GATINEAU – Canadians hate it when the phone rings and it is someone or a machine trying to sell them something they don’t need and the CRTC was given the mandate to deal with these nuisance calls through legislation back in 2005.
As the callers are becoming more sophisticated or rather as technology allows them to easily circumvent the rules, the regulatory bodies around the world have been struggling to keep up with the task at hand.
One of those method to circumvent the rules is called ID/spoofing. Spoofing occurs when callers deliberately falsify the caller identification (e.g. telephone number) that is sent to called parties, in order to disguise their true identity.
On Monday, December 9th, 2019, the CRTC announced that it would take further steps to combat spoofing and determine the origins of a call.
In a call for comments issued that day, the Commission takes the final steps to mandate telephone companies to adopt authentication/verification measures for caller identification for IP-based voice calls and implement the STIR/SHAKEN framework by September 2020.
“The Commission considers that this framework will increase the effectiveness of other measures taken to combat nuisance calls, such as an industry-wide call traceback process, opt-in call filtering solutions, and network-level blocking of nuisance calls with blatantly illegitimate caller ID,” one the CRTC document states.
In the United States, the Federal Communications Commission (FCC) ruled n June 2019 to require voice service providers to implement the STIR [Secure Telephony Information Revisited]/SHAKEN [Signature-based Handling of Asserted information using toKENs] framework by the end of 2019.
To demonstrate the co-operation between the two countries, the CRTC Chairperson, Ian Scott, Chairperson and CEO of the CRTC (pictured) and Ajit Pai, Chairman of the U.S. Federal Communications Commission conducted the first official cross-border call using STIR/SHAKEN, using carriers Comcast Xfinity Voice and Telus.
“This call between the chairs of the FCC and CRTC demonstrates our joint commitment to the fight against spoofed calls and our focus on protecting Canadian and American consumers. Spoofing is a challenge that requires broad co-operation and engagement, both domestically and internationally, from many partners including the telecommunications industry. The timely implementation of STIR/SHAKEN will enhance the security of American and Canadian consumers and give them the peace of mind they demand and deserve when the phone rings,” their joint statement read.
Also, the CRTC approved the establishment of the Canadian Secure Token Governance Authority (CSTGA) as Governance Authority as part of the deployment of the/SHAKEN framework in Canada.
And the CLNPC, which had been appointed in 1997, to facilitate the implementation and oversight to deliver local number portability services to Canadian carriers will assume the role of CCA (Canadian Certificate Administrator) on behalf of the industry.
With all these parts in place, Canada is slowly getting the tools to combat ID Spoofing. It should be noted that this methodology only applies on IP networks and that a lot of Canadian networks are still operating using legacy switch technology which does not support the STIR/SHAKEN framework. But as companies upgrade their networks, the majority will soon support STIR/SHAKEN.
Of the 70,000 to 90,000 complaints it receives about nuisance calls, the CRTC estimates that approximately 40% to 50 % of the calls/complaints are of spoofed numbers.
We have asked the CRTC what this means to Bell’s request to trial an artificial intelligence means to track and stop such calls, but have not yet received an answer.
[Update: According to a news release issued by Comcast this afternoon, CRTC chair Ian Scott and U.S. FCC chair Ajit Pai completed the first-of-their-kind, end-to-end international authenticated calls using the STIR/SHAKEN protocol using Comcast Xfinity Voice and Telus wireless phone services. Comcast has previously exchanged authenticated calls using the STIR/SHAKEN protocol domestically in the U.S. with service providers AT&T and T-Mobile. The fully authenticated calls today between Chair Scott and Chair Pai, involving two voice providers from different countries, illustrate the possibility of extending the benefits of STIR/SHAKEN to international calls, which could help protect consumers from the large number of fraudulent spoofed robocalls that originate from overseas, Comcast said in its release.]
[Update #2: Chair Scott and Chair Pai issued a joint statement after their phone call: "Spoofed, scam robocalls are an international problem. Both Americans and Canadians are being bombarded by these calls, which are too often used to defraud consumers and target some of our most vulnerable communities. That's why the FCC and CRTC are committed to combating robocalls by aggressively attacking the use of caller ID spoofing," they said.
"This call between the chairs of the FCC and CRTC demonstrates our joint commitment to the fight against spoofed calls and our focus on protecting Canadian and American consumers. Spoofing is a challenge that requires broad cooperation and engagement, both domestically and internationally, from many partners including the telecommunications industry. The timely implementation of STIR/SHAKEN will enhance the security of American and Canadian consumers and give them the peace of mind they demand and deserve when the phone rings.
"We look forward to continuing to collaborate as we work to combat the scourge of unwanted robocalls," they concluded.]
[Update #3: In a Telus news release this afternoon, the company’s vice-president of voice and services development operations, Jerome Birot, was quoted as saying: “We are very pleased to support the CRTC with this demonstration. Telus is committed to working with our industry partners to find solutions to reduce the frustration Canadians are feeling with nuisance calls.”]
Photo of the call with Pai borrowed from the CRTC Twitter account.
