Getting Ready for the FCC One-to-One Consent Rule

The Federal Communications Commission’s (FCC) one-to-one consent rule will take effect on January 27, 2025. If businesses, especially lead generators and lead purchasers, have not begun implementing a plan for this new rule that is upending industry practices, it is highly recommended they begin doing so. Leads obtained prior to the effective date that do not comply with the new rule will not be grandfathered. To have a sustainable lead flow after January 27, businesses should begin to ensure their leads meet the new requirements now.

What is the new FCC 1:1 rule and how did we get here?

For years, lead generation practices have allowed consumers, especially on comparison-shopping websites, to unknowingly consent to receive calls and texts from numerous sellers, often unrelated to their interests. For example, a consumer seeking a car loan, who is forced to agree to calls and texts from any number of “sellers” (which may or may not be identified behind a hyperlink) may be inundated with calls and texts from entities offering car loans or perhaps unrelated services, such as loan consolidation. Squarely focused on closing this “loophole,” the FCC’s new rule revises the definition of “express written consent” to 1) require that it be obtained from consumers for only one seller at a time and 2) that the seller must be “logically and topically related” to the content of the website where consent is obtained.

Why should I be concerned about this new rule?

All lead generators and sellers who rely on lead generators should pay careful attention to this new FCC one-to-one consent rule. Also, given the scope of the rule, even businesses that do not rely on third-party lead generation but attempt to gain consent to sell products and services of affiliates or subsidiaries should pay attention, as they may need to gain separate consent for various brands, especially if not “logically and topically related.”

First, although the rule only applies to calls and texts made with an automatic telephone dialing system (ATDS), businesses should not automatically assume they’re not using an ATDS for two reasons:

1. Elements of the law on the federal level are still unsettled. Although the U.S. Supreme Court narrowly defined ATDS in the Facebook vs. Duguid decision, litigants and courts continue to grapple with the ATDS definition, claiming it may include systems that use random or sequential number generators for organizing numbers, even if they don’t generate the numbers themselves, as the SCOTUS decision suggested.
2. Businesses may be an “automated system” under state law. Even if a business is not using an ATDS under the Telephone Consumer Protection Act (TCPA) as defined in the Facebook decision, its platform may be in scope under state law where an “automated system” is one that automatically selects AND/OR dials a number. So, even if a business’ agents are manually dialing 10-digit phone numbers, if its platform is selecting the next record, that platform could be an “automated system” under Oklahoma and Maryland law (in Florida, an automated system is one that automatically selects AND dials the number). We are seeing more and more businesses using platforms that select the next record, and agents must dial those numbers without any flexibility to select other records. These platforms are likely “automated systems” under those state laws.

Secondly, definitions of regulated technology could change on the federal level and just because a system is not in scope currently doesn’t mean that same system might not be in scope under future laws and regulations. For example, earlier this year a bill was proposed in Congress (the “Do Not Disturb Act”) that would replace the TCPA’s definition of an ATDS with the term, “robocall,” which would include 1) calls made and text messages sent without substantial human intervention to stored telephone numbers or telephone numbers generated by a random or sequential number generator, or 2) using an artificial or prerecorded voice or an artificially generated message. There doesn’t appear to have been any recent updates to this proposed legislation, and it may not end up going anywhere. Still, it illustrates legislative intent to broaden the scope to prohibit more types of calls and texts to meet consumer expectations.

Finally, serial plaintiffs are likely salivating over their private-right-of-action prospects under this new rule and will allege businesses are using an ATDS, whether they are or not. Businesses could then be forced to defend themselves and prove they are not using regulated equipment if they dial someone who has not provided adequate consent.

What steps should I be taking to Comply with the FCC One-to-One Consent Rule?

Here are some suggested steps businesses should begin taking sooner rather than later:

• Ensure express written consent language specifically:
  • Identifies the seller,
  • References the consumer’s provided phone number,
  • Indicates affirmative agreement,
  • Identifies the marketing nature of authorized calls, texts, prerecorded messages,
  • Calls will or may be with automated technology, and
  • Includes a statement/acknowledgment that consent is not a condition of purchasing goods or services.
• Ensure that if you are attempting to obtain consent for multiple brands or sellers that consumers have the ability to choose each seller they wish to receive calls and texts from by implementing explicit opt-in tools (e.g., checkboxes).
• Ensure that calls and texts are contextually relevant to the consent given.
• Explore ways to obtain individual consent from your current leads to meet the new requirements if you don’t already have it.
• Update any contracts with lead generation vendors to include requirements to obtain consent for each seller, one at a time, and to clarify responsibilities.
• Ensure that you, as a seller, have the records to prove you have express written consent. Third parties may initially obtain that proof, but it also needs to be transferred to the seller and cannot remain with the third party only.

Conclusion

In an industry of ever-changing laws and regulations, this is one of the most important rule changes in the TCPA realm in quite some time. All lead generators, lead purchasers, as well as businesses that are attempting to get first-party consent to sell to multiple brands should be mindful of this rule and begin to take steps to ensure compliance.

Staying up to date on developments to federal regulations like the TCPA can be a complex and time-consuming task. CompliancePoint has a team of marketing compliance professionals that can take compliance monitoring off your plate. Reach out to us at connect@compliancepoint.com to learn more about our services.