Editor’s Note: This piece ran as an “Expert Analysis” in Law360 this week entitled “How 2 Robocall Bills Would Affect TCPA Enforcement.” It is re-published here with permission from that publication.
It is no secret that lawmakers have been actively considering anti-robocall bills all year. Indeed, at one point there were at least 11 separate bills winding their way through Congress.
Those bills have been massaged, condensed, and consolidated into two separate potential enactments—TRACED, which passed the Senate in May by a vote of 97-1, and the Stopping Bad Robocalls Act (“SBRA”), which passed the House by a vote of remarkable 429-3 vote late last month. It remains to be seen whether and how the two bills can be reconciled to become law although there is obviously a large groundswell of support in both chambers for a comprehensive bill attacking robocalls. And although the two bills are similar, the SBRA is far more expansive and might meet with resistance in the Republican-controlled Senate.
Both Bills Prop up the TCPA Although Both Bills Were Watered Down a Bit Prior to Passage
Before analyzing the differences between the two bills it is important to point out a few key similarities. First, and most fundamentally—both bills confirm that the Telephone Consumer Protection Act (“TCPA”) remains front and center as the federal government’s official response to the robocall epidemic in this country. Both bills would create a working group of federal agencies designed to increase federal enforcement of the act and both outline expansions of regulatory authority to seek penalties when the act is violated. And both bills leave intact the fearsome private right of action and enormous uncapped statutory damages that has driven TCPA-related litigation to new and extraordinary heights in 2019.
Also fundamental—although both bills seek to expand the TCPA and federal robocall enforcement activity, the final versions of both bills are significantly restrained compared to their original versions. The original version of TRACED, for instance, would have created steep potential criminal penalties for individuals found to have willfully and repeatedly violated the TCPA. But these criminal enforcement provisions were dropped from the bill before it passed. The original of SBRA would have expanded key components of the TCPA to apply to a wider range of calling technology and guaranteed consumers the right to revoke consent—even binding consent provided in a contract—but these provisions too were left on the drafting room floor.
Both Bills Expand Federal Enforcement of the TCPA and Mandate Authenticated Calling to Cut Down on Spoofing and Scam Calls
Still both acts do seek to substantially modify the TCPA enforcement activity. First, both the TRACED and SBRA increase the reach and amount of civil forfeiture penalties available to the FCC. Both TRACED and SBRA tack on an additional $10,000.00 in penalties for intentional TCPA violations, meaning that the FCC is now empowered to pursue up to $26,000.00 for each such violation using its Communications Act forfeiture power. SBRA goes even further, however, and provides that the FCC no longer needs to issue a citation to pursue a forfeiture penalty in the instance of willful TCPA violations—so no warnings are required before the Commission may seek a forfeiture, a big change from current practice. And although both bills seek to expand the statute of limitations on FCC forfeiture actions SBRA outpaces TRACED in this regard as well. SBRA increases the act to three years for negligent violations and four years for intentional violations. TRACED, on the other hand, sets the statute of limitations for negligent violations at one year and the statute of limitations for intentional violations at three years.
Aside from enforcement, both SBRA and TRACED require the FCC to mandate authenticated calling to end spoofing and scam calls, but the bills—once again— approach the issue in slightly different ways. TRACED requires formal implementation of the FCC’s SHAKEN/STIR authentication framework—which the FCC has already approved for implementation—to be achieved by the carriers within 18 months of the act’s passage. SBRA, on the other hand, gives the FCC a bit of latitude and does not require the authentication framework to be limited to SHAKEN/STIR. Instead the FCC has one year to promulgate regulations requiring carriers to utilize “effective authentication technology” and then mandates that the carriers adopt those regulations within six months of passage of those regulations. (So both bills require implementation by the carriers within 18 months.) Under SBRA the authentication technology would have to be free of charge to consumers whereas TRACED does not mention the cost of authentication technology. Both bills require the FCC to allow carriers to block unauthenticated calls once the framework is implemented and both require the FCC to continually review how the authentication framework is working and make any needed updates to its regulations.
While authenticated caller id is important, what may end up being the most important piece of the new robocall bills is a new focus on vigorous government enforcement of the TCPA. Both TRACED and SBRA will potentially expand enforcement under the TCPA and mandate the creation of a working group to assess how best to encourage agencies to take formal action against robocalls by enforcing the TCPA. Both TRACED and SBRA require the working group to consider whether any law, policy, jurisdictional limitations or budgetary constraint is inhibiting such enforcement actions, and whether to expand civil enforcement authority to state agencies. This portion of the two statutes is virtually identical—so it is virtually certain to find itself in the final piece of legislation that eventually gets passed. And the working group includes several heavy-hitting enforcement bodies, including the Department of State, the Department of Homeland Security, and the Bureau of Consumer Financial Protection.
Both TRACED and SBRA also require the FCC to engage in extensive reporting to Congress, although here again the bills are slightly different. SBRA requires the FCC to identify a five year total of calls purportedly violating the TCPA or containing fraudulent or inaccurate information. TRACED requires a more general annual assessment of the number of complaints it received in the previous calendar year. Both TRACED and SBRA would mandate that the FCC must also report the number of citations and forfeiture actions it has taken during the proceeding calendar year relative to the TCPA. TRACED would require the FCC to report on the status of all open forfeiture proceedings as well.
SBRA will also require the FCC to report violations of the TCPA to the U.S. AG’s office for potential prosecution if it obtains “evidence that suggests a willful, knowing, and repeated robocall violation with an intent to defraud, cause harm, or wrongfully obtain anything of value.” The FCC will be required to report to Congress and in a public fashion the number of times it turns over such evidence to the AG’s office and a general description of the misconduct.
Expanding the TCPA: SBRA Would Require the FCC to Act Quickly in Defining Important TCPA Terms and Would Make Callers Strictly Liable for Wrong Number Calls Under the TCPA—TRACED Does Not Address These Issues
As noted above, the original version of SBRA was set to re-define the TCPA’s definition of “automated telephone dialing system” in a manner that would have greatly expanded the reach of the statute. Instead, however, the bill directs the FCC to complete its Public Notice proceeding under which it is currently considering the reach of the statute and the definition of the TCPA. If SBRA passes, the FCC will be directed to complete its work on the subject within six months.
Notably the SBRA does not completely track the components of the FCC’s pending TCPA public notice proceeding and it is a little unclear whether the House bill intends for the FCC to go further than its current notice contemplates. For instance, the Public Notice does not specifically address the requirement that businesses maintain records of consent, although the SBRA appears to specifically contemplate that the FCC will mandate callers maintain such documentation. Additionally, SBRA directs the FCC to clarify a consumer may withdraw consent under the TCPA but it is unclear whether the FCC must find that a consumer can always revoke consent (thus handcuffing the FCC to reject the Reyes doctrine of irrevocable contractual consent) or whether the FCC remains free to clarify that a consumer can generally revoke consent—subject to contractual imitations—which is a provision notably absent from the current version of the TCPA.
One place where SBRA does not shy away from expanding the TCPA is with respect to wrong number calls. SBRA would require callers to always have the consent of the current subscriber—so if a phone number changes hands without the callers’ knowledge or the consumer provides a wrong number the caller is strictly liable under the TCPA for those calls. However, SBRA does not make this change effective until after the FCC’s reassigned number database is rolled out sometime next year (it has been in the works since late December, 2018.) Assuming the database works as anticipated, callers should be able to avoid making calls to recycled cell phone numbers—and thus TCPA exposure for such calls—by leveraging that database. Notably, however, the database will NOT assist callers in confirming ownership of the cell phone number—just whether the phone was recently reassigned—meaning that callers will become strictly liable for all other wrong number calling if SBRA passes.
Finally, the SBRA will specifically bring text messages within the scope of the TCPA. Although text messages have long been considered “calls” for TCPA purposes, the inclusion of such messages within the SBRA makes absolutely clear that Congress intends SMS messaging to remain subject to the Act.
None of these provisions are contained within TRACED and it remains to be seen whether any will be acceptable to the Republican-lead upper chamber of Congress.
SBRA Requires all TCPA Exemptions to Come With Strings Attached—And that May End Up Being a Very Big Deal
Historically the FCC was empowered to issue blanket exemptions for certain categories of calls that would otherwise be subject to the TCPA. Perhaps the single biggest such exemption is the commercial calling exemption that allows callers to utilize pre-recorded calls to send informational messages to landlines without express consent.
The SBRA seeks to curtail FCC authority to issue such exemptions in the future and requires amendment to previously-created exemptions. Under the SBRA all such exemptions must include (i) the classes of parties that may make such calls; (ii) the classes of parties that may be called; and (iii) the number of such calls that a calling party may make to a particular called party.
As with the Congressional directive to the FCC on implementing regulations, the requirement that the FCC specify who can make use of an exemption and for how many calls is a bit vague. On the one hand the language suggests that the FCC can no longer issue exemptions that can be used by everybody to make as many calls as they’d like—but it doesn’t quite say that. It seems likely, therefore, that the FCC will again be in a position to seek comment on the scope and breadth of all new exemptions and will attempt to issue limits—not unlike the CFPB’s new debt collection calling limits—that will curb the number of outbound calls that can be made in reliance on new exemptions.
Importantly, however, the rule does not just apply to new exemptions and the FCC is directed to scrub all of its current exemptions and within one year issue similar limitations for all currently-exempted calls. That would include exemptions for pre-recorded voice calls to landlines for non-telemarketing purposes, and to all other exemptions created under the TCPA. We’ll certainly keep an eye on these developments.
SBRA Would Require the FCC to Allow Callers to Challenge Carrier Decisions to Block Their Calls
Although most SBRA components are decidedly anti-caller, one provision not found in TRACED is critical for businesses that make consumer outreach efforts to survive. SBRA would require that the FCC take action to assure that call blocking efforts by the carriers are provided with transparency and that effective redress options exist for callers who believe their calls are being unfairly targeted and blocked. This sort of redress option is considered critical by many businesses that survive on consumer outreach efforts following a sweeping FCC ruling in June authorizing carriers to block calls believed to be “unwanted” through the use of “reasonably analytics” on a default basis— meaning that many high-volume callers might lose the ability to reach consumers, regardless of whether or not the consumer had chosen to have calls from the business blocked. SBRA would presumptively require that callers be notified when their calls are blocked—which is not currently mandated by the FCC— and would require a mechanism to permit callers to remedy improper blocking. Notably, TRACED does not go this far and requires only that a caller be granted redress from authenticated caller ID requirements where the caller can otherwise demonstrate that the calls are authentic. We can expect this component of SBRA to be favorably received by the more business-friendly Senate, however.
Both Bills Contain a Few Ancillary Components that May Not Make it Into the Final Legislation
One placed that TRACED goes farther than the SBRA is in requiring the FCC to commence a proceeding to limit access to number resources (i.e. phone numbers) to individuals and entities that are using those phone numbers to make calls that violate the TCPA. The FCC would be empowered to pursue a forfeiture penalty against any organization found to have violated such a regulation. Although TRACED was passed two months prior to SBRA, the House did not elect to include this provision in the SBRA. That likely means the final compromise bill will not contain this provision.
SBRA also creates a private “consortium” to trace back illegal robocalls—to focus on ‘‘fraudulent, abusive, or unlawful’.” These individuals seem to be a private force that needs to register with the FCC to work together to track down over-seas bad guys. While the idea seems worthy it is unclear from the text of the bills exactly what these private actors would be empowered to do, how they would be funded, and what—precisely—their involvement would entail. Still it is a novel idea and one to keep in mind.
SBRA also seeks to create a hospital protection group including stakeholders from consumer and industry groups designed to provide resources to hospitals to better protect them from robocalls. The hyper-focused nature of this provision of SBRA seems at odds with the more general anti-robocall provisions of the Act and it remain to be seen whether such a provision will have any traction in the Senate.
For your ease of comparison: