[Federal Register Volume 86, Number 182 (Thursday, September 23, 2021)]
[Rules and Regulations]
[Pages 52840-52843]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-14711]


=======================================================================
-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION

47 CFR Parts 0 and 64

[EB Docket No. 20-374; FCC 21-75; FR ID 36061]


Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and 
Deterrence Act (TRACED Act)

AGENCY: Federal Communications Commission.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: In this document, the Federal Communications Commission 
(Commission) adopts rules to implement the Pallone-Thune Telephone 
Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act) to 
streamline the process by which private entities may submit information 
to the Commission about violations of the Communications Act.

DATES: Effective October 25, 2021.

FOR FURTHER INFORMATION CONTACT: For further information, contact 
Daniel Stepanicich, Attorney, Telecommunications Consumers Division, 
Enforcement Bureau, at (202) 418-7451 or [email protected].

SUPPLEMENTARY INFORMATION: This is a summary of the Commission's Report 
and Order, in EB Docket No. 20-374, FCC-21-75, adopted and released on 
June 17, 2021. The full text of this document is available for public 
inspection online at https://ecfsapi.fcc.gov/file/06171386503472/FCC-21-75A3.pdf. To request this document in accessible formats for people 
with disabilities (e.g., Braille, large print, electronic files, audio 
format, etc.) or to request reasonable accommodations (e.g., accessible 
format documents, sign language interpreters, CART, etc.), send an 
email to [email protected] or call the FCC's Consumer and Governmental 
Affairs Bureau at (202) 418-0530 (voice), (202) 418-0432 (TTY).

Synopsis

    1. This Report and Order establishes a streamlined process for 
private entities to submit information about unlawful, unwanted calls. 
In the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and 
Deterrence Act (TRACED Act), Congress directed the Commission to 
establish regulations to create a process that ``streamlines the ways 
in which a private entity may voluntarily share with the Commission 
information relating to'' a call or text message that violates 
prohibitions regarding robocalls or spoofing set forth section 227(b) 
and 227(e) of the Communications Act of 1934, as amended. We adopt 
rules to establish an online web portal where private entities may 
submit information about suspected violations of sections 227(b) and 
227(e). The Commission's Enforcement Bureau (Bureau) will monitor the 
portal.
    2. Section 227 of the Communications Act of 1934, as amended (the 
Communications Act), is designed to protect consumers from unlawful 
robocalls. Sections 227(b), (c), and (d) impose specific requirements 
on telemarketing and prerecorded voice message calls to give consumers 
the ability to know who is calling and to control the calls they 
receive. Section 227(e) prohibits unlawful spoofing--the transmission 
of misleading or inaccurate caller ID information with the intent to 
defraud, cause harm, or wrongfully obtain anything of value. The 
Commission vigorously enforces violations of section 227.
    3. The Commission has a well-established process for individual 
consumers to submit complaints about unwanted and suspected illegal 
robocalls and spoofed calls: The Commission's informal consumer 
complaint process, which the Consumer and Governmental Affairs Bureau 
oversees. We also have a process for obtaining information from certain 
public entities: Federal and state law enforcement agencies routinely 
coordinate with the Enforcement Bureau about robocall and caller ID 
spoofing enforcement and mitigation efforts. In addition, public 
entities often contact Enforcement Bureau staff directly about 
robocalling and spoofing matters. Against that background, Congress 
directed the Commission to develop a streamlined process for private 
entities to submit robocall information to the Commission.
    4. Timely and thorough information from private entities is crucial 
to enable the Commission to mitigate illegal robocall incidents and 
bring swift enforcement actions. Our past robocall enforcement actions 
have relied extensively upon information from private entities. For 
example, in two enforcement actions, a medical paging company was a key 
source; it informed the Bureau that the paging company's phone lines 
were being bombarded by spoofed robocalls. Another enforcement action 
relied extensively on information from an industry group, the 
USTelecom's Industry Traceback Group (Traceback Group).
    5. The TRACED Act directs the Commission no later than June 30, 
2021 to ``prescribe regulations to establish a process that streamlines 
the ways in which a private entity may voluntarily share with the 
Commission information relating'' to violations of section 227(b) or 
227(e) of the Communications Act. We released a Notice of Proposed 
Rulemaking (NPRM) on December 8, 2020, proposing to establish a 
streamlined process for private entities to submit information about 
robocall violations to the Commission. CTIA, SAFE Credit Union (SAFE), 
Twilio, Inc., and USTelecom-The Broadband Association (USTelecom) filed 
comments.
    6. We amend our rules to establish a streamlined process for 
private entities to submit information about violations of Sections 
227(b) and 227(e) of the Act to the Commission. To achieve this 
objective, we direct the Enforcement Bureau to create and monitor an 
online portal located on the Commission

[[Page 52841]]

website. We anticipate that this portal will be particularly useful to 
private entities experiencing large scale robocall incidents and voice 
service providers that have network analytic information. This robocall 
``tip'' line will provide a streamlined process for reporting potential 
violations, and will enable the Enforcement Bureau to respond quickly 
to disruptive robocalling events.
    7. Definition of Private Entity. We define ``private entity'' as 
any entity other than (1) an individual natural person or (2) a public 
entity. In the NPRM, we proposed to include individuals in the 
definition of ``private entity'' but sought comment on the proposed 
interpretation, and whether there was a basis for a different 
interpretation of the term. Commenters suggested that the Commission 
consolidate the new portal and its existing informal consumer complaint 
process, which the Consumer and Governmental Affairs Bureau 
administers, or better distinguish the two processes by defining 
``private entity'' to exclude consumers. Commenters were concerned that 
the definition proposed in the NPRM would create consumer confusion and 
duplicate existing Commission robocall information collection efforts.
    8. We agree with the commenters and therefore exclude individual 
natural persons from the definition of private entity. First, we find 
that interpreting the term to exclude individual consumers from the 
definition of private entity is consistent with Congress's other uses 
of that term and similar terms. Congress did not define ``private 
entity'' in the TRACED Act. Elsewhere in the Communications Act, 
however, Congress used the term ``person'' to include individuals and 
organizational entities. Thus, if Congress had intended to include 
individuals, we presume that it would have used the term ``person.'' 
Moreover, in other statutes the term ``private entity'' is often used 
to refer to organizations rather than individuals. Black's Law 
Dictionary defines ``entity'' as ``[a]n organization (such as a 
business or a governmental unit) that has a legal identity apart from 
its members or owners.'' Second, we find that, as a policy matter, we 
should exclude individuals from the definition of private entity as the 
term is used in section 10(a) of the TRACED Act. We agree with 
commenters that including individuals within the definition of private 
entity would undermine the intent of the statute to streamline 
information collection about robocalls and spoofed calls, and would 
create confusion for consumers about whether to use the existing 
informal complaint process or the new portal, or both. Consumers are 
already served by the existing informal complaint intake process, and 
the TRACED Act gives no indication that Congress intended to upset or 
replace that process. Third, consumers will not be adversely affected 
by our decision to exclude them from the definition of private entity. 
If an individual consumer mistakenly files a complaint with the new 
portal, the Bureau will forward the complaint to the Consumer and 
Governmental Affairs Bureau.
    9. We also clarify that a ``public entity'' is any governmental 
organization at the federal, state, or local level. This definition is 
consistent with common usage. Black's Law Dictionary defines ``public 
entity'' as ``a governmental entity, such as a state government or one 
of its political subdivisions.'' At least one statute, the Americans 
with Disabilities Act, defines public entity as any state or local 
government and ``any department, agency, special purpose district, or 
other instrumentality of a State or States or local government.''
    10. Streamlined Process. The rules we adopt today create a 
streamlined process by which a private entity may submit information 
about suspected robocall and spoofing violations directly to the Bureau 
via an online portal located on the FCC website. We interpret section 
10(a) of the TRACED Act to encompass ``suspected'' or ``alleged'' 
violations of section 227(b) or section 227(e) as the most natural 
reading the of the statute. A private entity cannot determine whether a 
call violated the TCPA or the Truth in Caller ID Act--this 
determination is left to the Commission, an action brought by state law 
enforcement, or a judicial outcome from a private right of action. 
Thus, a private entity is only in a position to provide information 
about calls that it suspects are violations of the law. The portal will 
request private entities to submit certain minimum information 
including, but not necessarily limited to, the name of the reporting 
private entity, contact information, including at least one individual 
name and means of contacting the entity (e.g., a phone number), the 
caller ID information displayed, the phone number(s) called, the 
date(s) and time(s) of the relevant calls or texts, the name of the 
reporting private entity's service provider, and a description of the 
problematic calls or texts. Although the portal will not reject 
submissions that fail to include the above information, such failure 
will make it more difficult for the Bureau to investigate fully and 
take appropriate enforcement action. Once submitted, the Bureau will 
review to determine whether the information presents evidence of a 
violation of our rules.
    11. We agree with comments expressing the importance of vetting 
submitted information and protecting confidentiality. The Bureau will 
review information submitted through the portal to assess violations of 
the rules in the same manner that it reviews information submitted to 
the Commission through other means. All persons are required to submit 
truthful and accurate statements to the Commission. To protect law 
enforcement methods and techniques, we decline to adopt SAFE Credit 
Union's suggestion to detail the exact steps and criteria that the 
Bureau will use to evaluate the information submitted. Furthermore, we 
agree with commenters that the Bureau should protect the 
confidentiality of information submitted through the portal, especially 
because the data may include personally identifiable information or 
customer proprietary network information. Consistent with these privacy 
protections, however, the Bureau may share information gathered from 
the portal with other government agencies combatting robocalls. To the 
extent allowed by the Privacy Act of 1974 and our rules, the portal 
will clearly state that the Bureau may share submitted information with 
the Department of Justice, Federal Trade Commission, other federal 
agencies combatting robocalls, state attorney general offices, other 
law enforcement entities with which the Commission has information 
sharing agreements, and the registered traceback consortium.
    12. The purpose of the portal is to provide private entities a 
streamlined method to submit information to the Bureau about suspected 
robocall or spoofing violations. USTelecom requests that we encourage 
private entities to first coordinate with the registered traceback 
consortium prior to filing information in the portal. While we 
encourage private entities to make use of the registered consortium's 
resources, we decline to mandate that private entities must coordinate 
with the consortium prior to submitting information to the Commission.
    13. No Impact on Informal Consumer Complaint Process. This new 
portal will not affect the process by which a consumer submits an 
informal complaint about a robocall or spoofed call, using the long-
standing process located on the Commission's homepage. The current 
informal consumer complaint process is a vital tool for the Commission. 
The Consumer and Governmental Affairs Bureau uses this

[[Page 52842]]

information to inform Commission consumer protection policies as well 
as for analytical and consumer education purposes. The Consumer and 
Governmental Affairs Bureau also forwards complaints to the Enforcement 
Bureau, which may use them to pursue enforcement actions. Commenters 
raise concerns that the new streamlined portal will create consumer 
confusion or duplicate current processes. We find that our decision to 
exclude individual consumers from the definition of private entity will 
greatly reduce, if not eliminate, potential confusion.
    14. Twilio recommends that the Commission create one centralized 
mechanism for reporting all information regarding robocalling and 
spoofing, whether it is from a whistleblower, company, or consumer. We 
agree with Twilio that private entities and consumers should be 
directed to a centralized reporting mechanism, but we also find that 
the new portal should be distinct from the existing informal consumer 
complaint process. First, we find that there is value in maintaining 
the separate informal consumer complaint process. That process is a 
well-established one that consumers have come to understand and depend 
upon. In addition, it serves as a valuable clearinghouse for the 
Commission to identify trends and activities that are negatively 
affecting consumers. The data in turn informs the Commission's policy 
work, serves as a deterrent to companies the Commission regulates and 
contributes to consumer protection efforts. Second, we find that 
establishing a stand-alone process designed specifically to handle 
concerns from private entities (i.e., not individual consumers) about 
robocalls and spoofing best aligns with the TRACED Act requirement. 
Congress adopted the requirement to create a streamlined process to 
collect information about robocalls and spoofing against the backdrop 
of the existing informal consumer complaint process. Instead, the new 
portal will be integrated with, but distinct from, the existing 
consumer complaint process. Private entities and consumers who wish to 
submit information or complaints about robocalls will be directed on 
the FCC website to the appropriate intake process for their situation--
the new portal for private entities or the existing informal consumer 
complaint process for consumers. We find that adopting a distinct 
intake process for private entities best satisfies the statutory 
language, while integrating it with the existing process managed by the 
Consumer and Governmental Affairs Bureau will reduce administrative 
costs and consumer confusion.
    15. We acknowledge commenters' concerns that, at least initially, 
private entities might be confused about whether the consumer complaint 
process or the new streamlined process is a more appropriate place to 
submit information. Thus we adopt SAFE Credit Union's suggestion that 
the portal ``clearly explain its purpose and intended use.'' To that 
end, the new portal's home page will include prominent language that 
not only explains its purpose and use, but also distinguishes that 
portal from the existing informal consumer complaint process so as to 
minimize possible confusion. The portal is available for use by private 
entities that wish to submit information about suspected robocall or 
spoofing violations. Relevant incidents might include a corporation or 
association experiencing a deluge of robocalls overwhelming their 
internal phone network or a voice service provider that found evidence 
of illegal robocalls traversing its network. The portal is also 
available for use by private entities that have had their number(s) 
spoofed. Consumers, meanwhile, should continue to submit individual 
complaints about unwanted robocalls and spoofed calls that they receive 
through the Consumer and Governmental Affairs Bureau's informal 
consumer complaint process. We recognize that consumers might 
mistakenly file complaints through the new streamlined process rather 
than the existing consumer complaint process. In such cases, the 
Enforcement Bureau will forward such consumer complaints to the 
Consumer and Governmental Affairs Bureau.
    16. Delegated Authority. Lastly, we delegate authority to the 
Bureau to make further decisions about administration of the portal. 
Additional technical issues may arise in the future, and those 
decisions can be made by the Bureau.
    17. Final Regulatory Flexibility Analysis. As required by the 
Regulatory Flexibility Act of 1980, as amended (RFA), the Commission 
has prepared a Final Regulatory Flexibility Analysis (FRFA) relating to 
this Report and Order. The FRFA is set forth in Appendix C.
    18. Paperwork Reduction Act of 1995 Analysis. The Report and Order 
contains new or modified information collection requirements subject to 
the Paperwork Reduction Act of 1995 (PRA). It will be submitted to the 
Office of Management and Budget (OMB) for review under section 3507(d) 
of the PRA. OMB, the general public, and other Federal agencies will be 
invited to comment on the new or modified information collection 
requirements contained in this proceeding. In addition, we note that 
pursuant to the Small Business Paperwork Relief Act of 2002, we 
previously sought specific comment on how the Commission might further 
reduce the information collection burden for small business concerns 
with fewer than 25 employees.
    19. In this document, we have created a new online portal located 
on the Commission website where private entities, including small 
businesses, may submit information about robocall or spoofing 
violations. The portal will collect contact information of the 
reporting entity, information about the suspected illegal robocall, and 
a description of the robocall incident. Use of the portal is completely 
voluntary and we impose no new requirements on small businesses. Thus, 
we have minimized the impact on small businesses.
    20. Congressional Review Act. The Commission has determined, and 
the Administrator of the Office of Information and Regulatory Affairs, 
Office of Management and Budget, concurs that this rule is non-major 
under the Congressional Review Act, 5 U.S.C. 804(2). The Commission 
will send a copy of this Report and Order to Congress and the 
Government Accountability Office pursuant to 5 U.S.C. 801(a)(1)(A).
    21. People with Disabilities. To request material in accessible 
formats for people with disabilities (braille, large print, electronic 
files, audio format), send an email to [email protected] or call the 
Consumer and Governmental Affairs Bureau at 202-418-0530 (voice).
    22. Further Information. For further information, contact Daniel 
Stepanicich, Attorney, Telecommunications Consumers Division, 
Enforcement Bureau, at (202) 418-7451 or [email protected].
    23. Accordingly, it is ordered, pursuant to sections 4(i), 4(j), 
and 227 of the Communications Act of 1934, as amended, 47 U.S.C. 
154(i), 154(j), and 227, and section 10(a) of the Pallone-Thune 
Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, 
Public Law 116-105, 133 Stat. 3274, this Report and Order, is hereby 
adopted.
    24. It is further ordered that parts 0 and 64 of the Commission's 
rules are amended as set forth in Appendix A.
    25. It is further ordered that, pursuant to Sec. Sec.  1.4(b)(1) 
and 1.427(a) of the Commission's rules, 47 CFR 1.4(b)(1), 1.427(a), 
this Report and Order and the amendments to parts 0 and 64 of the 
Commission's rules, as set forth in

[[Page 52843]]

Appendix A, shall be effective 30 days after publication in the Federal 
Register. Sections 64.1204(a) and 64.1606(a) contain new or modified 
information collection requirements that require review by OMB under 
the PRA. The Commission directs the Enforcement Bureau to announce the 
effective date for those information collections in a document 
published in the Federal Register after OMB completes its review, and 
directs the Enforcement Bureau to cause Sec. Sec.  64.1204 and 64.1606 
to be revised accordingly.
    26. It is further ordered that the Commission shall send a copy of 
this Report and Order Rulemaking, including the Final Regulatory 
Flexibility Analysis, in a report to Congress and the Government 
Accountability Office pursuant to the Congressional Review Act, see 5 
U.S.C. 801(a)(1)(A).
    27. It is further ordered that the Commission's Consumer and 
Governmental Affairs Bureau, Reference Information Center, shall send a 
copy of this Report and Order Rulemaking, including the Final 
Regulatory Flexibility Analysis, to the Chief Counsel for Advocacy of 
the Small Business Administration.

List of Subjects in 47 CFR Parts 0 and 64

    Authority delegations (Government agencies), Telecommunications.

Federal Communications Commission.
Marlene Dortch,
Secretary.

Final Rules

    For the reasons discussed in the preamble, the Federal 
Communications Commission proposes to amend 47 CFR parts 0 and 64 as 
follows:

PART 0--COMMISSION ORGANIZATION

0
1. The authority citation for part 0 continues to read as follows:

    Authority:  47 U.S.C. 151, 154(i), 154(j), 155, 225, and 409, 
unless otherwise noted.


0
2. Amend Sec.  0.111 by redesignating paragraph (j) as paragraph (k) 
and revising it and by adding new paragraph (j) to read as follows:


Sec.  0.111   Functions of the Bureau.

* * * * *
    (j) Collects and reviews information received from private entities 
related to violations of Sec. Sec.  64.1200(a) and 64.1604(a) of this 
chapter.
    (k) Perform such other functions as may be assigned or referred to 
it by the Commission.

PART 64--MISCELLANEOUS RULES RELATING TO COMMON CARRIERS

0
3. The authority citation for part 64 continues to read as follows:

    Authority:  47 U.S.C. 151, 152, 154, 201, 202, 217, 218, 220, 
222, 225, 226, 227, 227b, 228, 251(a), 251(e), 254(k), 262, 276, 
403(b)(2)(B), (c), 616, 620, 1401-1473, unless otherwise noted, Pub. 
L. 115-141, Div. P, sec. 503, 132 Stat 348, 1091.


0
4. Add Sec.  64.1204 to subpart L to read as follows:


Sec.  64.1204   Private entity submissions of robocall violations.

    (a) Any private entity may submit to the Enforcement Bureau 
information related to a call made or a text message sent that the 
private entity has reason to believe was in violation of Sec.  
64.1200(a) or 47 U.S.C. 227(b).
    (b) For the purposes of this section, the term ``private entity'' 
shall mean any entity other than a natural individual person or a 
public entity.
    (c) Compliance date--paragraph (a) of this section contains a 
voluntary information collection. Compliance with the requirements of 
that information collection will not be required until after approval 
by the Office of Management and Budget. The Commission will publish a 
document in the Federal Register announcing that compliance date and 
revising this paragraph accordingly.

0
5. Add Sec.  64.1606 to subpart P to read as follows:


Sec.  64.1606   Private entity submissions of spoofing violations.

    (a) Any private entity may submit to the Enforcement Bureau 
information related to a call or text message that the private entity 
has reason to believe included misleading or inaccurate caller 
identification information in violation of Sec.  64.1604(a) or 47 
U.S.C. 227(e).
    (b) For the purposes of this section, the term ``private entity'' 
shall mean any entity other than a natural individual person or a 
public entity.
    (c) Compliance date--paragraph (a) of this section contains a 
voluntary information collection. Compliance with the requirements of 
that information collection will not be required until after approval 
by the Office of Management and Budget. The Commission will publish a 
document in the Federal Register announcing that compliance date and 
revising this paragraph accordingly.

[FR Doc. 2021-14711 Filed 9-22-21; 8:45 am]
BILLING CODE 6712-01-P