Download: docx | pdf

Compliance with the Non-IP Call Authentication Solution Rules;

Robocall Mitigation Database (RMD)

SUPPORTING STATEMENT

This revised information collection is being submitted to obtain approval from the Office of Management and Budget (OMB) for new and revised information collection requirements due to two recent Federal Communications Commission (Commission or FCC) Orders, as explained below.

1. Justification

1. Circumstances that make the collection necessary. On December 30, 2019, Congress enacted the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act. The TRACED Act directs the Commission to require, no later than 18 months from enactment, all voice service providers to implement STIR/SHAKEN in the IP portions of their networks and implement an effective caller ID authentication framework in the non-IP portions of their networks. Among other provisions, the TRACED Act also directs the Commission to create extension and exemption mechanisms for voice service providers. To implement the TRACED Act’s provisions, the Commission adopted a Report and Order and Further Notice of Proposed Rulemaking on March 30, 2020 and a Second Report and Order on September 29, 2020. See Call Authentication Trust Anchor, Implementation of TRACED Act Section 6(a)—Knowledge of Customers by Entities with Access to Numbering Resources, WC Docket Nos. 17-97 and 20-67, Report and Order and Further Notice of Proposed Rulemaking, 35 FCC Rcd 3241 (Mar. 31, 2020) (Report and Order and Further Notice); Call Authentication Trust Anchor, WC Docket No. 17-97, Second Report and Order, 36 FCC Rcd 1859 (Sept. 30, 2020) (Second Report and Order).
   
   The Commission subsequently proposed and sought comment on imposing similar and additional obligations on gateway providers on September 30, 2021. See Advanced Methods to Target and Eliminate Unlawful Robocalls, Call Authentication Trust Anchor, WC Docket No. 17-97 et al., Fourth Further Notice of Proposed Rulemaking et al., 36 FCC Rcd 14971 (2021) (Fourth Further Notice et al.). On May 19, 2022, it adopted many of these proposed obligations for gateway providers, while also seeking comment on expanding these obligations and applying them to all providers, including intermediate providers other than gateway providers. Advanced Methods to Target and Eliminate Unlawful Robocalls, Call Authentication Trust Anchor, WC Docket No. 17-97 et al., Fifth Report and Order and Fifth Further Notice of Proposed Rulemaking et al., FCC 22-37 (adopted May 19, 2022) (Fifth Report and Order et al.). On March 16, 2023, the Commission adopted many of the obligations about which it sought comment in the Fifth Report and Order et al. See Call Authentication Trust Anchor, WC Docket No. 17-97, Sixth Report and Order and Further Notice of Proposed Rulemaking, FCC 23-18 (adopted March 16, 2023) (Sixth Report and Order et al.). On May 19, 2023, the Commission adopted its Seventh Report and Order, modifying some of these requirements. See Advanced Methods to Target and Eliminate Unlawful Robocalls, et al., WC Docket No. 17-97 et al., Seventh Report and Order et al., FCC 23-37 (adopted May 18, 2023) (Seventh Report and Order et al.).

The new requirements for which the Commission is seeking approval in this collection (3060-1285) described herein arise out of the actions it took in the Sixth Report and Order et al. and the Seventh Report and Order et al.

TRACED Act. Section 4(b)(1)(B) of the TRACED Act directs the Commission to require that providers of voice service, no later than June 30, 2021, take reasonable measures to implement an effective caller ID authentication framework in the non-IP portions of their networks. In the September 2020 Second Report and Order, adopting the proposal from the March 2020 Report and Order and Further Notice, the Commission interpreted this language to require that a voice service provider actively work to implement a caller ID authentication framework on the non-IP portions of its network, either by (1) upgrading its non-IP networks to IP so that the STIR/SHAKEN authentication framework may be implemented, or (2) by working to develop a non-IP authentication solution. To satisfy this latter option, a voice service provider would have to, upon request, provide the Commission documented proof that it is participating, either on its own or through a representative, as a member of a working group or consortium that is working to develop a non-IP solution, or actively testing such a solution.

Second Report and Order. Section 4(b)(5) of the TRACED Act requires the Commission to provide extensions of the June 30, 2021 implementation deadline to certain categories of providers. In the Second Report and Order, the Commission provided: (1) a two-year extension to small, including small rural, voice service providers; (2) an extension to voice service providers that cannot obtain a certificate due to the Governance Authority’s token access policy until such provider is able to obtain a certificate; (3) a one-year extension to services scheduled for section 214 discontinuance; and (4) an extension for the parts of a voice service provider’s network that rely on technology that cannot initiate, maintain, and terminate SIP calls until a solution for such calls is reasonably available. As required by section 4(b)(5)(C)(i) of the TRACED Act, the Commission further adopted rules that require those voice service providers that receive an extension to implement a robocall mitigation program to protect their customers on the parts of their networks not subject to protection from STIR/SHAKEN.

The Commission required that voice service providers file certifications with the Commission in the Robocall Mitigation Database (RMD), stating that: (i) the voice service provider has fully implemented the STIR/SHAKEN authentication framework across its entire network and all calls it originates are compliant with 47 CFR 64.6301(a)(1)-(2); (ii) the voice service provider has implemented the STIR/SHAKEN authentication framework on a portion of its network and calls it originates on that portion are compliant with paragraphs 47 CFR 64.6301(a)(1)-(2), and the remainder of the calls that originate on its network are subject to a robocall mitigation program; or (iii) the voice provider has not implemented the STIR/SHAKEN authentication framework on any portion of its network, and all of the calls that originate on its network are subject to a robocall mitigation program. Each voice service provider must also include in its filing: (i) the voice service provider’s business name(s) and primary address; (ii) other business names in use by the voice service provider; (iii) all business names previously used by the voice service provider; (iv) whether the voice service provider is a foreign voice service provider; and (v) the name, title, department, business address, telephone number, and email address of one person within the company responsible for addressing robocall mitigation-related issues. Voice service providers are required to update any of the data in the RMD within 10 business days of any change to the information filed. The certification must be signed by an officer of the voice service provider. Neither the Second Report and Order nor later Orders explicitly required voice service providers that lack control over the network infrastructure necessary to implement STIR/SHAKEN to file in the RMD.

The Second Report and Order further required that any voice service provider certifying all or part of its network is covered by a robocall mitigation program include in its certification: (i) identification of the type of extension or extensions the voice service provider received under 47 CFR 64.6304, if the voice service provider is not a foreign voice service provider; (ii) the specific reasonable steps the voice service provider has taken to avoid originating illegal robocall traffic as part of its robocall mitigation program; and (iii) a statement of the voice service provider’s commitment to respond fully and in a timely manner to all traceback requests from the Commission, law enforcement, and the industry traceback consortium, and to cooperate with such entities in investigating and stopping any illegal robocallers that use its service to originate calls.

Fifth Report and Order et al. The Fifth Report and Order et al. extended many of the foregoing voice service provider obligations to gateway providers and, in some cases, imposed additional requirements on gateway providers. For example, all gateway providers, not just those that have not yet fully implemented STIR/SHAKEN, are required to describe in the RMD the specific reasonable steps taken to avoid carrying or processing illegal robocalls. Pursuant to the rules adopted in the Fifth Report and Order, each gateway provider must either: (1) upgrade its non-IP networks to IP so that the STIR/SHAKEN authentication framework may be implemented, or (2) work to develop a non-IP authentication solution. To satisfy the latter option, a gateway provider must, upon request, provide the Commission documented proof that it is participating, either on its own or through a representative, as a member of a working group or consortium that is working to develop a non-IP solution, or actively testing such a solution. The Commission also clarified that voice service providers and gateway providers are required to submit all information in English or with a certified English translation.

Sixth Report and Order et al. and Seventh Report and Order et al. In summary, the Sixth Report and Order et al. extended RMD filing requirements to all voice service providers, regardless of whether a provider has implemented STIR/SHAKEN or whether it lacks control over the network infrastructure necessary to implement STIR/SHAKEN. It also extended these obligations to a new class of providers: non-gateway intermediate providers. It also required all voice service providers, gateway providers and intermediate providers, including those that had already submitted a mitigation plan and certification to the RMD, to provide additional information with their RMD filings. The Seventh Report and Order et al. also modified some of these RMD filing requirements.

Like the existing requirements for voice service providers and gateway providers, the Sixth Report and Order et al. required non-gateway intermediate providers to actively work to implement a caller ID authentication framework on the non-IP portions of their networks, either by: (1) upgrading their non-IP networks to IP so that the STIR/SHAKEN authentication framework may be implemented, or (2) by working to develop a non-IP authentication solution. Furthermore, to satisfy this latter option, a non-gateway intermediate provider would have to, upon request, provide the Commission documented proof that it is participating, either on its own or through a representative, as a member of a working group or consortium that is working to develop a non-IP solution, or actively testing such a solution.

Pursuant to these rules, all non-gateway intermediate providers must file a certification with the Commission describing whether it has fully, partially, or not implemented STIR/SHAKEN on its network. All non-gateway intermediate providers, regardless of whether they have fully implemented STIR/SHAKEN, must also certify in the RMD that all calls that it processes or carries are subject to a robocall mitigation program and describe the specific reasonable steps taken to mitigate illegal robocalls. The Sixth Report and Order et al. also imposes this same obligation on all voice service providers.

Each non-gateway intermediate provider, like other entities already obligated to file in the RMD, must also include in its certification baseline information previously required of other providers. Non-gateway intermediate providers, like other entities already obligated to file, are also required to update any data submitted to the RMD within 10 business days of any change to the information filed and certifications must be filed in English or with a certified English translation and signed by an officer of the non-gateway intermediateprovider.

The Sixth Report and Order et al. further required non-gateway intermediate providers to include in their certifications and robocall mitigation plans: (i) identification of the type of extension or extensions the provider received under 47 CFR 64.6304; (ii) the specific reasonable steps the provider has taken to avoid carrying or processing illegal robocall traffic as part of its robocall mitigation program, including any “know your upstream provider” processes in place; and (iii) a statement of the provider’s commitment to respond fully and in a timely manner to all traceback requests from the Commission, law enforcement, and the industry traceback consortium, and to cooperate with such entities in investigating and stopping any illegal robocallers that use its service to carry or process calls. The Seventh Report and Order et al. modified this new traceback response commitment requirement for non-gateway intermediate providers and the existing traceback response commitment requirement for voice service providers, requiring both classes of providers to commit to respond to traceback requests “fully and within 24 hours.”

The Sixth Report and Order et al. also required voice service providers, gateway providers and non-gateway intermediate providers to provide additional information to the RMD and delegated to the Wireline Competition Bureau the authority to specify the form and format of provider submissions to the RMD.

New requirements for which we are seeking OMB approval:

The new information collection requirements created under the newly adopted rules of the Sixth Report and Order et al. and Seventh Report and Order et al. are as follows:¹

• In order to comply with the requirement that a non-gateway intermediate provider has taken reasonable steps to implement an effective call authentication system in the non-IP portions of its network by December 31, 2023, it must either upgrade its network to IP, or maintain and be ready to provide the Commission upon request with documented proof that it is participating, either on its own or through a representative, including third party representatives, as a member of a working group, industry standards group, or consortium that is working to develop a non-Internet Protocol caller identification authentication solution, or actively testing such a solution.

• All non-gateway intermediate providers are required to submit a certification and robocall mitigation program description to the RMD. Like other providers, non-gateway intermediate providers must submit the following baseline information with their RMD certification: (1) whether it has fully, partially, or not implemented the STIR/SHAKEN authentication framework in the IP portions of its network; (2) the identification of the type of STIR/SHAKEN implementation extension or extensions received, if the non-gateway intermediate provider is not a foreign voice service provider, and the basis for the extension or extensions, (3) a statement that it will respond fully and within 24 hours to all traceback requests; (4) the provider’s business name(s) and primary address; (5) other business name(s) in use by the provider; (6) all business names previously used by the provider; (7) whether the provider is a foreign provider; and, (8) the name, title, department, business address, telephone number, and email address of one person within the company responsible for addressing robocall mitigation related issues. The certification must be signed by an officer of the company. Non-gateway intermediate providers must also submit a robocall mitigation plan that “describes with particularity” the “reasonable steps” taken to prevent the “carrying or processing” of illegal robocalls. Non-gateway intermediate providers, like other filers, must update any information submitted within 10 business days of “any change in the information” and submit the information in English or with a certified English translation.

• The obligation for voice service providers to file a certification and robocall mitigation plan in the RMD was expanded to include additional providers. All voice service providers, regardless of whether they have implemented STIR/SHAKEN or have a requirement to do so, must now submit a certification to the RMD and “describe with particularity” the specific “reasonable steps” being taken to avoid the origination of illegal robocalls. All voice service providers must also submit the baseline information described in the preceding paragraph, including a commitment that it will respond fully and within 24 hours to all traceback requests.

• All providers, including those that have already filed a certification or a certification and mitigation plan in the RMD and those newly required to do so, must now file the following additional information in their certifications and mitigation plans:

• First, (1) voice service providers must describe how they are meeting their obligation to take affirmative, effective measures to prevent new and renewing customers from originating illegal calls; (2) non-gateway intermediate providers and voice service providers must describe any “know-your-upstream provider” procedures in place designed to mitigate illegal robocalls; and (3) all providers must describe any call analytics systems they use to identify and block illegal traffic, including whether they use a third-party vendor or vendors and the name of the vendor(s). To comply with (1) and (2), providers must describe any contractual provisions with end-users or upstream providers designed to mitigate illegal robocalls.

• Second, providers must indicate whether they are: (1) a voice service provider with a STIR/SHAKEN implementation obligation serving end-users; (2) a voice service provider with a STIR/SHAKEN obligation acting as a wholesale provider originating calls; (3) a voice service provider without a STIR/SHAKEN obligation; (4) a non-gateway intermediate provider with a STIR/SHAKEN obligation; (5) a non-gateway intermediate provider without a STIR/SHAKEN obligation; (6) a gateway provider with a STIR/SHAKEN obligation; (7) a gateway provider without a STIR/SHAKEN obligation; and/or (8) a foreign provider. These requirements expand upon the existing baseline obligation described above requiring providers to indicate in their RMD filings whether they are a foreign provider, voice service provider, and/or gateway provider.

• Third, any provider asserting it does not have an obligation to implement STIR/SHAKEN because of an ongoing extension or because it lacks control over the network infrastructure necessary to implement STIR/SHAKEN must explicitly state the rule that exempts it from compliance and explain in detail why that exemption applies to the filer.

• Fourth, each provider must certify that it has not been prohibited from filing in the RMD pursuant to an applicable law enforcement action. Providers must also submit information regarding their principals, affiliates, subsidiaries, and parent companies in sufficient detail to facilitate the Commission’s ability to determine whether the provider has been prohibited from filing in the RMD.

• Fifth, each provider must: (1) state whether, at any time in the prior two years, the filing entity (and/or any entity for which the filing entity shares common ownership, management, directors, or control) has been the subject of a formal Commission, law enforcement, or regulatory agency action or investigation with accompanying findings of actual or suspected wrongdoing due to the filing entity transmitting, encouraging, assisting, or otherwise facilitating illegal robocalls or spoofing, or a deficient RMD certification or mitigation program description; and, if so (2) provide a description of any such action or investigation, including all law enforcement or regulatory agencies involved, the date that any action or investigation was commenced, the current status of the action or investigation, a summary of the findings of wrongdoing made in connection with the action or investigation, and whether any final determinations have been issued.

• Sixth, each provider must file an Operating Company Number if they have one.

Statutory authority for this information collection is contained in 47 U.S.C. §§ 227b, 251(e), and 227(e) of the Communications Act of 1934.

This information collection does not affect individuals or households; thus; there is no impact under the Privacy Act.

2. Use of information. The Commission will use the information to determine which voice service providers, gateway providers, and non-gateway intermediate providers: (1) satisfy the requirement that they take reasonable measures to implement an effective call authentication system in the non-IP portions of their networks; and (2) comply with the requirements of the RMD.

2. Technology collection techniques. First, regarding a request under section 64.6303(a), (b) and (c) for a provider to submit to the Commission documented proof that it is participating, either on its own or through a representative, including third party representatives, as a member of a working group, industry standards group, or consortium that is working to develop a non-Internet Protocol caller identification authentication solution, the applicable provider will respond to the Commission in the method specified in the Commission’s request. Second, all submissions to the RMD under section 64.6305 will be made electronically into a database set up specifically for this purpose.

2. Efforts to identify duplication. For each of these requirements, the information to be collected is unique to each provider, and there are no similar collection requirements.

2. Impact on small entities. The Commission worked to minimize the amount of information each certification will require.

2. Consequences if information is not collected. If this information is not collected from voice service providers, the Commission will be unable to meet its statutory obligations under the TRACED Act. If the information is not collected from gateway providers, significant foreign sources of illegal robocalls will continue to be able to reach and harm U.S. consumers. If this information is not collected from non-gateway intermediate providers, a critical gap will exist in the Commission’s rules and protections against illegal robocalls which could be exploited by bad actors.

2. Special circumstances. We do not foresee any special circumstances with this information collection.

2. Federal Register notice; efforts to consult with persons outside the Commission. A 60-day notice was published on June 29, 2023 [88 FR 42069]. The Commission did not receive any comments as a result of this notice.

2. Payments or gifts to respondents. The Commission does not anticipate providing any payment or gifts to respondents.

2. Assurances of confidentiality. The Commission will consider the potential confidentiality of any information submitted, particularly where public release of such information could raise security concerns (e.g., granular location information). Respondents may request materials or information submitted to the Commission or to the Administrator be withheld from public inspection under 47 C.F.R. § 0.459 of the Commission’s rules.

2. Questions of a sensitive nature. There are no questions of a sensitive nature with respect to the information collection described herein.

2. Estimates of the hour burden of the collection to respondents. The following represents the hour burden on the collection of information²:

1. Compliance with requirement under section 64.6303(a) that a voice service provider have documented proof that it is working towards a solution for non-IP caller ID authentication

1. Number of Respondents: Approximately 1,750 voice service providers.

2. Frequency of Response: Upon request by the Commission.

3. Total number of responses per respondent: 1.

4. Estimated time per response: 30 minutes (0.5 hours).

5. Total hour burden: 875 hours.

0.5 hours per response for per respondent for 1,750 voice service providers. Total annual hour burden is calculated as follows:

1,750 respondents x 1 response per respondent = 1,750 responses x 0.5 hours = 875 total hours.

6. Total estimate of in-house cost to respondents: $53,226 (875 hours x $60.83/hr.).

7. Explanation of calculation: We estimate that each voice service provider will take, on average, 0.5 hours per response. We estimate that respondents use mid- to senior-level personnel to comply with the requirements comparable in pay to the Federal Government, approximately $60.83 per hour (equivalent to a GS-13, step 5 federal employee).

1,750 (number of respondents) x 0.5 (hours to prepare response) x 1 (responses per respondent) x $60.83/hr. = $53,226.

2. Compliance with requirement under section 64.6303(b) that a gateway provider have documented proof that it is working towards a solution for non-IP caller ID authentication

1. Number of Respondents: Approximately 225 gateway providers.

2. Frequency of Response: Upon request by the Commission.

3. Total number of responses per respondent: 1.

4. Estimated time per response: 30 minutes (0.5 hours).

5. Total hour burden: 113 hours.

0.5 hours per response for per respondent for 225 gateway providers. Total annual hour burden is calculated as follows:

225 respondents x 1 response per respondent = 225 responses x 0.5 hours = 113 total hours.

6. Total estimate of in-house cost to respondents: $6,874 (113 hours x $60.83/hr.).

7. Explanation of calculation: We estimate that each voice service provider will take, on average, 0.5 hours per response. We estimate that respondents use mid- to senior-level personnel to comply with the requirements comparable in pay to the Federal Government, approximately $60.83 per hour (equivalent to a GS-13, step 5 federal employee).

225 (number of respondents) x 0.5 (hours to prepare response) x 1 (responses per respondent) x $60.83/hr. = $6,874.³

3. Compliance with requirement under section 64.6303(c) that a domestic non- gateway intermediate provider have documented proof that it is working towards a solution for non-IP caller ID authentication

1. Number of Respondents: Approximately 550 domestic non-gateway intermediate providers.

2. Frequency of Response: Upon request by the Commission.

3. Total number of responses per respondent: 1.

4. Estimated time per response: 30 minutes (0.5 hours).

5. Total hour burden: 275 hours.

0.5 hours per response for per respondent for 550 domestic non-gateway intermediate providers. Total annual hour burden is calculated as follows:

550 respondents x 1 response per respondent = 550 responses x 0.5 hours = 275 total hours.

6. Total estimate of in-house cost to respondents: $16,728 (275 hours x $60.83).

7. Explanation of calculation: We estimate that each provider will take, on average, 0.5 hours per response. We estimate that respondents use mid- to senior-level personnel to comply with the requirements comparable in pay to the Federal Government, approximately $60.83 per hour (equivalent to a GS-13, step 5 federal employee).

550 (number of respondents) x 0.5 (hours to prepare response) x 1 (responses per respondent) x $60.83/hr. = $16,728.

4. Voice Service Provider RMD requirement under section 64.6305(d))

1. Number of Respondents: Approximately 9,500 voice service providers.

2. Frequency of Response: One-time reporting requirement, and on the occasion that information in the RMD is updated.

3. Total number of responses per respondent: 1.

4. Estimated time per response: 3 hours for providers that must expand upon already submitted filings, and 6 hours for providers that must file in the RMD for the first time.

5. Total hour burden: 34,500 total hours.

For providers that must expand upon already submitted filings: 3 hours per response for 1 response per respondent for 7,500 voice service providers. For providers that must file in the RMD for the first time: 6 hours per response for 1 response per respondent for 2,000 voice service providers.

Total annual hour burden is calculated as follows:

For providers that must expand upon already submitted filings: 7,500 respondents x 1 response per respondent = 7,500 responses x 3 hours = 22,500 total hours.

For providers that must file in the RMD for the first time: 2,000 respondents x 1 response per respondent = 2,000 responses x 6 hours = 12,000 total hours.

For all respondents: 22,500 hours + 12,000 total hours = 34,500 total hours.

6. Total estimate of in-house cost to respondents: $2,098,635 (34,500 hours x $60.83/hr.).

7. Explanation of calculation: We estimate that each voice service provider will take, on average, 3 hours per response in those instances where they are expanding upon previously submitted filings and 6 hours per response in those instances where they are filing in the RMD for the first time. We estimate that respondents use mid- to senior-level personnel to comply with the requirements comparable in pay to the Federal Government, approximately $60.83 per hour (equivalent to a GS-13, step 5 federal employee).

For providers that must expand upon already submitted filings: 7,500 (number of respondents) x 3 (hours to prepare response) x 1 (responses per respondent) x $60.83/hr. = $1,368,675.

For providers that are filing in the RMD for the first time: 2,000 (number of respondents) x 6 (hours to prepare response) x 1 (responses per respondent) x $60.83 = $729,960.

Total cost: $2,098,635 = $1,368,675 + $729,960

5. Gateway Provider RMD requirement under section 64.6305(e)

1. Number of Respondents: Approximately 225 gateway providers that will be required to update already submitted filings in the RMD.

2. Frequency of Response: One-time reporting requirement, and on the occasion that information in the RMD is updated.

3. Total number of responses per respondent: 1.

4. Estimated time per response: 3 hours.

5. Total hour burden: 675 hours.

3 hours per response for 1 response per respondent for 225 gateway providers. Total annual hour burden is calculated as follows:

175 respondents x 1 response per respondent = 225 responses x 3 hours = 675 total hours.

6. Total estimate of in-house cost to respondents: $41,060 (675 hours x $60.83/hr.).

7. Explanation of calculation: We estimate that each gateway provider will take, on average, 3 hours per response. We estimate that respondents use mid- to senior-level personnel to comply with the requirements comparable in pay to the Federal Government, approximately $60.83 per hour (equivalent to a GS-13, step 5 federal employee).

225 (number of respondents) x 3 (hours to prepare response) x 1 (responses per respondent) x $ $60.83/hr. = $41,060.

6. Non-Gateway Intermediate Provider RMD requirement under section 64.6305(f).

1. Number of Respondents: Approximately 550 domestic non-gateway intermediate providers.

2. Frequency of Response: One-time reporting requirement, and on the occasion that information in the RMD is updated.

3. Total number of responses per respondent: 1.

4. Estimated time per response: While they were under no obligation to do so, approximately 25 non-gateway intermediate providers already filed in the RMD. We estimate 3 hours for these non-gateway intermediate providers to expand upon already submitted filings. We estimate 6 hours for the approximately 525 non-gateway intermediate providers that are filing in the RMD for the first time.

5. Total hour burden: 3,225 hours.

For providers that must expand upon already submitted filings: 3 hours per response for 1 response per respondent for 25 non-gateway intermediate providers. For non-gateway intermediate providers that are filing in the RMD for the first time: 6 hours per response for 1 response per respondent for 525 non-gateway intermediate providers.

For providers that must expand upon already submitted filings: 25 respondents x 1 response per respondent = 25 responses x 3 hours = 75 total hours.

For providers that are filing in the RMD for the first time: 525 x 1 response per respondent = 525 x 6 hours = 3,150 total hours.

For all respondents: 75 hours + 3,150 hours = 3,225 total hours

6. Total estimate of in-house cost to respondents: $196,177 (3,225 hours x $60.83/hr.).

7. Explanation of calculation: We estimate that each non-gateway intermediate provider will take, on average, 3 hours in those instances where they are expanding upon previously submitted filings and 6 hours per response in those instances where they are filing in the RMD for the first time. We estimate that respondents use mid- to senior-level personnel to comply with the requirements comparable in pay to the Federal Government, approximately $60.83 per hour (equivalent to a GS-13, step 5 federal employee).

For providers that must expand upon already submitted filings: 25 (number of respondents) x 3 (hours to prepare response) x 1 (responses per respondent) x $60.83/hr. = $4,562.

For providers that are filing in the RMD for the first time: 525 (number of respondents) x 6 (hours to prepare response) x 1 (responses per respondent) x 60.83/hr. = $191,615.

Total cost: $4,562 + $191,615) = $196,177.

Total Number of Respondents: 1,750 + 225 + 550 + 9,500 + 225 + 550 = 12,800 unique respondents

Total Number of Responses: 1,750 + 225 + 550 + 9,500 + 225 + 550 =12,800 responses

Total Hourly Burden: 875 + 113 + 275 + 34,500 + 675 + 3,225 = 39,663 burden hours

Total In-House Costs to Respondents: $2,412,700

2. Estimates for the cost burden of the collection to respondents. The Commission believes that voice service providers and gateway providers have sufficient “in-house” staff to address all the information collection requirements using their “in-house” personnel rather than having to contract out this requirement. Thus:

(a) Total annualized capital/startup costs: $0.00

(b) Total annualized costs (O&M): $0.00

(c) Total annualized cost requested: $0.00

2. Estimates of the cost burden to the Commission.

1. Compliance with requirement under section 64.6303(a) that a voice service provider have documented proof that it is working towards a solution for non-IP caller ID authentication

Costs to the Commission will potentially be $60.83 (GS-13, step 5 federal employee) x .5 hrs. (to request documented proof from voice service providers) x 1,750 voice service providers = $53,226.

2. Compliance with requirement under section 64.6303(b) that a gateway provider have documented proof that it is working towards a solution for non-IP caller ID authentication

Costs to the Commission will potentially be $60.83 (GS-13, step 5 federal employee) x .5 hrs. (to request documented proof from voice service providers) x 225 gateway providers = $6,843.

3. Compliance with requirement under section 64.6303(c) that a non-gateway intermediate provider have documented proof that it is working towards a solution for non-IP caller ID authentication

Costs to the Commission will potentially be $60.83 (GS-13, step 5 federal employee) x .5 hrs. (to request documented proof from voice service providers) x 550 non-gateway intermediate providers = $16,728.

4. Non-Gateway Intermediate Provider RMD filing requirement under section 64.6305(f) and expansion of existing RMD filing requirements on voice service providers (section 64.6305(d) and gateway providers (section 64.6305(e)).

Cost to the Commission estimated to be $60.83 (GS-13, step 5 federal employee) x 480 hrs. (to modify the RMD to account for new non-gateway intermediate provider filings and the new obligations on voice service providers and gateway providers) x 3 employees = $87,595.

Total Cost to the Federal Government: $53,226 + $6,843 + $16,728 + $87,595 = $164,392

2. Program changes or adjustments. The Commission is reporting program changes and adjustments in this revised information collection.

The Commission is reporting program changes due to the Sixth Report and Order et al., and Seventh Report and Order et al. The total number of respondents and annual responses increased by 3,100 (from 8,970 to 12,070 respondents) and the total annual burden hours increased by 15,500 hours (from 20,503 to 36,003 hours).

The Commission is also reporting adjustments to this information collection which are due to the Commission re-evaluating in the previous figures used in this collection to better reflect experience in administering the collection. For these adjustments, the total number of respondents and annual responses increased by 730 (from 12,070 to 12,800), and total annual burden hours increased by 3,660 (from 36,003 to 39,663).

Together, this resulted in increases to the total number of respondents/total annual responses of + 3,830 and to the total annual burden hours of + 19,160.

2. Collections of information whose results will be published. The filings that providers submit into the RMD will be published to the public on that database. At this time, the Commission does not plan to publish to the public a provider’s response to a request for documented proof that they are taking reasonable measures to implement a non-IP caller ID authentication solution.

2. Display of expiration date for OMB approval of information collection. There is no paper form associated with this information collection; it will be collected electronically through the Electronic Comment Filing System (ECFS), the RMD, or another electronic method. OMB control numbers and expiration dates for the Commission’s information collection requirements assigned by OMB pursuant to the Paperwork Reduction Act of 1995, Public Law 104–13 can be found at https://www.reginfo.gov/public/do/PRAMain. See 47 CFR § 0.408.

2. Exceptions to certification for Paperwork Reduction Act submissions. There are no exceptions to the Certification Statement.

2. Collections of Information Employing Statistical Methods:

No statistical methods are employed.

File Type	application/vnd.openxmlformats-officedocument.wordprocessingml.document
Author	Jordan Marie Reth
File Modified	0000-00-00
File Created	2023-12-12