[snip, regarding how "trapcall" works]
While I have no firsthand knowledge of their system, I'll take a guess based on the info on their web page.
What they claim to do is enable a recipient _on some cellphone accounts_ (that's part of the key here), when receiving a call that has CNID blocked, hit a few keys, route the call back to Teltech (Trapcall), and then get the call re-re-routed back to them, this time with a CNID stamp.
There are two tricks here which let it work. At least from a technical side. I'm not sure of the legalities..
a: When the cellular customer first "gets" the call and then hits the "deny" button, the call is redirected to the server at teltech. This is the same situation as if the original recipient bounced it to v-mail or... as in many cases, to their landline office or home phone.
In these situations the call to the third party is treated just as the original one would be, and the caller ID, if present, gets sent forward as well.
In other words, if you're at home (and you've got a landline with caller ID display) and you've got your cell phone set up to "bounce" to your home phone (either automatically or when you hit a key), and a call comes in, you'll see the first CNID on your cellphone. Then, when you bounce it over, it'll show up on your land line.
The original caller doesn't get any obvious indication that the call has been kicked over to a different phone.
Now if the CNID is blocked, then neither your cell phone nor the land line will show it.
BUT....
b: now we get to the magic trick. In reality standard CNID is, indeed, sent from the original caller along with the call initiation itself. If it isn't "blocked", then it gets transmitted to the recipient's phone. If the caller has chosen to block it, then the CNID string makes it "all the way" to the "central office" (term used a bit loosely) that's just before the recipient. That CO, instead of continuing to pass the CNID, sends along a "private" or "blocked" message.
Keep in mind, again, that the CNID _is_ making it right to that last central office.
What I suspect TelTech is doing is simply grabbing that CNID on the "bounced" call, and instead of dumping it onto the side, they've decided to pass it through.
As to the legalities: On the one hand the FCC is pretty strict with CNID blocking. On the other, and this is where I suspect TelTech is hanging their hook, if the recipient is paying for the call (as in an "800" number), then they're allowed to get the info.
(Usually it's via ANI rather than CNID, but the concept is the same).
Since cellular customers pay for incoming calls, then a good case could be made (and I've made it in the past, but never pushed it through...) that cellular accounts should be able to similarly see who's calling.