Well the DOJ just filed a MASSIVE civil action for TSR violations against VOIP carrier XCAST LABS, INC. and this is a really remarkable story.
As readers of TCPAWorld already know, the nation’s phone carriers are under tremendous–and wholly new–pressure to stop illegal and unwanted robocalls. While this seems fine, in theory, it is worth remembering that this is a drastic change from just 8 years ago when carriers were entirely without any form of liability for the traffic they carried. For old-timers–like me–this is a big shift and it takes a lot of getting used to.
In the New World Order, however, consumers use private label apps–like YouMail–who may detect fraud or receive reports of fraud or unwanted calls. YouMail will then tip off the Industry Traceback Group–the ITG–who will then investigate by reaching out to terminating carriers and working their way up the chain to find the source of the traffic. Carriers are now REQUIRED to respond to ITG requests by virtue of an FCC rule following the TRACED Act (previously ITG was an informal function of US Telecom.)
Once the carriers rat one another out information on the source of traffic is provided by the ITG to regulators–including the FTC and FCC–who may then issue a Civil Investigative Demand for records from the carrier. Again–subject only to appropriate objections– the carrier must produce these records under penalty of fines and contempt.
And once the records are produced to the FCC and FTC they may end up sent to the DOJ to pursue a civil case against the carrier.
We saw that once already this year with Stratics Network.
And now it just happened to XCast Labs, Inc.
Now make no mistake, carriers need to adjust. And if they are knowingly carrying illegal traffic they have no one but themselves to blame here. But in the Stratics case–much like the recent Phone Burner disaster–it was not clear to me that the carrier even knew illegal traffic was flowing over its network. And there is no basis to assert strict liability here. So these cases make me uneasy–especially since the carriers are essentially being compelled to produce records that incriminate them.
And I know these are civil penalties being sought–so the Fifth Amendment technically does not apply–except that it probably should, since violation of the TCPA may also carry criminal penalties.
The rules regarding Fifth Amendment protection in connection with business records are hazy as a summer day in Los Angeles, but this whole thing leaves me wondering– if an ITG ticket is going to result in a DOJ referral, shouldn’t lawyers be asserting privilege out of the gate? (not a criminal guy, but I know a constitutional problem when I see one.)
Anyhoo, here are the charging allegations from the new complaint–which you can read here–Xcast Complaint:
27. Since at least January 1, 2018, XCast has, through its VoIP services,
transmitted billions of illegal robocalls that sellers and telemarketers placed to
American consumers in violation of the TSR. Some of these calls marketed goods
and services with a history of deceptive sales practices, such as extended
28. Many of the illegal robocalls XCast has transmitted were fraudulent
telemarketing scams. They include, for example, robocalls falsely claiming
affiliations with government entities such as the Social Security Administration,
threatening to cut off a call recipient’s utility service unless they make immediate
payments, or claiming that a call recipient’s credit card has been charged and they
must act promptly to have the charge refunded.
29. XCast’s own records of the calls it transmits make clear that it has
transmitted huge numbers of illegal calls. XCast’s call data records (“CDRs”)
include information such as the exact date and time of a call, the calling number,
the called number, and the exact duration of the call. CDRs that XCast has
produced to the FTC of calls it transmitted for just three of its customers, for
example, reveal that nearly two billion of those calls were placed to numbers on
the National DNC Registry.
30. XCast’s CDRs are also rife with massive volumes of very shortduration calls, which are a distinct feature of fraudulent robocall campaigns. For
example, CDRs XCast produced to the FTC show an average call duration of only
about 6.5 seconds for nearly two billion calls that were placed to numbers on the
National DNC Registry, with the overwhelming majority of those calls lasting less
than ten seconds.
31. On scores of occasions dating back to at least December 2018,
USTelecom’s Industry Traceback Group (ITG), the official U.S. Federal
Communications Commission (FCC)-designated consortium of telephone and
broadband industry companies, has notified XCast that XCast routed and
transmitted suspected illegal robocall traffic on behalf of upstream carriers or endusers.
32. ITG notified XCast of these suspected illegal calls through
“Traceback Requests,” which are emails ITG sends to voice service providers
seeking assistance with identifying the source of suspicious traffic that the voice
service provider routed or transmitted.
I think the really key allegations are these, however:
34. ITG sent XCast over 100 Traceback Requests in 2020 and over 90
more in 2021. For dozens of these Traceback Requests, XCast served as either the
originator of the suspected robocall or the point-of-entry (i.e., the first service
provider within a call’s path to take an illegal robocall from a foreign service
Plus there’s this:
39. On January 29, 2020, the FTC sent warning letters to XCast and a
select group of other VoIP service providers to caution them that assisting and
facilitating illegal telemarketing or robocalling was against the law and inform
them of lawsuits the FTC and Department of Justice had brought against VoIP
providers for allegedly assisting and facilitating illegal robocalls. Despite this
warning that it could face liability for assisting and facilitating TSR violations,
XCast continued to transmit hundreds of millions of illegal telemarketing calls to
So, yeah, XCast was really way out in the wild here–at least that’s what the allegations suggest. Still though it is important to keep in mind that XCast did not actually MAKE any of the robocalls at issue. It is being sued–for billions of dollars in penalties it seems–by the DOJ for simply CARRYING bad traffic.
Take aways here:
- For carriers, obviously be mindful of traffic you are carrying and take ITG responses seriously;
- Carriers need to have strong KYC in placeand be auditing their traffic–formal policies and procedures recommended (Troutman Amin, LLP can help with this);
- Carriers must treat CIDs as seriously as a heart attack–counsel required;
- Callers need to recognize the pressure that carriers are under. This continues to lead to more call blocking and labeling;
- On that last piece, the carriers are absolutely out of control right now when it comes to blocking calls. REACH has asked the FCC to step in.
We’ll keep an eye on this.