The Telephone Consumer Protection Act of 1991 (TCPA)

• Enforced by the FCC

• Prohibits unsolicited commercial fax transmissions

o Penalties: private right of action and statutory damages of up to $500/fax

• Preempts interstate regulation

• Does not preempt within states (CA attempted to eliminate the EBR requirement)

The Junk Fax Prevention Act of 2005 (JFPA)

• Consent required for commercial faxing

• Consent can be inferred from an EBR and it permits sending of commercial faxes to recipients based on EBR as long as the sender offers an opt out in accordance with the act

• EBR has same definition as FTC’s DNC rule

Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM)

• No private right to action

• Preempts most state spam laws

o State spam laws are not superseded to the extent that such laws prohibit false or

deceptive activity

• Enforcement: FTC, other federal regulators, state AGs and other state officials

• Violation: fines up to $40,654/violation. For those authorized to sue (ISP’s can sue violators), the act provides for injunctive relief and damages up to $250/violation with a max of $2 mil. A court may increase a damage aware up to three times the amount in cases of willful or aggravated violations

• Covers transmission of commercial email messages whose primary purpose is advertising or promoting a product or service

o Prohibits false or misleading headers o Prohibits deceptive subject lines o Requires commercial emails to contain a functioning, clearly and conspicuously

displayed return email address that allows the recipient to contact the sender o Requires clear and conspicuous notice of the opportunity to opt out such as by return

email or an opt out link o Prohibits sending commercial email (following a grace period of 10 business days) to an

individual who has asked to not receive future email o Requires all commercial email to include:

▪ Clear and conspicuous identification that the message is a commercial message (unless affirmative consent was provided) and

▪ A valid physical address of the sender o Prohibits aggravated violations relating to commercial email such as

▪ Address-harvesting and dictionary attacks

▪ Automated creation of multiple email accounts

▪ Retransmission of commercial email through unauthorized accounts o Requires all email containing sexually oriented material to include a warning label

(unless the recipient has provided prior affirmative consent to receive the email)

• Rules cover messages sent using SMS but do not cover phone to phone messages

• Prohibits senders from sending MSCMs without the subscriber’s express prior authorization

o Must be opt in (check box on a website can’t be pre-checked) o Authorization must be given prior to the sending of any MSCMs o Consumers must not bear any costs with authorization/revocation o Each authorization must include certain required disclosure stating:

▪ The subscriber is agreeing to receive MSCMs sent to his or her wireless device from a particular (identified) sender

▪ The subscriber may be charged by his or her wireless provider in connection with the receipt of such messages

▪ The subscriber may revoke the authorization at any time o Disclosures must be clear and conspicuous o Authorization must be specific to the sender and must clearly identify the entity (no third parties) o Authorization must be obtained in any format and must be documented o Senders must enable consumers to revoke authorizations by the same means of

revocation o MSCMs themselves must include functioning return email addresses or another Internet

based mechanism that is clearly and conspicuously displayed for the purpose of receiving opt outs o 10 business day grace period following revoked authorization