Circuit split on automatic telephone dialing systems under the TCPA reinforces importance of obtaining prior express written consent

A federal court in Missouri recently held that a restaurant’s promotional text messages did not violate the Telephone Consumer Protection Act (TCPA) because the messaging equipment used by the restaurant did not qualify as an automatic telephone dialing system (ATDS) as defined by the statute. The district court noted a split between the circuit courts on this issue, highlighting the uncertainty regarding whether the equipment at issue must have the capacity for sequential or random number generation to fall within the definition of an ATDS, thus requiring prior express written consent.

The TCPA requires that prior express written consent be obtained for all telemarketing calls and text messages made using an ATDS or a prerecorded voice to a wireless number. In Beal v. Outfield Brew House, Case No. 2:18-cv-4028-MDH (W.D. Mo. Feb. 20, 2020), the defendant, Outfield Brew House, LLC (Brew House), collected phone numbers from customers who provided their contact information on paper cards (which contained some TCPA disclosure language). Brew House did not maintain copies of the signed paper cards, but rather entered the customer contact information from the cards into a spreadsheet and shredded the cards. Brew House employees then uploaded that information into its text messaging system. To send text messages, a Brew House employee would log into a text messaging system, select a subset of customers to whom promotional texts would be sent, and manually press a button to send a text message to those customers. The plaintiff, a customer who had received promotional text messages from Brew House, filed a putative class action alleging that Brew House violated the TCPA by sending text messages to customers using an ATDS without their prior express written consent. Brew House moved for summary judgment, which the district court granted.

At issue in the case was whether Brew House’s text messaging equipment could be considered an ATDS when it could not produce numbers to be called using a random or sequential number generator. The district court noted the split between the circuit courts on this issue; both the Third Circuit and the Eleventh Circuit have held that a phone or messaging system that does not randomly or sequentially generate phone numbers and then dial those numbers could not be considered an ATDS under the TCPA. The Ninth Circuit, on the other hand, has held that an ATDS is not limited to devices with the capacity to call numbers produced by a random or sequential number generator, but also includes devices with any capacity to dial stored numbers automatically. The district court in Beal declined to follow the Ninth Circuit’s reasoning and instead adopted the narrower definition of an ATDS embraced by the Third and Eleventh Circuits.

Comment

While Beal may be good news for businesses that contact customers using messaging or dialing systems, the case highlights the ongoing uncertainty regarding the definition of an ATDS in the federal courts. The risks associated with violating the TCPA are very high: class actions are prevalent because the TCPA provides for strict liability, a private right of action, and significant statutory damages ($500 per violation, or up to $1,500 per willful violation). Importantly though, obtaining the consumer’s prior express written consent provides a defense to TCPA actions, although circuits are also split regarding who bears the burden of proof on that issue. For this reason, companies should establish procedures to document, store, and track a person’s written consent to receive any calls or texts in order to limit their exposure under the TCPA, regardless of which definition a court may adopt.

To learn more about this topic, please join Reed Smith for a CLE webinar on February 26, 2020 for a discussion on the latest TCPA legal developments and regulatory and compliance risks.

#Ad #Germany – Update for influencers

On February 13, 2020, the German Federal Ministry of Justice and Consumer Protection (BMJV) published a proposal to soften the regulatory requirements for influencers for labeling their posts as advertising (Proposal). Under the Proposal, statements posted on social media about products for which no consideration was given – either in the form of monetary compensation or other benefits – shall be excluded from labeling requirements. In the view of the BMJV such posts are intended solely to shape public opinion and are not made in the pursuit of commercial purposes (see the BMJV’s press release of February 13, 2020, available in German here).

Background

Recommendations from influencers are highly trusted by their followers. To ensure a sufficient level of transparency, the German regulators have provided regulatory guidance on the labeling of posts as advertising. However, in the past German courts have inconsistently interpreted the statutory labeling requirements applicable to advertising in the context of social media posts by influencers. This has resulted in various restrictive orders against German influencers (please find further details of German case law on this topic in our articles: “Update on transparency requirements for influencer marketing”, “Frankfurt Court of Appeals ruling on influencer marketing and manufacturer tags”, and “Update on transparency requirements for influencer marketing”). The Proposal’s key aim is to achieve legal certainty for influencers.

Planned changes under the Proposal

Pursuant to Section 5a(6) of the German Act against Unfair Competition (Gesetz gegen den unlauteren Wettbwerb – UWG), the failure to properly identify the purpose of a commercial activity may constitute an act of unfair competition. Under the Proposal the following commercial activities shall be excluded from Section 5a(6) UWG:

“As a general rule, a commercial activity is not to be deemed to have a commercial purpose if (a) it primarily serves informative purposes or the shaping of public opinion and (b)  no payment or similar consideration has been granted.”

However, according to the Proposal, the burden of proof shall remain with the influencer.

Comment

The BMJV’s intention to achieve a sufficient level of legal certainty and exclude certain content from the labeling requirements is a step in the right direction. Notably, the Proposal sets limits to the approach taken by German courts, which has led to almost every influencer post being labeled as advertisement.

However, under the Proposal various points remain uncertain. A main concern is that the Proposal gives no guidance on which scenarios should fall within the scope of “similar consideration.” While this question will not be of interest to successful celebrities and other leading influencers who receive considerable compensation for each single post, it will have a significant impact on rising stars who may receive products, including items of rather low value, for free instead of monetary compensation. The Proposal lacks clarification as to the circumstances under which non-monetary compensation shall trigger corresponding labeling requirements.

Influencers, brand ambassadors and organizations that cooperate with them should monitor further developments concerning the legal framework on labeling requirements.

It’s time to reassess cookie compliance in France

Companies have been challenged with respect to their cookie policies and their implementation due to the entry into force of the GDPR earlier than the proposed ePrivacy Regulation

 Given the delay in the adoption of an EU-wide regulation on e-privacy, national data protection authorities have taken the initiative in publishing guidelines on cookies requirements. The publication of guidelines by the German data protection authorities, followed by the Information Commissioner’s Office (ICO) (in early July 2019), prompted the French Data Protection Authority (CNIL) to update its own recommendations on the use of cookies on 18 July 2019, and these have now been supplemented by draft recommendations on practical steps.

Read more about the CNIL recommendations in our recent client alert.

Paris takes the lead in Europe on FRAND legal qualification

On February 6, 2020 the case management judge of the Paris High Court (Tribunal Judiciaire) made a decision that is of great importance in terms of both the legal qualification of the undertaking of the owner of patents essential to the implementation of standards to grant to anyone a fair, reasonable and non-discriminatory (FRAND) license, and the importance of Paris as a future venue for so-called FRAND disputes.

 Read more about the importance of this decision in our recent client alert.

California Attorney General issues revised draft regulations with key changes for regulated businesses

The public spoke and the California Attorney General (AG) listened.  Nearly four months after releasing initial proposed CCPA regulations, the California AG has issued a revised draft addressing many of the comments and concerns of both industry and privacy attorneys.  Although the structure and fundamental principles have not changed, the revisions will impact most CCPA compliance projects.  For more details about the revisions to the proposed regulations and how to submit public comments to this draft, please see our issued client alert.  

 

2020 could be a monumental year for adtech

With the California Consumer Privacy Act (CCPA) coming into effect on January 1 and the announcement on 14 January from Google that it will be phasing out third party cookies within the next two years, it seems that 2020 will be a significant year for the adtech industry as industry players react with solutions and strategies to adapt. In the face of various regulatory investigations and increasing consumer expectations around privacy, it is clear that programmatic advertising, in particular, is facing a turning point.

Google’s plans include placing limits on third party cookies in its browsers from February 2020, as well as launching anti-fingerprinting measures (which it describes as “deceptive and intrusive techniques”) by the end of the year. We are seeing browsers proposing changes in privacy settings (see also Microsoft), and industry players, such as the Digital Advertising Alliance (DAA) and the Internet Advertising Bureau (IAB), developing CCPA compliance tools. Adding to the fray is the rise of new browsers such as Brave, which blocks ad and website tracking and provides for crypto payments to users and publishers for watching ads.

Technologies and business models are changing and privacy, marketing and compliance teams have a lot to keep on top of!

Our experts from both sides of the Atlantic discuss their thoughts on what to look out for in 2020 in our recent client alert.

Uncertainty persists in biometric litigation

Companies facing class action litigation stemming from Illinois’ Biometric Privacy Act, 740 ILCS 14/1 et seq. (BIPA), will not get conclusive guidance from the U.S. Supreme Court on the issue of Article III standing. Despite the substantial increase in BIPA class actions filed between 2018 and 2019, and amici briefs imploring the Supreme Court to review a Ninth Circuit holding for one such case, the high court declined to weigh in and denied certiorari. As a result, questions persist as to whether class action plaintiffs bringing BIPA claims in federal court have Article III standing due to continued inconsistent treatment within the Ninth Circuit and elsewhere regarding what constitutes real, concrete and particularized injury in cases relating to intangible harms. Therefore, companies with Illinois employees or consumers will continue to face uncertainty, and plaintiffs may aggressively shop for favorable fora (including California) to bring such cases.

Continue Reading

What’s next with Brexit, data protection and data transfers?

Following the UK Conservatives Party’s landslide victory in December 2019, there were immediate implications for the UK’s Withdrawal from the European Union, which resulted in the UK withdrawing from the EU on 31 January 2020. With the European Parliament’s approval of the Withdrawal Agreement, the UK is now in a transition period until 31 December 2020. That leaves a transition period of only 11 months! The question remains: what is next for data protection, in particular, data transfers from the EU to the UK? Read more in our client alert.

 

Novel coronavirus outbreak throws up data privacy questions for businesses in China, Hong Kong and Singapore

The World Health Organization (WHO) declared on January 30, 2020, that the outbreak of 2019 nCoV (novel coronavirus) is a “Public Health Emergency of International Concern.” Further information is available in the WHO statement. On January 31, 2020, the Centers for Disease Control and Prevention (CDC) in the United States also declared a public health emergency for the U.S. Further information from the CDC can be found here.

Reed Smith attorneys have written a client alert that focuses on issues relating to data privacy in an employment context. The team outlines common issues that businesses operating in the People’s Republic of China (PRC or China), Hong Kong and Singapore are likely to face arising from the outbreak of a novel type of coronavirus. The issues that have been identified are not meant to be exhaustive. As this is a developing situation, governments are revising their responses to mitigate the emerging risk to public health.

Maryland Attorney General Brian Frosh talks to Reed Smith about privacy and consumer protection

Reed Smith IP, Tech & Data attorneys Divonne Smoyer and Alexis Cocco conducted an in-depth Q&A with Maryland Attorney General Brian Frosh. During the interview, he discusses his priorities for data privacy and security for Maryland, including his hopes for future legislation in both Maryland and federally. AG Frosh is currently in his second term as Attorney General of Maryland. Prior to serving as Maryland’s AG, Frosh served five terms in the Maryland State Senate and two terms in the Maryland House of Delegates.

For the full Q&A with Maryland Attorney General Brian Frosh, please visit The Privacy Advisor.

LexBlog