Upcoming Telephone Consumer Protection Act (TCPA) Changes in 2025

The Telephone Consumer Protection Act (TCPA), enacted in 1991, protects consumers from unwanted telemarketing calls, robocalls, and texts.

New FCC Consent Rule

On January 27, 2025, the Federal Communications Commission’s (FCC) new consent rule for robocalls and robotexts will take effect. The FCC aims to close the “lead generator loophole” by requiring marketers to obtain “one-to-one” consumer consent to receive telemarketing texts and auto-dialed calls. While the rule primarily targets lead generators, it could affect any business that relies on consumer consent for such communications or purchases leads from third parties.

Under the rule, businesses must clearly and conspicuously request and obtain written consumer consent for robocalls and robotexts from each individual company. Companies can no longer rely on a single instance of consumer consent that links to a list of multiple sellers and partners. Instead, individual written consent will be required for each marketer. Additionally, any resulting communication must be “logically and topically related” to the website where the consent was obtained.

To meet this requirement, businesses may allow consumers to affirmatively select which sellers they consent to hear from or provide links to separate consent forms for each business requesting permission to contact them.

New Consent Revocation Rules

Another change takes effect on April 11, 2025, when the FCC’s new consent revocation rules for robocalls and robotexts are implemented. These rules allow consumers to revoke prior consent through any reasonable method, and marketers may not designate an exclusive means for revocation. Reasonable methods include replying “stop,” “quit” or similar terms to incoming texts, using automated voice or opt-out replies, or submitting a message through a website provided by the caller.

Marketers must honor revocation requests within a reasonable timeframe, not exceeding 10 business days. After that period, no further robocalls or robotexts requiring consent may be sent to the consumer.

Preparing for Compliance

To comply with the January 27, 2025, one-to-one consent rule and the April 11, 2025, consent revocation rule, lead generators and businesses that use or facilitate robocall and robotext communications should:

  • Review their current consent and revocation practices.
  • Ensure compliance by updating policies before the deadlines.
  • Examine where consumer leads are being obtained and adjust policies for using this information to meet the new requirements.

This advisory provides only a summary of the upcoming changes to the Telephone Consumer Protection Act.

FCC’s New Notice of Inquiry – Is This Big Brother’s Origin Story?

The FCC’s recent Notice of Proposed Rulemaking and Notice of Inquiry was released on August 8, 2024. While the proposed Rule is, deservedly, getting the most press, it’s important to pay attention to the Notice of Inquiry.

The part which is concerning to me is the FCC’s interest in “development and availability of technologies on either the device or network level that can: 1) detect incoming calls that are potentially fraudulent and/or AI-generated based on real-time analysis of voice call content; 2) alert consumers to the potential that such voice calls are fraudulent and/or AI-generated; and 3) potentially block future voice calls that can be identified as similar AI-generated or otherwise fraudulent voice calls based on analytics.” (emphasis mine)

The FCC also wants to know “what steps can the Commission take to encourage the development and deployment of these technologies…”

The FCC does note there are “significant privacy risks, insofar as they appear to rely on analysis and processing of the content of calls.” The FCC also wants comments on “what protections exist for non-malicious callers who have a legitimate privacy interest in not having the contents of their calls collected and processed by unknown third parties?”

So, the Federal Communications Commission wants to monitor the CONTENT of voice calls. In real-time. On your device.

That’s not a problem for anyone else?

Sure, robocalls are bad. There are scams on robocalls.

But, are robocalls so bad that we need real-time monitoring of voice call content?

At what point, did we throw the Fourth Amendment out of the window and to prevent what? Phone calls??

The basic premise of the Fourth Amendment is “to safeguard the privacy and security of individuals against arbitrary invasions by governmental officials.” I’m not sure how we get more arbitrary than “this incoming call is a fraud” versus “this incoming call is not a fraud”.

So, maybe you consent to this real-time monitoring. Sure, ok. But, can you actually give informed consent to what would happen with this monitoring?

Let me give you three examples of “pre-recorded calls” that the real-time monitoring could overhear to determine if the “voice calls are fraudulent and/or AI-generated”:

  1. Your phone rings. It’s a prerecorded call from Planned Parenthood confirming your appointment for tomorrow.
  2. Your phone rings. It’s an artificial voice recording from your lawyer’s office telling you that your criminal trial is tomorrow.
  3. Your phone rings. It’s the local jewelry store saying your ring is repaired and ready to be picked up.

Those are basic examples, but for them to someone to “detect incoming calls that are potentially fraudulent and/or AI-generated based on real-time analysis of voice call content”, those calls have to be monitored in real-time. And stored somewhere. Maybe on your device. Maybe by a third-party in their cloud.

Maybe you trust Apple with that info. But, do you trust someone who comes up with fraudulent monitoring software that would harvest that data? How do you know you should trust that party?

Or you trust Google. Surely, Google wouldn’t use your personal data. Surely, they would not use your phone call history to sell ads.

And that becomes data a third-party can use. For ads. For political messaging. For profiling.

Yes, this is extremely conspiratorial. But, that doesn’t mean your data is not valuable. And where there is valuable data, there are people willing to exploit it.

Robocalls are a problem. And there are some legitimate businesses doing great things with fraud detection monitoring. But, a real-time monitoring edict from the government is not the solution. As an industry, we can be smarter on how we handle this.

FCC Puts Another Carrier On Notice with Cease and Desist Letter

If you haven’t already figured it out, the FCC is serious about carriers and providers not carrying robocalls.

The FCC sent a cease and desist letter to DigitalIPvoice informing them of the need to investigate suspected traffic. The FCC reminded them that failure to comply with the letter “may result in downstream voice service providers permanently blocking all of DigitalIPvoice’s traffic”.

For background, DigitalIPvoice is a gateway provider meaning they accept calls directly from foreign originating or intermediate providers. The Industry Traceback Group (ITG) investigated some questionable traffic back in December and identified DigitalIPvoice as the gateway provider for some of the calls. ITG informed DigitalIPvoice and “DigitialIPVoice did not dispute that the calls were illegal.”

This is problematic because as the FCC states “gateway providers that transmit illegal robocall traffic face serious consequences, including blocking by downstream providers of all of the provider’s traffic.”

Emphasis in original. Yes. The FCC sent that in BOLD to DigitalIPvoice. I love aggressive formatting choices.

The FCC then gave DigitalIPvoice steps to take to mitigate the calls in response to this notice. They have to investigate the traffic and then block identified traffic and report back to the FCC and the ITG on the outcome of the investigation.

The whole letter is worth reading but a few points for voice service providers and gateway providers:

  1. You have to know who your customers are and what they are doing on your network. The FCC is requiring voice service providers and gateway providers to include KYC in their robocall mitigation plans.
  2. You have to work with the ITG. You have to have a traceback policy and procedures. All traceback requests have to be treated as a P0 priority.
  3. You have to be able to trace the traffic you are handling. From beginning to end.

The FCC is going after robocalls hard. Protect yourself by understanding what is going to be required of your network.

Keeping you in the loop.

For more news on FCC Regulations, visit the NLR Communications, Media & Internet section.

The FCC Approves an NOI to Dive Deeper into AI and its Effects on Robocalls and Robotexts

AI is on the tip of everyone’s tongue it seems these days. The Dame brought you a recap of President Biden’s orders addressing AI at the beginning of the month. This morning at the FCC’s open meeting they were presented with a request for a Notice of Inquiry (NOI) to gather additional information about the benefits and harms of artificial intelligence and its use alongside “robocall and robotext”. The following five areas of interest are as follows:

  • First, the NOI seeks, on whether and if so how the commission should define AI technologies for purposes of the inquiry this includes particular uses of AI technologies that are relevant to the commission’s statutory response abilities under the TCPA, which protects consumers from nonemergency calls and texts using an autodialer or containing an artificial or prerecorded voice.
  • Second, the NOI seeks comment on how technologies may impact consumers who receive robocalls and robotexts including any potential benefits and risks that the emerging technologies may create. Specifically, the NOI seeks information on how these technologies may alter the functioning of the existing regulatory framework so that the commission may formulate policies that benefit consumers by ensuring they continue to receive privacy protections under the TCPA.
  • Third, the NOI seeks comment on whether it is necessary or possible to determine at this point whether future types of AI technologies may fall within the TCPA’s existing prohibitions on autodial calls or texts and artificial or prerecorded voice messages.
  • Fourth, NOI seeks comment on whether the commission should consider ways to verify the authenticity and legitimately generate AI voice or text content from trusted sources such as through the use of watermarks, certificates, labels, signatures, or other forms of labels when callers rely on AI technology to generate content. This may include, for example, emulating a human voice on a robocall or creating content in a text message.
  • Lastly, seeks comment on what next steps the commission should consider to further the inquiry.

While all the commissioners voted to approve the NOI they did share a few insightful comments. Commissioner Carr stated “ If AI can combat illegal robocalls, I’m all for it” but he also expressed that he does “…worry that the path we are heading down is going to be overly prescriptive” and suggests “…Let’s put some common-sense guardrails in place, but let’s not be so prescriptive and so heavy-handed on the front end that we end up benefiting large incumbents in the space because they can deal with the regulatory frameworks and stifling the smaller innovation to come.”

Commissioner Starks shared “I, for one, believe this intersectionality is clinical because the future of AI remains uncertain, one thing is clear — it has the potential to impact if not transform every aspect of American life, and because of that potential, each part of our government bears responsibility to better understand the risks, opportunities within its mandate, while being mindful of the limits of its expertise, experience, and authority. In this era of rapid technological change, we must collaborate, lean into our expertise across agencies to best serve our citizens and consumers.” Commissioner Starks seemed to be particularly focused on AI’s ability to facilitate bad actors in schemes like voice cloning and how the FCC can implement safeguards against this type of behavior.

“AI technologies can bring new challenges and opportunities. responsible and ethical implementation of AI technologies is crucial to strike a balance, ensuring that the benefits of AI are harnessed to protect consumers from harm rather than amplifying the risks in increasing the digital landscape” Commissioner Gomez shared.

Finally, the topic around the AI NOI wrapped up with Chairwoman Rosenworcel commenting “… I think we make a mistake if we only focus on the potential for harm. We needed to equally focus on how artificial intelligence can radically improve the tools we have today to block unwanted robocalls and robotexts. We are talking about technology that can see patterns in our network traffic, unlike anything we have today. They can lead to the development of analytic tools that are exponentially better at finding fraud before it reaches us at home. Used at scale, we cannot only stop this junk, we can use it to increase trust in our networks. We are asking how artificial intelligence is being used right now to recognize patterns in network traffic and how it can be used in the future. We know the risks this technology involves but we also want to harness the benefits.”

NCLC Tells FCC “Callers can easily avoid making calls to telephone numbers that have been reassigned….” – But Is it That Simple?

The National Consumer Law Center is at it again.

In response to the Department of Health and Human Services’ recent letter to the FCC seeking clarity on whether the TCPA applies to texts it would like to make to alert Americans of certain medical benefits, the NCLC–an organization that nominally represents consumers, but really seems to represent the interests of the plaintiff’s bar–has filed a comment.

Unsurprisingly, the NCLC takes the position that HHS needs no relief. Government contractors are covered by the TCPA–it says–but the texts at issue in HHS’ letter are consented, so they’re fine. (Although it later clarifies that only “many” but not “all” of the enrollees whom HHS wishes to call have “probably” given their telephone numbers as part of written enrollment agreements–so perhaps not.)

Hmmmm. Feels like a trap. But we’ll ignore that for now.

The critical piece here though is what the NCLC–very powerful voice, for better or (often) worse–is telling the FCC about the effectiveness of the new Reassigned Number Database:

3. Callers can easily avoid making calls to telephone numbers that have been reassigned to someone other than the enrollee

A primary source of TCPA litigation risk has been calls inadvertently made to numbers that are no longer assigned to the person who provided consent. Courts have held the caller liable for making automated calls to a cell phone number that has been reassigned to someone other than the person who provided consent to be called.29

The Commission has implemented the Reassigned Number Database specifically to address that risk of liability, as well as to limit the number of unwanted robocalls:

The FCC’s Reassigned Numbers Database (RND) is designed to prevent a consumer from getting unwanted calls intended for someone who previously held their phone number. Callers can use the database to determine whether a telephone number may have been reassigned so they can avoid calling consumers who do not want to receive the calls. Callers that use the database can also reduce their potential Telephone Consumer Protection Act (TCPA) liability by avoiding inadvertent calls to consumers who have not given consent for the call.31

The database has been fully operational since November 1, 2021. It provides a means for callers to find out before making a call if the phone number has been reassigned. If the database wrongly indicates that the number has not been reassigned, so long as the caller has used the database correctly, no TCPA liability will apply for reaching the wrong party. 32 Thus, as long as HHS’s callers make use of this simple, readily available database, they can be confident that they will not be held liable for making calls to reassigned numbers.

While I steadfastly support both the creation and use of the RND, it also must be observed that there are myriad problems with the RND as it currently exists. Most importantly, the data sets in the RND are only comprehensive through October 1, 2021 and spotty back to February, 2021 (beyond which there are no records!)

So for folks like HHS–and servicers of mortgages, and retailers, and credit card companies–who want to reach customers who provided their contact information before 10/2021 or 2/2021 the RND is simply not helpful.

The NCLC’s over simplification of a critical issue is not surprising. They once told Congress that the TCPA is “Straightforward and Clear” after all.

Full comment here: NCLC Comments-c3

We’ll keep an eye on developments on HHS’ letter and all the FCC goings ons.

© 2022 Troutman Firm

FCC Subjects Robocallers and Caller Identification Fraudsters to Increased Penalties and Broader Enforcement

On May 1, 2020, the Federal Communications Commission (FCC) adopted rules to strengthen protections against robocalls and the manipulation of caller identification information to misrepresent the true identity of the caller (known as caller ID spoofing).1 The FCC’s amended rules, which implement portions of the recently-enacted Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), streamline the procedure for commencing enforcement actions against violators and expand the statute of limitations applicable to FCC proceedings against robocallers and caller ID spoofers2 (see GT Alert, TRACED Act Subjects Robocallers to Increased Penalties, Outlines Regulatory and Reporting Requirements to Deter Violations).

The FCC’s changes to its rules include the following:

  • Eliminating the requirement that the FCC issue a citation to a person or entity that violates prohibitions against robocalling before issuing a notice of apparent liability if the person or entity does not hold a license, permit, or other authorization issued by the FCC. As noted by FCC Chairman Ajit Pai in the news release accompanying the FCC’s Order: “Robocall scam operators don’t need a warning these days to know what they are doing is illegal, and this FCC has long disliked the statutory requirement to grant them mulligans.” Caller ID spoofers are already subject to FCC enforcement actions without receiving a citation as a warning.3
  • Increasing the penalty amount to up to $10,000 for each intentional unlawful robocall in addition to the monetary forfeiture permitted under 47 U.S.C. § 503 (for persons or entities that are not FCC licensees or common carriers, the forfeiture penalty shall not exceed $20,489 for each violation and $153,669 for any continuing violation).4 Importantly, each unlawful robocall is considered to be a separate violation, so the potential forfeiture amounts could be very high.
  • Extending the statute of limitations applicable to FCC enforcement actions for intentional robocall violations and for caller ID spoofing violations to four years. Under the amended rule, the FCC may not impose a forfeiture penalty against a person for violations that occurred more than four years prior to the date a notice of apparent liability is issued. The statute of limitations had been one year for all robocall violations and two years for call ID spoofing violations. This change will significantly increase the timeframe of conduct subject to FCC enforcement and that can be included in a proposed forfeiture amount.

Conclusion

The FCC’s amended rules, consistent with the TRACED Act, are intended to discourage unlawful robocalling and caller ID spoofing by abolishing the “one free pass” formerly applicable to entities that do not hold FCC authorizations, increasing the penalties for intentional violations, and expanding the statute of limitations period. This is the FCC’s most recent action to implement the TRACED Act by strengthening protections against unlawful robocalls and caller ID spoofing. Other steps recently taken by the FCC include initiating a rulemaking proceeding to prevent one-ring scams (when a caller initiates a call and allows the call to ring for a short duration with the aim of prompting the called party to return the call and be subject to charges). Given the FCC’s significant focus on combatting illegal robocalling, it is important that companies that rely on robocalls to contact consumers understand the federal laws governing such calls implement procedures to ensure that they comply with those laws and regulations.


1 The Telephone Consumer Protection Act (TCPA) (which was amended by the TRACED Act) and the FCC’s implementing regulations generally prohibit the use of autodialed, prerecorded or artificial voice calls (commonly known as robocalls) to wireless telephone numbers and the use of prerecorded or artificial voice calls to residential telephone numbers unless the caller has received the prior express consent of the called party (certain calls, such as telemarketing calls, require prior express written consent) or is subject to specified exemptions. See 47 U.S.C. § 227; 47 C.F.R. § 64.1200.

2 The FCC issued these rules pursuant to an order, rather than utilizing notice and comment procedures, because the content of the rules did not require the exercise of administrative discretion. The rules will become effective 30 days after the date of publication in the Federal Register.

3 The FCC may issue a forfeiture order if it finds that the recipient of a notice of apparent liability has not adequately responded to the FCC’s allegations. The FCC may also seek to resolve the matter through a consent order which generally requires the alleged violator to make a voluntary payment, develop a compliance plan, and file compliance reports.

4 See 47 U.S.C. § 503(b)(2)(D) as adjusted for inflation. The FCC has authority to make upward or downward adjustments to forfeiture amounts based on several factors. See 47 C.F.R. § 1.80.

©2020 Greenberg Traurig, LLP. All rights reserved.

Clash of Consumer Protection Goals: Does the Text of the TCPA Frustrate the Purposes of the CPSA?

“Hello.  This is an automated call from Acme Manufacturing. Our records indicate that you purchased Product X between December 2019 and January 2020. We wanted to let you know that we are recalling Product X because of a potential fire risk. Please call us or visit our website for important information on how to participate in this recall.”

When companies recall products, they do so to protect consumers.  In fact, various federal laws, including the Consumer Product Safety Act (CPSA), the Federal Food, Drug, and Cosmetic Act (FDCA), and National Highway and Motor Vehicle Safety Act (MVSA), encourage (and may require) recalls. And the agencies that enforce these statutes would likely approve of the hypothetical automated call above because direct notification is the best way to motivate consumer responses to recalls.[1]

But automated calls to protect consumers can run into a problem: the Telephone Consumer Protection Act (TCPA).

Are Recall Calls a Nuisance or an Emergency?

The TCPA seeks to protect consumers from the “nuisance and privacy invasion” of unwanted automated marketing calls.[2] The TCPA prohibits any person from making marketing calls to landlines, or any non-emergency calls or text messages[3] to wireless lines, using automated dialers or recorded messages unless the recipient has given prior written consent. The Act includes a private right of action and statutory per-violation damages – $500, trebled to $1,500 if a court finds the violation willful and knowing.[4] These penalties can add up quickly: In one case, a jury found that a company violated the TCPA nearly two million times, exposing the company to minimum statutory damages totaling almost $1,000,000,000.[5]

There is an important exception to the TCPA’s prohibition on automated calls. The TCPA allows autodialed calls for emergency purposes,[6] but the Act does not define that phrase. While the FCC has interpreted emergency purposes to mean “calls made necessary in any situation affecting the health and safety of consumers,”[7] recalls are not explicitly identified within this definition. As a result, aggressive plaintiffs have demanded millions in damages from companies that use automatic dialers to disseminate recall messages.[8]

For example, a grocery chain – Kroger – made automated calls to some purchasers of ground beef as part of a recall stemming from salmonella concerns. A plaintiff responded with a purported class action that did not mention the recall [9] but was based on consumers alleging that they had received “annoying” “automated call[s] from Kroger.”

Moving to dismiss, Kroger observed that the plaintiff – who had not listened to the call beyond its initial greeting[10] and thus could not comment on the call’s text – had “cherry-picked”[11] portions of consumers’ online comments to support the case, omitting text that clearly demonstrated that the calls were made for health and safety purposes.[12] Kroger argued that the online comments did not support the plaintiff’s allegations that Kroger had made any marketing calls.

The court granted Kroger’s motion and dismissed the complaint without leave to amend. Even so, Kroger was compelled to spend time and money defending the claim.

In light of this type of lawsuit, one communications firm involved in automotive recalls has petitioned the FCC to “clarify . . . that motor vehicle safety recall-related calls and texts are ‘made for emergency purposes.’”[13] The Association of Global Automakers and the Alliance of Automobile Manufacturers commented in support of the petition, arguing that the “[l]ack of clarity regarding TCPA liability for vehicle safety recall messages has had a chilling effect on these important communications.”[14] The Settlement Special Administrator for the Takata airbag settlements also wrote in support, commenting that automated “recall-related calls and texts serve an easily recognizable public safety purpose.”[15]

The TCPA’s emergency exception offers protection in litigation. The FCC’s definition – “calls made necessary in any situation affecting the health and safety of consumers” – neatly encapsulates the entire function of a recall, namely acting to protect consumers’ health and safety. Moreover, in developing the emergency exception, Congress broadened initial language that excepted calls made by a “public school or other governmental entity” to the enacted “emergency purposes” phrasing precisely to ensure the exception encompassed automated emergency calls by private entities.[16] One of the seminal emergency purposes for which a private entity might seek to make automated calls is a product recall.

Even with such sound arguments that TCPA claims related to recall calls are without merit within the statute, however, aggressive plaintiffs have brought such claims. These efforts compel companies to spend finite resources defending claims that should not be brought in the first place. An express statutory or regulatory statement that recalls are squarely within the definition of emergency purposes would give companies greater confidence that not only would they be able to successfully defend against any effort to pit the TCPA against consumer-protection values, but that the claims are so unlikely to be brought that the companies need not even fear to have to defend.

Protecting Against Recall-Call Complaints

Until the FCC or Congress expressly instructs plaintiff’s counsel not to try to litigate against automated recall calls, there are steps companies that want to use automated dialers to drive recall responses can take to minimize any risk of a court misinterpreting their calls or finding TCPA liability where it should not attach.

For example, companies may (as some already do) ask for customers’ consent to be autodialed in connection with the products they have purchased – e.g., by including consent language on product warranty cards or registration forms. In fact, the Consumer Product Safety Improvement Act of 2008 (CPSIA)[17] already requires manufacturers of durable infant and toddler products to include registration cards for recall-communication purposes.[18] Companies in some other industries (like the on- and off-road motor vehicle industries) typically have robust registration systems that can incorporate auto dialing consent, and more companies in other spaces may want to consider using registration to facilitate recalls.

Further, automated recall calls should focus on the recall. If calls extend to marketing messaging, that could undermine both a future TCPA defense and the efficacy of that and future recall communications.

Optimally, companies would be less likely to need these defenses if the statute more clearly signaled to would-be litigants that they should not even bother. If the FCC grants the pending petition and plainly states that product recalls are emergencies for TCPA purposes, courts’ deference to agency interpretations might deter at least some complaints. A statutory amendment would be the surest guarantee, though, and manufacturers may wish to ask Congress to amend the TCPA to clarify that recall messages are emergency messages.


[1] See, e.g., Joseph F. Williams, U.S. Consumer Prod. Safety Comm’n, Recall Effectiveness Workshop Report, 5 (Feb. 22, 2018).

[2] Pub. L. No. 102-243, § 2(12), 105 Stat. 2394, 2395 (Dec. 20, 1991).

[3] Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991, CG Docket No. 02-278, Report and Order, 18 FCC Rcd 14014, 14115, para. 165 (2003)

[4] TCPA at § 3(a), 105 Stat. at 2399 (codified at 47 U.S.C. § 227(c)(5)).

[5] Wakefield v. ViSalus, Inc., No. 3:15-cv-1857-SI (D. Or.).

[6] See, e.g., TCPA at § 3(a), 105 Stat. at 2395-96 (codified at 47 U.S.C. § 227(b)(1)(A)).

[7] 47 C.F.R. § 64.1200(f)(4).

[8] See, e.g., Compl., Ibrahim v. Am. Honda Motor Co., Inc., No. 1:16-cv-04294, Dkt. #1 (N.D. Ill. Apr. 14, 2016).

[9] Compl., Brooks v. Kroger Co., No. 3:19-cv-00106-AJB-MDD, Dkt. #1 (S.D. Cal. Jan. 15, 2019) (“Brooks”).

[10] Pl. Opp. to Mot. to Dismiss at 5, Brooks, Dkt. #9 (Apr. 4, 2019).

[11] Reply in Supp. of Mot. to Dismiss at 7, Brooks, Dkt. #10 (Apr. 11, 2019).

[12] The plaintiff quoted one complaint as “Automated call from Kroger.” Compl. at 3-4, Brooks. As the defense noted, that complaint continued, “requesting that you return ground beef . . . due to the threat of salmonella.” Mem. in Supp. of Mot. to Dismiss at 6, Brooks Dkt. #7 (Mar. 21, 2019).

[13] IHS Markit Ltd. Petition for Emergency Declaratory Ruling, CG Docket No. 02-278, Petition, ii (Sept. 21, 2018).

[14] IHS Markit Ltd. Petition for Emergency Declaratory Ruling, CG Docket No. 02-278, Comments of Association of Global Automakers, Inc. and Alliance of Automobile Manufacturers, 9 (Nov. 5, 2018).

[15] IHS Markit Ltd. Petition for Emergency Declaratory Ruling, CG Docket No. 02-278, Comments of Patrick A. Juneau, 3 (Nov. 5, 2018).

[16] S. Rep. No. 102-178, 5 (Oct. 8, 1991).

[17] Pub. L. No. 110-314, 122 Stat. 3016 (Aug. 14, 2008) (codified as amended at 15 U.S.C. § 2056a).

[18] 15 U.S.C. § 2056a(d).


© 2020 Schiff Hardin LLP

For more on CPSA, FDCA, MVSA & other recalls, see the National Law Review Consumer Protection law section.

Huge Anti-Robocall Measure Passes In the Senate: Here is Your Definitive Guide to How TRACED Alters the TCPA Worldscape

The TRACED Act passed the Senate and is on its way to the House for consideration by the Democratic-lead lower chamber.

But what is exactly is TRACED and why is it so important? As the Czar of the TCPA World it falls on me to provide a nuts and bolts perspective of TRACED—and just in time for Memorial Day weekend. Below is your definitive guide to the TRACED Act and what to expect if/when the bill becomes law.

First, it is important to recognize that TRACED does not create a new statutory scheme. Rather it modifies and enhances the existing Telephone Consumer Protection Act (“TCPA”) in a manner that assures the TCPA will remain the official federal response to the current robocall epidemic in this nation. That means that all of the TCPA’s broad and ambiguous terminology—such as “automated telephone dialing system” and the identity of the enigmatic “called party”—take on enhanced importance as the statute is exalted to “crown jewel” status. It also means that the pending constitutional challenges to the TCPA have even greater import. Understanding the TCPA is, therefore, more critical than ever before as TRACED moves toward becoming law.

As TCPAWorld.com is already filled with articles and resources to help you understand the TCPA, this article will not pause long on these background issues. But here is the bedrock: thou shalt not use regulated technology—whatever that may be—to call cell phones without the express consent—whatever that means—of the called party—whoever that is. So far so good?

Most importantly, TRACED grants the FCC explicit authority to implement its Shaken/Stir framework for call authentication and anti-spoofing technology. TRACED provides that not later than 18 months after passage, the FCC shall “require” a provider of voice service to implement the STIR/SHAKEN authentication framework in the internet protocol networks of the voice service provider.  “STIR/SHAKEN” is specifically defined to mean “the secure telephone identity revisited and signature-based handling of asserted information using tokens standards proposed by the information and communications technology industry.” That, in turn, means that wireless carriers have to transmit, receive, and interpret certain data packets containing authentication information so every carrier knows whether every call is legitimately being received by a true number authorized by another carrier. That, in turn, means that YOU should always know whether a phone call can be trusted or not. So far so good.

TRACED also required the FCC to implement rules regarding when a carrier is permitted to block calls that fail Stir/Shaken authentication, and to implement a safe harbor for calls that are improperly but accidentally blocked by carriers. This particular portion of TRACED has raised a lot of concern with industry groups that fear their legitimate messages will not be delivered due to the potential for wireless carriers to aggressively block messages utilizing non-public, vague or shifting standards or algorithms. To address this concern the amended version of TRACED allows callers who have been “adversely affected” by call blocking to seek redress:  TRACED requires the FCC to establish “a process to permit a calling party adversely affected by the information provided by the call authentication framework… to verify the authenticity of the calling party’s calls.”

Interesting, no?

TRACED also requires the FCC to initiate anti-spoofing rulemaking with an end goal to help protect consumers from receiving spoofed calls. Most importantly, TRACED directs the FCC to consider and determine “the best means of ensuring that a subscriber or provider has the ability to block calls from a caller using an unauthenticated North American Numbering Plan number.” This portion of TRACED is rather vague and the directive to the FCC seems to be “figure it out”—we’ll keep an eye on developments surrounding any potential FCC rulemaking proceeding if and when TRACED passes the House.

All of this is good to neutral news for TCPAWorld residents. The mandated enhancements to carrier technology should help assure that more calls are answered as consumers feel safe to use their phones again. And it should mean that we all experience a dramatic reduction in spam and scam calls. Not bad.

But TRACED also makes critical and potentially disastrous changes to the TCPA enforcement environment, potentially shifting enforcement activity away from the expert agency in this field—the FCC—and to other agencies that are less experienced in this field. Specifically, TRACED requires the creation of a “working group” including:

  • the Department of Commerce;
  • the Department of State;
  • the Department of Homeland Security(!);
  • the Federal Communications Commission;
  • the Federal Trade Commission; and
  • the Bureau of Consumer Financial Protection(!!).

This working group is specifically charged with figuring out how to better enforce the TCPA. Specifically, these agencies must determine whether Federal laws inhibit the prosecution of TCPA violations and encourage and improve coordination among agencies in the prevention and prosecution of TCPA violations. Translation: Congress wants more TCPA prosecutions and enforcement actions and is asking every federal agency with an enforcement arm to figure out how to make that happen. Perhaps scariest of all—the working group is specifically asked to determine whether State AG’s should be invited to the table:  the working group must consider “whether extending civil enforcement authority to the States would assist in the successful prevention and prosecution of such violations.” Eesh.

TRACED also affords additional (and clearer) authority to the FCC to pursue TCPA enforcement actions. Where the TCPA is violated willfully TRACED allows the FCC to seek a new and additional penalty of $10,000.00 per violation. That means if a bad actor acts badly and contacts cell phones knowing he or she lacks consent the FCC can seek to recover $10,000.00 for each one of those phone calls plus (apparently) the forfeiture penalty of up to $16,000.00 per violation that is already available under the general provisions of the Telecommunications Act. So TRACED appears to raise the maximum per call penalty for violating the TCPA to $26,000.00 per call! Notably, TRACED represents the first Congressional enactment that clearly defines the FCC’s forfeiture authority respecting illegal phone calls.  TRACED also expands the timeframe the FCC has to pursue actions for intentional misconduct to three years from one year.

To avoid confusion, let me be clear TCPAWorld– the penalties available in a civil suit remain $500.00 per call— and up to $1,500.00 per call for willful violations— where a private party is bringing suit. TRACED would not alter or amend this private right of action. And uncapped TCPA class actions remain a threat after TRACED.

TRACED also requires the FCC to prepare an annual report specifying the number of complaints it received related to robocalls and spoofing, and identifying what enforcement actions the Commission had undertaken in that same period of time.

Finally, for those of you already facing litigation, TRACED was designed not to have any impact on your case.  Section (b) of TRACED specifies: “[t]he amendments made by this section shall not affect any action or proceeding commenced before and pending on the date of enactment of this Act.” So work hard to get sued before the Act passes in the House. I’m kidding. Sort of.

So there you have it. A deep dive TRACED discussion you can read poolside or while working the ‘cue. Enjoy the ribs TCPAWorld.

 

© Copyright 2019 Squire Patton Boggs (US) LLP
This post was written by Eric J. Troutman of Squire Patton Boggs (US) LLP.

Getting Political: Florida Gubernatorial Candidate Democrat Jeff Greene Personally Hit with TCPA Class Action

As I have written numerous times, where the TCPA intersects politics things can get spicy.

Imagine it–using a draconian statute to assault your political rivals and bludgeon old foes with ligation designed to extract millions of dollars from their pocket based upon campaign phone calls.

Suing political candidates under the TCPA has become a bit of a ritual in America over the last few years. Obama faced a TCPA suit. As did Trump. More recently Beto O’Rourke faced such a suit. As did an organization supporting the Kavanugh confirmation.  Heck, even the Human Society’s text campaign supporting California’s Prop 12 was *ahem* neutered by a TCPA class action.

In furtherance of that great tradition,  a Florida resident named Lynda Maceda filed suit yesterday against bested Florida gubernatorial candidate Jeff Greene. According to his wiki page Jeff is a successful business guy and real estate investment type. According to Ms. Maceda’s Complaint, however, he’s a robocaller that sent the following message without consent:

“Hi, this is Democrat Jeff Greene running for governor. I’ll stand up to Donald Trump and for Florida’s families. Joseph, if you want world-class schools, commonsense gun reform and to protect women’s choice, please vote for me with your absentee ballot! Can we count on your support?”

The Complaint alleges that thousands of similar complaints were sent all of them without express consent. Ms. Maceda hopes to represent a failsafe clas of all individuals that received the texts without express consent. If these allegations are proven Ms. Maceda hopes to hold Mr. Greene accountable for “amounts [] greater than $15,000,000.” Gees.

Notably, Mr. Greene is sued personally for these violations–usually these TCPA claims are asserted against a candidate’s campaign rather than against the candidate individually.

The Complaint can be found here: Class Action Complaint against Florida Democratic Gubernatorial Candidate Jeff Greene

 

© Copyright 2019 Squire Patton Boggs (US) LLP
This post was written by Eric J. Troutman of Squire Patton Boggs (US) LLP.
Read more Litigation news on the National Law Review’s Litigation Type of Law page.