For many businesses, privacy compliance does not involve only what you do with consumer information and whether you properly disclose your intentions. In particular, those contemplating phone or text marketing campaigns, including those tied to use of smartphone GPS data, need to be aware of the provisions of the Telephone Consumer Protection Act. Originally enacted by Congress in 1991 to deal with unwanted automated calling campaigns (‘robo-calls’), the law has recently been applied by the Federal Communications Commission more broadly to encompass text campaigns. The 2015 FCC release mentioned below goes into some detail as to do’s and don’ts under the law and offers quite useful guidance for many specific questions which arise regarding proposed campaigns.

The law requires (among other things) express, advance consumer consent for any automated calls, regardless of the purpose, or any text message sent by a business to a consumer. Sending unsolicited texts or making unsolicited calls is a big ‘no-no’! Recent cases and settlements illustrate that violations are punishable with heavy fines in the vicinity of $500 PER offending call or text. In a class action situation, this quickly becomes an amount which can put out of business many companies. At the risk of redundancy – consumers must provide an affirmative agreement – such as checking an ‘I AGREE’ box indicating in context the subject matter of the agreement – to receive such communications; simple disclosure absent specific consent,  in a policy or terms of use document will NOT suffice. Marketers must also include instructions for stopping communications to which consumers initially agree.

The FCC has recently provided detailed guidance as to permissible and proscribed practices. It is available here We are happy to elaborate upon the more detailed provisions.

It is critical that marketers understand that their engagement of a third party firm to make calls or texts on their behalf will NOT insulate them from liability. Again, recent cases make clear that if the third party firm violates the TCPA on behalf of a client, the client is responsible for the consumer damages. The client may have a legal claim against the third party, but is liable in the first instance and liable altogether if the third party is put out of business.

Marketers engaging third parties for this purpose must (i) conduct good due diligence on the third party to reach a comfort level as to their understanding and intentions and financial ability to cover damages which do result, (ii) include in contracts appropriate covenants relating to TCPA and other legal compliance; and (iii) include in contracts appropriate ‘indemnification’ provisions requiring the third party to take full responsibility for legal problems.

It bears emphasis that the TCPA allows consumers to recover damages even if they are not deceived or defrauded in any way.

Our Corporate, Privacy and Technology partners are equipped to advise on the nuances of this law.


PRACTICE AREA / INDUSTRY:  Commercial Transactions, Privacy & Data Security, Internet E-Commerce:

Kimberly Booher, FisherBroyles Partner


Kimberly D. Booher
(650) 636-5958


Martin Robins, FisherBroyles Partner



Martin B Robins
(847) 277 2580