Information Intersection > Troutman Sanders LLP

Summary Judgment Motion is Filed in TCPA Class Action Involving Airbag Recall

BY JULIE D. HOFFMEISTER AND DAVID N. ANTHONY

According to the complaint in Ibrahim v. American Honda Motor Co., Inc., defendants Sterircycle, Inc. and Stericycle Communication Solutions, Inc. (collectively referred to herein as “Stericycle”) violated the Telephone Consumer Protection Act by making unauthorized telephone calls using a prerecorded or artificial voice to the cellular telephones of individuals throughout the nation.

Stericycle’s calling program started after Honda commenced a recall of defective airbags from vehicles that it sold in the United States.  To expedite its airbag recall, Honda allegedly engaged in an automated calling operation to alert owners of the affected vehicles.  Stericycle, a provider of automated calling services to companies conducting recalls of their products, made the calls on behalf of Honda.  Some of these calls were supposedly made to telephone numbers of individuals who never owned a Honda, like the named plaintiff, Wasif Ibrahim.  Ibrahim claims that he has received nearly a dozen phone calls to his cell phone since January 2016.

Ibrahim’s class action complaint seeks to certify a nationwide class of persons who, within four years prior to the commencement of the litigation, received one or  more telephone calls from Stericycle featuring a prerecorded or artificial voice message relating to a product recall, where the called party was not, according to Stericycle’s records, the intended recipient of the call, or who did not consent to be called.

On December 19, Stericycle filed a motion for summary judgment, arguing that “Plaintiff’s claim is not only meritless, it is dangerous.”  Stericycle contends that its calling program falls squarely within the TCPA’s “emergency purpose” exception, and further argues that “this lawsuit challenges the lawfulness of phone calls that are saving lives.”  Stericycle concluded its motion by stating: “Lives depend on reaching car owners as quickly as possible.  That urgency may make ‘wrong number’ calls more likely, but that makes it even more imperative that outreach efforts enjoy the protection of the emergency exception.”

The motion was scheduled for presentment before the United States District Court for the Northern District of Illinois on December 23.  We will continue to monitor the developments in this case.

December 28, 2016   No Comments

Federal Communications Commission Chairman Tom Wheeler Announces Resignation on Dec. 15, 2016, Signaling Potential Reform to the Telephone Consumer Protect Act (TCPA)

BY DAVID N. ANTHONY, ALAN D. WINGFIELD, JONATHAN FLOYD AND JIM TREFIL

Federal Communications Commission Chairman Tom Wheeler said Thursday that he’ll step down from his post on Jan. 20, 2017. Wheeler was appointed by President Obama three years ago to lead the FCC. Prior to his October 2013 confirmation as the 31st chairman of the FCC, Wheeler served as managing director at venture capital firm Core Capital Partners. He was president of NCTA (now “the Internet & Television Association”) from 1979 to 1984 and led the CTIA (now “the Wireless Association”) from 1992 to 2004.

Wheeler’s announced departure is not unusual, as FCC chairmen traditionally resign when a new Administration arrives. “Sitting in this chair has been the great privilege of my professional career,” Wheeler said as the FCC’s open commission meeting on Thursday concluded. “I want to thank all of my colleagues. It has been a team effort.”

Tom Wheeler’s tenure at the FCC is highlighted by an expansive interpretation of the Telephone Consumer Protection Act (TCPA) in a series of rulings culminating in the Commissioners’ landmark 2015 declaratory order. That order, the capstone of Wheeler’s pro-TCPA faction at the FCC, expanded the reach of the TCPA in multiple ways and significantly increased risks for businesses of all types attempting to contact consumers by telephone. These rulings have facilitated a tidal wave of TCPA litigation that set new records every year, as well as and hundreds of millions of dollars of litigation settlements by legitimate businesses making legitimate calls for legitimate reasons. If TCPA filing activity holds steady through December, it could reach 5,000 lawsuits filed in 2016 alone.

In October 2016, the federal appeals court for the District of Columbia Circuit heard oral arguments in ACA International, et al. v. FCC, appealing the 2015 declaratory order. Also pending is control of the FCC shifting to a majority that is likely to reflect the view that the FCC has fundamentally overstepped its bounds in its aggressive regulatory acts. While it is too soon to know whether the shift in control will result in a dramatic shift in regulatory direction, there are a number of relatively easy measures the new majority to take actions to significantly shift the regulatory status quo under the TCPA to scale back the most extreme parts of the FCC’s current positions. Between the pending appeal and the change in control at the FCC, 2017 is shaping up to a watershed year for the TCPA.

In the interim, Republican FCC commissioner Ajit Pai is expected to be named interim chairman. He’s also seen as a contender for appointment as Chairman by President-Elect Donald Trump.

December 21, 2016   No Comments

Medical Services Company to Pay $9.25M in TCPA Class Action Settlement

BY JULIE D. HOFFMEISTER AND DAVID N. ANTHONY

The United States District Court for the Eastern District of Louisiana recently granted final approval of a $9.25 million Telephone Consumer Protection Act class action against Advanced Care Scripts, Inc. (“ACS”).

According to the class action complaint, ACS engages in the management and dispensing of specialty medications and oral oncology products.  To advertise their services, ACS allegedly blasted thousands of junk faxes to businesses, including the named plaintiff, Jefferson Radiation Oncology, LLC, without obtaining the businesses’ prior express consent to do so.

After engaging in litigation for nearly a year, the parties reached a class action settlement consisting of a $9.25 million settlement fund, with $20,000 being awarded to the class representative and $1.85 million for attorneys’ fees.  The settlement class consists of “all persons and entities that received facsimile transmission from Advanced Care Scripts or its vendor that advertise, promote, or describe Advanced Care Scripts’ products or services and do not contain” an opt-out notice advising recipients of their right to stop future junk faxes.  The class consists of approximately 24,000 individuals and entities.  No members of the settlement class objected to the proposed settlement, and only one class member opted out.

December 16, 2016   No Comments

Insurer Denies Coverage in TCPA Class Action

BY JULIE D. HOFFMEISTER AND DAVID N. ANTHONY

As we previously reported, US Coachways entered into a $49.9 million Telephone Consumer Protection Act class action settlement.  Because the motor coach leasing company could not fund the settlement, the company tendered a claim for the action to its insurer, Illinois Union Insurance Company, who subsequently denied coverage to US Coachways.  US Coachways assigned its rights against the insurer to the named plaintiff and the putative class members.

Illinois Union has now filed a declaratory action suit in New York federal court seeking a judgment that it has no coverage obligations for the underlying lawsuit.  Specifically, the insurer alleges that the policy at issue is limited to actions that fall within “the performance of professional services as a bus charter broker for others for a fee.”  Illinois Union argues that the underlying TCPA class action did not arise from the performance of such services.  “Rather, the underlying lawsuit arose from the alleged use of the ATDS to transmit text messages for advertising purposes only, and does not contain any allegations unique to the performance of the US Coachways’ services as a bus charter broker.”

This new lawsuit serves as a reminder to companies of the importance of reviewing their insurance policies and ensuring comprehensive coverage, especially for TCPA class actions.  We will continue to monitor the developments in this case.

December 16, 2016   No Comments

Telephone Company Settles TCPA Class Action for $11 Million

BY JULIE D. HOFFMEISTER AND DAVID N. ANTHONY

On December 14, the parties in Mey v. Frontier Communications Corp. filed a motion for preliminary approval of a settlement of a Telephone Consumer Protection Act class action.

According to the Complaint, Frontier, a telephone company that offers voice, broadband, satellite video, and wireless internet data access for individuals and small businesses, uses telemarketing to generate sales.  Frontier supposedly called the named plaintiff on two occasions in 2013.  Plaintiff claims that the calls were made using an automatic telephone dialing system to telephone numbers that were on the national Do Not Call Registry.

After more than three years of litigation, the parties reached a class settlement.  The settlement class consists of all persons within the United States to whom Frontier, or any party acting on Frontier’s behalf, since August 20, 2009: (a) initiated more than one telemarketing call within a 12-month period to any number on the national Do Not Call Registry; and/or (b) initiated one or more telemarketing calls [to any number] assigned to a paging service, cellular telephone service, specialized mobile radio service, or other radio common carrier service, or any service for which the called party is charged for the call.

The class consists of 36,219 unique telephone numbers.  The settlement class will share an $11 million common fund, with each class member to receive at least $90 and the balance of the fund to be divided on a per-call basis to class members who received multiple calls.

The Frontier settlement is the latest in a string of recent TCPA class action settlements affecting a wide range of industries.

December 15, 2016   No Comments

Responding to a Data Breach: The FTC’s Guide

BY MEGAN C. NICHOLLS, RONALD I. RAETHER, JR. AND MARK C. MAO

The FTC issued a new video and updated guide for businesses on how to respond to a data breach.  The three steps identified in the guide and discussed in the video are:

  1. Secure your operations – This step focuses on preventing further attacks due to the same vulnerabilities.
  • Mobilize your breach response team
  • Engage a third-party forensics investigator, if appropriate, and legal counsel
  • Secure the physical perimeter
  • Take affected equipment offline, but leave the equipment turned on so your forensics investigator can evaluate the equipment effectively
  • Change usernames and passwords
  • Ensure your website is not displaying personal information
  • Ensure other websites are not displaying the data exposed during the breach
  • Interview witnesses
  • Preserve evidence
  1. Fix vulnerabilities – This step focuses on fixing the root cause of the security incident.
  • If the breach involved a third-party service provider, determine if you need to change their privileges to limit the personal information they can access
  • Determine if your segmentation plan was effective, possibly with the help of your forensics investigator
  • Gather facts about the breach
  • Create a plan to communicate about the breach to affected audiences (such as employees, consumers, and business partners)
  1. Notify appropriate parties – This step is focused on who needs to be notified that a breach has occurred.  The guide provides a model notification letter that may be used in the event of a breach.
  • Determine who you are legally required to notify and when you are required to notify such individuals, governmental bodies, or businesses
  • Notify your local police department
  • If the breach involved electronic health information, make sure to look at the HIPAA Breach Notification Rule and the FTC’s Health Breach Notification Rule

As may be obvious, the key to an effective data breach response is adequate preparation before a breach occurs.  Businesses should proactively consider having: (1) a data breach response team informed and ready to respond in case a security incident is discovered; (2) an effective communication plan to involve legal counsel as soon as possible to preserve privilege; and (3) a documented incident response plan to guide the data breach response team and legal department through the steps identified above.  Additionally, businesses may find that conducting mock data breach exercises help prepare and build confidence in the individuals that will be required to act quickly and effectively when a breach occurs.

The Cyber Security, Information Governance & Privacy team at Troutman Sanders maintains a 50-state survey on data breach laws, which can be found here.  Because of our team’s technical background, we are uniquely positioned to understand your business’s information technology concerns and to help you address any risks from a legal perspective.  We advise businesses throughout their data security lifecycle, from developing a pragmatic incident response plan to assisting with data breach identification, response, and recovery efforts.

December 1, 2016   No Comments

Cross-Motions for Summary Judgment Filed in Costco FCRA Class Action

BY JULIE D. HOFFMEISTER AND DAVID N. ANTHONY

As we previously reported, the named plaintiff in Paci v. Costco Wholesale Corporation filed a Fair Credit Reporting Act putative class action against Costco alleging that the retailer’s receipts contained more digits of the payment card’s account number than is permitted under the Act.

The parties recently filed cross-motions for summary judgment.  Costco argued that it did not violate the Act because the “extra” six digits permissibly revealed only the type of card Paci used for her purchases and not any personal information.  Those first six digits are identical on all cards, Costco stated.  Costco also argued that the statute only applies to receipts provided to customers “at the point of sale or transaction.”  Here, in contrast, Paci received the receipt in an area separate and apart from the cash registers.  Costco finally argued that Paci lacks Article III standing to maintain her class action  because the receipt at issue has been secured in a file cabinet since she received it, and she has never established how the receipt could have been used to facilitate identity theft.

In her summary judgment motion, Paci argued that discovery “has confirmed that the receipt is printed within a Costco store and that the machine that prints the subject receipt is part of Costco’s point of sale system,” thus entitling Paci to judgment as a matter of law.  Paci also argued that she satisfies Article III standing requirements.  According to Paci, “[t]he plain language of the statute . . . indicates that the violation, the concrete harm, is completed once the electronically printed receipt is ‘provided to the cardholder at the point of sale or transaction.’”  She concludes that an invasion of a legally protected interest is sufficient to satisfy Article III.  Paci also briefly argues that expending time to protect her receipt instead of simply throwing out her receipt could also constitute concrete injuries.

The motions are expected to be fully briefed by the beginning of January.  We will continue to monitor the case and report on the Court’s ultimate decision.

November 30, 2016   No Comments

Text Messaging TCPA Class Action Against Workforce Staffing Company Results in $5 Million Settlement

BY JULIE D. HOFFMEISTER AND DAVID N. ANTHONY

In Joseph v. TrueBlue, Inc., the named plaintiff brought a Telephone Consumer Protection Act (TCPA) class action against the workforce staffing company for its alleged text messaging advertisements.  TrueBlue recently agreed to a $5 million settlement to end the case.

According to the amended class action complaint, TrueBlue sent text message “Job Alert” advertisements to Daniel Joseph and others.  Because of the volume of text messages he was receiving, Joseph decided to stop the text messages and texted the word “Stop” to TrueBlue.  Joseph received notice that “You have unsubscribed from [TrueBlue’s] job alerts.  You will receive no more messages.”  However, thereafter TrueBlue allegedly continued to send text messages to Joseph.

The case was litigated for nearly two years before the parties reached a settlement.  In September 2015, the Court granted preliminary approval of the parties’ class action settlement agreement.  The agreement provides for a $5 million settlement fund for “all 1,948 individuals identified in [TrueBlue’s] records that were sent a job alert text message after a request to unsubscribe to their cellular telephone from the same system that sent Plaintiff a job alert text message after his unsubscribe requests.”  TrueBlue also agreed to change its business practice to stop making or causing to be made automated calls and texts after stop requests.

On November 21, Joseph filed a motion for attorneys’ fees, costs, and a service award.  Specifically, he seeks more than $1.6 million in attorneys’ fees (or 33% of the common fund), over $14,000 in litigation expenses, and $10,000 as an incentive award.

A final approval hearing is set for February 6, 2017.

 

November 22, 2016   No Comments

FTC Issues Comments on NHTSA’s Federal Automated Vehicles Policy

BY MEGAN C. NICHOLLS, MARK C. MAO AND RONALD I. RAETHER, JR.

On November 21, the Director of the Bureau of Consumer Protection of the Federal Trade Commission commented on the National Highway Traffic Safety Administration’s Federal Automated Vehicles Policy.  The Director opened the comment with a brief review of the FTC’s focus on privacy and security efforts related to connected devices and the Internet of Things:  (1) enforcement actions against manufacturers of connected devices; (2) writing reports and holding workshops to discuss privacy issues with connected devices; and (3) consumer and business education on privacy and data security issues.

The Director’s comments on the NHTSA’s Policy were positive in nature and focused on four key themes that are prevalent throughout the FTC’s privacy and data security activities.  First, the Director recognized the challenging privacy issue that data sharing can bring.  On the one hand, data sharing, particularly with respect to performance information of autonomous vehicles, could give industry participants a wealth of knowledge from which a variety of issues may be addressed that may not become as readily apparent if the information were not shared.  On the other hand, depending on the nature of the information that is shared, consumer privacy issues may arise.  Thus, the Director and the NHTSA acknowledged that stripping the personally identifiable information of consumers from the data collected through autonomous vehicles would help to protect consumer privacy while still allowing the manufacturers (and consumers) to realize the benefits of sharing this valuable information.

Second, the Director noted the importance of requiring vehicle manufacturers to publish public-facing privacy policies focused on FTC guidance and the Consumer Privacy Bill of Rights.  Importantly, companies should accurately state their information collection and use practices in their privacy policies, or potentially face an enforcement action by the FTC.

The Director’s third and fourth comments related to cybersecurity.  The Director commended the NHTSA Policy’s recognition of cybersecurity risks potentially posed by autonomous vehicles and its emphasis on the importance of product development in addressing threats and vulnerabilities.  In order to fully and completely address these threats and vulnerabilities, the Director agreed with the NHTSA that companies involved with autonomous vehicles should share their cybersecurity experiences throughout the industry.  As noted above, the more information that is shared, the greater the likelihood that the industry will be able to proactively identify threats and mitigate or prevent security incidents.  As long is the information is shared properly, antitrust issues are not likely to come into play, the Director noted.

However, what standards the NHTSA and FTC will ultimately recommend remains to be seen.  Although both have clearly indicated that cybersecurity is important, government and industry are now locked in intense debates over whether “security and safety” also requires that companies share more user data with government than is typically required in other industries.  The outcome of such discussions will likely impact what technologies for cybersecurity are ultimately viable for automated vehicles.

November 22, 2016   No Comments

Parties Seek Final Approval of $2.15 Million TCPA Class Action Settlement Against Marketing Services Company

BY JULIE D. HOFFMEISTER AND DAVID N. ANTHONY

On November 17, the named plaintiff in Toney v. Quality Resources, Inc., et al. asked an Illinois federal court for final approval of a Telephone Consumer Protection Act (TCPA) class action settlement agreement.

As background, in December 2012, Sarah Toney ordered three pairs of children’s slippers online from a website operated by Stompeez.  The website required Toney to provide her telephone number in order to complete the order.  The site specified that the phone number would be used “for questions about order.”  Toney subsequently began to receive telephone calls on her cell phone, and she claimed that the calls were made by Quality Resources, Inc. as a part of a combined and concerted telemarketing effort.  More specifically, Stompeez allegedly sold Toney’s and the putative class members’ information to Quality Resources.  Quality Resources would contact consumers to confirm that the consumers’ contact information was correct and also to engage in an “up sell” to the consumer, in order to sell other goods and services of Sempris LLC, unrelated to Stompeez or Quality Resources.  Toney filed her class action complaint against the companies in January 2013.

After more than three years of litigation, the parties reached a settlement, which was preliminarily approved by the Court in August 2016.  The settlement provides that Sempris will pay $2.15 million into a common fund.  The settlement class consists of “all persons who are or were the subscribers and/or customary users of the telephone numbers on the Class List, and to whom, from January 3, 2009 through the date of preliminary approval, Quality Resources, Inc., made a call or calls in connection with Stompeez Kids Slippers purchases.”  According to records obtained in discovery, there are 64,106 unique telephone numbers attributable to the settlement class members.

Because the Settlement only resolves claims against Sempris, and leaves open claims against Quality Resources, Sempris has also agreed to assign the Plaintiff and the settlement class any rights to indemnity or subrogation against Quality Resources for claims arising out of this action.

Troutman Sanders will continue to monitor the case for the Court’s order granting final approval.

November 18, 2016   No Comments