In my experience, there are two kinds of cooperation. One kind of cooperation involves people treating each other as equals, talking to each other about what they both want, and then arriving at a compromise. The other kind involves somebody telling you what they want you to do, then complaining about a lack of cooperation if you do not do it. Regular readers of Commsrisk will be familiar with the kind of cooperation favored by the businesses that sell STIR/SHAKEN and the American politicians they have captured. They have a Wild West mentality where they believe their company lawman should ride into town and deliver the justice that everybody deserves. They will not admit that crooked politicians and crooked lawmen are as great a threat to the public as anything else. Democracies answer to the people who live in the place being governed, not to the legislators of a foreign country. And even people who live in undemocratic countries may not have much respect for the current state of American democracy.
If you live outside of the USA then nobody has told you about the Foreign Robocall Elimination Act yet, but that is because it is not currently the right time for the billion-dollar businesses which sell STIR/SHAKEN to run a marketing campaign in support of it. That phase will come later, after the law has been passed and they can present it as a global fait accompli, courtesy of American leadership. First they need to pass the law. Then they will assemble the US industry cronies who will decide what you have been doing wrong (and what they have been doing right). Only when both those phases have been completed will they give everybody else the opportunity to praise their leadership, and to pay the invoices for their services, even if you live in a country with fewer scam calls because it has superior methods of preventing them.
The US conception of international leadership in this domain has mostly involved US experts talking to other US experts about how much global expertise they have gained by only talking to each other and by refusing to listen to anybody else. That is why you can already guess at the nationalities that will be represented on the committee that will decide what foreign countries must do: it will be exclusively comprised of Americans. I do not need to elaborate to an intelligent audience about the reasons why this is an unsatisfactory approach to international cooperation. Perhaps ordinary Americans would receive fewer scam calls if their leaders occasionally sought the advice of experts in countries which receive fewer scam calls. However, that would cause embarrassment for some of the US experts who routinely insist the current American approach is the most effective approach imaginable. It might even lead to the admission that mistakes have been made. But as there can never be an admission that mistakes were made, US leaders can only double down by insisting the same mistakes must be made everywhere.
Let us briefly recap the mistakes made by American leaders.
- They implemented an expensive technological system to ‘authenticate’ phone calls without doing anything to ensure the identity of the person making the call is the same as the identity that was ‘authenticated’.
- They implemented the system knowing it would only work on IP networks despite some telcos having a clear economic incentive to transmit traffic over non-IP networks.
- The system only tackles calls that spoof the CLI. There have always been many scam calls which do not involve spoofing. If methods to reduce spoofing are effective then there will inevitably be an increase in scam calls that do not involve spoofing.
- One relatively cheap and easy way to massively reduce scam calls from overseas involves blocking international calls that spoof a domestic phone number. American experts keep insisting this is not possible in the USA, although the method has proven to be both possible and effective in many other countries. Some of those experts will get appointed to the committee to dictate the policies that foreign countries should follow.
- They spent half a billion dollars on their system and it delivered inferior results to the cheaper methods used elsewhere. But this does not discourage them from their belief that if they provide more ‘leadership’ then the rest of the world will also want to spend similar amounts of money on replicating the US approach.
It has often been said that insanity involves repeatedly doing the same thing but expecting a different result. I feel like I am going insane because I keep pointing out the same obvious flaws in the US strategy because the same American leaders keep pretending they do not exist. Those American leaders insist the only reason the current US strategy is failing is because its diktats have not been followed everywhere else on the planet. But to be fair to them, those American leaders are not insane. They repeatedly prioritize profits over consumer protection and they repeatedly obtain their goal. Protecting the public is central to their marketing message, not to their business model.
I tire of repeating myself, so let us cut to the chase. What follows are some key excerpts from the Foreign Robocall Elimination Act, which was recently approved at committee stage and which is progressing towards a formal vote in the Senate. The most important aspect of the law is that it explicitly requires the creation of a US ‘task force’ whose purpose is to dictate what other countries should do.
The taskforce (sic) shall prepare a report on unlawful robocalls, which shall contain recommendations and advice for Federal agencies with jurisdiction relevant to combating unlawful robocalls, and for Congress, regarding the most effective ways to combat unlawful robocalls made into the United States from outside the United States.
Only a few weeks have passed since ordinary Americans were assaulted by gaudy headlines about there being so many simboxes in New York that they could have potentially ‘crippled’ its phone networks. But why bother examining the question of whether US telcos are doing a good job of tackling scam calls made from inside the United States when those telcos have always insisted the problem originates outside the United States? From top to bottom, this law has plainly been written by the corporations that have always claimed they are powerless to do more to reduce scam calls because they first need foreigners to do more, even though evidence to the contrary has been splashed across the front pages of US newspapers.
It goes without saying that the most ‘effective’ ways of tackling robocalls have already been determined by the authors of this legislation.
examine methods for encouraging the adoption of caller identification authentication technology in foreign countries
examine and provide information on options for how countries can collaborate on solutions to authenticate and verify international calls, including relevant analytics relating to unlawful robocalls and technical options that can be used with respect to that authentication and verification
examine how better implementation of technical solutions, such as traceback and caller identification authentication technology in foreign originating countries, would improve coordination between the United States and foreign countries in combating unlawful robocalls
Does anybody really think the architects of the current US strategy for scam reduction will impartially evaluate whether the USA should repeal the law that mandates STIR/SHAKEN for US telcos? And that they then might propose a switch to a different authentication technology because that would increase the chances of international cooperation? The committee will consist of the people who designed STIR/SHAKEN, lobbied for STIR/SHAKEN, and promised STIR/SHAKEN would deliver results that it failed to deliver. They persuaded the country to spend half a billion dollars implementing it. And even if they were impartial about technology, as genuine experts would be, this committee will be chosen based on their political connections. US politicians have repeatedly claimed STIR/SHAKEN has been a success; they will not want to look foolish by experts who suddenly admit there might be better alternatives to STIR/SHAKEN. So nobody should be surprised that ‘encouraging authentication technology’ is just a euphemism for ‘get foreigners to implement the same STIR/SHAKEN as the USA’.
determine whether–
(i) the technical standards commonly known as “STIR/SHAKEN” adequately provide call authentication for unlawful robocalls from foreign originating providers or foreign intermediate providers through gateway providers in the United States; and
(ii) it would be desirable to encourage other countries to adopt the standards described in clause (i)
The people who wrote this law want you to know that foreign experts with a better grasp of how to tackle scams will be defeated.
examine ways to provide incentives to foreign countries to cooperate with law enforcement efforts in the United States to combat unlawful robocalls
Let us apply a little thought to what this clause really means. We know they want to sell STIR/SHAKEN to rich English-speaking countries like the UK and Australia first, then to rich countries that do not speak English, such as Saudi Arabia, Germany and Japan. We know this because they previously spread the lie that the UK’s regulator had already chosen to make STIR/SHAKEN mandatory and that Australia would be next. They even spread the lie about the UK in Australian newspapers to compensate for their failure after they realized the UK regulator was going to reject STIR/SHAKEN. Efforts to sell STIR/SHAKEN to other regions, such as the Gulf Arab countries, then ramped up but proved to be equally fruitless because the earlier dominos had not been toppled. It is important to sell STIR/SHAKEN to rich countries because the goal is profit, and because only rich countries can afford to waste so much money. But what kind of incentives might they offer? The statistics indicate that the UK and Australia suffer far fewer bad calls than the USA, and have been more effective at reducing bad calls than the USA, so the lie that STIR/SHAKEN is vital to success has been destroyed by the actual experience of those countries.
They surely will not offer an actual incentive, such as handing out some money to foreign countries to cover the hefty cost of STIR/SHAKEN. Nor will they reward international cooperation by promising the USA will not slap extortionate tariffs on whatever specific import President Trump will be bitching about next week. The American cooperation has not worked like that for a long while, and the arrogant behavior of some American businesses that supply STIR/SHAKEN has emphasized a model where international cooperation occurs in one direction only. This has been demonstrated by the lies that Americans have been spreading about the global popularity of STIR/SHAKEN since the beginning. When they think of incentives, what they really mean is the threat of disincentives, because the people behind this legislation have also been consistently proposing punishments for telcos and countries that refuse to implement STIR/SHAKEN or otherwise kowtow to US demands. The US Federal Communications Commission (FCC) is literally consulting on whether they should introduce these punishments during their latest round of rule-making for STIR/SHAKEN.
The flaw with a plan that relies on punishing other countries for not implementing STIR/SHAKEN is that it will inevitably fail in countries that are already being punished for something else. China and its telcos get punished all the time because China is the enemy of the USA. It was just a few weeks ago that the FCC proposed to punish Hong Kong Telecom for being from Hong Kong. So what further incentives or disincentives could possibly make a difference to the authentication policies adopted by the world’s biggest telcos, all of which are Chinese? They are not going to accept US hegemony. And if China does not accept US hegemony then China’s allies will reject it too, begging the question of how an approach that depends on the end-to-end verification of international calls will make any difference for all those calls that originated in countries that refuse to play by American rules.
The policy of incentivizing and disincentivizing foreign cooperation is a sham that will be executed by US lawmakers owned by corporations. It is a political stunt and a way to increase revenues for US businesses but the same problems will remain when the sham is played out, just as those problems persisted after their previous lies were exhausted. This law is written as if the only issue with the current US strategy is that bad countries do not obey US rules. There are only two countries that currently obey US rules — the USA and Canada — and the rest do not. But even if there were 20 or 50 countries that accepted US rules, what difference will it make if all the bad countries keep originating the bad calls that these Americans say they are trying to stop with STIR/SHAKEN? They will never be able to govern the entire global telecoms ecosystem even if they spend millions of dollars promoting the pretense that they can.
There are some signs that the authors know how badly the US is screwing up even while they try to shift blame to foreigners.
specifically determine how the Attorney General has pursued forfeiture amounts in enforcement activities with respect to unlawful robocalls
What an interesting idea! The US will pass a law asking if anybody in the USA collected the fines imposed because other US laws have already been broken. One of the biggest problems with US laws to reduce scams is that they are not being enforced in any meaningful sense. China executes scamlords. The USA does not even collect fines from them. The USA should put more effort into enforcing the laws on its own statute book and less on trying to write new laws for other countries. There is already copious evidence that nobody collects these fines because nobody in government can be bothered to collect these fines. Why do people in power need yet another law just to ‘specifically determine’ if the US legal system is failing to do its job? But as they lack the capacity to exercise any meaningful reform within the USA, this clause is a sop to those critics who have realized the reasons why the US strategy is failing have nothing to do with foreigners or with a lack of technology. The root cause of failure in the USA is the legal and political system of the USA. They keep wasting money on technology because they want to distract attention from the root cause of their failure, and because that wasted money generates a lot of wealth for the members of the clique that decide which technologies will be mandated not just in the USA, but for foreign countries too.
If you follow the history of the legislation passed about this topic in the USA (and I appreciate that literally no sane reader of Commsrisk would want to do that) then you can see it is covered with the fingerprints of the industry players that have written this new law. This is most obvious in the section that describes the seven people from the private sector who will be appointed to the task force. I suspect they already know the names of those seven individuals but writing down their names would have made the corporate takeover of the US government too obvious.
3 of whom shall be representatives from private sector entities with expertise in combating unlawful robocalls, including—
(I) voice service providers;
(II) analytics providers;
(III) technologists; and
(IV) technology experts;
So that means YouMail will be on the committee, as they provide all the analytics used for all the prosecutions that actually occur. AT&T will be on the committee; they are the favored telco that always tells the government what they want to hear about STIR/SHAKEN because so much of their business is dependent on selling data to government and spying on the government’s behalf. There might be some wrestling over the third of these three seats. Somos and TransUnion would undoubtedly like to be lined up as oligopolistic providers of ‘fraud intelligence’. Meanwhile, iconectiv already generates monopoly revenues by administering STIR/SHAKEN in the USA and has aggressively promoted the need for equivalent monopolies elsewhere. However, I suspect some shill from the Alliance for Telecommunications Industry Solutions (ATIS) will serve as a compromise that keeps all of the billion-dollar vendors of STIR/SHAKEN happy. ATIS owns the rights to SHAKEN, is effectively controlled by the STIR/SHAKEN vendors, and they can always be relied upon to produce an ‘expert’ that will predict the imminent success of STIR/SHAKEN, even when it fails. ATIS also has the advantage that they pretend to be an international association, which is funny when you look at who their members really are.
1 of whom shall be a representative from the Consortium
This is the seat to be given to Josh Bercu, boss of USTelecom’s Industry Traceback Group consortium. It will be his reward for always telling American politicians what they want to hear while never saying anything that would embarrass the US telcos that pay his wages. If you were paying attention at the time (which you understandably were not) then you would know the rules for granting exclusive rights to this consortium include a definition of what the consortium should do, and should be, that perfectly matched the consortium that USTelecom had already created. USTelecom has unsurprisingly ‘won’ the right to run this consortium every year since, although they have faced competition from a wealthy oddball who runs a business called ZipDX. I am not making this up. This is actually how they govern consumer protection in the USA and they get away with these absurdities because there is so little external scrutiny of the clique that decides policy within the telecoms sector.
Bercu is an ex-FCC lawyer who gets paid a quarter of a million dollars each year; it is a matter of public record because USTelecom also claims the tax advantages of being a ‘nonprofit’ organization. USTelecom is funded by (surprise, surprise) US telcos. So that means Bercu’s job is to invent statistics that make the big US telcos look good and then fly to other countries to tell them how US telcos and US regulators and US lawmakers are superior at doing stuff. I think asking the advice of a Washington DC lobbyist who is paid a lot of money to tell powerful Americans what they want to hear is a terrible way to decide policies for how to fight crime, but I appreciate it is a pretty common tactic in Washington DC. To be fair to Bercu, there are plenty of people at USTelecom who get paid a lot more than him. Such are the rewards when you run a ‘nonprofit’ that is paid by big US telcos to lobby on their behalf. This is also why the other big telcos will not mind if AT&T gets the aforementioned seat on the committee; it will be the job of the USTelecom stooge to also represent the interests of the other big US telcos.
1 of whom shall be a representative of a marketing business that communicates with consumers by telephone as part of the normal course of business of that marketing business
Yes, it actually says that. The needs of the big businesses that make money by spamming Americans will be represented on a committee that will supposedly prioritize the needs of American consumers. I expect this role will go to a business that runs lots of offshore call centers so they can insist that STIR/SHAKEN is necessary because they do not want their foreign robocalls to be blocked. They are fine with robocalls from foreign countries, so long as they are not robocalls made by unsanctioned competitors. That is why they lobby foreign governments to loosen the anti-scam rules that prohibit foreign robocalls and to adopt STIR/SHAKEN instead.
1 of whom shall be a representative of a business or nonprofit organization that communicates with consumers by telephone for non-marketing purposes on a regular basis
I admit to not knowing enough to predict who will get this seat on the task force. Perhaps it will be given to a bank or a representative of the American Bankers Association (ABA), so they can complain their outbound calls are not being picked up because Americans receive so many other unwanted calls. The ABA has always been keen to ensure their members can continue to make lots of calls from foreign call centers.
1 of whom shall be a representative of an organization that advocates on behalf of customers and who has relevant experience and expertise in combating unlawful robocalls
So this committee of people trusted to advise on how to protect consumers will have one person from an organization with an interest in protecting consumers, as opposed to the six representatives of organizations that really really like making money from phone calls. However, they might as well not bother with the consumer advocate role because the US government has already demonstrated a knack for finding incompetents who are inept at defending the interests of American consumers. They will select somebody who knows nothing about the telecoms industry and knows nothing about the methods other countries have used to reduce scam calls. This person’s insights will be overly influenced by the things they have been told by politicians and businesses with a vested interest in maintaining the status quo. More importantly, the consumer advocate will remain ignorant of things that neither politicians nor businesses want them to know about.
The sponsors of this new law, Senators Peter Welch and Ted Budd, issued a press release describing the task force as a collaboration between the public and private sector with ‘members from both government and private industry’. However, it is obvious who is calling the shots. This law is written to further a strategy that has long been promoted by the private sector without any previous help from these two Senators. In case you still cannot tell who wrote this law, the press release boasts that the law has been endorsed by USTelecom before it quotes Josh Bercu at length.
But as I observed above, Bercu and his cronies chose not to reserve a single seat for a person who might represent the foreign interests involved in tackling robocalls that originate in foreign countries. That is not the kind of cooperation they seek.
If you have not been paying attention to how these things are always done (and how many of us do?) then you may not have noticed another important omission from this task force. It is the omission we never talk about because we have been trained to believe certain kinds of people give orders, and other kinds of people must follow those orders. The task force will consist of lawyers, and lobbyists, and businessmen, at least one network engineer, and at least one person with a background in public policy. But there will not be a single person who has ever worked for a telco in a role where they had responsibility for reducing crime.
This task force is not motivated by a genuine desire to reduce crime, and will not be leveraging the experience of people who know how to fight crime. The goal is to keep real American experts on networked crime quiet by making it obvious how little their opinions matter. The majority of American fraud managers will not have heard of the Foreign Robocall Elimination Act; nobody in power cares what they think about anything. American fraud managers just get told what to do and are expected to know their place. In that respect, American policymakers treat foreigners the same as they treat their own people.
This task force will be run by a clique that cares a lot more about politics and profits than they care about protecting the public. If they mistakenly appointed somebody who actually fought crime then that person might propose a cheap and effective way to fight crime, which would hurt the revenues of members of the clique. And that person might draw attention to past mistakes, which would be bad for political relations.
It is time for all you foreigners to saddle up, because America’s cowboys are planning to ride into your town again. If you challenge their expertise, or challenge their right to dictate how law and order is maintained in your homeland, then they will aim to shoot you down in any way they can. They will seek to discredit you. They will invent bogus statistics about how they are better at their jobs than you are at your job. But mostly they will ignore you because they can pay for superior access to your bosses and to your politicians, just as they have in the USA. That is what they call ‘leadership’.



