The founder of Twilio, Jeff Lawson, posted a well-written blog post on the need to eliminate true robocalls and what Twilio is doing about it. The post does not disclose his motivation for posting now, but we would not be surprised if the increase in TCPA publicity from John Oliver and cases holding that platform providers, including Twilio, can potentially be liable under the TCPA have something to do with it. But regardless of the motivation, the post has several insights residents of TCPAWorld will find interesting.
The post is refreshing in that it describes robocalls accurately:
All of us have had the experience. A meeting or a dinner interrupted by our phone ringing with some random number on the screen. Click ‘ignore.’ Maybe a minute later we get the notification of a new voicemail (maybe in another language) touting a new deal on satellite TV, or better yet, alerting you to an urgent “lawsuit from the cops.” Or rather, they don’t leave a voicemail at all… because they’ll just robocall you again in 20 minutes, hoping you’ll answer from a different random number.
Exactly! These are the calls with which courts, Congress, and the FCC should be concerned. They serve no purpose other than to annoy and tie-up phone lines.
The post then gives a brief history of the telephony network, from when AT&T controlled the network and all devices attached to it, to the DC Circuit opening the network to third-party devices in 1956, to the DOJ breaking up AT&T in 1982. According to Lawson, these actions led to an explosion in innovation, but also opened the door to the explosion in robocalls, including the most dangerous type: spoofed numbers. As Lawson puts it, “anybody can impersonate anybody else on the phone network to make a phone call.” Scary stuff. But Lawson doesn’t just identify a problem, he also discusses solutions.
According to the post, Twilio requires anyone using its platform to prove ownership of a phone number before using it as a caller ID. That’s an important step. A key feature of a spoofed call is that the caller does not actually own the phone number on that displays on your phone – it might look like it’s coming from one of your neighbors, but in actuality comes from a call center in Eastern Europe. Twilio also charges users by the minute, not by the second, which increases the cost of an early hang up. A legitimate business trying to reach an actual customer will obviously be more willing to bear that increased cost than an offshore spammer on a fishing expedition.
On a broader level, the post suggests “cryptographically signing calls” as a way to cut down on true robocalls and spoofing. Which is a fancy way of saying the caller has to prove that they own the phone number from which they are calling to access the telephony network. If it works, that requirement has the potential to cut down on true robocalls and spoof calls because, unlike legitimate callers, offshore auto-spammers do not own the numbers from which they place calls. And as Lawson points out, a similar requirement for email significantly reduced the amount of spam from spoofed email accounts.