After a prolonged period of leniency, the Federal Communications Commission (FCC) has transitioned from educating enterprises about E911 compliance to actively enforcing it. This significant shift ends the so-called “grace period” and introduces new liability risks for C-suite leaders and IT directors.
The regulatory landscape around enterprise phone systems has long been shaped by Kari’s Law and RAY BAUM’S Act. These regulations aim to ensure direct emergency service access and convey accurate caller location data. Despite these clear directives, nearly 40 percent of organizations remain non-compliant.
Initially, the FCC adopted an educational approach towards compliance, focusing on informing enterprises rather than punishing them. However, this approach has proven insufficient. The FCC is now emphasizing enforcement due to mounting concerns over uneven compliance and awareness across industries.
Lauren Kravetz, former Chief of Staff at the FCC’s Public Safety and Homeland Security Bureau, outlined the shift: “If you want to call the last few years a grace period, then yes, I’d say we’re moving into a new era that could lead to enforcement investigations.” This change means that compliance is now a pressing governance issue, not just an item on the telecom manager’s checklist.
Understanding the legislative history of these regulations highlights their urgency. Kari’s Law emerged from a tragic incident emphasizing the need for direct 911 dialling, while RAY BAUM’S Act ensures that dispatchable locations are communicated to emergency responders. Despite this being mandated, technical complexities and confusion have led to widespread procrastination.
The FCC’s increased vigilance reflects their recognition that voluntary compliance has stagnated. In response, they’re educating both enterprises and public safety answering points (PSAPs) to ensure proper adherence to obligations—creating a dual approach to enforcement.
Travis Dahlgren, Senior Solution Engineer at Intrado, noted the change in FCC strategy: “From the FCC’s perspective, education and flexibility have not produced consistent results, so clearer guidance and stronger oversight became necessary.” The message is clear: the educational phase has ended, and enforcement is now part of the regulatory framework.
These regulations also introduce personal accountability unlike other enterprise tech regulations. While traditionally fines target companies, Ketz notes this obligation extends to individuals, such as the system manager or installer, due to Congress’s aggressive legislative stance to prevent bureaucracy from masking safety obligations.
The ambiguity around personal liability concerns many. While fines are usually organizational, decision-makers face reputational and legal consequences. Deferred upgrades could expose responsible personnel to investigations or lawsuits, particularly if they knew about compliance gaps but chose to ignore them.
Organizations mistakenly believing their legacy systems are exempt are misinformed. As Dahlgren points out, technological advancements mean that “good enough” or inconvenient solutions do not meet today’s standards, and partial upgrades often nullify any grandfathering previously afforded.
The complexity intensifies in industrial settings, where straightforward dispatchable locations are hard to define. In environments like warehouses, rescuing someone requires more than just an address; precise locations are necessary.
With hybrid work models and cloud calling adoption, maintaining accurate location data is challenging. Organizations need robust backend systems to ensure emergency services receive correct caller locations. Businesses moving to hybrid models often neglect updates, resulting in gaps that can lead to compliance violations.
As regulatory expectations evolve, staying updated becomes critical. The FCC is reviewing dispatchable location standards, indicating that businesses should prepare for forthcoming adjustments to compliance requirements.
Ultimately, enterprises must recognize that the FCC’s enforcement is complaint-driven, not random. Although no fines have been issued yet, the landscape is poised to change. Prudent organizations should audit and address their systems now to avoid turning technical oversight into federal compliance issues.
