Time for my usual comment. No, it's not difficult. Every Telco knows where the call comes from and where it's routed to. Sure, the end-user doesn't necessarily know the origin, but there's regulation that would trivially solve this. "For each spam report, you're responsible unless you point out where you got the call from" if enforced would sort out the problem almost immediately.

Telco can't say how the call happened? Fine them. Telco can't sort out their spammy customer? Fine them. "Oh, but international calls!" - they can drop the spammy international peer - the US is large enough that nobody serious would risk getting disconnected.

First, telcos are not permitted to refuse calls from other telcos unless they receive permission from the FCC. This is what it means to be a "common carrier," an old regulatory regime intended to prevent larger telcos using carriage as a negotiating tool over small telcos. The internet has this problem to a degree, which has lead to years of conflict over "net neutrality." Part of the new regulatory regime intended to address spam calls is that the FCC now regularly grants such permission when they determine that a particular telco is failing to uphold its obligations.

Second, telcos do not necessarily know the origin of calls. Virtually all spam/scam calls originate from the internet via a VoIP gateway. There are numerous VoIP gateways, they often obtain their traffic from yet other VoIP gateways, and they often introduce traffic into the US PSTN through a foreign telco. At each of these steps, the origin of the call is usually lost. Telephone circuits are always established in the "forward" direction and there is no need for reverse routing information, so historically it was never provided. At the extreme, some calls are introduced into the TDM telephone system by boxes with multiple SIM cards that relay calls from IP to a cellular carrier (this is not very common in the US because cellular carriers aggressively monitor for it, but it's very common in for example Africa---where this method is often used to carry legitimate traffic at a cost savings!). All of this means that tracing the origin of calls can be surprisingly complex, which is why USTelecom (an industry association) funds a consortium to perform tracing for the FCC.

The underlying reason is simple: nothing in the telephone system requires calls to identify their origin. There are two (and in many cases more) different concepts of "originating number" on a telephone call, CID and ANI, and neither are required or even expected to correspond to the origin point of the call. The purpose of STIR/SHAKEN is to introduce such a requirement for the first time, standardizing a header (in the case of VoIP) or SS7 message (in the case of TDM) that declares the carrier with which a call originated. This will vastly simplify tracing and blocking of calls from problematic carriers, which is the motivation behind the mandatory rollout that is currently in progress. One of the broader goals of the STIR/SHAKEN program is to introduce a degree of liability at all points in the process, as every carrier is responsible for ensuring appropriate attestations on calls they hand off to customers. This seems to be having a positive impact, although as with most spam mitigation efforts, it does have the downside of making it more expensive and complex to get access to the telephone network, mostly to the financial advantage of Twilio.

> telcos are not permitted to refuse calls from other telcos unless they receive permission from the FCC

Yes, that's exactly the part that could've been changed long time ago to solve this problem. That's what I'm describing.

> telcos do not necessarily know the origin of calls. Virtually all spam/scam calls originate from the internet via a VoIP gateway

They know the next hop though. Knowing the ultimate origin doesn't matter. You can iterate until a) you find the origin, or b) you find someone who doesn't keep records - in either case, they're the problem to deal with. It doesn't matter that someone uses a VoIP gateway - now it should be the gateway operator's problem to point out the origin or pay up.

I worked at a VoIP provider. We had full records already available for billing purposes. This is why I'm so angry about this every time it comes up, all this technical talk is true and completely irrelevant. Let FCC fine the first entity in chain which cannot say "we got it from X", or "we got it internationally, here's the fine payment from our side, they've been warned/disconnected".

The shaken/stir provided a small tool which avoids addressing the actual issue. It's a fun tool which would make the above slightly easier - but doesn't actually enable it.

Well, it’s not quite that simple- especially for an end user. I don’t have the ability to trace it- and even if I did most of the scam calls I get these days are from overseas voip providers. So I have to invest a lot of time to get to a U.S. based business that benefits from the calls. Even then, the tcpa may not allow you to collect (some state laws do)

It is difficult enough that there is a full on coalition dedicated to this (the trace back working group that’s mentioned by the fcc in this order)

You don't have to trace it yourself. The simple solution is: a online portal, you report a spam call to your number with time and origin as you see it, your telco is required to act on that, FCC or someone else gets to audit and assign fines. From there it would be each telco's responsibility to do the same from their end.

Trivial for the user, and likely apps would be created to automate it. As I mentioned, international VoIP providers are not an issue if you make it a local telco problem: whether they forward the cost of the fines, drop the peer, or pay the fine themselves. Any serious telco abroad will solve the outbound spam to the US rather than get dropped.

Change the law so that telcos are on the hook for fines if they can't identify who the call came from.

Just like you have to pay a speeding ticket if you lend your car to someone and don't tell the police who was driving.