S2 E27: Consent Revocation Rules and Best Practices

Consent Revocation Rules and Best Practices

Transcript

Jordan Eisner: Welcome everybody to another episode of Compliance Pointers. I’m your host, Jordan Eisner, and I am joined today once again by Tony Jarnigan. Tony, thanks for joining.

Tony Jarnigan: Absolutely. Glad to be here solo this time.

Jordan Eisner: That’s right. Well, that’s because you were so good previous times. You said, you know what? We need just mano-a-mano, just Tony. No distractions.

I’m sure our audience will recall your resume, but just as a reminder, Tony is a consultant in our Marketing Compliance group here at CompliancePoint. He’s been with the company for over two years. I got that wrong last time. I thought he’d been here longer just because of the impression you make, Tony. But just over two years previous to that, he spent 10 years with Disney Vacation Club doing compliance work. In fact, he’s been doing compliance-type work inside this space and others for the better part of 20 years.

Quite experienced and quite a good guest to have on this podcast to talk about revocation of consent and the rules under the TCPA and how they could be changing, some recent court rulings, and best practices to make sure you’re complying with the rules.

So Tony, let’s dive right in. First question or maybe first request, can you quickly break down what consent revocation is or what does that term mean?

Tony Jarnigan: Yeah, it’s a couple of big-sounding words.

Jordan Eisner: For a guy like me.

Tony Jarnigan: Well, I wouldn’t want to say that, Jordan. But anyway, basically, a consumer’s ability to unsubscribe from receiving calls and texts, it’s easy enough to opt into calls and texts and to get on the business’s list to be contacted right. This is about how to get off those lists.

Jordan Eisner: A lot of times we don’t even know until we already get the email or the call that we’ve opted in.

Tony Jarnigan: Exactly right. Yeah, you don’t even know it sometimes, so that’s how easy it is. So here the theory is that it should be as easy to get the calls and texts to stop as it was to get them started. And ultimately, consumers should be able to revoke their consent to be called and texted in any reasonable manner is the term that the FCC uses.

Jordan Eisner: And so any reasonable manner, I’m sure you’re probably prepared to answer this question. Then what are some opt-out methods?

What is a reasonable manner that a business would need to provide to a consumer if they want to revoke their consent? I remember learning that it should be, I think you just said it well, of similar ease to unsubscribe as to subscribe, but also maybe that the channel needs to be similar. If you give consent via phone, you should be able to revoke it via phone, online, online, so on and so on. But maybe you have more prescriptive information on that.

Tony Jarnigan: That’s right. Very good, Jordan. Maybe get you on the consultant side.

Jordan Eisner: Been there, done that. Got the T-shirt.

Tony Jarnigan: But yeah, I mean, to your point, if it’s a live, it’s the same, you look at your channel, right? And so if it’s a live call, a consumer should be able to tell the live agent that they don’t want to get calls anymore. Agents should be well trained on how to appropriately respond to such requests and get those internal DNCs dispositioned correctly.

If it’s a text message, you should include opt-out instructions.

But here the thing is, you should be honoring any reasonable request here too, right? So even if your instructions say to respond with a stop, you should also honor other terms like quit, unsubscribe, and, you know, et cetera, et cetera.

Or even do not, you know, like some people may say, they could be so frustrated, they say, stop texting me or don’t text me anymore or contact me anymore. And you should be able to operationalize those as well.

Or even if it’s a typo, see, there are a lot of these things people don’t even consider. So you know, if someone were to respond with STIP instead of STOP, you know, the I is right next to the L on the keyboard, so there could be a typo, right? But you need to make sure that you, you know, you have some sort of perhaps manual oversight to make sure that any response is being dispositioned as an opt-out.

Jordan Eisner: Yeah, that’s a good point on the typos. And I do remember coming across that in conversations where we’ve given that advice and you’re spot on, right?

Somebody setting up these rules might not think about that. And then a consumer might think that they’ve opted out and perhaps later on in courts, they could prove that they didn’t technically do it correctly. But it’s a good practice to your point, right?

To not only have the word spelled right and many of those words for what could be revocation of consent, but also common type errors that would be associated with those.

Tony Jarnigan: Some businesses may opt to go ahead and if it’s not, if the consumer responds with something that the system doesn’t recognize, you know, it may generate the opt-out instructions again. But you know, ultimately, you need to just, the safest route is to go ahead and just opt them out of, you know, regardless of how they respond.

A couple of other items to note here, you know, if you’re leaving pre-recorded messages, even for informational purposes, you should be using interactive voice or key press, activated opt-out mechanisms, right, during those mobile calls or providing a phone number that, you know, is operational for the consumer to be able to call back and request an opt-out.

And then, you know, a good practice too is a lot of businesses will have preference management portions on their websites, right, where consumers can go in and like customize their contact preference.

So, you know, that’s advisable as well.

Jordan Eisner: You call that an opt-down, right, as opposed to an opt-out.

Yeah, you know, sometimes I’ll try and go to a website and I’ll type the name in between www.com and I’ll type it wrong and hit enter so fast. And it’ll still go to that site and will have corrected it. And I assume that that organization has bought the domain for even the typo name too, right, just so they funnel all traffic to them. And it’s a similar concept here.

Tony Jarnigan: Exactly right.

Jordan Eisner: So, and maybe this depends on the type we’re talking about. And this is painting too broad a brush on my question, but you tell me how much time do businesses have to respond to consent revocation requests?

Tony Jarnigan: Well, that’s a great question. And I think that’s really the question that sort of probably gave rise to the desire to want to do this podcast.

Currently, the FCC specifies, quote-unquote, within a reasonable time, not to exceed 30 days. Some have mistakenly looked at this as like a grace period, and it’s not a grace period at all.

I think the courts historically allowed, you know, years ago, probably they allowed for more time up to the 30 days to operationalize a DNC request. But as technology has improved, I think they’re more inclined to hold that it’s less and less reasonable to say that it took me, you know, the whole 30 days or, as we’re going to see in a couple of cases here in a couple of minutes, even, you know, a handful of days to get the person opted out.

But now there’s a pending FCC rule, which I think we’ve talked about before in one of these podcasts that would change within a reasonable—two things—within a reasonable time would become as soon as practicable—that’s the FCC language, not my language—I think I would have just said practical—but practicable, and to reduce the 30-day window to 10 days.

They had originally proposed 24 hours, by the way, but ultimately landed on 10 days.

But still, it’s not like it’s an entire 10-day grace period. So now the language would be as soon as practicable, which, you know, given technology, could be much less. And the FCC has even commented in this proposed rule change that, you know, with automated technology and as, you know, technology advances, businesses should be able to honor requests very quickly, and hence the reason for the language change.

Jordan Eisner: Hmm, still seems a bit subjective.

Tony Jarnigan: It is. It will be.

But that leads us to our lesson here, right? Do it as soon as possible.

Jordan Eisner: Yep. Well said.

So you mentioned the recent court case demonstrates the importance of these opt-out requests, right, or doing so quickly. Tell us about that.

Tony Jarnigan: Well, actually, there’s been a couple, which has been the subject of a recent blog post that I did.

The name of the game with compliance can usually be nailed down to managing consumer expectations, right? So once there’s an opt-out, you know, you can say it may take us a few days to get this operationalized, but a consumer just doesn’t expect that to happen anymore with today’s technology, right?

When they opt out of a call, they expect the calls to stop. If they opt out of a text, they don’t expect to get any more texts.

But back to the cases, pardon me. There was one involving our favorite pizza, Papa John’s, maybe some people’s favorite pizza, where the guy opted out this past July, July 17th to be exact, after his first text. Then he got two more texts on the 21st and the 24th. And I’ll go ahead and do the math for our listeners and for you too, Jordan. That’s four and seven days, respectively. Four and seven days, right?

So not even talk about the 30, but it’s also within the 10 days.

So he filed a suit. Papa John’s filed a motion to dismiss, arguing they opted him out within a reasonable time. And the court here refused to grant the motion to dismiss, saying that Papa John’s argument showed a misunderstanding of the law and that they’re not prepared to end the case at this stage as a matter of law. And the case could continue.

But here what happened was is instead of continuing to spend money to litigate the case, Papa John’s went ahead and settled. And again, notably, they settled for texts that they sent four and seven days after the person opted out.

There was another case that involved a plaintiff who sued bikers against drug drivers. Who would want to sue bikers against drug drivers, right? Or anybody against drug drivers. But still it happened.

They allegedly continued to text the plaintiff like 16 times over the next several days. But within the 30 day time, well, within the 30-day time period, that’s the current rule. Then here, we’re not sure what happened, but the plaintiff ended up dismissing the case with prejudice, meaning it can’t be refiled. That’s usually where there’s been a settlement. We don’t know that to be a fact. That’s a speculation, but that’s usually what happens. But again, notably, the suit was brought because of texts that were continued to be sent within this time period of 30 days.

So again, lesson to learn. Have them operationalized as soon as possible.

Jordan Eisner: Yeah, that’s tough. So that’s a little bit of what’s to come then, I would say, with those settlements. If an organization doesn’t implement procedures typed out as soon as possible. To your point.

Tony Jarnigan: Again, like I said, it’s about managing consumer expectations. Consumers don’t expect to get calls and texts after they’ve opted out. So you may find yourself in a position where you have to litigate a defense, even though a letter of the law, you may be OK, but you have to prove that you’re OK. And then companies may end up very well deciding that it would be cheaper to go ahead and settle than to litigate the case.

Jordan Eisner: So I think the big picture makes sense. Handle opt-outs as soon as possible. Keep consumer expectations in mind. Aside from those, maybe a little bit more tactful or tactical would be the better term. What can businesses do to avoid being in the same shoes as Papa John’s?

Tony Jarnigan: Well, you nailed the number one. They’re already operationalized. Those DNC or D&T do not text requests as soon as possible. You should never assume you have 30 or even 10 days. Don’t think of it as a grace period, for heaven’s sakes.

You know, include your opt-out information in your do-not-call policy. I mentioned it earlier, but make sure you train your staff on responding to opt-outs, how to appropriately respond and how to make sure that they disposition or operationalize those opt-out requests as soon as possible.

Be sure you’re communicating your opt-outs to third parties, calling on your behalf. And make sure that they’re relying or they’re relaying opt-outs back to you ASAP.

And here’s one too that is very important. Make sure you’re maintaining one centralized DNC or D&T list, right? We’ve seen some clients that say, well, we use different systems for different campaigns. And you just imagine that’s just fraught with all kinds of potential problems because somebody opts out of one campaign or in one system, right? And then that system doesn’t talk to the other system. And then they end up getting a communication from the same business, perhaps from the same product or service under a different campaign or under a different system. And you don’t want to have that happen. So make sure that as much as possible you’re able to maintain one centralized list.

Oh, and of course, always remember, especially in today’s world, that calls are texts and texts are calls, right? The rules apply to both. We get a lot of questions around, well, what if my customer opts out of texts? Can I still call? But think about that.

It’s almost impossible to imagine a scenario where a consumer would be saying, I don’t mind you calling me, but just don’t text me anymore, right? So yeah, we strongly advise treating calls and texts and treating them the same way.

Jordan Eisner: Yeah, I always say because there does seem to be some misinformation, maybe not even that, but at least lack of guidance because I have organizations come and they go, well, we’re just texting. We’re not calling. And I usually remind them that these regulations treat a text the same as a call.

Tony Jarnigan: And by the way, one final point here, I think this will sort of put a bow on everything.

I mean, I’m sure there are a lot of listeners out there saying, well, you know, these rules apply to robocalls and robotexts and they don’t apply to me because I’m using, you know, I’m dialing manually or whatever. And you know, robocalls and robotexts meaning that, you know, those are the systems that are automated in nature, right?

We always advise following the rules no matter what type of system you use because one, you never know when the definitions are going to change again, right, of an automated system. And you don’t want to have to spend the money, as I mentioned earlier, you know, you don’t want to have to spend the money trying to prove that your system isn’t automated, you know, which plaintiffs almost are certain to allege.

So just go ahead and apply these rules no matter what kind of system you’re using. Again, because again, if you’re managing your consumer expectations and, you know, you want a competitive advantage against your competition, you know, it goes a long way if you manage consumers’ expectations.

Jordan Eisner: Sage wisdom from a 20-year man.

Tony Jarnigan: Thanks, Jordan.

Jordan Eisner: Well, thank you for coming on. Thank you to our audience for listening. As a reminder, we produce content like this regularly, so make sure you don’t miss an episode. Subscribe on whichever platform you prefer. Leave us a review, especially if you’re enjoying the content.

And don’t forget that CompliancePoint helps organizations of all shapes and sizes solve for these type issues, right, and build, I’d say, robust compliance programs, policies, processes, technology, but never overkill, always practical.

Or what was the FCC term, Tony?

Tony Jarnigan: Reasonable?

Jordan Eisner: No, what was it?

Tony Jarnigan: Practicable. That’s hard to say, but I’m going to try to incorporate that in my everyday language somehow. I’m not sure how yet.

Jordan Eisner: So you can reach out to CompliancePoint on our website. You can find us or email us at connect@compliancepoint.com. I’m on LinkedIn. Tony’s on LinkedIn, so please don’t hesitate.

If you’ve got a question, you’ve got a concern, or you’re just interested in learning more, please don’t hesitate to reach out.

Until next time.