1) Spammer sends spam to customer's Twilio number. 2) Customer has this number set up to forward incoming texts to employees. 3) Customer has no available API to detect whether texts are spam. 4) Twilio apparently can detect that this message is spam, but rather than simply dropping it at step 1, they're blaming the customer.
Sorry, there is no scenario under which this is the customer's fault.
As opposed to just shutting down the customer because TWILIO forwarded the spam, that we already know that it can detect?
That doesn't excuse poor support, and the lack of resolution, but it changes a lot of the assumed processes.
Do we know this? I don't think OP has clarified - they just said it goes to an "employee's phone number", which makes me assume it goes out to their personal phone number which is probably not on Twilio. If that's the case I'm wondering if Twilio received some kind of complaint from the employee's carrier that they forwarded the message too, rather than detected it themselves.
It's an incredibly common use case to forward text messages from one incoming line to another number that is controlled by your company, and it's impossible to tell at the point of receipt (when it's still in Twilio's network) whether it's spam or not before forwarding it on.
It's the same exact thing that you might do if you have a support@example.com email address; it probably sends incoming emails to a number of different inboxes, even if those incoming emails are spam (and even if there actually is a spam system in place that might block some percentage of incoming messages, and Twilio doesn't even provide that.)
No, no it is not. These are legitimate consentual messages, regardless of the content. Please stop applying mechanical interpretations of obtuse rules and pretending it's some profound wisdom. Twilio and the rest of Big Tech are already doing this enough, thank you.
Ultimately I think this problem is the end game of companies finding ways to absolve themselves of any liability through contracts of adhesion. When there is no downside to harming 1% of your customers besides losing 1% of revenue, biasing for egregious false positives makes financial sense. Same thing with terrible customer service policies crafted around keeping costs down, that prevent easily correcting these terrible automated decisions. About the only thing one can do is signal boost so others stay the fuck away from services built on broken assumptions, hopefully turning that 1% into maybe 10% where it starts to hurt them and they're once again encouraged to do competent system design.
I'm very curious. Is this a communication mistake? Like do you think I'm some big company that forwards text messages to random people?
Do you understand these are text messages being sent to one of like 3 employees at my small company? We are not generating outbound content or allowing anyone else to do so. Your question about GDPR requests makes me think maybe you have misunderstood the context.
If you have correctly understood the context, do you actually think I should have some kind of AI algorithm scanning these messages for Phishing?
I'm not sure I understand what your are suggesting or how you would have solved this problem? You would have just turned off the text message forwarding I guess?
Is that how you solve problems? You see a problem, then you destroy the thing that caused the problem, so problem solved? What do you do for a living with that type of cognitive approach? Are you an entrepreneur? Do you really run a business with that attitude? Are you en engineer? If so, when you are asked to make something work, do you just tell your boss "no" if you run into a problem that requires a creative solution? Are you a lawyer? Is your job to tell people what thing they cannot do, but not to help people do new things? That would kind of make sense...
The bit that you are missing is that this sort of thing is between Twilio and Twilio's carrier partners (sometimes mediated by third-party aggregators), and has nothing to do with you or your particular use case. Carriers have very low tolerance for third parties like Twilio sending spam to their customers. If carriers get pissed off at Twilio, they'll stop delivering messages coming from Twilio (or will impose other restrictions, like low rate limits, or perhaps charge more, etc.). Good carrier relationships keep Twilio running; bad carrier relationships cause all sorts of problems for Twilio and Twilio's customers.
The carriers do not know or care that the spam/fraud message you tried to send to your employee was just you forwarding along a message that some other random person sent to the Twilio number. All they would care about is that a spam/fraud message came from Twilio's platform.
Having said that, I too am disappointed in the policy of auto-suspension, and in how long it took for you to get the problem resolved, and that phone support is expensive to come by.. I think the right approach is to catch these things at send time and just refuse to send them. Sure, if some very high percentage of traffic is all spam, maybe an auto-suspension might be warranted, but I assume (hope) that's not the case for your account.
(Disclosure: I work at Twilio, though not on the messaging platform. My words & opinion here are my own, and don't reflect Twilio's stance on anything. Throwaway for obvious reasons; Twilio doesn't allow the rank-and-file to speak publicly about this sort of thing.)
They just need a phone number. I actually called sales hoping I could plead my case and get them to connect me with someone. But I couldn't get connected with sales. If this was due to omicron and sales would have helped me, then this is truly an edge case.
