FCC Adopts Safe Harbor to Encourage Voice Service Providers to Block Unwanted Robocalls
The FCC adopted a highly anticipated Third Report and Order, Order on Reconsideration, and Fourth Further Notice of Proposed Rulemaking at its July 16 open meeting. The Report and Order adopted a solution voice service providers have long sought — a safe harbor from liability for the good faith blocking of illegal and unwanted robocalls. In fact, the FCC adopted two safe harbors to encourage the blocking of scam and maliciously spoofed robocalls.
The first safe harbor protects phone companies that use reasonable analytics, based in part on caller ID authentication information, to identify and block illegal or unwanted calls from liability. Currently, only STIR/SHAKEN authentication satisfies this requirement. Thus, providers that have not yet implemented STIR/SHAKEN — such as providers who lack the ability to pass all of their traffic over Internet Protocol (“IP”) — cannot take advantage of this safe harbor until they implement STIR/SHAKEN. Providers may block calls under this safe harbor by default, but customers must have the opportunity to opt out.
The second safe harbor protects providers that block call traffic from bad actor upstream voice service providers that pass illegal or unwanted calls along to other providers, when those upstream providers have been notified but fail to take action to stop these calls. Because this safe harbor will focus on known bad actors — upstream voice service providers that are facilitating, or at a minimum shielding, parties originating illegal calls — it will not rely on consumer consent. The safe harbor is also provider-based, rather than on a call-by-call basis only.
Although the FCC previously authorized voice service providers to block illegal and unwanted robocalls by default based on reasonable analytics, some voice service providers were hesitant to deploy this type of blocking on an opt-out basis without the assurance of a safe harbor from liability.
In order to take advantage of the safe harbors adopted in the Report and Order, voice service providers must adopt appropriate redress mechanisms to allow callers to resolve blocking disputes within a reasonable time. These include designating a single point of contact for callers and other voice service providers to report blocking errors at no charge and investigating and resolving blocking disputes within a reasonable amount of time.
The Report and Order also requires that providers protect and do not block critical calls, such as those from public safety answering points.
The Fourth Further Notice asks for feedback on the FCC’s proposed implementation of additional sections of the TRACED Act. The FCC asks whether there are other ways to use caller ID authentication to block calls. The FCC also asks about establishing a redress process so that callers adversely affected by caller ID authentication information can verify the authenticity of their calls. The FCC also seeks comment on its obligation under Section 7 of the TRACED Act to help protect subscribers from receiving unwanted calls or text messages from callers using unauthenticated numbers. The FCC asks whether the steps it has taken for transparency and redress for consumers and callers are sufficient, and if there are options that reduce costs to blocking providers. Under the leadership of Commissioner O’Rielly, the FCC also added a new section to the Fourth Further Notice on expanding redress requirements. It seeks comment on a number of “redress must-haves,” such as a concrete timeline for blocking redress, whether a blocking notification should be sent to the caller, and if so, using what method, and whether redress mechanisms should address mislabeling.
In response to requests from several major industry trade associations, the FCC also added a section to the Fourth Further Notice seeking comment on the proposal to extend a safe harbor to an additional category of calls to cover network-based blocking. Providers would do this type of blocking on behalf of their customers without those customers having to opt in or out, based on reasonable analytics that incorporate caller ID authentication information, so long as the blocking is specifically designed to block calls that are highly likely to be illegal and is managed with sufficient human oversight and network monitoring to ensure that blocking is working as intended.
Comments and reply comments on the proposals in the Fourth Further Notice will be due 30 and 60 days respectively after it is published in the Federal Register, which has not yet occurred.
FCC Releases Several TCPA Clarifications and Updates
Although adoption of the safe harbor was the main event of the month regarding the TCPA, the FCC also released a number of smaller but noteworthy documents.
2020 Staff Report on Call Blocking. The Consumer and Governmental Affairs Bureau (“Bureau”) of the FCC released its 2020 staff report on the availability and effectiveness of call blocking tools offered to consumers. The report was based on survey data submitted by commenters, including voice service providers, and found that call blocking tools are now substantially available to consumers at no or low cost.
Anthem Petition for Declaratory Ruling. The Consumer and Governmental Affairs Bureau denied a health care–related petition that had been pending for five years. In 2015, health benefit company Anthem, Inc. filed a Petition for Declaratory Ruling and Exemption asking the FCC to exempt health plans and providers from the need to obtain prior express consent before making health care–related calls and text messages to wireless telephone numbers, so long as they allow consumers to opt out of such messages after the fact. In its Declaratory Ruling and Order, the Bureau denied the petition and confirmed that callers must get consumers’ prior express consent before making autodialed calls or robocalls.
The Bureau wrote that while the TCPA does contain an exception for emergency calls, there is no broad exception for health care–related calls. Health care providers must therefore obtain consumers’ prior express consent for such calls and may not instead require consumers to affirmatively opt-out of them after the fact.
First, the Bureau disagreed with Anthem’s argument that health care–related wireless calls should be exempt from the prior-express-consent requirement so long as consumers are allowed to opt out because there is a pre-existing relationship between the consumer and the caller (the consumer’s health care provider or health care plan) that constitutes consent. It noted that the mere existence of a caller-consumer relationship does not satisfy the prior-express-consent requirement for calls to wireless numbers, nor does it create an exception to this requirement. Second, the Bureau rejected Anthem’s argument that its calls are urgent and should be exempt under the emergency purposes exception. For example, calls to “educate members about available services and benefits” are not likely to be so time-sensitive and critical to justify bypassing consumer consent. It noted, however, that if any calls covered by Anthem’s petition would meet the criteria set forth in the recent COVID-19 Declaratory Ruling, such calls would be governed by that Declaratory Ruling and hence would not require prior express consent. Next, the Bureau rejected Anthem’s suggestion that health care–related calls from health plans and providers to wireless telephones should be exempt from the TCPA’s prior-express-consent requirement because such calls are welcomed by consumers. Finally, the Bureau rejected Anthem’s argument that a TCPA exemption for health care–related calls made by health care plans and providers to wireless telephone numbers will not result in abuse because patient outreach is already subject to a strict regulatory regime under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy rule. It explained that the TCPA contains no exception to the prior-express-consent requirement for calls to wireless phone numbers if those calls are also regulated by other laws.
The decision confirms existing FCC precedent — that callers must obtain consumers’ prior express consent for health care calls. While there are some TCPA exceptions that take into account the context and circumstances of health care–related communications, there is no general health care exception to the TCPA. The Bureau emphasized that where a relationship with the consumer already exists, health care companies should be able to easily obtain prior express consent to send communications — and they should do so prior to sending automated messages.
P2P Alliance Declaratory Ruling. In 2018, the P2P Alliance, a coalition of providers and users of peer-to-peer (P2P) text messaging services for schools, nonprofits, and other groups filed a petition for clarification asking the FCC to clarify that texts sent using a particular type of peer-to-peer messaging platform are not subject to the TCPA’s restrictions. The messaging platform at issue required a person to manually send each text message one at a time, and enabled the sender to exercise discretion regarding the content and other features of the text messages. The P2P Alliance explained that its platform does not include “the capacity . . . to store or produce telephone numbers to be called, using a random or sequential number generator.”
In the Declaratory Ruling, the Bureau clarified that the fact that a calling platform or other equipment is used to make calls or send texts to a large volume of telephone numbers is not probative of whether that equipment constitutes an autodialer under the TCPA. Instead, whether the calling platform or equipment is an autodialer turns on whether such equipment is capable of dialing random or sequential telephone numbers without human intervention. If a calling platform is not capable of dialing those numbers without a person actively and affirmatively manually dialing each one, that platform is not an autodialer. Thus, the Bureau granted the P2P Alliance’s Petition to the extent that its platform, as described in its Petition, requires human intervention to make each call.
Reassigned Numbers Database Update. The Bureau released a compliance date for its Reassigned Numbers Database rules. In December 2018, the FCC released the Reassigned Numbers Database Order, establishing a database that will allow callers to determine whether a telephone number has been permanently disconnected after a specific date, and therefore is no longer assigned to the party the caller may have received consent to contact. Beginning July 27, 2020, voice service providers will be required to maintain records of the most recent date each number was permanently disconnected and must age telephone numbers for at least 45 days after disconnection and before reassignment. Small business voice service providers have an additional six months, until January 27, 2021, to comply with the record maintenance rule. The FCC will announce the compliance date for the new rule requiring voice service providers to send information to the Reassigned Numbers Database once the database has been established.
