FCC Orders Phone Companies To Block Scam Text Messages

An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission today finalized rules requiring mobile carriers to block robotext messages that are likely to be illegal. The FCC described the rules as the agency's 'first regulations specifically targeting the increasing problem of scam text messages sent to consumers.' Carriers will be required to block text messages that come from 'invalid, unallocated, or unused numbers.' Carriers must also block texts from 'numbers that the subscriber to the number has self-identified as never sending text messages, and numbers that government agencies and other well-known entities identify as not used for texting,' the FCC said. Carriers will have to establish a point of contact for text senders so the senders can inquire about blocked texts. The FCC already requires similar blocking of voice calls from these types of numbers. The order will take effect 30 days after it is published in the Federal Register, according to a draft of the order released before the meeting.

More robotext rules may be on the way because today's 'action also seeks public comment on further proposals to require providers to block texts from entities the FCC has cited as illegal robotexters,' the FCC said. For example, the FCC proposes to clarify that Do Not Call Registry protections apply to text messaging. The FCC said it's further proposing to close the 'lead generator loophole' that 'allows companies to use a single consumer consent to deliver robocalls and text messages from multiple -- perhaps thousands -- of marketers on subjects that may not be what the consumer had in mind.' The FCC 'will also take further public comment on text authentication measures and other proposals to continue to fight illegal scam robotexts.' The FCC separately voted today to close another gap in its Caller ID authentication rules that target illegal robocalls. The rules already required phone companies to implement the caller ID authentication technologies known as STIR and SHAKEN. But the rules don't apply in every possible scenario, so the FCC has periodically strengthened them. In June 2022, for example, the FCC required carriers with 100,000 or fewer customers to comply a year earlier than these small carriers were originally required to. The FCC said in a statement: 'The new rules will require intermediate providers that receive unauthenticated IP calls directly from domestic originating providers to use STIR/SHAKEN to authenticate those calls. Although STIR/SHAKEN has been widely implemented under FCC rules, some originating providers are not capable of using the framework. In other cases, unscrupulous originating providers may deliberately fail to authenticate calls. By requiring the next provider in the call path to authenticate those calls, the FCC closes a gap in the caller ID authentication regime and facilitates government and industry efforts to identify and block illegal robocalls.'

Read more of this story at Slashdot.