Slashdot Mirror
Mississippi Makes Caller ID Spoofing Illegal
marklyon writes "HB 872, recently signed into law by Mississippi Governor Haley Barbour, makes Caller ID spoofing illegal. The law covers alterations to the caller's name, telephone number, or name and telephone number that is shown to a recipient of a call or otherwise presented to the network. The law applies to PSTN, wireless and VoIP calls. Penalties for each violation can be up to $1,000 and one year in jail. Blocking of caller identification information is still permitted."
There shouldn’t need to be a law for this, though. Telcos should enforce it on their own.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
This should be a federal law.
Athiesm is a religion like not collecting stamps is a hobby.
If I spoofed my caller ID, how would they ever know without wiretapping me, or doing something else illegal? How would anyone ever get caught? This law seems unenforceable.
If our elected representatives no longer represent us, do we still live in a Democracy?
Ding ding ding, we have a winner!
More stupid politicians makings laws about things they do not understand.
I bet they did not even know the difference between CLID and ANI.
How would enforcing a rule such as this enable telcos to make more money? I imagine that some of their larger customers are spoofers. And telcos are corporations. All corporations are inherently sociopathic, lacking in empathy, remorse, guilt, or any sense of right and wrong outside of "more money is right, less money is wrong."
If someone should do something, and they don't, we make a law to force them to.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
In fact, let's just do away with prisons and sentence people to serve time in automated rape machines. Who cares about cruel or unusual punishment, these guys are spoofing telephone numbers!
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Telemarketers will call from another state and use a PSTN gateway in yet another state/country. All this does is move telemarketing jobs out of a state that badly needs any jobs it can get.
Ding ding ding, we have a winner!
More stupid politicians makings laws about things they do not understand.
I bet they did not even know the difference between CLID and ANI.
Everyone should know the difference between the CLID and the ANI. The CLID is in the front and the ANI is in the back.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
How would enforcing a rule such as this enable telcos to make more money?
It pollutes the feature? At what point is it no longer worth getting caller ID, because the numbers are not reliable enough to be worth paying to have it...
But yeah, you have a point. The telcos really don’t have much incentive to prevent spoofing when their larger customers are doing it.
However, here’s my take, and why it still doesn’t need to be illegal IMHO. The companies who spoof are generally doing stuff that should be illegal anyway, right? That’s why they want to hide their identity. So as I see it, if we could crack down on them for those actions, spoofing wouldn’t be the big-business issue it currently is. Then, the primary spoofers would just be pranksters, and the telcos would have good reason to prevent it again.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
I think not, as the law is pretty clear about requiring
...THE INTENT TO DECEIVE, DEFRAUD OR MISLEAD;
and since your Google Voice number is still a number belonging to you, I doubt it would be a crime to use it as your caller id.
Ask Slashdot: Where bad ideas meet poor googling skills.
They could just force ANI and drop CID, so it's not an issue.
Except one can spoof ANI as well. On purely digital networks, you have to tell the system what number you are calling from, since it wouldn't otherwise know. Some carriers enforce a rule that your outgoing CID and ANI must be a number which you own, but not all do. If you have multiple carriers, they really can't do this effectively, since they don't know what numbers you terminate.
Plus toll free numbers aren't really on the same level as regular ones, since they are ALL redirected via the SMS 800 system to do all sorts of things, including routing based on time of day and originating location. They can also be forwarded to a "local" number or numbers, but they don't have to. Basically, all you could enforce from this law is to make sure people don't set CID to a number which is obviously not theirs, but finding who they really are is hard. I've called by phone company wanting to get call log info and they claim they don't even save it for other than outgoing long distance calls.
I don't know, but it works for me.
All corporations are inherently sociopathic, lacking in empathy, remorse, guilt...
A corporation pays my salary, so they can't be all bad.
They only pay you because slavery is illegal. Doing the right thing because you have no choice doesn't count when good karma is being totted up.
How? Seriously, how the hell would they enforce it? Companies use caller ID spoofing all the time! Look when an agent at your bank calls you from their call center. Does their phone number show up? Nope, its the 800 number, that you can call back the company on. Isn't that the same as spoofing? I mean, technically, its the exact same steps in the PBX to do it maliciously or not.
Then, you might have one call center in one region have a nice fat pipe coming in from ATT, a second call center handled by Verizon, but your 800 number is handled by sprint over in California. So how would ATT or verizon enforce the "spoofing rule" without having any knowledge or control over your 800 number?
What are we going to do tonight Brain?
You really need to read the law: "however, when a person making an authorized call on behalf of another person inserts the name, telephone number or name and telephone number of the person on whose behalf the call is being made, such information shall not be deemed false information."
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
Small question but ... what happens when all the people you know implement your philosophy? How do call somebody back when they have a policy of never picking up the phone?
If libertarians are so opposed to effective government, why don't they all move to Somalia?
If they decided it would be worth more money for them to grind you up and feed you to pigs, they would.
Right now you are bringing in more money than they are paying you. Hence your employment. If that wasn't the case you wouldn't be there. And if the penalty for murder was less steep, the odds of getting caught smaller, and if there was a pig food shortage - you'd be screwed.
Read up on the tobacco industry for current examples of what I'm talking about. They kill about half a million people in the United States every year, and all for profit. Money.
It should come as no surprise when a company does something less evil than that for money. The bar is set pretty high. So allowing people to spoof caller ID for cash? Mere child's play.
OP was exactly right about corporations being sociopaths. It's probably one of the most insightful things I've ever seen on /.
Weaselmancer
rediculous.
The difference between ANI and CLID is that CLID is what gets displayed to people when their phone rings. That is where this issue begins and ends. If I go to the bank and take out a loan using stolen identity, it is illegal because the stolen identity is what I am displaying to the bank. The fact I might be carrying other, legitimate pieces of ID in my pocket is irrelevant, because I am trying to pass off false credentials as my own during the business transaction in question.
If libertarians are so opposed to effective government, why don't they all move to Somalia?
Anon is correct. CallerID between telco does not support name. All you enter on your side is the number. The telco charges for the number-to-name entry, so if the name is incorrect, it's incorrect in the telco's database. Also, every time you see an 800 number in caller ID entry, it's false. You can't dial out on 800 lines. Whoever it is calling with 800 on their caller ID is actually calling from some other circuit.
It is obviously good... I am somewhat surprised to see this from my home state.
How does anyone ever enforce anything? You punish those you catch doing it wrong, of course.
Further if the displayed number is one of your own, I don't see this as 'spoofing' at all. Read the law, I guess and see if they agree.
"Most people's cell phones don't actually do caller-id. They merely cross-reference the number from your contacts list."
Hate to be pedantic here, but I do work in telecommunications. Pretty much every cellphone on the US market supports Caller ID Number, but not the Caller ID Name. If they didn't support Caller ID Number, then there would be no way to cross-reference the number to a name in your contact list.
Another side note is that Caller ID Name is not something supported in all locations or all countries - even other industrialized nations.
If a telco customer can't rely on the telco for providing the proper information that the customer is paying for, then they will lose the customer to a telco who will.
Uh, you do realize that it's not the answerer's telco that's spoofing the caller ID right? If a caller on AT&T spoofs his caller ID and I'm on Verizon, is Verizon supposed to use their psychic powers to figure out the correct ID?
If people actually followed your logic, Verizon would intentionally spoof the caller ID of every call from its network to a competitor in hopes that everyone drops their competing phone companies. Of course, AT&T would do the same to calls to Verizon, and so on. This is an improvement?
If I have been able to see further than others, it is because I bought a pair of binoculars.
I'm sure a good slave works out much better value for money in the long run...
Think of this feature as a form of NAT for phone lines.
It's more like the "From:" or "Reply-To:" headers of an email message: it indicates where you want follow-ups to go to.
http://outcampaign.org/
However, here’s my take, and why it still doesn’t need to be illegal IMHO. The companies who spoof are generally doing stuff that should be illegal anyway, right?
No they aren't. For example my company spoofs so that patients who hit *87 or return the call go to a number where their calls will get handled rather than some internal number that might just be an outgoing only line.
Any customer with a phone switch or PBX is now in violation of this law.
RTFL. It's very short. Quoting it:
2(d) "False information" means data that misrepresents the identity of the caller to the recipient of a call or to the network itself; however, when a person making an authorized call on behalf of another person inserts the name, telephone number or name and telephone number of the person on whose behalf the call is being made, such information shall not be deemed false information.
and also:
3(1) A person may not enter or cause to be entered false information into a telephone caller identification system with the intent to deceive, defraud or mislead the recipient of a call.
(2) A person may not place a call knowing that false information was entered into the telephone caller identification system with the intent to deceive, defraud or mislead the recipient of the call.
So it's "with intent". I don't see anything wrong with the law as it stands.
http://outcampaign.org/
I "spoof". I purchase my incoming and outgoing service separately and from different vendors. I use different caller ID identification based on whom I am calling (one number for personal calls, another for business calls). They are both numbers that belong to me but there is no particular connection between that number and the "line" I am using to place the call.
I also forward calls from certain people to my mobile phone when I am not at my desk. In that case I am effectively placing a call to my mobile number, spoofing the CID to be that of the original caller, so I can see whether I want to answer it.
I would be very sad if I could no longer do these things, as they make my life a lot easier.
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
The bill includes intent. Unless one is trying to deceive or defraud your customer, there is no violation.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
That's not spoofing, it's trunking.
IMAGE VERIFICATION IS EVIL!
For example my company spoofs so that patients who hit *87 or return the call go to a number where their calls will get handled rather than some internal number that might just be an outgoing only line.
That’s a different situation, and I’m not even sure it’s considered “spoofing” or done in the same way.
If the caller ID says who you are (your name) and gives a number at which you can be reached, that’s acceptable – if you are a representative of a certain company, the caller ID can show the company name & line, not your personal extension. That’s not fraudulent and therefore not illegal according to this law.
In any case, the telco knows you’re doing it... and yes, the telco knows the fraudster spoofers are doing it too. They just can claim immunity if they don’t know about the (other) illegal actions of their customers... even when they probably know full well what’s going on.
Making the spoofing illegal is a way to pin the telcos and force them to reveal who the fraudsters are, but I’d prefer a solution without adding new things to the list of stuff that’s illegal.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Free as in speech, or free as in beer?
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.