Monday, November 17, 2014

FCC Did Not Require Monitoring of IP-Relay Calls

Last week, perhaps in response to the uproar over Purple's announcement of ending its IP-Relay service, Purple had posted on Facebook selected snippets from a letter. The letter was blurred, making it impossible to read the full letter - even the date was not readable. However, since the October 15 letter from Purple's lawyer to the FCC informing the FCC that Purple would stop its IP-Relay service on November 14 refers to an October 2 letter from the fund administrator Rolka Loube to Purple, we have reason to believe that the snippets were from that letter. Unfortunately, the Facebook posting that Purple made to https://www.facebook.com/iprelay with the snippets, is now gone.

However, we found a copy of what could be the letter on our own hard drives.


Fortunately, Jamie had earlier typed up the snippets for easier sharing on Facebook, and now we share those snippets here along with analysis and commentary. We decided to share this here because we are still seeing comments in the deaf community that the FCC should not be requiring monitoring. The FCC itself has refuted that claim as seen in the letter dated November 17 from Chairman Tom Wheeler below, courtesy of  Andrew Phillips of the National Association of the Deaf.



This clearly says that they did NOT ask Purple to monitor call content.

Purple's choice of snippets was intended to bolster its argument that the FCC was gong to require monitoring per the transcript of Purple's video at https://www.youtube.com/watch?v=ShZX5X2cv5E: "To be reimbursed for IP Relay services, the FCC has informed Purple that we must monitor call content and details." However, upon close and careful reading, the snippets actually prove the opposite!

RolkaLoube ("RL") the Administrator of the interstate TRS Fund, was directed by the FCC to withhold 100% of Purple's IP Relay payment for July 2014, which had been scheduled for distribution in September 2014, until further notice and the FCC advised RL that an explanation and questions will be provided.

Based on an RL review of the submission and observations shared with RL by Commission staff, including observations from the Commission's site inspection of Purple's operations in the Philippines during July 2014 and subsequent analysis of Purple's IP Relay call

Yes, the FCC was so concerned about possible fraud that they actually flew FCC staff to the Philippines where Purple's call center was, to see for themselves what was going on. Until we saw that snippet, we did not know that our IP-relay calls were being handled by CAs in the Philippines.

Specific findings that we warrant withholding include:

3. During the site inspection, Commission staff witnessed numerous calls in which the caller attempted and failed to gain access to bank accounts. Subsequent review of the call detail records found numerous attempts by individual callers to hundreds of banks. We find these facts to be indicia of fraud and potential violation of rules;

So the FCC staff actually saw calls come in from people trying to access banks - and not just a few banks! Multiple attempts by individual callers to hundreds of banks? If that isn't a red flag signalling fraud, we don't know what is.

4. Similarly calls were witnessed by FCC staff in which the caller attempted to order large quantities of specific goods from department stores. Subsequent call detail record review disclosed a high number of back-to-back calls by individual callers to many department stores from individual callers;

Here again, the FCC staff saw more red flags - individuals trying to order huge amounts of goods from stores. Again backed up by reviewing the call records.

5. Review of call detail records has disclosed a significant number of calls from single users making back-to-back calls to a high number of pharmacies;

The pattern continued with pharmacies, probably from fraudsters trying to get lots of prescription drugs.

8. Review of call detail records has disclosed a significant number of calls from ten-digit numbers that are active for only a few days.These numbers were associated with multiple calls to particular types of vendors - banks, department stores, and pharmacies, however Commission staff has advised RL that it is continuing to review and may find similar calling patterns to other types of businesses.

The FCC staff suspected similar patterns would be found with other business categories. Patterns of individuals trying to get products in bulk.

To establish that any call is legitimate, we would suggest at least the following information related to MOUs submitted for payment incurred in July of 2014 be provided:
* Pertinent registration information for the relay beneficiary/user of the TDN's making numerous compensable calls to department stores, pharmacies, or to banks in July 2014, particularly when there do not appear to be calls to anyone else.
* A general description of the hearing party to the call; e.g. commercial bank, private party, department store, medical professional.

Here, upon first reading, the snippet appears to bolster Purple's claim of being required to monitor users' calls. But upon closer, more careful reading - note the bolded text - it can be seen that the FCC is actually only requesting details for the callers suspected of making fraudulent calls. The FCC is NOT requiring details for ALL callers' records!

Sunday, November 16, 2014

Why IP-Relay is Important to Me Personally

The discontinuance of Purple's IP-Relay service on November 14, 2014, was difficult for everyone to deal with. It's affected many people in many ways, some more than others. In this post, I'm going to be writing how it's affected me.

I got my number sometime around 2004 or 2005. I started using it for job searches, calling medical people, and various other places.

Currently, my usage of IP-relay has two major uses. Job searches and medical. I'll cover the two in detail below.


Medical

November 3 had me enter the hospital for hip replacement surgery on the right hip. I needed to do this to make me more able to work. Before the surgery, I was in constant contact with the hospital and other medical people in preparation for the surgery and for other future appointments.

The day after surgery was when the news broke about Purple discontinuing IP-Relay. I was in my hospital room and was writing messages and other things on a laptop in between visits and communications with doctors, nurses, and physical therapy. That plus keeping in contact with people on my phone via IM. This was NOT how I wanted to spend my time in recovery from major surgery!

I was discharged from the hospital November 6th. Fortunately, I went with the same home health services as before, and the supervisor, nurse, and physical therapist had no problem with my using text.

But this is a critical time post-surgery. Anything can happen. As one can see after reading the previous Surgery and the Hips posts, I'm in zero mood to have an infection again, which required a lot of calls and making contacts with doctors.

Before graduating from Gallaudet University in May 2013, I was in contact with medical people in terms of dealing with a bad and painful left hip joint. All through the surgeries on the left hip joint in June, July (due to infection, replaced by antibiotic spacer), and November 2013 (spacer replaced by new joint), I was in contact and afterwards for post-surgical checkups.


Job Searches

I started my job searches in January 2014 after I was allowed medically to drive and do what I needed to do. Many employers require job seekers to have a phone number, and some won't even consider using email. I had some interviews in that period of time between January and when IP-Relay was discontinued. I had a few employers request that I call them. Many employer online applications require that a phone number be entered. There were 2-3 employers who had pre-screening using Skype.

I have one pending interview, fortunately, for an entry level position. When I told the employer that I could not make the interview due to surgery (this was a week after surgery), they said

"No problem.  Just email me when you are ready."

How many employers would be willing to do this?

That plus a government interview that was just two weeks after surgery when I was more physically prepared.


A Critical Time

Thus, as I've said before, this is a critical and important time for me under these two particular categories.

For those who wish to read comments submitted to the FCC related to IP-Relay, they can be found here:

http://apps.fcc.gov/ecfs/

Go into Full Text Search and search using keyword ip-relay.

Related links:
The End of Text IP-Relay Services? Say It Ain't So.
Here's Why Purple's in Deep DooDoo!
The Case for AIM Relay

Saturday, November 15, 2014

The Case for AIM Relay

For many years (ten?), there was a form of text IP-Relay that used AIM. In order to make a call, an AIM user would sign on to AIM, select the screen name My IP Relay, the caller would enter the phone number to call, and then the system would assign an operator to take the call. From there, the operator would call the requested number and act as an in-between during the call. Basically, the person would type the message, and the operator would read it aloud to the hearing person on the other end. The hearing person would then respond using voice to the operator, who would transcribe what was said in text for the deaf caller to read.

For the last several years, Purple has been the sole provider of AIM IP-Relay. Previously, IP-Relay, including AIM-based IP-Relay, was provided by Hamilton Relay, Sorenson, and AT&T. Over time, they quit. Now Purple has stopped offering IP-Relay, which means the deaf, deafblind, and speech impaired, no longer have an AIM-based text relay service.

Major advantages of IM-based relay (some of these advantages come from comments filed with the FCC):
  • If the power is out, the AIM users could still communicate using their phones
  • Deaf-blind users can easily expand the font sizes
  • Deaf-blind users who can not see sign language, but could see enough to use a computer, could use AIM relay
  • AIM users can be anywhere physically – they are not tied to a computer
  • AIM has a web-only version called WebAIM, so users who do not install the software can access AIM from any computer
  • The 10-digit phone numbers given out by IP-Relay had area codes corresponding to where the user lived. That was very important for deaf business owners and job seekers
  • AIM gave users the ability to see calls come in due to the IM client’s ability to flash the icon at the bottom of the screen. With Sprint’s IP-Relay, users can make calls but can not see calls come in.
  • Some users do not want to be seen on a VRS service for privacy reasons
  • Users who did not sign or who lacked good sign skills, needed AIM
  • Because a user’s AIM screen name was tied to their registered, verified IP-Relay account, the user did not need to sign in. Sprint’s IP-Relay requires users to sign in with a user name and password.
Many people have suggested the relatively new InnoCaption service as an alternative. While InnoCaption does allow for text-based communication, InnoCaption is not the answer for everyone who had depended on AIM relay!
  • InnoCaption requires a voice and data plan. Many deaf people have data-only plans because they can't use the voice services. Do we now need to upgrade to more expensive voice and data plans, wasting money on voice services that we can’t use?
  • Some people work in workplaces that do not allow cell phones. Those employees obviously can not use Innocaption on the job.
  • InnoCaption does not allow porting of existing IP-Relay 10 digit numbers over to InnoCaption due to their using a specific area code that is totally different from the 10-digit numbers from IP-Relay that had area codes linked to where users lived.
If you are someone who had depended on AIM Relay or simply preferred it (some deaf people simply prefer text to video), file a comment or complaint with the Federal Communications Commission’s Electronic Comment Filing System at http://apps.fcc.gov/ecfs/. Several people already have!

Below are two blog posts which explain more about the issues behind the end of Purple’s IP-Relay service.

http://rsgeo007.blogspot.com/2014/11/the-end-of-text-ip-relay-services-say.html
http://rsgeo007.blogspot.com/2014/11/heres-why-purples-in-deep-doodoo.html

Wednesday, November 12, 2014

Here's Why Purple's in Deep DooDoo!


An important document from the FCC's document archive dated May 2, 2014, FCC-14-57A1 documents Purple's failure to follow the FCC's requests for reasonable steps to keep fraud from happening. Purple was ordered by the FCC to use a reasonable process to verify the signup information of their TRS services. Unfortunately, Purple violated the FCC’s orders by using a “flawed process” to validate incoming signups, thus facilitating fraud coming from non-validated account signups. As a result, the FCC assessed a penalty on Purple.


Welcome back from reading a LONG 26-page document. If you stuck to reading just the numbered paragraphs, you're in good shape. I've broken down what I've understood of what the FCC has been talking about in the paragraphs. I will include the numbered paragraph in italics and below it my own response in normal text.

The first several paragraphs indicate the FCC's requirements for an effective relay service incorporating 10-digit phone numbers. Page 5 is the beginning of the Discussion section.

A. Purple Apparently Violated the Second Internet-Based TRS Order by Failing to Implement a Reasonable Verification Process

No kidding. After reading through the rest of the document, Purple's in deep stuff.

12. While not requiring any specific verification procedure, the Commission has described three types of procedures that it considers reasonable for purposes of verification. These procedures share several key factors. Each verifies the name and mailing address provided at registration, and each affords timely verification, thus producing a reasonable period between a user's registration and the determination as to whether the user is eligible or not to make TRS calls. Any reasonable verification process would have included these key factors and ensured that providers did not profit from allowing unverifiable users into the TRS system and allowing them to make calls over an extended period of time.

Observe how the Commission has requested reasonable procedures with the key word being REASONABLE. Consider what is reasonable and why. In order to reduce fraud, one must take steps to reduce it despite the difficulty with completely eliminating it. The user's name and mailing address is, indeed, reasonable. Now look at the last sentence. Reasonable verification process. This means a way to verify and validate that account's information.

How does any agency that offers services do this? Often, we're required to show them our drivers license or something similar. And how do we get those forms of ID? Many states require that the person present their birth certificate and other similar items in order to get this ID.

13. Prior to 2008, Purple was aware that IP Relay had been misused by persons to defraud domestic merchants and that one of the Commission's goals in implementing the new requirements was to eliminate user anonymity and IP Relay fraud.

Up until 2014, they did nothing. How much was defrauded? Most likely the numbers are inaccurate, but could easily be way into the high millions. Can they be held responsible for these losses?

14. Due to the shortcomings in Purple's procedures, the evidence shows that Purple did not, in fact, verify the name and/or mailing address of at least 40,000 False Name registrants, yet nevertheless assigned these users ten-digit telephone numbers, and then submitted reimbursement requests that included minutes generated by such users. As described below, we find that Purple failed to institute a reasonable process to verify user registrations as required by the Second Internet-Based TRS Order.

Makes you wonder how flawed of a process was used, if any verification was used, and if any efforts were made to even try to reduce the ongoing fraud. Someone had to know about those 40,000 fake accounts. The phone company doesn't just throw a phone number at you and say that it's yours. An account has to be created and validated.

 From (date redacted) until (date redacted), Purple's process made no attempt to verify registrants' names and mailing addresses.

ZERO verification of the account holder's name and mailing address.

As explained in more detail below, the Company used a (redacted) process, confirming that (big redaction). In (redacted) Purple added an e-mail component to its process; (big redaction). This e-mail component did not, however, involve any effort by Purple to verify the accuracy of the information provided by the user. The fundamental point is that Purple's (redacted) process and e-mail component never even attempted to verify the accuracy of the user's name or mailing address as required by the Second Internet-Based TRS Order.

Now why didn't they use email verification even after adding the component? It’s an easy implementation to verify and validate all three.  What kind of process did they use?

Paragraph 16 basically repeats the failure of the name, address, and phone number validation.

For example, if a registrant had given an empty parking lot as his or her address, the (redacted) would have verified the address as long as the parking lot were (redacted) even if no habitable structures existed at that address.

Makes you wonder. The post office ain't gonna deliver to a parking space.

In one instance during its investigation, the Bureau examined an address that Purple had provided that was associated with 299 different registrations; each registration had listed "201 Alice St., Alger, OH 45812" as the registrant's address. No such mailing address existed. Bureau staff contacted the post office in Alger, Ohio (a town with a population of less than 1,000) and confirmed that the mailing address did not exist.

...but 299 registrants using a single fake address? I can understand maybe 2-5 of a single address, maybe a deaf family or deaf roommates living there, but 299? I tried looking it up on Google Maps, and the post office for that area displayed. Alger is east of Lima in central Ohio just off I-75, about a short 20-30 minute drive.

Paragraph 17 talks of the use of Verity assigning each registrant a reliability score. Verity is software created by Imperium, located in Westport, Connecticut.


Just how low a V-Score did Purple use?

Paragraph 18 has a lot of redactions. Basically, Purple tried to improve their validation and verification implementations, but still failed. As a programmer, it's not too difficult to add some coding routines that can verify and validate the provided email as well as have a human send a printed letter via snail mail to the provided address. Some banks and other places use this method when their clients set up their online account and send a letter with a confirmation code.

It's not too hard as well to set a flag or flags on an account to show that it's locked until the email validation and/or address verification are done. That plus compare addresses, physical and/or email, for multiples. If that address shows up after a certain count, a report can be created and sent to the appropriate person(s) within the organization. The account database should have the capability to sort by various columns or rows. Multiples will show up right there.

20. Indeed, Purple knew or should have known that the False Names were so patently defective that they could not possibly have been the actual names of eligible users. However, instead of rejecting the False Names (based on their nonsensical nature) or attempting to confirm that they belonged to eligible users, Purple chose to disregard the verification requirements by accepting these names without reasonable further inquiry regarding users' actual names and mailing addresses.

It's hard enough or next to impossible to claim they couldn't have known as there was at least someone who had access to the account database. And this is someone I'd love to hear from.

Paragraphs 21 to 23 have Purple still claiming their processes were reasonable in the face of evidence that proves otherwise. Paragraph 22 is quite heavily redacted, with them looking like they're using certain techniques. Then the FCC in Paragraph 24 blows Purple out of their shoes, out of the water, and out the airlock.

While Paragraph 25 is long, Purple is still making claims, showing their “proof,” which unfortunately, is mostly redacted. They've got something called a “guest user or access policy.” Apparently, the new account could immediately start making calls right when it was created. Again, we can see right there through their smoke-blowing that there was zero verification/validation. In reality, this account should have been set so that the person could not make calls, but still modify the preferences and other entries until it was cleared. We know that guest accounts are typically known to allow limited access until more access is granted.

In Paragraph 26, the FCC rolls over and flattens Purple's claims in 25. And then in 27, Purple shoots a major hole in itself by “suggesting that it should have (redacted) because it reportedly did not (redacted). Purple's actions, however, are inconsistent with this suggestion.” Then the Commission does one final shot in 28, saying that Purple failed to implement a reasonable verification process of the time periods covered. In the entire report, the word reasonable is used.

Then like a judge delivering his/her verdict:

B. Purple Apparently Violated Section 64.604(c)(5)(iii)(D) of the Commission's Rules by Submitting Inaccurate Data to the TRS Fund Administrator and for Seeking Reimbursement for Calls That Were Not Compensable

The Commission delivers the penalty, a forfeiture proposal, meaning to pay back or give up. After reading the charges, the Commission delivers a judgment of requiring Purple to pay back $11,937,549.

So what does this mean for the future of IP-Relay? First, take a look at what I've said above. Then, decide on how the fraud will be reduced. Next, answer the question about the sustainability of the rates, given the history of the FCC lowering them every year compared to other TRS rates.

Purple has a call center in the Philippines. With the lower labor costs out there, why can’t they make a profit at the current rate paid, which is $1,039/minute?

Once the reasonable procedures are followed, then fraud will be reduced greatly.

Monday, November 10, 2014

Urgent! Email Ray Baum in the House! (was End Of Text Relay Services?)

Just got this from Jamie Berke earlier this afternoon.

She called the House Energy and Commerce Committee's Subcommittee on Communications and Technology because they oversee the FCC. Congressman Greg Walden chairs the subcommittee. She I got the name of the legislative aide who works with FCC issues, and already emailed him. His name is Ray Baum, and his email address is

ray.baum@mail.house.gov

What we need to do is bombard Ray Baum telling him to help out with the issue of Purple and IPRelay.

Here's a direct link to that subcommittee web page, which specifies they oversee the FCC:

http://energycommerce.house.gov/subcommittees/communications-and-technology

Share and repost this all over the deaf and hard of hearing, deaf-blind, and speech impaired communities!

Friday, November 7, 2014

The End of Text IP-Relay Services? Say It Ain't So.

Say it ain't so. Purple announced earlier that they will cease their well-used IP-Relay services on November 14.

Initial reports

A first report from a Purple vlog

https://www.youtube.com/watch?v=ShZX5X2cv5E&feature=youtu.be

Purple said that the FCC ordered Purple to monitor all calls for quality. From that video above, Purple stated: "To be reimbursed for IP Relay services, the FCC has informed Purple that we must monitor call content and details."  Then someone else emailed the FCC and they said that even with their efforts, they never told anyone, much less Purple, to disclose the content of what is said during any relay call.

Here is the email response the FCC sent:

Thank you for contacting the Federal Communications Commission (FCC) regarding IP Relay service. On October 15, 2014, Purple Communications, Inc. notified the FCC that it will cease providing IP Relay service as of 5 p.m. EST on November 14, 2014. At present, Sprint remains a provider of IP Relay service.

The FCC is aware that IP Relay service is essential to many consumers who use relay services to communicate over the phone and that it is the only method of placing and receiving telephone calls for some of these consumers. Unfortunately, IP Relay service has been subject to significant fraud and abuse in recent years, totaling millions of dollars. The FCC’s efforts to protect these services for all consumers by eliminating this fraud and abuse has resulted in several providers terminating their provision of this service. Following the latest voluntary departure from the market by Purple, the FCC is working around the clock to ensure that consumers continue to have full access to IP Relay service in a manner that does not encourage IP Relay misuse by illegitimate users. In addition, we are actively exploring options to ensure that people who are deaf-blind continue to have accessible ways to use this service.

Finally, we wish to dispel any rumors that the FCC has ever required any TRS provider to disclose the content of what is said during any TRS call, including any IP Relay conversation. The FCC has strict rules guaranteeing both the confidentiality of all calls and the privacy of caller information, and we will continue to enforce those rules as they apply to IP Relay or any other form of TRS.

We thank you for bringing to our attention your concerns about IP Relay service. We will continue our work to find options to keep this service up and running in a manner that meets the communications needs of all individuals who need it.


Reimbursement cuts

We need to remember that not only the FCC has cut reimbursements, causing some services to close down, but there is also fraud, both from within the relay services agencies and outside. Sprint Relay is another relay services provider, but there have been indications that they too may discontinue their IP-Relay services.

It is possible that the real reason may be the rate cut that was imposed in July 2014: cut to $1.0309 a minute (see http://www.fcc.gov/encyclopedia/2014-trs-history-docket). This is the lowest of the non-VRS relay service rates, so it is possible that Purple may have decided it wasn't profitable and they would drop the service (but blame it on the FCC's alleged requirement to monitor IP-Relay calls).

A challenge and a petition

Jamie Berke has challenged Purple via Twitter to show proof that the FCC is requiring them to monitor text relay calls.

As of now, there's a petition to get the FCC to increase reimbursements, based on the yet unproven FCC requirement to monitor IP-Relay calls.

https://www.change.org/p/cgb-disability-rights-office-reimburse-purple-for-their-ip-relay-i711-services

Will we still have the Purple IP-Relay next week?

Update: Jamie believes she found the proof she challenged Purple to provide. Read the letter posted here:

http://www.doncullen.net/blog/purples-shutting-ip-text-relay/

Sprint responds

Someone received this email from Sprint:

Hello, Sprint is currently undergoing a process with the FCC to make a decision on whether we can remain in the Sprint IP Relay business at all. We hope a decision is made in the coming weeks; however, until that time , we are unable to process any new Sprint IP registrations or port any existing numbers. Persons who have begun the registration process will receive an email when any determination is made. Thank you for your patience.

Sherri
Sprint Relay Customer Service
800-676-3777 (V/TTY) 877-877-3291 (Fax)
Sprint.trscustserv@sprint.com
www.sprintrelay.com



This means that if Sprint also gets out of the relay business, that's it. We have nothing. It doesn't need to be said that it will affect everyone in terms of job searches, medical, etc.

Trouble in TRS

On Facebook, Purple posted snippets from a letter from the TRS administrator to Purple:


https://www.facebook.com/iprelay/photos/a.196529827041236.52845.188194574541428/931489833545228/?type=1


It is hard to read the snippets without expanding to full screen so I typed them up for you to read easily:

RolkaLoube("RL") the Administrator of the interstate TRS Fund, was directed by the FCC to withhold 100% of Purple's IP Relay payment for July 2014, which had been scheduled for distribution in September 2014, until further notice and the FCC advised RL that an explanation and questions will be provided.

Based on an RL review of the submission and observations shared with RL by Commission staff, including observations from the Commission's site inspection of Purple's operations in the Philippines during July 2014 and subsequent analysis of Purple's IP Relay call. Specific findings that we warrant withholding include:

3. During the site inspection, Commission staff witnessed numerous calls in which the caller attempted and failed to gain access to bank accounts. Subsequent review of the call detail records found numerous attempts by individual callers to hundreds of banks. We find these facts to be indicia of fraud and potential violation of rules;

4. Similarly calls were witnessed by FCC staff in which the caller attempted to order large quantities of specific goods from department stores. Subsequent call detail record review disclosed a high number of back-to-back calls by individual callers to many department stores from individual callers;

5. Review of call detail records has disclosed a significant number of calls from single users making back-to-back calls to a high number of pharmacies;

8. Review of call detail records has disclosed a significant number of calls from ten-digit numbers that are active for only a few days.These numbers were associated with multiple calls to particular types of vendors - banks, department stores, and pharmacies, however Commission staff has advised RL that it is continuing to review and may find similar calling patterns to other types of businesses.

To establish that any call is legitimate, we would suggest at least the following information related to MOUs submitted for payment incurred in July of 2014 be provided:

* Pertinent registration information for the relay beneficiary/user of the TDN's making numerous compensable calls to department stores, pharmacies, or to banks in July 2014, particularly when there do not appear to be calls to anyone else.

* A general description of the hearing party to the call; e.g. commercial bank, private party, department store, medical professional.

Forgery and fraud

And here's proof that the registration requirements can be gotten around through fraud, forgery, and proxies.

https://www.youtube.com/watch?v=UHhtyY7IOvc&list=UU6Elc3aum-DG7z6zgY1ULDA


Other related blog posts:

http://www.deafblindconfessions.com/blog/relay-service-options-for-deafblind

Major Update


http://rsgeo007.blogspot.com/2014/11/urgent-email-ray-baum-in-house-was-end.html