1. Introduction
    Receipt of unsolicited phone calls or text messages is not uncommon. These calls are often only moderately inconvenient for the recipient; however, if the unsolicited communication does not strictly follow the mandates of the Telephone Consumer Protection Act (“TCPA”), consequences for the caller can be catastrophic. The following is a brief overview of the TCPA, recent developments in the law, and best practices to protect your business and to ultimately avoid costly litigation.
  2. TCPA Background
    The TCPA was enacted in 1991, a time when residential landlines were standard and cellular telephones were an exception. Twenty-seven years later, the trend has reversed. Not only are mobile phones commonplace, but landlines are now the exception. Yet the operative definitions in the TCPA have not translated well in the climate of the rapidly advancing technology.  As a result, TCPA litigation has dramatically increased, and businesses are facing tens of millions of dollars in potential damages.

    1. What is the Telephone Consumer Protection Act of 1991 (TCPA)?
      The TCPA was designed to safeguard consumer privacy from unwanted telemarketing calls, text messages, and other pre-recorded or autodialed calls. Specifically, the TCPA restricts calls “using any automatic telephone dialing system [(“ATDS” “autodialer”)] or an artificial or prerecorded voice” to any “residential telephone line” and to any telephone number assigned to “a cellular telephone service.” Under the TCPA, an “autodialer” is defined as “equipment which has the capacity—(A) to store or produce telephone numbers to be called, using a random or sequential number generator; and (B) to dial such numbers.”

      1. Residential Telephones
        Prerecorded telemarketing phone calls to residential numbers can only be made with the prior express written consent of the called party.
      2. Cellular Phones
        Restrictions governing the use of autodialers and artificial voice calls to cellular telephones are notably broader. The restrictions apply to telemarketing calls and text messages, and also to most other kinds of non-emergency calls, including debt-collection and promotional and informational calls. However, the TCPA does exempt calls “made solely to collect a debt owed to or guaranteed by the United States.”
        To legally make calls for marketing or sales purposes, a company must have express written consent for calls or text messages. For non-telemarketing calls or text messages, a company must have express oral or written consent.
      3. National Do-Not-Call Registry
        Companies may not call telephone numbers that have been placed on the National Do-Not-Call Registry unless there is a prior existing business relationship with the consumer or the consumer has given express written consent. Companies must cease all calls to numbers on the registry within 31 days of addition to the registry. Companies are also required to maintain internal lists that include numbers of those consumers who have asked not to be called and must honor such requests within 30 days of the request.
        However, there is a safe harbor provision that provides a defense if a company can demonstrate (1) that the call was made in error and (2) the company meets specific routine business standards. The specified standards include:

        1. The company has established written procedures to comply with the national do-not-call rules;
        2. The company has trained its personnel and any entity assisting in its compliance in the national do-not-call rules;
        3. The company maintains and records a list of numbers the company may not contact;
        4. The company utilizes a process to prevent solicitations to numbers listed on the registry and accesses the numbers listed on the registry no more than 31 days prior to the date any call is made.
    2. What are the consequences for noncompliance?
      The penalties for TCPA violations can be catastrophic. The Act provides a private right of action for actual monetary loss or $500.00 per violation. If the court finds that the violation was willful or knowing, the award may be increased to not more than three times the greater of actual monetary loss or $500.00 per violation.  Thus, for example, if 100 calls are made for what might be considered ordinary legitimate business purposes, yet the calls violate the TCPA and the violations are found to be intentional or willful, your company may be liable for up to $150,000 in damages!
    3. Common TCPA Violations
      Calling cellular devices using an automatic telephone dialing system.
      Initiating prerecorded calls to residential telephones without (1) prior express consent; or (2) appropriate disclosures.
      Making telemarketing calls to telephone numbers listed on the National Do-No-Call Registry.
  3. TCPA Litigation
    Compliance with the TCPA was rather simple when the statute was first enacted. However, given the rapidly advancing technology, the TCPA became technologically outdated.  Statutory ambiguities and inconsistencies arose, and litigation increased. Clarification was necessary. In 2015, the Federal Communication Commission sought to provide such clarity. The result was the opposite.

    1. Federal Communication Commission’s 2015 TCPA Omnibus Ruling
      In addition to quickly advancing technology, a July 2015 FCC Order broadly interpreting the scope and reach of the TCPA further muddied the waters. This ruling expanded the scope of the TCPA to cover nearly any software-enabled dialing device, removed the teeth from the express consent defense, and put callers at risk for calling numbers that had changed hands without their knowledge.

      1. Automatic Telephone Dialing System (“ATDS” or “Autodialer”)
        At the root of compliance is first the definition of “automatic telephone dialing system” and more specifically, what has the capacity to fall underneath the definition. This is critical because it determines initial compliance failure.  If law-abiding companies are unable to discern what devices are prohibited, they automatically fail at the outset, with staggering penalties.
        In its Order, the FCC explained that a basic function of an autodialer is to “dial numbers without human intervention.” However, at the same time, the FCC also declined to clarify “that a dialer is not an autodialer unless it has the capacity to dial numbers without human intervention.” This left open a broad scope of what could potentially be considered an autodialer based on whether a certain device had the requisite capacity.
      2. Consent
        The TCPA specifically permits autodialer calls “made with the prior express consent of the called party.” Thus, if the “called party” for the purposes of TCPA compliance refers to the intended recipient of a call or message, a caller would face no liability when using an autodialer to call a number believed to belong to a consenting party, even if the number in fact had been reassigned to another person who has not consented. However, in its ruling, the FCC determined that the term “called party” refers instead to “the current subscriber” (i.e., the current, nonconsenting holder of a reassigned number rather than a consenting party who previously held the number). An unknown caller who lacks “knowledge of [the] reassignment” and possesses “a reasonable basis to believe that they have valid consent,” was allowed only one liability-free, post-reassignment call.
      3. Revocation of Consent
        The FCC declined to prescribe a set of mandatory revocation procedures but opined that the callers may not unilaterally designate the acceptable means of revocation. Instead, the FCC concluded that “a called party may revoke consent at any time and through any reasonable means”—whether orally or in writing—“that clearly expresses a desire not to receive further messages.” The FCC also placed no affirmative duty on new subscribers to inform the caller that the number had been reassigned.
    2. Litigation in the aftermath of the 2015 FCC Ruling
      Following the FCC’s 2015 Ruling, the resulting uncertainty surrounding the scope and parameters of compliance left companies vulnerable to significant exposure under the TCPA. TCPA litigation skyrocketed, increasing by 46%.  In fact, TCPA cases filed between August 1, 2015 and December 31, 2016 alone totaled at least 3,121, with estimates much higher when taking into account docketing limitations. Over 1,000 of these lawsuits were class action lawsuits seeking damage awards in the millions.
      A recent example: third-party travel agency Resort Marketing Group (RMG) settled a class-action lawsuit establishing a fund of at least $7 million, up to $12.5 million based on the allegations that pre-recorded robocalls to consumers from 2009 – 2014 offering free cruises violated the TCPA. The RMG settlement is not extraordinary. TCPA violations are hot ticket class-actions, leaving companies in nearly every major industry exposed. The Seventh Circuit even noted that “the TCPA is nailing the little guy, while plaintiffs’ attorneys take a big cut.”
      When settlement does not occur, the economic consequences can be equally, if not more, catastrophic. For example, in January 2017, a jury delivered a $20.5 million verdict against DISH Network, finding it vicariously liable for 51,000 calls made by one of its retailers. Though the jury awarded only $400 for each call, the judge issued an order applying treble damages for willfulness, increasing the total damages awarded to $61 million.
      With uncapped treble damages at stake, why are companies still failing to comply with the TCPA? Simple: many companies do not know how to comply. In a world of constantly advancing technology, the language of the TCPA alone offers insufficient guidance, and the 2015 FCC Ruling only muddied the waters. Something needed to change.
    3. ACA International v. Federal Communications Commission
      The 2015 FCC Ruling was challenged in the case of ACA International v. FCC (885 F.3d 687 (D.C. Cir. 2018).  The appeal requested clarity on critical TCPA terms, including the definition of “autodialer” and what has the capacity to fall under that definition. The appeal also addressed number reassignment and the “reasonable reliance” approach to express consent and revocation.  Oral arguments were heard on October 19, 2016 and the D.C. Circuit waited nearly a year and a half before issuing its opinion. There was hope that the D.C. Circuit would use this opportunity to clear up the critical areas of uncertainty and confusion created by the broad 2015 ruling.  Instead of clarifying, the Court largely punted on these issues, sending them back to the FCC.  Nonetheless, the decision was still generally positive for businesses.

      1. Automatic Telephone Dialing System (“ATDS”)
        The Court struck down the FCC’s interpretation of an autodialer altogether, citing that the FCC’s interpretation was overly broad. The court also noted that the focus on capacity was too far reaching and could arguably be interpreted to include any smartphone.
      2. Consent
        The Court set aside the portion of the FCC’s ruling concerning express consent for reassigned numbers and revoked the one-call safe harbor rule.  In doing so, the Court found that the FCC was not compelled to interpret “called party” with “intended recipient,” and that it was arbitrary and capricious for the FCC to conclude that one attempt was likely to afford a caller reasonable notice that a number had changed hands. It is important to note that in setting aside the FCC’s treatment of reassigned numbers generally, the Court accepted the notion that a caller can, in fact, reasonably rely on consent afforded by a previous subscriber.
      3. Revocation of Consent
        The Court upheld the FCC’s determination that in choosing to revoke consent, consumers must have a “reasonable expectation” that the chosen method “effectively communicate[d]” revocation. In other words, the consumer may choose the manner they reasonably expect will effectively communicate revocation. For example, the consumer need not expressly state, orally or in writing, “stop calling me” or “take me of your list.” Something more innocuous may suffice, but “creative” efforts may not be permissible.
        The Court affirmed that the FCC’s ruling precludes callers from unilaterally imposing revocation methods. However, the Court distinguished that the revocation rule does not apply where revocation methods are mutually adopted by contracting parties, noting that nothing in the FCC’s ruling should be understood to apply to a consumer and caller’s ability to agree upon revocation procedures.
  4. TCPA Best Practices
    The ball is back in the FCC’s court to once again address the TCPA. Notwithstanding, prevention is always the best practice. Businesses must always obtain appropriate consent from all consumers and ensure compliance with all critical components of the TCPA.

    1. Consent
      1. Marketing Communications
        There should be a written agreement, signed by the consumer, which includes:

        • Specific authorization for telemarketing communications to mobile device(s) and residential phone(s) by use of automatic dialing, messaging, or prerecorded voice;
        • Each specific telephone number(s) authorized to receive such contact;
        • A provision that consent is not a condition of the purchase/transaction;
        • Express provision specifying reasonable method(s) for consent revocation.

        The language should be bold, in easily readable typeface, and should clearly define the methods of revocation. It may be beneficial to have a separate page or signed agreement that contains this one clause only.  This would be simple to implement in a “click through” electronic scenario. If sending SMS texts, option to “STOP” should be included in each communication.

      2. Non-marketing Communications
        For all non-marketing communications, ensure that there is similar language in the agreement that includes:

        • Specific authorization to contact mobile device(s) and residential phone using automatic dialing, messaging, or prerecorded voice;
        • Each specific telephone number(s) authorized to receive such contact;
        • Express provision specifying method(s) for revocation of consent.

        Again, the language should be bold, in easily readable typeface, and should clearly define the methods of revocation. It may be beneficial to have a separate page or signed agreement that contains this one clause only.  This would be simple to implement in a “click through” electronic scenario. If sending SMS texts, option to “STOP” should be included in each transmitted message.

      3. Established Business Relationship & Debt Collection
        The FCC’s regulations specifically exempt calls “made to any person with whom the caller has an established business relationship” and calls “made for a commercial purpose [that do] not include or introduce an unsolicited advertisement or constitute a telephone solicitation. It is important to note, however, that there is no established business relationship or debt collection exemption that applies to calls made to cellular phones.A consumer can revoke consent when there is an established business relationship. A consumer may not unilaterally do so, however, when the consent is given, “not gratuitously, but as bargained -for consideration in a bilateral contract.” To account for these nuances, contracts or agreements with consumers should also contain a specific clause or term that includes:

        • Specific authorization for telemarketing communications to mobile device(s) and residential phone(s) by use of automatic dialing, messaging, or prerecorded voice;
        • Each specific telephone number(s) authorized to receive such contact;
        • A provision that consent is not a condition of the purchase/transaction;
        • Express provision specifying reasonable method(s) for revocation of consent.
    2. Compliance Records & Procedures
      1. TCPA Compliance
        • Maintain written records of consumer consent and opt-outs.
        • Create and enforce simple opt-out mechanisms and procedures.
        • Ensure clear communication of opt-out notice requirements.
        • Create internal procedures to ensure proper recording and reference to the consent and opt-out records before communications are initiated.
      2. National Do-Not-Call Registry Compliance
        • Maintain written procedures for checking the registry.
        • Train appropriate employees or agents on registry compliance.
        • Maintain an internal, company-specific do-not-call list for those consumers who have requested not to be contacted.
    3. Preemptive Practices
      • Avoid excessive, repetitive, communications. Consumers are less likely to bring suits if communications are not excessive.
      • Initiate communications at reasonable hours. No telemarketing calls before 8:00am or after 9:00pm local time at the recipient’s location.
    4. Insurance
      Businesses should consult with their insurance brokers to determine whether their coverage covers TCPA violations. Many insurance policies contain exemptions for privacy violations and willful violations, among others, which could leave a business without coverage and on the hook for a costly penalty. Business should seek out insurance coverage that either expressly covers TCPA violations or obtain a specific endorsement that provides coverage for TCPA violations.