Recent changes in outbound dialing legislation and consumer protection regulations, specifically changes to the Telephone Consumer Protection Act (TCPA), have the outbound dialing sector scrambling. Companies of all sizes in most verticals (with the exception of fund-raising and political campaigns), including outsourcers who use outbound technology to reach customers and prospects, are struggling to interpret and understand exactly what these new rules mean, their potential impact, and how to apply them.
What is the TCPA?
The TCPA, enacted by Congress in 1991, was the first federal law to establish regulations for telemarketing and commercial sales. Intended to safeguard consumers from uninvited sales and telemarketing calls or faxes, the TCPA regulates how, when, and to whom commercial solicitation calls (or faxes) can be made. The TCPA is a federal statute; the complete body of law regulating telemarketing and other telephone sales activities also encompasses numerous regulations promulgated by the Federal Communications Commission (FCC), as well as the Federal Trade Commission (FTC), which have the force of law. The TCPA requirements apply to land lines, cell numbers, faxes, and text (SMS) messages.
A central concept in the TCPA legislation is the "established business relationship" (EBR) exception. The TCPA defines an EBR as: "(1) the consumer's purchase, rental, or lease of the seller's goods or services or a financial transaction between the consumer and seller within the eighteen (18) months immediately preceding the date of a telemarketing call; or (2) the consumer's inquiry or application regarding a product or service offered by the seller within the three (3) months immediately preceding the date of a telemarketing call." In the original TCPA legislation, companies that had established a business relationship with a consumer could bypass the requirement to obtain written consent from the customer to receive solicitation calls. However, they still had to comply with four other principal issues:
- Proper caller identification requirements
- Calling hour restrictions
- Compliance with do not call (DNC) policies/restrictions
- Adherence to auto-dialer and automatic dialing recorded message player regulations
The FCC and the FTC are responsible for TCPA enforcement. TCPA claims are increasing, in part due to increased diligence in enforcement by these agencies. High-visibility class action suits in the recent past involving alleged violations are also fueling the rise in TCPA claims. The TCPA can be enforced in at least three different ways:
- The individual who receives a call after a name removal request has been given to the caller is granted a private right of action for violations and statutory damages in the amount of $500 for each violation, or actual monetary loss, whichever is greater, and up to $1,500 for each willful violation. Similar suits may be filed for violations of the TCPA's provisions regarding faxes, auto dialers, and artificial (computerized) or prerecorded messages.
- States may initiate civil action against offending companies on behalf of their citizens.
- Complaints may be filed with the FCC, which has the power to assess penalties against parties who violate the TCPA.
TCPA best practices
The best approach to reduce the risk of litigation and fines resulting from TCPA violations is to gain a thorough understanding of the TCPA's requirements and to develop and issue written policies and procedures to ensure that all business operations and practices are fully compliant. Here are some suggestions to help companies adhere to TCPA requirements:
- Consult corporate attorneys to interpret the requirements.
- Draft DNC list policy and procedures.
- Make the DNC policy and procedures available on demand. This is a critical element of establishing a TCPA's "safe harbor" defense, in addition to being good for business.
- Keep the DNC list current. Create an automated process to make sure that the list of names and phone numbers of people who do not want to be contacted is kept up to date. Ensure that there is an automated process to "scrub" all outbound calling lists at the beginning of a campaign and recheck each phone number right before it is called. Also, establish a mechanism that allows agents to manually remove phone numbers from a calling list.
- Honor the National Do Not Call Registry.
- Set up audit logs and documentation to prove adherence to the DNC list.
- Review outbound solutions—dialers and notification solutions, or "robocallers"—to ensure that they comply with the TCPA. Do not use automated dialing technology of any kind when calling cell phones. Do not leave prerecorded messages on a cell phone, as no portion of a manually dialed call is permitted to contain an automated message.
- Implement training programs to ensure that all customer-facing employees comply with the TCPA requirements. The training should include the ability to clearly and concisely explain your company's DNC policies to anyone who asks. This is another component of a safe harbor defense to potential TCPA violations.
- Set up a formal, documented process to obtain written permission from anyone with whom you want to conduct business. Acceptable methods of obtaining express written consent include an electronic "signature" via email, a Web site form, text message, telephone key press, or voice recording.
- Make sure that voice consent is provided properly, following an unambiguous disclosure to the recipient that the call is for telemarketing purposes and that he may be receiving future auto-dialed or automated communications at a number the recipient designates.
- For live-agent calls, provide a greeting within two seconds of the recipient answering the call, clearly stating the name of the entity on whose behalf the call is being placed, along with a number where they can be reached.
- Provide mechanisms to allow customers or prospects to opt out of future communications. This process must be able to capture, document, and archive consumer preferences.
- Draft a TCPA adherence script for all customer-facing employees that explains your company's DNC list policies and practices, to ensure that they are properly communicated and explained when employees are asked.
- Run an annual TCPA "boot camp," either in person or via elearning, to ensure that customer-facing employees are effectively communicating your company's policies and procedures to the public.
- Require all third-party vendors (outsourcers) engaged in outbound campaigns to comply with TCPA requirements. Be sure that they have documented policies and procedures to prove their compliance. Using a noncompliant vendor is an unacceptable risk.
- Address assumption of risk by requiring all outsourcers to commit to TCPA compliance in their contract. They should also commit to indemnifying the company should a TCPA violation occur while working on their behalf.
- Establish a troubleshooting procedure. Unfortunately, some consumers "fish" for noncompliance and, even worse, try to trick employees into saying and doing the wrong things. To reduce this risk, set up a hotline so that employees have a place or person to go to for help when they are in doubt about a TCPA-related matter.
While DMG Consulting provides operational guidance, the information presented here is for informational purposes only and does not constitute legal advice. We urge you to discuss your particular situation with your legal counsel before taking any action. This is an evolving area of the law, and DMG makes no promises or guarantees about the accuracy, completeness, or adequacy of the contents hereof.
Too many companies are ignoring TCPA, believing that they won't get caught. This is a mistake, as the government is encouraging consumers to report consumer abuse. So, even if you think your company is operating under the radar, if you're abusing the regulations, you are at risk. DMG encourages all companies to gain a complete understanding of the requirements and to follow the law. To see the complete TCPA Guide, visit the DMG Web site.
Donna Fluss (firstname.lastname@example.org) is founder and president of DMG Consulting, a provider of contact center and analytics research, marketing analysis, and consulting.