For those who send marketing texts, keep in mind the FCC one-to-one consent rule update. It has been getting some publicity, and takes effect January 27, 2025. As most are aware, TCPA requires getting consent before sending certain automated texts. For automated marketing texts, prior express written (i.e. signed) consent is needed.Continue Reading FCC’s One-To-One Consent Rule Takes Effect in January

TracFone, the pre-paid phone company, recently settled with the FCC over allegations that the company failed to protect customer information during three different data incidents. According to the FCC, in each of the incidents, threat actors gained access to customer information, including names, addresses, and features to which customers had subscribed. The threat actors were able to gain access by exploiting vulnerabilities in the customer-facing application programming interfaces or APIs.Continue Reading Ring, Ring, it’s the FCC Calling- TracFone to Pay $16M to Settle FCC Investigation

The FCC continues to take a more active role in privacy with its enforcement of the customer propriety network information (“CPNI”) regulations. Recently, the FCC released Forfeiture Orders against the three largest mobile network operators for failing to safeguard CPNI. As we wrote about in our sister blog, violating FCC CPNI rules came with the cost of $57.3 million, $46.9 million, $12.2 million, and $80.1 million in fines to AT&T, Verizon, Sprint, and T-Mobile respectively.Continue Reading A Wake-Up Call for Data Privacy in the Telecom Sector

Much of the focus on US privacy has been US state laws, and the potential of a federal privacy law. This focus can lead one to forget, however, that US privacy and data security law follows a patchwork approach both at a state level and a federal level. “Comprehensive” privacy laws are thus only one piece of the puzzle. There are federal and state privacy and security laws that apply based on a company’s (1) industry (financial services, health care, telecommunications, gaming, etc.), (2) activity (making calls, sending emails, collecting information at point of purchase, etc.), and (3) the type of individual from whom information is being collected (children, students, employees, etc.). There have been developments this year in each of these areas.Continue Reading Mid-Year Recap: Think Beyond US State Laws!

The FCC reminded companies this month that calls containing “artificial or prerecorded voices” are regulated by TCPA. And, that the FCC considers AI-generated voices to be just the kind of “artificial” that fall within the TCPA’s regulations. This announcement was made in a declaratory ruling issued by the FCC at the start of the month.Continue Reading AI-Generated Voice Calls: New Tech, Old Rules