Important Considerations for Pending Consent Revocation Rules
The Federal Communications Commission (FCC) adopted new rules this past February aimed at strengthening consumers’ ability to revoke consent for receiving calls and texts. Technically, these rules will only apply to automated calls and texts, or those using an ATDS (Automatic Telephone Dialing System). Such platforms are probably few and far between, given the SCOTUS’ narrow definition in Facebook, Inc v. Duguid, but CompliancePoint recommends businesses comply with these rules even if their platform may not be deemed to be an ATDS under the TCPA (Telephone Consumer Protection Act), for a number for reasons:
- First, there are the state “mini-TCPAs” with more expansive definitions of “automated system,” so, although calling and/or texting platforms may not be “automated” under the TCPA, they could be in scope for the few state mini-TCPAs.
- Second, laws may change at the federal level to broaden the scope of affected platforms (see, e.g., the proposed federal Do-Not-Disturb Act).
- Finally, businesses may be hard pressed to argue their systems are not an ATDS and/or they should be exempt from opt-out rules after including “automated technology” phraseology in their opt-in consent language.
What are the rules and considerations?
Text Opt-out Methods and Predefined Keywords
The FCC has adopted a standardized list of terms that businesses must accept, regardless of the term used in its opt-out instructions. These terms include: “STOP,” “QUIT,” “END,” “CANCEL,” “REVOKE,” “UNSUBSCRIBE,” and “OPT OUT.” The rules also allow for the possibility a consumer may use a phrase to indicate consent revocation. Therefore, CompliancePoint recommends a manual monitoring process to ensure that examples of phrases such as “Don’t text me anymore” or “Stop texting me” or even typos (e.g., “STIP” for “STOP”) result in an opt-out, as well.
Timeframe for Honoring Consent Revocation Requests
Previously, the FCC allowed businesses a reasonable time not to exceed 30 days to operationalize a consumer’s Do-Not-Call request. The new rule requires businesses to honor revocation-of-consent requests within 10 business days. So, now would be a great time for businesses to not only ensure they’re in compliance with this timeframe (which includes transmitting such revocations to 3rd party vendors and vice-versa), but also to review their Do-Not-Call Policies and update any old references to taking up to 30 calendar days to operationalize a DNC request to “as soon as practical but in no case more than 10 business days,” for example.
Confirmation Texts
Businesses may send a one-time confirmation text in response to an opt-out. That message must be sent within five minutes of the opt-out and it may not contain any further marketing or promotional message. If the consumer has previously consented to different categories of text messages, the rules will allow the business to request clarification within the confirmation text as to which type or types of messages the consumer doesn’t wish to receive. If the consumer does not further respond, the business must treat the opt-out as a revocation of all consent.
Calls are Texts and Texts are Calls
Last but certainly not least, the FCC is making it clear that any revocation of consent must extend to both calls and texts, “regardless of the medium used to communicate the revocation of consent.” Therefore, CompliancePoint recommends treating a text opt-out on a marketing message as an internal Do-Not-Call request and all future marketing calls should stop. Of course, this means that where businesses are using different platforms for calling and texting, ideally, they should be talking to one another or there should be manual management of this process.
Consent Revocation Conclusion
These changes have significant implications for businesses as they must ensure their calling and texting practices align with the changes to avoid potential liability. The portion of the rules pertaining to the one-time confirmation text took effect April 4. All the other rules are on-hold pending review by the Office of Management and Budget and we see it as only a matter of time before they become effective also.
CompliancePoint has the team and services to bring your marketing campaigns into compliance with all applicable regulations, including the TCPA, TSR, Do Not Call lists, CAN-SPAM, and all state telemarketing laws. Contact us at connect@compliancepoint.com to learn more about how we can help.
Finding a credible expert with the appropriate background, expertise, and credentials can be difficult. CompliancePoint is here to help.