Stir Shaken Mitigation Policy

1. Limited International Calling

international calling to Canada and Mexico except on base by base case – We will open up other countries to individual customers for security purposes and the ability to trace.

1. Limited access to PBX – We have limited access to the Admin in the PBX’s by limiting the number of users with administrative privileges
2. We are the ISP and first hand able to address any observed out-of-compliance traffic.
3. If requested we have registered with each of our VoiP service providers as a part of the Stir/Shaken implementation insuring that they are performing robocall mitigation on origination calls. Not all of our Voip Service providers have requested this.
4. Customer Due Diligence
   1. New and Renewing Customers:
      1. Verification of Customer information and persons that access to the customer account on a regular basis.
      2. Phone numbers, accounts numbers and phone statements are received and verified upon porting numbers to one of our VoiP service providers.
      3. We do not offer any services that enable large volumes of outbound calls.
      4. To determine the customer’s identity and their right to use the
         telephone number for STIR/ SHAKEN purposes we use the latest phone statement from the previous phone carrier. If the information doesn’t match up, there’s no way for us to port their numbers to us.
      5. Enterprise and Small Business Customers:
         We do not research the customer’s reputation and assess the accuracy of all
         reported information? This includes history of enforcement actions,
         lawsuits, civil investigative demands, etc.
5. We do not review public complaint data or other business reputational data
   regarding the customer.
6. We do have a policy that defines the circumstances by which you deny,
   suspend or terminate service to a customer.
7. Measures to Prevent or Avoid the Origination of Illegal Robocalls .
   1. We have an acceptable use policies with enforceable terms of use.
   2. We use analytics technologies or services to monitor traffic on our
      networks and identify potentially unlawful call origination activity?
   3. What anti-fraud policies do you have?
      1. If we have reason to believe that you or your Customers have used the Service for an unlawful purpose, we may forward the relevant communication and other information, including your identity or that
         of your Customers and End Users, to the appropriate authorities for investigation and prosecution. Appropriate authorities include, without limitation, law enforcement agencies, the Federal Communications Commission (“FCC”) or the single industry Traceback Consortium designated by the FCC to trace suspicious calls back to the point of origin. You hereby consent to the forwarding of any such communications and information to these authorities, including, as necessary to comply with a lawful request, Confidential Information. In addition, we will provide information in response to law enforcement requests, subpoenas, and court orders, to protect our rights and property, and in the case where failure to disclose the information may lead to imminent harm to any customer or others.
      2. Are there any calls that you block by default, such as calls originating from
         invalid numbers? Yes. 900 numbers
8. Responding to Traceback Requests
   1. Do you participate in the Industry Traceback Group? Each Party may disclose Confidential Information only to those of its employees, agents or subcontractors who have a need to it to perform or exercise such Party’s rights or obligations under this Agreement and who are required to protect it against unauthorized disclosure in a manner no less protective than required under this Agreement. Each Party may disclose the other Party’s Confidential Information in any legal proceeding or to a governmental entity as required by law, but only to the extent and for the purposes of such required disclosure, and provided, to the extent permitted by law, the receiving Party first promptly notifies the disclosing Party of the need for such disclosure and allows the disclosing Party a reasonable opportunity to seek an appropriate protective order. We may disclose without your consent your name and certain Customer Proprietary Network Information or Confidential Information in response to a traceback request to identify reasonably suspected sources of illegal calls. The traceback request may be
      submitted by the Traceback Consortium, the Federal Communications Commission, or other federal, state or local law enforcement agencies.
9. What penalties do you have in place if a customer originates a call that is the subject of a traceback request or a large volume of traceback requests?
   1. The traceback request may be submitted by the Traceback Consortium, the Federal Communications Commission, or other federal, state or local law enforcement agencies.
   2. Do you have a process in place for investigating and stopping customers that the FCC identifies as originating illegal calls?
      1. Notwithstanding anything to the contrary in this Agreement, we may act immediately and without notice to suspend or limit the Services if we reasonably suspect fraudulent or illegal activity in your account, material breach of the Use Policies, or use of the Services that could interfere with the functioning of the CoreDial Network provided such suspension or limitation may only be to the extent reasonably necessary to protect against the applicable condition, activity, or use. We will promptly remove the suspension or limitation as soon as the condition, activity or use is resolved and mitigated in full. If you anticipate legitimate but unusual activity on its account, you should contact us in advance to avoid any Service disruption.