By: Richard Borden, Lori Smith and Kate Woods
On March 16, 2018, the US Court of Appeals for the District of Columbia Circuit released its much anticipated ruling in ACA International, et al., v. Federal Communications Commission rejecting the expansive definition of automated telephone dialing system (ATDS) and setting aside the “one-call safe harbor rule” for reassigned cell phone numbers set forth in the Federal Communications Commission’s (the “Commission” or “FCC”) July 2015 Declaratory Ruling and Order interpreting the Telephone Consumer Protection Act (TCPA). The court also upheld the scope of the Commission’s exemption to the prohibition of robo-calls specifically for healthcare-related calls of a time sensitive nature.
The court ruling attempted to balance consumer privacy and consent rights with reasonable standards of behavior in pursuing business activities. It remains to be seen whether it will provide more clarity or bring balance to the application of the FCC’s rules regarding the TCPA, or instead create further confusion and potential litigation.
ATDS Refined and Defined
ATDS is defined in the TCPA as equipment with the “capacity to store or produce telephone numbers to be called using a random or sequential number generator…and to dial such numbers.” The Commission, in looking to curb TCPA litigation and attempting to clarify the definition, broadly interpreted “capacity” within the TCPA’s definition of ATDS to include any “potential” capabilities, including such capabilities gained through added smartphone apps, software changes, or other updates. Rather than clarifying the definition, the FCC Order actually created more confusion and resulted in costly litigation over the issue of whether a device had present or potential capacity to be operated as an ATDS. The court found the interpretation to be too expansive. In a robust and detailed analysis, the court, among other findings, pointed out that such an interpretation effectively renders any smartphone an ATDS – and any smartphone potentially in jeopardy of violating the TCPA simply by extending a party or other social get-together invitation to a new (or old) acquaintance who had not previously expressly consented to receiving such an invitation by text. The court further noted that under the FCC Order, any smartphone could be an ATDS simply because its owner could download an auto-dialer app.
Reassigned Telephone Numbers
Cell phone numbers are reassigned every day in the US and throughout the world. As a result, businesses previously having obtained consent to call a telephone number are subject to penalties associated with violation of the TCPA almost immediately upon such reassignment to a person from whom the business has not obtained consent to call.
Under the FCC Order, businesses were deemed to require the consent of the “actual” party reached by the call – it was ruled insufficient to have the consent of the party that had previously owned the number. Failure to obtain such consent from the party to whom the number had been reassigned was deemed a violation of the TCPA, with one exception: the Commission ruled that callers had a single opportunity – one call post-reassignment – to uncover reassignment, obtain consent (if applicable) or cease and desist from any additional calls to the reassigned telephone number. This included calls made with no answer or calls made in which the person contacted did not acknowledge or inform the caller of the reassignment of the telephone number.
The court, finding the Commission’s logic to be flawed, in both its chosen definition of “called party” and its “one call post-reassignment” safe harbor rule, set aside the Commission’s treatment of reassigned numbers in its entirety, duly noting the Commission’s current and ongoing work to design a feasible system for service providers to report reassigned numbers and an accessible central repository of such information.
Revocation of Consent
The court upheld consumers’ rights to revoke consent. The Commission’s position has been and continues to be that individual consumers have the right to revoke consent previously given by any reasonable means so long as the individual clearly communicates the desire to not receive future calls, orally or in writing. The Commission’s stance has been that a company may not unilaterally determine a singular proscriptive method of revocation.
Opponents of the Commission’s ruling cited the potential for enterprising individuals to engage in behaviors meant to induce a caller to violate the TCPA, albeit unknowingly, through use of “creative” means of revocation communication.
The court found such reasoning to be a stretch, pointing out that an individual using “creative” or “unconventional” methods of revocation likely does not have a “reasonable expectation” of effective delivery of revocation. Thus, the court upheld the fundamental right to change one’s mind and the consumers’ right to be left alone and free of the harassment of “nuisance” calls.
The court remained silent as to whether parties could willingly limit such rights through use of contract and the assignment of a specific methodology for revocation of consent. Accordingly, to ensure compliance, companies should endeavor to make available and publicize multiple methods and opportunities for revocation of consent within their domains.
Healthcare-Related Calls: A Permissible Exemption
The Commission previously established an exemption to the consent requirement for robo-calls in 2012 specifically regarding calls to landlines when the call was covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Commission, in its 2015 Ruling and Order, further extended a limited exemption to include calls to cell phones. The Commission’s 2015 exemption applies only to healthcare-related calls; it does not include calls related to payment, billing or account issues.
Opponents of the Commission’s position on this point argued that the Commission’s exemption conflicted with HIPAA, arguing that HIPAA generally permits use or disclosure of protected health information “for treatment, payment, or health care operations” and that the Commission must also include all healthcare-related calls as “emergency” calls under the TCPA, including calls related to payment or billing within the exemption from the TCPA consent requirement.
The court declined to support this argument, recognizing the Commission’s authority to reasonably find that calls to cell phones constitute a greater invasion of privacy than calls of a similar nature to landlines. The court further pointed out that billing and outstanding account calls are simply not as urgent as healthcare matters and do not warrant the invasion of privacy or allowance of “bombard(ing) nonconsenting wireless users with calls and texts concerning outstanding charges without incurring TCPA liability.”
It is unclear where this leaves parties who make auto-dialed calls as part of their business activities. In rejecting the FCC Order’s attempts to clarify the definition of an ATDS, businesses are left to rely on the statutory definition without further clarification. This may lead to further action by the FCC or the court. In tossing the one-call safe harbor, businesses that make auto-dialed calls or text messages to cell phones that may be associated with reassigned numbers may be open to new avenues of attack and additional litigation.
A number of TCPA cases were stayed awaiting this decision and it is anticipated that these stays will now be lifted. These decisions, to the extent they are pro-business, may lead to attempts to settle quickly wrong number cases.
While the decision did affirm certain of the Commission’s rulings directly related to affording protections to consumers from unwanted and unsolicited robo-calls and set aside some of the over-expansive and untenable rulings relating to operationalizing TCPA requirements, the main takeaway from this case for the business community may simply be that businesses will need to be more diligent in periodically reviewing and verifying cell phone numbers and reaffirming the consent of the owners. Further, companies will need to re-evaluate, build or enhance objective and sustainable TCPA compliance programs, inclusive of adequate risk assessment and control parameters. Companies that ignore implementation and ongoing monitoring of an effective TCPA compliance program do so at their own peril.
Activity surrounding the TCPA, consumer rights, and business direction continues. On March 22, 2018 the Commission issued a Second Further Notice of Proposed Rulemaking seeking comment on issues including: 1) specific information needed from a reassigned number database to ensure callers avoid calling reassigned telephone numbers; and 2) whether the Commission should adopt a safe harbor from liability for those callers who choose to use a reassigned phone number database.
We will continue to monitor further developments on these matters. If you have questions or would like additional information, please contact Richard Borden (firstname.lastname@example.org; 212.631.4439), Lori Smith (email@example.com; 212.714.3075) or Kate Woods (firstname.lastname@example.org; 215.864.6376).