California Governor Gavin Newsom signed new legislation into law that is designed to address fraudulent robocalls. The bill, SB208, Consumer Call Protection Act of 2019, announces that its purpose is to “identify those engaging in deceptive robocalls and protect Californians, especially vulnerable populations, from impostors using telecommunications to defraud consumers.”

An addition to the Public Utilities Code, the bill requires telecommunication service providers to implement SHAKEN/STIR protocols by January 1, 2021. If the providers do not adopt SHAKEN/STIR, they must utilize “alternative technology that provides comparable or superior capability to verify and authenticate caller identification for calls carried over an internet protocol network.”

SHAKEN/STIR—a baffling acronym for Signature-based Handling of Asserted Information Using toKENs (SHAKEN) and the Secure Telephone Identity Revisited (STIR)—is a call authentication protocol that FCC Chairman Ajit Pai has demanded the phone industry adopt. The protocol digitally validates a phone call as it passes through the complex web of telecom networks, allowing phone providers to verify that the call is actually coming from whoever appears to be placing the call. It should be launched sometime next year.

This California bill is part of a larger trend of state-level legislation addressing call spoofing and other forms of fraudulent robocalls. At the federal level, the House of Representatives and Senate have pending pieces of legislation—the Stopping Bad Robocalls Act and the TRACED Act, respectively—designed to address this issue. Of course, it is anyone’s guess as to when or if this legislation will be passed.