Really fascinating thoughts here from Steve Rafferty I wanted to share with folks.
As most of you know the FCC recently issue a one-to-one consent ruling closing the lead generation loophole. While most of the focus on the ruling has been on the CFR modification that now requires consumers to provide consent only to specific sellers–one at a time–on a webform, the ruling also contains a potentially MASSIVE change to record keeping requirements around consent. I discussed that previously here:
At the least R.E.A.C.H. member meeting we discussed the upcoming comment deadline (January 26, 2024) for small businesses to weigh in on the ruling and whether R.E.A.C.H. would address the record keeping portion as part of its comment.
Following the meeting Steve sent be this note that he has agreed I can publish. Thought it contained a ton of really important insights for folks to keep in mind:
Eric,
You asked for input, so I’ll share my perspective. I have also shared this with Jornaya (Verisk Marketing Solutions) and they are aligned with the following view.
First, this technically isn’t a change. As they say: “We take this opportunity to reiterate that the TCPA and our existing rules already place the burden of proof on the texter or caller to prove that they have obtained consent that satisfies federal laws and regulations.”
The real update (as you point out in your blog) is with the next line: “They may not, for example, rely on comparison websites or other types of lead generators to retain proof of consent for calls the seller makes.” Note that per the FCC, the “seller” is the texter or caller. I think this is a good thing for consumers (and the industry as a whole) because they are requiring the brands to take responsibility for ensuring they actually have consent before they call.
The big problem, that both ActiveProspect and Jornaya have witnessed, is that companies assume that if there is a TrustedForm Certificate or a Jornaya LeadiD token present with the lead, they are safe by default. They assume they have consent, whether they do or do not, simply because of the existence of what appears to be a TrustedForm Certificate or LeadiD token.
First, there are still firms in the sector that sell leads with fake certificates or tokens. Meaning it looks like something from TrustedForm or Jornaya, but in fact it’s fabricated. Or they might provide a real certificate/token that doesn’t correspond to that particular lead. We both provide mechanisms to verify the certificate/token is real and corresponds to the lead.
Second, just because we witnessed the event doesn’t mean the event was compliant. They have to check to make sure. We both offer the means for them to do that, but many simply do not. We believe in the adage “trust, but verify.” The value of our respective services is to give companies (of all sizes) access to the critical information they need to make real-time decisions on leads – including automated verification of the presence of TCPA disclosure language.
Many companies rely on their lead providers to verify and document consent on their behalf – often with disastrous consequences. This is how we end up with situations like the Mantha vs QuoteWizard.com case where you point out in your blog: “One thing is for sure—however—the Mantha court was not at all impressed with the background on the lead—apparently the information provided to QuoteWizard included an identification number called a “Jornaya LeadiD” that was… not entirely genuine.” How does this happen? Simple- they relied on their suppliers to be compliant, instead of verifying compliance prior to outreach.
We built our systems to allow the companies calling/texting to check the certificates/tokens in real-time, at the time of purchase. This is a familiar concept. For example, a person buying a car should check the VIN and Carfax prior to making the purchase. Or a person buying a diamond should verify its authenticity with a GIA certificate. The responsibility is on the purchaser.
This is a problem we regularly encounter and needs to change. I am cautiously optimistic this FCC record keeping update will help drive that change. Companies shouldn’t wait until there is a problem (i.e. legal complaint) before they go looking to see if they had proper consent. It is disappointing to have conversations with clients that never reviewed their certificates (and associated session replays) until after there was a legal complaint or regulator inquiry. That is not acceptable. We are providing transparency so that our customers can monitor, identify, and prevent problems before they escalate.
At the end of the day the organization is named “Responsible Enterprises Against Consumer Harassment”. A responsible marketer would never want to harass consumers. Therefore, verifying you have consent before you call or text someone is a necessity. I’m hopeful this FCC update will help push more marketers to be responsible by verifying they have consent, retaining documentation of that consent, and ultimately reducing the number of unwanted phone calls. What’s at stake is not only respecting the consumer’s wishes, but ensuring our industry sustainably grows going forward.
Well said Steve.
While I am not sure I 100% agree with everything included here, I think Steve raises a number of important issues folks should be thinking and talking about more as we move into the post-NPRM (TCPA)world.
Chat soon.