IS THIS THE MOST DANGEROUS TCPA RULING EVER?: Court Decision Would Invalidate 99.9% of Online TCPA Consent Disclosures–Will it Stand?

So, I’m back.

Hi folks. Thanks for the applause.

So let me start with the big TCPA news I have been teasing. And I’m sorry for this.

A court just held that YOUR online consent disclosure–you know the consent form on your website, or the one you just bought from that highly-compliant lead source–may be invalid after all. Specifically, the Court held that a consumer must enter into an ESIGN electronic records delivery agreement before they can lawfully sign a TCPA disclosure.

And that’s just as crazy as it sounds.

I look back on all the biggest decisions to date–Satterfield, ACA, Int’l, Marks, AAPC, Facebook, Creasy–and I have to say this one may be even more impactful.

In fact, I would say it is definitely the most important TCPA case to date except: i) it is so obviously wrong that it will not be widely followed; and ii) it was issued by a magistrate judge as a recommendation that should be rejected by the district court judge (but I’m not sure it will be since the objection by Defendant was… hmmm.)

So enough build up. Here’s the ruling:

In Mantha v., LLC, CIVIL ACTION NO. 19-12235-LTS (Dec. 13, 2021 D. Mass.) the Defendant took a spaghetti-meet-wall approach to a summary judgment motion, and it did not go well.

At all.

Most of the ruling is a bit of a yawner. Yes, cell phones can be residential numbers for DNC purposes. Yes, text messages are calls for purposes of the TCPA. Yes, Plaintiff has standing to sue for unwanted calls. These were sort of eyeroll worthy arguments to begin with.

And some of the ruling is fascinating. Check this out. Apparently the IP addresses on the lead form the Defendant relied on were assigned to two random individuals who were unrelated to the Plaintiff. Then Jornaya apparently confirmed that the LeadiD the lead provider identified as linking plaintiff to the website where consent was provided had no connection to the Plaintiff–the evidence showed the LeadID was linked to the Plaintiff by an aggregator in error!

It gets even worse.

The website the aggregator bought the lead from was not even being operated by the lead supplier at the time the lead was purchased–it has been shut down years earlier and was being run by some Bosnian company that was apparently pirating the site.

And STILL the Defendant argued to the Court that the calls at issue were lawful because the Plaintiff had supplied his consent on the Bosnian-pirated shell website. You know, despite the LeadID mistake and the IP addresses not matching and the fact that the website was being illegally operated.


But look, if a Defendant wants to waste their money and strain their credibility with the court by making arguments that are doomed to failure–no skin off my nose.

There is a point in time, however, at which the Czar gets very cranky. And that’s when the whole bad-facts-and-bad-arguments-makes-bad-law trope comes true and a ruling comes down that is potentially catastrophic to the entire Lead Generation World (quick plug for you Mike). Especially when there is absolutely no way it should have happened.

Let’s take this in pieces.

In Mantha, after determining that no reasonable juror could find that the Plaintiff actually accepted the consent disclosure on the Bosnian-pirated website, the Court went ahead and determined that even if Plaintiff had accepted the disclosure it was not valid for two TCPAWorld-changing reasons.

First–Pillpack. Neither the Defendant nor the ultimate sellers of the services being offered on the website were identified by name in the disclosure. So the disclosure is not enforceable. Simple. I hate this ruling, of course, but I can live with it because I’ve been on top of this from the start and everyone who seeks my counsel (or attends my compliance sessions or reads my blogs) knows about how critical it is to assure that the actual seller of a good or service is named in a disclosure.

Second–and this is the really really big head-exploding one–the Court holds that an online disclosure is not valid unless it separately complies with the requirements of 15 U.S.C. § 7001(c)! That is, the Court found that online consent cannot be obtained unless the consumer enters into a separate ESIGN agreement authorizing delivery of electronic records before signing the disclosure.

Ugh. Not even close.

All right, so let’s unpackage to understand what went wrong here.

The FCC has held that marketing consent must be obtained in writing, and can be signed in anyway permitted by the ESIGN Act.

Here’s the lingo from the 2012 Report and Order: “Consistent with the FTC, we now similarly conclude that consent obtained in compliance with the E-SIGN Act will satisfy the requirements of our revised rule, including permission obtained via an email, website form, text message, telephone keypress, or voice recording.”

Nice and clean. The focus is on how the signature on the consent can be obtained–not any gating issue around what must be done before electronic consents can be used.

The CFR also adopts this very clean signature focus: “The term “signature” shall include an electronic or digital form of signature, to the extent that such form of signature is recognized as a valid signature under applicable federal law or state contract law.” See 47 CFR § 64.1200(9)(ii)(defining “signature” for express written consent purposes.)

And the definition of “electronic signature” is plainly spelled out in the ESIGN Act itself:

The term “electronic signature” means an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record. See 15 USC § 7006(5)

Very simple. Very elegant.

Stated directly– the FCC has never required that the full ESIGN act “permission to do electronic business” provisions are somehow grafted onto the TCPA consent requirements. It merely references the ESIGN Act’s broad signature definition to afford flexibility to online consent gatherers. The end.

Yet, in Mantha the Plaintiff argued–and the Defendant failed to successfully rebut– that an online consent form must fully comply with the broader ESIGN permission-to-do-business-electronically provisions. Now this should have been very easy to avoid since 7001(c) has nothing to do with online signatures. It deals with disclosures in the context of the electronic DELIVERY OF RECORDS that are required to be made in writing. The TCPA does not require that records be delivered to a consumer in writing–it does not, for instance, mandate that statements need to be sent or disclosure forms must be submitted prior to a transaction. Rather it requires solely that consent be obtained with a signature that is recognized under ESIGN–i.e. that defined at 15 USC 7006(5). (See 2012 Report and Order at Footnote 59–doesn’t get any clearer.)

Under the ruling in Mantha, however, an online TCPA disclosure would have to include more than a valid electronic signature. It would require:

  1. the consumer to affirmatively to agree to accept records (the consent form?) via electronic means; and
  2. the consumer, prior to consenting, to be provided with (another) clear and conspicuous statement—
    1. informing the consumer of (I) any right or option of the consumer to have the record provided or made available on paper or in nonelectronic form, and (II) the right of the consumer to withdraw the consent to have the record provided or made available in an electronic form and of any conditions, consequences (which may include termination of the parties’ relationship), or fees in the event of such withdrawal;
    2. informing the consumer of whether the consent applies (I) only to the particular transaction which gave rise to the obligation to provide the record, or (II) to identified categories of records that may be provided or made available during the course of the parties’ relationship;
    3. describing the procedures the consumer must use to withdraw consent as provided in clause (i) and to update information needed to contact the consumer electronically;
    4. informing the consumer (I) how, after the consent, the consumer may, upon request, obtain a paper copy of an electronic record, and (II) whether any fee will be charged for such copy;
    5. the consumer (prior to consenting) is provided with a statement of the hardware and software requirements for access to and retention of the electronic records; and
    6. consents electronically, or confirms his or her consent electronically, in a manner that reasonably demonstrates that the consumer can access information in the electronic form that will be used to provide the information that is the subject of the consent; and
    7. after the consent of a consumer in accordance with item 6, if a change in the hardware or software requirements needed to access or retain electronic records creates a material risk that the consumer will not be able to access or retain a subsequent electronic record that was the subject of the consent, the person providing the electronic record—
      1. provides the consumer with a statement of (I) the revised hardware and software requirements for access to and retention of the electronic records, and (II) the right to withdraw consent without the imposition of any fees for such withdrawal and without the imposition of any condition or consequence that was not disclosed under subparagraph (B)(i); and
      2. again complies with item 6.

Just look at these requirements. Obviously they have no application in the setting of an online consent form. Obviously they deal with consumer’s accessing records in electronic format. Little wonder no reference to 15 USC 7001(c) is found anywhere in the FCC’s guidance on express written consent or in the CFR.  Again, the only such references are to 15 U.S.C. § 7006(4) and (5).

No, it shouldn’t have happened. Yes, there were a pile of briefing issues here. No, I’m not going to get into that. Suffices to say that the Wolf of TCPAWorld knows which battles to pick and who to do battle against. (No one would ever try making this argument against the Czar–I can promise you that.)

So the take away here is that unless the Mantha judge overrules the Magistrate Judge’s ruling–which, again, doesn’t look terribly likely given the state of the briefing to date–we’re about to see a district court ruling that would invalidate 99.9% of online TCPA consent disclosures.

So… what do we do?

  1. The most conservative outfits may want to consider conversion-killing ESIGN agreements around online consent forms… but that seems silly even if we have a Magistrate Judge suggesting that is necessary;
  2. Another–less crazy–option is for lead buyers to switch to Safe Select or the equivalent and avoid prerecorded calls to purchased leads until this whole thing is sorted out;
  3. Feels like this one has “FCC Petition” written all over it;
  4. Anyone want to intervene in Mantha and try to fix this at the root? Seems like Defendant could use some help at this point.

Yes, I will obviously be discussing this in San Diego on the 18th. 

Yes, I know this could put you out of business.

No, don’t freak out. It will be ok.


Call me to discuss.




  1. “Purchased leads” sold by lead aggregators are almost always garbage, compiled from (usually) outdated public records and never have valid consent. The aggregators always fake some random IP when asked for proof of consent. Especially true for lead generators based overseas. So don’t just “avoid prerecorded calls to purchased leads until this whole thing is sorted out”, don’t buy cheap leads that you have no clue about how they were generated, in the first place. Find out HOW the leads are obtained and how consent is obtained, and only buy if you can confirm they will be legitimate, or be prepared to pony up.

Leave a Reply