Will the Big New US Robocall Lawsuit Change Anything?

The USA has a recurring seven-step plan for appearing to do something about illegal robocalls.

  1. The regulator and its cronies hype up efforts to reduce illegal robocalls, knowing some headline-grabbing court case is imminent.
  2. There will be lots of hype at the beginning of some new legal or regulatory action against a business that can be blamed for illegal robocalls.
  3. There will be lots of hype about the big financial penalty issued at the end of the aforementioned enforcement action.
  4. Nobody mentions the lack of anyone bothering to collect the financial penalty, meaning the transgressor effectively escapes without any real punishment.
  5. Nobody notices the transgressor sets up a new business front, perhaps with the help of accomplices.
  6. Everything returns to a holding pattern that involves lots of talk about ‘whac-a-mole’ even though the same mole just keeps popping up through the same hole because nobody ever hits him with anything substantial.
  7. Return to step one and keep feeding the cycle of publicity in the hopes of distracting the public from the evidence they receive every time they get an illegal call.

This leaves me reluctant to echo the steps in this cycle that always receive too much publicity. The inevitably of step one being followed by step two has again been illustrated by mainstream US news asking FCC Chair Jessica Rosenworcel some tediously softball ‘questions’ about illegal robocall enforcement — CBS News even spared her the need to repeat the whac-a-mole cliché by doing it for her — just a few days before the announcement of a big new court case. Whatever happened to impartial journalists asking difficult questions or holding government agencies to account?

Nevertheless, there has been a big new illegal robocall case in the USA so I need to write about it. The case features almost every state attorney general in the USA suing Avid Telecom, its Chief Executive Michael Lansky, and its Vice President Stacey Reeves. It has been brewing for a long while; last year I shared transcripts of Skype conversations involving Lansky that had been obtained by prosecutors, and earlier this year I wrote about Lansky trying to use defamation law to silence his critics. The transcripts seemingly showed that Lansky knew some customers of Avid Telecom’s VoIP operations were engaging in tricks like creating new business fronts so they could continue to pump illegal robocalls when older legal entities were being investigated.

The complaint put forward by 49 attorneys general says Avid Telecom received 329 traceback notifications relating to illegal robocalls, and had other reasons to believe it was carrying illegal traffic, not least because they were actively helping illegal robocallers evade detection. For example, Avid Telecom had secured a cheap and plentiful supply of Direct Inward Dialing (DID) phone numbers which were given to robocallers. Avid allegedly helped scammers by rapidly rotating numbers used for ‘neighbor spoofing’, the presentation of an A-party CLI from the same area as the target B-party, as meant to increase the chances of the recipient picking up because of the assumption that the dialer will be known to them. Frequently changing the apparent outbound number used by illegal robocallers reduces the chances of their calls being traced back to origin and hence the likelihood of effective enforcement action being taken.

Civil cases are decided on the balance of probabilities rather than being proven beyond reasonable doubt. This distinction may be important to determining the outcome of this case because the prosecutors place a lot of reliance on evidence that the court may consider circumstantial. For example, the complaint argues that Avid knew its traffic must be illegal because they originated very high volumes of calls that were unusually short in duration.

Among the approximately 21 billion calls made to valid U.S. phone numbers, about 93% of those calls had a call duration of less than 15 seconds.

The complaint also argues that the ratio between the number of calls made and the number of DIDs used for the apparent A-party would be implausible for a telco serving legitimate businesses that would expect to be called back.

Between January 1, 2019, and November 3, 2022, Avid Telecom routed to its downstream customer All Access Telecom more than 4.52 billion calls… More than 474.8 million different Caller ID or DID numbers were used to place those calls, over 72% of which were used to make just one telephone call.

Between June 18, 2021, and January 31, 2023, Avid Telecom routed to its downstream customer Bandwidth more than 587.8 million calls… More than 55.5 million different Caller ID or DID numbers were used to place those calls, over 71% of which were used to make just one telephone call.

The traceback notices demonstrate that illegal robocalls originated with Avid Telecom, but it is not obvious that a court will agree that hundreds of specific examples of bad calls must scale to the billions of bad calls that Avid Telecom is said to have originated in total. The plaintiffs’ arguments are bolstered by other warnings about illegal traffic that Avid received from various carriers, and by the information gleaned by examining electronic correspondence between Avid and its customers. But ultimately a court has to evaluate how much the evidence proves in practice, and there is no guarantee that the court’s estimation will go as far as the plaintiffs would like.

By now, most sane people will have stopped reading. That is a shame, because it is only when you get this far that you can begin to appreciate the catch-22 of the legal approach being used to reduce robocalls in the USA. It is easier for plaintiffs to win a civil case than for prosecutors to win a criminal case because of the quality of the evidence they need to provide in each instance. There may well be irrefutable proof that Avid Telecom originated some illegal traffic but every telco originates some illegal traffic because it is burdensome to check if an individual call is illegal; telcos cannot literally listen in to every call to ensure the recipient is not lied to. We rely on patterns expressed across large volumes of calls to rationalize whether a comms business is intentionally enabling illegality. So civil suits of this nature tend to rely on two forms of abstraction from the particular to general:

  1. If one call can be shown to have played a recording designed to deceive the recipient, and other calls follow a similar pattern to that call, then we infer that other calls were used to pursue the same kind of scam, even though there is only definitive evidence for the call where it is known what the recipient heard.
  2. If one customer of a telco is shown to be a scammer, then the telco is supposed to infer that similar behaviors from other customers is indicative of illegal activity, resulting in those customers being turned away in future although no wrongdoing has been established in a court of law.

When deciding how much to punish a business like Avid, an evaluation needs to rely on both extrapolations from the particular to the general. The court is supposed to look not only at the calls which were known to be illegal, but also at the number of calls which may have been illegal. The court also needs to assess if Avid is doing enough to turn away bad customers before they are proven to be bad. These calculations are far more subjective than most lawyers or anti-fraud practitioners would like to admit, but they determine the scale of the penalty that should be levied.

It is at this point that the US legal system gets seduced by its greatest weakness. If the goal is to put bad actors out of business, it follows that you want a low burden of proof (as enabled by pursuing a civil case instead of a criminal case) and the highest possible penalty even if the court takes a conservative view of how much wrongdoing was established by the evidence. This leads states to pass laws where there is a high dollar value to the penalty imposed for each illegal call, so even if the court concludes that only a modest number of calls were illegal, the size of the total penalty is sufficient to wipe out the business responsible. That is why the US press is fed a regular diet of headlines involving million, billion and gajillion-dollar fines. It does not matter that the defendant cannot possibly pay them; the goal was to always produce a number guaranteed to be so large that they were unpayable, thus seemingly guaranteeing that the business comes to an immediate end.

The catch-22 is that this generates an impression of real enforcement action when parlayed into press releases of the type issued in the seven-step cycle mentioned at the top of this article, but neither the businesses nor the people running them are remotely capable of ever paying off the amounts they theoretically owe. So they are not expected to pay them off in practice. And if there is latitude to let them off without paying it all, that latitude can easily be turned into mockery by defendants who show they have almost no valuable assets, apart from the bare minimum needed to stop themselves becoming a burden on the welfare system. They will then pay no penalty at all. They will instead remain free to find new ways to support themselves… or to disguise their return to the lucrative comms business they already knew, except that they use the cover of a new legal entity, perhaps with different accomplices nominally running them.

There is no appetite within the USA for a more fundamental change of strategy, whereby laws are passed so that wrongdoing like this is treated as a crime, potentially resulting in a prison sentence. Making it a crime implies a higher standard of evidence, and hence an increase to the work that needs to be done by prosecutors. But sending someone to prison would interfere with their ability to commit these crimes again. And the threat of being sent to prison would be a more effective deterrent that gajillion-dollar fines that nobody collects. The irony is that the US legal system attempts to save effort at the cost of incurring lots more effort elsewhere. This particular case has seen 49 state attorneys general file a complaint involving 23 counts of wrongdoing under a plethora of different laws, which needed to be enumerated across 35 pages of text. It takes another six pages to document all the civil penalties being sought under all these laws. But all of this will just total to a big fat number that cannot be taken seriously. If only US lawyers could stop wasting time on meaningless activities like these, they might finally redirect their efforts towards intelligent reforms that would lead to some actual punishment.

I may be proven wrong in this case. Perhaps Avid Telecom, Lansky and Reeves will genuinely be made to pay. But my point remains the same. Do not believe that the conclusion of this court case is the real conclusion. That is what the regulators, lawyers and politicians want you to believe, with assistance from the laziest journalists who ever lived. The conclusion of a case like this comes with the actual punishment, not with the production of a nonsensical figure. The long-established pattern is that there is no actual punishment. I hope to be proven wrong this time. But we should be asking for proof, or else the flawed US approach will just keep repeating the same mistakes.

Three independently-minded experts will discuss robocalls and call authentication on today’s episode of The Communications Risk Show. Join us for the livestream at 11am US Eastern, 4pm London, 8.30pm New Delhi to put your questions to Sathvik Prasad, prize-winning researcher of robocalls, Pierce Gorman, network engineering veteran who played a leading role in the development and implementation of STIR/SHAKEN during his time at Sprint and T-Mobile US, and Professor Feng Hao, who has developed a light but effective alternative way of authenticating calls that places no burden on intermediate carriers. The show can be watched and messages sent to the participants via the dedicated portal at tv.commsrisk.com. If you miss the live webcast then the video recording and audio podcast will be available immediately after the show has ended.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.