Laura Stefani works at the intersection of law, policy, and technology, providing clients with a wide range of services in the telecommunications arena. She develops creative regulatory solutions to bring new technologies to market and guides clients on U.S. communications policy initiatives, with a focus on wireless and satellite technologies. She advocates for regulated communications entities regarding licensing, market entry, spectrum use, and other regulatory issues before the Federal Communications Commission (FCC), the National Telecommunications and Information Administration (NTIA), and other federal agencies.

Robocalls may have always had some artificial flavor to them; however, the proliferation of the use of artificial intelligence (AI) continues to blur the line between human and machine interaction. On July 17, the Federal Communications Commission (FCC) issued a draft Notice of Proposed Rulemaking (NPRM) to address the ability of the Telephone Consumer Protection Act (TCPA) to restrict and regulate robocalls made using AI. The NPRM will be finalized and adopted at the agency’s August 7 meeting and may be modified prior to that based on feedback from interested parties.

The draft NPRM comes after the FCC invited and received comments on the subject in November of 2023. Specifically, the agency sought comments on “how AI technologies can be defined in the context of robocalls and robotexts” and what steps should be taken to ensure that the FCC can advance its statutory obligation under the TCPA. Subsequently, as we’ve reported, the FCC took action aimed at unlawful AI robocalls in a recent AI robocall enforcement in response to increased election year calling activities.Continue Reading Hello, This Is AI Calling. FCC Proposes New Rules for AI Robocalls

With the election cycle heating up as we approach the dog days of summer, so too is the Federal Communications Commission’s scrutiny of the use of AI technology in fraudulent robocalls. As we previously discussed, the FCC has already doled out fines for the use of deepfakes in political robocalls.

Now, FCC Chairwoman Jessica Rosenworcel has ratcheted up the scrutiny of nine telecom companies, asking them to explain the measures they are taking to prevent deepfake robocalls. Specifically, the FCC asks the carriers to describe the steps taken to authenticate calls in line with the STIR/SHAKEN requirements. The agency’s inquiry also includes what resources carriers have dedicated to identifying generative AI voices, and what steps they have taken to verify customers’ identities.Continue Reading AI Robocalls: Election Season Triggers Additional FCC Scrutiny

In a pair of Notices of Apparent Liability for Forfeiture this week, the Federal Communications Commission (FCC) has proposed a collective $8 million in fines against telecommunications company Lingo Telecom and political consultant Steven Kramer.

Robocalls, Generative AI, and Deepfakes

The FCC alleges Kramer violated the Truth in Caller ID Act. According to the FCC, two days before the New Hampshire 2024 presidential primary election, Kramer orchestrated a campaign of illegally spoofed and malicious robocalls that carried a deepfake audio recording of President Biden’s cloned voice telling prospective voters not to vote in the upcoming primary.

To transmit the calls, he worked with voice service provider Lingo Telecom, which incorrectly labeled the calls with the highest level of caller ID attestation, making it less likely that other telecommunications providers would detect the calls as potentially spoofed. For this reason, the FCC is also pursuing forfeiture against Lingo, alleging a violation of the STIR/SHAKEN rules for failing to use reasonable “Know Your Customer” protocols to verify caller ID information in connection with Kramer’s alleged illegal robocalls.Continue Reading FCC Proposes $8 Million in Fines Against Telecom Company and Political Consultant for Using Deepfake Generative Artificial Intelligence

The Federal Communications Commission (FCC) and the Federal Trade Commission (FTC) agreed this week to cooperate and coordinate consumer protection efforts in enforcing the FCC’s reinstated “net neutrality” rules. The agencies stated in a Memorandum of Understanding that they will share legal, technical, and investigative expertise and experience in enforcing the rules.

The reinstated rules, adopted on April 25, formally reclassify internet service providers’ broadband services as “Telecommunications Services” under Title II of the Communications Act, rather than as a less-regulated Title I “Information service.” With this change in status, the FCC also reinstates specific proscriptive rules against blocking, throttling, or engaging in paid preference for certain network traffic, and re-adopts a “general conduct” standard barring unreasonable interference with consumers or providers that provide content and services.Continue Reading FCC and FTC to Cooperate in Enforcing Reinstated Net Neutrality Rules

Early this week, the Federal Communications Commission (FCC) announced it had fined the largest U.S. wireless carriers for sharing access to customers’ geolocation information without consent and without taking reasonable measures to protect against unauthorized disclosure. These Forfeiture Orders follow the issuance of Notices of Apparent Liability for Forfeiture and Admonishment by former Chairman Ajit Pai in 2020, and subsequent agency investigation by the agency’s Privacy and Data Protection Task Force.

The orders buttress FCC Chairwoman Jessica Rosenworcel’s consumer protection agenda, which includes launching the Privacy and Data Protection Task Force last year. The FCC has been increasing its regulatory oversight under the task force, which it described as “an FCC staff working group focused on coordinating across the agency on the rulemaking, enforcement, and public awareness needs in the privacy and data protection sectors, including data breaches (such as those involving telecommunications providers) and vulnerabilities involving third-party vendors that service regulated communications providers.”Continue Reading FCC Fines Major Wireless Carriers $200 Million for Sharing Customer Geolocation Data

Moving at rapid speed, the Federal Communications Commission (FCC) has just announced its unanimous adoption of a new Declaratory Ruling finding that voice calls using artificial intelligence (AI)-generated voices fall under the Telephone Consumer Protection Act (TCPA).

The ruling takes effect immediately and gives state attorneys general powerful new tools to go after voice cloning scams. Under FCC rules, telemarketers that use robocalls subject to the TCPA are required to obtain prior express written consent from the consumer unless an exemption applies. The TCPA has always prohibited the use of both prerecorded and artificial voices but advances in AI-generated voices have prompted the FCC to specifically address their use.

In recent years, scammers and other parties have begun using AI to create fake and even “cloned” artificial voices, including those of celebrities, politicians, and even a call recipient’s family member. In this election season, there has been increasing concern about the use of voice clones to engage in voter suppression schemes.Continue Reading FCC Clarifies TCPA Rules to Affirmatively Restrict Use of AI-Generated Calls

Cybersecurity and data protection is front and center on the Federal Communications Commission’s (FCC) agenda. The latest manifestation of this is the FCC’s issuance of a Notice of Proposed Rulemaking (NPRM) on August 25, 2023, which seeks comments on a proposed voluntary cybersecurity labeling program for Internet of Things (IoT) devices or products.

Companies that volunteer to join the proposed program would have their qualifying products bear a new “U.S. Cyber Trust Mark,” which the agency believes would help consumers identify trustworthy products and make informed purchasing decisions, incentivizing better cybersecurity standards. There are a couple of aspects of the NPRM that are worth highlighting.Continue Reading What’s in a Label? FCC Begins Rulemaking Procedure for Cybersecurity Labeling on IoT Devices

Last week, the Federal Communication Commission’s (FCC) issued a Notice of Apparent Liability for Forfeiture proposing a $20 million forfeiture, essentially a fine, against two telecommunications service providers for failing to properly authenticate customers’ identity before providing online access to Customer Proprietary Network Information (CPNI). CPNI includes sensitive data, such as called phone numbers, the length and time of calls, and service features. FCC rules mandate that companies handling such information use “reasonable measures” to guard access to CPNI.

Because it would be easy for third parties to impersonate customers and gain access to their CPNI, FCC rules prohibit the use of readily available biographical information or account information. “Readily available biographical information” includes “information drawn from the customer’s life history and includes such things as the customer’s social security number . . . mother’s maiden name; home address; or date of birth.” Account information is “information that is specifically connected to the customer’s service relationship with the carrier, including such things as an account number or any component thereof, the telephone number associated with the account, or the bill’s amount.” FCC rules thus requires service providers to authenticate customer identity without the use of the above information and then require a password.Continue Reading FCC Proposes $20 Million Forfeiture Against Telecommunications Service Providers for Failing to Protect User Data

As we recently previewed, the Federal Communications Commission (FCC) published its Proposed Rule that would codify its updated guidance on the Telephone Consumer Protection Act (TCPA). The TCPA regulates calls and text messages sent using automated technology and is frequently litigated. Below are the major proposed rule changes on which the FCC seeks comment.Continue Reading FCC Releases Proposed Rule for Codifying Updates to the TCPA

The Federal Communications Commission (FCC) has issued a Notice of Proposed Rulemaking intending to strengthen consumers’ ability to revoke consent to receive both robocalls and robotexts, in addition to strengthening callers’/texters’ obligations to honor such requests in a timely manner.

The Telephone Consumer Protection Act (TCPA) restricts callers from making robocalls and robotexts unless they have received the prior express consent of the called party, subject to a couple of exemptions. The FCC’s proposed action would broaden a consumer’s ability to revoke consent in “any reasonable way.” For example, simply using words such as “stop,” “revoke,” “end,” or “opt out” in response to a call or text would create a presumption, absent contrary evidence, that the consumer has revoked consent.Continue Reading FCC Proposes Codifying New TCPA Consent Rules in Notice of Proposed Rulemaking