Fcc Bars Providers for Non-Compliance with Robocall Protections
Key topics
The FCC is cracking down on robocall scammers by barring non-compliant providers, sparking a lively discussion about the devastating impact of these scams on vulnerable populations, particularly seniors. Commenters shared personal anecdotes of loved ones falling prey to scams, highlighting the need for greater awareness and protection. While some called for stricter punishments, including jail time for those running scam phone providers, others pointed out that even tech-savvy individuals can fall victim to sophisticated scams, and that companies like Apple could do more to help prevent email scams. The conversation underscores the complexity of the issue and the need for a multi-faceted approach to combat these scams.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
8m
Peak period
145
0-12h
Avg / period
20
Based on 160 loaded comments
Key moments
- 01Story posted
Aug 25, 2025 at 12:06 PM EDT
4 months ago
Step 01 - 02First comment
Aug 25, 2025 at 12:14 PM EDT
8m after posting
Step 02 - 03Peak activity
145 comments in 0-12h
Hottest window of the conversation
Step 03 - 04Latest activity
Aug 30, 2025 at 9:59 PM EDT
4 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Also hate the scam "work from home for $125,000 per year" texts. They really prey on the desperate.
It's easy to say it's idiots who fall for this stuff when we're young enough to have grown up in this world or started using new technology at an early age. We will be the ones targeted someday and it will be a medium that didn't become available to us until later in life just like what the seniors are experiencing now.
It’s not just “easy”, it’s an ideological imperative to ensure that the vulnerable have “personal responsibility” to avoid predation, while predators bear no responsibility for their own actions. Many tech business models depend on exploitation — it’s not just phone scammers.
Or rather, to justify what the strong were already doing and didn't have to ask anybody's permission to do, and that nobody else ever had a say about that mattered.
Apple makes a lot of dumb user-hostile decisions but this one is particularly egregious and has caught me off guard.
Absolute scum of the earth.
Mainland China lets people opt out of phone calls that come from outside of the Mainland...it's a feature one can turn off on an on their mobile plan.
Calls from outside the Mainland always cause a warning to pop up on the receiving user's phone that says something like "this call is coming from outside of the mainland, be careful of being scammed".
I can imagine there are many reasons the US doesn't fix this..one of which probably that much of US customer service is outsourced to people outside the US!
This. Gotta have your round robin of foreign call centers be able to spoof the main customer service line numbers for whoever they're contracted to represent.
Personally I think that should all be done in software these days, not something supported at the teleco level but what do I know.
There are applications to block international calls but that only helps if the number is not spoofed. People that have SS7 lines into the telco system can spoof as just about any number. I wanted to kill those circuits but my employer at the time said, "they are paying their bills, arent they?". This was in the 90's. I guess the laws are every so slowly starting to catch up.
I completely agree.
It should be illegal for Telco to allow SS7 spoofing for numbers that customer does not show they own.
Initial SIP setup shows number not to be a number they own, drop the SIP dial and be done with it.
Also, all US based phone numbers should have US based person tied to it. If they misbehave, drop them and blacklist them.
All this is solvable if we don't let phone providers get away with "Welp, the checks cleared, this is not our problem."
Country codes stopped being indicative of location the moment we removed the wires from our telephones.
This is loud to me, mostly because the last time I got non-TCPA compliant texts trying to solicit business, the VOIP provider refused to give the company's actual name or contact info.
Which is why this is likely to end up getting rolled back. Surely most of these providers are dominated by spam. But equally surely all of them carry some legitimate traffic (or else this particular trigger would have been pulled already).
There will be friendly fire from this policy decision, almost certainly.
In the US? Most normie people I know barely even know anyone that's visited overseas anywhere other than Canada and Mexico, much less stay connected to family living abroad. Tons of people don't even regularly talk to people outside of state they live in.
Don't get me wrong it's not entirely uncommon and can be common in immigrant communities but outside of that unless you've got wealthy globe-trotting family you probably don't have anyone to talk to overseas. Its something far from "pretty much everyone".
Yeah, and they use Whatsapp, Telegram, or Facetime, or Messenger to connect.
Because spam call centers pay much more to access phone networks than you do, therefore telcos care about them, and not you. Plus you NEED a phone and they know that.
Also, pragmatically, basically everywhere outside of China and Russia is subject to US "prosecution".
Most international telecom operations aren't facilitating scam call centers, and of the ones who are I suspect very few are so eager to turn a blind eye that they will continue to do so when staring down the barrel of actual consequences.
I don't understand why this doesn't happen EVERY DAY until the problem is resolved.
And before someone cite US code: it's virtually impossible for foreigners to seek justice in this context. Not only do these criminals lack the money, education, and access to legal representation to do so, but the DoJ has better things to do than spend their time looking into the veracity of an international claim of this kind.
I have no idea the reason.
I agree. In fact, 1200 SS7 circuits is nothing. If these people are not locked up they will just get another circuit using another fake identity. It's like blocking 1200 ASN's and saying one made a dent in spam.
It wouldn’t solve everything, but considering how many scammers rely on real-time urgency in their calls, shifting phone communication toward asynchronous messages could actually help. It would undercut that pressure tactic, and it would also make record-keeping much easier.
Legitimacy aside, the only people who still call me without prior arrangement tend to be those who assume they’re entitled to my time and attention on demand. The phone has always been a disruptive form of communication—even if every single call were legitimate (which is far from reality)—because it disregards the boundaries of the recipient’s time.
That’s why I stopped giving anyone real-time PSTN access. For me, it’s voicemail-only now, and honestly, it’s the best decision I’ve made for cutting down on annoyances.
The amount is configurable and the feature can be turned off.
You as the receiver keep 70% of the fee.
Think of how quickly spam would go away.
It could easily set up thousands of people as unknowing patsies to commit mass terrorist acts, just by giving the AI a small amount of crypto to use in "paying people for gig work" to do tasks. It could start people off with busywork like ferrying harmless packages back and forth, and the ones who proved reliable, eventually would get a much less harmless package to be delivered somewhere sensitive.
That could all be orchestrated by human terrorists of course, but it's so much more effective if they could do it in 100 cities at once without almost any (knowing) human labor, and without any detectable foreign involvement.
Wait, who covers the cost in the US?
In Japan (the only other system I’m familiar with), it works differently: the caller is charged for the recipient’s end, while the receiver pays nothing. For example, calling a mobile phone from a landline costs more to account for the mobile portion. I remember years ago using a prepaid phone card from a payphone to call a mobile number—the balance drained incredibly fast. This is one reason why younger generations in Japan rarely rely on PSTN for routine calls, since it can quickly become expensive.
I’ve tried several robocall blockers, but they tend to cause connectivity issues.
If anyone else has this problem, what are you using to prevent robocalls?
There are most certainly other factors at play.
My wife recently switched from a Samsung to a new iPhone which prompted my observation (not a pixel phone of course but still it got worse for her). All anecdata.
My SO has an iPhone and she gets at least 3-4 spam calls a day. I get probably 1 a week that gets through the filter, which you can screen with a bot anyway.
My girlfriend on the other hand gets several a day with a Samsung on A&TT. And it's worse for her because she is a real estate agent and can't afford not to take calls.
If it’s important they’ll text me or leave a voicemail with a callback number.
I just send anyone not in my contacts to voicemail (using the iOS setting) and delete all the robocall voicemails about once per month.
Conceptually, someone US-based should have to cryptographically sign, with their license to continue participating at stake, an assertion that the source phone number is real. People should be free to configure their devices or phone accounts (A) what countries to accept calls from and (B) whether to accept unverified calls whose numbers are presumably spoofed.
Note: i'm aware that SHAKEN/STIR or whatever exists and shares some of that idea, I'm just looking forward to full adoption of something so that I can make those choices described above.
Combine this next with ability to report numbers who spam (with the Apple/Google duopoly it should be trivially easy to put a "report spam" button in the call UI) and sanction providers (first financially and eventually with revocation of their credential to sign calls).
Maybe 30 years ago it would have been seen as too draconian to prevent someone from being able to call others anonymously but the Internet exists and provides ample avenues for those cliche use cases like "whistleblower needs to talk to journalists" so I'm 100% happy to have 'burdensome regulation' here if it stops scammers from ruining the phone as a usable channel for urgent information like "Your car is ready to pick up from the shop" or "Hi, you're the emergency contact for ____ and they are headed to the hospital."
But phone numbers aren't real. They aren't any more real than an IP address. It's arbitrary. This is how VOIP systems work. You just assign a number from your block.
Ideally anyone who owns numbers would stop letting literally anybody do anything with their numbers (the way they do today) because they don't want to lose the numbers or to get banned from operating a PSTN-connected system.
The outcome I'm going for is that if you're a spammer you can't find any US phone number owners who will let you use their numbers so you can only send "unsigned" calls that are obviously spam, or sign calls as originating from irresponsible countries, which are easily filtered out by those of us who don't have any friends in the Phillipines or whatever (I get a lot of "DMV" threat texts from +63)
Why? Probably because the PSTN as normal consumers can access it, is pretty non-anonymous. The best case for anonymity is a burner, but you have to buy those burners somewhere that probably has CCTV, or order them online with a paper trail, so it's pretty risky for someone who needs assurances of anonymity.
No whistleblowers are using SS7 trunks to place anonymous calls.
There's no free source of this information anywhere. The only affordable option is telcodata.us
Also great tool, thank you
There are other sites like this. And then you can use the carrier info, go to that platform‘s website, and submit an abuse complaint through their form. But all they will do is possibly block that one spammer from contacting your phone number while continuing to allow the spammer to operate. And of course they have other spammers as customers.
Better option is to skip their abuse form and send complaints to your state’s AG, to the FTC website, and FCC website. They’ll ask for a lot of info but I think it helps them identify the problematic companies.
You can also forward spam texts to 7726 (“SPAM”) in the US, and your carrier will use that info to take action.
Is that what European countries do? Is that why there are no robocalls there?
Mainly I know that calling from a voip number was really expensive when I tried to set something up for a family member going on vacation to Europe. That probably cuts back on a lot of spam calls.
Really sad how these rules do nothing to stop them
doc with list of the removed company names.
I've told them politely that this is the wrong number, they keep calling. I've asked them to take my number off their list and they happily agree to, but they keep calling. I've threatened to contact the FCC is they keep calling yet....they keep calling. I've tried to block their number multiple times, but they just keep fucking calling from different numbers.
I honestly don't get the logic of these places. "Hey this guy has told us 20 times in all manner of ways to stop calling him....but I think he might buy an extended warranty on the 21st call!!"
Can someone explain to me what the logic of these places is? It just seems like an absolute brain-dead strategy.
The downside is sometimes real people call (like a contractor your landlord hired), hear silence, and don't say anything themselves because they're waiting for a "hello?". Whereas ignoring the call would let them actually leave a voicemail which would be useful. As I learned recently: sometimes real people don't call back a 2nd time.
You break that support persons numbers and they may add you. At worst they will call again and you cost them more money.
Efforts like STIR/SHAKEN exist, but they’re little more than a band-aid—and not a particularly effective one—because the underlying network was never designed with resilience or trust in mind.
I know some people push back on this view, often pointing to edge cases where PSTN’s ubiquity still provides value. But as trust in the system erodes, so does its relevance. And if the majority of people already avoid answering calls from numbers they don’t recognize, its practical utility is clearly diminished.
If you can’t explain the benefit then you can’t tear it down. The PSTN guarantees that all telco operators interoperate. Without it you get what happened with instant messaging. AKA walled gardens. You take for granted the ability to call an iPhone with an Android.
The FCC is responsible for maintaining trust, which they have done here. They can incentivize telco providers to curb the spam activity. You don’t need to throw the baby out with the bath water.
Comparing PSTN to instant messaging walled gardens is interesting, but I’d argue the real parallel is email: a federated, open standard that also suffers from spam and abuse, yet still manages to limp along thanks to heavy filtering and layered trust systems. The PSTN never evolved those trust layers; instead, it relied on scarcity (call cost, geographic constraints) to keep abuse in check. Once those costs collapsed, the trust model collapsed with them.
As for the FCC, sure, they can try to incentivize carriers. But the fact that we need constant regulatory intervention just to keep basic trust afloat suggests the system is no longer structurally sound. Band-aids like STIR/SHAKEN prove the point: we’re bolting authentication onto a protocol that never envisioned it. That might extend its life a little, but it doesn’t make the foundation any less fragile.
So the question isn’t whether the PSTN once had value (it did, massively), but whether preserving it now delivers more value than the cost of propping it up. If a good chunk of people already treat unknown calls as spam until proven otherwise, then the social contract around the PSTN has already been broken.
I think you're absolutely right to draw that parallel. But, today's email landscape isn't much of a federated open standard. It's a web of trust and distrust, filters, and deliverability issues. It's real work to maintain an email server and attain high deliverability with other email services. So much so that most don't even do it anymore. Most email is just delivered by a few large providers.
Really, email is suffering from a lot of the same issues that PSTN also suffers from. But email providers just decided to "solve" the problem themselves, mostly by taking a heavy hand at blocking things and deciding they don't really care if you're not a big provider.
The key difference for me is that the PSTN moves at a snail’s pace, maybe because of regulatory entanglements, maybe because of interoperability constraints. The result is that problems which have been rampant for decades — spoofing, spam, robocalls — remain trivial to exploit. Email has plenty of its own problems here, but at least you get more signals to work with (headers, DKIM/SPF/DMARC, filtering, etc.) than just a string of 10–12 digits with no real context.
That’s why I’m less inclined to “cherish” a system whose shortcomings shift so much burden onto the end user’s well-being, all in the name of interoperability. If interoperability means putting up with abuse at this scale, then that interoperability isn’t worth much — and that’s where my frustration comes from.
For most people it is a distinction without a difference because they know about as much what to do with a DMARC policy as they do an SS7 frame.
DKIM/SPF/DMARC as bandaids just as much as STIR/SHAKEN are, they just need to get a kick in the ass to implement them -- on both fronts. I get tons of official and sensitive email still from domains that fail DMARC.
Now compare that to the PSTN: what does 555-123-4567 really tell you? Not much. It’s just a string of digits with no inherent context. And unlike email, I can’t even choose to outright refuse delivery of a call at the network level.
At that point, we’re repeating the same values clash — you see regulation as a workable fix, I see it as evidence of fragility. I don’t think continuing this line is going to get us any further.
It tells you exactly as much as the "from" field does in your email.
> you have more tools to work with in email.
Only if you're an engineer implementing a mail server configuration. But if you're implementing a telco you also have more tools to work with than a caller ID.
End users use DMARC/SPF the same way end users use STIR/SHAKEN... they don't. None of them are user-servicable values. And service providers use DMARC/SPF the same way end users use STIR/SHAKEN... they implement those controls for their users in the form of a managed service.
Email gives end users multiple signals and filters to work with. PSTN doesn't, and that's why I disagree with your equivalence.
You can take advantage of it because you're an expert. Just because email vomits out more information that are useful for experts doesn't mean it is better as a real world system for normal people who use it.
If the only way to preserve interoperability is to accept decades of unresolved abuse and perpetual patchwork fixes, then that’s not a trade-off I find compelling. At that point we’re not debating facts, we’re debating tolerance levels — and mine is lower. I think that’s a good place to leave it.
IP addresses and phone numbers are indistinguishable in the context of spam. If you successfully argue that the PSTN cannot be operated at a net benefit to society because of spam volume the same argument must also be a valid call to shut down the Internet.
And if the FCC were fully capable of solving this problem, I don’t think we’d still be here after decades of the same issues. That longevity itself is part of my argument: it’s not that people haven’t tried, it’s that the structural limitations resist a clean fix.
Also, IP addresses aren’t a great analogy. They’re not a sole indicator of origination — we have layers of metadata, routing, and reputation systems around them. I’d accept that comparison more readily if phone numbers were spoof-proof. But they aren’t, and that’s yet another area where the FCC hasn’t managed to close the gap.
Yes, such reports exist and they are easy to find when you look for them. My point is that you are not balancing these reports with the benefits of the PSTN or considering that people who happily use the PSTN aren't vocal about it. I think you are attributing way too much weight to the information you can find, especially when you are looking for it. You then draw an extreme conclusion that the PSTN is not worth maintaining and support it with this flawed analysis of behavioral change.
You might be right but the way you have substantiated your argument isn't compelling.
You’re welcome to use a different standard, but dismissing mine as "not compelling" without engaging the actual framing isn’t critique. It’s rhetorical displacement. If you’re not addressing the criteria I laid out, you’re not engaging the argument.
Speculation cuts both ways. If you want to challenge the standard itself, do so directly. Otherwise, implying imbalance or extremity without entering the terrain is performative, not substantive.
This is more like “Chesterton’s radio with a broken antenna,” a thing broken in an obvious way that we just haven’t gotten around to fixing or replacing.
Btw, if you haven't already, you can sign up for the FCC's Do Not Call list[0]. While obviously this isn't going to solve everything, it does make it illegal for legitimate companies to call you. Absent this incident, it did appear to have a significant effect in reducing spam calls when I signed up years ago. Also, here's some info about junk mail[1]. It costs about $6 and lasts 10 years.
[0] https://www.donotcall.gov/index.html
[1] https://consumer.ftc.gov/how-stop-junk-mail
In the beginning, they seemed to take their job seriously, but I doubt that has been the case for many years.
Right after SHAKEN/STIR was passed, I got zero spoofed calls. I did get a few robocalls, but they weren't spoofed.
For a month or so. So that shows the problem can be solved, legislatively.
Then, they started coming back, and now, almost every call I get, is spoofed. This includes some legit ones.
Also, legit callers should keep in mind that the autodialer companies they employ, might also moonlight as spammers, so they get blacklisted. I have had quite a number of legit calls get listed as spam.
Cynically, I feel as if politicians are unwilling to get tough on these, because they (or their proxies) use them. That seems to be both sides of the aisle.
Of course they do, and they voted themselves an exception. Same reason some small business in Redmond, WA isn't allowed to put out a sandwich board sign, but 10 months before every election every g*ddamned piece of dirt in Redmond has a political sign stuck into it.
110 more comments available on Hacker News