It is ironic that many journalists complain about misinformation being spread on the internet when even Reuters writes misleading headlines.
Lingo Telecom agrees to $1 million fine over AI-generated Biden robocalls
This is a bit like saying somebody was imprisoned for 3 years over their admiration for Adolf Hitler when their actual crime was robbing a liquor store at gunpoint. You may not like neo-Nazis, and you may not like deepfaked robocalls. For the record, I do not like neo-Nazis, and I do not like deepfaked robocalls. But if there is no specific law against being a neo-Nazi, or against making a deepfaked robocall, then it would make sense to mention the laws that people are being punished for violating, unless we wish to live in societies where punishment is arbitrarily meted out to whomever is considered unpopular. Despite a slew of misleading headlines, the US Federal Communications Commission (FCC) has definitely not fined Lingo Telecom for making AI-generated robocalls that sound like President Joe Biden. They have not done this because the US comms regulator:
- Lacks the authority to punish people for telling lies;
- Failed to establish any rules on AI-generated calls at the time these calls were made;
- Does not want to draw attention to flaws in rules that they hardly ever enforce anyway; and
- Knows that the news media will repeat the contents of an official FCC press release without checking any facts.
AI deepfakes and election fraud are two exceedingly sexy topics. What is not a sexy topic is that some businesses do not implement basic know-your-customer (KYC) checks before allowing other businesses to make large numbers of automated calls. And now you know the real reason why the FCC threatened a modest USD2mn fine, before they reached an even more modest USD1mn settlement with the lawyers representing Lingo Telecom. What follows is the stuff that the FCC’s lawyers include in the more boring documents that they write, and which does not get neatly summarized for their sexy press releases.
Lingo Telecom submitted evidence to the Bureau that Life Corporation had provided Lingo Telecom with a certification that Life Corporation would identify its customers and had verified that the telephone numbers used for all calls were associated with the customers. Lingo Telecom concluded that Life Corporation could legitimately use the telephone number that appeared as the calling party of the New Hampshire calls based on: (i) Life Corporation’s certification to Lingo Telecom that Life Corporation would identify its customers and had verified that the telephone numbers used for all calls were associated with the customers; (ii) the past Know-Your-Customer research that Lingo Telecom had performed on Life Corporation; and (iii) the 16-year history of Life Corporation’s traffic patterns as a customer of Lingo Telecom. Based on this conclusion, Lingo Telecom provided A-level attestations for the New Hampshire calls. Lingo Telecom took no additional steps beyond those recited above to independently ascertain whether the customers of Life Corporation could legitimately use the telephone number that appeared as the calling party for the New Hampshire presidential primary calls.
The FCC needs to distract attention from the fact that a US telco applied A-grade STIR/SHAKEN signatures to calls that illegally spoofed a phone number. If the public became aware of the glaring omission in the FCC’s robocall reduction strategy it would undermine everything the FCC has previously said about STIR/SHAKEN supposedly proving that a call is trustworthy. So whilst the FCC had to punish Lingo Telecom for facilitating a shameless election fraud, they did not want anyone thinking too clearly about the following:
- Despite all the many claims to the contrary, STIR/SHAKEN does not authenticate calls;
- Human beings are essential to the process of authenticating calls because only human beings can make the often complicated judgments involved in deciding whether a person or an organization is who they say they are;
- Nobody has written any actual rules for what these human beings should be doing when they make these judgments; and
- A lot of businesses just rely on other businesses to perform know-your-customer checks.
The lawyers of Lingo Telecom must have appreciated all of these points, which is why they were able to negotiate a 50 percent reduction in the penalty they paid, despite being partly to blame for the robocall equivalent of a neo-Nazi coup. If you read Lingo Telecom’s press release, they make it plain that their settlement agreement did not involve any admission of any FCC rules being broken at all.
The settlement announced on Wednesday contains no findings of any rule violations, and Lingo Telecom continues to believe that it complied with all FCC rules, including those pertaining to STIR/SHAKEN call attestations.
KYC is an essential precursor to a technology like STIR/SHAKEN. The technology of STIR/SHAKEN is like applying an unremovable, unfakeable label to a box that says the contents of the box have been ‘quality assured’. But as clever as that labeling technology may be, it serves no useful purpose if nobody actually bothered to check what is inside the box. Without KYC, the ‘authentication’ tick displayed when a handset receives a call is as unreliable as a headline written by a journalist who copies from a press release without checking the facts. This gaping black hole in the US strategy for protecting the public for scam calls is apparent to many people in the US industry, although nobody seemingly knows how to close it. Respected US comms lawyer Jonathan Marashlian highlighted the core problem with Lingo Telecom’s settlement.
Despite the settlement, the FCC provided little guidance on what additional steps telecom providers should take to avoid similar penalties, leaving many in the industry uncertain about their compliance obligations.



