multi-seller consent

FCC Moves One Step Closer to Restricting Multi-Seller Consent

FCC Moves One Step Closer to Restricting Multi-Seller Consent

Today, the FCC unanimously approved new rules as well as further rulemaking related to robotext issues. Generally, the new rules require all voice service providers to mitigate robocalls and file certifications and robocall mitigation plans in the Robocall Mitigation Database. Further, mobile wireless providers must block texts that are highly likely to be illegal and must maintain a single point of contact to respond to complaints of erroneous blocking.

There are a few proposed rules that are noteworthy. First, the Commission is proposing to formally extend Do-Not-Call protections to text messages. Second, it is proposing to declare that lead forms used to obtain consent for multiple sellers do not satisfy the requirements for prior express written consent unless the sellers are “logically and topically associated” with the purpose and context of the website and the sellers are listed on the webpage with the form. Here is an overview of the new rules and the proposed rules.

STIR/SHAKEN Sixth Report and Order and Further Notice of Proposed Rulemaking
The First Intermediate Provider in the Call Chain Must Authenticate Unauthenticated Calls from Originators

The STIR/SHAKEN caller ID framework is a key component of the FCC’s approach to stopping consumer harm from illegal robocalls. Under the STIR/SHAKEN framework, voice service providers and gateway providers are required to verify that caller ID information transmitted with a call matches the caller’s phone number. However, before today’s rules were approved, intermediate providers (providers that neither originate nor terminate a call) were not required to authenticate calls, thereby creating a gap for illegal calls to proceed downstream when the call was not authenticated by the originating provider. Now, intermediate providers that receive unauthenticated calls from originating providers must authenticate the calls using STIR/SHAKEN beginning on December 31, 2023.

All Providers Must Mitigate Robocalls and Must File Robocall Mitigation Plans

All voice service providers, including those who have fully implemented STIR/SHAKEN or those who have received implementation extensions must “(1) take reasonable steps to mitigate illegal robocall traffic; (2) submit a certification to the Robocall Mitigation Database regarding their STIR/SHAKEN implementation status along with other identifying information; and (3) submit a robocall mitigation plan to the Robocall Mitigation Database.” Voice service providers without the facilities necessary to implement STIR/SHAKEN must also meet these requirements.

The “reasonable steps” standard is general, and the FCC does not require specific measures as part of a mitigation plan; rather, a plan that includes detailed practices that can be reasonably expected to significantly reduce illegal robocalls is sufficient.

New Robocall Mitigation Plan Obligations for All Providers

Under previous rules, voice service providers and gateway providers were required to describe the reasonable steps taken to avoid illegal traffic. Gateway providers were also required to describe how they have complied with the “know your customer” standard.

Now, voice service providers must include in their robocall mitigation plans a description of how they are meeting their existing affirmative obligation to prevent new and renewing customers from originating illegal calls. Non-gateway intermediate providers and voice service providers must, like gateway providers, describe any “know-your-upstream provider” procedures. All providers must describe any call analytics systems they use to identify and block illegal traffic, including whether they use a third-party vendor or vendors and the name of the vendor. All providers must submit additional information including role information, STIR/SHAKEN extension information, and certification that they have not been prohibited from filing in the Robocall Mitigation Database pursuant to a law enforcement action. Providers must submit certification and mitigation plans to the Robocall Mitigation Database by the later of (1) 30 days following publication of the rule in the Federal Register; or (2) any deadline set in a Public Notice by the Wireline Competition Bureau.

New Robust Enforcement Tools

The new rules provide the FCC with enhanced mechanisms to hold providers accountable for failing to block illegal robocalls. First, the rules impose a $2,500 to $23,727 penalty for each violation (i.e., each illegal robocall) of the mandatory blocking requirements. Second, both non-gateway intermediate providers and voice service providers are subject to removal from the Robocall Mitigation Database for violations of FCC rules, including for filing a deficient robocall mitigation plan. Other providers are prohibited from carrying traffic from a provider who is removed for the database. Third, the FCC will implement an expedited removal process for providers with a “facially” deficient filing. The expedited process requires the FCC to give the provider notice of the filing deficiency and requires the voice service provider to cure the deficiency (or explain why the filing is not deficient) within a 10-day period. The FCC may then remove the filing, without notice, if the provider fails to cure or does not adequately address why the filing is deficient. Lastly, the FCC may revoke the section 214 operating authority of entities that engage in continued violations of robocall mitigation rules.

Further Notice of Proposed Rulemaking

The FCC also approved to move forward with consideration of new rules regarding (1) the use of third-party solutions to authenticate caller ID information and whether FCC rules should permit, prohibit, or limit their use; and (2) whether to eliminate the STIR/SHAKEN implementation extension for voice service providers that cannot obtain a Service Provider Code token. These new rules will be made available for public comment.

TCPA Report and Order and Further Notice or Proposed Rulemaking
Mobile Wireless Providers Must Block Text Messages Purporting to be From Numbers on a DNO List

Mobile Wireless Providers (“MWPs”) are required to block text messages at the network level from numbers that are highly likely to be illegal, including invalid, unallocated, or unused numbers and numbers the subscriber requested that texts from such numbers are blocked. Further, MWPs must maintain a single point of contact to enable text senders to resolve issues arising from unwarranted text message blocking. The FCC declined to impose a time limit for a MWP to respond to a report of erroneous blocking. These new rules for text message blocking are very similar to already-enacted rules for voice call blocking.

Further Notice of Proposed Rulemaking
Extension of Do-Not-Call Protections to Text Messages

Under current federal Do-Not-Call (“DNC”) rules, where the subscriber’s wireless number is listed on the National DNC Registry, a caller must have the subscriber’s prior express written consent or an established business relationship to make telemarketing calls to that subscriber. The FCC has never stated that text messages are subject to the TCPA’s DNC rules. However, the FCC has clarified in the past that text messages are calls under the TCPA. The FCC seeks comments on whether DNC protections should be extended to text messages.

Modification of Definition of Prior Express Written Consent

The FCC seeks to restrict the practice of obtaining a single consumer consent for calls and texts from multiple marketers. The new proposed rule would modify the definition of prior express written consent to clarify that multi-seller consent is only lawful if the callers are logically and topically associated with the website on which consent is given and if the callers’ names are clearly and conspicuously disclosed on the same webpage on which consent is solicited. This proposal could drastically change the lead generation industry as it would upend many current lead form constructions.

Other Proposals

The FCC also seeks comments on whether terminating mobile wireless providers should be required to investigate and potentially block text messages after notice from the FCC that such text messages are suspected to be illegal. Further, the FCC seeks comments on whether there are solutions that are available or can be created to authenticate caller ID information for text messages. Currently, the caller ID authentication framework only applies to voice calls because the FCC previously determined that text message authentication may not be feasible.

The FCC received more robocall complaints than any other subject. The Commission appears more determined than ever to use its authority to prevent illegal robocalls. As such, the telecommunications regulatory landscape is likely to evolve rather quickly. Once the comment window opens for each of the above rulemaking proceedings, we encourage interested parties to submit comments and make their voice heard on these important issues.

As always, we are available to assist. Additionally, the Professional Associations for Customer Engagement (PACE), for which we serve as General Counsel, is forming a working group to develop organizational comments. If you are interested in joining PACE’s effort, you may contact Rob Seaver, PACE Executive Director, at [email protected].


Aaron works across numerous highly-regulated industries, helping them comply with state and federal laws related to privacy and data security, cannabis, marketing, teleservices, and other consumer protection matters.

2425 1619 Aaron Parry
Share This Post:
Start Typing
Skip to content