Alexander Stout

Subscribe to Alexander Stout's Posts

On July 10, the Federal Communications Commission (“FCC”) released the text of a Declaratory Ruling and Order, initially adopted on June 18, that provides various clarifications regarding the Telephone Consumer Protection Act of 1991 (“TCPA”) and the FCC’s existing rules. The proceeding that led to the Order attracted widespread attention and was the result of nearly two dozen petitions filed by organizations representing healthcare, banking, retail, and telecommunications interests. The broad interest in this proceeding is the direct result of the sweeping impact that the TCPA has had on when and how businesses may contact consumers, as well as the multiplicity of consumer class actions threatened and filed against advertisers, debt collectors, and others making automated calls or sending automated text messages.

What is an “Automatic Telephone Dialing System” (ATDS)?

The first clarification made by the Order is with respect to “autodialers” (or, in the wording of the statute, an “automatic telephone dialing system”). The TCPA and the FCC’s existing rules prohibit making non-emergency calls to a wireless number without prior express consent when those calls are made using an autodialer or an artificial or prerecorded voice. Accordingly, there has been significant controversy over what kinds of dialing systems qualify as autodialers, which the TCPA defines as equipment that has the “capacity” to “store or produce telephone numbers to be called, using a random or sequential number generator,” and to “dial such numbers.” See, e.g., Satterfield v. Simon & Shuster, Inc., 569 F.3d 946, 951 (9th Cir. 2009) (A “system need not actually store, produce, or call randomly or sequentially generated telephone numbers, it need only have the capacity to do it” for the TCPA to apply.).[i]

June is proving to be a very active month for the US Federal Communications Commission (FCC) in construing the Telephone Consumer Protection Act, including what sorts of consumer interactions are sufficient to meet the requirements for consent to receive marketing or other messages. This post reports on an extraordinary warning letter issued to PayPal, criticizing a user-agreement based approach to collecting consent. Next week, we will report on a series of TCPA interpretative guidance which was adopted yesterday by a vote of 3 to 2.

On June 11, the FCC publicly released a warning letter sent to PayPal, Inc., by the FCC’s Enforcement Bureau, stating that PayPal’s new user agreement “may violate” a federal law called the Telephone Consumer Protection Act, or TCPA. The TCPA requires a consumer’s consent before a business may make certain types of phone calls or send automated text messages. PayPal had released a modification of its existing user agreement (set to go into effect on July 1) that would authorize the company to make “autodialed or prerecorded calls and text messages” for a variety of purposes and at any telephone number PayPal associates with the customer.

On Wednesday, April 8, the Federal Communications Commission (FCC) entered a consent decree and levied a $25 million civil penalty against AT&T to settle a data breach that exposed the information of nearly 280,000 customers.  This order comes on the heels of other recent FCC enforcement actions for privacy violations, demonstrating an invigorated effort by the FCC to “exercise its full authority” against companies that fail to secure customer data.

Until last week’s AT&T decision, the October 2014

The State of California, long the most proactive U.S. state in enacting data privacy laws, has again modified its breach notification and data protection laws.  This week, Governor Jerry Brown signed two privacy bills into law:  SOPIPA (SB 1177), aimed at regulating the use of student data, and AB 1710, targeting data protection more broadly.  Taken together, these bills highlight the continuing compliance challenges facing American businesses which must conform not only to state-specific privacy standards, but also monitor