FCC bars providers for non-compliance with robocall protections

In practice of course, my phone is 100% permanently in "do not disturb" mode and does not ring at all unless I've added you to my contact list. Which means the scammer, already pretending to live in small town rural USA (where they most certainly are not) has to correctly guess the number of one of my relatives before my pocket actually rings. It also means I'm unreachable for anything actually important that isn't in my contact list. That's an annoying price.

I'm not sure what the correct end solution is, but the current solution seems to be very broken.

Then, one day, an app developer thought: Wouldn't it be cool if there was an app that would interrupt what the user was doing, play a sound, vibrate the device, and put up a full-screen dialog, that this all could be activated remotely by any other device by simply typing in a short numeric code, and that if the recipient pushed a button, the remote attacker could send audio data and activate the recipient's microphone? Most app stores would classify this as malware, yet here we are today with devices that all have built-in apps that do exactly this, and only because of how normalized the legacy idea of a "phone call" is.

Considering Facebook ([0] and [1] to name a few) is still available, I think that's a pretty high bar to clear.

[0] https://news.ycombinator.com/item?id=44401406

[1] https://news.ycombinator.com/item?id=44169115

I think one of two high-level approaches:

We could be ultra-strict about who is allowed to call whom, and have penalties and enforcement similar to how we police credit card fraud.

Or, we could do away with phone numbers and instead come up with a scheme where you show a QR-like code to allow someone to call you; and then you can revoke that permission if/when it is abused.

---

Finally, I think the crux of the problem is that in the US we tolerate far too much of this kind of behavior. (Unsolicited contact for the purpose of sales.) Without a corresponding publicity campaign, there's far too much cultural tolerance of allowing anyone to contact anyone at any time for any reason to accept the kind of change needed to truly contain SPAM.

I did ask if I could just send all calls not in my contact list to get screened, and that idea seemed to "blow their mind," though.

I'd probably add that the area code + exchange calls from an area code that you don't actually live in are spam as well though don't see those as much as I once did.

It seems like this sort of idea is extremely common, considering how many websites love preventing me from viewing their content by slapping multiple modals asking me to sign up for a newsletter and/or to get my permission to be tracked using cookies.

It also shows up in native apps, in the form of some prompt asking the user if they are enjoying the app. NO! I do not enjoy being funneled into an App Store review or any similar bullshit. If I like using the app, I'll use it. If I don't, I won't. Stop asking me!

I build websites for a living and I'm constantly battling requests to infect our sites with these god-awful modals. It's like sitting down at a restaurant, being handed a menu, only to have the menu taken away seconds later and being asked if you'll return in the future. Not only is it rude, it's the wrong time to ask the question. Let me read the damn article or whatever, and when I'm done, if there's a newsletter form, MAYBE I'll sign up. Let me eat my meal, and if I enjoy it I'll think about returning.

I think this works for many situations:

1. Between amicable friends and businesses/clients, nothing changes.

2. If there was a normal relationship, but one side starts unfairly seizing call-deposits... Well, maybe it's time to no longer have them as a vendor/customer/friend.

3. Spammers either eat the additional cost, or they have to work harder to make sure they only call people who are unlikely to retaliate.

_____

There's still a problem where someone asks to be called (the number needn't actually be theirs) as a way to trick the caller into losing money... But even then, I think it represents an improvement over what we've got now.

Calling me is now the equivalent to wanting to send me a telegram. The phone system is broken, we all know it's broken, and yet you want my phone number? Send me an email, it's just as fast and has better tools for managing scumbags. Unknown callers are silenced and go to voicemail. Wife is in an auto accident? State troopers know how voicemail works. Kid is in trouble? It can wait 30 seconds while I wait for the VM to come through (and, haha, trick question: we don't have kids).

OTOH, I grew up in the era of landlines and payphones, and well before answering machines (old school VM). People still got in accidents, kids still got sick at school and needed to come home, doctors still called, and we all got along just fine. Because EMTs still took people to the hospital, the school nurse still took care of your kid, and the doctor either called back or sent a letter, and the world move on despite not being able to instantly reach people 24x7. I realize I sound like one of those "we didn't have $SAFETY_FEATURE, and we lived", when in reality not all of us did. But we aren't talking about lawn darts, for the most part I think we did get along just fine. (Auto accidents and breakdowns are something made better by cell phones, but in the day lots of folks had CB radios. ::shrug::)

I go even further, unless there is a good reason for someone to have the ability disturb me, they're not whitelisted. I have no phones that ring unless it's for a specific and temporary purpose.

A ringing phone is an anachronism, it's incredible to me that people let anyone bother them in this way these days. Its an invasion of ones personal space.

The text message should explain the nature of the call and which number to call in reply.

I just don't think anyone wants to fix it. Why can't apple let us send "spam risk" to voicemail?

Like adding extensions, possibly with passwords to your phone line.

It would be good to give an extension or password to friends, or one for each business, which can be automated to input with a pause after answering, and it gets through (or further) if possible.

we should have phone rules just like mail rules.

  > leak this 10 digit code

I mean numbers are as terrible as social security numbers. For both of them you can take your number, add one, and get another valid number.

I'm also not sure what the correct solution is but I'm sure there's some pretty smart people out there that have some really good ideas and understand the issue with a lot of complexity (aka: I won't believe anyone who starts with "It's so simple, you just...")

  >  upcoming iOS 26 has a new screening feature

I didn’t realize how bad it got until my father stopped answering calls. It turned out he was getting (no hyperbole) 90 calls a day from spammers and vendors he had no relationship with.

I used the iOS filter, the AT&T filter, and turned on the shortcut so the phone doesn’t ring unless the caller is in his contacts.

The problem is that it already changed his behavior. He doesn’t answer the phone anymore, even if it is a person he recognizes. The Pavlovian response to his ringtone is still very negative.

I’m sure there is a non-trivial percentage of the US who already viscerally hates receiving phone calls.

If we just made it impossible for phone calls to reach US destinations if they originate from a short list of foreign countries, would that actually do anything to address this issue?

> The text message should explain the nature of the call and which number to call in reply.

You lost me here. If I get an unsolicited text message claiming to be a doctor who needs to speak to me urgently about a loved one's medical emergency, I'm not calling back via any number other than the hospital's front desk or switchboard. Invoking an emergency and asking you to call an unverified phone number is scamming 101.

Both times my wife was in a car accident, and once that my son was, in the past few years, an unknown phone call was not necessary as either their phone or their car immediately alerted me.

That’s basically how most SMS scams work.

While there are certainly technical challenges and various trade-offs, those are not the main reason we're still getting buried in spam calls. My understanding is that smart people have already come up with good solutions which can be implemented at relatively low cost and which would be substantially effective - but the solutions have not been universally deployed because:

1. They generally require coordinated action between governments, standards bodies, regulators and disparate companies at different levels of the telecom ecosystem. These parties have divergent processes, goals and opinions on who should bear the costs and/or responsibilities for implementation, enforcement, etc.

2. The major U.S. telecom companies make money by transiting calls they know (or should know) are very likely spam. They don't want to give up that revenue so they find ways to not fully adopt, delay or weaken various proposals. These can include the motivated leveraging of legitimate technical issues or concerns to complicate, defer and otherwise hinder the processes in which they are involved as significant stakeholders. Many mobile phone operators now also earn revenue selling spam call blocking as a separate feature or part of more expensive plans. If the problem was substantially fixed they would lose that revenue.

3. There are various political stakeholders, industries and companies (not the off-shore, bottom-feeding spammer/scammers) which have a vested interest in keeping unsolicited calls legal. These include some of the more legit-ish forms of domestic telemarketers such as recruiters, fund-raisers, political campaigns, pollsters, market survey companies, etc. These companies have industry associations which hire lobbyists and make political donations to ensure their particular use is exempt from any regulations and that their cost of doing business doesn't go up to comply with the new system. Carving out all these exceptions and exemptions significantly complicates and/or weakens most technical solutions.

This is why I believe there is currently zero hope of any significant improvement despite the FCC issuing positive sounding announcements exactly like this one every 6 to 18 months for the last ten years. These FCC announcements rarely mention the workarounds, exemptions, appeals processes, delayed or unfunded enforcement which industry insiders already know will allow spam calls to continue with no substantial change. These announcements are merely the FCC fulfilling their political role of appearing to regulate and taking steps to mitigate the problem. Now the FCC managers who are measured on "do something about spam calls" can check that box on their KPIs. However all the various parties in the ecosystem have already taken steps to ensure whatever the FCC is announcing won't really work well or can be worked around relatively easily. For example, I'm sure most of the people behind the companies supposedly banned in this announcement (or their large offshore spammer/scammer customers) have already made other arrangements to continue operating uninterrupted. I hate that it's this way but the reality is, until the three fundamental blockers listed above change, this is all just "Regulatory Theater" much like the TSA's "Security Theater" performances.

My parents had their number for ~30 years. I never get spam calls or texts. They get one once a week or so (this is in Germany, we get a lot fewer of these calls).

They used to play back a 10 to 20 second "polite" message that just annoyed everybody.

This sounds perfect to me. Not only do I not have to talk to spammers, I don't even need to listen to their messages.

When you're actively using your smartphone, phone calls show up as notifications, not full-screen dialogs (which trips up my non-technical relatives, since they don't know how to answer a call through the notification). Given that, it's not that different from what we had on computers with instant message applications like ICQ. In a world without the concept of phone calls, they would be a natural evolution from these instant messengers (and, as I'm sure you remember, ICQ used a short numeric code as the user identity).

But I'm not sure what that has to do with the Do Not Call database.

They had an anecdote about one company they consulted at which illustrated how normalized interrupting engineers had become. The engineers were putting their phones on "do not disturb" (DND) to stop all the interruptions so they could get their work done, and management sent around a memo saying that the engineers needed to stop putting their phones on DND because that caused the calls to forward to the secretary, and all the calls were making it hard for the secretary to get any work done.

Keep in mind this was the era before CallerID so you never knew what number was calling you in advance. You answered every call on blind faith. And strangely enough most calls were worth taking, because all calls cost money.

Spam happens when it costs the spammer nothing.

Stupidly, AFAICT, none of the phone services bother to auto-delete silent voice messages so I have to manually delete them, each one taking ~6 seconds ("call from One Two Three Five Five Five Six Seven Eight Night at three twenty seven pee em, on friday june twenty sixth ..........." delete. Repeat

That's basically the purpose toll free area codes used to serve; and there's no reason that same sort of solution (with some adjustments for the modern era) couldn't continue to be used under a deposit based system. Just add some universal prefix, some unused country code for instance, that can be dialed for a "no deposit" call; and then give control to the recipient whether they want to accept such calls.

Or, well, since most modern dialing is done by submitting the whole number at once rather than digit-by-digit; it could even be a suffix. If your number is +12125551212, maybe something like +12125551212*0 could indicate a "no deposit" call. I mean, the whole suffix space could even be turned into something akin to a password so instead of just opening up accepting "no deposit" calls from the entire world, you might only accept them from specific whitelisted suffixes; and if someone leaks one and you start getting spam calls on it, you can just turn off that suffix. There might need to be some provider-enforced fail2ban to prevent wardialing those suffixes, but it doesn't sound like it'd be too difficult.

So every screening popup I got had amusing text like "Is it going to beep? Hello?"

When it becomes commonplace, I expect the real problem with it will be that spam callers will recognize it and just starting giving false information to it to try to trick the party into accepting the call.

You can. At least with iOS 26 you can, I don't know if it's new or not. You can have known spam numbers silenced, sent right to voicemail, and then the voicemail is immediately put into a spam folder.

But legit people, they just hang up. That's also a worse situation than not answering because in that case they'd have left a message. (this is hit or miss. Sometimes they leave a message. But 0 times have they actually responded to the screening)

I didn’t realize how bad my alert/notification sounds fatigue got until I realized that a coworker’s (in an open office layout) phone was the same brand as the office fridge (so his notifications made me get up to check if the fridge was left ajar) and his home doorbell was the same sound as the office doorbell.

(1) he was self-employed, so his business contact info (also his personal info) became public record

(2) he NEVER opted out of anything (eg “type STOP to opt-out”), never told callers to take him off their marketing list, and he was VERY sloppy with handing out his primary contact info on websites (maybe shopping or sweepstakes).

I have taken to speaking like a robot, repeating two sentences in a loop ("You have reached technical support, please describe your issue." -> "I am sorry, I cannot deviate from the technical support script. You have reached technical support...") until the spammers come to the realization they cannot manipulate me into giving an affirmative response that they can interpret as consent to move our phone service, subscribe to service offerings, etc.

They have made phone service effectively worthless, just as they have made all other forms of communication effectively worthless.

Edit: Just remembered something else I do: I do not answer the phone with "Hello" or anything like that. The vast majority of calls that we receive are originated by an autodialer that is listening for a typical greeting so it knows in what language its payload should be delivered. Instead, I answer with only the name of the business and nothing else. If I hear silence, I repeat the name of the business. After a short time, the autodialer gives up and terminates the call.

Or do you rely on others letting their phones ring when you call them back while not providing them the same courtesy?

The IRS and FBI are apparently constantly after me.

They do love to leave empty voice mails for me quite often and that is annoying.

Again, I ask if somehow SMS is inherently worse for phone calls for scams.

In that case voice mail is required.