FTC Settlement Ups Ante on Need for Prior Express Consent to Lawfully Text-Message
Texting Absent Consent Now Subject Not Only to FCC Fines and Private Damage Claims, But FTC Enforcement As Well?
The Federal Trade Commission (FTC) has settled an enforcement action with the sender of “loan mod” text messages and emails that, while unremarkable in alleging the contents were deceptive, is notable for treating the mere sending of unsolicited text messages as sufficient to trigger FTC authority to punish unfair and deceptive acts, practices, and methods of competition. The FTC action against the texts also is significant because text-message violations generally fall within the bailiwick of the Federal Communications Commission (FCC)—not the FTC—and laws and rules governing automated/prerecorded calls to cell phones. Under those rules, regardless of a text message’s content, prior express consent is required before sending. The FTC’s current action suggests it is reserving the right to pile on as well, if those rules are not followed.
The settlement arises out of a complaint the FTC filed in Feb. 2011 against a marketer alleged to have sent a “mind-boggling” number of commercial texts and emails advertising mortgage modification and audit services. The complaint alleged the missives misleadingly suggested the sender was affiliated with a government agency, because they guided recipients to a .net website that had “gov” in its URL. This was deceptive, the FTC claimed, as recipients associated the site with the .gov domain, which is reserved for government use, a misimpression the sender allegedly reinforced by featuring an American flag and claiming to offer “official” loan modification and other services. Such misleading and deceptive practices are, of course, the FTC’s bread and butter.
However, in addition to citing the sender’s failure to provide an opt-out mechanism and physical postal address in its emails, thereby also violating the CAN-SPAM Act and FTC rules implementing it, the FTC also repeatedly referred to the text messages as “spam,” and stressed that they were “unauthorized and unsolicited,” that some went to phone numbers on the National Do-Not-Call Registry, and some also led to their recipients’ phone numbers being sold as debt settlement “leads.” This mish-mash of telemarketing, spam, and general privacy concepts can be confusing on first take. But wading through them, they appear to be mere atmospherics to support the FTC’s position that sending texts without prior express consent—regardless whether they are misleading—can alone constitute an unfair and deceptive act or practice.
To see this, it helps to untangle things conceptually. The CAN-SPAM Act, in its simplest terms, applies to commercial emails sent to computers, which the FTC regulates under its CAN-SPAM rules. It also applies to “mobile service commercial messages” sent to cell phones, i.e., those to email addresses assigned by wireless providers to their subscribers, which the CAN-SPAM Act charges the FCC with regulating. However, the FTC’s complaint is clear that the texts here were “short code” telephonic transmissions, not emails—or, in short, a type of call to a phone number. Thus, they could not run afoul of any CAN-SPAM requirement or prohibition (either enforced by the FTC generally, or by the FCC as to mobile emails). The FTC’s calling the texts “spam” in the complaint does not change that fact.
Turning to phone calls, then, both the FTC, under its “Telemarketing Sales Rule” (or TSR), and the FCC, under its Telephone Consumer Protection Act (TCPA) rules, regulate telemarketing practices through do-not-call, time-of-day, abandoned call, disclosure, and other rules. However, even though the FTC’s complaint mentions that the phone numbers of some recipients here were on the Do-Not-Cal registry, it does not allege violations of the TSR, which is consistent with the FTC’s practice historically of enforcing the TSR only against voice calls, not texts. (In this way, reference to the Registry is a bit of a red herring, though it arguably bolsters the showing of substantial injury to consumers, which is required in some contexts for the FTC’s unfair trade practice authority to apply; one might argue the same for references to the text recipients’ phone numbers being sold as leads—but that seems even more of a red herring, meant to raise the bugaboo of generic privacy concerns that have been at the center of so much recent debate.)
The FTC traditionally has left text messages to the FCC because, unlike the FTC’s telemarketing (and spam) statutory authority, there are special provisions in the TCPA, and thus the FCC rules implementing it, that govern “automated” and “prerecorded” phone calls. Under these rules and the TCPA, which also provides for both FCC enforcement and a private right of action for violations, it is prohibited to make any call that is either automated or prerecorded (or both) to a cell phone, regardless of content, without “prior express consent.” The FCC has held that text messages, which are generally machine-generated and -transmitted when sent en masse, qualify as automated or prerecorded calls, and courts in consumer-initiated TCPA litigation generally honor that determination, and in some cases take matters further by requiring fairly specific consent to avoid violations.
So what does this all mean? The text messages here would appear to violate the TCPA and corresponding FCC rules, as they seem to have been sent without prior express consent, in that, if such consent existed, the FTC’s complaint would have been hard pressed to describe them as “unsolicited and unauthorized.” In that case, an enforcement action by the FCC arguably would have been appropriate, and/or perhaps private claims brought by recipients might have lied. But that lack of prior express consent under the TCPA is not within the FTC’s jurisdiction to enforce. It might also have been argued that the texts were “calls” subject to do-not-call restrictions, and either the FTC under the TSR, or the FCC (and private litigants) under the TCPA, might have alleged telemarketing violations. But, as noted, the FTC did not allege TSR violations. Further, the FTC does not have statutory authority or rules under which it can pursue “privacy” violations generally, and it did not attempt to turn sales of the text recipients’ phone numbers as leads into an unfair trade practice on that basis (notwithstanding bluster along these lines in the complaint).
Instead, the FTC asserted that the receipt of the text messages cost recipients money and/or depleted their allotment of paid-for texts, caused them annoyance and frustration, and thus resulted in harm. In short, the mere fact that the texts were sent without prior express consent (in unspoken violation of the TCPA) and thus were “unsolicited and unauthorized,” constituted an unfair or deceptive act or practice. This is reinforced by the extent to which the settlement required the sender to agree to being “permanently enjoined from sending, or assisting others in the sending of unauthorized or unsolicited commercial electronic text messages to mobile telephones or other devices.” Note in particular that this is not a ban just on future misleading texts, but on any future text, if it is “unauthorized or unsolicited,” i.e., sent without prior consent.
To be sure, that the texts here were allegedly misleading in substance exacerbated matters, and provided a more traditional hook for FTC action under its unfair trade practice authority. But the fact that the FTC went out of its way to make transmission of the texts, apart from their content, the subject of an asserted unfair act/practice violation cannot be ignored. Now, the sending of texts, it appears, can subject senders not only to possible FCC forfeitures, which can be up to $16,000 per-violation—i.e., per “call” or “text”—and not only private causes of action as well, which allow statutory damages of up to $1500 per violation, but also FTC unfair and deceptive act/practice enforcement. Given how strictly some courts have been on the specificity of “prior express consent” for texts, the FTC’s recent action serves only to underscore how careful those sending commercial texts must be in getting permission from recipients first.