FCC wants major telecoms to step up rules around AI-generated robocalls

The Federal Communications Commission is pressing telecommunications carriers for more transparency around efforts to curb the use of voice-cloned robocalls that impersonate political candidates over their networks.

Chairwoman Jessica Rosenworcel sent letters to nine of the largest telecoms this week requesting more details on how they authenticate the identity of callers, the technologies they deploy to detect AI-voice cloning and their engagement with private and public entities that track and trace illegal robocalls and other fraudulent activity on their networks.

“We know that AI technologies will make it cheap and easy to flood our networks with deepfakes used to mislead and betray trust,” she wrote. “It is especially chilling to see AI voice cloning used to impersonate candidates during elections. As AI tools become more accessible to bad actors and scammers, we need to do everything we can to keep this junk off our networks.”

Rosenworcel asked the firms to outline their Know Your Customer practices and how they implement STIR/SHAKEN — a set of mandatory protocols telecoms are supposed to utilize to prevent caller ID spoofing.

She also asked what internal resources the companies are dedicating to identifying and combating AI voice cloning and suspected illegal robocalls, as well as how they engage with entities like the Industry Traceback Group, a consortium of organizations that combine resources to trace and track the infrastructure of telephone scammers and spoofers.

The letters were sent to executives at AT&T, Comcast, Verizon, T-Mobile, Cox Communications, DISH and Echostar, Charter Communications, Frontier Communications and Lumen Technologies.

The missives come as the FCC continues to grapple with the fallout from an AI-generated robocall of President Joe Biden sent to thousands of New Hampshire residents in January urging Democrats not to vote. Those calls were traced by New Hampshire investigators and the Industry Traceback Group to two entities: Lingo Telecom, which transmitted the calls, and Life Corporation, a Texas political marketing firm. Later, NBC News identified Steve Kramer, a Democratic political consultant who was employed by the presidential campaign of Rep. Dean Phillips, as Life Corporation’s client.

The letters highlight the FCC’s growing scrutiny of STIR/SHAKEN, an obscure set of regulatory protocols rolled out in 2021 to deter illegal robocalls and caller ID spoofing. STIR/SHAKEN requires telecoms to formally attest to the FCC that they have taken steps to ensure a person making calls over their network legally owns that phone number.

While the protocols are meant to cut down on the deluge of robocalls, spammers and spoofers that have flooded American phone lines over the past decade, their effectiveness relies in part on self-attestation from telecoms that they are doing their due diligence.

The Biden AI robocalls sent to New Hampshire voters spoofed the cell phone number of Kathy Sullivan, a former state Democratic Party official who was head of a super PAC running a write-in campaign for Biden. Subsequent investigation by the FCC found that the carrier transmitting those calls, Lingo Telecom, had signed off on the calls with an “A-level” STIR/SHAKEN attestation, the highest level of confidence that a carrier can signal to downstream providers when authenticating the identity of a caller.

The FCC proposed a $2 million fine for Lingo Telecom in late May, as well as a $6 million fine for Kramer. In their enforcement letter, the agency said Lingo had failed to “utilize reasonable Know Your Customer protocols” when attesting to the authenticity of the calls.

In May, Kramer was charged by New Hampshire authorities with 13 counts of felony voter suppression and 13 misdemeanor counts of impersonating a political candidate.

While Rosenworcel, a Democrat, is leading the charge, there is evidence of bipartisan support on the commission for closer scrutiny of potential gaps in STIR/SHAKEN. Commissioner Nathan Simington, who was nominated by President Donald Trump in 2020, wrote in May that while Lingo Telecom clearly failed to do its due diligence around the spoofed New Hampshire call, the FCC “has never required a higher standard” from carriers in the past.

“The problem for our action today is that Lingo probably complied with industry standards. We might deplore the laxity of these standards, but Lingo might well respond that they were in line with actions that had been repeatedly blessed by the FCC,” Simington wrote.

Simington ultimately voted to approve the fine but called it a form of “backdoor rulemaking through enforcement” and urged the commission to “immediately act to establish clear standards” around what constitutes reasonable Know Your Customer protocols for the telecom industry.