Last week saw approximately 150 participants attend the virtual pre-launch of the One Consortium, a new nonprofit entity that will encourage the adoption of consistent international rules to tackle CLI spoofing. The online event featured a series of industry heavy-hitters who spoke in favor of the initiative. Whilst One Consortium’s actual launch date has not yet been chosen, many decisions that will determine the composition and management of the new organization are currently being made. Aspects that have already been settled include the following:
- the One Consortium will be governed by businesses that carry international traffic
- there will be no membership fees
- the pre-launch working group will use the principle of one-member-one-vote when making decisions
September 28 was touted as the proposed date for the ‘pre-consortium kick-off’ which would finalize the charter, mandate, and timeline for One Consortium, including the entity’s eventual launch date. But the organization which instigated this initiative, the i3forum, will not wait until the launch of the One Consortium to begin conversations with sympathetic national regulators. i3forum Executive Director Christian Michaud told the pre-launch meeting that they will press ahead with one-on-one calls with national regulators that have already expressed an interest in working with the One Consortium to agree consistent multilateral rules for how to prevent CLI spoofing. The i3forum is a nonprofit association of international wholesale carriers that was founded in 2008.
Many telcos publicly announced their willingness to participate in the One Consortium, but less information has been shared publicly about the regulators which have taken an interest. The organizers indicated that some regulators, such as UK comms regulator Ofcom, were happy for others to know they attended the pre-launch event. It is understood that some other important national regulators only joined the event on condition that their participation remained secret. This kind of secrecy is not surprising. People who work for regulators can be extremely risk averse, not least because regulators never ever admit to making mistakes.
There is a natural conservatism in the telecoms sector which sometimes slows the rate of necessary change. However, it would be foolish of national regulators to squander an opportunity for international harmonization of methods used to prevent bad traffic. Some problems cannot be solved by regulators behaving like fiefdoms that can dictate not just their own rules, but also demand that their peers respect them too. The success of the One Consortium will depend on regulators negotiating with each other as well as imposing their will upon businesses, and multilateral negotiation cannot occur if regulators remain coy. Various bilateral agreements to reduce spam and scam calls have been announced between national regulators, but none have delivered any tangible results. It would be a boon to both telcos and ordinary phone users if the One Consortium can persuade regulators of the need to accelerate the pursuit of consensus on how to tackle spoofed calls that originate in one country and terminate in another.
The organizers obtained ringing endorsements for the One Consortium from a string of professionals. They included:
- Linda Vandeloop of AT&T and Chair of the US STI-GA, the body which governs STIR/SHAKEN in the USA
- Josh Bercu, Vice President at USTelecom, the association which runs the US Industry Traceback Group
- Rob Kurver, founding partner of the Amsterdam-based CPaaS Acceleration Alliance
- Katia Gonzalez, Head of Fraud, Security and Analytics at BICS, and long-serving Chair of the i3Forum’s voice fraud working group
- Céline Gregoire, Executive Vice President for Marketing and Voice at iBasis
- Pasqualina Spagnuolo, Associate Director at Tata Communications and ITRF committee member
- Nishant Arya, Global Head of Commercial Operations at Tata Communications
- Eli Katz, CEO of XConnect and Chairman of the Comms Council UK since 2005
- Annabel Helm, recently appointed Managing Director of the ITW Global Leaders’ Forum and previously an Event Director at the GSMA
Now comes the really hard part. There is clearly some enthusiasm for a body that will align CLI validation for international calls. But it is always easier to agree to coordination in theory than to make the compromises required in practice. It will not be possible for every country, every comms provider and every association to obtain the form of CLI validation they would most prefer. The One Consortium is making the best progress that can be expected at this stage, but they will need to embrace the challenge of discussing and addressing technical detail in order to make substantive progress.
Vague blandishments from regulators about wanting to work across borders will not disguise the incompatibility of methods already being used to tackle CLI spoofing. Significant differences in approach are evident between the USA, France and Brazil. Ireland explicitly rejected STIR/SHAKEN because it does not meet their needs. Other countries will be avoiding the topic of CLI validation because they cannot afford expensive overhauls of how their networks behave, especially if the benefit to domestic phone users will only be small. The One Consortium should prioritize obtaining any agreement between any three countries in order to generate belief in their program. The sooner they can show they have accomplished something, the better the chances of overcoming the political, commercial and bureaucratic obstacles to reaching consensus.