subscriber to the number has requested that calls purporting to originate from that number be blocked because the number is used for inbound calls only; (2) North American Numbering Plan numbers that are not valid; (3) Valid North American Numbering Plan Numbers that are not allocated to a provider by the North American Numbering Plan Administrator; and (4) Valid North American Numbering Plan numbers that are allocated to a provider by the North American Numbering Plan Administrator, but are unused, so long as the provider blocking the calls is the allocatee of the number and confirms that the number is unused or has obtained verification from the allocatee that the number is unused at the time of blocking. (s) A terminating provider must offer analytics-based blocking of calls that are highly likely to be illegal on an opt-out basis without charge to consumers. A provider that offers blocking services consistent with paragraphs (k)(3) or (k)(11) of this sections will be deemed to be in compliance with this paragraph (p), so long as those services are offered without charge. 46 Federal Communications Commission FCC-CIRC2305-03 APPENDIX C Final Regulatory Flexibility Analysis 1. As required by the Regulatory Flexibility Act of 1980 (RFA),1 as amended, an Initial Regulatory Flexibility Analysis (IRFA) was incorporated into the Further Notice of Proposed Rulemaking adopted in May 2022 (May 2022 Further Notice).2 The Commission sought written public comment on the proposals in the May 2022 Further Notice, including comment on the IRFA. The comments received are discussed below in Section B. This Final Regulatory Flexibility Analysis (FRFA) conforms to the RFA.3 A. Need for, and Objectives of, the Order 2. The Report and Order takes important steps in the fight against illegal robocalls by extending certain requirements to a broader range of voice service providers.4 First, the Report and Order requires all domestic voice service providers to respond to traceback requests within 24 hours of the request, extending the previous rule applicable to gateway providers to all providers.5 Second, it requires originating providers to block illegal traffic when notified of such traffic by the Commission and, if they fail to do, requires all voice service providers in the U.S. to block all traffic from the bad-actor voice service provider, consistent with the existing rule for gateway providers.6 This modification eliminates potential ambiguity as to how providers should effectively mitigate illegal traffic and provides certainty to voice service providers that may otherwise be unsure how to comply. Finally, it requires all voice service providers accepting traffic from an upstream provider to take reasonable and effective steps to ensure that the immediate upstream provider is not using them to carry or process a high volume of illegal traffic.7 The expansion of these rules protects consumers from illegal calls, holds voice service providers responsible for the calls they carry, and aids in the identification of bad actors. B. Summary of Significant Issues Raised by Public Comments in Response to the IRFA 3. While no comments specifically addressed the May 2022 Further Notice IRFA,8 the Commission did receive some comments that addressed the impact of the proposed rules on small providers. Some commenters raised concerns about the 24-hour traceback requirement.9 In particular, 1 See 5 U.S.C. § 603. The RFA, 5 U.S.C. §§ 601–612, was amended by the Small Business Regulatory Enforcement Fairness Act of 1996 (SBREFA), Pub. L. No. 104-121, Title II, 110 Stat. 857 (1996). 2 Advanced Methods to Target and Eliminate Illegal Robocalls, CG Docket No. 17-59, WC Docket No. 17-97, Sixth Report and Order in CG Docket No. 19-59, Fifth Report and Order in WC Docket No. 17-97, Order, Seventh Further Notice of Proposed Rulemaking in CG Docket No. 17-59 & Fifth Further Notice of Proposed Rulemaking in WC Docket No. 17-97, FCC 22-37, at 63-90, paras. 157-232 (May 20, 2022) (May 2022 Further Notice). 3 See 5 U.S.C. § 604. 4 Report and Order at paras. 21-50. 5 Id. at paras. 21-27. 6 Id. at paras. 28-47. 7 Id. at paras. 48-50. 8 May 2022 Further Notice at 122-135, Appx. D. 9 See ACA Connects Comments at 8-9 (noting that the Commission recognized that smaller providers may struggle to respond quickly, and stating that the “only reason to codify that standard as a hard-and-fast requirement would be to enforce against smaller providers”); VON Comments at 2 (arguing that a rigid requirement imposes “significant burdens on smaller providers that may struggle to comply, particular with requests that arrive at the end of, or after the close of the typical business day” and urging the Commission to make clear that weekends and holidays would not count against the 24 hour clock); ACA Connects Reply Comments at 4 (arguing that filings by the Industry Traceback group validate the concerns raised in their prior comments). 47 Federal Communications Commission FCC-CIRC2305-03 commenters noted that the Commission recognized that smaller providers may struggle to respond quickly and result in “significant burdens” to small entities.10 Still other comments urged us to adopt a tiered approach to provide flexibility for smaller providers that receive infrequent traceback requests.11 We acknowledge these concerns in the Report and Order,12 and discuss steps taken to address these concerns in Section F of this FRFA. The rule we adopt in the Report and Order codifies the expectation of the existing rule and provides flexibility to address requests received on evenings, weekends, and holidays.13 The Commission further considered the potential impact of the rules proposed in the IRFA on small entities and took steps where appropriate and feasible to reduce the compliance and economic burden for small entities. C. Response to Comments by the Chief Counsel for Advocacy of the Small Business Administration 4. Pursuant to the Small Business Jobs Act of 2010, which amended the RFA, the Commission is required to respond to any comments filed by the Chief Counsel for Advocacy of the Small Business Administration (SBA), and to provide a detailed statement of any change made to the proposed rules as a result of those comments.14 The Chief Counsel did not file any comments in response to the proposed rules in this proceeding. D. Description and Estimate of the Number of Small Entities to Which Rules Will Apply 5. The RFA directs agencies to provide a description of, and where feasible, an estimate of the number of small entities that may be affected by the rules adopted herein.15 The RFA generally defines the term “small entity” as having the same meaning as the terms “small business,” “small organization,” and “small governmental jurisdiction.”16 In addition, the term “small business” has the same meaning as the term “small-business concern” under the Small Business Act.17 A “small-business concern” is one which: (1) is independently owned and operated; (2) is not dominant in its field of operation; and (3) satisfies any additional criteria established by the SBA.18 6. Small Businesses, Small Organizations, Small Governmental Jurisdictions. Our actions, over time, may affect small entities that are not easily categorized at present. We therefore describe here, at the outset, three broad groups of small entities that could be directly affected herein.19 First, while 10 ACA Connects Comments at 8-9; VON Comments at 2. 11 See CCA Comments at 6 (urging the Commission to adopt an approach that “would provide flexibility for providers that receive infrequent traceback requests” who are likely to be smaller providers); VON Comments at 2 (asking for the Commission to, if it adopts a tiered approach, be sure to provide clear guidance). 12 Report and Order at para. 24. 13 Id. at paras. 21-27. 14 5 U.S.C. § 604(a)(3). 15 See 5 U.S.C. § 604 (a)(4). 16 See 5 U.S.C. § 601(6). 17 See 5 U.S.C. § 601(3) (incorporating by reference the definition of “small-business concern” in the Small Business Act, 15 U.S.C. § 632). Pursuant to 5 U.S.C. § 601(3), the statutory definition of a small business applies “unless an agency, after consultation with the Office of Advocacy of the Small Business Administration and after opportunity for public comment, establishes one or more definitions of such term which are appropriate to the activities of the agency and publishes such definition(s) in the Federal Register.” 18 See 15 U.S.C. § 632. 19 See 5 U.S.C. § 601(3)-(6). 48 Federal Communications Commission FCC-CIRC2305-03 there are industry specific size standards for small businesses that are used in the regulatory flexibility analysis, according to data from the Small Business Administration’s (SBA) Office of Advocacy, in general a small business is an independent business having fewer than 500 employees.20 These types of small businesses represent 99.9% of all businesses in the United States, which translates to 32.5 million businesses.21 7. Next, the type of small entity described as a “small organization” is generally “any not- for-profit enterprise which is independently owned and operated and is not dominant in its field.”22 The Internal Revenue Service (IRS) uses a revenue benchmark of $50,000 or less to delineate its annual electronic filing requirements for small exempt organizations.23 Nationwide, for tax year 2020, there were approximately 447,689 small exempt organizations in the U.S. reporting revenues of $50,000 or less according to the registration and tax data for exempt organizations available from the IRS.24 8. Finally, the small entity described as a “small governmental jurisdiction” is defined generally as “governments of cities, counties, towns, townships, villages, school districts, or special districts, with a population of less than fifty thousand.”25 U.S. Census Bureau data from the 2017 Census of Governments26 indicate that there were 90,075 local governmental jurisdictions consisting of general purpose governments and special purpose governments in the United States.27 Of this number there were 36,931 general purpose governments (county28, municipal and town or township29) with populations of 20 See SBA, Office of Advocacy, Frequently Asked Questions, “What is a small business?,” https://cdn.advocacy.sba.gov/wp-content/uploads/2021/11/03093005/Small-Business-FAQ-2021.pdf. (Nov 2021). 21 Id. 22 See 5 U.S.C. § 601(4). 23 The IRS benchmark is similar to the population of less than 50,000 benchmark in 5 U.S.C § 601(5) that is used to define a small governmental jurisdiction. Therefore, the IRS benchmark has been used to estimate the number small organizations in this small entity description. See Annual Electronic Filing Requirement for Small Exempt Organizations — Form 990-N (e-Postcard), “Who must file,” https://www.irs.gov/charities-non-profits/annual-electronic-filing-requirement-for-small-exempt-organizations- form-990-n-e-postcard. We note that the IRS data does not provide information on whether a small exempt organization is independently owned and operated or dominant in its field. 24 See Exempt Organizations Business Master File Extract (EO BMF), “CSV Files by Region, https://www.irs.gov/charities-non-profits/exempt-organizations-business-master-file-extract-eo-bmf. The IRS Exempt Organization Business Master File (EO BMF) Extract provides information on all registered tax- exempt/non-profit organizations. The data utilized for purposes of this description was extracted from the IRS EO BMF data for businesses for the tax year 2020 with revenue less than or equal to $50,000, for Region 1-Northeast Area (58,577), Region 2-Mid-Atlantic and Great Lakes Areas (175,272), and Region 3-Gulf Coast and Pacific Coast Areas (213,840) which includes the continental U.S., Alaska, and Hawaii. This data does not include information for Puerto Rico. 25 See 5 U.S.C. § 601(5). 26 See 13 U.S.C. § 161. The Census of Governments survey is conducted every five (5) years compiling data for years ending with “2” and “7”. See also Census of Governments, https://www.census.gov/programs- surveys/cog/about.html. 27 See U.S. Census Bureau, 2017 Census of Governments – Organization Table 2. Local Governments by Type and State: 2017 [CG1700ORG02], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. Local governmental jurisdictions are made up of general purpose governments (county, municipal and town or township) and special purpose governments (special districts and independent school districts). See also tbl.2. CG1700ORG02 Table Notes_Local Governments by Type and State_2017. 28 See id. at tbl.5. County Governments by Population-Size Group and State: 2017 [CG1700ORG05], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. There were 2,105 county governments (continued….) 49 Federal Communications Commission FCC-CIRC2305-03 less than 50,000 and 12,040 special purpose governments - independent school districts30 with enrollment populations of less than 50,000.31 Accordingly, based on the 2017 U.S. Census of Governments data, we estimate that at least 48,971 entities fall into the category of “small governmental jurisdictions.”32 1. Wireline Carriers 9. Wired Telecommunications Carriers. The U.S. Census Bureau defines this industry as establishments primarily engaged in operating and/or providing access to transmission facilities and infrastructure that they own and/or lease for the transmission of voice, data, text, sound, and video using wired communications networks.33 Transmission facilities may be based on a single technology or a combination of technologies. Establishments in this industry use the wired telecommunications network facilities that they operate to provide a variety of services, such as wired telephony services, including VoIP services, wired (cable) audio and video programming distribution, and wired broadband internet services.34 By exception, establishments providing satellite television distribution services using facilities and infrastructure that they operate are included in this industry.35 Wired Telecommunications Carriers are also referred to as wireline carriers or fixed local service providers.36 10. The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.37 U.S. Census Bureau data for 2017 show that there (Continued from previous page) with populations less than 50,000. This category does not include subcounty (municipal and township) governments. 29 See id. at tbl.6. Subcounty General-Purpose Governments by Population-Size Group and State: 2017 [CG1700ORG06], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. There were 18,729 municipal and 16,097 town and township governments with populations less than 50,000. 30 See id. at tbl.10. Elementary and Secondary School Systems by Enrollment-Size Group and State: 2017 [CG1700ORG10], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. There were 12,040 independent school districts with enrollment populations less than 50,000. See also tbl.4. Special-Purpose Local Governments by State Census Years 1942 to 2017 [CG1700ORG04], CG1700ORG04 Table Notes_Special Purpose Local Governments by State_Census Years 1942 to 2017. 31 While the special purpose governments category also includes local special district governments, the 2017 Census of Governments data does not provide data aggregated based on population size for the special purpose governments category. Therefore, only data from independent school districts is included in the special purpose governments category. 32 This total is derived from the sum of the number of general purpose governments (county, municipal and town or township) with populations of less than 50,000 (36,931) and the number of special purpose governments - independent school districts with enrollment populations of less than 50,000 (12,040), from the 2017 Census of Governments - Organizations tbls.5, 6 & 10. 33 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 34 Id. 35 Id. 36 Fixed Local Service Providers include the following types of providers: Incumbent Local Exchange Carriers (ILECs), Competitive Access Providers (CAPs) and Competitive Local Exchange Carriers (CLECs), Cable/Coax CLECs, Interconnected VOIP Providers, Non-Interconnected VOIP Providers, Shared-Tenant Service Providers, Audio Bridge Service Providers, and Other Local Service Providers. Local Resellers fall into another U.S. Census Bureau industry group and therefore data for these providers is not included in this industry. 37 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 50 Federal Communications Commission FCC-CIRC2305-03 were 3,054 firms that operated in this industry for the entire year.38 Of this number, 2,964 firms operated with fewer than 250 employees.39 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 5,183 providers that reported they were engaged in the provision of fixed local services.40 Of these providers, the Commission estimates that 4,737 providers have 1,500 or fewer employees.41 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 11. Local Exchange Carriers (LECs). Neither the Commission nor the SBA has developed a size standard for small businesses specifically applicable to local exchange services. Providers of these services include both incumbent and competitive local exchange service providers. Wired Telecommunications Carriers42 is the closest industry with an SBA small business size standard.43 Wired Telecommunications Carriers are also referred to as wireline carriers or fixed local service providers.44 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.45 U.S. Census Bureau data for 2017 show that there were 3,054 firms that operated in this industry for the entire year.46 Of this number, 2,964 firms operated with fewer than 250 employees.47 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 5,183 providers that reported they were fixed local exchange service providers.48 Of these providers, the Commission estimates that 4,737 providers have 1,500 or fewer employees.49 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 38 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 39 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 40 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 41 Id. 42 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 43 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 44 Fixed Local Exchange Service Providers include the following types of providers: Incumbent Local Exchange Carriers (ILECs), Competitive Access Providers (CAPs) and Competitive Local Exchange Carriers (CLECs), Cable/Coax CLECs, Interconnected VOIP Providers, Non-Interconnected VOIP Providers, Shared-Tenant Service Providers, Audio Bridge Service Providers, Local Resellers, and Other Local Service Providers. 45 Id. 46 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 47 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 48 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 49 Id. 51 Federal Communications Commission FCC-CIRC2305-03 12. Incumbent Local Exchange Carriers (Incumbent LECs). Neither the Commission nor the SBA have developed a small business size standard specifically for incumbent local exchange carriers. Wired Telecommunications Carriers50 is the closest industry with an SBA small business size standard.51 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.52 U.S. Census Bureau data for 2017 show that there were 3,054 firms in this industry that operated for the entire year.53 Of this number, 2,964 firms operated with fewer than 250 employees.54 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 1,227 providers that reported they were incumbent local exchange service providers.55 Of these providers, the Commission estimates that 929 providers have 1,500 or fewer employees.56 Consequently, using the SBA’s small business size standard, the Commission estimates that the majority of incumbent local exchange carriers can be considered small entities. 13. Competitive Local Exchange Carriers (LECs). Neither the Commission nor the SBA has developed a size standard for small businesses specifically applicable to local exchange services. Providers of these services include several types of competitive local exchange service providers.57 Wired Telecommunications Carriers58 is the closest industry with a SBA small business size standard. The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.59 U.S. Census Bureau data for 2017 show that there were 3,054 firms that operated in this industry for the entire year.60 Of this number, 2,964 firms operated with fewer than 250 employees.61 Additionally, based on Commission data in the 2021 Universal Service Monitoring 50 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 51 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 52 Id. 53 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 54 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 55 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 56 Id. 57 Competitive Local Exchange Service Providers include the following types of providers: Competitive Access Providers (CAPs) and Competitive Local Exchange Carriers (CLECs), Cable/Coax CLECs, Interconnected VOIP Providers, Non-Interconnected VOIP Providers, Shared-Tenant Service Providers, Audio Bridge Service Providers, Local Resellers, and Other Local Service Providers. 58 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 59 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 60 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 61 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 52 Federal Communications Commission FCC-CIRC2305-03 Report, as of December 31, 2020, there were 3,956 providers that reported they were competitive local exchange service providers.62 Of these providers, the Commission estimates that 3,808 providers have 1,500 or fewer employees.63 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 14. Interexchange Carriers (IXCs). Neither the Commission nor the SBA have developed a small business size standard specifically for Interexchange Carriers. Wired Telecommunications Carriers64 is the closest industry with a SBA small business size standard.65 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.66 U.S. Census Bureau data for 2017 show that there were 3,054 firms that operated in this industry for the entire year.67 Of this number, 2,964 firms operated with fewer than 250 employees.68 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 151 providers that reported they were engaged in the provision of interexchange services. Of these providers, the Commission estimates that 131 providers have 1,500 or fewer employees.69 Consequently, using the SBA’s small business size standard, the Commission estimates that the majority of providers in this industry can be considered small entities. 15. Cable System Operators (Telecom Act Standard). The Communications Act of 1934, as amended, contains a size standard for a “small cable operator,” which is “a cable operator that, directly or through an affiliate, serves in the aggregate fewer than one percent of all subscribers in the United States and is not affiliated with any entity or entities whose gross annual revenues in the aggregate exceed $250,000,000.”70 For purposes of the Telecom Act Standard, the Commission determined that a cable system operator that serves fewer than 677,000 subscribers, either directly or through affiliates, will meet the definition of a small cable operator based on the cable subscriber count established in a 2001 Public Notice.71 Based on industry data, only six cable system operators have more than 677,000 subscribers.72 62 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/pubId.lic/attachments/DOC-379181A1.pdf. 63 Id. 64 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 65 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 66 Id. 67 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 68 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 69 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 70 47 U.S.C. § 543(m)(2). 71 FCC Announces New Subscriber Count for the Definition of Small Cable Operator, Public Notice, 16 FCC Rcd 2225 (CSB 2001) (2001 Subscriber Count PN). In this Public Notice, the Commission determined that there were approximately 67.7 million cable subscribers in the United States at that time using the most reliable source publicly available. Id. We recognize that the number of cable subscribers changed since then and that the Commission has recently estimated the number of cable subscribers to traditional and telco cable operators to be approximately 58.1 million. See Communications Marketplace Report, GN Docket No. 20-60, 2020 Communications Marketplace Report, 36 FCC Rcd 2945, 3049, para. 156 (2020) (2020 Communications Marketplace Report). However, because the Commission has not issued a public notice subsequent to the 2001 Subscriber Count PN, the Commission still (continued….) 53 Federal Communications Commission FCC-CIRC2305-03 Accordingly, the Commission estimates that the majority of cable system operators are small under this size standard. We note however, that the Commission neither requests nor collects information on whether cable system operators are affiliated with entities whose gross annual revenues exceed $250 million.73 Therefore, we are unable at this time to estimate with greater precision the number of cable system operators that would qualify as small cable operators under the definition in the Communications Act. 16. Other Toll Carriers. Neither the Commission nor the SBA has developed a definition for small businesses specifically applicable to Other Toll Carriers. This category includes toll carriers that do not fall within the categories of interexchange carriers, operator service providers, prepaid calling card providers, satellite service carriers, or toll resellers. Wired Telecommunications Carriers74 is the closest industry with a SBA small business size standard.75 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.76 U.S. Census Bureau data for 2017 show that there were 3,054 firms in this industry that operated for the entire year.77 Of this number, 2,964 firms operated with fewer than 250 employees.78 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 115 providers that reported they were engaged in the provision of other toll services.79 Of these providers, the Commission estimates that 113 providers have 1,500 or fewer employees.80 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 2. Wireless Carriers 17. Wireless Telecommunications Carriers (except Satellite). This industry comprises establishments engaged in operating and maintaining switching and transmission facilities to provide communications via the airwaves.81 Establishments in this industry have spectrum licenses and provide services using that spectrum, such as cellular services, paging services, wireless internet access, and (Continued from previous page) relies on the subscriber count threshold established by the 2001 Subscriber Count PN for purposes of this rule. See 47 CFR § 76.901(e)(1). 72 S&P Global Market Intelligence, S&P Capital IQ Pro, Top Cable MSOs 12/21Q (last visited May 26, 2022); S&P Global Market Intelligence, Multichannel Video Subscriptions, Top 10 (April 2022). 73 The Commission does receive such information on a case-by-case basis if a cable operator appeals a local franchise authority’s finding that the operator does not qualify as a small cable operator pursuant to § 76.901(e) of the Commission’s rules. See 47 CFR § 76.910(b). 74 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 75 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 76 Id. 77 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 78 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 79 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/pubId.lic/attachments/DOC-379181A1.pdf. 80 Id. 81 See U.S. Census Bureau, 2017 NAICS Definition, “517312 Wireless Telecommunications Carriers (except Satellite),” https://www.census.gov/naics/?input=517312&year=2017&details=517312. 54 Federal Communications Commission FCC-CIRC2305-03 wireless video services.82 The SBA size standard for this industry classifies a business as small if it has 1,500 or fewer employees.83 U.S. Census Bureau data for 2017 show that there were 2,893 firms in this industry that operated for the entire year.84 Of that number, 2,837 firms employed fewer than 250 employees.85 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 797 providers that reported they were engaged in the provision of wireless services.86 Of these providers, the Commission estimates that 715 providers have 1,500 or fewer employees.87 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 18. Satellite Telecommunications. This industry comprises firms “primarily engaged in providing telecommunications services to other establishments in the telecommunications and broadcasting industries by forwarding and receiving communications signals via a system of satellites or reselling satellite telecommunications.”88 Satellite telecommunications service providers include satellite and earth station operators. The SBA small business size standard for this industry classifies a business with $38.5 million or less in annual receipts as small.89 U.S. Census Bureau data for 2017 show that 275 firms in this industry operated for the entire year.90 Of this number, 242 firms had revenue of less than $25 million.91 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 71 providers that reported they were engaged in the provision of satellite telecommunications services.92 Of these providers, the Commission estimates that approximately 48 providers have 1,500 or fewer employees.93 Consequently, using the SBA’s small business size standard, a little more than of these providers can be considered small entities. 82 Id. 83 See 13 CFR § 121.201, NAICS Code 517312 (as of 10/1/22, NAICS Code 517112). 84 See U.S. Census Bureau, 2017 Economic Census of the United States, Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517312, https://data.census.gov/cedsci/table?y=2017&n=517312&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 85 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 86 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 87 Id. 88 See U.S. Census Bureau, 2017 NAICS Definition, “517410 Satellite Telecommunications,” https://www.census.gov/naics/?input=517410&year=2017&details=517410. 89 See 13 CFR § 121.201, NAICS Code 517410. 90 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Sales, Value of Shipments, or Revenue Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEREVFIRM, NAICS Code 517410, https://data.census.gov/cedsci/table?y=2017&n=517410&tid=ECNSIZE2017.EC1700SIZEREVFIRM&hidePrevie w=false. 91 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. We also note that according to the U.S. Census Bureau glossary, the terms receipts and revenues are used interchangeably, see https://www.census.gov/glossary/#term_ReceiptsRevenueServices. 92 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 93 Id. 55 Federal Communications Commission FCC-CIRC2305-03 3. Resellers 19. Local Resellers. Neither the Commission nor the SBA have developed a small business size standard specifically for Local Resellers. Telecommunications Resellers is the closest industry with a SBA small business size standard.94 The Telecommunications Resellers industry comprises establishments engaged in purchasing access and network capacity from owners and operators of telecommunications networks and reselling wired and wireless telecommunications services (except satellite) to businesses and households.95 Establishments in this industry resell telecommunications; they do not operate transmission facilities and infrastructure.96 Mobile virtual network operators (MVNOs) are included in this industry.97 The SBA small business size standard for Telecommunications Resellers classifies a business as small if it has 1,500 or fewer employees.98 U.S. Census Bureau data for 2017 show that 1,386 firms in this industry provided resale services for the entire year.99 Of that number, 1,375 firms operated with fewer than 250 employees.100 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 293 providers that reported they were engaged in the provision of local resale services.101 Of these providers, the Commission estimates that 289 providers have 1,500 or fewer employees.102 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 20. Toll Resellers. Neither the Commission nor the SBA have developed a small business size standard specifically for Toll Resellers. Telecommunications Resellers103 is the closest industry with a SBA small business size standard. The Telecommunications Resellers industry comprises establishments engaged in purchasing access and network capacity from owners and operators of telecommunications networks and reselling wired and wireless telecommunications services (except satellite) to businesses and households. Establishments in this industry resell telecommunications; they do not operate transmission facilities and infrastructure.104 Mobile virtual network operators (MVNOs) are included in this industry.105 The SBA small business size standard for Telecommunications Resellers classifies a business as small if it has 1,500 or fewer employees.106 U.S. Census Bureau data for 2017 94 See U.S. Census Bureau, 2017 NAICS Definition, “517911 Telecommunications Resellers,” https://www.census.gov/naics/?input=517911&year=2017&details=517911. 95 Id. 96 Id. 97 Id. 98 See 13 CFR § 121.201, NAICS Code 517911 (as of 10/1/22, NAICS Code 517121). 99 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517911, https://data.census.gov/cedsci/table?y=2017&n=517911&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 100 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 101 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 102 Id. 103 See U.S. Census Bureau, 2017 NAICS Definition, “517911 Telecommunications Resellers,” https://www.census.gov/naics/?input=517911&year=2017&details=517911. 104 Id. 105 Id. 106 See 13 CFR § 121.201, NAICS Code 517911 (as of 10/1/22, NAICS Code 517121). 56 Federal Communications Commission FCC-CIRC2305-03 show that 1,386 firms in this industry provided resale services for the entire year.107 Of that number, 1,375 firms operated with fewer than 250 employees.108 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 518 providers that reported they were engaged in the provision of toll services.109 Of these providers, the Commission estimates that 495 providers have 1,500 or fewer employees.110 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 21. Prepaid Calling Card Providers. Neither the Commission nor the SBA has developed a small business size standard specifically for prepaid calling card providers. Telecommunications Resellers111 is the closest industry with a SBA small business size standard. The Telecommunications Resellers industry comprises establishments engaged in purchasing access and network capacity from owners and operators of telecommunications networks and reselling wired and wireless telecommunications services (except satellite) to businesses and households. Establishments in this industry resell telecommunications; they do not operate transmission facilities and infrastructure.112 Mobile virtual network operators (MVNOs) are included in this industry.113 The SBA small business size standard for Telecommunications Resellers classifies a business as small if it has 1,500 or fewer employees.114 U.S. Census Bureau data for 2017 show that 1,386 firms in this industry provided resale services for the entire year.115 Of that number, 1,375 firms operated with fewer than 250 employees.116 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 58 providers that reported they were engaged in the provision of payphone services.117 Of these providers, the Commission estimates that 57 providers have 1,500 or fewer employees.118 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 107 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517911, https://data.census.gov/cedsci/table?y=2017&n=517911&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 108 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 109 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 110 Id. 111 See U.S. Census Bureau, 2017 NAICS Definition, “517911 Telecommunications Resellers,” https://www.census.gov/naics/?input=517911&year=2017&details=517911. 112 Id. 113 Id. 114 See 13 CFR § 121.201, NAICS Code 517911 (as of 10/1/22, NAICS Code 517121). 115 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517911, https://data.census.gov/cedsci/table?y=2017&n=517911&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 116 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 117 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 118 Id. 57 Federal Communications Commission FCC-CIRC2305-03 4. Other Entities 22. All Other Telecommunications. This industry is comprised of establishments primarily engaged in providing specialized telecommunications services, such as satellite tracking, communications telemetry, and radar station operation.119 This industry also includes establishments primarily engaged in providing satellite terminal stations and associated facilities connected with one or more terrestrial systems and capable of transmitting telecommunications to, and receiving telecommunications from, satellite systems.120 Providers of Internet services (e.g. dial-up ISPs) or voice over Internet protocol (VoIP) services, via client-supplied telecommunications connections are also included in this industry.121 The SBA small business size standard for this industry classifies firms with annual receipts of $35 million or less as small.122 U.S. Census Bureau data for 2017 show that there were 1,079 firms in this industry that operated for the entire year.123 Of those firms, 1,039 had revenue of less than $25 million.124 Based on this data, the Commission estimates that the majority of “All Other Telecommunications” firms can be considered small. E. Description of Projected Reporting, Recordkeeping, and Other Compliance Requirements for Small Entities 23. The Report and Order requires voice service providers to meet certain obligations. These changes affect small and large companies and apply to all the classes of regulated entities identified above. First, all voice service providers must fully respond to traceback requests from the Commission, civil and criminal law enforcement, and the industry traceback consortium ‘within 24 hours of receipt of such a request. The voice service provider should respond with information about the provider from which it directly received the call.125 Small entity voice service providers may need to identify dedicated staff of other professionals to act as a clear point of contact respond to traceback requests in a timely manner.126 To allow time for voice service providers to update their processes, this rule is effective 30 days after publication of notice of OMB approval under the Paperwork Reduction Act.127 24. Second, originating voice service providers, and any intermediate or terminating provider immediately downstream from the originate provider, must block calls in certain instances. Specifically, the originating provider must block illegal traffic once notified of such traffic by the Commission through its Enforcement Bureau. In order to comply with this requirement, small entities that are originating providers must block traffic that is substantially similar to the identified traffic on an ongoing basis.128 119 See U.S. Census Bureau, 2017 NAICS Definition, “517919 All Other Telecommunications,” https://www.census.gov/naics/?input=517919&year=2017&details=517919. 120 Id. 121 Id. 122 See 13 CFR § 121.201, NAICS Code 517919 (as of 10/1/22, NAICS Code 517810). 123 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Sales, Value of Shipments, or Revenue Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEREVFIRM, NAICS Code 517919, https://data.census.gov/cedsci/table?y=2017&n=517919&tid=ECNSIZE2017.EC1700SIZEREVFIRM&hidePrevie w=false. 124 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. We also note that according to the U.S. Census Bureau glossary, the terms receipts and revenues are used interchangeably, see https://www.census.gov/glossary/#term_ReceiptsRevenueServices. 125 Report and Order at paras. 21-27. 126 Report and Order at para. 24. 127 Id. at para. 27. 128 Id. at Section III.B. 58 Federal Communications Commission FCC-CIRC2305-03 When an originating provider fails to comply with this requirement, the Commission may require small entity providers immediately downstream from an originating provider to block all traffic from the identified provider when notified by the Commission.129 As part of this requirement, a notified small entity originating provider must promptly report the results of its investigation to the Enforcement Bureau within 14 days, including, unless the originating provider determines it is either not an originating or gateway provider for any of the identified traffic or that the identified traffic is not illegal, both a certification that it is blocking the identified traffic and will continue to do so and a description of its plan to identify the traffic on an ongoing basis. In order to comply with the downstream provider blocking requirement, all providers must monitor EB Docket No. 22-174 and initiate blocking within 30 days of a Blocking Order being released.130 F. Steps Taken to Minimize the Significant Economic Impact on Small Entities, and Significant Alternatives Considered 25. The RFA requires an agency to provide, “a description of the steps the agency has taken to minimize the significant economic impact on small entities … including a statement of the factual, policy, and legal reasons for selecting the alternative adopted in the final rule and why each one of the other significant alternatives to the rule considered by the agency which affect the impact on small entities was rejected.”131 26. Generally, the decisions we made in the Report and Order apply to all providers. Treating small providers differently from larger providers would have a significant impact on the success of the rules we adopt today, meaning that fewer consumers would be protected from illegal calls and bad- actor callers would have more opportunities to find ways around these restrictions. However, we did take steps to ensure that small entity and other providers would not be unduly burdened by these requirements. Specifically, we allowed flexibility where appropriate to ensure that small providers, can determine the best approach for compliance based on the needs of their networks. For example, providers have the flexibility to determine their proposed approach to blocking illegal traffic when notified by the Commission and to determine the steps they take to “know the upstream provider.” G. Report to Congress 27. The Commission will send a copy of the Gateway Provider Report and Order and Order on Reconsideration, including this FRFA, in a report to be sent to Congress pursuant to the Congressional Review Act.132 In addition, the Commission will send a copy of the Gateway Provider Report and Order and Order on Reconsideration, including this FRFA, to the Chief Counsel for Advocacy of the Small Business Administration. A copy of the Gateway Provider Report and Order and Order on Reconsideration (or summaries thereof) will also be published in the Federal Register.133 129 Id. 130 Id. 131 5 U.S.C. § 604(a)(6). 132 5 U.S.C. § 801(a)(1)(A). 133 See id. § 604(b). 59 Federal Communications Commission FCC-CIRC2305-03 APPENDIX D Initial Regulatory Flexibility Analysis 1. As required by the Regulatory Flexibility Act of 1980, as amended (RFA),1 the Commission has prepared this Initial Regulatory Flexibility Analysis (IRFA) of the possible significant economic impact on small entities by the policies and rules proposed in this Eighth Further Notice of Proposed Rulemaking (Further Notice). The Commission requests written public comments on this IRFA. Comments must be identified as responses to the IRFA and must be filed by the deadlines for comments provided on the first page of the Further Notice. The Commission will send a copy of the Further Notice, including this IRFA, to the Chief Counsel for Advocacy of the Small Business Administration (SBA).2 In addition, the Further Notice and IRFA (or summaries thereof) will be published in the Federal Register.3 A. Need for, and Objectives of, the Proposed Rules 2. In order to continue the Commission’s work of protecting American consumers from illegal calls, regardless of their provenance, the Further Notice proposes and seeks comment on several options to better protect consumers from illegal calls, restore faith in caller ID, and hold voice service providers responsible for the calls they carry. First, the Further Notice proposes to require terminating voice service providers to offer, at a minimum, opt-out blocking services of calls that are highly likely to be illegal to consumers without charge.4 It also seeks comment on whether the Commission should continue to use a non-exhaustive list of factors that voice service providers might consider when blocking based on reasonable analytics or whether further guidance is needed to define the category “highly likely to be illegal.”5 Second, the Further Notice proposes to require all voice service providers, rather than just gateway providers, to block calls using a reasonable do-not-originate list.6 Third, it seeks comment on specific instances where the non-gateway intermediate and terminating providers may be required to block following Commission notification of illegal traffic.7 Fourth, it seeks comment on the correct SIP Code to use for immediate notification of call blocking to callers, so that callers placing lawful calls can seek redress, and seeks comment on the implementation process and costs for each code.8 Fifth, it seeks comment on whether, and how, to require display of caller name information when a terminating provider displays an indication that a call received A-level attestation under the STIR/SHAKEN framework.9 Combining the display of caller name information with the information that the number itself was not spoofed may provide real benefit to consumers. Finally, it proposes to set a minimum forfeiture of 1 See 5 U.S.C. § 603. The RFA, see 5 U.S.C. § 601-612, has been amended by the Small Business Regulatory Enforcement Fairness Act of 1996 (SBREFA), Pub. L. No. 104-121, Title II, 110 Stat. 857 (1996). 2 See 5 U.S.C. § 603(a). 3 See id. 4 Further Notice at paras. 70-74. 5 Id. For example, in the Call Blocking Declaratory Ruling, speaking about analytics that may be used to identify unwanted calls, the Commission provided a non-exhaustive list of factors such as large bursts of calls in a short timeframe, low average call duration; low call completion ratios, and invalid numbers placing a large volume of calls. Call Blocking Declaratory Ruling, 34 FCC Rcd at 4888, para 35. 6 Further Notice at paras. 75-78. The Commission includes calls from invalid, unallocated, and unused numbers, as well as numbers for which the subscriber to the number has requested blocking, consistent with our existing rules. Id. at paras. 75-76. 7 Further Notice at paras. 79-88. 8 Id. at paras. 89-93. 9 Id. at paras. 94-99. 60 Federal Communications Commission FCC-CIRC2305-03 $11,000 for failure to comply with one of the existing rules, and would allow that forfeiture to be increased up to the maximum for non-common carriers.10 The Further Notice seeks comment on whether a base forfeiture is appropriate in part because bad-actor voice service providers profit from the callers that they protect.11 B. Legal Basis 3. The proposed action is authorized pursuant to sections 4(i), 201, 202, 227, 227b 251(e), 303(r), and 403 of the Communications Act of 1934, as amended, 47 U.S.C. §§ 154(i), 201, 202, 227, 251(e), 303(r), and 403, and section 7 of the Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, Pub. L. No. 116-105, 133 Stat. 3274,. C. Description and Estimate of the Number of Small Entities to Which the Proposed Rules Will Apply 4. The RFA directs agencies to provide a description of and, where feasible, an estimate of the number of small entities that may be affected by the proposed rules and by the rule revisions on which the Notice seeks comment, if adopted.12 The RFA generally defines the term “small entity” as having the same meaning as the terms “small business,” “small organization,” and “small governmental jurisdiction.”13 In addition, the term “small business” has the same meaning as the term “small-business concern” under the Small Business Act.14 A “small-business concern” is one which: (1) is independently owned and operated; (2) is not dominant in its field of operation; and (3) satisfies any additional criteria established by the SBA.15 5. Small Businesses, Small Organizations, Small Governmental Jurisdictions. Our actions, over time, may affect small entities that are not easily categorized at present. We therefore describe here, at the outset, three broad groups of small entities that could be directly affected herein.16 First, while there are industry specific size standards for small businesses that are used in the regulatory flexibility analysis, according to data from the Small Business Administration’s (SBA) Office of Advocacy, in general a small business is an independent business having fewer than 500 employees.17 These types of small businesses represent 99.9% of all businesses in the United States, which translates to 32.5 million businesses.18 6. Next, the type of small entity described as a “small organization” is generally “any not- for-profit enterprise which is independently owned and operated and is not dominant in its field.”19 The 10 Id. at paras. 100-103. 11 Id. at para. 103. 12 See 5 U.S.C. § 603(b)(3). 13 See id. § 601(6). 14 Id. § 601(3) (incorporating by reference the definition of “small-business concern” in the Small Business Act, 15 U.S.C. § 632). Pursuant to 5 U.S.C. § 601(3), the statutory definition of a small business applies “unless an agency, after consultation with the Office of Advocacy of the Small Business Administration and after opportunity for public comment, establishes one or more definitions of such term which are appropriate to the activities of the agency and publishes such definition(s) in the Federal Register.” 15 See 15 U.S.C. § 632. 16 See 5 U.S.C. § 601(3)-(6). 17 See SBA, Office of Advocacy, Frequently Asked Questions, “What is a small business?,” https://cdn.advocacy.sba.gov/wp-content/uploads/2021/11/03093005/Small-Business-FAQ-2021.pdf. (Nov 2021). 18 Id. 19 See 5 U.S.C. § 601(4). 61 Federal Communications Commission FCC-CIRC2305-03 Internal Revenue Service (IRS) uses a revenue benchmark of $50,000 or less to delineate its annual electronic filing requirements for small exempt organizations.20 Nationwide, for tax year 2020, there were approximately 447,689 small exempt organizations in the U.S. reporting revenues of $50,000 or less according to the registration and tax data for exempt organizations available from the IRS.21 7. Finally, the small entity described as a “small governmental jurisdiction” is defined generally as “governments of cities, counties, towns, townships, villages, school districts, or special districts, with a population of less than fifty thousand.”22 U.S. Census Bureau data from the 2017 Census of Governments23 indicate that there were 90,075 local governmental jurisdictions consisting of general purpose governments and special purpose governments in the United States.24 Of this number there were 36,931 general purpose governments (county25, municipal and town or township26) with populations of less than 50,000 and 12,040 special purpose governments - independent school districts27 with enrollment 20 The IRS benchmark is similar to the population of less than 50,000 benchmark in 5 U.S.C § 601(5) that is used to define a small governmental jurisdiction. Therefore, the IRS benchmark has been used to estimate the number small organizations in this small entity description. See Annual Electronic Filing Requirement for Small Exempt Organizations — Form 990-N (e-Postcard), ‘Who must file,” https://www.irs.gov/charities-non-profits/annual- electronic-filing-requirement-for-small-exempt-organizations-form-990-n-e-postcard. We note that the IRS data does not provide information on whether a small exempt organization is independently owned and operated or dominant in its field. 21 See Exempt Organizations Business Master File Extract (EO BMF), “CSV Files by Region,” https://www.irs.gov/charities-non-profits/exempt-organizations-business-master-file-extract-eo-bmf. The IRS Exempt Organization Business Master File (EO BMF) Extract provides information on all registered tax- exempt/non-profit organizations. The data utilized for purposes of this description was extracted from the IRS EO BMF data for businesses for the tax year 2020 with revenue less than or equal to $50,000, for Region 1-Northeast Area (58,577), Region 2-Mid-Atlantic and Great Lakes Areas (175,272), and Region 3-Gulf Coast and Pacific Coast Areas (213,840) which includes the continental U.S., Alaska, and Hawaii. This data does not include information for Puerto Rico. 22 See 5 U.S.C. § 601(5). 23 See 13 U.S.C. § 161. The Census of Governments survey is conducted every five (5) years compiling data for years ending with “2” and “7”. See also Census of Governments, https://www.census.gov/programs- surveys/cog/about.html. 24 See U.S. Census Bureau, 2017 Census of Governments – Organization Table 2. Local Governments by Type and State: 2017 [CG1700ORG02], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. Local governmental jurisdictions are made up of general purpose governments (county, municipal and town or township) and special purpose governments (special districts and independent school districts). See also tbl.2. CG1700ORG02 Table Notes_Local Governments by Type and State_2017. 25 See id. at tbl.5. County Governments by Population-Size Group and State: 2017 [CG1700ORG05], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. There were 2,105 county governments with populations less than 50,000. This category does not include subcounty (municipal and township) governments. 26 See id. at tbl.6. Subcounty General-Purpose Governments by Population-Size Group and State: 2017 [CG1700ORG06], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. There were 18,729 municipal and 16,097 town and township governments with populations less than 50,000. 27 See id. at tbl.10. Elementary and Secondary School Systems by Enrollment-Size Group and State: 2017 [CG1700ORG10], https://www.census.gov/data/tables/2017/econ/gus/2017-governments.html. There were 12,040 independent school districts with enrollment populations less than 50,000; see also tbl.4. Special-Purpose Local Governments by State Census Years 1942 to 2017 [CG1700ORG04], CG1700ORG04 Table Notes_Special Purpose Local Governments by State_Census Years 1942 to 2017. 62 Federal Communications Commission FCC-CIRC2305-03 populations of less than 50,000.28 Accordingly, based on the 2017 U.S. Census of Governments data, we estimate that at least 48,971 entities fall into the category of “small governmental jurisdictions.”29 1. Wireline Carriers 8. Wired Telecommunications Carriers. The U.S. Census Bureau defines this industry as establishments primarily engaged in operating and/or providing access to transmission facilities and infrastructure that they own and/or lease for the transmission of voice, data, text, sound, and video using wired communications networks.30 Transmission facilities may be based on a single technology or a combination of technologies. Establishments in this industry use the wired telecommunications network facilities that they operate to provide a variety of services, such as wired telephony services, including VoIP services, wired (cable) audio and video programming distribution, and wired broadband internet services.31 By exception, establishments providing satellite television distribution services using facilities and infrastructure that they operate are included in this industry.32 Wired Telecommunications Carriers are also referred to as wireline carriers or fixed local service providers.33 9. The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.34 U.S. Census Bureau data for 2017 show that there were 3,054 firms that operated in this industry for the entire year.35 Of this number, 2,964 firms operated with fewer than 250 employees.36 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 5,183 providers that reported they were engaged in the provision of fixed local services.37 Of these providers, the Commission estimates that 4,737 28 While the special purpose governments category also includes local special district governments, the 2017 Census of Governments data does not provide data aggregated based on population size for the special purpose governments category. Therefore, only data from independent school districts is included in the special purpose governments category. 29 This total is derived from the sum of the number of general purpose governments (county, municipal and town or township) with populations of less than 50,000 (36,931) and the number of special purpose governments - independent school districts with enrollment populations of less than 50,000 (12,040), from the 2017 Census of Governments - Organizations tbls.5, 6 & 10. 30 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 31 Id. 32 Id. 33 Fixed Local Service Providers include the following types of providers: Incumbent Local Exchange Carriers (ILECs), Competitive Access Providers (CAPs) and Competitive Local Exchange Carriers (CLECs), Cable/Coax CLECs, Interconnected VOIP Providers, Non-Interconnected VOIP Providers, Shared-Tenant Service Providers, Audio Bridge Service Providers, and Other Local Service Providers. Local Resellers fall into another U.S. Census Bureau industry group and therefore data for these providers is not included in this industry. 34 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 35 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 36 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 37 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 63 Federal Communications Commission FCC-CIRC2305-03 providers have 1,500 or fewer employees.38 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 10. Local Exchange Carriers (LECs). Neither the Commission nor the SBA has developed a size standard for small businesses specifically applicable to local exchange services. Providers of these services include both incumbent and competitive local exchange service providers. Wired Telecommunications Carriers39 is the closest industry with an SBA small business size standard.40 Wired Telecommunications Carriers are also referred to as wireline carriers or fixed local service providers.41 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.42 U.S. Census Bureau data for 2017 show that there were 3,054 firms that operated in this industry for the entire year.43 Of this number, 2,964 firms operated with fewer than 250 employees.44 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 5,183 providers that reported they were fixed local exchange service providers.45 Of these providers, the Commission estimates that 4,737 providers have 1,500 or fewer employees.46 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 11. Incumbent Local Exchange Carriers (Incumbent LECs). Neither the Commission nor the SBA have developed a small business size standard specifically for incumbent local exchange carriers. Wired Telecommunications Carriers47 is the closest industry with an SBA small business size standard.48 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.49 U.S. Census Bureau data for 2017 show that there were 3,054 firms in this industry that operated for the entire year.50 Of this number, 2,964 firms operated with fewer than 38 Id. 39 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 40 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 41 Fixed Local Exchange Service Providers include the following types of providers: Incumbent Local Exchange Carriers (ILECs), Competitive Access Providers (CAPs) and Competitive Local Exchange Carriers (CLECs), Cable/Coax CLECs, Interconnected VOIP Providers, Non-Interconnected VOIP Providers, Shared-Tenant Service Providers, Audio Bridge Service Providers, Local Resellers, and Other Local Service Providers. 42 Id. 43 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 44 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 45 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 46 Id. 47 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 48 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 49 Id. 50 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, (continued….) 64 Federal Communications Commission FCC-CIRC2305-03 250 employees.51 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 1,227 providers that reported they were incumbent local exchange service providers.52 Of these providers, the Commission estimates that 929 providers have 1,500 or fewer employees.53 Consequently, using the SBA’s small business size standard, the Commission estimates that the majority of incumbent local exchange carriers can be considered small entities. 12. Competitive Local Exchange Carriers (LECs). Neither the Commission nor the SBA has developed a size standard for small businesses specifically applicable to local exchange services. Providers of these services include several types of competitive local exchange service providers.54 Wired Telecommunications Carriers55 is the closest industry with a SBA small business size standard. The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.56 U.S. Census Bureau data for 2017 show that there were 3,054 firms that operated in this industry for the entire year.57 Of this number, 2,964 firms operated with fewer than 250 employees.58 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 3,956 providers that reported they were competitive local exchange service providers.59 Of these providers, the Commission estimates that 3,808 providers have 1,500 or fewer employees.60 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 13. Interexchange Carriers (IXCs). Neither the Commission nor the SBA have developed a small business size standard specifically for Interexchange Carriers. Wired Telecommunications (Continued from previous page) https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 51 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 52 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 53 Id. 54 Competitive Local Exchange Service Providers include the following types of providers: Competitive Access Providers (CAPs) and Competitive Local Exchange Carriers (CLECs), Cable/Coax CLECs, Interconnected VOIP Providers, Non-Interconnected VOIP Providers, Shared-Tenant Service Providers, Audio Bridge Service Providers, Local Resellers, and Other Local Service Providers. 55 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 56 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 57 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 58 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 59 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 60 Id. 65 Federal Communications Commission FCC-CIRC2305-03 Carriers61 is the closest industry with a SBA small business size standard.62 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.63 U.S. Census Bureau data for 2017 show that there were 3,054 firms that operated in this industry for the entire year.64 Of this number, 2,964 firms operated with fewer than 250 employees.65 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 151 providers that reported they were engaged in the provision of interexchange services. Of these providers, the Commission estimates that 131 providers have 1,500 or fewer employees.66 Consequently, using the SBA’s small business size standard, the Commission estimates that the majority of providers in this industry can be considered small entities. 14. Cable System Operators (Telecom Act Standard). The Communications Act of 1934, as amended, contains a size standard for a “small cable operator,” which is “a cable operator that, directly or through an affiliate, serves in the aggregate fewer than one percent of all subscribers in the United States and is not affiliated with any entity or entities whose gross annual revenues in the aggregate exceed $250,000,000.”67 For purposes of the Telecom Act Standard, the Commission determined that a cable system operator that serves fewer than 677,000 subscribers, either directly or through affiliates, will meet the definition of a small cable operator based on the cable subscriber count established in a 2001 Public Notice.68 Based on industry data, only six cable system operators have more than 677,000 subscribers.69 Accordingly, the Commission estimates that the majority of cable system operators are small under this size standard. We note however, that the Commission neither requests nor collects information on whether cable system operators are affiliated with entities whose gross annual revenues exceed $250 61 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 62 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 63 Id. 64 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 65 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 66 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 67 47 U.S.C. § 543(m)(2). 68 FCC Announces New Subscriber Count for the Definition of Small Cable Operator, Public Notice, 16 FCC Rcd 2225 (CSB 2001) (2001 Subscriber Count PN). In this Public Notice, the Commission determined that there were approximately 67.7 million cable subscribers in the United States at that time using the most reliable source publicly available. Id. We recognize that the number of cable subscribers changed since then and that the Commission has recently estimated the number of cable subscribers to traditional and telco cable operators to be approximately 58.1 million. See Communications Marketplace Report, GN Docket No. 20-60, 2020 Communications Marketplace Report, 36 FCC Rcd 2945, 3049, para. 156 (2020) (2020 Communications Marketplace Report). However, because the Commission has not issued a public notice subsequent to the 2001 Subscriber Count PN, the Commission still relies on the subscriber count threshold established by the 2001 Subscriber Count PN for purposes of this rule. See 47 CFR § 76.901(e)(1). 69 S&P Global Market Intelligence, S&P Capital IQ Pro, Top Cable MSOs 12/21Q (last visited May 26, 2022); S&P Global Market Intelligence, Multichannel Video Subscriptions, Top 10 (April 2022). 66 Federal Communications Commission FCC-CIRC2305-03 million.70 Therefore, we are unable at this time to estimate with greater precision the number of cable system operators that would qualify as small cable operators under the definition in the Communications Act. 15. Other Toll Carriers. Neither the Commission nor the SBA has developed a definition for small businesses specifically applicable to Other Toll Carriers. This category includes toll carriers that do not fall within the categories of interexchange carriers, operator service providers, prepaid calling card providers, satellite service carriers, or toll resellers. Wired Telecommunications Carriers71 is the closest industry with a SBA small business size standard.72 The SBA small business size standard for Wired Telecommunications Carriers classifies firms having 1,500 or fewer employees as small.73 U.S. Census Bureau data for 2017 show that there were 3,054 firms in this industry that operated for the entire year.74 Of this number, 2,964 firms operated with fewer than 250 employees.75 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 115 providers that reported they were engaged in the provision of other toll services.76 Of these providers, the Commission estimates that 113 providers have 1,500 or fewer employees.77 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 2. Wireless Carriers 16. Wireless Telecommunications Carriers (except Satellite). This industry comprises establishments engaged in operating and maintaining switching and transmission facilities to provide communications via the airwaves.78 Establishments in this industry have spectrum licenses and provide services using that spectrum, such as cellular services, paging services, wireless internet access, and wireless video services.79 The SBA size standard for this industry classifies a business as small if it has 1,500 or fewer employees.80 U.S. Census Bureau data for 2017 show that there were 2,893 firms in this industry that operated for the entire year.81 Of that number, 2,837 firms employed fewer than 250 70 The Commission does receive such information on a case-by-case basis if a cable operator appeals a local franchise authority’s finding that the operator does not qualify as a small cable operator pursuant to § 76.901(e) of the Commission’s rules. See 47 CFR § 76.910(b). 71 See U.S. Census Bureau, 2017 NAICS Definition, “517311 Wired Telecommunications Carriers,” https://www.census.gov/naics/?input=517311&year=2017&details=517311. 72 See 13 CFR § 121.201, NAICS Code 517311 (as of 10/1/22, NAICS Code 517111). 73 Id. 74 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517311, https://data.census.gov/cedsci/table?y=2017&n=517311&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 75 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 76 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 77 Id. 78 See U.S. Census Bureau, 2017 NAICS Definition, “517312 Wireless Telecommunications Carriers (except Satellite),” https://www.census.gov/naics/?input=517312&year=2017&details=517312. 79 Id. 80 See 13 CFR § 121.201, NAICS Code 517312 (as of 10/1/22, NAICS Code 517112). 67 Federal Communications Commission FCC-CIRC2305-03 employees.82 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 797 providers that reported they were engaged in the provision of wireless services.83 Of these providers, the Commission estimates that 715 providers have 1,500 or fewer employees.84 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 17. Satellite Telecommunications. This industry comprises firms “primarily engaged in providing telecommunications services to other establishments in the telecommunications and broadcasting industries by forwarding and receiving communications signals via a system of satellites or reselling satellite telecommunications.”85 Satellite telecommunications service providers include satellite and earth station operators. The SBA small business size standard for this industry classifies a business with $38.5 million or less in annual receipts as small.86 U.S. Census Bureau data for 2017 show that 275 firms in this industry operated for the entire year.87 Of this number, 242 firms had revenue of less than $25 million.88 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 71 providers that reported they were engaged in the provision of satellite telecommunications services.89 Of these providers, the Commission estimates that approximately 48 providers have 1,500 or fewer employees.90 Consequently, using the SBA’s small business size standard, a little more than of these providers can be considered small entities. 3. Resellers 18. Local Resellers. Neither the Commission nor the SBA have developed a small business size standard specifically for Local Resellers. Telecommunications Resellers is the closest industry with a SBA small business size standard.91 The Telecommunications Resellers industry comprises (Continued from previous page) 81 See U.S. Census Bureau, 2017 Economic Census of the United States, Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517312, https://data.census.gov/cedsci/table?y=2017&n=517312&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 82 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 83 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 84 Id. 85 See U.S. Census Bureau, 2017 NAICS Definition, “517410 Satellite Telecommunications,” https://www.census.gov/naics/?input=517410&year=2017&details=517410. 86 See 13 CFR § 121.201, NAICS Code 517410. 87 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Sales, Value of Shipments, or Revenue Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEREVFIRM, NAICS Code 517410, https://data.census.gov/cedsci/table?y=2017&n=517410&tid=ECNSIZE2017.EC1700SIZEREVFIRM&hidePrevie w=false. 88 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. We also note that according to the U.S. Census Bureau glossary, the terms receipts and revenues are used interchangeably, see https://www.census.gov/glossary/#term_ReceiptsRevenueServices. 89 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 90 Id. 91 See U.S. Census Bureau, 2017 NAICS Definition, “517911 Telecommunications Resellers,” https://www.census.gov/naics/?input=517911&year=2017&details=517911. 68 Federal Communications Commission FCC-CIRC2305-03 establishments engaged in purchasing access and network capacity from owners and operators of telecommunications networks and reselling wired and wireless telecommunications services (except satellite) to businesses and households.92 Establishments in this industry resell telecommunications; they do not operate transmission facilities and infrastructure.93 Mobile virtual network operators (MVNOs) are included in this industry.94 The SBA small business size standard for Telecommunications Resellers classifies a business as small if it has 1,500 or fewer employees.95 U.S. Census Bureau data for 2017 show that 1,386 firms in this industry provided resale services for the entire year.96 Of that number, 1,375 firms operated with fewer than 250 employees.97 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 293 providers that reported they were engaged in the provision of local resale services.98 Of these providers, the Commission estimates that 289 providers have 1,500 or fewer employees.99 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities 19. Toll Resellers. Neither the Commission nor the SBA have developed a small business size standard specifically for Toll Resellers. Telecommunications Resellers100 is the closest industry with an SBA small business size standard. The Telecommunications Resellers industry comprises establishments engaged in purchasing access and network capacity from owners and operators of telecommunications networks and reselling wired and wireless telecommunications services (except satellite) to businesses and households. Establishments in this industry resell telecommunications; they do not operate transmission facilities and infrastructure.101 Mobile virtual network operators (MVNOs) are included in this industry.102 The SBA small business size standard for Telecommunications Resellers classifies a business as small if it has 1,500 or fewer employees.103 U.S. Census Bureau data for 2017 show that 1,386 firms in this industry provided resale services for the entire year.104 Of that number, 92 Id. 93 Id. 94 Id. 95 See 13 CFR § 121.201, NAICS Code 517911 (as of 10/1/22, NAICS Code 517121). 96 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517911, https://data.census.gov/cedsci/table?y=2017&n=517911&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 97 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 98 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 99 Id. 100 See U.S. Census Bureau, 2017 NAICS Definition, “517911 Telecommunications Resellers,” https://www.census.gov/naics/?input=517911&year=2017&details=517911. 101 Id. 102 Id. 103 See 13 CFR § 121.201, NAICS Code 517911. 104 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517911, https://data.census.gov/cedsci/table?y=2017&n=517911&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 69 Federal Communications Commission FCC-CIRC2305-03 1,375 firms operated with fewer than 250 employees.105 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 518 providers that reported they were engaged in the provision of toll services.106 Of these providers, the Commission estimates that 495 providers have 1,500 or fewer employees.107 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 20. Prepaid Calling Card Providers. Neither the Commission nor the SBA has developed a small business size standard specifically for prepaid calling card providers. Telecommunications Resellers108 is the closest industry with a SBA small business size standard. The Telecommunications Resellers industry comprises establishments engaged in purchasing access and network capacity from owners and operators of telecommunications networks and reselling wired and wireless telecommunications services (except satellite) to businesses and households. Establishments in this industry resell telecommunications; they do not operate transmission facilities and infrastructure.109 Mobile virtual network operators (MVNOs) are included in this industry.110 The SBA small business size standard for Telecommunications Resellers classifies a business as small if it has 1,500 or fewer employees.111 U.S. Census Bureau data for 2017 show that 1,386 firms in this industry provided resale services for the entire year.112 Of that number, 1,375 firms operated with fewer than 250 employees.113 Additionally, based on Commission data in the 2021 Universal Service Monitoring Report, as of December 31, 2020, there were 58 providers that reported they were engaged in the provision of payphone services.114 Of these providers, the Commission estimates that 57 providers have 1,500 or fewer employees.115 Consequently, using the SBA’s small business size standard, most of these providers can be considered small entities. 4. Other Entities 21. All Other Telecommunications. This industry is comprised of establishments primarily engaged in providing specialized telecommunications services, such as satellite tracking, communications 105 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 106 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 107 Id. 108 See U.S. Census Bureau, 2017 NAICS Definition, “517911 Telecommunications Resellers,” https://www.census.gov/naics/?input=517911&year=2017&details=517911. 109 Id. 110 Id. 111 See 13 CFR § 121.201, NAICS Code 517911 (as of 10/1/22, NAICS Code 517121). 112 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Employment Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEEMPFIRM, NAICS Code 517911, https://data.census.gov/cedsci/table?y=2017&n=517911&tid=ECNSIZE2017.EC1700SIZEEMPFIRM&hidePrevie w=false. 113 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. 114 Federal-State Joint Board on Universal Service, Universal Service Monitoring Report at 26, Table 1.12 (2021), https://docs.fcc.gov/public/attachments/DOC-379181A1.pdf. 115 Id. 70 Federal Communications Commission FCC-CIRC2305-03 telemetry, and radar station operation.116 This industry also includes establishments primarily engaged in providing satellite terminal stations and associated facilities connected with one or more terrestrial systems and capable of transmitting telecommunications to, and receiving telecommunications from, satellite systems.117 Providers of Internet services (e.g. dial-up ISPs) or voice over Internet protocol (VoIP) services, via client-supplied telecommunications connections are also included in this industry.118 The SBA small business size standard for this industry classifies firms with annual receipts of $35 million or less as small.119 U.S. Census Bureau data for 2017 show that there were 1,079 firms in this industry that operated for the entire year.120 Of those firms, 1,039 had revenue of less than $25 million.121 Based on this data, the Commission estimates that the majority of “All Other Telecommunications” firms can be considered small. D. Description of Projected Reporting, Recordkeeping, and Other Compliance Requirements for Small Entities 22. The Further Notice proposes and seeks comment on imposing several obligations that may include recordkeeping or reporting requirements on small entity providers. Specifically, the Further Notice proposes to require all terminating voice service providers to offer, at a minimum, opt-out blocking of calls that are highly likely to be illegal.122 The Further Notice also proposes that small and other voice service providers block calls using a reasonable do-not-originate (DNO) list.123 This would require voice service providers that do not already engage in this type of blocking, either voluntarily or in order to comply with our existing rule for gateway providers,124 to either obtain or create such a list and ensure that the list remains up to date. The Further Notice seeks comment on limiting the SIP code for use for immediate notification to callers to a single code, with focus on SIP Code 608 or 603+, and seeks comment on the costs and timeline to implement and comply with the proposed rule.125 Additionally, a requirement to display caller name information to consumers when displaying an indication of A-level attestation may include a recordkeeping or reporting requirement.126 Depending on the exact mechanism chosen, small entity and other terminating providers that wish to display an indication of attestation may need to access a caller name database or other list in order to comply. Finally, the Further Notice proposes specific forfeiture costs to small and other providers for failure to comply with call blocking 116 See U.S. Census Bureau, 2017 NAICS Definition, “517919 All Other Telecommunications,” https://www.census.gov/naics/?input=517919&year=2017&details=517919. 117 Id. 118 Id. 119 See 13 CFR § 121.201, NAICS Code 517919 (as of 10/1/22, NAICS Code 517810). 120 See U.S. Census Bureau, 2017 Economic Census of the United States, Selected Sectors: Sales, Value of Shipments, or Revenue Size of Firms for the U.S.: 2017, Table ID: EC1700SIZEREVFIRM, NAICS Code 517919, https://data.census.gov/cedsci/table?y=2017&n=517919&tid=ECNSIZE2017.EC1700SIZEREVFIRM&hidePrevie w=false. 121 Id. The available U.S. Census Bureau data does not provide a more precise estimate of the number of firms that meet the SBA size standard. We also note that according to the U.S. Census Bureau glossary, the terms receipts and revenues are used interchangeably, see https://www.census.gov/glossary/#term_ReceiptsRevenueServices. 122 Further Notice. at paras. 70-74. 123 Id. at paras. 75-78. 124 47 CFR § 64.1200(k)(2), (o). 125 Further Notice at paras. 89-93. 126 Id. at paras. 94-99. 71 Federal Communications Commission FCC-CIRC2305-03 rules.127 We anticipate the information we receive in comments including where requested, cost and benefit analyses, will help the Commission identify and evaluate relevant compliance matters for small entities, including compliance costs and other burdens that may result from the proposals and inquiries we make in the Further Notice. E. Steps Taken to Minimize the Significant Economic Impact on Small Entities, and Significant Alternatives Considered 23. The RFA requires an agency to describe any significant alternatives that it has considered in reaching its proposed approach, which may include the following four alternatives (among others): “(1) the establishment of differing compliance or reporting requirements or timetables that take into account the resources available to small entities; (2) the clarification, consolidation, or simplification of compliance and reporting requirements under the rules for such small entities; (3) the use of performance rather than design standards; and (4) an exemption from coverage of the rule, or any part thereof, for such small entities.”128 24. The Further Notice seeks comment on the burdens that would be imposed on small and other voice service providers if we adopt rules in the areas where the Commission seeks comment. The Commission welcomes comments on any of the issues raised in the Further Notice that will impact small providers. In particular, the Further Notice seeks comment on whether the existing safe harbors for blocking are sufficient, or whether additional safe harbor protection is necessary.129 Safe harbor protections are likely to be particularly important to smaller providers that may otherwise be concerned about liability if they block calls in error. The Further Notice also seeks comment on multiple options for immediate notification of callers130 and methods for providing caller name information to consumers.131 25. Including alternative options to the proposals discussed in the Further Notice ensures that the Commission can appropriately balance the burdens to small entity providers, with the benefit to callers placing lawful calls and consumers. Among the alternatives considered in the Further Notice is whether there is a benefit to requiring small and other terminating providers that currently offer opt-in blocking to switch to opt-out blocking.132 It also considers whether to require all voice service providers to block based on a reasonable DNO list, rather than limiting the requirement to certain voice service provider types, because the content of the list may vary depending on the provider.133 The Further Notice seeks comment on alternatives to ways small and other providers can provide an accurate caller name display, such as using Caller ID name (CNAM) databases or other sources for caller information, and requiring specific technology for caller name display or adopting a technology-neutral standard.134 Allowing for this flexibility may make it easier for small entities that are terminating providers to comply with the proposed rules. The Further Notice also seeks alternatives to the proposed base forfeiture amount, such as requiring the voice service provider to repay any profits from fees paid by downstream providers.135 127 Id. at paras. 100-103. 128 5 U.S.C. § 603(c)(1)-(4). 129 Further Notice at paras. 72-74. 130 Id. at paras. 89-93. 131 Id. at paras. 94-99. 132 Id. at para. 72. 133 Id. at para. 78. 134 Id. at paras. 94-99. 135 Id. at para. 103. 72 Federal Communications Commission FCC-CIRC2305-03 26. To assist in the Commission’s evaluation of the economic impact on small entities, as a result of actions that have been proposed in the Further Notice, and to better explore options and alternatives, the Commission seeks comment on whether any of the burdens associated with the filing, recordkeeping and reporting requirements described above can be minimized for small entities.136 Additionally, the Commission seeks comment on whether any of the costs associated with any of the proposed requirements to eliminate unlawful robocalls can be alleviated for small entities.137 The Commission expects to more fully consider the economic impact and alternatives for small entities based on its review of the record and any comments filed in response to the Further Notice and this IRFA. F. Federal Rules that May Duplicate, Overlap, or Conflict with the Proposed Rules 27. None. 136 Id. at para. 114. 137 Id. 73