[VoiceOps] T-Mobile SMS Non-Compliance Fines - A Violation of the TCPA / Section 230?

Peter Beckman beckman at angryox.com
Wed Dec 20 13:24:55 EST 2023 

I received this information from Bandwidth 2 days ago:

https://support.bandwidth.com/hc/en-us/articles/19939626519575-New-non-compliance-fees-on-January-1

T-Mobile is stating that starting January 1, 2024, they will be fining
carriers for every SMS that violates these three tiers of unwanted
messaging:

     Tier 1: $2,000, for phishing, smishing, and social engineering
         Social Engineering refers to the practice of targeting individuals in a way
         that manipulates individuals to reveal private information like credit card
         numbers, or social security numbers.
     Tier 2: $1,000, for illegal content  (included content must be legal in all 50 states and federally)
         Illegal content includes, but is not limited to, Cannabis, Marijuana, CBD,
         Illegal Prescriptions, and Solicitation.
     Tier 3: $500, for all other violations including, but not limited to, SHAFT
         Please review the T-Mobile Code of Conduct Section 5.2 for a list of
         all disallowed contact

My first thought is How the heck are we going to, in an automated fashion,
detect and prevent the sending of this type of content?

My second thought is This opens up carriers to monitoring Section 230
protected telecommunications, and potential legal action against them by
their customers as they attempt to avoid T-Mobile fines.


But T-Mobile isn't the US Government, so they can pretty much do whatever
they want here. But to try to comply with T-Mobile's demands, it puts
carriers into a potential legal gray area because now they scan and block
the content of messages.


I get it, we all hate spam and the mis-use of SMS and Phone Calls. And yes,
I'm happy that there are independent carriers that are pushing harder to do
so.

But this seems like the very wrong way to go about it.


I don't mind them fining a carrier after they bring the issue to their
attention and they do not act within a reasonable amount of time (3
business days).

But a Social Engineering attack, that really isn't something you can tell
from a single message. T-Mobile is saying that if all carriers sending SMS
messages to their customers do not scan an entire conversation and then
somehow detect that the conversation turns into a phishing attempt, that
they will charge that carrier $2,000?

I'd love to hear everyone's thoughts here. And what plans are being made to
handle this unreasonable demand by T-Mobile.

Beckman
---------------------------------------------------------------------------
Peter Beckman                                                  Internet Guy
beckman at angryox.com                                https://www.angryox.com/
---------------------------------------------------------------------------

More information about the VoiceOps mailing list