Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Communications Crime United States Your Rights Online

Mississippi Makes Caller ID Spoofing Illegal 258

marklyon writes "HB 872, recently signed into law by Mississippi Governor Haley Barbour, makes Caller ID spoofing illegal. The law covers alterations to the caller's name, telephone number, or name and telephone number that is shown to a recipient of a call or otherwise presented to the network. The law applies to PSTN, wireless and VoIP calls. Penalties for each violation can be up to $1,000 and one year in jail. Blocking of caller identification information is still permitted."
This discussion has been archived. No new comments can be posted.

Mississippi Makes Caller ID Spoofing Illegal

Comments Filter:
  • by clone53421 ( 1310749 ) on Wednesday March 17, 2010 @03:23PM (#31514594) Journal

    There shouldn’t need to be a law for this, though. Telcos should enforce it on their own.

    • How would enforcing a rule such as this enable telcos to make more money? I imagine that some of their larger customers are spoofers. And telcos are corporations. All corporations are inherently sociopathic, lacking in empathy, remorse, guilt, or any sense of right and wrong outside of "more money is right, less money is wrong."

      If someone should do something, and they don't, we make a law to force them to.

      • by clone53421 ( 1310749 ) on Wednesday March 17, 2010 @03:43PM (#31514894) Journal

        How would enforcing a rule such as this enable telcos to make more money?

        It pollutes the feature? At what point is it no longer worth getting caller ID, because the numbers are not reliable enough to be worth paying to have it...

        But yeah, you have a point. The telcos really don’t have much incentive to prevent spoofing when their larger customers are doing it.

        However, here’s my take, and why it still doesn’t need to be illegal IMHO. The companies who spoof are generally doing stuff that should be illegal anyway, right? That’s why they want to hide their identity. So as I see it, if we could crack down on them for those actions, spoofing wouldn’t be the big-business issue it currently is. Then, the primary spoofers would just be pranksters, and the telcos would have good reason to prevent it again.

        • by tibman ( 623933 )

          Preventing spoofing in the first place makes it easier to track down illegal actions, right?

          I think that if it was easy and common to spoof IP addresses, the internet would be even more of a cesspool.

          I think elimnating spam had to do with positive identification of the sender? Seems like it has gone down over the past few years. I would guess most servers/relays drop email that cannot be properly tracked to the origin, they could do something similar with phonecalls.

          • Re: (Score:3, Funny)

            by Nadaka ( 224565 )

            It is obviously good... I am somewhat surprised to see this from my home state.

        • by jbolden ( 176878 ) on Wednesday March 17, 2010 @05:28PM (#31516400) Homepage

          However, here’s my take, and why it still doesn’t need to be illegal IMHO. The companies who spoof are generally doing stuff that should be illegal anyway, right?

          No they aren't. For example my company spoofs so that patients who hit *87 or return the call go to a number where their calls will get handled rather than some internal number that might just be an outgoing only line.

          • by lordsid ( 629982 ) on Wednesday March 17, 2010 @08:19PM (#31517850)
            That's not spoofing, it's trunking.
          • by clone53421 ( 1310749 ) on Wednesday March 17, 2010 @08:31PM (#31517936) Journal

            For example my company spoofs so that patients who hit *87 or return the call go to a number where their calls will get handled rather than some internal number that might just be an outgoing only line.

            That’s a different situation, and I’m not even sure it’s considered “spoofing” or done in the same way.

            If the caller ID says who you are (your name) and gives a number at which you can be reached, that’s acceptable – if you are a representative of a certain company, the caller ID can show the company name & line, not your personal extension. That’s not fraudulent and therefore not illegal according to this law.

            In any case, the telco knows you’re doing it... and yes, the telco knows the fraudster spoofers are doing it too. They just can claim immunity if they don’t know about the (other) illegal actions of their customers... even when they probably know full well what’s going on.

            Making the spoofing illegal is a way to pin the telcos and force them to reveal who the fraudsters are, but I’d prefer a solution without adding new things to the list of stuff that’s illegal.

        • by raju1kabir ( 251972 ) on Wednesday March 17, 2010 @05:39PM (#31516550) Homepage

          The companies who spoof are generally doing stuff that should be illegal anyway, right?

          I "spoof". I purchase my incoming and outgoing service separately and from different vendors. I use different caller ID identification based on whom I am calling (one number for personal calls, another for business calls). They are both numbers that belong to me but there is no particular connection between that number and the "line" I am using to place the call.

          I also forward calls from certain people to my mobile phone when I am not at my desk. In that case I am effectively placing a call to my mobile number, spoofing the CID to be that of the original caller, so I can see whether I want to answer it.

          I would be very sad if I could no longer do these things, as they make my life a lot easier.

      • All corporations are inherently sociopathic, lacking in empathy, remorse, guilt...

        A corporation pays my salary, so they can't be all bad.

        • by asdf7890 ( 1518587 ) on Wednesday March 17, 2010 @03:51PM (#31515036)

          All corporations are inherently sociopathic, lacking in empathy, remorse, guilt...

          A corporation pays my salary, so they can't be all bad.

          They only pay you because slavery is illegal. Doing the right thing because you have no choice doesn't count when good karma is being totted up.

          • They only pay you because open slavery is illegal.

            Here, fixed that for you.

          • Actually, that's not true. Slaves cost money; if they die, you gotta buy a whole new one!

            When you have an employee, it doesn't matter what happens to him. You've only paid for his labor, not his life. It's easy to hire a new one and only has a minimal training time overhead.

        • If they decided it would be worth more money for them to grind you up and feed you to pigs, they would.

          Right now you are bringing in more money than they are paying you. Hence your employment. If that wasn't the case you wouldn't be there. And if the penalty for murder was less steep, the odds of getting caught smaller, and if there was a pig food shortage - you'd be screwed.

          Read up on the tobacco industry for current examples of what I'm talking about. They kill about half a million people in the U [cancer.gov]

    • Re: (Score:2, Redundant)

      Telcos should enforce it on their own.

      Yeah and corporations should do all sorts of things they don't do. Which is why the government has to step in to make them do it.

    • Re: (Score:3, Funny)

      by QuantumRiff ( 120817 )

      How? Seriously, how the hell would they enforce it? Companies use caller ID spoofing all the time! Look when an agent at your bank calls you from their call center. Does their phone number show up? Nope, its the 800 number, that you can call back the company on. Isn't that the same as spoofing? I mean, technically, its the exact same steps in the PBX to do it maliciously or not.

      Then, you might have one call center in one region have a nice fat pipe coming in from ATT, a second call center handled by

      • Re: (Score:3, Insightful)

        by BobMcD ( 601576 )

        How does anyone ever enforce anything? You punish those you catch doing it wrong, of course.

        Further if the displayed number is one of your own, I don't see this as 'spoofing' at all. Read the law, I guess and see if they agree.

      • Think about it. That's not spoofing, that's giving an alternate callback number for the same entity. Spoofing a callback is saying you're someone else; like, say, a car "warrantee" company using a little old ladies number as their callback. Again, your bank agent is not spoofing by giving his own company's 1-800 number. I'm pretty sure that all of the phone companies already know how to route calls between networks and who owns them. How the heck do you think calls are routed currently?

        Since this law allo

    • There shouldn’t need to be a law for this, though. Telcos should enforce it on their own.

      Score:4, Insightful

      If I hadn't just spent my last mod point, you'd just now be at +5 Funny. Telcos, acting right without the law forcing them... good one!

  • It is about time (Score:5, Insightful)

    by InsaneProcessor ( 869563 ) on Wednesday March 17, 2010 @03:24PM (#31514596)
    This should be a federal law.
    • Why? There is nothing inherently evil about spoofing caller ID. Existing laws already cover fraud, etc. If i want to present you with a fake number, Ishould be able to.
      • by vlm ( 69642 )

        Why? There is nothing inherently evil about spoofing caller ID.

        Should be, from the point of view of wasting time. All we'll end up with is about 40 states banning it, and given that LD is so cheap as to be borderline free, all the crooks will base themselves in the remaining 10 states. No actual effect other than a bunch of wasted time.

        Like the state usury laws forcing all the crooked CCs to DE or CT where-ever it was.

        If they tried it at the federal level, then being a stupid idea, it could be promptly shot down, making the world simpler for everyone.

        • Re: (Score:3, Informative)

          by EdIII ( 1114411 ) *

          If they tried it at the federal level, then being a stupid idea, it could be promptly shot down, making the world simpler for everyone.

          It's a wonderful idea. If done at the federal level, then your quite valid concerns would be eliminated.

          Did you read the law? It's not half bad at all:

          (d) "False information" means data that misrepresents the identity of the caller to the recipient of a call or to the network itself; however, when a person making an authorized call on behalf of another person inserts the

  • by Pojut ( 1027544 )

    ...you mean this wasn't already illegal? Strange.

  • Wait, what? (Score:5, Interesting)

    by Afforess ( 1310263 ) <afforess@gmail.com> on Wednesday March 17, 2010 @03:24PM (#31514608) Journal
    If I spoofed my caller ID, how would they ever know without wiretapping me, or doing something else illegal? How would anyone ever get caught? This law seems unenforceable.
    • It's an all digital system, they WILL know.
      • If they knew beforehand, why would anyone spoof? I don't follow your logic here.
        • Re: (Score:3, Informative)

          by jellomizer ( 103300 )

          Spoofing the caller ID doesn't mean you are untrackible. But it does mean the person who answers the phone gets the wrong impression who is calling.

          For example if you work from XYZ company and you call out their Caller ID may get the main line number while your number is "Spoofed" as it is a legit use for it. That is why they don't stop it.

          However if you spoof your own line with just fake information then the person will need to dig and get the information back. Usually being to much effort to be worth it

    • Re: (Score:3, Informative)

      It's actually quite simple. Telemarketers have been known to do this. It's quite obvious to get caught because the people you call who see you doing the spoofing will report you to the proper authorities. It's also easy enough for the telco to find out that you are doing this. The problem is that they haven't been stopping people from doing it hence why they had to come in and pass this law.

    • Re:Wait, what? (Score:5, Informative)

      by jmcharry ( 608079 ) on Wednesday March 17, 2010 @03:43PM (#31514908)

      There is a subtle difference between caller ID and ANI. ANI is used by the telco billing system and cannot be spoofed because it identifies the access line. CID can sometimes be spoofed by inserting bad data on a PRI line. Some telcos, however, check it.

  • It would be great if this could somehow be used against telemarketers. I guess it will depend on the specific details of how the law is written. Not to mention that its difficult to track down the company that called when they are faking their outbound number.
  • I'd like to see how they work this one out with Skype and other VOIP providers.
    • I don't use VOIP, so I don't know... but do you have a POTS phone number for someone to call you? Then that's what your outbound CNID should reflect. If someone can't return a call to you at the number shown in the caller ID, it's a spoofed caller ID.
      • by h4rr4r ( 612664 )

        Legit call centers do this all the time. Do you think they have a line for each agent? Do you think that the agent is always there?

        No, they display their phone number that accepts customer calls.

        • On the same note, spoofing to a number and name you legally own shouldn't be illegal, but that's sort of irrelevant.

      • by LBt1st ( 709520 )

        I haven't used Skype in a year or two but it was possible to have outbound service but no inbound number (if that's all you wanted to pay for). I'm sure there are other situations as well where an inbound number doesn't exist.

      • by gregmac ( 629064 )

        I do use VoIP, and I "spoof" in two specific situations:

        Since I got a cell phone through my work, I had my old cell phone number (which I'd had for like 7 years, and it spells my name) ported to VoIP (I keep both numbers and have separate personal/work numbers, and only carry one device). Now when you call it, it simultaneously rings the phone in my home office, and my cell. When it calls my cell, it "spoofs" the outbound call to appear as though it's coming from whoever ACTUALLY called my number, so on my

    • Especially when I use my VoIP line to spoof my cell phone caller ID. That way, the return call gets to me wherever I am. That shouldn't be illegal.

  • This seems like an ineffective use of legislation at first glance, but the next time somebody does the "your auto warranty is about to expire" trick, the first thing I'll ask is whether they logged any calls to Mississippi. If so, send their skinny little butts there for some quality time with the general prison population where they can think about what they've done.

    I don't really even care about the fine. Throw them in the can with Bubba for a year per call to MS, and justice will have been done.
  • ...all telemarketing firms in Mississippi are relocating to other states.
    • Wouldn’t help: calling into Mississippi using spoofed caller ID data would be commission of a crime in Mississippi and they could be prosecuted no matter from where they were based.

      They’d have to stop calling Mississippi, or stop spoofing their caller ID on those calls anyway.

      • by h4rr4r ( 612664 )

        And who is going to extradite over this?

        Route the calls to a PSTN gateway to another country. Then you will not even know where they really called from.

  • Simple solution (Score:4, Interesting)

    by h4rr4r ( 612664 ) on Wednesday March 17, 2010 @03:35PM (#31514794)

    Telemarketers will call from another state and use a PSTN gateway in yet another state/country. All this does is move telemarketing jobs out of a state that badly needs any jobs it can get.

    • Re: (Score:2, Insightful)

      by Bloopie ( 991306 )

      Or they'll stay in Mississippi and *gasp* display their real company name in their Caller ID!

      If a company is so slimy that it would move out of state just to avoid displaying their real name on phone calls, well . . . that's pretty slimy.

      I guess that's most telemarketers, but still.

      • by h4rr4r ( 612664 )

        They call for another company. If I am bob from "Bob's telemarketing and general annoyances" and I call for AT&T, whose number do I display? AT&T would prefer that I give theirs, and I would too as I do not take calls in. As I am not that scammy I only call current AT&T customers about new options. What number do I display?

    • Re: (Score:3, Insightful)

      by amorsen ( 7485 )

      Why would they do that? They can still block caller ID and they can still show any number they own. Why would they want to show someone else's phone number, and why should we let them?

    • by mishehu ( 712452 )

      Telemarketers will call from another state and use a PSTN gateway in yet another state/country. All this does is move telemarketing jobs out of a state that badly needs any jobs it can get.

      Funny, I could understand the Bangalore tech support staff better than I could the Mississippi telemarketing staff. *grin*

  • Why bother spoofing the caller ID when you can just block caller ID altogether? I'd just ignore "Unknown Caller" calls, except for the fact that my daughter's school makes emergency phone calls to parents with caller ID blocked... sigh. I point out to them every year that this is a problem, but they are too cheap to fix it. (Obviously they are using trunk lines from each school through the district headquarters, so if they displayed the number for the outgoing line, calling it back wouldn't put you in touch

You are always doing something marginal when the boss drops by your desk.

Working...