:
Good morning, everyone. Welcome to the Standing Committee on Industry, Science and Technology. We have a tight schedule this morning.
Today we will be having our first panel on fraud calls in Canada.
Before us we have representatives from the Canadian Radio-television and Telecommunications Commission. We have Ian Scott, chairperson and chief executive officer; Steven Harroun, chief compliance and enforcement officer; and Alain Garneau, director, telecommunications enforcement, compliance and enforcement sector. From the RCMP, we have Eric Slinn, assistant commissioner, federal policing criminal operations; Guy Paul Larocque, acting inspector, Canadian Anti-Fraud Centre.
Gentlemen, each witness group will have 10 minutes to present, after which we will go to a series of questions. You can present in either of the official languages. If you see me waving the little yellow card, that means you have 30 seconds to wrap up. I will also remind folks in the audience there is absolutely no photo taking during committee, and I ask that you respect that. This meeting is being webcast live, so folks can follow from home.
With that, we will start with the CRTC. You have 10 minutes.
:
Thank you, Madam Chair, for inviting us to appear before the committee, here on traditional unceded Algonquin territory.
[Translation]
My name is Ian Scott, and I am the chairperson and chief executive officer of the Canadian Radio-television and Telecommunications Commission, or CRTC for short.
[English]
You've already introduced my colleagues, so I will not repeat that in the interest of time.
[Translation]
We appreciate the opportunity to participate in the committee's study of fraudulent calls to Canadians, including robocalls and other types of unsolicited calls.
The CRTC's mandate includes helping Canadians reduce the number of unwanted telemarketing calls they receive. We do this by setting rules for telemarketers, overseeing the national do not call list, and conducting outreach and enforcement activities. While some unsolicited calls are fraudulent in nature, which is a matter outside the CRTC's mandate, we have a collective responsibility to protect Canadians.
[English]
We're pleased to be here today to share with you the steps we are taking to better protect Canadians. We recognize that these unsolicited calls impact everyone and are a scourge on our society. For some, however, particularly vulnerable people, they are an even more serious problem, because they often lead to criminal activity, such as fraud and identity theft.
Given the continuously evolving nature of the problem, addressing it requires broad and concerted co-operation and collaboration. To this end, we work closely with industry as well as our domestic and international partners to develop and implement solutions.
[Translation]
In 2008, the CRTC created the national do not call list, a tool that balances consumer concerns about unwanted calls with businesses' legitimate desire to communicate with existing and potential customers. It's important to recognize that striking and maintaining an appropriate balance between the two requires the participation of both consumers and telemarketers.
Since we started the national do not call list, more than 14 million numbers have been registered by Canadians who want telemarketers to respect their privacy. Last year, Canadians registered an average of 858 numbers each day—a sign that they have confidence in the list. In addition, more than 20,000 telemarketers have subscribed to the list.
We closely track and analyze complaints about unwanted calls—data that help to inform our outreach efforts and enforcement action. The CRTC regularly imposes monetary penalties on telemarketers and their clients who violate the rules and takes other enforcement action such as issuing warning letters, citations and notices of violation.
I'm pleased to report that the majority of legitimate businesses are following the rules. The challenge we currently face, as I'm sure the committee appreciates, is the illegitimate actors who are using the telephone system to take advantage of Canadians. These people often do not reside in Canada, have no interest in complying with the rules and are using technology to hide their identity.
[English]
To combat this problem, the CRTC required certain service providers to implement a system to block types of calls within their networks by the end of last year. Whenever the caller identification information exceeds 15 digits, or doesn't conform to a number that can be dialed, for example, all zeros, the call will not go through. These calls will be blocked before they ever ring on a subscriber's phone. Providers that offer their customers that call filtering service, which provides a more advanced call management feature, were exempted from this requirement.
While the call blocking system will help, it will obviously not stop all the illegitimate calls from getting through. For years, Canadians have used the caller ID function on their phones to identify and ignore unwanted calls. Now, however, some illegitimate actors use technologies that generate fake caller IDs, enabling them to conceal both their identities and intentions. This is often called caller ID spoofing.
I'm pleased to inform you there's a new weapon in the ongoing fight against ID spoofing. It's a framework known as STIR/SHAKEN. STIR is an acronym for secure telephone identity revisited, while SHAKEN stands for signature-based handling of asserted information using tokens. The CRTC expects Canadian telecommunications service providers to implement STIR/SHAKEN by September of this year.
The STIR/SHAKEN framework enables service providers to certify whether a caller's identity can be trusted by authenticating and verifying the caller ID information for Internet protocol-based calls. This new framework will enable Canadians to know, before they answer the phone, whether a call is legitimate or whether it should be treated with suspicion.
Last December, we joined forces with our American counterpart, the FCC, to hold the first official cross-border call using STIR/SHAKEN. This initiative highlighted the joint commitment of our two organizations to reduce unwanted calls and better protect consumers. The timely implementation of STIR/SHAKEN will enhance the security of citizens on both sides of the border.
We also continue to work with the Canadian telecommunications industry to develop a process to trace nuisance calls back to their points of origin in the network.
[Translation]
No organization, regardless of its size or power, can combat the negative impacts of illegitimate calls on its own. That is why the CRTC works with a number of federal departments and agencies, including the RCMP, the Canadian Anti-Fraud Centre, the Canada Revenue Agency, the Competition Bureau, Shared Services Canada, Employment and Social Development Canada and the Communications Security Establishment. An important purpose of this collaboration is to share relevant information with Canadians in a timely way to help them avoid becoming victims of fraud.
One challenge that I would like to raise is that we are currently limited in the information we can share with our domestic partners. Greater flexibility would enable a more coordinated response to this issue.
In this era of globalization, illegitimate calls are increasingly an international problem. We recognize the importance of developing a global and coordinated approach to address these calls, along with the threats that they pose to consumers and their confidence in critical communication systems.
To better protect Canadians from unwanted calls originating from outside our borders, the CRTC has signed memoranda of understanding with our counterparts in the United States, Japan, the United Kingdom, Australia and New Zealand. These arrangements allow us to share information and expertise, collaborate on education and training activities, and provide investigative support. Thanks to these activities, our investigators better understand the nature of the challenge and how best to meet it.
[English]
The CRTC also maintains partnerships with law enforcement agencies and private sector groups to enable effective enforcement, intelligence gathering and compliance promotion. For instance, as you'll see in our printed remarks, we are members of a number of international organizations. These networks help us to prevent international spam and telephony and encourage enforcement co-operation, and to address problems related to nuisance communications such as fraud and deception, phishing and the dissemination of viruses.
Canadians are rightfully proud of our systems. When these systems are abused by criminal elements, however, it erodes the confidence of Canadians.
:
Thank you, Madam Chair. It's a pleasure to appear before this committee as part of its study on fraud calls in Canada, particularly given that we find ourselves in fraud awareness prevention month, in the month of March.
I'm Assistant Commissioner Eric Slinn, responsible for the federal policing criminal operations program.
Joining me today is Acting Inspector Guy Paul Larocque, who is in charge of the RCMP's program to combat mass marketing fraud.
As part of our mandate to protect Canada's economic integrity, financial crime, including fraud, has long been a federal policing priority for the RCMP.
[Translation]
The RCMP works with partners across Canada in both the public and the private sectors.
[English]
As well, we work with law enforcement agencies around the world to pursue fraud cases, as highlighted by our recent success in Project Octavia here in Ontario. This array of partners speaks to the shared responsibility of combatting fraud not only in Canada but around the world. This is truly a global challenge that requires a global response.
Technology facilitates an increasingly interconnected and borderless world that provides tremendous benefit to Canadians. However, criminals also benefit. They are quick to adapt to the evolving technological landscape and use this landscape to target Canadians.
No one is exempt from these fraud calls. By way of example, just two weeks ago I received three separate calls within an hour from fraudsters pretending to be the CRA advising I was subject to criminal charges and a warrant would be issued for my arrest. This was only on my RCMP-issued cellphone. A lot of fun was had by me that day.
Fraud operations are so pervasive and profitable that relying solely on enforcement is an insufficient response to the scope of this criminal activity.
[Translation]
The Canadian Association of Chiefs of Police has made it clear through its organized crime committee that prevention forms a crucial component of the fight against fraud, and we agree.
[English]
On the topic of prevention, the RCMP continues to invest in this area. We've undertaken a number of local and national projects and initiatives that focus on prevention.
For example, in response to reports from the public and businesses on gift card scams, RCMP officers in Alberta took the initiative to create a fraud tip sheet, which they distributed to local businesses. A clerk in one store referenced the tip sheet and intervened to prevent an elderly individual from purchasing 50,000 dollars' worth of gift cards. These fraud tip sheets are being distributed to detachments throughout the province of Alberta.
Also in Alberta, officers created posters warning the public about Bitcoin fraud and placed them next to Bitcoin ATMs. RCMP federal policing is now working to expand this initiative to make it accessible across the country.
Nationally, the RCMP has operated the Canadian Anti-Fraud Centre in partnership with the Competition Bureau of Canada and the Ontario Provincial Police since 2009.
The CAFC acts as Canada's central repository for information on mass marketing fraud and other scams impacting Canadians. In recognition of the significant impact and collective role of this, the CAFC disseminates information to law enforcement agencies, private industry and the Canadian public to raise awareness and prevent Canadians and businesses from falling victim to these scams.
The CAFC invests in fraud awareness campaigns, drawing the public's attention to high-profile scams, such as the CRA scam, through a variety of mechanisms, including social media.
[Translation]
Beyond prevention, the CAFC, in conjunction with private sector partners, targets the tools of scammers.
[English]
When individuals who suspect a scam or who have fallen victim to fraudsters report to the CAFC, the information they provide, telephone numbers, for example, is shared with the appropriate service provider, who can then terminate accounts by these scammers. Similarly, email addresses, bank accounts and merchant information are also shared with the appropriate partners to alert them to fraudulent activities within their own network.
While some victims have indicated that it can be difficult to reach the CAFC by phone, it's important for the public to continue to report, using online tools. Public reporting provides valuable information to the CAFC, but there is also the potential for victims to recover money lost. The CAFC works with such partners as Canada Post to intercept packages, or with banks to prevent money being sent to accounts linked with fraudulent activity, and sometimes to return the cash to those victims.
Under the federal policing priority of transnational and serious organized crime, the RCMP has a mandate to investigate criminal activity, including financial crime that crosses international borders and is carried out by criminal organizations who target Canadians. Under this mandate, the RCMP conducted an investigation recently into the CRA scam called Project Octavia.
Project Octavia commenced in October 2018. It investigated a telemarketing tax scam, better known as the CRA scam, which I'm sure many of you have heard about. In February 2020 the RCMP investigators arrested and charged two people in connection with the CRA scam. Between 2014 and 2019 the CRA scam resulted in cumulative losses, that we know of, totalling over $16.8 million.
Highlighting the complex, borderless nature of modern-day fraud investigations, RCMP investigators, including the RCMP liaison officer in New Delhi, India, worked with law enforcement agencies across Canada; other federal agency partners, including the CRA, Canada Border Services Agency and FINTRAC; and foreign authorities, including the Indian Central Bureau of Investigation and U.S. authorities based in India.
Long-running international cases like Project Octavia are indicative of the challenges the RCMP continues to encounter when investigating fraud. Criminals hide behind technology and international jurisdictions to perpetrate their crimes in Canada. However, where there is a challenge there is always an opportunity. Part of the success of Project Octavia can be attributed to the public awareness campaign undertaken by the RCMP through the CAFC. Since 2015 the CAFC and CRA have released numerous bulletins and public relations documents to inform Canadians of this scam.
[Translation]
You may have noticed that I've spoken at length about the CAFC. It is a best practice initiative that provides a valuable service both to law enforcement and to the Canadian public.
[English]
However, the CAFC is overwhelmed given the growth in phone scams and other frauds and the inundation of calls and emails it receives every day. As an international best practice and an effective proven model in the fight against fraud, the CAFC and its dedicated team of paid and volunteer staff provide a valuable service to Canadians, particularly such vulnerable populations as seniors and new immigrants.
Telcos have worked with us and taken specific actions to aid Canadians by blocking fraudulent calls from numbers they know are associated with suspected fraudulent activity. Both telcos and ISPs rely, at least in part, on information they receive from the Canadian Anti-Fraud Centre. In turn, the CAFC is only as good as the information it receives from Canadians reporting frauds and scams.
Through Project Chameleon, financial institutions in Canada are working with the RCMP to identify perpetrators of romance fraud and to contact victims to protect their money. This is not to forget our international law enforcement partners, such as the Five Eyes law enforcement group. FELEG members have collectively undertaken work focused on vulnerable populations. These groups are not always comfortable contacting law enforcement, as we know, and are often specifically targeted by scams. Further work and international public and private sector partnerships along these lines could prove invaluable in combatting such frauds as the CRA scam, and offers an opportunity to gain further insight into the methods fraudsters use to bilk Canadians of their hard-earned money.
In conclusion, fraud impacts Canadians in a variety of ways: financial loss; potential loss of property or the ability to gain credit; and, most seriously, a loss of trust in the institutions that make Canada such a desirable place to live. I have highlighted that combatting fraud is a shared responsibility. It is one that we will not shy away from. The RCMP will continue to work with the public and private sectors and our international law enforcement partners to detect, investigate and prevent fraud to better ensure the safety and security of Canada and its citizens.
[Translation]
I thank the committee for the opportunity to stand before you and welcome the chance to answer any questions you may have.
:
I would like to welcome you back for the second panel at the Standing Committee on Industry, Science and Technology
[Translation]
as part of our study on fraud calls in Canada.
Joining us now from Bell Canada, we have Jonathan Daniels, vice-president of regulatory law, and from Rogers Communications, Howard Slawner, vice-president of regulatory affairs, and Deborah Evans, chief privacy officer.
From TELUS communications, we have Jérôme Birot, vice-president of development operations, and John MacKenzie, director of regulatory affairs.
[English]
Ladies and gentlemen, because we have three groups with us today, we'll ask that your presentation be eight minutes in length, and at that point we will be going to the round of questions.
[Translation]
When you see the yellow card, it means you have 30 seconds left to finish your presentation.
[English]
With that we will start with Bell Canada. Mr. Daniels, you have eight minutes.
:
Good afternoon, Madam Chair.
My name is Jonathan Daniels. I am Bell Canada's vice-president of regulatory law.
It is my pleasure to be here today to share with you the steps we have taken and continue to take in an effort to combat nuisance and fraudulent calling. We are strong proponents of protecting Canadians against these types of calls.
Specifically, I will speak to the three issues you asked us to discuss in this invitation: the national do-not-call list; fraudulent and nuisance calls; and STIR/SHAKEN protocols.
To begin, I'd like to address the issue of the national do-not-call list. While we agree that the list is a good tool that can help reduce the number of telemarketing calls received by Canadians and we are glad to have the benefit of such a tool in Canada, this tool does have limitations. Specifically, the national do-not-call list is only effective if everyone adheres to it. Unfortunately, the vast majority of nuisance calls received by Canadians come from callers outside of Canada that do not adhere to the national do-not-call list. Thus, we have to continually come up with new ways to stop unwanted calls.
This brings me to the issue of the recent influx of nuisance and fraudulent calls being experienced by Canadians. It is important to note that there is a difference between nuisance calls and fraudulent calls. Nuisance calls are calls that you do not want to receive. These types of calls are generally trying to sell you a service, such as duct cleaning. They are a nuisance and likely unwanted, but they are not necessarily illegitimate or fraudulent. Fraudulent calls are much worse than nuisance calls, as they are specifically designed to defraud Canadians. For example, you may receive a call offering to fix your computer, which is really an attempt to install a virus and lock you out of your computer, leading to a ransom demand. Other scams relate to credit cards. I have lost count of the number of times I have received a call from the so-called Visa/Mastercard centre, not to mention the infamous CRA scam. These fraudsters are sophisticated and intelligent, and stopping them will not be easy.
The industry has been working with the CRTC on a number of fronts in order to reduce both nuisance and fraudulent calls. ln that regard, I am pleased to be sitting on a panel today with representatives from both Rogers and Telus. It is unusual for me to take the time to acknowledge two of my competitors, but in this area of trying to reduce fraudulent and nuisance calls, it is important to note that we and many other players have been working together. In fact, our experts meet at least weekly, and often multiple times a week, to discuss these important issues.
When we deliver a call to you, we often display the number that is calling you. That is called a calling line ID, or CLID. In December of last year, the CRTC ordered carriers to start blocking calls that had a calling line ID or CLID that did not look like a real number. We refer to these calls as non-conforming calls. For example, if a call comes in on our network and has a CLID that exceeds 15 digits or is all zeros, we will block that call. To be clear, a non-conforming call is not necessarily a nuisance or fraudulent call, but having a non-conforming CLID is a very good indicator that a call may be problematic. On our network, we are now blocking approximately 220 million calls a month.
Another initiative the CRTC is pursuing is STIR/SHAKEN, which is the third topic the committee specifically asked about. STIR/SHAKEN works by letting consumers know that they can trust the telephone number that is being displayed. In other words, with STIR/SHAKEN, you will be able to know that the calling line ID you see on your phone is actually the real number calling you.
The CRTC recently sought comments on a proposal to require all carriers to implement STIR/SHAKEN. We support such a proposal. We think that we and all other carriers should be required to provide STIR/SHAKEN. However, we see STIR/SHAKEN as a long-term solution, as there is a variety of issues that need to be addressed before the benefits of a STIR/SHAKEN framework can be realized. It is for this reason that we, along with most of the industry, proposed that the CRTC STIR/SHAKEN mandate be delayed until we get the rules of the regime figured out. A lot of work needs to be done, and we are ready to do that work, but the industry and the CRTC must take time to do that work properly or else the solution will be flawed.
Let me give you an example. I think this is really an important point about STIR/SHAKEN. It's a long-term solution rather than a quick fix. Most phones today cannot display STIR/SHAKEN. Think of your land line telephone at home. Where would you see a check mark on your phone to confirm that the calling line ID displayed is actually the real number calling you? In fact, even most cellphones are not capable of displaying STIR/SHAKEN, although that will change in the next few years.
While we believe a mandate should be contingent on first finalizing the technical details, Bell has still committed to launch STIR/SHAKEN on portions of our network this September, but just because we launch it doesn't mean most Canadian consumers will be able to use it. There are a number of requirements that must be met in order for STIR/SHAKEN to fulfill its potential.
STIR/SHAKEN has promise, and we are fully committed to implementing it, but it is far from the only answer and will not materially address the problem of nuisance or fraudulent calls in the short term. Let me turn to something that I think will make a big difference.
ln addition to initiatives directed by the CRTC, we at Bell are committed to trying to protect our customers from fraudulent calls. Although we cannot identify all fraudulent calls, we have developed modern technology that allows us to identify millions of calls as being fraudulent.
ln identifying those calls, we work closely with the Canadian Anti-Fraud Centre, an affiliate of the RCMP. However, even when we can definitively identify a call as fraudulent, we are not allowed to block that call without CRTC permission.
Thus last year we applied to the CRTC for permission to conduct a three-month trial process we had developed for identifying and blocking fraudulent calls. I believe that's what the chair was referring to when he mentioned that there's an application; that's from us.
We have not publicly disclosed the details of this process so that we do not provide fraudsters with a how-to manual on the best way to circumvent our proposed trial; however, we have provided the CRTC with the full details of the process, and we've also shared the details of this process with our competitors, public interest groups and individuals who signed a CRTC-approved non-disclosure agreement.
If granted permission, we anticipate that this process will block approximately 120 million fraudulent calls a month on our network. That is in addition to the 220 million calls we're already blocking as a result of non-conforming calls. We suspect, however, that most of the 220 million non-conforming calls currently blocked are nuisance calls rather than fraudulent calls.
Our proposed trial will only block fraudulent calls in an attempt to protect Canadians from bad actors trying to illegally defraud them. We look forward to launching our trial as soon as we receive CRTC approval.
Fraudulent calls and nuisance calls are a pressing and growing concern for Canadians. We at Bell are fully committed to addressing this issue, including by asking the CRTC for permission to implement our new proposal to actively block these fraud calls. However, there is no one solution. We will continue to work with the CRTC, our competitors and our consumer groups to find new and innovative solutions to address this issue.
With that I will conclude.
Thank you.
:
Madam Chair, good afternoon. I'm Howard Slawner, vice-president, regulatory telecom at Rogers Communications. I am joined here today by my colleague Deborah Evans, Rogers' chief privacy officer. We appreciate this opportunity to appear before the committee and to provide input into the study of fraud calls in Canada.
Rogers fully supports the efforts of the Government of Canada and the CRTC to address the problem of nuisance and fraudulent calls. At best, these calls interrupt the peace and privacy of Canadians. At worst, they constitute crimes, often preying on the most vulnerable. Together these calls undermine the integrity of our national telecom system.
The unsolicited telecommunications rules, including the requirement to register with the national do-not-call list operator, have become well-established practices within the legitimate Canadian telemarketing community. In the 10 years that have passed since the introduction of the national DNCL, over 18,000 telemarketers and their clients have registered with the operator, respecting the privacy of the more than 13 million Canadian telephone numbers that have been enrolled.
There is, however, an important distinction between nuisance calls and fraudulent calls. Many nuisance calls are placed by legitimate parties, including not-for-profit and commercial organizations. While we can appreciate the frustration of Canadian consumers resulting from some of these types of calls, it's the growth in fraudulent calls that drives most concerns today.
The parties placing spam, fraudulent and blatantly spoof calls are aggressive and unrelenting, despite the established rules in place to protect consumers. Since they operate without fear of retribution or sanction, the mere existence of a national do-not-call list will not be sufficient to eliminate the issue. That is why Rogers, like its peers, is doing its utmost to eliminate these types of calls from our network. In fact, Rogers is diligently working to rid our network of all forms of unwanted mass calling. Over the last five years, Rogers has taken a leadership role in the industry, helping to spearhead several initiatives to tackle the problem.
Since 2015 we have worked with the CRTC enforcement branch to provide network resources, including telephone numbers and call routing, for the Canadian telephony honeypot project. This initiative collects data about fraudulent calls targeting Canadians in order to identify the methods used and assist with enforcement. For the last four years Rogers has also actively participated in the CRTC Interconnection Steering Committee, CISC, to review call blocking, STIR/SHAKEN and call traceback solutions. Rogers has taken a leadership role in many of these processes, including co-chairing several of these CISC working groups.
In 2017 and 2018, Rogers also took the lead in exploring and scoping an industry-wide filtering solution to reduce unwanted calls. Over 18 months, Rogers led a committee of 12 major carriers to assess various options. This culminated in an RFP to find a national analytics engine database, as well as a Rogers-specific RFP to potentially upgrade our network.
Finally, in 2019 Rogers worked with other Canadian telecom service providers to develop and deploy universal call blocking at the network level.
More recently, Rogers started to deploy STIR/SHAKEN. This technology will authenticate caller ID and is expected to be network ready by the end of 2020. Rogers has led many cross-industry committees to establish the best practices and mechanisms that will support its deployment, including the creation of the Canadian Secure Token Governance Authority to manage STIR/SHAKEN operations in Canada. In fact, we funded the initial work of the CSTGA.
Unfortunately, these solutions are time-consuming and complex to deploy. Telecom networks are designed to permit call completion, not prevent it, and blocking illegitimate traffic without interfering with legitimate calls is harder still. For example, while the telecom industry is working very hard on delivering STIR/SHAKEN this year, it still remains far from being launched on a commercial basis. Some standards remain to be defined, including how to display STIR/SHAKEN on the end-user devices. STIR/SHAKEN also requires end-to-end IP interconnection, which is a long time away.
Moreover, even as the industry adopts increasingly more countermeasures, the criminals are not resting. Their tactics and techniques continually evolve and change so that stopping unwanted mass calling becomes even more difficult. Most importantly, they are almost all situated offshore.
There is, however, much that can be done to combat unwanted mass calls. It will require the co-operation of industry, the CRTC and the Government of Canada.
First, the telecom industry must continue its current work instituting universal call blocking and STIR/SHAKEN. While these efforts will not end nuisance and fraudulent calls on their own and they will take time to fully implement, they do provide a foundation upon which other efforts can be based.
Second, the industry must continue to develop new methods of targeting these types of calls. Unwanted mass calling is an arms race, with each side continuously upgrading their efforts. New technologies and processes are being developed each year, and carriers must be quick to adapt and adopt.
Third, the CRTC should expand its enforcement of the rules. As the primary regulator of the telephone system, the commission must ensure that bad actors are punished. Since carriers are prohibited under the Telecommunications Act from simply blocking calls, the CRTC must be proactive in shutting down fraudulent calls when observed.
Fourth, the commission should target the points of entry in malicious calls. A large portion of international nuisance calls are coming into Canada through a small number of points of entry. The commission should therefore focus its efforts on why and how such calls appear to be entering Canada in this manner and what can be done to prevent it. It could emulate, for example, the efforts by the FCC, the U.S. Department of Justice and the Federal Trade Commission, which have recently worked together to stop incoming international robocalls at domestic telephony traffic gateways, that is, specific entry points into the United States.
Fifth, the CRTC can accelerate the deployment of SIP trunks. SIP interconnections allow carriers to adapt better technologies that can combat malicious calls, STIR/SHAKEN in particular. SIP, however, is not mandated at this time, and some carriers are deploying it sooner than others. The commission should be pressing for its widespread adoption.
Sixth, the Government of Canada itself has a crucial role. The overwhelming majority of nuisance and fraudulent calls originate abroad. The government, through Global Affairs Canada and the RCMP, must work with its foreign counterparts to shut down the call centres and robocall platforms that originate these fraudulent and spam calls. As long as these parties continue to operate with impunity, they will simply find new and alternative ways to circumvent the protections and measures implemented by telecom service providers to defeat this problem. There is no better way to stop these calls than at their source.
Last, there is an important educational component. Every stakeholder can help Canadians become more aware of how to avoid the scams that are driving these fraudulent calls. Rogers has resource materials available on our website to help consumers spot a telemarketing scam, how to protect themselves from caller ID spoofing and spam calls and how universal call blocking helps protect them.
At the same time, organizations such as the Canadian Anti-Fraud Centre are active in educating consumers about frauds, including those that abuse the telephone system, and in improving awareness of the techniques employed by the fraudsters, but they, along with all of us, should do more on this aspect, especially with vulnerable people and immigrants.
Rogers looks forward to working with its peers, the CRTC and the government to address this critical issue for Canadians. Thank you for the opportunity to participate in this review. We are happy to answer any questions you may have.
Madam Chair and honourable members of the committee, my name is Jérôme Birot, and I am the vice-president of development operations for telephone and value-added services at TELUS.
I'd like to begin by thanking you for the opportunity to address the committee today on the important topic of fraudulent telephone calls. With me for this discussion is John MacKenzie, TELUS's director of regulatory affairs.
[English]
As part of our first promise to customers, Telus has been devoting significant resources over the last few years toward finding a solution to the issue of fraudulent calls. However, it's not an easy issue to solve.
Companies around the world are struggling to find a solution. Global telecommunication networks have evolved to seamlessly connect people and data wherever they may be in the world. With the emergence of a truly global economy, these networks are being exploited by thieves and criminals at home and abroad intent on defrauding Canadians through fake and fraudulent phone calls.
I am often asked, “Why can't you just stop calls from the scam artists?” Unfortunately, fraudsters use sophisticated methods to mask the origin of their calls. They are extremely effective at blending their fraud calls with normal, legitimate network traffic as it is routed around the world. By the time they reach our shores, it is very difficult to distinguish between a fraudulent call and a legitimate call.
Since we have a regulatory obligation to allow legitimate calls to either terminate on our network or transit through it, the calls are routed to their intended destinations. When we are able to identify fraudsters, we do our best to block their calls. These are often static methods, and are not effective in a dynamic environment. So what can we do?
There are third party apps and capabilities provided by smart phone manufacturers, allowing users to block or filter their calls. They can prove cumbersome for consumers to use or may not be very effective. In addition, there are several types of systems that telecoms use to limit fraud calling in the network, such as call blocking and call filtering.
Call blocking systems, such as universal call blocking, or UCB, involves the telecommunications service provider blocking suspicious calls originating or terminating on its network, or passing through its network. For example, a calling number with all zeros would be blocked. On the other hand, call filtering systems are controlled by customers. They filter calls based on their preferences, and do not affect calls to anyone else.
At Telus, we offer a call control service, a proprietary call filtering system provided free of charge to most of our home phone customers. Call control is designed to be simple for our customers to activate and simple for them to use.
To explain how it works, I will use the hypothetical example of me trying to call you, Madam Chair. You will be a Telus customer. You will have activated call control on your phone. When I call your phone number, my call will be intercepted by the network before it reaches you. I will then hear the following message: “This number is call controlled. To get through, please press...”. Then it will prompt the caller, me, for a random number between zero and nine. We call this the challenge. I then have to press the correct number. When I do that, my call to you will be connected and your phone will ring. If I press the wrong number or do not press any number at all, my call will be rejected. I'll hear a voice recording indicating that you are not receiving calls. More importantly, your phone will not ring.
It's proven very effective at filtering out fraudulent calls, because those calls are typically autodialed by a computer system, and computer systems lack the ability to follow the instructions from the challenge.
Call control can also be customized through the use of personal lists, such as accepted callers and blocked callers. If a phone number is on the customer's accepted callers list, it will bypass the challenge. If, on the other hand, a phone number is on the customer's blocked callers list, it will be rejected.
We also have another list unique to each customer called the recent callers list. The recent callers list, which is controlled by Telus, comprises the last 10 phone numbers that have successfully passed the challenge. Phone calls from these numbers do not get challenged until they are overwritten by more recent calls.
In my previous example, this will mean, Madam Chair, that your friends and family who call you often would not have to pass the challenge every time they call you.
The results of call control have been impressive. Since its initial introduction in May 2018, we have determined that call control is significantly more effective than UCB, blocking 40% of incoming calls to customers who have activated the feature. Call control is also almost immune to spoofing, namely, where fraudsters hide their identity by faking a genuine number, like the one here today or one from a local area code. Due to the success of call control, we have been working on enabling it for our wireless customers. We expect to make it available to them in the coming weeks.
Switching gears, I would like to conclude by talking about STIR/SHAKEN. STIR/SHAKEN is neither a blocking system nor a filtering system. It is a set of protocols designed to validate the integrity of the caller ID and to provide the customer receiving a call with the assurance that the calling number belongs to the caller. Voice service providers who fail to support STIR/SHAKEN will likely find themselves at a competitive disadvantage. It is clear that STIR/SHAKEN has momentum in North America, and I expect it will be adopted shortly thereafter in Canada.
Telus is among the Canadian service providers that established a new corporation, the Canadian Secure Token Governance Authority, to support the implementation and operation of STIR/SHAKEN in Canada. However, there are still many issues that prevent STIR/SHAKEN from fully addressing the problem of fraudulent calls. The most significant of these issues is that STIR/SHAKEN standards will apply to calls within Canada initially, and at best within North America. However, many fraudulent calls originate from outside Canada. Another issue is that the system does not work if there is legacy circuit-switched equipment anywhere in the call path, which is common across networks that have been in operation for decades. Finally, we do not know how smart phone manufacturers will embrace STIR/SHAKEN standards or display STIR/SHAKEN information on their devices.
As a result of these challenges, and until STIR/SHAKEN standards are adopted globally, we do not know when STIR/SHAKEN will meet the high expectations that many have for the technology. Notwithstanding these issues, Telus is supportive of STIR/SHAKEN. We're confident that its capability will continue to improve. While we likely cannot offer STIR/SHAKEN sooner than in the U.S., we expect that Canada will follow shortly thereafter. In the meantime, we're confident that call control will provide effective protection for Telus customers.
That concludes my opening remarks. I welcome any questions you may have.