https://commsrisk.com/fcc-threatens-to-disconnect-twilio-for-illegal-robocalls/ * Home * About * Contact * Advertising * Menu Item * Menu Item Commsrisk [mobileum-commsrisk-ad] * Risk, Fraud & Security * Assurance & Audit * Spam * Cold War 2 * Data & Analytics * Privacy & IP * Digital Money * Education * The Commsrisk Show Latest * 27 Jan 2023 | Engineer Arrested for Wiretapping Opponents of Former Mexico City Mayor * 26 Jan 2023 | FCC Threatens to Disconnect Twilio for Illegal Robocalls * 25 Jan 2023 | Ericsson Allocates $220mn for More Corruption Penalties * 24 Jan 2023 | 73% of IoT Device Manufacturers Do Not Comply with Imminent UK Security Rules * 23 Jan 2023 | How Bad Was the New T-Mobile API Data Breach? * 20 Jan 2023 | Why an Argument about Antisemitism May Prompt Change in Data Protection Enforcement * 19 Jan 2023 | Euro Police Shut Down Four Call Centers Selling Cryptocurrency Investment Scam * 18 Jan 2023 | Scattered Spider: New Cyber Attack Targets Telcos * 17 Jan 2023 | Will the US Government Finally Turn Against NSA Warrantless Comms Surveillance? * 16 Jan 2023 | 4 Ways Blockchains Will Help Communications Providers to Manage Their Risks Search for: [ ] [Search] > Nuisance & Spam FCC Threatens to Disconnect Twilio for Illegal Robocalls [phone-warning-message] [1Route-PartnerAd-101821] By Eric Priezkalns 26 Jan 2023 There are some journalists who orgasm each time the Federal Communications Commission (FCC), the US comms regulator, instructs a rinky dink telco to stop carrying illegal robocalls. That is because those journalists cannot tell (or do not care about) the difference between a substantial business and an ephemeral legal entity that could disappear tomorrow and be resurrected with a new name by the end of next week. The FCC has previously sent plenty of cease-and-desist letters about illegal robocalls to pissant telcos but this week the FCC did something different. For the first time, the FCC sent one of those robocall cease-and-desist letters to a big comms provider that really matters. Twilio is a communications-platform-as-a-service (CPaaS) business that is likely to generate over USD3.5bn of revenue during the current financial year. They received a letter much like other cease-and-desist letters from the FCC: stop the illegal robocalls within the next 48 hours, or be disconnected from the rest of the US comms system. We have determined that Twilio Inc. (Twilio) is apparently originating illegal robocall traffic on behalf of one or more of its clients. As explained further below, this letter provides notice of important legal obligations and steps Twilio must take to address this apparently illegal traffic. Twilio should investigate the identified traffic and take the steps described below, including blocking the traffic if necessary, and take steps to prevent Twilio's network from continuing to be a source of apparently illegal robocalls. Failure to comply with the steps outlined in this letter may result in downstream voice service providers blocking all of Twilio's traffic, permanently. It was the FCC's choice to use bold and italics to emphasize their point, as if Twilio's executives and lawyers might not otherwise understand the gravity of the situation. Twilio has almost 8,000 employees and a market capitalization of slightly over USD10bn at the time of writing. Mentioning the time of writing is important because Twilio's value dropped 6.8 percent yesterday, before rebounding a little. In other words, the company's value fell to USD9.74bn at one point during the day, after starting the day at USD10.46bn. Lots of other factors influence share price, and some big US tech stocks have fallen sharply over the course of last year, so it would be wrong to forecast any lasting impact. But the sudden disconnection of Twilio, with all the knock-on implications for other businesses that use Twilio to communicate with their customers, would not only cause a fire sale for Twilio's shares, but would also send shock waves through many layers of US commerce. The FCC must anticipate that there is almost zero risk of them needing to act upon their threat. Nevertheless, explicitly voicing the threat to a company of the scale of Twilio represents an unprecedented escalation in how they enforce anti-robocall rules. Twilio was given the standard period of 48 hours to halt the origination of the specific robocall campaign that prompted this campaign. They were also given 14 days to explain what new controls they have implemented that will prevent customers from using Twilio's service to originate robocalls in future. If after 48 hours Twilio continues to originate unlawful robocall traffic from the entities involved in this campaign, downstream U.S.-based voice service providers may begin blocking all calls from Twilio after notifying the Commission of their decision and providing a brief summary of their basis for making such a determination. Furthermore, if after 14 days, Twilio has not taken sufficient actions to prevent its network from continuing to be used to transmit illegal robocalls, then downstream U.S.-based providers may block calls following notice to the Commission. U.S.-based voice service providers may block ALL call traffic transmitting from Twilio's network if it fails to act within either deadline. The use of bold, italics AND capital letters reiterates the seriousness of the FCC's threat. However, a footnote softened the 14-day deadline by saying Twilio is "encouraged to reach out to the Commission before the deadline if it anticipates needing more time to execute this step". The illegal robocalls that triggered this action are similar in nature to most other high-volume nuisance marketing campaigns that plague US consumers. The calls were instigated by a business called MV Realty which is already being sued by prosecutors in several different states. Per the FCC's news release: According to lawsuits from the Attorneys General of Florida, Massachusetts, and Pennsylvania, real estate brokerage firm MV Realty used misleading robocalls to "swindle" and "scam" residents into mortgaging their homes in exchange for small cash payments. The FCC wisely focused their public message on the need to protect homeowners from mortgage scams. They have little to gain by referring to Twilio, which is a brand that will be unknown to most consumers. The average phone user only recognizes the name of comms providers they deal with directly, and has no knowledge of the all the other companies that provide the plumbing for telephony and the internet. However, industry insiders should notice how the FCC blamed Twilio for having inadequate know your customer (KYC) procedures. FCC Enforcement Bureau Chief Loyaan Egal stated: 'Know Your Customer' (KYC) principles should be at the forefront of all communications service providers' business practices. It is concerning to see such a large provider allowing this kind of traffic on its networks. I hope and expect Twilio to immediately cease and desist. There is an element of theater that surrounds this enforcement action which leads me to believe Twilio already knew they were going to receive this letter. The illegal MV Realty calls were made between May and December of 2022. Twilio was contacted as part of an investigation led by the US industry's traceback group. Per the cease-and-desist letter: The Traceback Consortium conducted tracebacks and determined that Twilio was originating apparently unlawful robocalls on behalf of MV Realty through its dialing provider PhoneBurner. The Traceback Consortium notified Twilio of these calls and provided access to supporting data identifying each call... Twilio told the Traceback Consortium that PhoneBurner had obtained called parties' consent for the robocalls. Neither Twilio nor PhoneBurner provided the Traceback Consortium with evidence of consent. So whilst the 48-hour and 14-day deadlines sound abrupt, and the threat of disconnection cannot be taken lightly, any competent comms provider should have anticipated the risk of a cease-and-desist letter from the FCC. I believe this action is a way for the FCC to signal an important change of focus without them publicly losing face. Instead of a lot of jibber jabber about STIR/SHAKEN being used to authenticate calls, or how much foreign telcos are to blame for everything, the FCC has seemingly realized that the only way to get an immediate reduction in illegal robocalls is to pressure US comms providers into imposing strict know your customer requirements for the first time. The FCC needs to get tough about KYC because many comms providers will prefer lax KYC standards to voluntarily turning away customers. I have often criticized the FCC for adopting a misguided approach to tackling illegal robocalls, but insisting upon robust KYC is the right priority. Now they must follow through by genuinely punishing those big businesses which continue to provide criminals with access to the comms ecosystem. The FCC's cease-and-desist letter to Twilio can be found here and the press release explaining how the FCC responded to MV Realty's robocalls is available here. Share this: * Click to share on Twitter (Opens in new window) * Click to share on LinkedIn (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Pinterest (Opens in new window) * [BluGem-2022-April-777x120-CommsRisk-Advert] About the Author Eric Priezkalns Eric Priezkalns Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric. Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers. Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T-Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy. Related Articles [twitter-ban-block-prohib] Twitter Blocked Big Telcos in India, Russia and Indonesia in Vain Bid to Reduce Bots --------------------------------------------------------------------- [no-money-empty-pocket-po] More Enormous Fines Proposed for Robocallers Who Never Paid Their Previous Fines --------------------------------------------------------------------- [surprise-phone-180x101] Swipe Left to Sue Robocallers: Is This App a Scam? --------------------------------------------------------------------- [SIM_cards-180x101] Digicel Wins $10mn Damages from UPM in Simbox Fraud Trial --------------------------------------------------------------------- [Subex_RA_to_BA_banner] Latest Stories on Commsrisk [Jorge-N-arrested-alleged] Engineer Arrested for Wiretapping Opponents of Former Mexico City Mayor --------------------------------------------------------------------- [phone-warning-message-18] FCC Threatens to Disconnect Twilio for Illegal Robocalls --------------------------------------------------------------------- [Ericsson_HQ_Sweden-180x1] Ericsson Allocates $220mn for More Corruption Penalties --------------------------------------------------------------------- [State-of-VDP-Usage-in-Gl] 73% of IoT Device Manufacturers Do Not Comply with Imminent UK Security Rules --------------------------------------------------------------------- --------------------------------------------------------------------- [T-Mobile-sign-store-180x] How Bad Was the New T-Mobile API Data Breach? --------------------------------------------------------------------- [Keir_Starmer_Labour-180x] Why an Argument about Antisemitism May Prompt Change in Data Protection Enforcement --------------------------------------------------------------------- [arrest-handcuffs-180x101] Euro Police Shut Down Four Call Centers Selling Cryptocurrency Investment Scam --------------------------------------------------------------------- [robot-mechanical-spider-] Scattered Spider: New Cyber Attack Targets Telcos --------------------------------------------------------------------- --------------------------------------------------------------------- [General-Paul-Nakasone-18] Will the US Government Finally Turn Against NSA Warrantless Comms Surveillance? --------------------------------------------------------------------- [blockchain-visual-repres] 4 Ways Blockchains Will Help Communications Providers to Manage Their Risks --------------------------------------------------------------------- [Thai-police-raid-telecom] Thai Police Cut Internet Cables Used by Cambodian Scammers --------------------------------------------------------------------- [Elon-Musk-180x101] Elon Musk Says Twitter Lost $60mn a Year Because 390 Telcos Used Bot Accounts to Pump A2P SMS --------------------------------------------------------------------- --------------------------------------------------------------------- Commsrisk on Twitter Tweets from @commsrisk Receive Weekly Newsletters by Email Email address: [ ] First Name:[ ] Last Name:[ ] [Click here to subscribe] Leave this field empty if you're human: [ ] [INFORM_CommsRisk_Banner_1_23] Archives * >2023 (20) + >January (20) * >2022 (260) + >December (22) + >November (22) + >October (21) + >September (22) + >August (23) + >July (21) + >June (22) + >May (22) + >April (21) + >March (23) + >February (20) + >January (21) * >2021 (262) + >December (23) + >November (22) + >October (21) + >September (22) + >August (22) + >July (22) + >June (23) + >May (21) + >April (22) + >March (23) + >February (20) + >January (21) * >2020 (262) + >December (23) + >November (21) + >October (22) + >September (22) + >August (21) + >July (23) + >June (22) + >May (21) + >April (22) + >March (22) + >February (20) + >January (23) * >2019 (261) + >December (22) + >November (21) + >October (23) + >September (21) + >August (22) + >July (23) + >June (20) + >May (23) + >April (22) + >March (21) + >February (20) + >January (23) * >2018 (261) + >December (21) + >November (22) + >October (23) + >September (20) + >August (23) + >July (22) + >June (21) + >May (23) + >April (21) + >March (22) + >February (20) + >January (23) * >2017 (260) + >December (21) + >November (22) + >October (22) + >September (21) + >August (23) + >July (21) + >June (22) + >May (23) + >April (20) + >March (23) + >February (20) + >January (22) * >2016 (271) + >December (22) + >November (22) + >October (22) + >September (24) + >August (24) + >July (21) + >June (24) + >May (23) + >April (21) + >March (25) + >February (22) + >January (21) * >2015 (240) + >December (23) + >November (25) + >October (22) + >September (22) + >August (22) + >July (23) + >June (22) + >May (22) + >April (22) + >March (25) + >February (7) + >January (5) * >2014 (87) + >December (10) + >November (8) + >October (8) + >September (5) + >August (5) + >July (5) + >June (7) + >May (8) + >April (7) + >March (8) + >February (7) + >January (9) * >2013 (100) + >December (9) + >November (8) + >October (5) + >September (10) + >August (8) + >July (12) + >June (10) + >May (8) + >April (7) + >March (8) + >February (8) + >January (7) * >2012 (108) + >December (7) + >November (10) + >October (7) + >September (9) + >August (8) + >July (9) + >June (10) + >May (10) + >April (13) + >March (11) + >February (9) + >January (5) * >2011 (132) + >December (7) + >November (12) + >October (10) + >September (11) + >August (18) + >July (12) + >June (11) + >May (12) + >April (12) + >March (12) + >February (7) + >January (8) * >2010 (95) + >December (6) + >November (7) + >October (5) + >September (5) + >August (5) + >July (9) + >June (5) + >May (16) + >April (11) + >March (11) + >February (8) + >January (7) * >2009 (86) + >December (5) + >November (6) + >October (8) + >September (7) + >August (8) + >July (6) + >June (6) + >May (8) + >April (11) + >March (7) + >February (6) + >January (8) * >2008 (168) + >December (11) + >November (13) + >October (22) + >September (22) + >August (20) + >July (13) + >June (12) + >May (11) + >April (12) + >March (9) + >February (11) + >January (12) * >2007 (144) + >December (11) + >November (9) + >October (16) + >September (14) + >August (16) + >July (16) + >June (10) + >May (10) + >April (9) + >March (12) + >February (11) + >January (10) * >2006 (38) + >December (16) + >November (17) + >October (5) * Editor * Eric Priezkalns Eric Priezkalns Leading Contributors * Joseph Nderitu Joseph Nderitu * Michael Lazarou Michael Lazarou * David Morrow David Morrow * Marianne Curphey Marianne Curphey * Lee Scargall Lee Scargall * Dan Baker Dan Baker Recent Posts * Engineer Arrested for Wiretapping Opponents of Former Mexico City Mayor * FCC Threatens to Disconnect Twilio for Illegal Robocalls * Ericsson Allocates $220mn for More Corruption Penalties * 73% of IoT Device Manufacturers Do Not Comply with Imminent UK Security Rules * How Bad Was the New T-Mobile API Data Breach? * Why an Argument about Antisemitism May Prompt Change in Data Protection Enforcement * Euro Police Shut Down Four Call Centers Selling Cryptocurrency Investment Scam * Scattered Spider: New Cyber Attack Targets Telcos * Will the US Government Finally Turn Against NSA Warrantless Comms Surveillance? * 4 Ways Blockchains Will Help Communications Providers to Manage Their Risks * Thai Police Cut Internet Cables Used by Cambodian Scammers * Elon Musk Says Twitter Lost $60mn a Year Because 390 Telcos Used Bot Accounts to Pump A2P SMS * Home * About * Contact * Advertising Articles copyright (c) the author, all else copyright (c) Revenue Protect Limited We use cookies to remember repeat visits to this website. Click "accept" to give consent or "settings" to avoid non-essential cookies. . Cookie settingsACCEPT Manage consent Close Privacy Overview This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience. Necessary [*] Necessary Always Enabled Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information. Non-necessary [*] Non-necessary Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website. SAVE & ACCEPT