The Federal Communications Commission (FCC) released two significant Notices of Proposed Rulemaking (NPRMs) on March 27, 2026, both adopted March 26, 2026. While neither is specifically directed at ecommerce companies, the proposals could carry real implications for how online retailers and direct-to-consumer brands will communicate with customers — and how the infrastructure underlying those communications is regulated. Here is a plain-language breakdown of what the FCC is proposing, what’s still just a question being asked, and where ecommerce operators should pay close attention.

The Two NPRMs at a Glance

FCC 26-16 is formally titled “Improving Customer Service and Protecting Consumers through Onshoring” (CG Docket No. 26-52). It targets the use of foreign call centers by U.S. communications providers and proposes a suite of consumer protection requirements around offshore customer service operations.

FCC 26-17 is formally titled “Combatting Illegal Robocalls Through FCC Numbering Policies” (WC Docket No. 26-49). It focuses on how telephone numbers are assigned, resold, and certified within the U.S. numbering ecosystem, with the goal of closing loopholes that have allowed illegal robocallers to operate.

Both NPRMs were adopted under Chairman Carr and reflect the Commission’s ongoing effort to address consumer harms from offshore bad actors and illegal robocall schemes. The public comment window opens 30 days after Federal Register publication, with reply comments due 60 days after.

FCC 26-16: The Call Center Onshoring NPRM

Who Is Directly Covered

The FCC is explicit that the rules proposed in FCC 26-16 would apply to providers of telecommunications services, Commercial Mobile Radio Service (CMRS), interconnected VoIP service, cable television service, and Direct Broadcast Satellite (DBS) services — as well as affiliates of those providers that offer Internet access service. In short, the direct targets are phone companies, cable companies, and broadband providers, not retailers.

That said, the Commission explicitly seeks comment on whether to extend some or all of these requirements to other types of service providers, and the sensitive data protections discussed below are drafted in a way that applies “regardless of the type of communications channel used.” Ecommerce businesses should monitor how this rulemaking develops.

What Is Actually Being Proposed (Voice Calls)

The core proposals in FCC 26-16 apply to voice calls between phone companies, cable companies, and broadband providers and their customers. Specifically:

•   English Proficiency Standards. The FCC proposes to require that all calling staff at offshore call centers be proficient in both written and spoken American Standard English — defined broadly to include tone, idioms, and cultural fluency, not just technical vocabulary.

•   A Cap on Offshore Call Volume. The FCC proposes to limit the percentage of customer service calls that covered providers may route to or from foreign call centers. While no final percentage has been set, the NPRM floats 30% as a reference point and seeks comment on how to measure and enforce such a cap, including whether to phase in compliance.

•   A Consumer Right to Transfer. Covered providers would be required to honor consumer requests for transfer to a U.S.-based representative promptly, with wait times no longer than for directly routed domestic calls.

•   Mandatory Disclosure at the Start of Each Call. When a call is being handled at a foreign call center, the FCC proposes to require disclosure of this fact at the beginning of the call. Example language: “This call is being [answered in or made from] [insert name of country]. You have the right to have this call transferred to a representative located in the United States.”

•   Compliance Reporting. Providers would be required to track and report to the FCC their compliance, including the volume of calls routed to foreign vs. domestic centers, English proficiency data, transfer rates, and wait times.

•   Prohibition on “Foreign Adversary” Nation Call Centers. The FCC proposes to prohibit covered providers from using call centers in countries designated as foreign adversaries under the Export Control Reform Act (15 CFR § 791.4). This is framed as a consumer privacy and national security measure.

•   Broadband Label Disclosure. The FCC proposes to amend its broadband nutrition label rules to require covered providers to disclose the percentage of customer service calls handled by a representative located within the United States.

The Sensitive Data Rule — This One Crosses Channel Lines

The most significant provision for ecommerce operators to understand is the proposed heightened protection for sensitive transactions. The FCC proposes to require that consumer transactions involving passwords, multi-factor authentication information, Social Security numbers, bank account or credit card information — or any combination of these — be handled only at call centers located within the United States, regardless of the type of communications channel used to initiate the transaction.

That last clause matters. It means this protection, as proposed, would apply not only to voice calls but also to the same transaction when initiated via text messages, online chat, or email — to the extent the covered provider is involved. Calls handling such sensitive data would also be excluded from any cap calculation on offshore call volume.

This provision is currently aimed at telecom and broadband providers in the near term. However, given the FCC’s explicit questions about extension to other service categories, businesses that handle sensitive consumer financial or authentication data through communications channels should track this closely.

What Is Still Just a Question — Not a Proposal (SMS and Other Channels)

One of the most important distinctions in FCC 26-16 is the difference between what the FCC is proposing and what it is merely seeking comment on.

In paragraph 62 of the NPRM, the Commission poses the following: “Should we apply all of our proposed rules… to non-voice communications such as on-line chat, texts, and/or electronic mail messages?” This is a question, not a rule. No specific SMS, text, or email requirements are currently proposed in this NPRM beyond the sensitive transaction carve-out described above.

FCC 26-17: The Numbering Policies and Robocall NPRM

Who Is Directly Covered

FCC 26-17 is focused on the infrastructure layer of the telephone system — specifically, the entities that obtain telephone numbers from the North American Numbering Plan Administrator (NANPA) and those that resell those numbers. Covered entities include wireline carriers, wireless carriers, interconnected VoIP providers, and — critically — resellers of telephone numbers, which the FCC proposes to define as all LECs, CMRS providers, and interconnected VoIP providers that resell service including the provisioning of geographic numbering resources.

The Core Proposals

•   Expanded Robocall Certifications. Currently, only interconnected VoIP providers that obtain numbers directly from NANPA must certify compliance with robocall mitigation obligations. The FCC proposes to extend these certifications to all service providers receiving numbering resources directly from NANPA and to resellers of telephone numbers. These certifications include compliance with STIR/SHAKEN caller ID authentication rules, Robocall Mitigation Database filings, and prohibitions on facilitating illegal robocalls. Importantly, STIR/SHAKEN is a voice-specific technology — it authenticates caller ID for voice calls carried over IP networks. These certification obligations are rooted in voice call infrastructure, not SMS or messaging.

•   Foreign Ownership Disclosure Requirements. The FCC proposes to require all service providers receiving numbering resources from NANPA, and resellers, to certify compliance with the Commission’s foreign ownership reporting rules. This is framed as a national security and anti-robocall measure.

•   Enhanced Numbering Resource Utilization Reporting (NRUF). The FCC proposes a revamped NRUF reporting system creating three subcategories of “intermediate numbers” (those provided to resellers) to give regulators clearer visibility into how phone numbers flow through the multi-tier resale market.

•   Potential Limits on Number Resale to a Single Level. The Commission seeks comment on whether to prohibit the resale of telephone numbers beyond a single level — meaning resellers could only provide numbers to their own end users, not to further resellers. This is presented as a way to close the multi-layer opacity that enables illegal robocalling, though the FCC acknowledges legal questions and is seeking extensive comment before acting.

•   Local Number Portability Improvements. The FCC proposes making mandatory the entry of an identification code (ALTSPID) in the local number portability database when a resale relationship exists for a ported number, helping regulators trace number usage more accurately.

Voice vs. SMS in FCC 26-17

FCC 26-17 is squarely a voice call enforcement proceeding. The robocall certifications, STIR/SHAKEN references, and Robocall Mitigation Database obligations all pertain to voice service. The NRUF reporting obligations govern phone numbers used for both voice and SMS, but the enforcement context and the compliance obligations being proposed are rooted in voice call regulations. There are no specific SMS or text message proposals in FCC 26-17. The Commission’s legal authority in this proceeding derives from its numbering administration authority under the Communications Act and the TRACED Act, which is focused on telephone robocalls.

Practical Implications for Ecommerce Businesses

FCC 26-17’s proposed tightening of numbering oversight is designed to make it harder for bad actors to abuse the telephone numbering system for illegal robocalls and spam texts. While the compliance burdens fall on your telecom and messaging providers — not directly on you — better enforcement of anti-robocall rules at the infrastructure level should reduce the noise that drowns out legitimate marketing calls and texts. Fewer illegal robocalls competing for consumer attention is good for compliant senders.

Timeline and Next Steps

Both NPRMs were released March 27, 2026. Public comment windows open 30 days after Federal Register publication, with reply comments due 60 days after. Neither proceeding is at the final rule stage — these are proposed rules seeking comment, not enacted regulations.

The Ecommerce Innovation Alliance will continue to monitor both proceedings. Members who wish to file comments or track developments should note the FCC docket numbers:

•   FCC 26-16: CG Docket No. 26-52 (primary); also CG Docket Nos. 17-59, 02-278, and 22-2

•   FCC 26-17: WC Docket No. 26-49 (primary); also WC Docket Nos. 20-67, 13-97, and 07-243

Comments can be filed through the FCC’s Electronic Comment Filing System (ECFS) at fcc.gov/ecfs.

Join the EIA today to help strengthen and shape policies that affect all ecommerce businesses. Together, we can continue to create the future of ecommerce. Subscribe to EIA email updates to stay informed on key developments and their impact on your business.

Ecommerce Innovation Alliance provides members with analysis of litigation and regulatory developments affecting online commerce and digital marketing. This post is for informational purposes only and does not constitute legal advice.