First, telcos are not permitted to refuse calls from other telcos unless they receive permission from the FCC. This is what it means to be a "common carrier," an old regulatory regime intended to prevent larger telcos using carriage as a negotiating tool over small telcos. The internet has this problem to a degree, which has lead to years of conflict over "net neutrality." Part of the new regulatory regime intended to address spam calls is that the FCC now regularly grants such permission when they determine that a particular telco is failing to uphold its obligations.
Second, telcos do not necessarily know the origin of calls. Virtually all spam/scam calls originate from the internet via a VoIP gateway. There are numerous VoIP gateways, they often obtain their traffic from yet other VoIP gateways, and they often introduce traffic into the US PSTN through a foreign telco. At each of these steps, the origin of the call is usually lost. Telephone circuits are always established in the "forward" direction and there is no need for reverse routing information, so historically it was never provided. At the extreme, some calls are introduced into the TDM telephone system by boxes with multiple SIM cards that relay calls from IP to a cellular carrier (this is not very common in the US because cellular carriers aggressively monitor for it, but it's very common in for example Africa---where this method is often used to carry legitimate traffic at a cost savings!). All of this means that tracing the origin of calls can be surprisingly complex, which is why USTelecom (an industry association) funds a consortium to perform tracing for the FCC.
The underlying reason is simple: nothing in the telephone system requires calls to identify their origin. There are two (and in many cases more) different concepts of "originating number" on a telephone call, CID and ANI, and neither are required or even expected to correspond to the origin point of the call. The purpose of STIR/SHAKEN is to introduce such a requirement for the first time, standardizing a header (in the case of VoIP) or SS7 message (in the case of TDM) that declares the carrier with which a call originated. This will vastly simplify tracing and blocking of calls from problematic carriers, which is the motivation behind the mandatory rollout that is currently in progress. One of the broader goals of the STIR/SHAKEN program is to introduce a degree of liability at all points in the process, as every carrier is responsible for ensuring appropriate attestations on calls they hand off to customers. This seems to be having a positive impact, although as with most spam mitigation efforts, it does have the downside of making it more expensive and complex to get access to the telephone network, mostly to the financial advantage of Twilio.
> telcos are not permitted to refuse calls from other telcos unless they receive permission from the FCC
Yes, that's exactly the part that could've been changed long time ago to solve this problem. That's what I'm describing.
> telcos do not necessarily know the origin of calls. Virtually all spam/scam calls originate from the internet via a VoIP gateway
They know the next hop though. Knowing the ultimate origin doesn't matter. You can iterate until a) you find the origin, or b) you find someone who doesn't keep records - in either case, they're the problem to deal with. It doesn't matter that someone uses a VoIP gateway - now it should be the gateway operator's problem to point out the origin or pay up.
I worked at a VoIP provider. We had full records already available for billing purposes. This is why I'm so angry about this every time it comes up, all this technical talk is true and completely irrelevant. Let FCC fine the first entity in chain which cannot say "we got it from X", or "we got it internationally, here's the fine payment from our side, they've been warned/disconnected".
The shaken/stir provided a small tool which avoids addressing the actual issue. It's a fun tool which would make the above slightly easier - but doesn't actually enable it.
Second, telcos do not necessarily know the origin of calls. Virtually all spam/scam calls originate from the internet via a VoIP gateway. There are numerous VoIP gateways, they often obtain their traffic from yet other VoIP gateways, and they often introduce traffic into the US PSTN through a foreign telco. At each of these steps, the origin of the call is usually lost. Telephone circuits are always established in the "forward" direction and there is no need for reverse routing information, so historically it was never provided. At the extreme, some calls are introduced into the TDM telephone system by boxes with multiple SIM cards that relay calls from IP to a cellular carrier (this is not very common in the US because cellular carriers aggressively monitor for it, but it's very common in for example Africa---where this method is often used to carry legitimate traffic at a cost savings!). All of this means that tracing the origin of calls can be surprisingly complex, which is why USTelecom (an industry association) funds a consortium to perform tracing for the FCC.
The underlying reason is simple: nothing in the telephone system requires calls to identify their origin. There are two (and in many cases more) different concepts of "originating number" on a telephone call, CID and ANI, and neither are required or even expected to correspond to the origin point of the call. The purpose of STIR/SHAKEN is to introduce such a requirement for the first time, standardizing a header (in the case of VoIP) or SS7 message (in the case of TDM) that declares the carrier with which a call originated. This will vastly simplify tracing and blocking of calls from problematic carriers, which is the motivation behind the mandatory rollout that is currently in progress. One of the broader goals of the STIR/SHAKEN program is to introduce a degree of liability at all points in the process, as every carrier is responsible for ensuring appropriate attestations on calls they hand off to customers. This seems to be having a positive impact, although as with most spam mitigation efforts, it does have the downside of making it more expensive and complex to get access to the telephone network, mostly to the financial advantage of Twilio.