Forgot your password?
typodupeerror
Communications Crime United States Your Rights Online

Mississippi Makes Caller ID Spoofing Illegal 258

Posted by timothy
from the so-be-sure-to-stop-in-late-june dept.
marklyon writes "HB 872, recently signed into law by Mississippi Governor Haley Barbour, makes Caller ID spoofing illegal. The law covers alterations to the caller's name, telephone number, or name and telephone number that is shown to a recipient of a call or otherwise presented to the network. The law applies to PSTN, wireless and VoIP calls. Penalties for each violation can be up to $1,000 and one year in jail. Blocking of caller identification information is still permitted."
This discussion has been archived. No new comments can be posted.

Mississippi Makes Caller ID Spoofing Illegal

Comments Filter:
  • Re:Wait, what? (Score:3, Informative)

    by Lunix Nutcase (1092239) on Wednesday March 17, 2010 @04:39PM (#31514858)

    It's actually quite simple. Telemarketers have been known to do this. It's quite obvious to get caught because the people you call who see you doing the spoofing will report you to the proper authorities. It's also easy enough for the telco to find out that you are doing this. The problem is that they haven't been stopping people from doing it hence why they had to come in and pass this law.

  • by Rantastic (583764) on Wednesday March 17, 2010 @04:43PM (#31514900) Journal

    I think not, as the law is pretty clear about requiring

    ...THE INTENT TO DECEIVE, DEFRAUD OR MISLEAD;

    and since your Google Voice number is still a number belonging to you, I doubt it would be a crime to use it as your caller id.

  • Re:Wait, what? (Score:5, Informative)

    by jmcharry (608079) on Wednesday March 17, 2010 @04:43PM (#31514908)

    There is a subtle difference between caller ID and ANI. ANI is used by the telco billing system and cannot be spoofed because it identifies the access line. CID can sometimes be spoofed by inserting bad data on a PRI line. Some telcos, however, check it.

  • by natehoy (1608657) on Wednesday March 17, 2010 @05:03PM (#31515264) Journal

    You really need to read the law: "however, when a person making an authorized call on behalf of another person inserts the name, telephone number or name and telephone number of the person on whose behalf the call is being made, such information shall not be deemed false information."

  • by sampas (256178) on Wednesday March 17, 2010 @05:13PM (#31515438)
    Anon is correct. CallerID between telco does not support name. All you enter on your side is the number. The telco charges for the number-to-name entry, so if the name is incorrect, it's incorrect in the telco's database. Also, every time you see an 800 number in caller ID entry, it's false. You can't dial out on 800 lines. Whoever it is calling with 800 on their caller ID is actually calling from some other circuit.
  • Re:Wait, what? (Score:3, Informative)

    by jellomizer (103300) on Wednesday March 17, 2010 @05:19PM (#31515506)

    Spoofing the caller ID doesn't mean you are untrackible. But it does mean the person who answers the phone gets the wrong impression who is calling.

    For example if you work from XYZ company and you call out their Caller ID may get the main line number while your number is "Spoofed" as it is a legit use for it. That is why they don't stop it.

    However if you spoof your own line with just fake information then the person will need to dig and get the information back. Usually being to much effort to be worth it.

    But now with a bigger fine if someone spoofed a caller ID to Horass then you can double wammy them back. A slap on the hand and a year in jail.

  • by mishehu (712452) on Wednesday March 17, 2010 @05:33PM (#31515664)

    "Most people's cell phones don't actually do caller-id. They merely cross-reference the number from your contacts list."

    Hate to be pedantic here, but I do work in telecommunications. Pretty much every cellphone on the US market supports Caller ID Number, but not the Caller ID Name. If they didn't support Caller ID Number, then there would be no way to cross-reference the number to a name in your contact list.

    Another side note is that Caller ID Name is not something supported in all locations or all countries - even other industrialized nations.

  • by Schraegstrichpunkt (931443) on Wednesday March 17, 2010 @06:25PM (#31516376) Homepage

    Think of this feature as a form of NAT for phone lines.

    It's more like the "From:" or "Reply-To:" headers of an email message: it indicates where you want follow-ups to go to.

  • by jbolden (176878) on Wednesday March 17, 2010 @06:28PM (#31516400) Homepage

    However, here’s my take, and why it still doesn’t need to be illegal IMHO. The companies who spoof are generally doing stuff that should be illegal anyway, right?

    No they aren't. For example my company spoofs so that patients who hit *87 or return the call go to a number where their calls will get handled rather than some internal number that might just be an outgoing only line.

  • by Schraegstrichpunkt (931443) on Wednesday March 17, 2010 @06:33PM (#31516476) Homepage

    Any customer with a phone switch or PBX is now in violation of this law.

    RTFL [state.ms.us]. It's very short. Quoting it:

    2(d) "False information" means data that misrepresents the identity of the caller to the recipient of a call or to the network itself; however, when a person making an authorized call on behalf of another person inserts the name, telephone number or name and telephone number of the person on whose behalf the call is being made, such information shall not be deemed false information.

    and also:

    3(1) A person may not enter or cause to be entered false information into a telephone caller identification system with the intent to deceive, defraud or mislead the recipient of a call.
    (2) A person may not place a call knowing that false information was entered into the telephone caller identification system with the intent to deceive, defraud or mislead the recipient of the call.

    So it's "with intent". I don't see anything wrong with the law as it stands.

  • Re:It is about time (Score:3, Informative)

    by EdIII (1114411) * on Wednesday March 17, 2010 @08:14PM (#31517382)

    If they tried it at the federal level, then being a stupid idea, it could be promptly shot down, making the world simpler for everyone.

    It's a wonderful idea. If done at the federal level, then your quite valid concerns would be eliminated.

    Did you read the law? It's not half bad at all:

    (d) "False information" means data that misrepresents the identity of the caller to the recipient of a call or to the network itself; however, when a person making an authorized call on behalf of another person inserts the name, telephone number or name and telephone number of the person on whose behalf the call is being made, such information shall not be deemed false information.

    This act does not apply to:

                        (a) The blocking of caller identification information.

                        (b) Any law enforcement agency of the federal, state, county or municipal government.

                        (c) Any intelligence or security agency of the federal government.

                        (d) A telecommunications, broadband or voice-over-Internet service provider that is acting solely as an intermediary for the transmission of telephone service between the caller and the recipient

    There are a ton of posts here already about how most of the Caller ID usage is not actually spoofing at all, but legitimate behavior, and that anti-spoofing laws would be stupid and get in the way. Well this law actually takes that into account and specifically allows such legitimate behavior.

    As this law is written I don't see any problems or concerns with it. If it were enacted at a federal level it would give 'spoofers' (telemarketers and debt collection agencies) real cause to be afraid and move their operations outside of the U.S. By that, I mean they would have to move all of their servers outside of the U.S and would not be able to use any VOIP provider in the U.S to make calls with spoofed information anymore.

    If you want simple the only thing you need to require by law is a whitelist of phone numbers that can be used as Caller ID on any account and that the whitelist only be populated with phone numbers with proper documentation (authorizing documents and bills). Have heavy fines and prison terms for any knowingly submitting false information to get a number on a white list.

    You do that and you won't see any 2 or 3 digit numbers anymore on your Caller ID and telemarketers and debt collection agencies will get their asses handed to them when they try to provide false documentation to get a real 10 digit phone number added to their white list that they do not own.

  • by fermion (181285) on Wednesday March 17, 2010 @08:55PM (#31517674) Homepage Journal
    A person may not enter or cause to be entered false information into a telephone caller identification system with the intent to deceive, defraud or mislead the recipient of a call.

    The bill includes intent. Unless one is trying to deceive or defraud your customer, there is no violation.

...when fits of creativity run strong, more than one programmer or writer has been known to abandon the desktop for the more spacious floor. - Fred Brooks, Jr.

Working...