Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • FCC partners with two U.K. regulators in combating privacy issues and protecting consumer data

    Privacy, Cyber Risk & Data Security

    Recently, the FCC announced (here and here) that it has partnered with two U.K. communications regulatory agencies to address issues regarding privacy and data protection in telecommunications. The FCC announced two separate statements because the two U.K. regulators perform different duties: the first announcement is with the U.K. Information Commissioner’s Office (ICO), which regulates data protection and information rights; the second is with the U.K.’s Office of Communications (OFCOM) which regulates telecommunications. Both announcements highlighted a strengthening of resources and networks to protect consumers on an international scale, given the large amounts of data shared via international telecom carriers.

    The FCC’s announcement with ICO explained that the partnership would be focused on combatting robocall and robotext efforts, as well as finding means to better protect consumer privacy and data concerns. In the FCC’s announcement with the OFCOM, the U.S. regulator announced a new collaboration to combat illegal robocalls and robotexts given the two countries’ shared interest in investigating networking abuses. The FCC elaborated on its desire to bolster requirements for gateway providers: this is the “on-ramp” for international internet traffic into U.S. networks. 

    Privacy, Cyber Risk & Data Security FCC UK Of Interest to Non-US Persons Privacy Data Protection

  • FCC’s Rosenworcel relaunches Consumer Advisory Committee; focuses on AI consumer issues

    Privacy, Cyber Risk & Data Security

    On February 20, the Chairwoman of the FCC, Jessica Rosenworcel, announced that the FCC will relaunch the Consumer Advisory Committee (CAC). The CAC will focus on how emerging artificial intelligence (AI) technologies implicate consumers’ privacies and protections, such as how the FCC can better protect consumers against “unwanted and illegal” calls, among other things. The CAC is a committee with 28 members comprising companies, non-profit entities, trade organizations, and individuals; a full list of members is found here. The first meeting is on April 4, at 10:30 a.m., Eastern Time, and will be open to the public via a live broadcast.

    Privacy, Cyber Risk & Data Security FCC Advisory Committee Artificial Intelligence Privacy

  • FCC adopts rule on robocalls and robotexts, includes NPR on TCPA applicability

    Agency Rule-Making & Guidance

    On February 15, the FCC adopted a rule to protect consumers from robocalls and robotexts. According to the rule, robocallers and robotexters must honor do-not-call and consent revocation requests within 10 business days from receipt. In addition, the rule will allow consumers to revoke consent under the TCPA through any unreasonable means and will clarify that the TCPA would not be violated when a one-time text message is sent confirming a consumer’s request that no further text messages be sent if the confirmation text only confirms the opt-out request and does not include marketing information.

    The new rule clarified that revocation of consent can be made via automated methods such as interactive voice responses, key press activation on robocalls, responding with “stop” or similar messages to text messages, or using designated website or phone numbers provided by the caller all will constitute reasonable means to revoke consent. If a called party uses any of these designated methods to revoke consent, it will be considered definitively revoked, and future robocalls and robotexts from that caller must cease. The caller cannot claim that the use of such a mechanism by the called party is unreasonable. Any revocation request made through these specified means will be considered “absolute proof” of the called party's reasonable intent to revoke consent. Furthermore, when a consumer uses a method other than those discussed in the rule to revoke consent, “doing so creates a rebuttable presumption that the consumer has revoked consent when the called party satisfies their obligation to produce evidence that such a request has been made, absent evidence to the contrary.”

    The Commission also included a notice of proposed rulemaking, seeking comment on “whether the TCPA applies to robocalls and robotexts from wireless providers to their own subscribers and whether consumers should have the ability to revoke consent and stop such communications.” The rule will go into effect 30 days after publication in the Federal Register, except for certain amendments that will not be effective until six months following OMB review. 

    Agency Rule-Making & Guidance Federal Issues NPR TCPA FCC Robocalls Opt-Out Consumer Protection

  • FCC ruling determines AI calls are subject to TCPA regulations

    Federal Issues

    On February 8, the FCC announced the unanimous adoption of a declaratory ruling that recognizes calls made with AI-generated voices are “artificial” under the Telephone Consumer Protection Act (TCPA). The declaratory ruling notes that the TCPA prohibits initiating “any telephone call to any residential telephone line using an artificial or prerecorded voice to deliver a message without the prior express consent of the called party” unless certain exceptions apply. The TCPA also prohibited “any non-emergency call made using an automatic telephone dialing system or an artificial or prerecorded voice to certain specified categories of telephone numbers including emergency lines and wireless numbers.”

    The ruling, effective immediately, deemed voice cloning and similar AI technologies to be artificial voice messages under the TCPA, subject to its regulations. Therefore, prior express consent from the called party is required before making such calls. Additionally, callers using AI technology must provide identification and disclosure information and offer opt-out methods for telemarketing calls.

    This ruling provided State Attorneys General nationwide with additional resources to pursue perpetrators responsible for these robocalls. This action followed the Commission’s November proposed inquiry for how AI could impact unwanted robocalls and texts (announcement covered by InfoBytes here).

    Federal Issues Agency Rule-Making & Guidance Artificial Intelligence FCC TCPA Consumer Protection

  • FCC Chairwoman proposes making all AI-generated robocalls “illegal” to help State Attorneys General

    Agency Rule-Making & Guidance

    On January 31, FCC Chairwoman, Jessica Rosenworcel, released a statement proposing that the FCC “recognize calls made with AI-generated voices are ‘artificial’ voices under the Telephone Consumer Protection Act (TCPA), which would make voice cloning technology used in common robocalls scams targeting consumers illegal.” Specifically, the FCC’s proposal would make voice cloning technology used in robocall scams illegal, which has been used to impersonate celebrities, political candidates, and even close family members. Chairwoman Rosenworcel stated, “No matter what celebrity or politician you favor… it is possible we could all be a target of these faked calls… That’s why the FCC is taking steps to recognize this emerging technology as illegal… giving our partners at State Attorneys General offices… new tools they can use to crack down on these scams and protect customers.”

    This action comes after the FCC released a Notice of Inquiry last month where the FCC received comments from 26 State Attorneys General to understand how the FCC can better protect consumers from AI-generated telemarking, as covered by InfoBytes here. This is not the first time the FCC has targeted robocallers: as previously covered by InfoBytes in October 2023, the FCC proposed an inquiry into how AI is used to create unwanted robocalls and texts; in September 2023, the FCC updated its rules to curb robocalls under the Voice over Internet Protocol, covered here.

    Agency Rule-Making & Guidance FCC TCPA Artificial Intelligence Robocalls State Attorney General

  • 26 State Attorneys General opine on FCC’s Notice of Inquiry regarding AI telemarketing

    Federal Issues

    On January 17, the State Attorneys General from 26 states submitted reply comments to the FCC’s Notice of Inquiry (the Notice) on how artificial intelligence (AI) technologies are impacting consumers. The information gleaned in response to the Notice is intended to help the FCC better protect consumers from AI-generated telemarketing in violation of the TCPA. The State AGs urged that any AI-generated voice should be considered an “artificial voice” under the TCPA to avoid “opening the door to potential, future rulemaking proceedings” that allow telemarketing agencies to use AI-assisted technologies in outbound calls without the prior written consent of a consumer. 

    Federal Issues State Attorney General FCC Artificial Intelligence Telemarketing TCPA

  • FCC adopts updated data breach notification rules

    Agency Rule-Making & Guidance

    On December 21, 2023, the FCC announced it adopted an updated data breach notifications rule. The rule was formerly designed to protect consumers against pretexting, “a practice in which a scammer pretends to be a particular customer or other authorized person to obtain access to that customer’s call detail or other private communications records.” As previously covered by InfoBytes, the FCC promulgated its notice of proposed rulemaking in January 2023. The rule has been updated to expand the data breach notification requirements to, among other things: (i) cover different categories of personally identifiable information that carriers hold; (ii) expand the definition of “breach” to cover unintended disclosures of consumer information, except in situations where such information is obtained in good faith by an employee or representative of a carrier or telecommunications relay service (“TRS”) provider, and where there’s no improper use or further disclosure of that information; (iii) require TRS providers and carriers to notify the FCC, FBI, and U.S. Secret Service as soon as practicable and no later than seven business days after the reasonable determination of a breach; (iv) no longer require TRS providers and carriers to notify consumers of a data breach if they reasonably determine no harm to consumers is reasonably likely; and (v) no longer require carriers to follow a mandatory waiting period to notify consumers of a breach. FCC Chairwoman Jessica Rosenworcel said in her statement that the update to the data breach policy is the first in 16 years and that under the Communications Act, “carriers have a duty to protect the privacy and security of consumer data.” The rule was adopted on December 13, 2023. 

    Agency Rule-Making & Guidance FCC Data Data Breach

  • FCC’s proposes inquiry on AI’s role in unwanted robocalls and texts

    Federal Issues

    On October 20, FCC Chairwoman Rosenworcel announced a proposed inquiry for how artificial intelligence could impact unwanted robocalls and texts. If adopted during the Commission’s forthcoming public open meeting on November 15, 2023, this proposal will initiate an examination of how the use of AI technologies could impact regulation under the Telephone Consumer Protection Act (TCPA). Specifically, the inquiry would seek public comment on (i) how AI technology fits into the commission’s duties outlined in the TCPA; (ii) the circumstances under which future AI technology would fall under TCPA; (iii) the influence of AI on existing regulatory structures and the development of future policies; (iv) whether the commission should explore methods of verifying the legitimacy of AI-generated voice or text content from reliable sources; and (v) next steps.

    Federal Issues Robocalls AI TCPA FCC Consumer Protection

  • FCC updates rules to curb robocallers

    Federal Issues

    On September 21, the FCC adopted rules that would strengthen and modernize the requirements that providers under the Voice over Internet Protocol (VoIP) need to abide by to obtain direct access to telephone numbers. The rules impose guardrails to make it more difficult for those who make illegal robocalls to access telephone numbers, which the FCC stated helps to protect national security and law enforcement, safeguard the nation’s finite numbering resources, reduce the opportunity for regulatory arbitrage, and further promote public safety. The FCC finalized the rules after the FCC sought comment in 2021 under the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act, which directed the FCC to examine its rules regarding direct access to telephone numbers.

    The rules require an applicant seeking direct access to telephone numbers to:

    • Provide certifications regarding its compliance with FCC robocall rules, FCC interconnected VoIP provider rules, and timely filing of FCC Forms 477 and 499.
    • Submit disclosures on and continue to update its ownership structure, including related foreign entities, to reduce the risk that U.S. numbering resources reach bad actors abroad.
    • Comply with applicable business-related state laws and registration requirements.

    The rules codify the FCC’s role in completing direct access application review and rejection and the authorization revocation process.

    Additionally, the rules instruct the North American Numbering Council to study numbering use to inform the FCC’s future rulemaking. The rules also seek comments on a variety of topics, including further reforms on new direct access applications, duties of existing direct access authorization holders, and whether direct access applicants should disclose a list of states where they will provide initial services.

    The rules will take effect 30 days after publication in the Federal Register.

     

    Federal Issues Agency Rule-Making & Guidance FCC Robocalls Consumer Protection

  • 9th Circuit affirms TCPA dismissal

    Courts

    On August 8, the Ninth Circuit affirmed a district court’s dismissal of a cause of action under the TCPA, wherein the plaintiff alleged that the defendant sent her three mass marketing text messages that utilized “prerecorded voice[s]” even though there was no audible component.  Under the TCPA, it is unlawful “to make any call (other than a call made for emergency purposes or made with the prior express consent of the called party) using…an artificial or prerecorded voice” to a cell phone. In affirming the dismissal, the 9th Circuit reasoned that the ordinary meaning of “voice” encompasses only audible sounds, and that the context of the statute confirmed the ordinary meaning.  Specifically, it noted that Congress defined “caller identification information” as “information regarding the origination of a call made using a voice service or a text message sent using a text messaging service.” The court reasoned that if Congress intended “voice” to include inaudible text messages, the term “text message” would be surplusage and “Congress would have written the statute in a manner contrary to a basic canon of statutory interpretation.” The 9th Circuit went on to reject plaintiff’s remaining arguments, including plaintiff’s legislative history and FCC deference arguments because the statute was unambiguous.

    Courts TCPA Appellate FCC

Pages

Upcoming Events