[Congressional Bills 116th Congress]
[From the U.S. Government Publishing Office]
[H.R. 1602 Introduced in House (IH)]

<DOC>






116th CONGRESS
  1st Session
                                H. R. 1602

   To deter criminal robocall violations and improve enforcement of 
    section 227(b) of the Communications Act of 1934, and for other 
                               purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                             March 7, 2019

   Mr. Kustoff of Tennessee introduced the following bill; which was 
            referred to the Committee on Energy and Commerce

_______________________________________________________________________

                                 A BILL


 
   To deter criminal robocall violations and improve enforcement of 
    section 227(b) of the Communications Act of 1934, and for other 
                               purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Telephone Robocall Abuse Criminal 
Enforcement and Deterrence Act'' or the ``TRACED Act''.

SEC. 2. FORFEITURE.

    (a) In General.--Section 227 of the Communications Act of 1934 (47 
U.S.C. 227) is amended--
            (1) in subsection (b), by adding at the end the following:
            ``(4) Civil forfeiture.--
                    ``(A) In general.--Any person that is determined by 
                the Commission, in accordance with paragraph (3) or (4) 
                of section 503(b), to have violated any provision of 
                this subsection shall be liable to the United States 
                for a forfeiture penalty pursuant to section 503(b)(1). 
                The amount of the forfeiture penalty determined under 
                this subparagraph shall be determined in accordance 
                with subparagraphs (A) through (F) of section 
                503(b)(2).
                    ``(B) Violation with intent.--Any person that is 
                determined by the Commission, in accordance with 
                paragraph (3) or (4) of section 503(b), to have 
                violated this subsection with the intent to cause such 
                violation shall be liable to the United States for a 
                forfeiture penalty. The amount of the forfeiture 
                penalty determined under this subparagraph shall be 
                equal to an amount determined in accordance with 
                subparagraphs (A) through (F) of section 503(b)(2) plus 
                an additional penalty not to exceed $10,000.
                    ``(C) Recovery.--Any forfeiture penalty determined 
                under subparagraph (A) or (B) shall be recoverable 
                under section 504(a).
                    ``(D) Procedure.--No forfeiture liability shall be 
                determined under subparagraph (A) or (B) against any 
                person unless such person receives the notice required 
                by paragraph (3) or (4) of section 503(b).
                    ``(E) Statute of limitations.--No forfeiture 
                penalty shall be determined or imposed against any 
                person--
                            ``(i) under subparagraph (A) if the 
                        violation charged occurred more than 1 year 
                        prior to the date of issuance of the required 
                        notice or notice of apparent liability; and
                            ``(ii) under subparagraph (B) if the 
                        violation charged occurred more than 3 years 
                        prior to the date of issuance of the required 
                        notice or notice of apparent liability.
                    ``(F) Rule of construction.--Notwithstanding any 
                law to the contrary, the Commission may not determine 
                or impose a forfeiture penalty on a person under both 
                subparagraphs (A) and (B) based on the same conduct.''; 
                and
            (2) by striking subsection (h).
    (b) Applicability.--The amendments made by this section shall not 
affect any action or proceeding commenced before and pending on the 
date of enactment of this Act.
    (c) Deadline for Regulations.--The Federal Communications 
Commission shall prescribe regulations to implement the amendments made 
by this section not later than 270 days after the date of enactment of 
this Act.

SEC. 3. CALL AUTHENTICATION.

    (a) Definitions.--In this section:
            (1) STIR/SHAKEN authentication framework.--The term ``STIR/
        SHAKEN authentication framework'' means the secure telephone 
        identity revisited and signature-based handling of asserted 
        information using tokens standards proposed by the information 
        and communications technology industry to attach a certificate 
        of authenticity to each phone to verify the source of each 
        call.
            (2) Voice service.--The term ``voice service''--
                    (A) means any service that is interconnected with 
                the public switched telephone network and that 
                furnishes voice communications to an end user using 
                resources from the North American Numbering Plan or any 
                successor to the North American Numbering Plan adopted 
                by the Commission under section 251(e)(1) of the 
                Communications Act of 1934 (47 U.S.C. 251(e)(1)); and
                    (B) includes--
                            (i) transmissions from a telephone 
                        facsimile machine, computer, or other device to 
                        a telephone facsimile machine; and
                            (ii) without limitation, any service that 
                        enables real-time, two-way voice 
                        communications, including any service that 
                        requires internet protocol-compatible customer 
                        premises equipment (commonly known as ``CPE'') 
                        and permits out-bound calling, whether or not 
                        the service is one-way or two-way voice over 
                        internet protocol.
    (b) Authentication Framework.--
            (1) In general.--Subject to paragraphs (2) and (3), not 
        later than 18 months after the date of enactment of this Act, 
        the Federal Communications Commission shall require a provider 
        of voice service to implement the STIR/SHAKEN authentication 
        framework in the internet protocol networks of voice service 
        providers.
            (2) Implementation.--The Federal Communications Commission 
        shall not take the action described in paragraph (1) if the 
        Commission determines that a provider of voice service, not 
        later than 12 months after the date of enactment of this Act--
                    (A) has adopted the STIR/SHAKEN authentication 
                framework for calls on the internet protocol networks 
                of voice service providers;
                    (B) has agreed voluntarily to participate with 
                other providers of voice service in the STIR/SHAKEN 
                authentication framework;
                    (C) has begun to implement the STIR/SHAKEN 
                authentication framework; and
                    (D) will be capable of fully implementing the STIR/
                SHAKEN authentication framework not later than 18 
                months after the date of enactment of this Act.
            (3) Implementation report.--Not later than 12 months after 
        the date of enactment of this Act, the Federal Communications 
        Commission shall submit to the Committee on Commerce, Science, 
        and Transportation of the Senate and the Committee on Energy 
        and Commerce of the House of Representatives a report on the 
        determination required under paragraph (2), which shall 
        include--
                    (A) an analysis of the extent to which providers of 
                a voice service have implemented the STIR/SHAKEN 
                authentication framework; and
                    (B) an assessment of the efficacy of the STIR/
                SHAKEN authentication framework, as being implemented 
                under this section, in addressing all aspects of call 
                authentication.
            (4) Review and revision or replacement.--Not later than 3 
        years after the date of enactment of this Act, and every 3 
        years thereafter, the Federal Communications Commission, after 
        public notice and an opportunity for comment, shall--
                    (A) assess the efficacy of the call authentication 
                framework implemented under this section;
                    (B) based on the assessment under subparagraph (A), 
                revise or replace the call authentication framework 
                under this section if the Commission determines it is 
                in the public interest to do so; and
                    (C) submit to the Committee on Commerce, Science, 
                and Transportation of the Senate and the Committee on 
                Energy and Commerce of the House of Representatives a 
                report on the findings of the assessment under 
                subparagraph (A) and on any actions to revise or 
                replace the call authentication framework under 
                subparagraph (B).
            (5) Extension of implementation deadline.--The Federal 
        Communications Commission may extend any deadline for the 
        implementation of a call authentication framework required 
        under this section by 12 months or such further amount of time 
        as the Commission determines necessary if the Commission 
        determines that purchasing or upgrading equipment to support 
        call authentication would constitute a substantial hardship for 
        a provider or category of providers.
    (c) Safe Harbor and Other Regulations.--
            (1) In general.--The Federal Communications Commission 
        shall promulgate rules--
                    (A) establishing when a provider of voice service 
                may block a voice call based, in whole or in part, on 
                information provided by the call authentication 
                framework under subsection (b);
                    (B) establishing a safe harbor for a provider of 
                voice service from liability for unintended or 
                inadvertent blocking of calls or for the unintended or 
                inadvertent misidentification of the level of trust for 
                individual calls based, in whole or in part, on 
                information provided by the call authentication 
                framework under subsection (b); and
                    (C) establishing a process to permit a calling 
                party adversely affected by the information provided by 
                the call authentication framework under subsection (b) 
                to verify the authenticity of the calling party's 
                calls.
            (2) Considerations.--In establishing the safe harbor under 
        paragraph (1), the Federal Communications Commission shall 
        consider limiting the liability of a provider based on the 
        extent to which the provider--
                    (A) blocks or identifies calls based, in whole or 
                in part, on the information provided by the call 
                authentication framework under subsection (b);
                    (B) implemented procedures based, in whole or in 
                part, on the information provided by the call 
                authentication framework under subsection (b); and
                    (C) used reasonable care.
    (d) Rule of Construction.--Nothing in this section shall preclude 
the Federal Communications Commission from initiating a rulemaking 
pursuant to its existing statutory authority.

SEC. 4. PROTECTIONS FROM SPOOFED CALLS.

    (a) In General.--Not later than 1 year after the date of enactment 
of this Act, and consistent with the call authentication framework 
under section 3, the Federal Communications Commission shall initiate a 
rulemaking to help protect a subscriber from receiving unwanted calls 
or text messages from a caller using an unauthenticated number.
    (b) Considerations.--In promulgating rules under subsection (a), 
the Federal Communications Commission shall consider--
            (1) the Government Accountability Office report on 
        combating the fraudulent provision of misleading or inaccurate 
        caller identification required by section 503(c) of division P 
        of the Consolidated Appropriations Act, 2018 (Public Law 115-
        141);
            (2) the best means of ensuring that a subscriber or 
        provider has the ability to block calls from a caller using an 
        unauthenticated North American Numbering Plan number;
            (3) the impact on the privacy of a subscriber from 
        unauthenticated calls;
            (4) the effectiveness in verifying the accuracy of caller 
        identification information; and
            (5) the availability and cost of providing protection from 
        the unwanted calls or text messages described in subsection 
        (a).

SEC. 5. INTERAGENCY WORKING GROUP.

    (a) In General.--The Attorney General, in consultation with the 
Chairman of the Federal Communications Commission, shall convene an 
interagency working group to study Government prosecution of violations 
of section 227(b) of the Communications Act of 1934 (47 U.S.C. 227(b)).
    (b) Duties.--In carrying out the study under subsection (a), the 
interagency working group shall--
            (1) determine whether, and if so how, any Federal laws, 
        including regulations, policies, and practices, or budgetary or 
        jurisdictional constraints inhibit the prosecution of such 
        violations;
            (2) identify existing and potential Federal policies and 
        programs that encourage and improve coordination among Federal 
        departments and agencies and States, and between States, in the 
        prevention and prosecution of such violations;
            (3) identify existing and potential international policies 
        and programs that encourage and improve coordination between 
        countries in the prevention and prosecution of such violations; 
        and
            (4) consider--
                    (A) the benefit and potential sources of additional 
                resources for the Federal prevention and prosecution of 
                criminal violations of that section;
                    (B) whether to establish memoranda of understanding 
                regarding the prevention and prosecution of such 
                violations between--
                            (i) the States;
                            (ii) the States and the Federal Government; 
                        and
                            (iii) the Federal Government and a foreign 
                        government;
                    (C) whether to establish a process to allow States 
                to request Federal subpoenas from the Federal 
                Communications Commission;
                    (D) whether extending civil enforcement authority 
                to the States would assist in the successful prevention 
                and prosecution of such violations;
                    (E) whether increased forfeiture and imprisonment 
                penalties are appropriate, such as extending 
                imprisonment for such a violation to a term longer than 
                2 years;
                    (F) whether regulation of any entity that enters 
                into a business arrangement with a common carrier 
                regulated under title II of the Communications Act of 
                1934 (47 U.S.C. 201 et seq.) for the specific purpose 
                of carrying, routing, or transmitting a call that 
                constitutes such a violation would assist in the 
                successful prevention and prosecution of such 
                violations; and
                    (G) the extent to which, if any, Department of 
                Justice policies to pursue the prosecution of 
                violations causing economic harm, physical danger, or 
                erosion of an inhabitant's peace of mind and sense of 
                security inhibits the prevention or prosecution of such 
                violations.
    (c) Members.--The interagency working group shall be composed of 
such representatives of Federal departments and agencies as the 
Attorney General considers appropriate, such as--
            (1) the Department of Commerce;
            (2) the Department of State;
            (3) the Department of Homeland Security;
            (4) the Federal Communications Commission;
            (5) the Federal Trade Commission; and
            (6) the Bureau of Consumer Financial Protection.
    (d) Non-Federal Stakeholders.--In carrying out the study under 
subsection (a), the interagency working group shall consult with such 
non-Federal stakeholders as the Attorney General determines have the 
relevant expertise, including the National Association of Attorneys 
General.
    (e) Report to Congress.--Not later than 270 days after the date of 
enactment of this Act, the interagency working group shall submit to 
the Committee on Commerce, Science, and Transportation of the Senate 
and the Committee on Energy and Commerce of the House of 
Representatives a report on the findings of the study under subsection 
(a), including--
            (1) any recommendations regarding the prevention and 
        prosecution of such violations; and
            (2) a description of what progress, if any, relevant 
        Federal departments and agencies have made in implementing the 
        recommendations under paragraph (1).

SEC. 6. ACCESS TO NUMBER RESOURCES.

    (a) In General.--
            (1) Examination of fcc policies.--Not later than 180 days 
        after the date of enactment of this Act, the Federal 
        Communications Commission shall commence a proceeding to 
        determine whether Federal Communications Commission policies 
        regarding access to number resources, including number 
        resources for toll-free and non-toll-free telephone numbers, 
        could be modified, including by establishing registration and 
        compliance obligations, to help reduce access to numbers by 
        potential perpetrators of violations of section 227(b) of the 
        Communications Act of 1934 (47 U.S.C. 227(b)).
            (2) Regulations.--If the Federal Communications Commission 
        determines under paragraph (1) that modifying the policies 
        described in that paragraph could help achieve the goal 
        described in that paragraph, the Commission shall prescribe 
        regulations to implement those policy modifications.
    (b) Authority.--Any person who knowingly, through an employee, 
agent, officer, or otherwise, directly or indirectly, by or through any 
means or device whatsoever, is a party to obtaining number resources, 
including number resources for toll-free and non-toll-free telephone 
numbers, from a common carrier regulated under title II of the 
Communications Act of 1934 (47 U.S.C. 201 et seq.), in violation of a 
regulation prescribed under subsection (a) of this section, shall, 
notwithstanding section 503(b)(5) of the Communications Act of 1934 (47 
U.S.C. 503(b)(5)), be subject to a forfeiture penalty under section 503 
of that Act. A forfeiture penalty under this subsection shall be in 
addition to any other penalty provided for by law.
                                 <all>