Welcome to “A Moment of Privacy,” a newsletter brought to you by the Privacy and Data Security Practice Group at Proskauer Rose LLP.
“A Moment of Privacy” addresses one legal development each month in the area of privacy and data security law. We answer the questions our clients are asking, in a way that we hope gives practical information to our readers. If you send us your question, you may find your answer in an upcoming newsletter.
And now for this month’s question:
Q: My company is considering marketing to consumers’ wireless devices using text messaging (“SMS”). We heard that a large U.S. merchant recently entered into a settlement in a class action, under which it will have to pay $7 million. What happened in this case, and what can we learn from it?
A: On September 10, 2008, Timberland Company, an outdoor clothing and shoe merchant, along with co-defendant ad agencies GSI Commerce Inc. (“GSI”) and AirIt2Me Inc. (“AirIt2Me”), settled charges brought under the Telephone Consumer Protection Act (“TCPA”) arising from unsolicited text messages advertising Timberland’s holiday sale. Pursuant to the settlement, Timberland must employ best practices in future marketing, and must pay $7 million into a fund for distribution to the class. Prior to any future mobile marketing campaign, GSI agreed to circulate to its marketing personnel a copy of the Mobile Marketing Association’s Consumer Best Practices guidelines, and to establish meaningful training and compliance checks in connection with those guidelines. Additionally, the defendants must pay class counsel a maximum amount of $1,750,000. The settlement has been agreed to by all parties, but is still subject to final approval by the court.
The event underlying the action was a mobile marketing campaign. The plaintiffs alleged that Timberland contracted with AirIt2Me and GSI for the promotion of a holiday sale in 2005. As a part of the promotion, Timberland, by and through these agents, allegedly sent thousands of unsolicited SMS text messages to potential customers' cell phones. Two recipients of the text message initiated a class action alleging violation of the TCPA, which prohibits unsolicited voice and text calls to cell phones, using an auto-dialing system, unless the recipient has given prior consent. The statute also prohibits companies from initiating telephone solicitations to individuals on the national Do-Not-Call list, unless the individual has given prior express consent or has an established business relationship with the company.
What should my company be doing to avoid a similar situation?
Any company engaging in a mobile marketing campaign should utilize a strategy that meets its business objectives, but also takes the appropriate steps to protect itself from potential liability under the applicable laws. In the case of text messages, a company must obtain an “opt-in” to send messages to a mobile device. This settlement illustrates the high pay-outs that can result from legal actions. Violations of the TCPA can result in statutory damages of $500 per violation (i.e., for each individual text message).
When undertaking these types of campaigns, companies must comply with both the TCPA and the Controlling the Assault of Non-Solicited Pornography and Marketing Act (“CAN-SPAM”), as well as the various state laws that apply to mobile promotional messaging. All of these laws require companies to obtain express consent from individuals before sending promotional messages to their wireless devices. In addition to these statutes, both the Mobile Marketing Association and the Wireless Association have best practice guidelines to provide companies with guidance in crafting marketing policies. Companies should review their mobile marketing policies to ensure they are compliant, and should distribute these policies to all applicable employees and agents. In addition, when utilizing any third-party agent to facilitate mobile marketing campaigns, a company should require that the agent is complying fully with the applicable laws and regulations. Any contracts with third-parties should include warranties and indemnification as to these requirements.
Have a question? E-mail Kristen J. Mathews at kmathews@proskauer.com.