On June 1, the Northern District of California dismissed a putative TCPA class action against AOL, finding that the plaintiff had failed to allege that AOL utilized an automated telephone dialing system (ATDS), as required to state a cause of action under the TCPA.  In dismissing the plaintiff’s complaint in Derby v. AOL, the court rejected the plaintiff’s arguments that AOL Instant Messenger (AIM), which allows individuals to send instant messages as text messages to cell phones, constitutes an ATDS.  Instead, the court agreed with AOL’s argument that AIM relied on “human intervention” to send the messages at issue, which foreclosed the possibility of potential TCPA liability.  (Covington represented AOL in this case.)  The decision should be beneficial to a variety of services that enable their users to send text messages to cell phones.

The TCPA’s prohibitions include a ban on using an ATDS to call cellular telephones for informational purposes without the prior express consent of the recipient.  The FCC and courts have extended the reach of the statute to include text messages.  However, the FCC has stated that only equipment that has the capacity to operate “without human intervention” may qualify as an ATDS.  The plaintiff in Derby alleged that he received three text messages from an AIM user that were intended for another individual, which the court recognized were “presumably . . . the result of the sender inputting an incorrect phone number.”  After the receiving the third message, the plaintiff alleged that he sent a text message to AIM to block future texts from the AIM user, and that he received back a text confirmation of his request.

In analyzing TCPA liability for the first three text messages, the court noted that the plaintiff’s complaint “affirmatively alleges that AIM relies on human intervention to transmit text messages to recipients’ cell phones.”  The court followed precedent from other Ninth Circuit district courts rejecting ATDS arguments where the equipment at issue relied on humans to press buttons on phones or manually enter telephone numbers into the system.  Since the complaint demonstrated that “extensive human intervention is required to send text messages through defendant’s AIM service,” the court held that the complaint failed to state a claim under the TCPA with respect to the three text messages sent by an AIM user.

The court also analyzed potential TCPA liability for the separate confirmation text message that Derby alleged he had received from AIM.  Again citing relevant authority, the court held that “a single message sent in response to plaintiff’s text . . . is not the kind of intrusive, nuisance call that the TCPA prohibits.”  The court concluded that Derby, having sent the “block” request from his cell phone, had “knowingly released” his number to AIM and consented to receive a confirmation text from AIM at that number.  The court’s opinion advocated for a “common sense” approach to TCPA liability, finding that the statute should not be utilized to “punish the consumer-friendly practice of confirming requests to block future unwanted texts.”  Accordingly, the court also dismissed the TCPA claim based on the confirmation text message for failure to state a claim.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Caleb Skeath Caleb Skeath

Caleb Skeath advises clients on a broad range of cybersecurity and privacy issues, including cybersecurity incident response, cybersecurity and privacy compliance obligations, internal investigations, regulatory inquiries, and defending against class-action litigation. Caleb holds a Certified Information Systems Security Professional (CISSP) certification.

Caleb specializes in assisting…

Caleb Skeath advises clients on a broad range of cybersecurity and privacy issues, including cybersecurity incident response, cybersecurity and privacy compliance obligations, internal investigations, regulatory inquiries, and defending against class-action litigation. Caleb holds a Certified Information Systems Security Professional (CISSP) certification.

Caleb specializes in assisting clients in responding to a wide variety of cybersecurity incidents, ranging from advanced persistent threats to theft or misuse of personal information or attacks utilizing destructive malware. Such assistance may include protecting the response to, and investigation of an incident under the attorney-client privilege, supervising response or investigation activities and interfacing with IT or information security personnel, and advising on engagement with internal stakeholders, vendors, and other third parties to maximize privilege protections, including the negotiation of appropriate contractual terms. Caleb has also advised numerous clients on assessing post-incident notification obligations under applicable state and federal law, developing communications strategies for internal and external stakeholders, and assessing and protecting against potential litigation or regulatory risk following an incident. In addition, he has advised several clients on responding to post-incident regulatory inquiries, including inquiries from the Federal Trade Commission and state Attorneys General.

In addition to advising clients following cybersecurity incidents, Caleb also assists clients with pre-incident cybersecurity compliance and preparation activities. He reviews and drafts cybersecurity policies and procedures on behalf of clients, including drafting incident response plans and advising on training and tabletop exercises for such plans. Caleb also routinely advises clients on compliance with cybersecurity guidance and best practices, including “reasonable” security practices.

Caleb also maintains an active privacy practice, focusing on advising technology, education, financial, and other clients on compliance with generally applicable and sector-specific federal and state privacy laws, including FERPA, FCRA, GLBA, TCPA, and COPPA. He has assisted clients in drafting and reviewing privacy policies and terms of service, designing products and services to comply with applicable privacy laws while maximizing utility and user experience, and drafting and reviewing contracts or other agreements for potential privacy issues.