BY DANIEL LYONS
Earlier this month, the Supreme Court unanimously ruled that Facebook’s texts alerting customers of suspicious account activity did not violate the Telephone Consumer Protection Act (TCPA), a 1991 anti-robocall statute. Some argue that the decision could prompt a new wave of robocalls. This is unlikely, though the court’s narrowing of the statute will reduce class action abuse and properly focuses on Congress, rather than the court, to update the law in response to technological change.
Awkward statutory language
As I discussed in an earlier blog post, at issue was the confusing statutory definition of an “automatic telephone dialing system,” or autodialer. The statute defined an autodialer as “equipment which has the capacity — (A) to store or produce telephone numbers to be called, using a random or sequential number generator; and (B) to dial such numbers.” This awkward language could be read two different ways.
Facebook argued that “random or sequential number generator” modifies both “store” and “produce.” In other words, autodialers must either store numbers using a random or sequential number generator or produce numbers using such a generator. But plaintiffs claimed that the “number generator” phrase modified only “produce.” This would mean equipment could count as an autodialer if it stores numbers to be called, no matter how they are generated. The court sided with Facebook, adopting a narrow scope of equipment prohibited by the statute.
Effect of decision: Robocalls and class actions
Critics, including the Electronic Privacy Information Center and Sen. Ed Markey (D-MA), argue this decision will, in Markey’s words, “[open] the floodgates to untold numbers of new robocalls.” But this is unlikely. The autodialer provision is one narrow provision of the TCPA, dealing with autodialer calls to emergency lines, hospital rooms, and wireless numbers (which were still limited in quantity in 1991). The decision did not affect the statute’s broader prohibition on calls using an artificial or prerecorded voice, meaning robocalls remain prohibited. It also does not affect the Do Not Call list — perhaps the most famous consumer protection measure against unwanted calls.
What’s less debatable is that the decision will help curtail class action abuse. Over the past decade, courts have seen an explosion in TCPA class action litigation involving actions not envisioned by Congress back in 1991. The Facebook case is a good example: When Facebook detects suspicious activity involving a user’s account, it sends a text alert to the phone number provided by the user at registration. This two-factor authentication is an important and effective cybersecurity tool. But occasionally it generates alerts to the wrong number — for example, if the user mistyped the number at registration, or if the phone number is later reassigned to a different user. This is likely what happened to class plaintiff Noah Duguid, who received Facebook text alerts despite not having a Facebook account. Occasional errant texts as a side effect of effective consumer protection are far removed from the robocalls Congress sought to prohibit.
A victory for Duguid does nothing to combat robocalls — but it would deter companies from adopting effective cybersecurity measures for fear of class action liability. And worse: As Facebook notes, if an autodialer is any equipment that stores numbers, every smartphone is an autodialer — and under the Federal Communications Commission’s (FCC) interpretation of liability, every smartphone user faces up to $1,500 in damages for calling or texting a cell phone without consent. The court’s decision avoids this absurd result.
The private right of action is obsolete
Ultimately, the private right of action is no longer an effective tool to combat robocalls. Contra Markey’s statement, the problem isn’t that the law no longer covers unwanted prerecorded calls. As noted above, they’re prohibited. The problem is enforcement. Modern technology makes it easier to place robocalls from overseas and to disguise the caller’s identity, which effectively neuters the TCPA. Victims cannot sue violators if they cannot find them. Technological measures such as the STIR/SHAKEN framework for call authentication and aggressive FCC enforcement against gateway providers that provide avenues for these callers to reach the United States are far more effective than the TCPA’s outdated litigation model.
Plaintiffs argued that because technology adapts to change, the court should treat the TCPA as an “agile tool” that evolves over time to combat unwanted calls, rather than a provision cabined by “senescent technology.” But the court quite properly turned away this request to enact what (plaintiffs argue) Congress must have meant, focusing instead on what Congress actually said. The autodialer provision focused on a specific technology. If that technology is no longer in use, that’s not a failure but a victory for the TCPA. The court correctly notes that if plaintiffs want a broader statute, the proper forum for this petition is Congress, not the courtroom.