In late December 2023, the Federal Communications Commission (“FCC”) published a Report and Order (“Order”) expanding the scope of the data breach notification rules (“Rules”) applicable to telecommunications carriers and interconnected VoIP (“iVoIP”) providers. The Order makes several notable changes to the prior rules, including broadening the definitions of a reportable “breach” and “covered data,” requiring covered entities to notify the FCC in addition to federal law enforcement of breaches, and modifying certain customer notification requirements. The Rules are expected to become effective sometime in 2024, after they are reviewed by the Office of Management and Budget and the FCC’s Wireline Competition Bureau (“Bureau”) announces the effective dates by subsequent public notice.Continue Reading The FCC Expands Scope of Data Breach Notification Rules
FCC
FCC Announces Creation of Privacy and Data Protection Task Force
Last week, FCC Chairwoman Jessica Rosenworcel announced the creation of a new Privacy and Data Protection Task Force (the “Task Force”) to demonstrate the agency’s commitment to protecting consumer data and ensuring that the telecommunications industry remains secure from threat actors.
The Task Force will be led by Enforcement Bureau…
Continue Reading FCC Announces Creation of Privacy and Data Protection Task ForceFCC Imposes New Requirements on Nonmarketing Prerecorded Calls to Residential Lines
On December 30, 2020, the Federal Communications Commission (“FCC”) released a Report and Order (“Order”) that imposed certain new restrictions on nonmarketing prerecorded calls to residential lines. The action was in response to Congress’s mandate in the TRACED Act that the FCC reevaluate certain exemptions the agency previously granted regarding the consent requirements for prerecorded calls under the Telephone Consumer Protection Act (“TCPA”).
Continue Reading FCC Imposes New Requirements on Nonmarketing Prerecorded Calls to Residential Lines
FCC Announces Section 230 Rulemaking
FCC Chairman Pai announced today that the FCC will move forward with a rulemaking to clarify the meaning of Section 230 of the Communications Decency Act (CDA). To date, Section 230 generally has been interpreted to mean that social media companies, ISPs, and other “online intermediaries” have not been subject to liability for their users’ actions.
Continue Reading FCC Announces Section 230 Rulemaking
FCC Issues Two TCPA Declaratory Rulings, One Clarifying Autodialer Definition
Earlier this week, the Federal Communications Commission’s (FCC’s) Consumer and Government Affairs Bureau released a Declaratory Ruling clarifying the agency’s interpretation of the “Automatic Telephone Dialing System” (an “autodialer” or “ATDS”) definition in the Telephone Consumer Protection (TCPA). The Ruling clarified that, in the context of a call or text message platform, the definition does not turn on whether the platform is used by others to transmit a large volume of calls or text messages; instead, the relevant inquiry is whether, in this context, the platform is capable of transmitting calls or text messages without a user manually dialing each such call or text message.
The Declaratory Ruling was issued in response to a Petition filed by the P2P Alliance seeking confirmation that its text messaging platform is not an autodialer and therefore not subject to the TCPA’s ATDS-related consent requirements. These requirements generally prohibit using an ATDS to call or text a mobile number without the recipient’s consent. The Petition stated that the text messaging platform at issue required users of the platform “to actively and affirmatively manually dial each recipient’s number and transmit each message one at a time.” The Petition also stated that recipients generally would provide their consent to receive such messages by providing their mobile numbers to the platform’s users.
Continue Reading FCC Issues Two TCPA Declaratory Rulings, One Clarifying Autodialer Definition
FCC Continues TRACED Act Implementation, Proposes to Expand Scope of Permissible Call Blocking
Yesterday, the Federal Communications Commission (FCC) took additional steps to implement the various mandates in the TRACED Act (discussed here and here), which was enacted late last year to help combat illegal robocalls. Specifically, the FCC yesterday released a notice of proposed rulemaking (NPRM) that seeks comment on how best to eliminate “one-ring scams.” Included in the NPRM is a proposed rule that would permit voice service providers to block callers suspected of transmitting such scam calls.
Continue Reading FCC Continues TRACED Act Implementation, Proposes to Expand Scope of Permissible Call Blocking
FCC Clarifies that COVID-19 “Emergency Purposes” Calls/Text are Not Subject to “Prior Express Consent” Requirement
Yesterday, the Federal Communications Commission (“FCC”) on its own motion released a Declaratory Ruling to confirm that the COVID-19 pandemic constitutes an “emergency” under the Telephone Consumer Protection Act (“TCPA”); as a consequence, hospitals, health care providers, state and local health officials, and other government officials may lawfully communicate through automated or prerecorded calls (which include text messages) information about the coronavirus and mitigation measures to mobile telephone numbers and certain other numbers (such as those of first responders) without “prior express consent.”
By way of background, absent “prior express consent,” the TCPA prohibits the transmission of an automated or prerecorded call to any mobile telephone number. However, this prohibition is subject to an “emergency purposes” exception. The TCPA does not define what constitute “emergency purposes,” but the FCC’s rules construe the term to mean “calls made necessary in any situation affecting the health and safety of consumers.”
Continue Reading FCC Clarifies that COVID-19 “Emergency Purposes” Calls/Text are Not Subject to “Prior Express Consent” Requirement
FCC Seeking Comment on Key TCPA Reform Issues in Wake of DC Circuit Ruling
Yesterday, the Federal Communications Commission (“FCC”) released a Public Notice seeking comment on a range of issues relevant to its interpretation of the Telephone Consumer Protection Act (“TCPA”), including how the FCC should interpret what constitutes an “automatic telephone dialing system” in the wake of a recent decision by the U.S. Court of Appeals for the District of Columbia Circuit to vacate the agency’s prior interpretation of that term.
This same issue was the focus of a petition for declaratory ruling filed earlier this month by the U.S. Chamber Institute for Legal Reform and a number of other industry organizations.
The Public Notice seeks comment on a range of other TCPA issues, some of which also were addressed by the D.C. Circuit’s recent decision. These include how calls to reassigned mobile telephone numbers should be treated under the TCPA and the ways in which a party may revoke his or her prior express consent to receive automated or prerecorded calls under the statute.
Continue Reading FCC Seeking Comment on Key TCPA Reform Issues in Wake of DC Circuit Ruling
FTC Issues Report on Mobile Device Security Updates
On February 28, 2018, the Federal Trade Commission (“FTC”) issued a report discussing security updates for mobile devices. The report stems from information the FTC collected from eight mobile device manufacturers — Apple, Blackberry, Google, HTC, LG, Microsoft, Motorola, and Samsung — and from information the Federal Communications Commission (“FCC”) collected from mobile carriers in May 2016.
Continue Reading FTC Issues Report on Mobile Device Security Updates
Ninth Circuit Decision Provides Critical Win to FTC in its Authority over Internet Service Providers
In a ruling with implications for both net neutrality and privacy, the Ninth Circuit ruled en banc today that the common carrier exemption in Section 5 of the FTC Act is activity-based, reversing a 2016 panel ruling that the exemption was status-based. Today’s decision bolsters the FTC’s authority to bring consumer protection (including privacy) and competition actions against providers of Internet access service, which the FCC has ruled is not a common carrier service in connection with that agency’s repeal of net neutrality rules.
This appeal arises from the FTC’s lawsuit against AT&T alleging that AT&T’s practice of throttling the speed of customers with unlimited data plans once they reached a certain data usage threshold violated Section 5 of the FTC Act. AT&T had challenged the FTC’s authority to bring the case, arguing that the company was immune from FTC oversight because it also offers common carrier (e.g., voice telephone) service. Although the district court sided with the FTC on this question, a 2016 Ninth Circuit panel went the other way and, in doing so, created what the FTC and FCC agreed was a potential ‘gap’ in authority in which neither agency would have the right to police many actions by telecommunications companies.
Continue Reading Ninth Circuit Decision Provides Critical Win to FTC in its Authority over Internet Service Providers