InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
New York enacts robocall measures
On November 8, the New York governor signed measures to help prevent robocalls and increase consumer protections. The measures build upon federal actions to combat robocalls and “will enable telecom companies to prevent these calls from coming in in the first place, as well as empower our state government to ensure that voice service providers are validating who is making these calls so enforcement action can be taken against bad actors,” Governor Kathy Hochul stated.
S.6267a requires telecommunication companies to block certain calls, including those from (i) numbers that are not valid North American numbering plan numbers; (ii) numbers that are not allocated to a provider by the North American numbering plan administrator or the pooling administrator; and (iii) unused numbers that are allocated to a provider. According to the governor’s press release, the act codifies into state law the provisions of an FCC 2017 rule that took effect in June 2021 and allows telecommunications companies to proactively block calls from certain numbers. (Covered by InfoBytes here.) These types of numbers, the release states, “are indicative of ‘spoofing’ schemes in which the true caller identity is masked behind a fake, invalid number.” The act takes effect immediately.
The second act, S.4281a, requires voice services providers to authenticate calls using the STIR/SHAKEN call authentication framework. As previously covered by InfoBytes, in 2020, the FCC, pursuant to the TRACED Act, adopted new rules requiring providers to implement the STIR/SHAKEN framework by June 2021. Under New York’s new measure, providers have up to 12 months to implement this framework or an “alternative technology that provides comparable or superior capability to verify and authenticate caller identification in the internet protocol networks of voice service providers.” Violators face a fine of up to $100,000 for each offense per day that the framework is not in place. This act is also effective immediately.
FTC increases dark patterns enforcement
On October 28, the FTC announced a new enforcement policy statement warning companies against using illegal dark patterns that could “trick or trap consumers into subscription services” which are sometimes used by sellers in automatic renewal subscriptions, continuity plans, free-to-pay or free-to-pay conversions, and pre-notification plans. According to the FTC, the agency is enhancing its enforcement due to increasing complaints about the financial harms caused by deceptive sign-up tactics, including unauthorized charges or continuous billing that is impossible to cancel. The policy statement, among other things, “puts companies on notice that they will face legal action if their sign-up process fails to provide clear, up-front information, obtain consumers’ informed consent, and make cancellation easy.” According to the enforcement policy statement, businesses are required to follow three requirements, or be subject to law enforcement action: (i) disclose clearly and conspicuously all material terms of the product or service; (ii) receive the consumer’s express informed consent prior to charging them for a product or service; and (iii) provide easy and simple cancellation to the consumer.
District Court approves order permanently banning defendants from making robocalls
On October 21, the U.S. District Court for the Middle District of Florida issued an order approving a permanent injunction and $6.4 million civil money penalty against the remaining participants in a cruise line telemarketing operation allegedly aimed at marketing free cruise packages to consumers. In January, the FTC filed a complaint against the defendants (two individuals and five companies they controlled, including the cruise line) for their alleged involvement in the telemarketing operation. As previously covered by InfoBytes, the complaint asserted violations of the FTC Act and the Telemarketing Sales Rule. The same day the complaint was filed, the FTC announced that it had entered into two settlement agreements—one with a call center and two individuals, and one with an additional individual—for their roles in the telemarketing operation. The court’s October order follows a recent FTC announcement (covered by InfoBytes here), indicating it had reached an agreement with the defendants who neither admitted nor denied the allegations. The court’s order requires the individual defendants to cooperate with any future FTC investigations and to disclose “the contents of their auto-dialed, telemarketing, or pre-recorded telephone communications and records or other information pertaining to [the] autodialed, telemarketing, or pre-recorded telephone communications.” The order also suspends the $6.4 million civil money penalty after the two individual defendants each pay $50,000 to the Treasury Department.
FCC proposes obligations on international robocalls
On October 1, the FCC released a notice of proposed rulemaking (NPRM) to impose obligations on gateway providers to prevent illegal robocalls originating abroad from reaching U.S. consumers and businesses. Among other things, the NPRM seeks to require domestic gateway providers “to apply STIR/SHAKEN caller ID authentication to, and perform robocall mitigation on, foreign-originated calls with U.S. numbers.” As previously covered by InfoBytes, the STIR/SHAKEN framework addresses “unlawful spoofing by confirming that a call actually comes from the number indicated in the Caller ID, or at least that the call entered the US network through a particular voice service provider or gateway.” According to the FCC, the STIR/SHAKEN framework decreases illegal spoofing, provides assistance to law enforcement, and strengthens voice service providers’ blocking of robocalls using illegally spoofed caller ID information. The notice also proposes ensuring that gateway providers are engaged in the fight against illegal robocalls by requiring them to timely respond to traceback requests, which are utilized to block illegal robocalls and inform FCC enforcement investigations. Additionally, the NPRM seeks to require that both the gateway provider and the network accepting questionable traffic from the gateway provider actively block such calls. In a statement, acting Chairwoman Jessica Rosenworcel stated that such measures “will help [the FCC] tackle the growing number of international robocalls.” Comments on the proposed rules are due 30 days after the date of publication in the Federal Register.
6th Circuit: TCPA robocall claims not invalidated by severance of 2015 amendment in AAPC
On September 9, the U.S. Court of Appeals for the Sixth Circuit determined that the U.S. Supreme Court’s decision in Barr v. American Association of Political Consultants Inc. (AAPC) (covered by InfoBytes here, which held that the government-debt exception in Section 227(b)(1)(A)(iii) of the TCPA is an unconstitutional content-based speech restriction and severed the provision from the statute) does not invalidate a plaintiff’s TCPA claims concerning robocalls he received prior to the Court issuing its decision. In the current matter, the plaintiff filed a proposed class action alleging violations of the TCPA’s robocall restriction after he received two robocalls from the defendant in late 2019 and early 2020 advertising its electricity services. Following the Court’s decision in AAPC, the district court granted the defendant’s motion to dismiss, ruling that because severance of the exception in AAPC only operates prospectively, “the robocall restriction was unconstitutional and therefore ‘void’ for the period the exception was on the books.” As such, the district court concluded that because the robocall restriction was void, it could not provide a basis for federal-question jurisdiction for alleged TCPA robocall violations arising before the Court severed the exception.
On appeal, the 6th Circuit conducted a severability analysis, holding that the district court erred in concluding that the court, in AAPC, offered “‘a remedy in the form of eliminating the content-based restriction' from the TCPA.” Rather, the appellate court pointed out that “the Court recognized only that the Constitution had ‘automatically displace[d]’ the government-debt-collector exception from the start, then interpreted what the statute has always meant in its absence,” adding that the legal determination in AAPC applied retroactively and did not render the entire TCPA robocall restriction void until the exception was severed by the court. A First Amendment defense presented by the defendant premised on the argument that “government-debt collectors have a due-process defense to liability because they did not have fair notice of their actions’ unlawfulness” for robocalls placed before AAPC was also rejected. The 6th Circuit opinion emphasized that “[w]hether a debt collector had fair notice that it faced punishment for making robocalls turns on whether it reasonably believed that the statute expressly permitted its conduct. That, in turn, will likely depend in part on whether the debt collector used robocalls to collect government debt or non-government debt. But applying the speech-neutral fair-notice defense in the speech context does not transform it into a speech restriction.”
FTC reaches $6.4 million settlement with remaining defendants in robocalling suit
On September 20, the FTC announced a proposed settlement order resolving charges against the remaining participants in a cruise line telemarketing operation allegedly aimed at marketing free cruise packages to consumers. The FTC alleged the defendants participated in unfair acts or practices in violation of the FTC Act and the Telemarketing Sales Rule (TSR) by, among other things, placing illegal telemarketing robocalls, calling phone numbers on the FTC’s Do No Call Registry, calling consumers who asked not to be called, and transmitting false caller ID information. Under the proposed order, the defendants are permanently banned from engaging in or making telemarketing robocalls, and are also banned from engaging in abusive telemarketing, calling numbers on the Do Not Call Registry (unless express consent is given or other conditions are met), blocking or misrepresenting caller ID information, and violating the TSR. The order also imposes a $6.4 million civil money penalty against the defendants, which will be partially waived once the two individual defendants who controlled four of the corporations involved in the operation each pay a $50,000 civil money penalty. Two other settlement agreements were reached in 2020 with the other defendants (covered by InfoBytes here).
FCC proposes largest TCPA robocall fine
On August 24, the FCC released a proposed total fine of more than $5.1 million against two consultants and their firm for allegedly violating the TCPA by making 1,141 unlawful robocalls to wireless phones without prior express consent. According to the FCC, the robocalls utilized messages informing “potential voters that, if they vote by mail, their ‘personal information will be part of a public database that will be used by police departments to track down old warrants and be used by credit card companies to collect outstanding debts.’” As previously covered by InfoBytes, the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act amended the TCPA to not require the FCC to warn robocallers before violations could be counted toward a proposed fine. The recent action is the first the agency has taken regarding the amendment. According to a statement by the FCC acting Chairwoman Jessica Rosenworcel, the agency is “stepping up its efforts to combat illegal robocalls.”
9th Circuit revives TCPA suit against insurance servicer
On August 10, the U.S. Court of Appeals for the 9th Circuit revived a lawsuit against an insurance servicing company (defendant) for allegedly using both an automated telephone dialing system and an artificial or pre-recorded voice to place a job-recruitment call without obtaining the plaintiff’s consent. According to the opinion, the plaintiff filed a suit alleging, among other things, TCPA violations after receiving the pre-recorded voicemail from the defendant regarding his “industry experience” and that the defendant is “looking to partner with select advisors in the Los Angeles area.” The district court dismissed the plaintiff’s action under Federal Rule of Civil Procedure 12(b)(6) for failing “to state a claim upon which relief can be granted,” holding that the TCPA and the relevant implementing regulation do not prohibit conducting job recruitment robocalls to a cellular telephone number. In addition, the district court “read the Act as prohibiting robocalls to cell phones only when the calls include an ‘advertisement’ or constitute ‘telemarketing,’ as those terms have been defined” by the FCC. The court found that since the plaintiff admitted that the job recruitment call he received did not involve advertising or telemarketing, he had not adequately pleaded a violation of the TCPA.
On the appeal, a three-judge panel of the 9th Circuit determined that the district court misread the TCPA and the implementing regulation when dismissing the plaintiff’s suit and remanded the case for further proceedings. The appellate court noted that the FCC provision was intended to tighten the consent requirement for robocalls that involve advertising or telemarketing, but the lower court incorrectly perceived the provision as “effectively removing robocalls to cellphones from the scope of the TCPA’s coverage unless the calls involve advertising or telemarketing.” Moreover, the panel wrote that “[t]he applicable statutory provision prohibits in plain terms ‘any call,’ regardless of content, that is made to a cellphone using an automatic telephone dialing system or an artificial or pre-recorded voice, unless the call is made either for emergency purposes or with the prior express consent of the person being called.”
State AGs ask for faster implementation of STIR/SHAKEN
On August 9, state attorneys general from all 50 states and the District of Columbia, through the National Association of Attorneys General, sent a letter to the FCC urging the Commission to confront illegal robocalls by moving the deadline for smaller telephone companies to implement caller ID technology, STIR/SHAKEN, by June 30, 2022 at the latest. The TRACED Act (the Act), which became law in 2019 (covered by InfoBytes here), requires phone companies to implement STIR/SHAKEN technology on their networks to ensure that telephone calls are originating from verified numbers, not spoofed sources. As previously covered by InfoBytes, the STIR/SHAKEN caller ID authentication framework is an “industry-developed system to authenticate Caller ID and address unlawful spoofing by confirming that a call actually comes from the number indicated in the Caller ID, or at least that the call entered the US network through a particular voice service provider or gateway.” Currently under the Act, large companies are required to implement the technology by June 2021, and smaller voice service providers have until June 2023. According to the letter, the state attorney generals’ advocate that “[r]emoving — or, at least, curtailing — the Commission's blanket extension for small voice service providers that flout the commission's largess by perpetrating this high-volume traffic would truly serve the purpose of the TRACED Act: ‘to deter criminal robocall violations and improve enforcement’ of the TCPA.”
FCC takes action against robocalls
On August 5, the FCC announced a “fair and consistent” process for reviewing actions regarding a voice service provider’s ability to comply with the FCC’s anti-spoofing caller ID authentication rules. FCC rules require broad implementation of the STIR/SHAKEN caller ID authentication framework on voice service providers’ IP networks. As previously covered by InfoBytes, the STIR/SHAKEN framework addresses, among other things, “unlawful spoofing by confirming that a call actually comes from the number indicated in the Caller ID, or at least that the call entered the US network through a particular voice service provider or gateway.” Since June 30, all major phone companies are using the STIR/SHAKEN caller ID authentication framework in their IP networks (covered by InfoBytes here). To combat illegal spoofing, the STIR/SHAKEN standards are considered a common digital language utilized by phone networks, which facilitates valid information to be passed from provider to provider. The standards also allow most caller ID information to be verified for providers and third-party consumer protection services to use that information to inform call blocking or warning services to protect customers. According to the FCC, “[t]he widespread implementation of STIR/SHAKEN is a major step forward in the FCC’s fight against malicious spoofing and scam robocalls.”