Tag: TCPA

TCPA Rules on Revoking Consent for Unwanted Robocalls and Robotexts Effective April 2025

On October 11, 2024, the Federal Communications Commission announced that the effective date for Telephone Consumer Protection Act (TCPA) rules on revoking consent for unwanted robocalls and robotexts is set for April 11, 2025.

On February 15, 2024, the FCC adopted the TCPA Consent Order in the above-captioned proceeding. In that rulemaking, the FCC adopted rules making it simpler for consumers to revoke consent to receive unwanted robocalls and robotexts. Callers and texters must honor these opt-out requests in a timely manner.

The TCPA Consent Order established that these rules would become effective six months following publication in the Federal Register that the Office of Management and Budget has completed its review of the modified information collection requirements under the Paperwork Reduction Act of 1995. OMB approved these modified information collection requirements on September 26, 2024.

On October 11, 2024, the FCC announced in the Federal Register that compliance with the amendments and new rules set forth in the TCPA Consent Order as contained in 47 CFR §§ 64.1200(a)(9)(i)(F), (10), (11) and (d)(3) is required as of April 11, 2025.

Background of the TCPA Rules on Revoking Consent for Unwanted Robocalls and Robotexts

The TCPA restricts robocalls and robotexts absent the prior express consent of the called party or a recognized exemption. The FCC has made clear that consumers have a right to decide which robocalls and robotexts they wish to receive by exercising their ability to grant or revoke consent to receive such calls and texts.

The FCC has now adopted new rules to strengthen the ability of consumers to decide which robocalls and robotexts they wish to receive, codified the FCC’s past guidance on consent to make these requirements easily accessible and apparent to callers and consumers, and closed purported loopholes that allow wireless providers to make robocalls and robotexts without the ability for the subscriber to opt out.

What is the Practical Impact of the TCPA Revocation Rules?

As previously discussed by FTC defense and telemarketing compliance attorney Richard B. Newman, in March 2024 the Federal Communications Commission announced that it adopted new rules and codified previously adopted protections that make it simpler for consumers to revoke consent to unwanted robocalls and robotexts (specifically, autodialed and/or artificial/ prerecorded voice calls and texts) while requiring that callers and texters honor these requests in a timely manner.

In pertinent part:

  • Revocation of prior express consent for autodialed, prerecorded or artificial voice calls (and autodialed texts) can be made in any reasonable manner (callers may not infringe on that right by designating an exclusive means to revoke consent that precludes the use of any other reasonable method).
  • Callers are required to honor do-not-call and consent revocation requests within a reasonable time not to exceed ten (10) business days of receipt.
  • Text senders are limited to a prompt one-time text message confirming a consumer’s request that no further text messages be sent under the TCPA (the longer the delay, the more difficult it will be to demonstrate that such a message falls within the original prior consent).
  • Revocation of consent applies only to those autodialed and/or artificial/prerecorded voice calls and texts for which consent is required.
  • A revocation to marketing messages precludes all further telephone calls or text messages unless an enumerated exemption exists.

Telemarketers and lead generators should consult with an experienced FTC defense lawyer to discuss the scope of the new rules and protections, including, but not limited to, the scope and applicability of a revocation for one purpose to other communication purposes.

© 2024 Hinch Newman LLP

by: Richard B. Newman of Hinch Newman LLP

For more news on FCC TCPA Regulations, visit the NLR Communications, Media, & Internet section.

APPARENTLY NOT AN INDEPENDENT CONTRACTOR: Summary Judgment Denied Because Third Party Vendor May Have Had Apparent Authority To Make Calls Without Consent

Hi TCPAWorld! The Baroness here and I have a good case today.

Dickson, v. Direct Energy, LP, et al., No. 5:18-CV-00182-JRA, 2024 WL 4416856 (N.D. Ohio Oct. 4, 2024).

Let’s dive in.

Background

In this case, the plaintiff Dickson alleges the defendant Direct Energy sent him ringless voicemails (RVMs) in 2017 without consent.

Direct Energy filed a motion for summary judgment arguing that it cannot be held liable under the TCPA because it did not directly make the calls to Dickson (a third-party vendor did) and it cannot be held vicariously liable for the calls under agency principals.

More specifically, Direct Energy argues that Total Marketing Concepts (TMC) was an independent agent and was not acting with actual or apparent authority when it violated the TCPA and Direct Energy did not ratify the illegal acts of TMC.

Law

For those of you not familiar, a motion for summary judgment is granted when there is no genuine dispute as to any material facts and the movant is entitled to judgment as a matter of law.

Under the TCPA, a seller can be held either directly or vicariously liable for violations of the TCPA.

As noted above, Direct Energy did not directly deliver any RVMs to Dickson. So it cannot be directly liable for the calls. Dickson instead seeks to hold Direct Energy vicariously liable for the acts of TMC and TMC’s subvendors.

Let’s first look at the principal/agent relationship.

Direct Energy primarily argued that TMC was NOT its agent because of the terms of their agreement. Specifically, Direct Energy identified TMC as an “independent contractor.” Moreover, TMC was “expressly instructed to send RVMs only with TCPA-compliant opt-in consent.”

Importantly, however, whether an agency relationship exists is based on an assessment of the facts of the relationship and not on how the parties define their relationship.

Listen up folks—contractual terms disclaiming agency will not cut it!

While Direct Energy and TMC did have a provision in their contract which expressly disclaimed any agency relationship, the Court highlighted that the parties entered into an amended agreement which expressly authorized TMC to (among other things) close sales on Direct Energy’s behalf and thereby bind Direct Energy in contracts with customers. In other words, Direct Energy authorized TMC to enter into agreements on its behalf.

The Court also found Direct Energy exerted a high level of control over TMC:

  • Direct Energy had the ability to audit TMC’s records to ensure compliance with its contractual obligations
  • Direct Energy could audit TMC’s subcontractors in the same manner
  • Direct Energy had access to TMC facilities to ensure compliance
  • Direct Energy had the ability to terminate the contract with or without cause
  • Direct Energy authorized TMC to telemarket on its behalf using the Direct Energy trade name as if Direct Energy was making the telemarketing call

Therefore, the Court found Dickson produced evidence which a reasonable jury could find that Direct Energy exerted such a level of control over TMC such that there was a principle/agent relationship, despite their contract expressly providing otherwise.

ACTUAL AUTHORITY

Actual authority exists when a principal explicitly grants permission to an agent to act on their behalf, whether through express or implied means.

Express authority

Pursuant to the Teleservices Agreement, TMC was responsible for complying with the TCPA. Thus, there was no evidence that TMC had express actual authority to contract individuals who had not given consent.

Implied authority

Dickson argued that Direct Energy nonetheless led TMC to reasonably believe it should make telemarketing calls that violate the TCPA. However, the Court found that TMC’s authority was expressly limited to opt-in leads. So, Dickson failed to demonstrate a genuine issue of material facts showing that TMC acted actual authority—either express or implied—when it contracted potential customers who had not opted in to receiving such calls.

APPARENT AUTHORITY

Apparent authority arises when a principal’s conduct leads a third party to reasonably believe that an agent has the authority to act on the principal’s behalf, even if such authority has not been explicitly granted.

Here’s where it gets interesting.

Dickson presented evidence that Direct Energy received several thousand complaints regarding the RVMs but did not stop the conduct.

That’s a lot of complaints..

Moreover, Direct Energy authorized TMC to use its trade name and approved the scripts. Thus, Dickson argued Direct Energy allowed third-party recipients of the RVMs to reasonably believe the RVMs were from Direct Energy.

And even though TMC used other third-party telephony services, this was expressly authorized by the agreement between Direct Energy and TMC.

Therefore, the Court found that Dickson demonstrated that Direct Energy authorized and instructed TMC to use its tradename in its RVMs, approved the scripts used by TMC, and knew or should have known of TMC’s improper conduct and that did not take action to prevent that conduct from continuing.

As such, the Court found a genuine issue of material fact existed that TMC acted with apparent authority when it contracted potential customers who had not opted in to receiving such calls.

RATIFICATION

Ratification occurs when an agent acts for the principal’s benefit and the principal does not repudiate the agent’s actions.

A plaintiff must present some evidence that a principal benefitted from the alleged unlawful conduct of its purported agent to hold the principal liable for the acts of the agent under the theory of ratification.

Here, Dickson failed to produce evidence that Direct Energy received any benefit from TMC’s unlawful telemarketing acts. For example, Dickson produced no evidence of any contracts that Direct Energy secured as a result of TMC contacting potential consumers who had not given opt-in consent. Importantly, the Court stated “[p]ure conjecture that Direct Energy must have benefitted in some way because of the volume of calls made by TMC on its behalf is simply not enough to survive summary judgment.”

Therefore, the Court found Dickson failed to demonstrate the existence of a material fact as to whether Direct Energy ratified TMC’s violations of the TCPA.

In light of the above, the Court recommended denying Direct Energy’s motion for summary judgment. Although there was no genuine issue of material fact related to actual authority and ratification, the Court determined that a genuine issue of material fact does exist concerning whether TMC acted with apparent authority.

This case highlights the complexities of agency relationships in TCPA cases and serves as a reminder for companies: mere contractual disclaimers of agency will not suffice. Courts can still hold you vicariously liable for the actions of third parties acting on your behalf! Choose the companies you are working with wisely.

© 2024 Troutman Amin, LLP
For more news on Independent Contractor TCPA Liability, visit the NLR Communications, Media, & Internet section.

EVERYTHING’S FINE: Big TCPA Win For Medical Debt Collector Suggests FCC Rulings Still Binding After Loper Bright–Let’s Hope it Stays That Way

Fascinating little case for you all today.

Consumer visits hospital for treatment. Provides phone number at admission. Receives treatment and is discharged.

Consumer fails to pay resulting invoices. Hospital and provider network turn account over to collections. Debt collector allegedly uses an ATDS to call consumer on the number she provided.

What result?

Prior to the Supreme Court’s Loper Bright decision the determination would be easy. The FCC held back in 2009 that providing a number in connection with a transaction permits autodialed calls to a consumer in connection with that transaction. And the Sixth Circuit Court of Appeals has directly held that providing a phone number on hospital intake documents permits later debt collection activity at that number–including via autodialer.

But the Loper Bright decision recently destroyed Chevron deference–meaning courts no longer have to yield to agency determinations of this sort. And while the Hobbs Act affords extra protections to certain FCC rulings, those protections only apply where certain procedural requirements were met by the Commission in adopting the rule.

So does the FCC’s rule from 2009 permitting informational calls to numbers provided in connection with a transaction still bind courts? According to the decision in Woodman v. Medicredit, 2024 WL 4132732 (D. Nv Sept. 9, 2024) the answer is yes!

In Woodman the defendant debt collector moved for summary judgment arguing the Plaintiff consented when she provided her number to the hospital. The Court had little problem applying the FCC’s 2009 order and precedent that came before Loper Bright to grant summary judgment to he defense. So just like that case is gone.

Great ruling for the defense, of course, and it makes me feel a bit better about the whole “no one knows what the law is anymore” thing, but the Woodman court didn’t really address the core issue– was the 2009 ruling enacted with sufficient APA pop and circumstance to merit Hobbs Act deference under PDR Resources. 

Really interesting question and one folks should keep in mind.

© 2024 Troutman Amin, LLP
For more news on Debt Collection TCPA Lawsuits, visit the NLR Consumer Protection section.

The Privacy Patchwork: Beyond US State “Comprehensive” Laws

We’ve cautioned before about the danger of thinking only about US state “comprehensive” laws when looking to legal privacy and data security obligations in the United States. We’ve also mentioned that the US has a patchwork of privacy laws. That patchwork is found to a certain extent outside of the US as well. What laws exist in the patchwork that relate to a company’s activities?

There are laws that apply when companies host websites, including the most well-known, the California Privacy Protection Act (CalOPPA). It has been in effect since July 2004, thus predating COPPA by 14 years. Then there are laws the apply if a company is collecting and using biometric identifiers, like Illinois’ Biometric Information Privacy Act.

Companies are subject to specific laws both in the US and elsewhere when engaging in digital communications. These laws include the US federal laws TCPA and TCFAPA, as well as CAN-SPAM. Digital communication laws exist in countries as wide ranging as Australia, Canada, Morocco, and many others. Then we have laws that apply when collecting information during a credit card transaction, like the Song Beverly Credit Card Act (California).

Putting It Into Practice: When assessing your company’s obligations under privacy and data security laws, keep activity specific privacy laws in mind. Depending on what you are doing, and in what jurisdictions, you may have more obligations to address than simply those found in comprehensive privacy laws.

Copyright © 2024, Sheppard Mullin Richter & Hampton LLP.
For more on Privacy Laws, visit the NLR Communications Media Internet section.

No Arbitration for Lead Buyer: Consent Form Naming Buyer Does Not Give Buyer Right to Enforce Arbitration in Tcpa Class Action

A subsidiary of Move, Inc. bought a data lead from Nations Info, Corp. off of its HudHomesUsa.org website. The subsidiary made an outbound prerecorded call resulting in a TCPA lawsuit against Move. (Fun.)

Move, Inc. moved to compel arbitration arguing that since its subsidiary was named in the consent form–it argued the arbitration clause necessarily covered it because the whole purpose of the clause was to permit parties buying leads from the website to compel TCPA cases to arbitration.

Good argument, but the court disagreed.

In Faucett v. Move, Inc. 2024 WL 2106727 (C.D. Cal. April 22, 2024) the Court refused to enforce the arbitration clause finding that Move, Inc. was not a signatory to the agreement and could not enforce it under any theory.

Most interestingly, Move argued that a motivating purpose behind the publisher’s arbitration clause was to benefit Move because Nations Info listed Opcity —Move’s subsidiary—in the Consent Form as a company that could send marketing messages to Hud’s users. (Mot. 1–2.)

But the Court found the Terms and Consent Form were two different documents, and accepting the one did not change the scope of the other.

The Court also found equitable estoppel did not apply because Plaintiff was not moving to enforce the terms of the agreement. Quite the contrary, Plaintiff denied any arbitration (or consent) agreement existed.

So Move is stuck.

Pretty clear lesson here: lead buyers should make sure the arbitration provisions on any website they are buying leads from includes third-parties (like the buyer) as a party to the clause. Failing to do so may leave the lead buyer stuck without the ability to enforce the provision–and that can lead to a massive class action with potential exposure in the hundreds of millions or billions of dollars.

Lead buyers are already forcing sellers to revise their flows in light of the FCC’s new one to one consent rules. So now would be a GREAT time to revisit requirements around arbitration provisions as well.

Something to think about.

© 2024 Troutman Amin, LLP
For more news on Telephone Lead Litigation, visit the NLR Communications, Media & Internet section.

The FCC Approves an NOI to Dive Deeper into AI and its Effects on Robocalls and Robotexts

AI is on the tip of everyone’s tongue it seems these days. The Dame brought you a recap of President Biden’s orders addressing AI at the beginning of the month. This morning at the FCC’s open meeting they were presented with a request for a Notice of Inquiry (NOI) to gather additional information about the benefits and harms of artificial intelligence and its use alongside “robocall and robotext”. The following five areas of interest are as follows:

  • First, the NOI seeks, on whether and if so how the commission should define AI technologies for purposes of the inquiry this includes particular uses of AI technologies that are relevant to the commission’s statutory response abilities under the TCPA, which protects consumers from nonemergency calls and texts using an autodialer or containing an artificial or prerecorded voice.
  • Second, the NOI seeks comment on how technologies may impact consumers who receive robocalls and robotexts including any potential benefits and risks that the emerging technologies may create. Specifically, the NOI seeks information on how these technologies may alter the functioning of the existing regulatory framework so that the commission may formulate policies that benefit consumers by ensuring they continue to receive privacy protections under the TCPA.
  • Third, the NOI seeks comment on whether it is necessary or possible to determine at this point whether future types of AI technologies may fall within the TCPA’s existing prohibitions on autodial calls or texts and artificial or prerecorded voice messages.
  • Fourth, NOI seeks comment on whether the commission should consider ways to verify the authenticity and legitimately generate AI voice or text content from trusted sources such as through the use of watermarks, certificates, labels, signatures, or other forms of labels when callers rely on AI technology to generate content. This may include, for example, emulating a human voice on a robocall or creating content in a text message.
  • Lastly, seeks comment on what next steps the commission should consider to further the inquiry.

While all the commissioners voted to approve the NOI they did share a few insightful comments. Commissioner Carr stated “ If AI can combat illegal robocalls, I’m all for it” but he also expressed that he does “…worry that the path we are heading down is going to be overly prescriptive” and suggests “…Let’s put some common-sense guardrails in place, but let’s not be so prescriptive and so heavy-handed on the front end that we end up benefiting large incumbents in the space because they can deal with the regulatory frameworks and stifling the smaller innovation to come.”

Commissioner Starks shared “I, for one, believe this intersectionality is clinical because the future of AI remains uncertain, one thing is clear — it has the potential to impact if not transform every aspect of American life, and because of that potential, each part of our government bears responsibility to better understand the risks, opportunities within its mandate, while being mindful of the limits of its expertise, experience, and authority. In this era of rapid technological change, we must collaborate, lean into our expertise across agencies to best serve our citizens and consumers.” Commissioner Starks seemed to be particularly focused on AI’s ability to facilitate bad actors in schemes like voice cloning and how the FCC can implement safeguards against this type of behavior.

“AI technologies can bring new challenges and opportunities. responsible and ethical implementation of AI technologies is crucial to strike a balance, ensuring that the benefits of AI are harnessed to protect consumers from harm rather than amplifying the risks in increasing the digital landscape” Commissioner Gomez shared.

Finally, the topic around the AI NOI wrapped up with Chairwoman Rosenworcel commenting “… I think we make a mistake if we only focus on the potential for harm. We needed to equally focus on how artificial intelligence can radically improve the tools we have today to block unwanted robocalls and robotexts. We are talking about technology that can see patterns in our network traffic, unlike anything we have today. They can lead to the development of analytic tools that are exponentially better at finding fraud before it reaches us at home. Used at scale, we cannot only stop this junk, we can use it to increase trust in our networks. We are asking how artificial intelligence is being used right now to recognize patterns in network traffic and how it can be used in the future. We know the risks this technology involves but we also want to harness the benefits.”

© 2023 Troutman Amin, LLP
For more news on AI and its Impact on Robocalls and Robotexts, visit the NLR Communications, Media & Internet section.

MAXIMUM PRESSURE: Stratics Networks Hit With Massive DOJ Complaint Related to RVM Use by Customers and The Heat is Really On Platforms Right Now

So just last month the covered the story of Phone Burner being absolutely destroyed by a recent FCC order directing carriers to stop carrying its traffic. It be came the most read story EVER on TCPAWorld.com.

This one might be even bigger.

Before I get to the punchline, bear with me for a second.

Ringless voicemail.

I have been saying for many years that these things are covered by the TCPA. The Courts have said it. The FCC has said it.

But the ringless voicemail providers, by and large, refused to get the message. As recently as late last year I still have people coming to me telling me that this platform or that service was telling them that the TCPA does not apply to ringless voicemail. And I have personally heard sales pitches within the last couple of years where a ringless voicemail provider told potential customers the TCPA does not apply to the technology.

Lies, lies and more lies. And I hate lies.

The argument for RVM not being covered by the TCPA is a dreadful one. Some lawyer–NOT ME– long ago prepared a white paper suggesting that because voicemail is a title III information service and not a title II communication service that, somehow, that means the direct drop process to leave a voicemail also wasn’t a communication. Its nuts. Totally irrational. And beyond that, it was just dumb.

There was a better rationale for the argument–that the messages traversed business class landlines and not cellular networks–but that argument, too, has been rejected in recent years.

Anyhoo, RVM are definitely covered by the TCPA and that is a fact that has been known for many years. But that did not stop one major RVM provider from–allegedly–allowing its users to blast folks without consent.

And here is where we get to the big news: On Friday the Department of Justice filed a massive complaint–on referral from the FTC–against a debt relief company that was allegedly violating the TSR by sending RVMs without consent and failing to include content required by the TSR in the message.

Please notice that the complaint was NOT just filed against the debt relief company. It was filed against Stratics Networks–the wholesale carrier that permitted the traffic and also, apparently, supplied the RVM platform that was used to send the messages. But the complaint was also filed against the intermediary VOIP service provider, Netlatitude, Inc.–and its president Kurt S. Hannigan personally (!),  that provided access to the debt relief company through Stratics (or perhaps vice versa.)

The actual wrongdoers were apparently a debt relief company called Tek Ventures, LLC, doing business as Provident Solutions and a marketing company hired by Provident–Atlas Marketing Partners, Inc.

A bunch of other players, including INDIVIDUALS are also named as the FTC and DOJ really came to play with a sledgehammer here.

Each of these companies (and people) are alleged to have done something a bit different wrong. And its worth seeing how the government is going after each member of the alleged illegal robocall ring.

Of most interest to me–and I suspect most of you–is the case against Stratics. Like Phone Burner, Stratics is a very well known platform out there. Big footprint. And it is perceived to be a fairly compliant player.

Out of the gate, some of the allegations of the Complaint seek to impose a MUCH broader set of requirements on a carrier than have ever been seen before. For instance, the DOJ complains:

  • Despite acknowledging in its terms and conditions of service that its customers must “obtain the prior written consent from each recipient to contact such recipient” “[w]here required by applicable law or regulation,” Stratics Networks did not have evidence of such consent and did not request or require that its customers submit such evidence;

  • Stratics Networks has access to the prerecorded messages its customers upload to its RVM platform and reserves the right to audit its customers’ accounts in its terms and conditions of service, but it does not conduct due diligence to ensure that the messages actually identified the seller or caller, or to prohibit the transmission of prerecorded messages that failed to do so, or to ensure that that the call recipient had given express consent to receive the call; and

  • Stratics did not “require[]” and “ensur[e] that users  obtain prior express written consent from recipients, scrub lists of uploaded phone numbers against the DNC Registry, or otherwise comply with the TSR as a condition of using the platform.

But, so what?

A carrier owes no duty to at law to review the content of messages sent over its network. Gees, it would be a huge violation of privacy if it did. And sure an RVM platform may have access to the voicemails that were uploaded but since when is it required to review those and provide compliance advice? That’s just plain nuts.

Further, the fact that Stratics required consent for users of its platform is plenty. Folks use AUPs and disclosures to assure their platforms are not being misused. Since when does the law require them to actually possess consent–or “require” and “ensure” compliance– before allowing someone to use their network? Since never. And its just nuts for the FTC and DOJ to suggest otherwise.

Outside of really extreme cases, a carrier is still just a carrier. And a platform is still just a platform. Sure there can be times when these companies are so involved with messages–or know (we’ll get to that) of abuses–such that they are responsible as if they had sent them. But in the ordinary course these folks have NO DUTY to ensure…. anything.

So I’m a bit perturbed by the insinuation that these allegations, alone, make Stratics blameworthy. They speak to duties that do not exist in the law. If the DOJ and FTC doesn’t like the current state of the law they should take it up with Congress (or, in the case of the FTC, start an NPRM process, hint hint.)

But other allegations are more damaging–particularly those related to the knowledge Stratics had about the use of its platform. And, here again, we see the ITG playing a big role.

Per the Complaint, “Stratics Networks received numerous Traceback Requests from USTelecom’s ITG alerting it to suspected illegal robocall traffic delivered via Stratics Networks’ RVM platform service and seeking its assistance in identifying the source(s) (i.e., upstream carrier or originating end-user) of these “likely illegal” robocalls, including over 30 such requests between August 2019 and February 2021.”

Now 30 requests may seem like a lot, but you have to keep in mind how active the ITG is. They’re firing off a ton of “tickets” every single day. So I’m not convinced that 30 tickets over a year and a half is really that big of a deal. Plus, these tickets are directed at the content of user messages traversing the Stratics network–it does not mean that any of these were actually Stratics customers. (BTW, the DOJ was kind enough to name a bunch of the ticket sources: “Atlas Marketing, Telecord, Telesero, Health Innovations, National Homebuyers, Elite Processing, Deltracon, Technest Limited, Shamoon Ahmad, Progressive Promoting, Nitzke Enterprize, Care Advocacy Solutions, and PubClub.” Hope your name isn’t in there!)

So, again, I don’t love the government’s case so far. But it does get stronger. For instance:

  • In some instances, even when Stratics Networks did identify the RVM customers responsible for these illegal robocalls, Stratics Networks allowed these RVM customers to open additional accounts and/or continue utilizing its RVM platform service for several weeks or months without suspending or terminating their RVM accounts.

  • In some instances, Stratics Networks did not suspend these RVM customers’ accounts until after it received a civil investigative demand from the FTC in November 2020 inquiring about prerecorded messages delivered using its RVM platform service.

Ok, now the government is getting closer. The case law is reasonably clear that where a carrier or platform knows of illegal traffic on its network it does need to take some action to prevent it. If Stratics allowed customers who were committing violations to open new accounts or run new campaigns that could be a problem, unless it did extra heightened diligence to assure compliance.

But now, the big allegations:

  • Several of US Telecom’s ITG’s Traceback Requests to Stratics Networks concerned robocalls delivered over Stratics Networks’ RVM platform as part of the Atlas Defendants’ debt relief telemarketing campaign, including Traceback Requests Stratics Networks received between April and June 2020. These Traceback Requests indicated that they concerned a “DebtReduction-Hardship” or “DebtReduction CoronaHardship” campaign, and they noted that the robocalls delivered prerecorded messages offering preapproved loans and did not identify the caller.

  • Notwithstanding Stratics Networks’ representation to US Telecom’s ITG in response to a April 29, 2020 traceback request that it “ha[d] taken immediate action and triggered a full investigation” into the Traceback Request and “also suspended traffic,” Stratics Networks permitted Atlas Marketing to continue using its RVM platform service to deliver millions more robocalls for over five more months;

  • After April 29, 2020, Stratics Networks permitted Atlas Marketing to use its RVM service to deliver more than 23 million additional ringless voicemail robocalls to American consumers.

Ok so Stratics allowed 23 million voicemails by Atlas after telling the ITG it would suspend its traffic. Now that could be a problem. Especially if those 23MM voicemails violated the TSR and TCPA (although that fact is, perhaps tellingly, left out of the complaint.)

Notice the timing here also. ITG tickets went out in April, 2020. A CID followed in October, 2020. And then the complaint was filed in February, 2023 two and a half years later.

So all of you carriers and platforms that have received ITG tickets followed by CIDs, keep this in mind. Even if a year or more has passed, the FTC might still be working the case.

So what did Netlatitude do wrong? Well this appears to be a volume play. Specifically the FTC is concerned that Netlatitude allowed Atlas to send “136,000 robocalls” using Stratics Networks’ SIP termination service on just two days in September 2020.

Again, I kind of want to shrug at that. While high volume traffic can be a red flag, there is ZERO requirement a carrier decline to carry traffic merely because there might be a lot of it.

Netlatitude also apparently received several ITG tickets but it is not clear that they had anything to do with Atlas. So I am very fuzzy as to why Netlatitude is in the case–except that Stratics apparently pointed the finger at Netlatitude and its President.

As to the debt relief companies, the claims here are wide and varied. First, there is a claim of straight consumer deception. They allegedly promised consumers they’d be out of debt in two years and that monthly payments would be used in a way that turned out not to be true. Ok. Makes sense.

Next they allegedly sent voicemails that did not identify the sender and sent calls to numbers on the DNC list without consent. Again, pretty straightforward.

They also allegedly received a fee prior to providing debt relief, which is also not permitted. So… if true, open and shut case. I think.

In the end the government is asking for a bunch of stuff. Most damaging for Stratics is the injunctive relief provision:

A. Enter a permanent injunction to prevent future violations of the TSR and the FTC Act by Defendants;

B. Award monetary and other relief within the Court’s power to grant;

C. Award Plaintiff monetary civil penalties for every violation of the Telemarketing Sales Rule; and

D. Award Plaintiff such other and additional relief the Court may determine to
be just and proper

Lots of big take aways here. We already knew that carriers and platforms can’t turn a blind eye to bad traffic on their networks, but in this case the government seeks to go much further and impose duties on these companies to “require” and “ensure” only lawful traffic traverses their networks. That is just craziness and I think a lot of carriers will fold up shop if they suddenly become strictly liable for misconduct on their networks. Indeed, just 8 years ago carriers were completely beyond liability for traffic on their network and now they are to be treated as always liable for it? That is unfair and absurd.

Obviously those of you in the debt relief game need to pay careful attention here as well. NO cheating allowed. If you make a representation it has to be true. And don’t charge that fee up front–can get you into trouble.

Notice also that NONE of these claims are brought under the TCPA. But some could have been. The TCPA also prevents the use of RVMs to to cell phones without the proper level of consent. And the TCPA bans solicitations to residential numbers on the DNC list. I presume the DOJ didn’t want to tangle with any additional issues here–or perhaps the FTC did not want to tread on the FCC’s toes by moving into TCPA issues. Unclear to me.

But what IS clear to me is that this complaint is a huge deal and should really have every carrier and platform out there asking itself what the future may hold…

Read the complaint here: Complaint Against Stratics, et al.

Article By Eric J. Troutman of Troutman Firm

For more internet and telecom legal news, click here to visit the National Law Review.

© 2023 Troutman Firm

SUPERBOWL CIPA SUNDAY: Does Samsung’s Website Chat Feature Violate CIPA?

Happy CIPA and Super Bowl Sunday TCPA World!

So, Samsung is under the spotlight with a new CIPA case brought by a self-proclaimed “tester.” You know like Rosa Parks?? Back to that in a bit.

The California Invasion of Privacy Act (“CIPA”) prohibits both wiretapping and eavesdropping of electronic communications without the consent of all parties to the communication. The Plaintiff’s bar is zoning in to CIPA with the Javier ruling.

If you recall, Javier found that “[T]hough written in terms of wiretapping, Section 631(a) applies to Internet communications. It makes liable anyone who ‘reads, or attempts to read, or to learn the contents’ of a communication ‘without the consent of all parties to the communication.’ Javier v. Assurance IQ, LLC, 2022 WL 1744107, at *1 (9th Cir. 2022).

Here, Plaintiff Garcia claims that Defendant both wiretaps the conversations of all website visitors and allows a third party to eavesdrop on the conversations in real time during transmission. Garcia v. Samsung Electronics America, Inc.

To enable the wiretapping, Plaintiff claims that Defendant has covertly embedded software code that functions as a device and contrivance into its website that automatically intercepts, records and creates transcripts of all conversations using the website chat feature.

To enable the eavesdropping, Defendant allows at least one independent third-party vendor to secretly intercept (during transmission and in real time), eavesdrop upon, and store transcripts of Defendant’s chat communications with unsuspecting website visitors – even when such conversations are private and deeply personal.

But Plaintiff currently proceeds in an individual action but if Samsung does not take appropriate steps to fully remedy the harm caused by its wrongful conduct, then Garcia will file an amended Complaint on behalf of a class of similarly aggrieved consumers.

Now back to Civil Rights.

According to this Complaint, Garcia is like Rosa Parks, you know, the civil rights activist. Why?

Well, because “Civil rights icon Rosa Parks was acting as a “tester” when she initiated the Montgomery Bus Boycott in 1955, as she voluntarily subjected herself to an illegal practice to obtain standing to challenge the practice in Court.”

Because Wiretapping and civil rights are similar right??

Disgusted.

The Plaintiff’s bar has no problem muddying the waters to appeal to the courts.

Do better.

CIPA is some dangerous stuff. Websites use chat features to engage with consumers all the time. It seems like it is easier to communicate via chat or text than to sit on a call waiting for an agent – assuming you get an agent. But maybe not?

Stay safe out there TCPA World!

Til next time Countess!! back to the game, GO EAGLES!!! #Phillyproud

Article By Jenniffer Cabrera of Troutman Firm

For more communications, media, and internet legal news, click here to visit the National Law Review.

© 2023 Troutman Firm

TCPA Turnstile: 2022 Year in Review (TCPA Case Update Vol. 17)

As 2022 comes to a close, we wanted to look back at the most significant Telephone Consumer Protection Act, 47 U.S.C. § 227 (“TCPA”) decisions of the year.  While we didn’t see the types of landscape-altering decisions that we saw in 2021, there’s still plenty to take note of.  We summarize here the biggest developments since our last update, listed by issue category in alphabetical order.

Arbitration: In Kelly v. McClatchy Co., LLC, 2022 WL 1693339 (E.D. Cal.  May 26, 2022), the District Court denied the defendant’s motion to compel arbitration because the contractual relationship between the parties had terminated before the unwanted calls were made. Plaintiffs had originally signed defendant’s Terms of Service which bound them to an arbitration provision for all legal disputes. Plaintiffs then cancelled their subscriptions which subsequently ended the enforceability of the Terms of Service against them. However, plaintiffs then received unwanted calls from Defendant seeking service renewals which the court deemed were not covered by the arbitration clause, even under a theory of post-expiration enforcement.

ATDS: Following Facebook v. Duguid, 141 S. Ct. 1163 (2021), courts are still struggling to define an “automatic telephone dialing system,” and the Third Circuit weighed in through Panzarella v. Navient Sols., Inc., 2022 WL 2127220 (3d Cir. June 14, 2022).  The district court granted defendant’s motion for summary judgment on the grounds that plaintiffs failed to show that an ATDS was used to call their phones. The Third Circuit upheld the summary judgment ruling but did not decide whether the dialing equipment used constituted an “ATDS” under the TCPA. Rather, its ruling hinged on the fact that defendant’s dialer pulled phone numbers from its internal database, not computer-generated tables. As such, the Third Circuit found that even though the system may very well be an unlawful ATDS system under the TCPA, if it is not used in that way, defendants could not be held liable.

In an interesting move, the court in Jiminez v. Credit One Bank, N.A., Nco Fin. Sys., 2022 WL 4611924 (S.D.N.Y. Sept. 30, 2022), narrowed the definition of an “ATDS,” choosing to reject the Second Circuit approach in favor of the Third Circuit’s approach in Panzarella. Here, plaintiff alleged that defendant used a dialing system to send numerous calls without consent. The Second Circuit follows the majority view that, if a system used to dial numbers has the ability to store or generate random numbers, the call made violates the TCPA, even if the random dialing function is not actually utilized. But the court in Jiminez found the Third Circuit’s reasoning persuasive and applied it to the case, finding that plaintiff failed to show the dialing system was actually used in a way that violated the TCPA. It granted summary judgment to defendants on the TCPA claims because the evidence showed the numbers used were all taken from a pre-approved customer list, not generated from random dialing.

Similarly, in Borden v. Efinancial, LLC, 2022 WL 16955661 (9th Cir. Nov. 16, 2022), the Ninth Circuit also adopted a narrower definition of an ATDS, finding that to qualify as an ATDS, a dialing system must use its automation function generate and dial random or sequential telephone numbers. This means that a mere ability to generate random or sequential numbers is irrelevant, the generated numbers must actually be telephone numbers. Given the circuit split on this issue, it seems likely that the Supreme Court will eventually have to weigh in.

Notably, in May 2022, the FCC issued a new order which will target unlawful robocalls originating outside the country. The order creates a new classification of service providers called “Gateway Providers” which have traditionally served a transmitters of international robocalls. These providers are domestic intermediaries which are now required to register with the FCC’s Robocall Mitigation database, file a mitigation plan with the agency, and certify compliance with the practices therein.

Class Certification: In Drazen v. Pinto, 41 F. 4th 1354 (11th Cir. July 27, 2022), the Eleventh Circuit considered the issue of standing in a TCPA class action. Plaintiffs’ proposed settlement class included unnamed plaintiffs who had only received one unsolicited text message. Because the court held in an earlier case (Salcedo v. Hanna, 936 F.3d 1162 (11th Cir. 2019)) that just one unwanted message is not sufficient to satisfy Article III standing, it found that some of the class members did not have adequate standing. The district court approved the class with these members in it, finding that those members could remain because they had standing in their respective Circuit and only named plaintiffs needed to have standing. The Eleventh Circuit held otherwise and vacated the class certification and settlement in the case. It remanded, allowing for redefinition of the class giving all members standing.

Consent: Chennette v. Porch, 2022 WL 6884084 (9th Cir. Oct. 12, 2022), involved a defendant who used cell phone numbers posted on publicly available websites, like Yelp and Facebook, to solicit client leads to contractors through unwanted text messages. The court rejected defendant’s argument that plaintiffs consented to the calls because their businesses were advertised through these public posts with the intent of obtaining new business. Beyond that, the court also found that even though these cell phones were used for both personal and business purposes, the numbers still fell within the protection of the TCPA, allowing plaintiffs to satisfy both statutory and Article III standing.

Damages: In Wakefield v. ViSalus, 2022 WL 11530386 (9th Cir. Oct. 20, 2022), the Ninth Circuit adopted a new test to determine the constitutionality of an exceptionally large damages award. Defendant was a marketing company that made unwanted calls to former customers, soliciting them to renew their subscriptions to weigh-loss products. After a multi-day trial, a jury returned a verdict for the plaintiff with a statutory damages award of almost $1 billion. The Ninth Circuit reversed and remanded to the district court to consider the constitutionality of the award. While the district court’s test asked whether the award was “so severe and oppressive” as to violate defendant’s due process rights, the Ninth Circuit instructed it to reassess using a test outlined in a different case, Six Mexican Workers. The Six Mexican Workers test assesses the following factors in determining the constitutionality of the damages award: “1) the amount of award to each plaintiff, 2) the total award, 3) the nature and persistence of the violations, 4) the extent of the defendant’s culpability, 5) damage awards in similar cases, 6) the substantive or technical nature of the violations, and 7) the circumstances of each .” We are still awaiting that determination on remand.

Standing: In Hall v. Smosh Dot Com, Inc., 2022 WL 2704571 (E.D. Cal July 12, 2022), the court addressed whether plaintiff had standing under the TCPA as a cell phone plan subscriber where the text messages were only received by someone else on the plan; in this case, plaintiff was the subscriber and her minor son was the recipient of the unwanted text messages. The court granted defendant’s motion to dismiss for lack of standing because she could not show that status of a subscriber alone could convey adequate standing under Article III.

In Rombough v. State Farm, No. 22-CV-15-CJW-MAR, (N.D. Iowa June 9, 2022), the court evaluated standing under the TCPA based on a plaintiff’s number being listed on the Do Not Call list. It determined that being on the DNC was not an easy ticket into court, plaintiff needed to allege more than just having its number on the list. Rather, the plaintiff need have actually registered their own numbers on the list.

© 2022 Vedder Price
For more Cybersecurity and Privacy Law news, click here to visit the National Law Review.

ANOTHER TRILLION DOLLAR CASE:? TikTok Hit in MASSIVE CIPA Suit Over Its Business Model of Profiting from Advertising by Collecting and Monetizing User Data

Data privacy lawsuits are EXPLODING and one of our country’s most popular mobile app — TikTok’s privacy issues keep piling up.

Following its recent $92 million class-action data privacy settlement for its alleged violation of Illinois Biometric Information Privacy Act (BIPA), TikTok is now facing a CIPA and Federal Wire Tap class action for collecting users’ data via its in-app browser without Plaintiff and class member’s consent.

The complaint alleges “[n]owhere in [Tik Tok’s] Terms of Service or the privacy policies is it disclosed that Defendants compel their users to use an in-app browser that installs JavaScipt code into the external websites that users visit from the TikTok app which then provides TikTok with a complete record of every keystroke, every tap on any button, link, image or other component on any website, and details about the elements the users clicked. “

Despite being a free app, TikTok makes billions in revenue by collecting users’ data without their consent.

The world’s most valuable resource is no longer oil, but data.”

While we’ve discussed before, many companies do collect data for legitimate purposes with consent. However this new complaint alleges a very specific type of data collection practice without the TikTok user’s OR the third party website operator’s consent.

TikTok allegedly relies on selling digital advertising spots for income and the algorithm used to determine what advertisements to display on a user’s home page, utilizes tracking software to understand a users’ interest and habits. In order to drive this business, TikTok presents users with links to third-party websites in TikTok’s in-app browser without a user  (or the third party website operator) knowing this is occurring via TikTok’s in-app browser. The user’s keystrokes is simultaneously being intercepted and recorded.

Specifically, when a user attempts to access a website, by clicking a link while using the TikTok app, the website does not open via the default browser.  Instead, unbeknownst to the user, the link is opened inside the TikTok app, in [Tik Tok’s] in-app browser.  Thus, the user views the third-party website without leaving the TikTok app. “

The Tik-Tok in-app browser does not just track purchase information, it allegedly tracks detailed private and sensitive information – including information about  a person’s physical and mental health.

For example, health providers and pharmacies, such as Planned Parenthood, have a digital presence on TikTok, with videos that appear on users’ feeds.

Once a user clicks on this link, they are directed to Planned Parenthood’s main webpage via TikTok’s in-app browser. While the user is assured that his or her information is “privacy and anonymous,” TikTok is allegedly intercepting it and monetizing it to send targeted advertisements to the user – without the user’s or Planned Parenthood’s consent.

The complaint not only details out the global privacy concerns regarding TikTok’s privacy practices (including FTC investigations, outright ban preventing U.S. military from using it, TikTok’s BIPA lawsuit, and an uptick in privacy advocate concerns) it also specifically calls out the concerns around collecting reproductive health information after the demise of Roe v. Wade this year:

TikTok’s acquisition of this sensitive information is especially concerning given the Supreme Court’s recent reversal of Roe v. Wade and the subsequent criminalization of abortion in several states.  Almost immediately after the precedent-overturning decision was issued, anxieties arose regarding data privacy in the context of commonly used period and ovulation tracking apps.  The potential of governments to acquire digital data to support prosecution cases for abortions was quickly flagged as a well-founded concern.”

Esh. The allegations are alarming and the 76 page complaint can be read here: TikTok.

In any event, the class is alleged as:

“Nationwide Class: All natural persons in the United State whose used the TikTok app to visit websites external to the app, via the in-app browser.

California Subclass: All natural persons residing in California whose used the TikTok app to visit websites external to the app, via the in-app browser.”

The complaint alleges California law applies to all class members – like the Meta CIPA complaint we will have to wait and see how a nationwide class can be brought related to a CA statute.

On the CIPA claim, the Plaintiff – Austin Recht – seeks an unspecific amount of damages for the class but the demand is $5,000 per violation or 3x the amount of damages sustained by Plaintiff and the class in an amount to be proven at trial.

We’ll obviously continue to keep an eye out on this.

Article By Puja J. Amin of Troutman Firm

For more communications and media legal news, click here to visit the National Law Review.

© 2022 Troutman Firm