Misuse of Internet Protocol (IP) Relay Service; Telecommunications Relay Services and Speech-to-Speech Services for Individuals With Hearing and Speech Disabilities

AGENCY:

Federal Communications Commission.

ACTION:

Final rule.

SUMMARY:

In this document, the Commission adopts a measure that prohibits Internet-Protocol (IP) Relay providers from handling non-emergency calls made by new IP Relay registrants as guest users prior to taking reasonable measures to verify their registration information. The Commission's action is intended to eliminate abuse that has resulted from unauthorized users having access to IP Relay services prior to verification of their registration information.

DATES:

Effective July 25, 2012.

ADDRESSES:

Federal Communications Commission, 445 12th Street SW., Washington, DC 20554.

FOR FURTHER INFORMATION CONTACT:

Eliot Greenwald, Consumer and Governmental Affairs Bureau, Disability Rights Office, at (202) 418-2235 or email Eliot.Greenwald@fcc.gov.

SUPPLEMENTARY INFORMATION:

This is a summary of the Commission's Misuse of Internet Protocol (IP) Relay Service; Telecommunications Relay Services and Speech-to-Speech Services for Individuals with Hearing and Speech Disabilities, First Report and Order (Order), document FCC 12-71, adopted on June 28, 2012 and released on June 29, 2012, in CG Docket Nos. 12-38 and 03-123. The full text of document FCC 12-71 will be available for public inspection and copying via ECFS, and during regular business hours at the FCC Reference Information Center, Portals II, 445 12th Street SW., Room CY-A257, Washington, DC 20554. It also may be purchased from the Commission's duplicating contractor, Best Copy and Printing, Inc., Portals II, 445 12th Street SW., Room CY-B402, Washington, DC 20554, telephone: (800) 378-3160, fax: (202) 488-5563, or Internet: www.bcpiweb.com. Document FCC 12-71 can also be downloaded in Word or Portable Document Format (PDF) at http://www.fcc.gov/cgb/dro/trs.html#orders. To request materials in accessible formats for people with disabilities (Braille, large print, electronic files, audio format), send an email to fcc504@fcc.gov or call the Consumer and Governmental Affairs Bureau at 202-418-0530 (voice), 202-418-0432 (TTY).

Paperwork Reduction Act of 1995 Analysis

Document FCC 12-71 does not contain new or modified information collection requirements subject to the Paperwork Reduction Act of 1995 (PRA), Public Law 104-13. In addition, it does not contain any new or modified information collection burden for small business concerns with fewer than 25 employees, pursuant to the Small Business Paperwork Relief Act of 2002, Public Law 107-198. See 44 U.S.C. 3506(c)(4).

Synopsis

1. In document FCC 12-71, the Commission takes an important step to curb the misuse of IP Relay by prohibiting IP Relay providers from handling non-emergency calls made by new IP Relay registrants prior to taking reasonable measures to verify their registration information. In taking this action, the Commission underscores its ongoing commitment to ensuring that Internet-based telecommunications relay services (iTRS) provide the communication access intended by Congress in section 225 of the Communications Act, while eliminating fraud and abuse in this program. See Structure and Practices of the Video Relay Service Program, CG Docket No. 10-51, Second Report and Order, FCC 11-118; published at 76 FR 47469, August 5, 2011 and at 76 FR 47476, August 5, 2011 (iTRS Certification Order) (defining iTRS to mean all forms of telecommunications relay service (TRS) in which an individual with a hearing or speech disability uses an Internet connection with a communications assistant (CA) to make calls, including Video Relay Service (VRS), IP Relay, and IP captioned telephone service (IP CTS)). VRS uses video over a broadband Internet connection to allow a person who uses sign language to communicate with another party through a CA.

2. IP Relay is a form of text-based TRS that uses the Internet to allow individuals with hearing and/or speech disabilities to communicate with other individuals. In 2006, the Commission initiated a rulemaking proceeding to address the misuse of IP Relay and VRS. Telecommunications Relay Services and Speech-to-Speech Services for Individuals with Hearing and Speech Disabilities; Misuse of Internet Protocol (IP) Relay Service and Video Relay Service, CG Docket No. 03-123, Further Notice of Proposed Rulemaking, FCC 06-58; published at 71 FR 31131, 2006 (2006 FNPRM). The Commission took that action in part because of concerns that individuals without a hearing or speech disability were using the anonymity of the IP Relay service to call merchants and place orders using fake, stolen, or otherwise invalid credit cards. The 2006 FNPRM sought comment on ways to curb fraudulent calls made via IP Relay, including requirements for user registration and rule changes that would permit relay providers to screen and terminate such calls.

3. Since the 2006 FNPRM, the Commission has undertaken a number of measures to combat the misuse of iTRS. Most relevant to the instant proceeding, in June 2008, the Commission adopted a mandatory system requiring IP Relay and VRS users to be assigned ten-digit telephone numbers linked to the North American Numbering Plan and registered with their provider of choice (default provider). Telecommunications Relay Services and Speech-to-Speech Services for Individuals with Hearing and Speech Disabilities; E911 Requirements for IP-Enabled Service Providers, CG Docket No. 03-123, WC Docket No. 05-196, Report and Order and Further Notice of Proposed Rulemaking, FCC 08-151; published at 73 FR 41286, July 18, 2008 and at 73 FR 41307, July 18, 2008 (iTRS Numbering Order I). The Commission explained that such registration and the requirement for each user to provide a “Registered Location” would reduce the misuse of IP Relay. The Commission also sought comment on whether additional steps were needed to curtail illegitimate calls made through this service.

4. In December 2008, the Commission adopted a second iTRS numbering Order in which it directed IP Relay and VRS providers to “implement a reasonable means of verifying registration and eligibility information,” including the consumer's name and mailing address, before issuing a ten-digit telephone number to new or existing users. Telecommunications Relay Services and Speech-to-Speech Services for Individuals with Hearing and Speech Disabilities; E911 Requirements for IP-Enabled Service Providers, CG Docket No. 03-123, WC Docket No. 05-196, Second Report and Order and Order on Reconsideration, FCC 08-275; published at 73 FR 79683, December 30, 2008 (iTRS Numbering Order II). The Commission provided the following examples of what such verification could include: “(1) Sending a postcard to the mailing address provided by the consumer, for return to the default Internet-based TRS provider; (2) in-person or on-camera ID checks during registration; or (3) other verification processes similar to those performed by voice telephone providers and other institutions (such as banks and credit card companies).” The Commission further directed providers to include in their verification procedures a requirement for consumers to self-certify that they have a medically recognized hearing or speech disability necessitating their use of TRS. The Commission expected that “these measures [would] reduce the misuse of Internet-based TRS by those who may take advantage of the anonymity currently afforded users, particularly IP Relay users, without unduly burdening legitimate Internet-based TRS consumers seeking to obtain ten-digit telephone numbers.” The Commission added, however, that “to the extent technically feasible, Internet-based TRS providers must allow newly registered users to place calls immediately,” even before completing the verification of such individuals. In permitting such temporary use of iTRS by new registrants, the Commission responded to comments by a coalition of consumer groups, who were concerned that legitimate IP Relay users would be cut off from service during the transition to the new ten-digit numbering and registration system. In order to enable users to make calls under this “guest user” procedure, providers have been giving users temporary ten-digit numbers and provisioning these numbers to the iTRS Directory. These numbers have been allowed to remain valid for the purpose of making IP Relay calls until such time that the users' identifying information is authenticated or rejected.

5. In October 2009, the Commission issued a Public Notice reminding iTRS providers of their obligation to implement the measures discussed above by November 12, 2009. Consumer & Governmental Affairs Bureau Reminds Video Relay Service (VRS) and Internet Protocol (IP) Relay Service Providers of their Outreach Obligations and Clarifies their Call Handling Obligations for Unregistered Users after the November 12, 2009, Ten-Digit Numbering Registration Deadline, CG Docket No. 03-123, WC Docket No. 05-196, Public Notice, DA 09-2261; 24 FCC Rcd 12877, October 21, 2009 (iTRS Numbering Implementation Public Notice). Because these were new requirements that would have a direct impact on consumer use of the IP Relay program, the iTRS Numbering Implementation Public Notice again directed each provider to handle calls from newly registered users immediately, even if the provider had not fully completed the process of verifying the caller's information, assigning the caller a new ten-digit number, and provisioning that number to the iTRS database. The iTRS Numbering Implementation Public Notice did not eliminate the requirement for providers to implement a reasonable process for verifying registration information provided by new users.

6. In April 2011, the Commission adopted several additional measures to combat IP Relay fraud and abuse, including a requirement for all TRS providers to submit to Commission-directed audits, a mandate for iTRS providers to retain, for five years, call detail records and other records supporting claims for payment, whistleblower protection rules for provider employees and contractors, and a requirement that a senior executive of a TRS provider certify, under penalty of perjury, to the validity of minutes and data submitted to the TRS Fund administrator. Structure and Practices of the Video Relay Service Program, CG Docket No. 10-51, Report and Order and Further Notice of Proposed Rulemaking, FCC 11-54; published at 76 FR 24393, May 2, 2011 and at 76 FR 24437, May 2, 2011 (VRS Fraud Order). The Commission followed these measures in July 2011 with the adoption of stricter certification rules for iTRS providers, authorization for on-site visits to the premises of applicants for iTRS certification and certified iTRS providers, revised notification requirements for providers to alert the Commission about substantive program changes, and a mandate for providers to certify, under penalty of perjury, as to the accuracy of their certification applications and their annual compliance filings to the Commission. See (iTRS Certification Order).

7. Notwithstanding the various measures noted above, concerns about the continued abuse of the IP Relay system prompted the Consumer & Governmental Affairs Bureau (Bureau) to issue a Refresh Public Notice on February 13, 2012, to refresh the record initiated by the 2006 FNPRM on matters pertaining to IP Relay misuse. Consumer & Governmental Affairs Bureau Seeks to Refresh the Record Regarding Misuse of Internet Protocol Relay Service, CG Docket Nos. 12-38 and 03-123, Public Notice, DA 12-208; published at 77 FR 11997, February 28, 2012 (Refresh Public Notice). Among other things, in the Refresh Public Notice, the Bureau expressed concern that current methods used by iTRS providers to verify registration and eligibility information submitted by IP Relay users may not be “reasonable” as required by the Commission's rules, and that the Commission “may need to impose additional and more specific requirements * * * to curb IP Relay misuse.”

8. Among the issues raised in the Refresh Public Notice was whether the Commission should continue its procedure adopted in iTRS Numbering Order II of requiring IP Relay providers to permit newly registered users to place calls prior to the completion of a provider's user verification process, given the potential for misuse of IP Relay by unverified registrants. The Commission now concludes that the record in this proceeding supports the elimination of that procedure. Further, given the record evidence, the Commission now prohibits granting such temporary authorization for any IP Relay calls other than emergency calls to 911 services.

9. Parties responding to the Refresh Public Notice overwhelmingly agree that allowing new users to make IP Relay calls pending the provider's verification of the user's registration information contributes significantly to the misuse of IP Relay. Under this procedure, commenters report, large numbers of fraudulent users have easy access to the IP Relay system for extended periods of time before verification is complete and access can be denied. As noted above, this is because in order to make IP Relay calls as a guest user, the user is given a ten-digit number that remains a valid number in the iTRS database until such time that the user's identifying information is authenticated or rejected. The Consumer Groups do not oppose ending temporary authorization for unverified IP Relay non-emergency callers, but advocate that the verification process should be completed within 72 hours.

10. The Commission concludes that a prohibition against temporary authorization of IP Relay users is now necessary in order to curb the fraud and abuse that has resulted from provider misuse of this procedure. Specifically, although there may have been some value in allowing unverified users to make calls for a short period of time during the Commission's transition to the IP Relay registration system, the Commission is concerned that reliance on the guest user procedure has resulted in abuse of the IP Relay program by unauthorized IP Relay users. In addition, the Commission is concerned that unverified users have remained in the iTRS numbering directory—and made repeated IP Relay calls—for extended periods of time, despite the obligation of IP Relay providers to institute procedures to verify the accuracy of registration information.

11. Moreover, any rationale for initially permitting temporary user authorization—i.e., to prevent the exclusion of users who were already using IP Relay service and were either unfamiliar with the Commission's new registration process or had not yet registered—is greatly diminished because considerable time has passed since the transition period for registering ended on November 12, 2009. Hamilton Relay, Inc. notes that the vast majority of legitimate users have already been registered, and the Commission is less concerned that legitimate users will be cut off from IP Relay service. At the same time, the Commission has significant concerns about the extent to which the IP Relay program has fallen prey to abuse. As noted above, IP Relay abuse has placed unnecessary costs on the TRS Fund and has resulted in businesses rejecting IP Relay calls from legitimate users. In weighing the Consumer Groups' interest in enabling legitimate new users to obtain reasonably prompt access to IP Relay Service against the record evidence of significant problems of misuse caused by the guest user procedure, the Commission believes that on balance, the clear and critical need to ensure the integrity of the IP Relay program by requiring that users are fully verified prior to receiving service outweighs any residual risk of harm from the temporary deferral of service to a small number of new legitimate users. With respect to the Consumer Groups' specific recommendation that the Commission eliminate the guest user procedure only if the Commission requires that the verification process be completed within 72 hours, the Commission believes that on balance, ensuring that users are fully and effectively verified is more critical to restoring the integrity of the IP Relay program than is placing a time limit on the verification process. The Commission also believes that without the option to register guest users, IP Relay providers will have a strong incentive to expeditiously complete their verification processes. Nevertheless, the Commission will continue to review the matter of timing as the Commission considers the adoption of more specific IP Relay verification requirements.

12. The prohibition against temporary authorization of IP Relay users that the Commission now adopts requires that until an IP Relay provider verifies a new IP Relay user in accordance with the Commission's standards as set forth in the Commission's rules and requirements, it will not be permitted to deem such user as “registered” for purposes of § 64.611(b) of the Commission's rules, and will be prohibited from: (1) Handling the user's IP Relay calls other than 911 emergency calls; (2) assigning the user a ten-digit number; or (3) provisioning such number to the iTRS Directory. The Commission further expects default providers to periodically review the ten-digit numbers that they place in the iTRS numbering directory, for the purpose of deleting numbers that have been assigned to users that ultimately are not “registered” or that are otherwise associated with fraudulent calling practices. Such actions will ensure that only verified users have active numbers and prevent ineligible users from using the services of other providers who are unaware of a default provider's ultimate decision to reject user authorization. The Commission's objective is to ensure that the IP Relay program serves only legitimate users. In addition, because there will be fewer calls from fraudulent callers, these actions will benefit legitimate users by reducing the incentive of recipients of IP Relay calls to reject these calls. The Commission notes that this is only one of a series of actions the Commission intends to take in this docket to curb IP Relay fraud and abuse. The Commission's overarching goal is to ensure that providers take the steps needed to curb IP Relay misuse, so that this service can remain a viable and valuable communication tool for Americans who need it.

Effective Date

13. The Administrative Procedure Act (APA) provides that a substantive rule cannot become effective earlier than 30 days after the required publication or service of the rule, except “as otherwise provided by the agency for good cause found and published with the rule.” 5 U.S.C. 553(d). See also 47 CFR 1.427(a). As discussed above, the record in this proceeding, including the comments filed by IP Relay providers, has demonstrated the prevalence of misuse of IP Relay and supports the immediate implementation of a measure—the elimination of temporary user authorization for non-emergency calls—that could substantially reduce such misuse. This measure should produce the immediate benefit of reducing payments for illegitimate minutes from the TRS Fund. The Commission further expects that its action will have a minimal adverse impact, if any, on the provision of IP Relay service to legitimate users, given the considerable time that has passed since the transition period for registering ended on November 12, 2009. Rather, the measure the Commission adopts will benefit such users by reducing the incentive of recipients of IP Relay calls to reject calls from legitimate users because there will be fewer calls from fraudulent callers. With respect to the technical feasibility of instituting this measure immediately, the Commission notes that at least one provider has stated from its perspective, that “a prohibition of `guest access' could be implemented on an immediate basis, while another has urged the Commission to `close the loophole immediately.' ” Accordingly, the Commission finds that good cause exists for making these measures effective immediately July 25, 2012.

14. In document FCC 12-71, the Commission takes action intended to immediately curb the misuse of IP Relay by prohibiting providers of IP Relay from providing service (other than handling emergency calls to 911 services) to new registrants until a new user's registration information is verified. It is the Commission's intention to adopt additional measures addressing misuse of IP Relay in future orders.

Final Regulatory Flexibility Analysis

15. As required by the Regulatory Flexibility Act (RFA), 5 U.S.C. 603, an Initial Regulatory Flexibility Analysis (IRFA) was incorporated in the 2006 FNPRM. The Commission sought comment on the proposal in the 2006 FNPRM, including comment on the IRFA, of the possible significant economic impact on small entities by the policies and rules proposed in the 2006 FNPRM. No comments were received on the IRFA. This Final Regulatory Flexibility Analysis (FRFA) conforms to the RFA. 5 U.S.C. 604.

16. Providers of TRS, mandated by Title IV of the Americans with Disabilities Act of 1990 (codified at 47 U.S.C. 225 of the Communications Act), relay telephone calls so that individuals who are deaf, hard of hearing, deaf-blind, or who have speech disabilities can engage in communication by wire or radio with other individuals in a manner that is functionally equivalent to the ability of hearing individuals who do not have speech disabilities to communicate using voice communication services by wire or radio. See 47 U.S.C. 225(a)(3). Because IP Relay Service offers consumers anonymity as the call is placed via the Internet, this service has become subject to abuse. Among other things, persons have been using IP Relay to purchase goods from merchants using stolen or fraudulent credit cards. Such misuse is harmful both to the merchant who is defrauded and to legitimate relay users who find that their relay calls are rejected by merchants. The Commission is also concerned that the rapid and steady increase in the size of the Interstate TRS Fund may in part be a result of such misuse of IP Relay.

17. The 2006 FNPRM sought comment on ways to prevent the misuse of IP Relay, including among other things, a requirement to register IP Relay users. In June 2008, the Commission adopted a mandatory system in which users of iTRS, including IP Relay, are assigned ten-digit telephone numbers linked to the North American Numbering Plan and iTRS users with disabilities are registered with their provider of choice (default provider). The Commission also required IP Relay providers to handle calls from a newly registered user immediately, even if the provider had not completed the process of verifying the caller's information.

18. In the Refresh Public Notice, the Commission sought comment on whether it should prohibit temporary authorization for a user to place IP Relay calls, other than emergency calls, while verification of the caller is taking place.

19. Document FCC 12-71 is intended to curb the misuse of IP Relay by prohibiting providers of IP Relay from handling non-emergency IP Relay calls for new registrants until their registration information is verified. The Commission's decision today helps ensure that the iTRS program provides the communication services intended by Congress in section 225 of the Communications Act, while eliminating fraud and abuse. No party filing comments in this proceeding responded to the IRFA, and no party filing comments in this proceeding otherwise argued that the policies and rules proposed in this proceeding would have a significant economic impact on a substantial number of small entities.

20. The RFA directs agencies to provide a description of, and where feasible, an estimate of the number of small entities that may be affected by the rules. 5 U.S.C. 604(a)(3). The RFA generally defines the term “small entity” as having the same meaning as the terms “small business,” “small organization,” and “small governmental jurisdiction.” 5 U.S.C. 601(6). In addition, the term “small business” has the same meaning as the term “small business concern” under the Small Business Act. 5 U.S.C. 601(3) (incorporating by reference the definition of “small business concern” in the Small Business Act, 15 U.S.C. 632). A small business concern is one which: (1) Is independently owned and operated; (2) is not dominant in its field of operation; and (3) satisfies any additional criteria established by the SBA. 15 U.S.C. 632.

21. As noted above, this document prohibits providers of IP Relay from providing service (other than handling emergency calls to 911) to new registrants until their registration information is verified. As a result, the Commission believes that the entities that may be affected by the proposed rules are only those TRS providers that offer IP Relay. Neither the Commission nor the SBA has developed a definition of “small entity” specifically directed toward IP Relay providers. The closest applicable size standard under the SBA rules is for Wired Telecommunications Carriers, for which the small business size standard is all such firms having 1,500 or fewer employees. 13 CFR 121.201, NAICS Code 517110 (2007). Currently, there are five TRS providers that are authorized by the Commission to offer IP Relay. One or two of these entities may be small businesses under the SBA size standard.

22. Document FCC 12-71 does not impose any new reporting or record keeping requirements. Although this document requires IP Relay providers to refuse IP Relay service to individuals who are not deemed qualified to receive IP Relay service, IP Relay providers are already required to refuse IP Relay service to unqualified individuals. While the new requirements expand the circumstances under which individuals are to be denied IP Relay service initially, they do not impose new compliance requirements on small entities.

23. The RFA requires an agency to describe any significant alternatives, specific to small businesses, that it has considered in reaching its proposed approach, which may include the following four alternatives (among others): “(1) The establishment of differing compliance or reporting requirements or timetables that take into account the resources available to small entities; (2) the clarification, consolidation, or simplification of compliance or reporting requirements under the rule for small entities; (3) the use of performance rather than design standards; and (4) an exemption from coverage of the rule, or any part thereof, for small entities.” 5 U.S.C. 603(c)(1)-(4).

24. The Commission considers the requirements adopted in this document as a means of achieving the public policy goals of ensuring that TRS can provide functionally equivalent communication access and preventing the misuse of IP Relay. As noted above, although the impact of this document will be for IP Relay providers to refuse IP Relay service to new IP relay users who are not qualified to receive IP Relay service, IP Relay providers are already required to refuse this service to unqualified individuals. Since the new requirements change the application of existing compliance requirements, but do not impose new compliance requirements on small entities, the Commission finds that it has minimized significant economic impact on small entities. The alternatives of either retaining the requirement that providers of IP Relay handle non-emergency IP Relay calls for new registrants prior to verification of registration information or permitting the handling of such calls at the election of the provider, would not curb the misuse of IP Relay by new registrants whose registration information—due to the preexisting guest user procedure—still requires verification.

25. The Commission notes that by reducing the misuse of IP Relay, these new requirements will lessen an adverse economic impact on small businesses. Specifically, the new requirements will protect many small businesses that may be affected by illegitimate IP Relay calls. For instance, small businesses are more vulnerable to illegitimate IP Relay calls involving fraudulent credit card purchases because they often are not aware that the credit cards are being illegally used or are not equipped to verify the credit card numbers. Because these new requirements will prevent unqualified individuals from placing IP Relay calls, these requirements will have the additional effect of reducing the incidence of credit card fraud.

26. There are no Federal rules that may duplicate, overlap, or conflict with the new rules.

Congressional Review Act

27. The Commission will send a copy of document FCC 12-71 in a report to be sent to Congress and the Government Accountability Office pursuant to the Congressional Review Act. 5 U.S.C. 801(a)(1)(A).

Ordering Clauses

28. Pursuant to sections 1, 4(i) and (j), 225, and 303(r) of the Communications Act of 1934, as amended, 47 U.S.C. 151, 154(i) and (j), 225, and 303(r), and § 1.427 of the Commission's rules, 47 CFR 1.427, document FCC 12-71 is adopted.