If you've ever been interrupted by a robocall, you’re not alone in your frustration. According to a 2019 Federal Communications Commission (FCC) study, robocalls make up roughly half of all calls placed in the United States. And, according to Robokiller estimates, the frequency of spam calls has only increased in recent years.
Whether you're getting a call inquiring about your car's nonexistent warranty or an offer for a “free cruise” that’s too good to be true, robocalls are a constant problem. Thankfully, the federal government has taken notice. Among the steps they've taken to help combat this issue is the TRACED Act.
Formally referred to as the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, the TRACED Act is designed to put the onus on voice service providers to implement call authentication technologies and empower the FCC to deter and combat robocalls. Enacted in December 2019, the TRACED Act is by any measure one of the most critical efforts to date in the battle against robocalls.
The TRACED Act is actually an amendment to a much older law, the Telephone Consumer Protection Act of 1991, or TCPA for short. Even though robocalls weren't nearly as big of an issue then as they are now, they were still a nuisance. The TRACED Act took all the provisions that were put in place in the TCPA and updated them for an era where smartphones have become a ubiquitous part of our lives.
One major goal of the TRACED Act was to afford the FCC greater power to fight robocalls. Penalties for noncompliance were are more severe than they were and phone phone companies are now responsible for doing everything in their power to fight illegal calls.
The TRACED Act includes several conditions, notably:
These are just a few of the ways the TRACED Act is designed to address robocalls head-on. As time goes on, new measures will likely be developed — something that is especially important as technology continues to advance.
To gain a better understanding of exactly what the TRACED Act is supposed to do in practice, it’s important to understand the basics of the STIR/SHAKEN authentication framework, a set of protocols designed to reduce illegal robocalls.
Keep in mind that robocalls in the United States (and globally) are a major issue. In fact, the FCC receives more complaints in a given year about this topic than they do about anything else. Not only that, but billions of robocalls reach smartphones every month. Given these facts, it should come as no surprise that the FCC is taking the problem very seriously.
In 2016, the FCC created what they called at the time the “Robocall Strike Force,” a collection of industry professionals who worked to determine how spam callers were getting through in such high volumes as well as how to detect, filter, and prevent these unwanted calls. Eventually, the FCC announced STIR/SHAKEN, a series of digital certificates based on common public-key cryptography techniques designed to help ensure that any number making a telephone call is secure.
From the perspective of a person receiving a phone call on their smartphone, the framework works like this:
The theory is that, based on this information, you can make a more informed decision about what you want to do next. A few of the options you can take include:
In other words, STIR/SHAKEN provides people with as much information as possible so they can decide what to do about calls from numbers they don't recognize. This is an added layer of security that wasn’t available before the framework’s implementation.
For it to work as intended, all phone carriers need to implement this protocol. Sometimes, this involves making major modifications to an existing infrastructure — some carriers may not have the technology in place necessary for STIR/SHAKEN to work to begin with. This costs time and money to execute, as well as an investment in long-term innovations. Bringing these innovations to customers who live in rural areas has been a particularly tricky goal to accomplish.
Meanwhile, The TRACED Act entered the conversation in 2019 when it was signed into law by then-President Trump. Experts agreed that it was one of the most important pieces of robocall legislation in history.
Essentially, the TRACED Act builds upon the larger goals of the STIR/SHAKEN framework by mandating that carriers implement call authentication technologies like those outlined above. If they don't, they could face potentially costly penalties for non-compliance. We saw this in November 2022 when the FCC removed Global UC from the Robocall Mitigation Database for failing to protect consumers against robocalls and malicious caller ID spoofing. So, if STIR/SHAKEN trusted carriers to do the right thing by providing these types of services to their users, the TRACED Act takes things one step further by mandating that they do so — or else.
A lot of the FCC’s action stems from the fact that, for years, carriers around the world have been criticized for not doing enough to stop robocalls. Things got to the point where the government — not just of the United States, but also in other countries like Canada — had to step in. The TRACED Act is part of an expanding worldwide effort to solve a real crisis.
Although the TRACED Act will go a long way toward curbing robocalls, it’s not a "silver bullet" and should not be considered as such for a number of reasons.
For starters, the TRACED Act really only has power over robocalls that originate from the United States. The fact of the matter is, billions of these calls originate from outside the country. The FCC is limited in what it can do to stop robocalls that originate from beyond their jurisdiction. Although the FCC can say it will levy a fine against a caller originating from Europe, whether they're able to actually execute that fine is another matter entirely. In all likelihood, they can’t. The FCC can, however, turn off the gateway provider that allowed that traffic into the country.
Not only that, but robocalls based in the United States aren't likely to stop either. Think about the potential profit someone with malicious intentions can accrue with a successful robocall. If they're able to trick someone into giving away their personal information, there’s no limit to the amount of financial damage they might cause. They can gain access to your credit card numbers, financial statements, and other critical documents. It's certainly a "big risk, big reward" situation, and while legislation like the TRACED Act will act as a deterrent for some, it will not stop others who are willing to skirt the FCC’s mandate.
Even technologies like STIR/SHAKEN have limitations. For instance, the framework doesn't prevent a robocall from reaching its intended recipient. Instead, it’s designed to give the recipient as much information as possible so that they can make an informed choice whether to accept or reject said call. Before that, it relies on good faith efforts by carriers to attest and sign off on calls as legitimate.
There are additional steps that robocallers take in their efforts that, as of right now, will not be avoided by anything in the STIR/SHAKEN framework or via the TRACED Act. Oftentimes robocallers claim to be from official government agencies, for example, like the IRS. This method of social engineering preys on someone's sense of fear — if you think the IRS is calling you, you may not act rationally or in your best interest. If that call gets through, you're just as likely to fall victim to it as you would have been had you not been warned that you were getting a spam call at all.
In addition, robocallers often spoof their telephone numbers to make it seem like they're calling from a local number. Even though someone is calling from halfway around the world, they can use technology to make it appear like they're calling from someplace very close to where you currently live. This automatically gives the call a sense of legitimacy, which increases the likelihood you’ll fall for the scam.
The TRACED Act itself helps consumers by providing them with not only a caller's name but also (generally) their reason for calling. Not only is this a way to stop spam messages, but it also allows people to fully understand the type of situation that many face on a daily basis. Armed with this data, they can make more informed decisions regarding which calls they answer and which ones to avoid.
All told, however, the Pallone-Thune TRACED Act doesn’t solve every gap scammers can exploit. Other technologies like Robokiller are there to fill in the gaps.
Robokiller empowers you to block 99% of unwanted calls, so you can rest assured that even if scammers bypass legislative protocols you’ll be protected. In addition, the app provides helpful features like Answer Bots that can answer spam calls on your behalf. You can also create customized block and allow lists to ensure you get only the calls you want and none of the ones you don’t.
Bottom line, the TRACED Act is a step in the right direction, but robocalls remain a constant bother for just about everyone. But just as robocallers adopt modern technology to accomplish their goals, legislators and third-party apps like Robokiller work to stay ahead of them.
