EPIC logo

Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991
Docket No. CG 05–338;

Comments of the Electronic Privacy Information Center Concerning Implementation of the Junk Fax Prevention Act

January 18, 2006

Pursuant to the notice published by the Federal Communications Commission (Commission) on December 19, 2005 seeking comments on implementation of the Junk Fax Prevention Act, the Electronic Privacy Information Center submit the following comments.[1]

Recognition of an Established Business Relationship Exemption

In addition, the Commission seeks specific comment on whether the Commission should establish parameters defining what it means for a person to provide a facsimile number ``within the context of [an] established business relationship.'' Under what circumstances should the Commission recognize that a person has voluntarily agreed to make a facsimile number available for public distribution? Should the burden rest with the sender to establish that the recipient has agreed to make the number publicly available? When the sender obtains the facsimile number from a directory, advertisement, or site on the Internet, should the sender be required to make reasonable efforts to confirm with the entity that compiled the numbers that the recipients have ``voluntarily'' agreed to allow them to be made publicly available?

The Commission should recognize that a person has voluntarily agreed to make a number available for public distribution only where that person has explicitly stated that they wish to receive unsolicited commercial messages.

The mere presence of a fax number in a directory should not constitute voluntary agreement for dissemination to senders.  Companies that publish directories often use tactics that are subtle in order to populate the database with as many numbers as possible without notice to the individual, consent, or any degree of voluntariness.  For instance, "enhancement" or list "appendage" is the practice of buying more personal information on a consumer based on data collected at point of sale.  Through enhancement, a retailer may ask for a consumer's phone number, and then use the number to purchase the consumer's address or fax information.  By merely giving a name to a retailer, the store can buy address and phone information from a data broker such as Acxiom.  There is no evidence that presence in these databases indicates that the individual "voluntarily agreed" to make the number available to others. 

Additionally, data are collected involuntarily through "ANI," or Automatic Number Identification.  ANI is similar to Caller ID, but the caller cannot disable ANI. ANI reveals the name, address, and phone number of the telephone subscriber when the line is used to call a toll-free (800, 888), charge (900, 976), or police phone number (911).  Companies can collect ANI and use it to add to its personal information databases, or sell it to data brokers.   Again, there is no evidence that the individual voluntarily agreed to have their numbers circulated to other simply because they transmit ANI or Caller ID.

It is important to understand that there is a culture of secrecy surrounding data collection.  Companies risk "creeping out" their customers by revealing their identification and data aggregation tactics.  For instance, a casino profiled recently by the Wall Street Journal trains its operators not to tell customers that they have been automatically identified and categorized by their profiling system.  "That would be too creepy," said the company official in charge of the system.[2]  The fact that many companies hide their data collection practices, or obscure them through claims that they are done for security purposes, is strong evidence that consumers are not knowing, voluntary participants.  Thus, mere presence in a directory should not constitute voluntary agreement to disseminate the number.

Similarly, the mere presence of a fax number on a site on the Internet should not constitute voluntary agreement.  Allowing such a broad loophole would permit information companies to simply post online every possible permutation of a phone number, thus allowing junk faxers to exploit that exemption.  Voluntary agreement should only be found where a person posts their fax number on a website that they control coupled with a statement that the holder of the number wishes to receive unsolicited fax messages from businesses that have an EBR.

Individuals, companies, and non-profits with fax machines that post their number online (such as EPIC) do not expect that the number will be harvested for commercial purposes.  In fact, these entities are often required to publish this information in the public record to comply with court rules or administrative agency requirements.  It is unfair to require the disclosure of this information for one purpose and then allow marketer to reuse it for advertising purposes.

The FCC's rules should accommodate the ability for a web site owner that publishes a fax number to also include a statement that no fax advertisements should be sent to the number based on its mere presence online.  Individuals should be able to post their fax numbers online with a "Do-Not-Fax" message so that they can share the number for business purposes without being inundated with cost-shifted advertising.

The burden of proof for the existence of an EBR should rest upon the fax sender rather than the recipient.  It has been our experience that junk faxers will employ many different dubious excuses to argue that an EBR exists.  For instance, if a recipient says that he does not have an EBR with a specific company, the junk faxer will claim that the recipient's spouse falls under the EBR.  If the recipient does not have a spouse, the sender will claim that it was the recipient's roommate.  If the recipient does not have a roommate, the sender will claim that the previous holder of the phone number falls under the EBR, and so on.

Simply put, it is unfair to allow cost-shifted advertising to be sent to fax owners based on the mere claim that an EBR exists.  Popular sales software (such as ACT) tracks contacts with clients and can provide an audit trail to support the existence of the EBR.  The burden should be upon the sender to keep this trail of contacts to prove the existence of the EBR.

We second the comments of Robert Biggerstaff in this docket concerning junk faxes and EBRs.[3]  As Biggerstaff stated, companies follow a "Fax First, Look for EBR Later If Caught" business plan.  Even a cursory review of junk fax litigation shows that senders come up with ingenious excuses that invariably place the blame back on the recipient. 

Companies that wish to engage in cost-shifted advertising should at least bear the burden of proving that they have an EBR to justify sending of the messages.  Doing otherwise would guarantee the resurrection of notorious junk faxers like Fax.com and American Blast Fax.

Definition of Established Business Relationship

…the Commission takes this opportunity to seek comment on whether to limit the EBR as applied to unsolicited facsimile advertisements.

We comment that the time period for the EBR should be as limited as possible, considering the low bar for the creation of an EBR.  Under the junk faxers regime, literally, purchasing a cup of coffee or just visiting a store would create the right to look up the customer's number in a database and start faxing. 

Considering the low bar for the EBR and the abuse that the exemption has already created, we urge the Commission to establish a widow smaller than that permitted under the telemarketing rules.

In addition, as set forth in the Junk Fax Prevention Act, the Commission seeks comment on the benefits to facsimile recipients of limits on the EBR. Are there direct costs to consumers associated with receiving facsimile advertisements, such as costs for paper, toner, and time spent collecting and sorting faxes that weighs in favor of limiting the facsimile EBR?

There are incredible costs passed on to the public as a result of junk faxes.  In addition to the cost of paper and toner, junk faxes are used widely to promote fraudulent schemes (such as "pump and dump" stock trades) and consumer frauds (such as the ubiquitous vacation and cruise advertisements coming from Florida boiler rooms).  Junk faxes also tie up fax lines; in some cases, such as where a junk faxer is sending hundreds of advertisements to an office or a hospital, this can result in loss of productivity or risk that important faxes cannot be transmitted.  Many people who own fax machines simply unplug them and lose the benefit of the technology, because they receive junk faxes.  In fact, these faxes are often sent in the middle of the night, thereby disturbing individuals who have a fax machine at home.

As a result of the JFPA, many businesses probably will remove their fax number from their Internet sites to avoid junk faxes.  This represents another cost--individuals will have to call companies and obtain the fax number before sending business communications.

Even the law firm that represents the Fax Ban Coalition (a group of companies that lobbied for the JFPA), Covington & Burling, has sued under the TCPA because it received over 1,000 junk faxes in a day from Fax.com.  The firm obtained a $2.2 million judgment in the case.[4]

Finally, we encourage the Commission to review the docket in CG 02-278, as there are many comments discussing the costs of junk faxing.

If the Commission adopts any such limits on the EBR, the Commission also asks commenters to describe the costs to senders of demonstrating the existence of an EBR that is limited in duration. Would these costs be overly burdensome, particularly for small businesses?

We believe that much of the junk fax problem can be attributed to small businesses.  Many of Fax.com's clients were small businesses that promoted various products, such as grandfather clocks and vacations.  Any analysis of costs to businesses, both small and large, should be weighed against the harms caused to consumers by this form of advertising.

Notice of Opt-Out Opportunity

… the Commission seeks comment on whether it is necessary to set forth in our rules under what circumstances a notice will be considered ``clear and conspicuous.'' If so, the Commission asks commenters to describe those circumstances under which a notice should be considered ``clear and conspicuous.''

It is necessary to specify the elements of a "clear and conspicuous" disclosure.  Otherwise, the notice will be printed in a way so that consumers are less likely to see it.  Companies actually perform market research to determine how to write notices that consumers will not read.[5] The experience in the implementation of the Gramm-Leach-Bliley Act (the law that requires privacy notices from financial institutions) should be instructive here--the notices were difficult to understand and read, precisely because the financial institutions had an economic incentive to frustrate the opt out process.

In the context of faxes, there are many ways in which a sender can frustrate notice and opt out opportunities.  For instance, the sender could place the notice at the very bottom of the advertisement; if it is cut off by the machine, the sender could then blame transmission error.  The notice could be printed in a gray font or other color that the fax machine cannot detect.  The notice could be printed in a font size too small to be rendered by the fax machine. 

We think that a "clear and conspicuous" notice would 1) appear at the top of the message, 2) be sent on a standard-size 8.5 x 11" format advertisement (to reduce risk that the recipient's machine would truncate or "cut off" the message), 3) be printed in black font, 4) be printed in English, 5) be enclosed in a "box" or other design element so that it is separate from the advertising copy, 6) be printed at a font size no smaller than 12 point, 7) identify that it is being sent pursuant to an EBR, 8) identify the company asserting the EBR, and 9) identify the fax broadcaster, if different than the company with the EBR.

As directed by Congress, the Commission also seeks comment on the ``shortest reasonable time'' within which a sender of unsolicited facsimile advertisements must comply with a request not to receive future facsimile advertisements from the sender. The Commission notes that the Commission's rules require that persons or entities making calls for telemarketing purposes must honor a do-not-call request within a reasonable time. The Commission's rules provide that this reasonable period ``may not exceed thirty days from the date of such request.'' The Commission seeks comment on whether this 30-day limitation is the shortest reasonable period in which to expect senders of unsolicited

facsimile advertisements to honor a do-not-fax request. If not, the Commission seeks empirical evidence from commenters to support proposals for longer or shorter periods.

With modern sales contact and fax transmission software, senders should be able to comply with requests to opt out from the EBR in less than 5 days.

In any case, as technology enables greater efficiency, the time limit for an EBR opt out should shorten.  30 days may be reasonable at a time where fax numbers were being programmed into actual machines and sent manually.  Today, sophisticated software manages the collection of information, maintenance of contact data, and the actual transmission of the messages.  There are automated systems that can collect opt out requests and feed a suppression list into the transmission software.  There is no reason why this software could not accommodate a much shorter time period to opt out.

We encourage the Commission to investigate the time it takes for a fax broadcast company to initiate a new advertising campaign.  Request for opting out should take no longer than the time necessary to initiate a new advertising campaign. 

    As provided by the Junk Fax Prevention Act, the Commission also seeks comment on whether to exempt certain classes of small business senders from the requirement to provide a cost-free mechanism for a recipient to transmit a request not to receive future facsimile advertisements.

Operating a cost-free mechanism to accommodate opt-out requests should be a cost of doing business in the fax advertising field.  Costs of maintaining a toll-free number are declining, especially with the advent of VOIP services.  Furthermore, the teleservices industry frequently creates compliance technologies, and the costs of these technologies decline as more businesses use them.

Again, small businesses should not be able to engage in cost-shifted advertising and then impose more costs on recipients by making them call a long distance number to opt out.

Placing the cost on the sender gives the sender an economic incentive to actually answer the phone and honor opt out requests.  If the recipient must call a long distance number, there is little incentive to answer and promptly process the opt out request.

    In addition, the Commission seeks comment on whether the Commission needs to enumerate specific ``cost-free'' mechanisms for a recipient to transmit a do-not-fax request, and, if so, the Commission seeks comment on what those specific mechanisms should be. For instance, should the provision of a toll-free telephone number, website, or email address for receiving do-not-fax requests, comply with this requirement? Should a local telephone number be considered a ``cost-free'' mechanism if the unsolicited facsimile advertisements are sent only to local consumers?

To accommodate digital divide issues, the Commission should require a cost-free mechanism that can be employed by phone or fax.  Many Americans do not have Internet access, and so at a minimum, a telephone-based mechanism should be supplied.  Additionally, requiring individuals to provide an e-mail address for opting out presents a new risk: that their address will be used for spam.

There should be reliability guarantees in the operation of the opt out mechanism.  That is, the FCC should specify that the opt out mechanism must operate reliably.  Furthermore, the Commission should spot check compliance with keeping the mechanism operational and functioning.

Request to Opt-Out of Future Unsolicited Advertisements

The Commission seeks comment on whether the Commission's rules should reflect that a do-not-fax request terminates the EBR exemption with the sender of the facsimile even if the recipient continues to do business with the sender.

The do-not-fax request should terminate the EBR even if the recipient continues to do business with the sender.  There are many examples of relationships where consumers continue to do business with a company but limit that company's marketing channels.  Individuals should be able to continue to use a business without causing more junk faxes to be sent.

The Commission seeks comment on whether to specify that if the sender of the facsimile advertisement is a third party agent or fax broadcaster that any do-not-fax request sent to that sender will extend to the underlying business on whose behalf the fax is transmitted.

In light of the recent Fax.com and American Blast Fax cases, we think the Commission should take aggressive action against fax broadcasters.  Faxes sent by broadcasters should identify the broadcaster and the underlying businesses.  Furthermore, one should be able to out from the underlying businesses' marketing, and all marketing performed by the broadcaster.

Respectfully Submitted,

/s/

Chris Hoofnagle
Attorney for the Electronic Privacy Information Center
West Coast Office
944 Market St. #709
San Francisco, CA 94102
415-981-6400

January 18, 2006


[1]  Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991, 70 Fed. Reg. 75102 (Dec. 19, 2005).

[2] Christina Binkley, Numbers Game, Taking Retailers' Cues, Harrah's Taps Into Science of Gambling, Wall Street Journal, Nov. 22, 2004, available at http://online.wsj.com/article/0,,SB110107789091980299,00.html.

[3] Comments of Robert Biggerstaff, Docket 05-338, filed Jan. 9, 2006, available at http://gullfoss2.fcc.gov/prod/ecfs/retrieve.cgi?native_or_pdf=pdf&id_document=6518307829.

[4] Lisa Napoli, Crusaders Against Junk Faxes Brandish Lawsuits, The New York Times, Dec. 16, 2003, p C1

[5] Ting v. AT&T, 182 F. Supp. 2d 902 (2002), defendant phone company commissioned research to design notices so that consumers would not read them).


EPIC Privacy Page | EPIC Home Page

Last Updated: January 18, 2006
Page URL: http://www.epic.org/privacy/telemarketing/jfpacom11806.html