Client Advisory: Is Your OTT VoIP Company Ineligible for an STI Certificate (Highest Call Attestation Level) Under Canadian STIR/SHAKEN Rules? Governing Authority Announces Series of Meetings to Decide on New Eligibility Requirements
Interested Telecommunications Service Providers (TSPs) can now participate in a consensus process facilitated by the Canadian Secure Token Governance Authority (CST-GA) to develop new eligibility requirements for access to Secure Telephone Identity (STI) Certificates through Service Provider Code (SPC) Tokens.
The CST-GA’s notice yesterday announced a series of meetings to “engage in a contribution driven consultative process” to determine new STI Certificate eligibility requirements (Notice). Initial contributions are due by August 18, 2021 and the Notice sets out a schedule including future meetings, contributions, and issuance of a draft consensus report by September 10, 2021.
The Notice stems from a recent Canadian Radio-television and Telecommunications Commission (CRTC) decision that the CST-GA’s current policy requiring direct access to Canadian Numbering Administrator resources for eligibility was “neither necessary nor appropriate.” That decision was prompted by an application by Mitel following an April 2021 CRTC decision imposing STIR/SHAKEN on all TSPs for IP calls.
Currently ineligible TSPs subject to STIR/SHAKEN requirements must still implement STIR/SHAKEN to authenticate and verify caller ID information for IP-based calls, despite lacking access to STI Certificates that would provide them the highest attestation level. Thus, all impacted TSPs with Internet Protocol (IP) networks in Canada should participate to ensure they will be eligible and should reach out to The CommLaw Group soon to ensure their contributions are timely filed.
If you have questions about the applicability of the CRTC’s STIR/SHAKEN requirements, wish to be involved in the CST-GA’s Consultation, or have other CRTC compliance questions, please reach out to Ivan Zajicek at 703-714-1310 or email@example.com.