Theres a lot of confusion out there over VOIP and 911 services. In the wake of Thursdays FCC order to the VOIP industry to provide E911 services within 120 days, I have to count myself among the confused.
First, I hope to clear up some confusion. There are a lot of people who think that, as a general matter, VOIP doesnt have 911 service. This isnt true. The truth is far more complicated. Some VOIP providers provide full E911 service, and others provide none.
Check out eWEEK.coms for the latest news, views and analysis on voice over IP and telephony.
The actual FCC order hasnt yet been published, but we do have a press release they issued along with short statements from each of the commissioners. The press release includes descriptions of the order, including the following points:
- It applies to companies that provide phone service that allows customers to make and receive calls on the PSTN (Public Switched Telephone Network).
- 911 calls must be delivered to the customers local emergency operator, and this must be a standard, not optional, feature.
- The provider must provide number and location information to the operator. This is what it defines as “E911” service. The FCC presumes that the information will need to be self-reported, so the provider must provide the customer with a means to change the location information if they change the location of the VOIP TA (terminal adapter).
- Providers must inform their customers of all these changes by the effective date.
- ILECs (Incumbent Local Exchange Carriers), like Verizon and SBC, must provide access to their E911 networks to any carrier.
- The deadline is 120 days from May 19, 2005.
The Implications of the
The FCC hearing included testimony from users who didnt get 911 service on their VOIP calls. In at least some of these cases there was no service because someone didnt bother to sign up for the service. (VOIP providers were not invited to attend.) Until Thursday I just assumed that the user bore some responsibility in these cases, but this was naive. Its clear that the FCC has decided that full E911 service is something that should be expected to work on anything that looks like a telephone.
More to the point, vendors like Vonage will no longer be able to let customers use their service until they sign up for 911 and provide a location.
Vonage is a good example of another problem the FCC addressed—”nomadic services.” This is when your VOIP provider allows you to take your TA to some other location (college, a hotel, your office) and use it there while maintaining the phone number from the original location. To get accurate 911 service, the user has to inform the provider of the new location. Its not hard to see how some changes in the network connection, such as a change in subnet, could be taken as a clue to the VOIP provider that the users physical location has changed, and the customer then could be asked to update that information.
The FCC order clearly envisions such a situation, but if Im corporate counsel for a VOIP provider Im still uneasy because its too easy to see how things can go wrong:
- The user could lie and say his location hasnt changed.
- The user could lie and provide an incorrect, but valid address.
- The user could mistakenly provide the wrong address.
And it doesnt stop there. What if someone steals the users TA, takes it across town and makes crank 911 calls? Its going to happen, and the victim of that next call that the police didnt get to because of the crank call will sue the VOIP provider and testify before the FCC.
There are companies in even more precarious positions than Vonage. The FCC says that the order applies “… to companies that provide phone service that allows customers to make and receive calls on the PSTN …” but its not clear to me if the “and” is strict like it would be in programming. For example, users of SkypeOut can make calls out using the PSTN, but not receive them.
I suspect the rule would apply though. Commissioner Michael J. Copps added: “Critically, we limit our requirements here to services that are capable of origination and termination on the public-switched network. This means they are directed squarely at substitutes for basic telephony. Our rules govern the kind of services that a parent or child or babysitter or co-worker will justifiably expect to work in a 911 emergency situation.”
Unfortunately, from a public safety standpoint, the ability to call the 911 caller back is critical, and here SkypeOut is problematic. One wonders if the FCC will find SkypeOut to be incapable of complying with the order and inherently unsafe.
The Restrictive Future
The FCC knows that the self-reporting regime is inadequate and has already issued a warning that there is a next generation. The press release adds that “the Commission stated its intention to adopt, in a future order, an advanced E911 solution that includes a method for determining the customers location without the customer having to self report this information.”
This “self-location” capability is, at first glance, an impossibility for VOIP. At a TCP/IP level, location is an unknown piece of data, and divorcing address from physical location was a major goal of the protocol. Imagine the problems that tunneling and mobile connectivity (such as mobile WiMax, once it comes out) would present.
Looking at a hardware solution, even if one were to mandate GPS, it doesnt work well inside buildings and doesnt provide altitude information (what if I call 911 from the 50th floor of the Empire State Building?). I am told by industry people who should know that there are credible efforts to develop technology, perhaps with GPS assisted by other technologies that work where GPS is weak. Undoubtedly these developers have spoken to the FCC and have gotten a semi-official blessing.
For any of this to work, all VOIP hardware would have to be upgraded to new, undoubtedly more expensive hardware and all the software revved to support location identification protocols. Its a bigger mess than the self-reporting disaster.
The only alternative, and what I assume will actually happen, is the end of nomadic services. VOIP vendors will have to find a way to confirm that the customer is using the service at a particular location and require him to keep it there.
My service is through my Internet service provider, Speakeasy.net, a DSL provider. Compared with other VOIP providers, Speakeasy has been highly restrictive in its terms, and Im convinced this was forward-looking of it.
When I got my Speakeasy Voice service, the first thing I did was test the 911 service. First I called the local police and asked them if I could test 911 without getting in trouble. The officer told me that 911 calls rang right at his station and that I should try it. I called 911 and the same officer picked up and read me back my name, number and address. This is essentially the capability ordered by the FCC. (Even though the behavior at my home appears to conform with the FCC order, the Speakeasy Voice Service Subscriber Agreement indicates that Speakeasy does not have real 911 or E911. This, the company claims, is just lawyer talk and it in fact does have full E911 on its network.)
Speakeasy service is different from most VOIP vendors service in that it knows, pretty much with absolute certainty, the physical location of the telephone making a call. Since it only sells its service to its DSL customers, and it knows the location of the phone line on which the circuit is provisioned, and its VOIP TAs are tied to the static IP address for that circuit, its basically not possible to move the phone line to another location. This point is critical. As best as I can tell, VOIP services provided by cable companies are in a similar position, or at least they have the capability to tie their users to a specific location.
Speakeasys VOIP service is actually provided by Level3, which is a customer of Intrado (whose stock not surprisingly spiked on the news of the FCC order), a company that provides 911 delivery services to VOIP companies. Companies like Intrado and the HBF Group allow ILECs to not have to deal with every VOIP provider and VOIP providers to not have to deal directly with the ILECs, since access to the 911 network goes through the ILECs.
Intrado also solves certain other problems that VOIP presents to the 911 system, such as its natural inability to handle calls for numbers outside of what is called the rate center, meaning the geographic region in which the PSAP (Public Safety Answering Point)—the emergency call center where the 911 call goes—is located. Many VOIP providers will let you get a phone number, for example, with a Miami area code even though you live in Milwaukee.
The idea that Internet services should be left alone lest the sky falls has clearly lost in the FCC, and the standards for VOIP 911 service will be very high from now on. That doesnt mean the order will produce an appreciably better situation. It seems to me that if customers cant be bothered to provide accurate location information its not hard to see the next disaster coming down the road.
The self-location solution, even if its really possible (Im skeptical), is still science fiction from the standpoint of today and will be resisted tooth and nail by the industry for cost purposes, and we wont see it for a long time.
What we will see is a rollback of many of the features that made VOIP a gee-whiz technology, especially nomadic service. Look for vendors to find ways to be like Speakeasy and restrict their users to one physical location. This will not only comply with the order, but it will be good for their liability position.
Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
More from Larry Seltzer