The FCC defines robocalls as "calls made with an autodialer or that contain a message made with a prerecorded or artificial voice." By that definition, some robocalls are actually perfectly legal. Think of the automated call from the pharmacy telling you your prescription is ready, or charities asking you to take a survey. You might not be a fan, but political robocalls are also generally permitted. Campaign-related calls are always allowed when made to landline telephones, though calls made to cellphones do need prior consent.
As for telemarketers, the FCC requires that they obtain your consent prior to the call. You can block these calls altogether by putting your name on the Do Not Call list. If you do get a robocall, even after putting your name on the list, you're most likely on the receiving end of a scam (as the Do Not Call list is good only for reducing the number of legal calls).
What is illegal, then? Well, as mentioned, telemarketing robocalls that don't have previous authorizations are illegal. Obviously, imposter scams like the ones asking for your Social Security number are illegal. Most caller-ID spoofing is also illegal, though it should be noted that ID spoofing and robocalls aren't the same. They're often intertwined, of course -- most robocalls use spoofed IDs -- but sometimes real people spoof their IDs too. Plus, there are a few legitimate cases for caller-ID spoofing, like when a business shows its caller ID as a toll-free callback number or when a doctor shows her office number instead of her personal cellphone number.
Whether or not you agree with this administration's FCC on a number of other issues, it has implemented several strategies in the past year to curb robocalls. So far, the FCC has ruled to allow phone companies to block robocalls by default, called for major carriers to adopt a more robust caller-ID authentication system (based on the STIR/SHAKEN framework that validates calls before reaching recipients) and banned spoofed IDs from text messages as well as from international robocalls. The FTC has stepped in too, filing suit against a number of robocall perpetrators. The House and Senate have also passed legislation aimed at requiring carriers to authenticate every call. Last year, the FCC even sued a robocall spammer for $120 million, the largest fine the commission has imposed.
Knowing all of this, what can consumers do? Thankfully, there are several safeguards in place. Several carriers have caller-authentication protocols. T-Mobile implemented a Scam ID (which identifies suspicious numbers with "Scam Likely") and "Scam Block" (which blocks them altogether) system in 2017, but it announced late last year that it was ready for the FCC-recommended STIR/SHAKEN protocol as well. It launched a "Caller Verified" program in January with Comcast so that calls from within those two networks will have that verification label. Plus, it recently announced that it would verify phone calls from AT&T as well (and vice versa).
AT&T also has free and automatic in-network systems that label or block unwanted robocalls. If you want additional protection, AT&T offers a Call Protect app that will let you create a personal blocked list. Verizon (Engadget's parent company) has a similar tool called Call Filter, which helps users figure out when a call is spam and even report unsolicited numbers and automatically block robocalls. Like Call Protect, Call Filter is an app that you have to download; it's not built into the service itself. Additionally, if you want an upgraded version of Call Filter, you'll have to pay $2.99 a month. It'll let you identify unknown callers by name, create a personal robocall-block list and provides additional insight into the spammer.
Sprint, on the other hand, doesn't automatically block spam calls but customers can sign up for a "Premium Caller ID" service to alert them to robocalls and spoofers. The catch is that it costs $2.99 a month.
Additionally, some phones have the robocall- and spam-protection built-in. They include Samsung's Galaxy and Note smartphones (which has a feature called Smart Call) and some Android phones that use the Google Phone app (like the latest Pixels for example). With the latter, Google says it uses machine-learning to continuously update how it detects new spam callers. Recipients can mark a caller as spam in the call log or end the call using "Mark as spam." There's also a "Call Screen" tool that lets users screen the call and read a live transcript before answering it.
Other tips and tricks
Despite all of this, illegal robocalls still slip through. The FCC and FTC have published guidelines on how to deal with them, and here they are in a nutshell:
- Hang up immediately. If you engage in any way, you might be flagged as a "live number" and might be targeted again in the future.
- Be aware that caller IDs can be spoofed; that call might not actually be from your mother.
- Never, ever give out personal information like Social Security numbers and passwords.
- If the caller says he's from a government agency or a bank, always hang up and verify the information elsewhere.
- If carrier services aren't enough, you might consider using trusted third-party-call blocking apps such as Nomorobo and Truecaller. That said, apparently some of them send your data to third parties without your explicit consent, so it might be a better idea to opt for another method of curbing robocalls.
- Block individual numbers that you know are scam or robocallers on your phone's own block list
- Sign up for the aforementioned Do Not Call list, so that you know those incoming telemarketing robocalls are likely fake.
In the end, perhaps the best advice is to use common sense. If you see a caller ID you don't recognize, just don't answer it. If the call is important enough, hopefully, the person will just leave a message.