CallerID Spoofing to be Made Illegal

MadJo writes "US Congress has just approved a bill that will make it illegal to spoof CallerID. From the bill: 'The amount of the forfeiture penalty (...) shall not exceed $10,000 for each violation, or 3 times that amount for each day of a continuing violation, except that the amount assessed for any continuing violation shall not exceed a total of $1,000,000 for any single act or failure to act.'"

Interesting

[Travoltus]

That's a law that should be more proactive than reactive.

How about an additional law that makes telephone companies responsible for allowing caller ID spoofing to happen?

Or is that too difficult to prevent?

Re:Interesting

[pete-classic]

Allowing subscriber lines to set caller ID data is a feature, not a bug.

-Peter

Upside-down.

[node 3]

Leave it to Slashdot to predictably label fraud as a "feature" and laws designed to prevent it "nannystate".

Re:Upside-down.

[aztektum]

That's the damn thing. Last I checked we already had laws against fraud. So why make a law specifically towards something like this? I can understand the disabilities act, but really, go after spoofers for fraud and if the penalty isn't high enough ADJUST the penalty for fraud across the board. We're making every damn little thing a frickin' crime in this country anymore.

Re:Upside-down.

[SpaceLifeForm]

The reason they make a law like this is to
limit the liability. It's a fixed amount.

That is the number one reason laws have no teeth,
they have fixed monetary penalties, that are
really no penalty to big business. They are
just a cost of doing business to the business.

Re:

[Opportunist]

That's why fines in some countries are not set at a specific sum (at least when it comes to amounts > 100 bucks), but rather to "day rates". A day rate is what the person or organisation found guilty earns per day. This is, in case of a person, 1/360th of your annual income (or revenue in case of a company).

So you see in our laws things like a fine of "up to 90 day rates" or "up to 360 day rates" rather than any specific amount. Usually the equivalent prison sentence is exactly the amount of day rates (i

Re:Upside-down.

[node 3]

Last I checked we already had laws against fraud. So why make a law specifically towards something like this?

Because one size does not fit all.

Should impersonating a police officer, identity theft, false advertising and passing fake checks all have the same punishment? These are all, at the base, fraud. Could they even reasonably fit under one singular law?

We're making every damn little thing a frickin' crime in this country anymore.

Here's the thing, the general term "fraud" is not illegal. Only specific forms of fraud. For example, claiming you can bench 200 lbs when you can barely press half that is not illegal. So, instead of just making "fraud" illegal, laws target specific types, and they *define* those specific types. Caller ID spoofing probably doesn't fall into any existing category of fraud, so this form of fraud can be presently engaged in with impunity.

So what choices are there? Basically, they are to expand an existing law to cover Caller ID spoofing, create a new law, or ignore it altogether. Ergo this story.

Re:

[aztektum]

I have a hard time accepting the solution should be Congress essentially hard coding every variable into do's and do not's with no incentive to review it down the road.

Especially when it comes to legislating technology, which it is incredibly obvious they know jack shit about. As someone else has pointed out there some legit, albeit probably minor, uses of ID spoofing. It also pointed out this could be fix by lazy corporations not being so lazy and building a proper system. Whatever I guess. More laws+more

Re:

[shaitand]

'claiming you can bench 200 lbs when you can barely press half that is not illegal'

Yup, and its not fraud. Lying and fraud are NOT synonymous. A Fraud is a deception deliberately practiced in order to secure unfair or unlawful gain. Deception in and of itself is neither fraud nor illegal.

'Should impersonating a police officer, identity theft, false advertising and passing fake checks all have the same punishment?'

Ummm... yes? Of course some of those things would be done for the purpose of accomplishing othe

Re:Upside-down.

[node 3]

Yup, and its not fraud. Lying and fraud are NOT synonymous.

Yes, they are. You can't stop at the first definition in your dictionary. Fraud does not require financial gain as a component (even if it's usually the case, and is part of the first definition in your dictionary).

Ummm... yes?

Impersonating a cop gives you power over others you don't deserve. That's a very different crime than stealing someone's identity, or committing bank fraud, which are financial, and those two have very different effects on two very different targets. If you think these should all be equally punished, you are a sociopath.

You claim that the secondary crime should be the differentiator. I say merely *impersonating* a cop should be illegal, not just as some generic "fraud", but because it's an attempt to gain general power one doesn't have the right to, even if no other crime is committed. Merely stealing an identity, even if you don't commit any other crime, should be illegal, and have a different punishment, and writing a bad check should be illegal as well, etc.

In any case, any law which makes a tool illegal rather than bad actions performed with the tool is a bad law.

Then you have no problem whatsoever with your neighbor (not necessarily your existing neighbor, but any neighbor you may ever have, by choice or not) owning a nuclear bomb? Sarin gas? Or someone keeping dynamite in an apartment building?

The fact is, some tools *should* be illegal or severely restricted. Your sentiment goes too far, it goes from cases where it's true (in general, outlawing a tool *is* foolish), and applies it too broadly (to say outlawing a tool is *always* bad).

That's because caller id spoofing ISN'T fraud it is a harmless deception. If you use that deception to illicit an unfair gain then you have committed fraud and would have committed a criminal act without this law.

Are you certain of that? Laws are specific things (they have to be), and if Caller ID spoofing does not fall under a current law, then it *won't* necessarily be illegal, even if it is fraud (the money kind you seem to think is the only kind).

For example, calls pretending to be from the DNC, which are really from the RNC (this happened during the 2004 election, although I do not know if Caller ID spoofing was involved) had nothing to do, directly (i.e., legally) with money, and instead had to do with political influence.

Is that harmless?

Re:

[Si]

Yup, and its not fraud. Lying and fraud are NOT synonymous.

Yes, they are. You can't stop at the first definition in your dictionary. Fraud does not require financial gain as a component (even if it's usually the case, and is part of the first definition in your dictionary).

But just maybe the dictionary does not define the law. Try a legal dictionary.

Ummm... yes?

Impersonating a cop gives you power over others you don't deserve. That's a very different crime than stealing someone's identity, or committing bank fraud, which are financial, and those two have very different effects on two very different targets. If you think these should all be equally punished, you are a sociopath.

So strippers who dress as cops have power over others they don't deserve? Be careful of blanket statements, for they make you look more of a fool than you clearly are.

You claim that the secondary crime should be the differentiator. I say merely *impersonating* a cop should be illegal, not just as some generic "fraud", but because it's an attempt to gain general power one doesn't have the right to, even if no other crime is committed. Merely stealing an identity, even if you don't commit any other crime, should be illegal, and have a different punishment, and writing a bad check should be illegal as well, etc.

the secondary crime *is* the crime.

In any case, any law which makes a tool illegal rather than bad actions performed with the tool is a bad law.

Then you have no problem whatsoever with your neighbor (not necessarily your existing neighbor, but any neighbor you may ever have, by choice or not) owning a nuclear bomb? Sarin gas? Or someone keeping dynamite in an apartment building?

To make such statements again shows your foolishness. To outlaw the possession of dynamite in a residential area is quite different from outlawing the ownership of dynamite.

The fact is, some tools *should* be illegal or severely restricted. Your sentiment goes too far, it goes from cases where it's true (in general, outlawing a tool *is* foolish), and applies it too broadly (to say outlawing a tool is *always* bad).

Outlawing a tool *is* always bad - tools exist to help

Re:

[shaitand]

'Asterisk does a great job of keeping unwanted calls off my home line, but to work best it needs valid callerID info.'

I'm sorry but there is no justification for creating a new law and a new class of crime so that your Asterisk system will work.

That said, I think there might be merit in requiring telemarketers, pollsters, and collection agencies to use valid callerid information. I don't support it for other commercial agencies though, some may not take incoming calls at all.

That actually touches on me pers

Re:

[oGMo]

Leave it to someone who doesn't know what they're talking about to determine what should be considered "fraud". Do you implement the evil bit [faqs.org]? I hear it's supposed to prevent hackers and fraud and all that...

Re:

[node 3]

Leave it to someone who doesn't know what they're talking about to determine what should be considered "fraud".

Hrm... And how did you come to this conclusion?

Do you implement the evil bit? I hear it's supposed to prevent hackers and fraud and all that...

Pathetic.

Your post is all baseless ad hominem, and no fact.

Re:Interesting

[smartr]

If slashdot's comments and moderation can be abused, how is that a bug? Some features are inherently prone to different forms of abuse, and there is no magical way to completely solve the problem without removing the feature. I do not have faith in the idea that features can always have a perfect solution. If there was not a mistake in how something should function, it is not a bug. One could make improvements to make abuses harder, but this would be an improvement on the system - not a bug fix.

Re:Interesting

[Grendel70]

Feature: (n) - A bug with seniority.

NannyState?

[Sneakernets]

This isn't "NannyState" at all, this is an attempt at stopping scammers and other slimeballs from taking advantage of people.

Re:

[Brian Gordon]

NannyState is when the government overregulates something that's really none of its business. Like privately-owned telecommunications companies.

Re:

[AusIV]

NannyState is when the government overregulates something that's really none of its business. Like privately-owned telecommunications companies.

I'm no fan of over-regulation, but I was glad to see this one pass. Lot's of people are completely unaware that caller ID even can be spoofed. If they got a call that appeared to be from someone at their bank, they'd give their account number to get some issue straightened out.

Aside from prank phone calls, the only use for Caller ID spoofing is fraud, which is de

Re:

[MoxFulder]

I'm no fan of over-regulation, but I was glad to see this one pass. Lot's of people are completely unaware that caller ID even can be spoofed. If they got a call that appeared to be from someone at their bank, they'd give their account number to get some issue straightened out.

Aside from prank phone calls, the only use for Caller ID spoofing is fraud, which is definitely a government issue.

And the way to fix this is... to lull people into a false sense of security by convincing them that the government can effectively curb these abuses???

I think laws that supposedly provide security by making something illegal, without an effective mechanism for enforcement, are dangerous and waste well-meaning people's time. For example, take the crazy post-9/11 prohibitions on bringing various things on airplanes. Well... I can get my shampoo bottle in my carry-on through security 9 times out of 10, but

Re:

[Rakishi]

Oh then what is a nanny state, let's see now by your logic none of these are bad as they perform a social good:
-Banning smoking is there to keep people from being subjected to a dangerous substance
-Same for banning junk food.
-Same for banning any violent media, for psychological reasons to prevent people from becoming murderers.
-Banning term such as master/slaveon hard drives is there to prevent social discrimination, unconsciously, of certain groups or causing said group to be subjected to mental anguish.
-

Re:

[MillionthMonkey]

What does any of this stuff have to do with maintenance of laws against wire fraud?

Re:

[Rakishi]

If you justify something as not being a nanny state law or as being a good law even simply because it prevents something bad from happening (in some cases, when idiots are involved, when reality ceases to exist, in the words of the law proponents or in any such way) then all of those are either not nanny state laws or good laws.

Re:

[MillionthMonkey]

Sorry I'm having trouble understanding your triple-and-a-half negative. You seem to be saying that laws against fraud (for example) are "nanny state laws" because they prevent fraud from happening and fraud is bad. OR you're arguing the exact opposite, that laws against fraud are NOT nanny state laws because they can be justified on the basis that they prevent fraud...?

This "nanny state" crap was never more than a propagandistic talking point based on a linguistic mind game anyway, so all this really boils

Does this mean...

[Ub3rT3Rr0R1St]

Does this mean I won't be able to call my ex girlfriend up at 3am with a phone number she doesn't recognize, and proceed to breathe heavily into the phone?

But seriously, I think it's a good idea. They've closed the door to many a tele-scammer. Hopefully now all those geriatrics who get their social security card stolen will have a little more security.

Re:

[timmarhy]

so how does this make anyone any safer? all it does is up the penalty not prevent the crime. people always delude themselfs that high penalties will prevent crimes, even though the truth slaps them in the face everyday - people commit crimes thinking they won't get caught, hence the penalty doesn't matter.

Re:Does this mean...

[Harmonious Botch]

Does this mean I won't be able to call my ex girlfriend up at 3am with a phone number she doesn't recognize, and proceed to breathe heavily into the phone?

We gotcha covered. Post her number and the friendly folks here at slashdot will do it for you.

Re:

[Actually, I do RTFA]

212-555-1212. Thanks guys

To those not aware, it's New York City's information number. Before tons of people wrack up toll charges and yell at me because they thought they might hear a woman's voice and got all excited. Actually, this is slashdot, so maybe the robotic woman's voice at the other end does something for people out there.

Re:

[kypper]

I expected 212-867-5309

Granted, that chick has got to be really old by now....

Re:Does this mean...

[prockcore]

Nah, the real number is 202-456-1414 her name is Laura.

Re:Does this mean...

[cerberusss]

Don't call this number, everyone! It's not his ex-girlfriend, it's his mother!

Simple question

[TubeSteak]

When the police/people see the incoming phone records, will it show the spoofed number or the real number?

Re:Simple question

[Dun Malg]

When the police/people see the incoming phone records, will it show the spoofed number or the real number?

Police and the phone company use the ANI system (Automatic Number Identification). This is the system that tracks your billing. You do not have any say in what this system records as far as Name, Number, etc. Caller ID is a separate and unrelated system. Caller ID information is usually set by the originating switch--- essentially the point where the call turns from analog to digital. If you get all your lines piped into your office via a T1, then you are in control of the device that sets the Caller ID name and number and can set it whatever you like.

Re:

[Rob T Firefly]

Police and the phone company use the ANI system (Automatic Number Identification). This is the system that tracks your billing. You do not have any say in what this system records as far as Name, Number, etc.

Unless, of course, you spoof that as well. [google.com]

3 times a day

[sxeraverx]

So...If they get caught 3 times in one day, they can do it as much as they want that day? And...If they get caught 100 times, they can do it all they want forever? Fun.

How will they enforce this?

[mark-t]

If the ID has been spoofed, they might be able to know after the fact that it was spoofed, but how do they find out what it really was if it was spoofed in the first place?

Re:

[Anonymous Coward]

There are several services out there that will do this real-time before you even answer the call. Like PDXUSA, they compare the ANI with the ID of the carrier originating the call, and the CID to see if they are consistent, then the CID display on your phone will indicate the CID, the ANI, and indicate if the CID is legit or not.

A campaign

[ringokamens]

There's a campaign going on at Binary Freedom right now that some of you may be interested in.
http://binaryfreedom.info/node/163 [binaryfreedom.info]
Basically, there are several arguments against this law

1. It doesn't do anything
Criminals will still make calls and spoof, so it won't stop fraud. Police can already track down spoofers with the same amount of non-spoofers who are using their phones for illegal purposes.

2. It costs money
We're gonna have to spend money to catch spoofers.

3. Jurisdiction
If the phone companies want to stop spoofing, they should design a secure system instead of relying on the congressional police

4. Privacy
It strips privacy that is gained by spoofing.

5. Legitimate use
It has legitimate uses such as for telecommuters who want the name when they make business calls to be the company's. Or how about a business that has several people using one phone line? They might want the sales associate's name to appear, which would be done through spoofing.

Fact of the matter is, this gains us nothing. If I can write a fake name on a letter and mail it, why can't I do the same with my phone?

Re:

[timmarhy]

actually genius you cant, it's called mail fraud, and carries heavy pentalies similar to this.

Re:

[Elemenope]

Fraud generally requires either a pecuniary motive, or commission of the act in furtherance of some other crime. Simply putting some name that is not my own on a letter is neither of these things. I could sign my letters "Harry Potter" and the name as such wouldn't even be impersonation because the "victim" doesn't exist. Is this Mail Fraud? I don't think so...unless I was attempting to somehow profit from putting "Harry Potter" as my name.

Re:

[Achromatic1978]

Yup, and don't forget all those volunteers who reply to mail sent to "Santa Claus" on behalf of the post office.

Re:

[metamatic]

Argument #4 is really weak. You can always not send caller ID if you want privacy.

Re:

[Short Circuit]

Nope. Once a pseudonym can be associated with you, all records associated with that pseudonym can, as well. The only way a pseudonym can give you privacy is if you use a different one every time.

Want true privacy? Achieve anonymity.

Re:A campaign

[Anonymous Coward]

I work for Congress, but not on this issue. But I can correct some misinformation.

1. You're right. We shouldn't make murder illegal either.

2. See number 1. The question is whether the money spent on this law is worth the societal good of making it easier to prosecute scammers.

3. The phone companies don't have an incentive to stop scamming. Congress does (they're occasionally responsible to voters.)

4. It doesn't stop you from not allowing the number to show up at all. It just stops you from faking it.

5. It was specifically written to exempt these uses, since Congressional offices, for example, have the public number show up when people call out from them, rather than individual extensions.

Sorry, no

[Jeff Molby]

5. It was specifically written to exempt these uses

...because governments tend to be very good at predicting and allowing for all of the possible "legitimate" uses.

2. See number 1. The question is whether the money spent on this law is worth the societal good of making it easier to prosecute scammers.

No, use apples and apples. The societal good must outweigh the societal cost, not merely the dollar cost. Societal costs include:

- The additional liability of every single person and business subject to the la

Re:A campaign

[Khaed]

I'm not so much worried about criminals, but I don't think this bill addresses what I want it to:

I'm sick of companies calling and their damn name not showing up, for whatever reason. "Tollfree number" (well no shit, other than collect, when do I get charged for receiving calls?) or "Unknown Caller"

Some of them are bill collectors. Who want someone that isn't here, and don't seem to want to believe that no, that person isn't here, and isn't going to be, so stop calling me. But either way, if they can't identify themselves, they shouldn't be calling my damn number. Which is why I disagree with #4 on your list.

If you're calling my house, I have every right to know who you are. Can you seriously come up with a legitimate situation where you should be able to call me and me not be able to see who you are before I answer the phone?

I barely answer unless I recognize the number anyway, because of a massive amount of wrong numbers. And some of the numbers these idiots are trying to dial aren't even close.

I agree with #3, however, in regards to #2, the cost of it will just be passed on to you one way or another. #5 I can see, but I've never had a business call me and use a sales associate's name.

#1 is a silly argument. Making rape illegal hasn't stopped it, either. You can make the case that no law is ever going to stop any crime. However, it makes it so that if you do it and get caught, you can be punished.

Re:

[LearnToSpell]

Some of them are bill collectors. Who want someone that isn't here, and don't seem to want to believe that no, that person isn't here, and isn't going to be, so stop calling me. But either way, if they can't identify themselves, they shouldn't be calling my damn number. Which is why I disagree with #4 on your list.

This is what I'm running into now. I just got my first cellphone (I know, I know), and apparently the person who had this number before is skipping out on some bills. Problem is, I got one of

Re:A campaign

[Achromatic1978]

"Can I have your mailing address?"

Certified mail:

In reference to your repeated attempts to find Person X on phone number X, consider yourself formally informed that this person has no connection with this number, and further, that this number is a cellular service for which an uninvolved third party is billed for each call from your business. Accordingly, you are instructed to cease and desist calling this number in relation to this matter, or I reserve the right to take action on the grounds that these calls are civil harassment, and to seek redress through appropriate channels for costs and damages incurred in dealing with this matter."

Re:

[Khaed]

Well you obviously DON'T have "every right" to know who's calling you before you pick up the phone but you WOULD LIKE to have it.

Sorry, no, I don't think someone has the right to basically lie about who they are on my caller ID. It's my phone and my time, and if their legitimate name and number aren't something I'll pick up for, sorry, I don't want them wasting it.

Let alone the fact that there are plenty of legitimate situations where people would prefer to call anonymously (whistle blowers, people seeking

Re:

[Dachannien]

If you don't want the number you're calling from to show up on my caller ID, then don't call me. Problem solved.

Re:

[ktappe]

1. It doesn't do anything Criminals will still make calls and spoof, so it won't stop fraud. Police can already track down spoofers

This will give the police $10,000 teeth they did not have before.

2. It costs money We're gonna have to spend money to catch spoofers.

Freedom is not free.

3. Jurisdiction If the phone companies want to stop spoofing, they should design a secure system instead of relying on the congressional police

Who says the phone companies want to stop spoofing? What they want is for cu

Re:

[gujo-odori]

WRT point 5, what the bill outlaws is "to transmit misleading or inaccurate caller ID information." If a company has its PBX configured so that it sends a salesperson's name rather than the company's name when she makes a call, I think a lawyer would have no problem deflecting an attempt to prosecute. After all, the name displayed *was* the name of the person making the call, so none of the information was false or misleading.

For the person who wondered if having his caller ID say "Harry Potter" could get h

Re:

[XorNand]

Actually, only a caller ID number can be spoofed. The number -> name correlation is a database lookup done at the phone company; customers have no control of that on a call-by-call basis.

Re:

[phliar]

I agree with you that these kinds of laws are crap since somehow businesses always get away with all kinds of shit while college kids and regular people are fined and thrown in jail for nothing. Every law diminishes us; there's a real cost to every law, which must be carefully weighed against the claimed benefit.

However:

If I can write a fake name on a letter and mail it, why can't I do the same with my phone?

Do you feel the same way about email?

I feel very strongly that in any interaction, you can eit

Re:

[unlametheweak]

If you aren't using spoofing for some rather serious illegal purposes like death threats, massive spamming or scamming then this law is unlikely to be enforced.

In my experiences with businesses using auto-dialers and pre-recorded phone calls to advertise, the police will just refer you to the phone company, and the phone company will just refer you to the police. The same with obscene and persistent phone calls. So I doubt if a law like this would be enforced for the average person just wanting to impress t

Congress isn't allowed to do this...

[SonicSpike]

According to the Constitution in Article 1, Section 8, Congress isn't allowed to regulate communications. Therefore this is unconstitutional.

Re:

[Ironsides]

a) Nowhere does it say that they can't regulate communications.

b) Ever read the interstate commerce clause?

Re:

[Elemenope]

Is every call made over state lines in pursuance of some act of commerce? If not, I don't see how Congress could claim the right to regulate every call. BTW, they are called enumerated powers; the list is exhaustive of what they can do, point being if it isn't on the list, it isn't something they can do. At least, that was the original notion...

Re:

[Courageous]

ARRRRRG.

You're gonna get me started!

Not only was it only enumerated powers, they felt so strongly about it they passed an Amendment just to make it clear they meant only enumerated powers!

ARGGGGG.

Re:

[SonicSpike]

This is why I'm a Constitutionalist first and a libertarian second.

Interstate calls ARE interstate commerce

[davidwr]

If you call someone in another state and the phone company gets paid for the call, it's interstate commerce.

If any of the phone companies involved are incorporated in another state, then it's also interstate commerce.

As far as the feds are concerned, the parties to the commerce are the people using the phones, all the carriers, and anyone and everyone who is paying the bill.

You can argue that the feds have no business regulating intra-state phone calls. It's been at least 70 years since the feds started re

Re:

[westlake]

if it isn't on the list, it isn't something they can do. At least, that was the original notion..

The thing is, in two hundred years, language changes, society changes. The words remain the same, but the words will not be read in the same way.

The founders' understanding of the word "commerce" is unclear. Although commerce means economic activity today, it had non-economic meanings in late eighteenth century English. For example, in 18th century writing one finds expressions such as "the free and easy com

Re:

[SonicSpike]

Actually, if it isn't authorized to Congress, then it is prohibited. Read the 10th Amendment:
"The powers not delegated to the United States by the Constitution, nor prohibited by it to the states, are reserved to the states respectively, or to the people."

And when the Interstate Commerce Clause was written, the phrase "to regulate" actually meant "to make regular". If you remember one of the primary reasons for the Constitution being authored in the first place was to deal with interstate squabbling, trade

Re:

[SonicSpike]

Possibly, but I would hope that a court would have enough integrity to reject that idea.

Wire fraud?

[EmbeddedJanitor]

Makes sense. It is surely fraudulent to make false claims.

That's kinda funny...

[sokoban]

Well, around here the police department spoofs their caller ID info. Any time you get a call from anyone at the police station downtown, it only shows four zeros as the caller ID. It is different from when it says ID unavailable.

Re:

[flyingfsck]

So, why do you get so many calls from the Police? ;)

Okay, what about calling cards?

[xerxesVII]

My parents insist on using a calling card. When they call me, what comes up in my caller ID is the city where whatever bank they got sorted through is located. For instance, my caller ID will show some 1-800 number and say "MONTGOMERY, AL" or some such city. Would this fall under spoofing?

Re:

[StikyPad]

In a word, no [answers.com].

Fines in America - just can't figure it out

[Bombula]

I don't get why in America we can't figure out that fines only work when the penalty is commensurate with the infraction. If you want fines to work, you have to do what they do in Scandinavian countries - charge a percentage of your income. What is a $500 parking ticket for a billionaire? But $500 will ruin your life if you work for minimum wage. It's not fair, it's not just, and it doesn't work.

Fines for corporations should certainly have a minimum value, but they should have NO upper ceiling. When companies like Microsoft or Phillip Morris or ExxonMobil are fined $200 million dollars - as most of them have been - they don't even blink. It's completely useless. The law in America in this regard is completely idiotic in this regard.

Re:

[PresidentEnder]

The law in America in this regard is completely idiotic.

Fixed that for you.

Re:Fines in America - just can't figure it out

[profplump]

So fines against people don't have a minimum but fines against companies do? What if your $1M minimum fine puts 10 people out of work because the company goes under? Either using a sliding scale or don't; let's not make up silly rules based on angst against "evil corporations".

Re:

[Prof.Phreak]

Fines based on income are silly, as most rich folks don't ``make'' much money. Their taxable income is surprisingly low---in fact, I'd imagine many billionare CEOs would qualify for welfare.

ie: consider Bloomberg with a $1 salary.

Re:

[jlarocco]

Fines based on income are silly, as most rich folks don't ``make'' much money. Their taxable income is surprisingly low---in fact, I'd imagine many billionare CEOs would qualify for welfare.

Stock dividends, capital gains and interest count as income.

The US System Works

[Slashdot Parent]

That's why in America we have three types of penalties: monetary, incarceration, and administrative.

• Monetary: That's the fines. To somebody like Paris Hilton, the fine means nothing. In fact, to most people, the amount of the fine is trivial. In my state, the fine for speeding is $5 for each MPH over the speed limit. If I get a ticket for going 45 MPH in a 25 MPH zone, my fine is $100.
  
  $100 means nothing to me. If I were to lose $100 walking down the street, I would never even notice. So why do I not

My Other Me

[Doc Ruby]

If I send my landline phone# from my mobile phone, is that "illegal spoofing"?

Re:

[ShaunC]

If I send my landline phone# from my mobile phone, is that "illegal spoofing"?

Only if your landline phone number is 202-456-1414.

Re:

[StikyPad]

Let's say that it is. Do you honestly think you'll ever be in a situation where you might be prosecuted for doing that? Do you think your wife/client/friend will turn you in because they immediately tried to call you back at home, and whoever answered said you weren't there?

This law is to protect against spoofing performed to deliberately and maliciously deceive. If you (or anyone else) tried to report someone for spoofing their cell number to their home number, it's pretty safe to say the police would p

Re:

[belg4mit]

There is no such thing as a perfect law, and this one seems to have more benefits than possible detriments.

You seem to have an odd definition of benefits.

So what? Just because Caller-ID is electronic, this does not make it in any way special. Are you then advocating for the illegality of spoofing email? What of
forging the return to address on a piece of snail mail? Wearing my shirt with
the printed "Hello My Name Is Sponge Bob Square Pants?" Halloween costumes?

Yes, you say that the police will ignore silly trangressions of the law. I say
then, what purpose a law that is so readily flaunted or overly broad? Make i

All For It

[Bios_Hakr]

Good, now I'll stop getting cold calls from "caller unknown". If my phone displays "caller unknown", I just made $10k.

Re:

[Kalriath]

Informative? Hah.

No, intentionally blocking is not forging caller ID. If your phone displays "Caller Unknown", you just made $0

Actually, nothing happened

[gruntled]

So I'm actually reading the legislative action on this bill (through Thomas, provided by the link), and it doesn't appear as though there's been any kind of a vote on this. Am I, you know, missing something? Or does somebody not understand that a bill actually has to be voted on by each full chamber (both the House and the Senate) in an identical format, before it can be said that "Congress" has approved anything?

Re:

[ISurfTooMuch]

Yes, indeed, you're right. It looks like the bill hasn't made it to the full Senate yet.

I'd be curious to hear from the OP about this. Where do you see this as having passed Congress? I'm not seeing it, but perhaps I'm missing it. Please provide clarification.

You insensitive clod! I don't have CallerID!

[NotQuiteReal]

I don't have caller ID! Why would I? If I don't want to answer the phone, I don't. (Actually, my wife probably will answer it anyhow, she is kind of type-A that way. But still, I have no problem putting undesirable callers on hold "forever", I am kind of an A-Hole, that way.)

I have saved hundreds and hundreds of dollars over the years for a feature I could have used maybe, once or twice.

Seems like a bargain to me.

Sheesh, you don't have to buy product offered to you.

I am not a technophobe, I have two land lines and four cell phones. The Cell phones come with caller ID "for free".

Re:

[ScrewMaster]

True enough, I suppose ... but given that most phone companies bundle services you often end up with Caller ID whether you want it or not.

Do what I do...

[NotQuiteReal]

I dunno, I guess I just never cared who was calling. But here is a great excuse to explore the spelling of the word for one who does not tell the truth...

Currently, either I'd answer the phone, or I wouldn't, depending on my mood.

Under current law, if I had callerID, either I'd answer the phone, or I wouldn't, depending on my mood.

Under the new law, if I had callerID, and callers weren't allowed to lie about being criminal liars, I'd have to make a decision about answering the phone, even though the c

Re:

[Waffle Iron]

I have saved hundreds and hundreds of dollars over the years for a feature I could have used maybe, once or twice.

Caller ID box: $12.99

Caller ID Service over the years: hundreds of dollars.

Not being pressed into service as a captive audience for bored blabbermouth relatives-in-law who call your spouse multiple times per day: priceless.

I never answer the phone...

[flyingfsck]

That is what the answering machine is for. Ever since junk calls became prolific years ago, everybody I know got an answering machine and when we call each other, we just leave messages. There is almost no interactive phone chatting going on.

The whole thing is absurd

[StealthyRoid]

It's a stupid bill for four reasons:

1. It's a solution without a problem. The actual impact of caller ID spoofing is almost nil, while it's a valuable learning tool for many people just getting started with phones. The only argument I can see for it is that it makes reporting violators of the Do Not Call list. However a.) that's not a big enough benefit to justify any but the smallest trade off and b.) the Do Not Call list is stupid, and its impact should be achieved via implementation of blacklists by phone carriers. The government shouldn't be acting unless there's a serious matter at hand, nor should it engage in yet another unConstitutional regulation.
2. It's too open-ended.

   `(4) REPORT- Not later than 6 months after the enactment of this subsection, the Commission shall report to Congress whether additional legislation is necessary to prohibit the provision of inaccurate caller identification information in technologies that are successor or replacement technologies to telecommunications service or IP-enabled voice service.
   ...
   `(A) CALLER IDENTIFICATION INFORMATION- The term `caller identification information' means information provided by a caller identification service regarding the telephone number of, or other information regarding the origination of, a call made using a telecommunications service or IP-enabled voice service.

   Why not apply this to IP-spoofed or proxy'd Ventrilio/TeamSpeak/etc... conversation? This only increases the Constitutional argument against this amendment, because even if you buy the absurd assertion that the commerce clause gives the USFG power over anything that even remotely involves interstate commerce, where's the commerce in a private Teamspeak server? It also increases the chances of abuse by law enforcement, like the kids above.
3. The bill doesn't just restrict malicious spoofing, like making a threatening phone call look like it's coming from inside the house, it restricts simply playful spoofing, like ordering a pizza for I.P. Freely and making it look like comes from the local police precinct. Nor does it make a distinction between spoofed info that represents someone else's information accurately, and displaying non-existent information like '555-555-1212'. There's no reason the government should be spending my tax dollars on something as asinine as this. Osama bin Laden isn't calling up the White House and asking for Prince Albert in a Can while spoofing his CID to say "SUCK IT DRY".
4. The fines are absurdly out of proportion with any _potential harm_ presented by caller ID spoofers. What incentive does the USFG or the states (which the bill empowers to act on these matters) have to NOT go after 14 year old kids for $10k a pop? None. But nobody will think that at first, until the first few kids get busted, and are we really OK with _anyone_ being jacked by something this stupid?

Re:

[geekoid]

"where's the commerce in a private Teamspeak server?"

People do busismess on vie VOIP systems. Often interstate business. Bear in mind if the call is even routed out of state for 1 bounce, and then back into the state, it's interstate.

Yes this law is stupid
Yes interstate clause is abused.

Don't blame the feds there doing what any large government would do, blame the state. The States are supposed to have some backbone when dealing with the feds. The founders new this happens, it is the exact REASON we have se

I call BS

[Strange Ranger]

My real name is not Strange Ranger.

Why should I have to reveal my real number when placing a call?

Yes I know this is a forum and calls are more "personal".
But sometimes I call companies. Or heck maybe city hall.
Where does the tracking and ID'ing end?

Nice

[rantingkitten]

I sort of hope it passes, for selfish reasons. I direct the support department at a VoIP provider and I cannot tell you how tired I am of people's endless, nonstop whining about their caller ID, and how they want it changed, and why can't I make it look like they're calling from somewhere else... on and on and on. This will give me a convenient excuse to tell them to shut up.

On a slightly more serious note, though, it's amusing to note why the bill is being introduced. Senator Stevens was blithering about how it's important because people rely on caller ID for "critical information". I cannot imagine what could possibly be considered "critical" about caller ID information, particularly considering what a half-assed hack the entire system is anyway and the lack of any real standards. Please note that caller ID is entirely different from ANI (automated number identification).

Caller ID is a fine example of a semi-convenient feature that people took and ran away with. The general population now sees Caller ID as the Oracle at Delphi, infallable and impossible to live without, and go absolutely apeshit if it's wrong (which is quite often, believe it or not). I guess people just don't understand the technology, but to "rely" on caller ID information is ludicrous.

I remember about fifteen years ago, maybe a bit more, when Caller ID was virtually unheard of, and the Bells were just starting to roll it out to homes. My parents got the little box from Radio Shack, signed up with the service, and my friends and I would rush over to the ID box with childish glee every time the phone rang, cause hey! How cool is this, man!

But in the end that's all we thought about it. It was a cool little novelty. That people take it so seriously now baffles me.

We used to deal with the phone ringing and not knowing who it was in advance with the following method: a) answer the phone, b) don't answer the phone, or c) let them leave a message and get back to them if we feel like it.

Somehow, though, what I don't remember is that the pre-Caller ID era was some kind of a Dark Ages where nobody got anything done.

But you'll never convince the public of this.

Re:

[profplump]

CNAM data is not passed across the PSTN -- only the number is passed, and the destination telco must do a CNAM lookup. That's why out-of-area CNAM data is spoty at best. Hence your "spoofed" name is only visible inside the packet8 network.

Re:

[number11]

TFA shows it to be "in the works", and not, as the blurb says, passed into law. It may well end up being passed, but it doesn't look like it has been yet.

S.704
Title: A bill to amend the Communications Act of 1934 to prohibit manipulation of caller identification information.
Sponsor: Sen Nelson, Bill [FL] (introduced 2/28/2007) Cosponsors (4)
Latest Major Action: 6/27/2007 Senate committee/subcommittee actions. Status: Committee on Commerce, Science, and Transportation. Ordered to be reported with an am

Re:

[jorghis]

Unscrupulous debt collectors, private investigers, etc. use it more often than you think. If you have any reason not to want to pick up the phone there is a good chance the organization that wants to talk to you will try this trick.

Re:

[Evilest Doer]

I didn't know that CallerID spoofing was a big issue.

well now you do.

And knowing is half the battle!

Re:DEATH TO "UNKNOWN CALLER"

[Lumpy]

I block it just fine on verizon.

I have all phone lines and voip lines going into a asterisk server. if you dont have a real caller Id string and are not on my blacklist your call goes through.

It's quite easy to block UNKNOWN CALLER. and cheap too. a asterisc pots card is $29.00 on ebay and an asterisk server is pretty much free. (P-III 500 is more than enough horsepower) all you need is a voip phone handset or adapter to go to regular phone ($19.00 ebay sipura spa-2000)

Way better than any answering machine you can buy, I can block anything I want, I can force unknown callers to a special mailbox that states " I do not answer unknown calls" or better yet a 30 minute "hello? hello? I cant hear you. wait a second. can you hear me now? hello? can you speak louder? I can kind of hear you now, what was that?"

wasting a telemarketers time is a wonderful thing. when they get that you are honey potting them to waste their time they add your number to the do not call list on their own.

Re:

[JackieBrown]

As someone who does medical tech repairs I would very much appreciate a response like that so I can close the issue (on my side) that much faster for non-compliance.

Seems better than me arguing the first 2 minutes that I am not trying to sell them something or steal their children.

Re:

[Achromatic1978]

Wow, your customers are "noncompliant" for choosing not to receive calls from blocked CID?

What company do you work for, so I can avoid doing business with them?

Re:

[belg4mit]

Actually, I just made those same points elsewhere in this discussion but with
Political Compass [politicalcompass.org] coordinates of (-6.88, -4.46) I sure
as hell am not a neo-con :-P

Well, everything but the crying Red.