Consumer Security

House Passes Bill Outlawing Caller-ID Spoofing

Legislation dubbed the “Truth in Caller ID Act” passed the U.S. House of Representatives on Wednesday. The bill aims to prevent misrepresentation of the called-from number on voice calls through any channel.

Called “caller ID spoofing,” the practice involves using various types of software to insert a name and number perceived by a call recipient to be legitimate into the called-from field. In several high-profile instances, spoofing has led people to release sensitive information — such as Social Security and credit card numbers — to those who then use the information to commit identity theft.

“Last year, the New York City Police Department uncovered an identity theft ring using Caller ID Spoofing to victimize over 6,000 out of more than $15 million,” said U.S. Representative Eliot Engel, D-N.Y., who sponsored the legislation.

Good Chance at Passage

The House bill’s companion legislation, sponsored by Senator Bill Nelson, D-Fla., already has passed the U.S. Senate unanimously. Those two bills await their next procedural step, which is “informal conference to reconcile any differences,” Clint Odom, legislative counsel to Sen. Nelson, told the E-Commerce Times.

None of the differences are significant, he added.

The final version of the bill has a “good chance” of being signed into law, Joe O’Brien, spokesperson for Rep. Engel, told the E-Commerce Times.

Legitimate Exceptions

Most reasonable people can agree that the majority of cases in which people misrepresent themselves as other callers are nefarious. The Senate bill is aimed squarely at those instances, according to Odom.

Some businesses, such as credit collection agencies, have been responsible for abuses of telephone services in the past. Those situations are covered by other laws governing debt collection and consumer rights, Odom noted, and thus are not addressed in this bill.

Some circumstances, however, require that organizations intentionally substitute false information regarding their name or the number from which they are calling — for example, shelters for victims of domestic violence, explained O’Brien.

The bill also includes specific language allowing a law enforcement exception, stating that it “does does not prohibit lawfully authorized investigative, protective, or intelligence activity of a law enforcement agency.”

FCC at Helm

Ultimately, the rules required to implement the legislation will be written by the Federal Communications Commission (FCC), said Odom. Thus, specific issues such as channels of communication — e.g., VoIP versus traditional telephone lines — will be hashed out at that agency’s level.

However, the bill specifically prohibits spoofing regardless of the technology being used. Also up in the air is how the legislation would apply to universal communication services such as Google Voice. Google did not return calls from the E-Commerce Times by publication time.

The onus for observing the rules of the road will be on the caller, said O’Brien.

That is, abuses by even those agencies allowed to use spoofing technology will need to be brought forward by victims of the calls. For example, he noted, “if a cop decided to go over to the dark side,” and use the law enforcement exception illegitimately, the person receiving the call would be required to file a complaint to have the issue addressed.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories

E-Commerce Times Channels