Caller ID Spoofing Ban is Bad for Business

Caller ID is a great tool for managing business communications and improving productivity and efficiency. However, the way that some businesses employ caller ID may cross the line drawn by a new law–the Truth in Caller ID Act of 2010.

Caller ID is sort of like a precursor–albeit in reverse–to the broader concept of presence that forms the backbone of unified communications today. Caller ID puts control in the hands of the call recipient to determine the source of an incoming call and make a judgment regarding whether that call is something worthy of interrupting other ongoing tasks, or if it is something that can just go to voicemail.

The useful aspects of caller ID have been bastardized through malicious spoofing, though. Bill collectors, prank callers, and private investigators are a few of the abusers of caller ID technology. Your average person would screen or ignore a call from “Acme Collection Agency”, but would eagerly answer a call from their own mother.

Spoofing the caller ID information to appear to be from someone the recipient would want to speak to is an effective trick to lure people to answer the phone–which is why Congress felt compelled to act and pass the Truth in Caller ID Act of 2010.

The primary effect of the bill is summarized by “It shall be unlawful for any person within the United States, in connection with any real time voice communications service, regard less of the technology or network utilized, to cause any caller ID service to transmit misleading or inaccurate caller ID information, with the intent to defraud or deceive.”

The bill specifically allows individuals to block their own outbound caller ID information–enabling them to guard their own privacy by not sharing their home or mobile phone number with third parties. However, practices that have legitimate purposes, employed by some VoIP services–like Google Voice–and by some organizations to replace the actual caller ID information with an alternate number could be construed as violating this new law.

Congress was very careful to word the law so that it applies not only to traditional land lines, and VoIP networks, but to “any real time voice communications service, regardless of the technology or network utilized.” Basically, they don’t want to have to come back and make a new law just because some new voice communication technology emerges next year.

Calls used to have a more one-to-one relationship. But, with the ability now to automatically forward calls to any number, or to simultaneously ring multiple phones from one inbound phone number, it is more difficult to maintain consistent contact information.

Businesses have a vested interest in displaying the primary number for the business for all inbound and outbound calls regardless of whether those calls were placed from a desktop phone, a personal smartphone, or a software-based VoIP client on the PC.

Google Voice is similar. The very concept of Google Voice is to provide a single contact point–one phone number that can be shared with everyone, and that won’t change even if you move, switch jobs, or change wireless service providers. For both inbound and outbound calls, the other party should only see the Google Voice number regardless of which actual phone number the call ultimately connected to.

The caller ID law seems to place these legitimate uses of caller ID spoofing in a legal gray area. While they clearly violate the first part of directive by causing a caller ID service to transmit misleading or inaccurate caller ID information, it is debatable whether or not that activity has “the intent to defraud or deceive.”

Intent to defraud or deceive may be in the eye of the beholder. It seems reasonable to assume that legitimate redirection of caller ID information is outside of the scope Congress intended to target with this legislation. However, the wording of the law still leaves room for a disgruntled party to cry foul should they be so inclined.

Tony Bradley is co-author of Unified Communications for Dummies. He tweets as @Tony_BradleyPCW. You can follow him on his Facebook page, or contact him by email at [email protected].