Regarding 911 abuses, let’s swat the swatters

Just about every week, we hear of instances where people call 911 because they’re lonely, they didn’t get the right sandwich with their fast food order or some other such nonsense. Such calls take up precious time and resources, and they are unwanted burdens to telecommunicators, who already are under intense pressure given the rigors of their jobs—rigors that are exacerbating in many areas of the country, as the aforementioned resources dwindle.

As if that wasn’t enough, now public-safety answering points are being targeted by a scam that uses the threat of denial-of-service (DOS) attacks as the fulcrum. From what I understand, the larceny goes something like this: Hackers infiltrate the computer network of a financial institution and gain access to customer records. They sift through those records to ferret out those that involve a recent loan of some kind, e.g., mortgages, home equity loans, car loans or payday loans. Then, they call the employer, explaining that the employee has fallen behind on payments. The final step is to ask the employer to make restitution on behalf of the employee. If they refuse, the DOS attacks begin.

“These attacks can be lengthy and can be repeated,” said Brian Fontes, CEO of the National Emergency Number Association (NENA). “It’s an issue that has been brought to the attention of a number of federal and state agencies, who are working cooperatively to try to remedy the situation.”

It’s difficult to imagine that anyone would fall for something like this. It smacks of Nigeria’s finance minister contacting you because he has a few million dollars laying around that he’d like to give you—if you’d only be so kind as to provide your bank-account number.

But Fontes said that it’s apparent that people do fall for it.

“Obviously, they have been successful, or they wouldn’t keep doing it,” he said. “So, they may have had some success—in this country or elsewhere—when attempts like these have been made.”

Fontes didn’t want to quantify just how pervasive the problem is, only saying that it’s “bigger than a bread basket.” He added that it’s not just PSAPs that have been targeted—the scam also has hit fire departments and hospitals.

So far, the DOS attacks only have targeted the 10-digit telephone lines used in PSAPs for administrative purposes and not the 911 system itself, Fontes said. That’s the good news. But it’s easy to imagine that the next step is to unleash a DOS attack on the 911 infrastructure, a scary prospect that could create havoc and put lives at risk.

As authorities work to track down the perpetrators, Fontes would like to see a parallel effort that would result in lawmakers imposing harsh criminal penalties for such actions.

“Heavy fines, jail time, whatever it takes to discourage people from engaging in these activities, within the law” Fontes said. “Let’s try to ensure that anyone who wishes to do this fully understands that there are legal consequences. We need to create disincentives.”

I couldn’t agree more. I would extend this thinking to the aforementioned abuses that seem to occur on a daily basis, where people dial 911 in non-emergency situations, usually for an incredibly dumb reason.

“There have to be examples made of people who engage in this activity, so that they begin to understand that there are consequences,” Fontes said. “Spending some time in jail, or paying a penalty equal to the cost of the police involvement in that 911 call, might make them ask, ‘Is it worth making that 911 call over a sandwich?’”

As if that wasn’t enough, there has been a spate of 911 calls over the last several months that have reported fake emergencies at the homes of celebrities—a practice known as “swatting.” It also burns up precious public-safety resources in the PSAP that fields the call, as well as in local police, fire and EMS departments.

But it’s the effect on 911 center operations that most concerns Alan Tilles, chair of the telecommunications department at Shulman, Rogers, Pordy, Gandal & Ecker.  

“I can’t tell you how worried I am about all of this, because coordinated attacks of this type have the potential of bringing the 911 dispatch system to its knees,” said Tilles, a regular contributor to Urgent Communications. “When you have to figure out which calls are real and which calls are not, that’s a tremendous additional burden on dispatchers who already are heavily overburdened.”

While he generally agrees with the notion that those who abuse the 911 system should be punished, Tilles said that it might be easier said than done, because great care must be taken to protect those who innocently dial 911 for what turns out to be a non-emergency. We talked about the hypothetical case of a parent who has locked his child inside his car with the motor running, miles from home.

“The line needs to be drawn between that and the guy who calls 911 because he didn’t get the right sandwich from Jimmy John’s—and we need to figure out where that line is very quickly,” Tilles said.

Determining intent would be the big challenge in writing laws that would be fair and balanced, and which would stand up to legal review, according to Tilles.

“Any time you have something like this, you have to figure out how much intent will play into it—or, is it a no-fault crime?” he said.

It makes sense that any laws drafted to stop this nonsense would consider the circumstances of the incident. But I can’t imagine that it would be all that difficult to discern who should get tossed in the slammer—there doesn’t seem to be a lot of gray area here. Call 911 because you can’t find your car keys, you’re going to jail; call 911 because you can’t find your kid—because he thought it would be fun to hide in a closet, but didn’t let you in on it—you’re getting a warning.

As the Supreme Court Justice Potter Stewart said in the 1964 obscenity case Jacobellis v. Ohio, regarding the difficulty in defining hardcore pornography, “I know it when I see it.” I believe it would work the same way in 911 abuse cases. Let’s find out.