American Bankers Association Shows Why US Robocall Strategy Will Never Work

Jonathan Thessin, Vice President and Senior Counsel of the American Bankers Association (ABA), recently gave the US Federal Communications Commission (FCC) some advice:

The Commission also should not restrict the use of U.S. phone numbers to originate authenticated calls from locations outside of the United States to customers and other consumers who reside within the United States.

This advice is, on the face of it, absurd. The entire US strategy for tackling nuisance robocalls depends on imposing restrictions on the use of phone numbers. The strategy has failed so far, leading to an increase in rhetoric that blames foreigners for nuisance calls with spoofed CLIs. Everything suggests the USA will increasingly impose costs on foreign businesses by forcing them to implement STIR/SHAKEN, a method for applying and verifying signatures attached to calls. A pedant might observe that Thessin limited his observation to authenticated calls, but it is not pedantry to observe how it is deeply unhelpful to talk about a call being authenticated without clarifying exactly what is required to authenticate that call. If authentication only means applying a digital signature to the call then many nuisance calls are already authenticated. If authentication means imposing strict know-your-customer obligations then it would be ridiculous to insist from the outset that the restrictions must not be more onerous when a call that appears to originate within the USA has actually originated elsewhere.

Those of us who live in the real world (i.e. not lawyers) must manage risk by applying the most resources where there is the most risk. Allowing a US phone number to represent the A-party of a call that did not originate in the USA increases the risk of frauds and abuses. The ABA may think deception is justified when done by their members, but it is still fundamentally misleading to present a phone number associated with one place just to encourage the recipient to answer a call that was actually placed somewhere else. If the FCC’s only goal was to minimize the risk of nuisance robocalls then there would be no debate about the rules: the only calls that would be allowed to present US numbers whilst originating outside the USA would be those made using a US mobile phone whilst roaming. Such a rule would make it a lot easier to distinguish between good calls and bad calls, which is another way of saying that fewer mistakes would be made when deciding which calls need to be blocked. But whilst everybody in the USA says they support efforts to reduce robocalls, they do not all have the same objectives. The ABA says they support the FCC’s efforts to eliminate illegal automated calls, as well they might, given that the FCC is demanding the construction of a horrendously complicated mix of technology and governance to achieve the stated goals without upsetting any of the businesses that habitually spoof their calls. Few openly admit that the more complex the US approach becomes, the more likely it will fail.

There was a time when nobody could spoof a call. For a few decades calls were connected by human operators who would sit at switchboards, plugging wires into slots. Almost a quarter of a million Americans were employed to perform this task in 1930. These were good jobs, with the majority of telephone operators being female. However, these women still had to fight to secure decent pay and conditions. Phone companies recruited women as operators in the expectation that they would be docile. Employers imposed excessive restrictions on operators, including strict dress codes and bans on jewelry. Women could be sacked just because they got married. The work could be physically challenging too, with some operators wearing roller skates to get from switchboard to switchboard in a hurry, as shown in the photograph above, which was taken in Chicago in 1929. As their numbers grew, so the switchboard operators became more adept at collective bargaining, and would go on strike to secure improved pay and reduced working hours. Their fight was political too. The role played by women who volunteered to work as switchboard operators for the US Army Signal Corps during World War I is credited with persuading President Woodrow Wilson to support women’s suffrage, ultimately leading to the 19th Amendment to the US Constitution and all American women having the right to vote. However, the rise of the switchboard operator did not last long; automation led to the slashing of their jobs during the 1930’s. The struggle to balance the rights of the individual with the goals of business continues to this day.

In 2021 the US Bureau of Labor Statistics reported there were only 5,000 workers classified as telephone operators, with another 69,900 categorized as switchboard operators including answering services. Further automation means the number of these jobs will continue to decline. People are vital until machines can do the same work more cheaply. Then a brutal culture will soon start treating people as dispensable. The same hire-and-fire attitude underpins the philosophy of the American Banking Association. American banks want workers who will make phone calls on their behalf; they just prefer not to pay Americans to do that work. And if it is cheaper to replace a foreign worker with a machine situated overseas then they will do that too. That is why they need the FCC to assist them in maintaining the illusion of being a US business even whilst the portion of their business that is operated within the country’s borders continues to dwindle.

During the financial crisis of 2007-2008 it was common to hear banks being criticized for privatizing their profits whilst socializing their costs. Banks have done the same to telecommunications. Though they are not alone, banks have been at the forefront of offshoring jobs, closing local branches, and pushing customers to engage with them remotely. There are many benefits to online and mobile banking, but there are downsides too, as most evident when the hijacking of a phone is used as a stepping stone towards taking control of a bank account. The telecoms industry is far from blameless either; it also offshores jobs and it has sought to generate profit from the offshoring done by others. As often happens, one part of the telco basks in the profit generated by new ventures whilst a different part of the business struggles to calculate the true costs. Making technology that can easily spoof calls is great for business, until somebody starts misusing it. The reckless pursuit of profit within the telecoms industry has been instrumental in destroying the reputation of the most important service it has ever delivered: the voice call. But whilst the short-termism of telcos may prove ruinous, the banking industry has been the Pied Piper, leading us to our fates. They say he who pays the piper calls the tune; banks have been paying telcos and the tune increasingly sounds like a ring tone that nobody chooses to answer.

The FCC said in 2019 that unwanted robocalls were a USD3bn annual drain on US consumers. More recently you can find politicians claiming the annual cost is USD13.5bn. To put these numbers into context, a university study showed that a billion dollars of spending on education creates 17,687 jobs for Americans. A billion dollars spent on transport infrastructure goes even further, creating 19,795 jobs. That is not as many the number of US employees of banks, which hovers slightly below two million. But if you start asking hard questions about all the costs associated with creating the technology and infrastructure to service US customers from overseas then it is not long before you question if the amounts lost due to fraud and waste are so significant that it would be worth bringing jobs back to the USA. If the US really is losing USD13.5bn each year because of nuisance robocalls then the elimination of all nuisance robocalling would pay for the creation of a quarter of a million new jobs for Americans. It is a question of perspective as to whether you must seek to obtain the savings first, then employ more Americans with the money saved, or else you should simply change tack by employing more Americans as part of a process that will drain the swamp that is the breeding ground for businesses who create and facilitate unwanted calls.

The tragedy of the US strategy for reducing voice spam is that it has been consciously based on the supposed success of tackling email spam. My occasional articles about email spam typically rank amongst the least popular of those published on Commsrisk, but I write according to my research as well as the interests of readers. That is why I confidently assert most readers are wrong to neglect the opportunity to learn from the experience of tackling email spam. The most crucial lesson is that the worldwide program to tackle email spam has delivered woeful results. The single most important factor in delivering a reduction in email spam has been the enormous influence of just a few big US tech businesses. You may have noticed how much criticism these same businesses now receive because of their overwhelming influence in other arenas, yet we depend on the outsize power of Google, Microsoft, and a few other players to police email spam. The world of voice is far less monopolized than that of email. Gmail handles over a quarter of all email globally, meaning the demonstrable bias in their email filters profoundly affects what messages people see.

Even the biggest Chinese telcos will never come remotely close to having a share of voice calls that matches Google’s share of email. That means no telco will ever be able to consistently police voice calls in the way the biggest tech firms can police email. Arguably Google is already in a better position to police voice calls than any telco will ever be; Android runs on almost 3 billion phones worldwide, giving Google an analogous position in the voice market to that which they enjoy in other markets because of their email and web browser software. This contrasts with voice networks that are much more fractured both within and between countries, begging serious questions of any program which depends upon international coordination, and especially the US STIR/SHAKEN program where the goal is to increase happiness within the USA by taking away revenues from carriers elsewhere. This would be bad enough but the US legal environment and US business culture has never been suited to leading a worldwide fight against spam, which is why the US gets best results when relying on oligopolies that can impose consistency across 50 different states and millions of businesses. Nobody was surprised that people at the heart of the US telecoms industry produced webinars on tackling voice spam that required the audience to register with their email addresses, only for those addresses to be used to disseminate unlawful spam emails. Americans are so habituated to this kind of exploitative behavior that they sometimes struggle to empathize with foreigners who find American marketing tactics to be vulgar, intrusive and counterproductive.

As dominant as Google are, they still think that an email sent from my Gmail account to my same Gmail account can be spam. Emails are text, meaning every aspect of an email can be scrutinized by a machine to determine if the message is spam. Emails are not time-sensitive. Voice calls have neither of those advantages. And if you incorrectly block a valid voice call it could have serious implications, which is why the most serious day-to-day operating risks faced by telcos relate to their responsibility to provide connections to emergency services. But the US strategy for tackling robocalls was devised by people who wanted to replicate what was done with email, repeating it across very many telcos worldwide, and accommodating the needs of big US businesses who expect their calls to flow unmolested from whichever foreign subcontractor they engage, back to US consumers. Their expectations defy the experience of everyone who has grown tired of deleting unwanted email messages from businesses that illegally obtained their email address but which hide behind some flimsy marketing code of conduct that is rarely respected. These same banks want a surefire guarantee that all their calls, whether automated or not, will be connected, whilst calls that look much like their calls will all be rejected because know-your-customer obligations will be so perfectly implemented, so comprehensively enforced across the planet, that nobody who runs an illegitimate business can successfully pose as a legitimate business. If you believe that any competent risk manager (i.e. certainly not a lawyer) would ever promise such an outcome then let me remind you that banks employed many well-paid risk managers who also used complicated tools, equations and procedures to guarantee there could never be a systemic banking collapse, but they still needed a massive taxpayer-funded bailout when it happened.

There is a method that would reduce the number of nuisance robocalls received by Americans. It involves US businesses being honest about where they make calls. Stringent restrictions on the use of US numbers to originate calls made outside of the USA, when coupled with automated blocking of suspicious inbound foreign calls, would be an effective way to significantly reduce nuisance calls, as demonstrated by the experience of other countries. Wishing and hoping that somebody will do a great job of implementing know-your-customer controls for businesses situated around the world is not plausible, for the same reasons that explain why US banks prefer not to pay US wages and why the first big telcos made women operators work long hours with no job security. Know-your-customer checks have a cost too. The problem is that nobody wants to pay for stringent know-your-customer checks, especially when the checks are being applied to them. So instead of acknowledging the true cost that would be involved in verifying every business that wants to use US phone numbers to make calls from abroad, the US is engaged in the deception and self-deception required to socialize those costs. If nobody pays the direct costs, but others generate profit by exploiting the freedom to change their CLI at will, then the socialization of costs ends up being measured in billions of unwanted calls. The USA has to make a choice: will it pay for the whole world to implement its strategy? If the only beneficiaries of the US robocall strategy are American then Americans will have to pay, for the same reason that Americans cannot make another country pay for a border wall that only Americans want. One way to pay will involve pouring money into know-your-customer controls. A better, more honest way would involve transparently admitting the Filipino voice speaking on behalf of a US bank really did make her call from the Philippines.

The truth is that American politics is so broken that fantasies are chosen in preference to realistic plans. The US is going to back an implausible mixture that relies on new technology and the bullying of other countries. This is because American politicians dare not say ‘no’ to organizations like the ABA. American politics is beholden to the dollar, and Big Money says Big Business wants to be able to make all its calls from abroad whilst simultaneously complaining about ordinary Americans refusing to pick up. The skeptical opinions expressed by foreign telcos cannot change the disastrous course the US telecoms regulator has plotted. Foreign opinions do not matter because the American Bankers Association (ABA) can afford to employ one of the country’s top lawyers, an alumnus of Yale and Harvard who has deep political connections, to explain why US banks need to be free to use US numbers whilst originating calls from the cheapest countries where they can find employees that speak English. They pay their lawyers so much so they can pay everyone else so little, and because organizations like the FCC are run by lawyers too. The American Bankers Association is a nonprofit association, hence a beneficiary of tax exemptions, that generates revenues of around USD130mn per year. It represents banks that collectively generate over 23 trillion US dollars in annual revenues. That kind of money buys a lot of influence in government, and amongst other businesses too. These are the reasons why the ABA will get what they want, even when their expensive lawyers talk garbage. And that kind of money also explains why the US telecoms industry will voluntarily become the fall guys, tasked with inventing and spearheading a global anti-robocall program that cannot possibly succeed.

You can download the ABA submission to the FCC’s seventh round of proposed rulemaking for illegal robocalls by clicking here.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.