FCC Will No Longer Issue Warnings

/in , /by

On May 1, the FCC adopted an Order ending its practice of warning most robocallers before issuing penalties for violating the law and for harassing consumers with unwanted robocalls. Such warnings were previously required by law until the TRACED Act was enacted in December 2019.

Specifically, under the prior statutory requirement, the FCC had to issue robocallers that did not otherwise fall within its jurisdiction warnings—formally called citations—related to their alleged violations of the Telephone Consumer Protection Act (by, for example, robocalling cell phones without prior consumer consent) before the agency was able to move forward with an enforcement action. In addition, prior to the TRACED Act, any fine the FCC proposed for TCPA violations by robocallers could be based on violations that occurred only after the warning had been issued. While caller ID spoofing violations—namely, the use of spoofing to scam consumers—did not require warnings, the act of illegal robocalling by these scammers did.

In addition, the FCC action extends the statute of limitations during which robocallers can be fined for TCPA and for spoofing violations. Until now, the FCC had either one or two years, respectively, from the day a violation took place to propose a fine, and only the violations that took place within that timeframe could be included when calculating the proposed forfeiture. With this change, the FCC has four years to propose a fine for spoofing and intentional robocall violations. The Order also increases the maximum fines for intentional robocall violations.

“Robocall scam operators don’t need a warning these days to know what they are doing is illegal, and this FCC has long disliked the statutory requirement to grant them mulligans,” said FCC Chairman Ajit Pai. “We have taken unprecedented action against spoofing violations in recent years and removing this outdated ‘warning’ requirement will help us speed up enforcement to protect consumers. With strong enforcement and policy changes like mandating STIR/SHAKEN caller ID authentication and authorizing robocall blocking, we are making real progress in our fight against fraudsters.”

UL Seeks Feedback on Revised Guidelines

/in , /by

On March 16th, in response to a request from TMA, UL published a statement on Monitoring Station Certifications and continued operations as communities work to contain the impact of COVID-19. An initial set of guidelines for virtual workplaces was included for stations considering at-home operators as part of their contingency planning.

Since then, it’s become clear that health risk mitigation measures will likely be required for longer than any of us had anticipated. UL now seeks feedback  from industry stakeholders that rely on UL Certifications as part of their own risk management programs to review the updated Guideline revisions, which are intended to better define virtual workplace security measures.

Review the revised draft of Virtual Workplace Guidelines that incorporate these initial suggestions. Because this version of the Guidelines is more technically specific than the original, UL would welcome industry feedback prior to publication.

Please send any input you may have directly to Steve Schmit, Senior Staff Engineer, UL.

Steve will also discuss the revised Guidelines and UL’s direction in the COVID environment during TMA’s Virtual Town Hall on Monday, April 20th.

ESA, SIA & TMA Urge Public Safety Leaders to Consider Importance of Electronic Security, Fire, Life Safety & Monitoring Services

/in , /by

The Electronic Security and Life Safety Industry Associations call on state leadership to ensure that essential emergency services are not suspended or impacted by the COVID-19 crisis.

The Electronic Security Association (ESA), Security Industry Association (SIA), and The Monitoring Association (TMA) have partnered to circulate a letter drawing state public safety leaders’ attention to the essential emergency services provided by electronic security, fire, life safety and monitoring companies and ensure that those who depend on them are not adversely impacted during the evolving situation with the COVID-19 pandemic.

The letter, which has already garnered more than 450 signatures from industry CEOs, company owners and leaders, highlights the critical functions of alarm response centers for monitoring, saving first responder resources, alerting businesses to potential break-ins or troubles, monitoring and notifying customers of health emergencies, following industry standard best practices and more.

The letter’s two requests for state leaders are to:

  1. Ensure that government policy reflects that companies providing essential emergency services and field service and dispatch remain operational
  2. Provide an exemption for electronic security, monitoring and life safety services as essential services in any shelter-in-place, quarantine or similar order

[Note: TMA is continuing to collect signatures from executives at firms in the security industry. To add your firm to the letter, please provide your information online. If you have any other questions, email TMA Executive Director Celia T. Besore at ceo@tma.us and affirm your consent to sign.]

DOWNLOAD

Urgent News From UL for Monitoring Centers

/in , , /by

UL Statement on Certifications to the US Alarm Monitoring Industry

As developments around the coronavirus COVID-19 continue to evolve, UL has been asked how health risk mitigation techniques might impact Alarm Service Certifications, especially those that involve quarantine, social distancing, work from home, and similar.

At UL, our driving mission is to help create safe living and working conditions for all of our constituencies. This value shapes our Standards and program policies. The emergence of the COVID-19 virus presents a new challenge, but by working together, we can find ways forward.

As in the past, after natural disasters such as hurricane Katrina, superstorm Sandy and others, actions taken to maintain monitoring operations may temporarily be out of sync with the current language of UL827, Central Station Services. In emergency situations like these, know that UL’s primary concern is for the health and safety of your staff and customers. If circumstances prevent you from complying with the written requirements of the Standard for staffing a station, we simply ask that for now, you document your station’s alternate procedure and when it went into/out of practice.

UL is working with industry to develop reasonable guidelines and alternative operating methods for scenarios such as the current COVID-19 outbreak. An initial draft is attached to this statement and will be updated as improvements are identified. These guidelines will eventually form the basis of revisions to UL827 to address pandemic-type scenarios better.

Please note that for US based stations monitoring National Industrial Security System accounts, any deviations from UL827 language need to be discussed with and approved by the relevant US federal security agency with jurisdiction.

UL’s current understanding is that due to the high risk nature of these systems, many Federal Security Agencies will not approve of monitoring outside a UL Certified Central Station operating room. If such monitoring is not available, it is likely defense contractors will have to react in the manner prescribed by the applicable security manual for instances where monitoring is not available or not employed.

At this time, we encourage monitoring stations to make contingency plans for operating in environments where operators are not able to physically come together to monitor signals in a central station operating room. There is a meaningful risk that the rapid spread of COVID-19 could trigger governmental movement and assemble recommendations/controls that would preclude normal station operation.

If you have questions or concerns, please contact Steve Schmit, steven.a.schmit@ul.com, 847-420-8032

In the current COVID-19 mitigation environment, central stations may be challenged to operate in strict compliance with UL Standards. UL expects that stations will make every reasonable effort to exercise options available in UL standards. However, in cases where delivering ongoing monitoring services requires alternate procedures, we request that stations document those procedures and be prepared to share them with UL if/when necessary as a basis for maintaining their UL Certification.

As a last resort, some stations may be considering use of home based operators to process signals. Based on input from industry, UL recommends considering the following guidelines.
Note – For US based stations monitoring National Industrial Security System accounts, any deviations from UL827 language need to be discussed with and approved by the relevant US federal security agency with jurisdiction.

UL’s current understanding is that many Federal Security Agencies will not approve of monitoring outside a UL Certified Central Station operating room. If such monitoring is not available, it is likely defense contractors will have to react in the manner prescribed by the applicable security manual for instances where monitoring is not available or not employed.

VIRTUAL WORKPLACE GUIDELINES

These guidelines are designed to provide procedural guidance to operators who perform job duties at alternative work sites, most specifically at home offices. The virtual work arrangement requires remote operators to be self-motivated and work well with minimal supervision. The following guidelines apply to the virtual environment:

  • Virtual workplace operators should be provided with a computer. Home/personal computers shall not be used.
  • Connections between virtual workplace computers and central station automation systems shall be made through a secure, encrypted virtual private network (VPN)
  • Internet speed may be affected by others in a home using the same internet. This may require an virtual workplace operators to suspend use of the internet by other individuals in the home.
  • Multifactor authentication should be required every 24 hours.
  • When not on shift, computer should be in shutdown and put in a secure place. This is to prevent any damage of theft of the computer.
  • When processing alarms the computer should be setup as not to allow others to view the monitoring screen or any other information.
  • When walking away from computer while on shift lock the screen so others cannot gain access to the monitoring window.
  • Virtual workplace operators are expected to have an appropriate workspace that is suitably designated for work and segregated in order to eliminate distraction and noise.
  • Due to the nature of virtual work arrangement, operators may not provide primary care for a child or dependent during the on duty hours except in the case of an emergency. The focus of an operator’s core working hours must remain on job performance and meeting business demands.
  • Virtual workplace operators are advised not to release their home address and telephone number to non-employees of the company.

Download PDFs:

  1. COVID-19 Statement & Guidelines for the Alarm Monitoring Industry in US
  2. COVID-19 Statement & Guidelines for the Alarm Monitoring Industry in Canada

Coronavirus Response Toolkit – U.S. Chamber of Commerce

/in , /by

The U.S. Chamber has compiled CDC’s coronavirus recommendations for businesses and workers across the country. American businesses are encouraged to follow data-based guidance from the CDC and state and local officials. Visit the link below to find a shareable graphics based on the CDC’s latest guidance for businesses and employees. Share these assets on social media, websites, and other channels, and send them to your colleagues and employees. 

ACCESS THE TOOLKIT

TMA Posts Pandemic Preparedness Resources for Members

/in , /by

The Center for Disease Control (CDC) is now urging businesses to begin planning for what may evolve into a pandemic, as the Coronavirus Disease 2019 (COVID-19) evolves in the United States.

To assist member companies and others in planning for the protection of their business, employees, and customers, TMA has compiled and posted several resources and posted them to our website.  

To stay up-to-date on COVID-19, please visit the CDC website often.

FCC Concludes Sharing of Consumers’ Real-Time Location Data Violates Federal Law

/in , , /by

After an extended investigation, the FCC Enforcement Bureau has concluded that at least one wireless carrier apparently violated U.S. law by improperly disclosing consumers’ location data.

FCC Chairman Ajit Pai announced the agency’s conclusion in a January 31 letter to Congress. While the letter did not identify any carriers by name, it confirmed that one or more Notice(s) of Apparent Liability for Forfeiture would be issued in the coming days in connection with the apparent violation(s). 

“I am committed to ensuring that all entities subject to our jurisdiction comply with the Communications Act and the FCC’s rules, including those that protect consumers’ sensitive information, such as real-time location data,” said Chairman Pai.

The security of consumers’ real-time location data is an issue that gained widespread attention in 2018 after press reports revealed that carriers including T-Mobile, Sprint and AT&T were selling phone geolocation services to outside companies.  While it is common knowledge that law enforcement agencies can track phones with a warrant to service providers or through the use of IMSI catchers (also known as “Stingrays”), what

journalists found was that data made available to asset tracking and other legitimate enterprise location service providers was being resold to a host of different private industries, ranging from car salesmen and property managers to bail bondsmen and bounty hunters, with little or no oversight.  Compounding this already highly unscrupulous business practice, this data was then being leaked and/or resold to black market data brokers. An investigation by Senator Ron Wyden (D-Ore.) into the commercial relationships between Verizon and a pair of obscure data vendors found that one of Verizon’s indirect corporate customers, a prison phone company called Securus, had used Verizon’s customer location data in a system that effectively let correctional officers spy on millions of Americans.

Shortly after the reports surfaced, Verizon, AT&T and Sprint announced that they would no longer share customers’ location data with third-party companies who failed to adequately protect the data. The FCC took up the matter in early 2019 after FCC Commissioner Jessica Rosenworcel sent letters to major phone companies to confirm whether they lived up to their commitments to end these location aggregation services.

Commissioner Rosenworcel criticized the agency for its delay in taking enforcement action in a written statement..

“For more than a year, the FCC was silent after news reports alerted us that for just a few hundred dollars, shady middlemen could sell your location within a few hundred meters based on your wireless phone data. It’s chilling to consider what a black market could do with this data. It puts the safety and privacy of every American with a wireless phone at risk.

Today this agency finally announced that this was a violation of the law. Millions and millions of Americans use a wireless device every day and didn’t sign up for or consent to this surveillance. It’s a shame that it took so long for the FCC to reach a conclusion that was so obvious.”

While the focus of this violation investigation is on provision of location information to third party aggregators, one can wonder whether the FCC’s crackdown will cause the cellular carriers to be more difficult to deal with on the new direct provision arrangement we understand alarm companies have worked out for location info.

Experienced Call Blocking? Tell us!

/in , /by

The FCC is seeking comment on any call blocking issues experienced by consumers, including central station alarm companies, in connection with the implementation and effectiveness of carrier opt-in and opt-out call blocking services.  Previously, we informed you that the FCC clarified in 2019 that carriers may block calls to consumers based on analytics, without the customer’s up-front consent, as long as customers can opt-out of such blocking.  We are aware that a number of carriers, including AT&T, Verizon and T-Mobile, are providing opt-out and/or opt-in call blocking to their customers and in some cases, calls from a central station have been blocked or mislabeled as fraud. 

We seek to provide information to the FCC concerning any issues alarm companies have experienced in connection with call blocking with the goal of ensuring that calls from central stations responding to an alarm are not blocked or mislabeled.  Accordingly, if calls made by your central station in response to an alarm to either the customer or the PSAP have been blocked or mislabeled, we ask that you send such information to us no later than February 12, 2020 to allow us to present this information to the FCC.

Contact:

Celia T. Besore
Executive Director, TMA
ceo@tma.us

UL Releases Statement Addressing Industry Concerns

/in , , /by

In a statement from UL:

UL’s public mission is to promote safer working and living environments for all people. We make every effort to confirm that UL-certified products meet stringent safety requirements, including opening a Product Incident Report for any issue that comes to our attention.

Consistent with our usual policies regarding product safety matters, when UL received the alarm system claims, UL immediately opened a Product Incident Report and began an investigation.

During such investigations, certification documentation is reviewed, products are often re-tested, and if any issues are found, UL works with the product manufacturer to resolve the issues. In some instances, a public notice may be issued.

Based on the investigation completed thus far, no safety issues have been identified. The investigation is still ongoing.

UL sees no imminent hazard despite the assertions currently in the market. The current standards address reasonably foreseeable hazards, faults or misuse not intentional disablement of a life safety device. Those making claims have their own commercial interest in driving concern. The requirements being suggested around attack by fire and/or malicious intrusion are currently not mandated by the applicable standards or code. New suggested requirements could be brought to the attention of the Standard Technical Panel. Those making claims are part of the STP and have not brought suggested revisions to the STP’s attention to-date.

D.C. Circuit Court Upholds Most of 2017 Net Neutrality Order; Vacates State Preemption

/in , /by

On October 1, the United States Court of Appeals for the District of Columbia Circuit issued its per curiam decision on the appeal of the FCC’s 2017 net neutrality order, also known as the Restoring Internet Freedom Order. Although the court upheld the Order in large part, it vacated part and remanded part back to the FCC to address three issues in which it found the Order inadequate: “(1) The Order failed to examine the implications of its decisions for public safety; (2) the Order does not sufficiently explain what reclassification will mean for regulation of pole attachments; and (3) the agency did not adequately address Petitioners’ concerns about the effects of broadband reclassification on the Lifeline Program.” The court vacated that part of the Order pre-empting any state or local requirement that “would effectively impose rules or requirements that [the FCC] repealed or decided to refrain from imposing in this order or that would impose more stringent requirements for any aspect of broadband service that [the FCC] address[ed] in this order.”

The court upheld the FCC’s decisions to restore the classification of broadband Internet access service as a less regulated “information service;” reinstate the private mobile service classification of mobile broadband Internet access service; eliminate the Internet Conduct Standard and the Bright Line Rules; and adopt enhanced transparency requirements that mandated ISPs to disclose information about their practices to consumers, entrepreneurs, and the FCC.

Chairman Pai, alongside Commissioners O’Rielly and Carr, were pleased with the court’s decision to uphold the majority of the Order. Chairman Pai said, “Today’s decision is a victory for consumers, broadband deployment, and the free and open Internet. The court affirmed the FCC’s decision to repeal 1930s utility-style regulation of the Internet imposed by the prior Administration.” Commissioner O’Rielly said, “It is heartening to see a court get most of the decision correct. … At the same time, vacating the preemption provisions seems to misread precedent and ignores the technology’s structure, which cannot be segmented into intrastate portions. Inevitably, this will lead to Commission case-by-case preemption efforts and more litigation.” Commissioner Carr said, “Today’s decision is a big win for a free and open Internet and for U.S. leadership in 5G.”

Commissioners Rosenworcel said, “Today’s court decision vacates the FCC’s unlawful effort to block states and localities from protecting an open internet for their citizens. From small towns to big cities, from state houses to governors’ executive actions, states and localities have been stepping in because the FCC shirked its duties. In addition, the court took the agency to task for disregarding its duty to consider how its decision threatens public safety, Lifeline service, and broadband infrastructure.”

Commissioner Starks said, “Above all else, today’s decision breathes new life into the fight for an open internet. It confirms that states can continue to step into the void left by this FCC. To that end, it is a validation of those states that have already sought to protect consumers, and a challenge to those that haven’t yet acted to think hard about how to protect their citizens.”