The FCC recently adopted new rules that will limit the volume of calls that can be made to residential phones under certain TCPA consent exceptions. The new rules affect non-telemarketing calls that use an artificial or prerecorded voice. For years, companies have been able to make unlimited numbers of these calls to residential lines without the need for prior express consent if the exceptions applied. Beginning later in 2021, companies will need to follow volume limits for the following types of exempted calls, unless they have obtained prior express consent to make more calls. The new limits will apply to calls that fall into one of these consent exceptions:
Continue Reading FCC Sets Volume Limits For Some Prerecorded Calls to Home Phones
David Poell
David Poell is a partner in the Business Trial Practice Group in the firm’s Chicago office, particularly focusing on the areas of consumer privacy and class action litigation.
TCPA’s 2015 Government-Debt Collection Exception Struck Down- Now What?
The Supreme Court’s recent decision in Barr v. American Association of Political Consultants held the government-debt exception of the TCPA unconstitutional under the First Amendment’s Free Speech Clause. This means that going forward, companies that make “debt-collection” calls on behalf of the federal government can only do so with the prior express written consent of the called individuals.
Continue Reading TCPA’s 2015 Government-Debt Collection Exception Struck Down- Now What?
Seventh Circuit Issues Landmark BIPA Decision
The Seventh Circuit has recently ruled that plaintiffs have standing to enforce the Illinois Biometric Information Privacy Act’s informed consent requirements in federal court. As we have written before, , BIPA regulates the collection, use, and retention of a person’s biometric information, e.g., fingerprints, face scans, etc. For years, federal trial courts have been split on whether a violation of BIPA’s informed consent provision is alone sufficient to confer Article III standing. . The decision in Bryant v. Compass Group USA, Inc., — F.3d —-, 2020 WL 2121463 (7th Cir. May 5, 2020) removes that uncertainty and will drastically change the landscape of BIPA litigation going forward.
Continue Reading Seventh Circuit Issues Landmark BIPA Decision
SCOTUS Review of CFAA May Impact Analysis in Data Breach Notification Obligations
For the first time, the U.S. Supreme Court has agreed to review the Computer Fraud and Abuse Act (CFAA) in Van Buren v. United States, No. 19-783. A federal circuit split exists on the issue of whether the statute can only be used against hackers and unauthorized users of electronic systems, or also against authorized users who use the information for unauthorized purposes. In the context of data breaches, companies sometimes look to interpretations of the meaning of “authorization” in CFAA cases to analyze whether notification obligations may exist.
Continue Reading SCOTUS Review of CFAA May Impact Analysis in Data Breach Notification Obligations
FCC Ruling Helps Clarify What COVID-19 Texts and Calls Are “Emergency” Under TCPA
The FCC recently issued a declaratory ruling explaining what calls and text message alerts it viewed as “emergency” for purposes of the Telephone Consumer Protection Act. Under TCPA, requirements to obtain consent to make certain calls and texts to cell phone numbers do not apply when a message is an “emergency.” Under the FCC’s new ruling, certain calls and texts from government officials and healthcare providers about the COVID-19 pandemic will be viewed as emergency messages.
Continue Reading FCC Ruling Helps Clarify What COVID-19 Texts and Calls Are “Emergency” Under TCPA
Buyers (And Sellers) Beware!: SEC Observations on Cybersecurity and Resiliency
The Securities and Exchange Commission recently published a set of observations designed to assist financial market participants. While not legally binding, the observations are guideposts for investment companies, securities issuers, and others. They outline steps to improve cyber preparedness and to protect against well-known and evolving cybersecurity threats faced by companies in the United States and worldwide.
Continue Reading Buyers (And Sellers) Beware!: SEC Observations on Cybersecurity and Resiliency
Live Free or Die Trying—New Hampshire Voters Enshrine Right to Privacy in State’s Constitution
On Election Day 2018, in the State that boasts the official motto of “Live Free or Die,” over 80% of New Hampshire voters overwhelmingly approved an amendment to the State Constitution enshrining an explicit “right to privacy” to New Hampshire residents. Question 2 on New Hampshire ballots asked voters to approve (or reject) the following language to the New Hampshire Constitution: An individual’s right to live free from governmental intrusion in private or personal information is natural, essential, and inherent. Having received the required approval of over two-thirds of voters, the language of Question 2 will be added as Article 2-b (“Right to Privacy”) to the New Hampshire Constitution.
Continue Reading Live Free or Die Trying—New Hampshire Voters Enshrine Right to Privacy in State’s Constitution
Ninth Circuit Opens Door for More Expansive Meaning of ATDS in TCPA Cases
In the recent case of Marks v. Crunch San Diego, LLC, 904 F.3d 1041 (9th Cir. 2018) the Ninth Circuit broadly interpreted the TCPA’s definition of automatic telephone dialing system (often referred to as ATDS) to include devices with the capacity to dial stored numbers automatically. The device at issue in Marks is called the “Textmunication” system, which the Court described as “a web-based marketing platform designed to send promotional text messages to a list of stored telephone numbers.” The defendant, Crunch Fitness, had communicated with current and prospective gym members by sending them text messages via the Textmunication system. The plaintiff, Jordan Marks, had signed up for a gym membership and subsequently received three text messages over an 11-month period. Marks sued Crunch Fitness and alleged that the text messages violated the TCPA. The district court granted summary judgment in favor of Crunch Fitness after concluding that the Textmunication system did not constitute an ATDS because it presently lacked a “random or sequential number generator” and did not have the potential to add this feature.
Continue Reading Ninth Circuit Opens Door for More Expansive Meaning of ATDS in TCPA Cases
New York Federal Court Dismisses Nationwide Class Action Arising Out of Alleged Spying by E-Commerce Retailers
In a victory for online retailers, a New York federal court recently dismissed three putative class action lawsuits brought on behalf of website visitors whose mouse clicks, keystrokes, and electronic communications were tracked by a third-party marketing company. The cases were filed against three e-commerce retailers—Casper (a mattress manufacturer and retailer), Tyrwhitt (a men’s clothing company), and Moosejaw (an active outdoor retailer)—and against a marketing company named NaviStone. NaviStone offers computer code that allows e-commerce retailers to determine the identities of consumers who visit their websites and track their online behavior. The plaintiff alleged that the code offered by NaviStone, and embedded in the retailers’ websites, functioned as an illegal wiretap enabling the retailers and NaviStone to “spy” on website visitors in real time as they browse. The lawsuits alleged violations under the federal Electronic Communications Privacy Act (ECPA), the federal Stored Communications Act (SCA), and New York General Business law (NYGBL).
Continue Reading New York Federal Court Dismisses Nationwide Class Action Arising Out of Alleged Spying by E-Commerce Retailers
Car Dealer’s Attempt to Crash Data Privacy Class Action Sputters Out
A Texas court recently affirmed the vitality of potential nationwide class actions brought under the federal Driver’s Privacy Protection Act (“DPPA”), in a case brought by an individual whose personal information had allegedly been obtained illegally from the Texas DMV database. The case was filed by a local individual, Arthur Lopez, who complained of getting direct mail from Don Herring Ltd., a local Texas car dealer. Lopez claims that Herring’s personalized advertisement violated the DPPA. Here, the advertisement contained Lopez’s full name, address and the make model of his car. Lopez, however, alleged he had never heard of Herring and had no idea how Herring obtained his personal information without his consent.
Continue Reading Car Dealer’s Attempt to Crash Data Privacy Class Action Sputters Out