AGENCY:
Federal Communications Commission.
ACTION:
Final rule.
SUMMARY:
In this document, the Commission adopts rules to implement those aspects of the Controlling the Assault of the Non-Solicited Pornography and Marketing Act of 2003 (CAN SPAM Act) directed to the Federal Communications Commission (FCC or Commission). Also, in this document, the Commission adopts a general prohibition on sending commercial messages to any address referencing an Internet domain name associated with wireless subscriber messaging services. Furthermore, the Commission clarifies the delineation between these new rules implementing the CAN SPAM Act and our existing rules concerning messages sent to wireless telephone numbers under the Telephone Consumer Protection Act (TCPA).
DATES:
Effective October 18, 2004 except § 64.3100(a)(4), (d), (e) and (f) of the Commission's rules, which contain information collection requirements under the Paperwork Reduction Act (PRA) that are not effective until approved by Office of Management and Budget (OMB). Written comments by the public on the new and modified information collections are due November 15, 2004. The Commission will publish a document in the Federal Register announcing the effective date for these rules.
ADDRESSES:
Federal Communications Commission, 445 12th Street, SW., Washington, DC 20554. In addition to filing comments with the Secretary, a copy of any comments on the Paperwork Reduction Act (PRA) information collection requirements contained herein should be submitted to Judith B. Herman, Federal Communications Commission, Room 1-C804, 445 12th Street, SW., Washington, DC 20554, or via the Internet to Judith-B.Herman@fcc.gov, and to Kristy L. LaLonde, OMB Desk Officer, Room 10234 NEOB, 725 17th Street, NW., Washington, DC 20503, via the Internet to Kristy_L._LaLonde@omb.eop.gov, or via fax at (202) 395-5167.
FOR FURTHER INFORMATION CONTACT:
Ruth Yodaiken, of the Consumer & Governmental Affairs Bureau at (202) 418-7928 (voice), or e-mail Ruth.Yodaiken@fcc.gov. For additional information concerning the PRA information collection requirements contained in this document, contact Judith B. Herman at (202) 418-0214, or via the Internet at Judith-B.Herman@fcc.gov.
SUPPLEMENTARY INFORMATION:
This Order contains new or modified information collection requirements subject to the PRA of 1995, Public Law 104-13. These will be submitted to the Office of Management and Budget (OMB) for review under section 3507(d) of the PRA. OMB, the general public, and other Federal agencies are invited to comment on the new or modified information collection requirements contained in this proceeding. The Order addresses issues arising from Rules and Regulations Implementing the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003; Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991 Notice of Proposed Rulemaking (NPRM), CG Docket Nos. 02-278 and 04-53; FCC 04-52. Copies of any subsequently filed documents in this matter will be available for public inspection and copying during regular business hours at the FCC Reference Information Center, Portals II, 445 12th Street, SW., Room CY-A257, Washington, DC 20554. The complete text of this decision may be purchased from the Commission's duplicating contractor, Best Copy and Printing, Inc. (BCPI), Portals II, 445 12th Street, SW., Room CY-B402, Washington, DC 20554. Customers may contact BCPI, Inc. at their web site: www.bcpiweb.com or call 1-800-378-3160. To request materials in accessible formats for people with disabilities (Braille, large print, electronic files, audio format), send an e-mail to fcc504@fcc.gov or call the Consumer & Governmental Affairs Bureau at (202) 418-0530 (voice) or (202) 418-0432 (TTY). This Order can also be downloaded in Word and Portable Document Format (PDF) at: http://www.fcc.gov/cgb/pol.
Paperwork Reduction Act of 1995 Analysis
This Order contains new or modified information collection requirements. The Commission, as part of its continuing effort to reduce paperwork burdens, invites the general public to comment on the information collection requirements contained in the Order as required by the Paperwork Reduction Act (PRA) of 1995, Public Law 104-13. Public and agency comments are due November 15, 2004. In addition, the Commission notes that pursuant to the Small Business Paperwork Relief Act of 2002, Public Law 107-198, see 44 U.S.C. 3506(c)(4), we previously sought specific comment on how the commission might “further reduce the information collection burden for small business concerns with fewer than 25 employees.” In the present document we have assessed the effects of adopting these rules, and find that there may be an administrative burden on businesses with fewer than 25 employees. However, since this action is consistent with our mandate from Congress under the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, we believe small businesses will also benefit from this requirement in that they too will receive less unwanted commercial messages. In addition, the rules allow entities and persons a variety of ways to obtain express prior authorization to send such messages, which should substantially alleviate any burdens imposed on all businesses, including those with fewer than 25 employees.
Synopsis
In this Order, the Commission adopts rules to implement those aspects of the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN SPAM Act) directed to the Federal Communications Commission (FCC or Commission). The CAN SPAM Act directs the Commission to issue regulations to protect consumers from “unwanted mobile service commercial messages.” Thus, we adopt a general prohibition on sending commercial messages to any address referencing an Internet domain name associated with wireless subscriber messaging services. To assist the senders of such messages in identifying those subscribers, we require that commercial mobile radio service (CMRS) providers submit those domain names to the Commission, for inclusion in a list that will be made publicly available. We also clarify the delineation between these new rules implementing the CAN SPAM Act, and our existing rules concerning messages sent to wireless telephone numbers under the Telephone Consumer Protection Act (TCPA).
Discussion
A. Mobile Service Commercial Message (MSCM)
Section 14 (b)(1) of the CAN SPAM Act requires that the Commission adopt rules to provide subscribers with the ability to avoid receiving a “mobile service commercial message” unless the subscriber has expressly authorized such messages beforehand. An MSCM is defined in the CAN SPAM Act as a “commercial electronic mail message that is transmitted directly to a wireless device that is utilized by a subscriber of commercial mobile service” as defined in 47 U.S.C. 332(d) “in connection with that service.” The CAN SPAM Act defines an electronic mail message as a message having a unique electronic mail address that includes “a reference to an Internet domain.”
In the CAN SPAM NPRM, we asked whether it was appropriate to find that only commercial electronic mail messages transmitted directly to a wireless device used by a CMRS subscriber would fall within the definition of MSCMs under the CAN SPAM Act. We sought comment on whether the statutory language would be satisfied by our proposed interpretation that an MSCM is a message transmitted to an electronic mail address provided by a CMRS provider for delivery to the addressee subscriber's wireless device. We asked for comment on whether an MSCM must be limited to a message sent to a wireless device used by a subscriber of CMRS “in connection with that service.”
Few commenters directly addressed the scope of MSCMs, aside from references to forwarding, SMS, and similar technology discussed below. We agree with Dobson that the definition of MSCM should be limited to messages sent to addresses referencing domain names assigned by each CMRS carrier for mobile service message (MSM) service. This is consistent with the intent of the CAN SPAM Act in that section 14 of the CAN SPAM Act governs only those messages that are mobile services messages. We therefore adopt a definition of MSCM that is limited to a message transmitted to an electronic mail address provided by a CMRS provider for delivery to the subscriber's wireless device. Our definition of MSCM only applies to those CMRS mail addresses designated by carriers specifically for mobile service messaging. For example, if a wireless carrier offered general electronic mail service not designed specifically for mobile devices, such service would not be covered by section 14 of the CAN SPAM Act. Forwarded messages. We sought comment on our tentative conclusion that messages “forwarded” by a subscriber to his or her own wireless device are not covered under section 14 of the CAN SPAM Act. Commenters agree with the Commission that section 14 of the CAN SPAM Act is not meant to cover forwarding in general. The Consumers Union warned the Commission not to allow the exclusion of “forwarded” messages to become a loophole for marketers who encourage others to forward messages to their friends and associates. We agree that the rules should exclude those messages forwarded by the subscriber's actions to forward messages to his or her own wireless device. However, a person who receives consideration or inducement to forward a commercial message to a wireless device other than his or her own device would be subject to the rules implementing section 14 of the CAN SPAM Act. In addition, VeriSign notes that some technologies being explored would allow for differentiation of forwarded mail from other mail. We do not rule out revisiting this issue in the future if such technology becomes widely available.
SMS Messages: In the NPRM, we asked for comment on whether the definition of an MSCM should include messages using different technologies, including Internet-to-phone SMS. We noted that the TCPA and Commission's rules that specifically prohibit using automatic telephone dialing systems to call wireless numbers already apply to any type of call, including both voice and text calls. We also noted in the NPRM that the legislative history of The CAN SPAM Act suggests section 14, in conjunction with the TCPA, was intended to address wireless text messaging. We proposed that Internet-to-phone SMS calls, which include addresses that reference Internet domains, should be considered MSCMs and should be addressed under section 14 of the CAN SPAM Act.
Commenters in general agree with our proposal that Internet-to-phone SMS calls should be covered by section 14 of the CAN SPAM Act. National Association of Attorneys General (NAAG) and other commenters argue that the FCC should also address all SMS, whether Internet-to-phone or phone-to-phone SMS service. Several commenters raise the issue of whether MSCMs should include all types of message services, including those transmitting images, audio messages and those using short codes.
We conclude that the definition of MSCM under the CAN SPAM Act includes any commercial electronic mail message as long as the address to which it is sent or transmitted includes a reference to the Internet and is for a wireless device as discussed above. This holds true regardless of the format of the message, such as audio messages. We believe this interpretation best applies the statutory language to the evolving technology for delivering such messages. Therefore, messages sent using Internet-to-phone SMS technology are among messages covered by section 14 of the CAN SPAM Act when they include an Internet reference in the address to which the message is sent or delivered.
We find, however, that the CAN SPAM Act does not apply to those technologies that use other types of addresses or numbers to send or deliver messages to wireless devices. For example, as discussed above, we agree with those commenters who maintain that phone-to-phone SMS is not captured by section 14 of the CAN SPAM Act because such messages do not have references to Internet domains. However, we note that while section 14 of the CAN SPAM Act is limited in scope to messages sent or transmitted to addresses that have references to Internet domains, the TCPA provides separate protections for calls made to wireless telephone numbers (without such references). And, as we explained in the NPRM and a previous Commission Order, the TCPA prohibition on using automatic telephone dialing systems to make calls to wireless phone numbers applies to text messages (e.g., phone-to-phone SMS), as well as voice calls. We clarify here that this prohibition applies to all autodialed calls made to wireless numbers, including audio and visual services, regardless of the format of the message.
B. Avoiding Unwanted MSCMs
As a preliminary matter, we noted in the NPRM that one possible interpretation of section 14 of the CAN SPAM Act is that it was intended to prohibit senders of commercial electronic mail from sending any MSCMs unless they first obtain express authorization from the recipient. This reading would allow a subscriber to avoid all MSCMs unless the subscriber acts affirmatively to give express prior authorization to receive messages from individual senders. Another interpretation of this provision is that Congress intended the subscriber to take affirmative steps to avoid receiving MSCMs by indicating his or her desire not to receive such messages.
Most commenters argue that Congress intended section 14 of the CAN SPAM Act to be a flat prohibition on sending MSCMs unless authorized by a given subscriber, and that such a prohibition is, in fact, necessary to protect subscribers. NAAG indicates that wireless devices are often used not for receiving commercial messages, but rather as security and safety devices—for emergencies and to communicate with family members. NAAG contends that Congress intended to craft a flat prohibition unless the consumer first consented to receive the messages, and that any rule treating inaction by the consumer as consent to receive any commercial messages would conflict with Congressional intent. The Direct Marketing Association (DMA) argues that the prohibition should apply only to messages for which the recipient must pay. The National Association of Realtors (NAR) contends that a general prohibition without certain exceptions would harm small businesses.
We conclude that wireless subscribers would be best protected by a flat prohibition on sending MSCMs unless express prior authorization has been obtained from the subscriber. We agree that wireless devices are not ones on which subscribers would expect to receive commercial messages. We agree that it is the intrusive nature of such messages, in addition to the costs to receive them, which necessitates our adopting a ban unless the consumer has taken some action to invite them. We believe that NAR's concerns about the burden on small businesses are addressed by the exemption for express prior authorization, discussed below.
Verizon Wireless argues that a prohibition without an exemption for wireless providers would violate the First Amendment. We disagree. A flat prohibition here satisfies the criteria set forth in Central Hudson Gas & Elec. v. Pub. Serv. Comm. of N.Y., in which the Supreme Court established the applicable analytical framework for determining the constitutionality of a regulation of commercial speech. Under the framework established in Central Hudson, a regulation of commercial speech will be found compatible with the First Amendment if (1) there is a substantial government interest; (2) the regulation directly advances the substantial government interest; and (3) the proposed regulations are not more extensive than necessary to serve that interest.
Under the first prong, we find that there is a substantial governmental interest in protecting privacy. Congress found that “there is a substantial government interest in regulation of commercial electronic mail on a nationwide basis.” Specifically, Congress found that (1) electronic mail has become an extremely important and popular means of communication, (2) that the convenience and efficiency of electronic mail are threatened by the high volume of unsolicited commercial electronic mail, (3) that the receipt of unsolicited commercial electronic mail may result in costs for storage and/or time spent accessing, reviewing, and discarding such mail, and (4) that the growth in such electronic mail imposes significant monetary costs on providers of Internet access services, businesses, and educational and nonprofit institutions. NAAG notes that in addition to being intrusive in general, unwanted calls to wireless devices use battery power and interfere with a consumer's ability to use devices during emergencies.
We find that the rules we adopt today will advance those interests, and do so with regulations that are no more extensive than necessary. Under the second prong, the method we adopt directly advances the government's interest by alerting senders to the electronic mail addresses that are associated with mobile services and prohibiting the sending of such messages to wireless devices. Under the third prong, we have reviewed other possible options and we believe the method we adopt today, tailored to affect only those addresses associated with mobile service, is no more extensive than necessary. In addition, senders of such messages may continue to contact recipients that have provided express prior authorization to do so. Our conclusion is also consistent with Court of Appeals decisions regarding First Amendment challenges to the TCPA. We conclude we have the authority and a mandate to adopt measures to protect the public from such messages. We believe that a prohibition, combined with a domain name list as discussed below, is the most effective method, but it is no more extensive than necessary, to accomplish that end.
1. List of Wireless Domain Names
In the NPRM we noted that a key problem with regulating MSCMs, as opposed to messages sent to other devices such as desktop computers, is the current difficulty senders have in recognizing electronic mail addresses associated with wireless service and devices. Our task, therefore, differs substantially from that of the FTC's efforts to implement the CAN SPAM Act. We note that should the FTC or Congress take significant action to change the landscape of commercial electronic mail messaging, such as requiring labeling of all commercial electronic mail, the Commission may revisit the options discussed below.
We sought comment on several proposals to enable senders to recognize which addresses were associated with wireless devices. These included developing a list of domain names, requiring carriers to use standard subdomain names, requiring a registry of individual electronic mail addresses, incorporating challenge-response technology, and otherwise maximizing use of filters.
We believe that creating a list of Internet domain names associated with CMRS subscribers and prohibiting the sending of commercial messages to addresses using those domain names is the best option at this time to allow subscribers to avoid unwanted MSCMs. We believe that if senders are able to identify wireless subscribers by domain name, consumers and carriers alike will benefit. The record reveals that it is already industry practice for CMRS providers to use certain subdomains exclusively to serve their MSM subscribers and that these subdomains distinguish such customers from other customers. Therefore the burden on wireless providers, even small wireless providers, to supply such names for a directory would be minimal. In addition, we agree with those commenters who indicate that making available to senders of MSCMs a list of the domains used by wireless subscribers is the most efficient option to assist senders in complying with the rules.
Senders will need to check the list on a regular basis to avoid sending MSCMs to the domain names on the list. We believe that, due to the estimated small size of the list and the evidence that the list is anticipated to remain relatively static; the list is the option that imposes a burden that is no more extensive than necessary for senders as well. Furthermore, such a registry places no burdens on subscribers who wish to avoid unwanted MSCMs and it does not collect personal information about those subscribers. Subscribers need not change their electronic mail addresses or take any further action to avail themselves of the protections under section 14 of the CAN SPAM Act. Thus, despite the concerns of some commenters regarding other proposals in the NPRM, under this system wireless subscribers will not have to change addresses, and incur associated advertising and administrative costs, if they wish to avoid commercial electronic mail.
T-Mobile urges the Commission not to require wireless service providers to provide domain names for a domain name list. T-Mobile argues instead that a voluntary list would afford each provider the ability to choose whether to publicize its domain name. However, we note that many of these domain names are already widely known or publicly available. Congress has directed us to give all wireless consumers the ability to avoid unwanted MSCMs, and we have no authority to limit such protections to subscribers of those carriers that elect to submit a domain name to the list. Therefore, we decline to make the submission of domain names to the list voluntary for wireless providers.
Therefore, we require all CMRS carriers, including small carriers, to file with the Commission the names of all electronic mail domain names used to offer subscribers messaging specifically for mobile devices. Once we have obtained approval from the Office of Management and Budget (OMB) for information collections associated with these rules, the Commission will issue a separate public notice in this docket outlining the process for submitting this information and the timeframe for doing so. Carriers will also be required to file any updates to their listings with the Commission not less than 30 days before issuing subscribers a new or modified domain name. Carriers are encouraged to file updated information further in advance. In addition, to ensure the continued accuracy of the list, carriers must remove any domain name that has not been issued to subscribers or is no longer in use within 6 months of placing it on the list or last date of use.
We will make the official list of domain names available to the public from the FCC's website, in a similar fashion to the list of Section 255 Service Provider contacts. The list will be updated regularly. The Commission will issue a second public notice announcing the date on which senders of commercial electronic mail will have access to the domain name list from the Commission's website. Senders will then have an additional 30 days from the date the list becomes publicly available to comply with the rules to avoid sending MSCMs to wireless subscribers absent their express prior authorization.
As discussed above, to make such a list effective, we also adopt rules to prohibit the sending of any commercial message to an address that references a domain name on the Commission's domain name list, unless the sender has received the express prior authorization of the person or entity to which the message is sent or delivered. This prohibition only applies to “commercial” messages, as defined in the CAN SPAM Act, and as interpreted by the FTC. We note that in promulgating the rules we adopt today, we have incorporated portions of the CAN SPAM Act directly.
Persons initiating commercial messages would be expected to check the domain name list to ensure that they are not sending MSCMs without express prior authorization. While we will not require any person or entity to provide proof of when they consulted the domain name list, any person or entity may use as a “safe harbor” defense proof that a specific domain name was not on the list more than 30 days before the offending message was initiated. This “safe harbor” defense shall not excuse any willful violation of the ban on sending unwanted messages to wireless subscribers. Any person or entity will be considered in violation of the prohibition if the message is initiated knowingly to a subscriber of MSM service, even if it is sent within 30 days of the domain name appearing on the list. This prohibition applies to the entity on whose behalf the message is sent and to any other entity that knowingly transmits an MSCM without consulting the domain name list.
2. Other Proposals
Standard subdomain names. We decline at this time to require CMRS providers to adopt a standard subdomain name for wireless devices. In the NPRM we sought comment on two related proposals. First, we sought comment on whether it would be possible and useful to require the use of specific top-level and second-level domains, which form the last two portions of the Internet domain address. No commenter specifically addressed our proposal. Second, we sought comment on whether we should require one portion of the domain to follow a standard naming convention to be used for all MSM service. As we noted in the NPRM, unless we required use of a limited top-level domain, we have no way to prevent entities that do not provide MSM service from adopting such names. In addition, any ban associated with such a subdomain outside a limited top-level domain, could inadvertently ban commercial messages for any entities that happened to already have such subdomains. Thus, the sender would not be able to distinguish between those addresses which were truly used for wireless messaging, and other addresses.
Cingular, Nextel, VeriSign and Verizon Wireless caution the Commission against requiring subdomain naming standards. They note this would be costly for subscribers, especially small businesses, who could have large administrative costs to change their advertising and business materials to reflect a new address. Cingular states that a subdomain naming standard would also force carriers to absorb considerable costs. Carriers argue also that any cost to protect wireless subscribers from unwanted commercial mail should fall instead to the senders of such mail. While we agree with NAAG and National Automobile Dealers Association (NADA) that a standard subdomain name would be simpler for senders, we believe it would be more burdensome for carriers, especially small businesses, to implement than a domain name list. In addition, we agree that, consistent with the intent of the CAN SPAM Act, subscribers should not have to bear additional costs, such as the administrative costs mentioned, in Order to avoid unwanted MSCMs. Thus, we decline to adopt this option at this time.
Registry of Individual E-mail Addresses. We also decline to establish a limited national registry containing individual electronic mail addresses, similar to the national “do-not-call” registry. In the NPRM, we noted that the FTC is tasked with reviewing whether a nationwide marketing “Do-Not-E-Mail” registry might offer protection for those consumers who opt to place their electronic mail addresses on such a registry. In June, the FTC released its report to Congress recommending against adopting a national do-not-e-mail registry at this time. The FTC noted that there is no directory of valid individual addresses and, therefore, creating a registry of individual addresses would create “a gold mine” for marketers, both legitimate and illegal. The report stated that existing security measures are currently inadequate to protect such a registry. In addition, the report noted that there were practical concerns with the large number of anticipated addresses.
Commenters generally oppose the establishment of a registry of individual subscriber addresses, even if it is limited to MSM subscribers. They contend that such a registry would not be secure, could enable spammers to send more unwanted electronic mail messages, and that the security risk would threaten consumer privacy interests. Commenters also maintain that such a registry would be burdensome for consumers and for senders, that there would be huge operational problems with setting up such a registry, that it would be ineffective, and that it would be costly to train senders to use it properly. The DMA submitted a detailed study demonstrating what it believes are significant problems with the security, practicality, and technical feasibility of such a registry. Only a few commenters argue that a registry of electronic mail addresses would be useful, with little or no support for their conclusions, and one commenter saying it would be beneficial if combined with other anti-spam measures.
Upon careful consideration of the costs and benefits of creating a national wireless do-not-e-mail registry of individual electronic mail addresses, we believe that the disadvantages of such a system described in the record outweigh any possible advantages at this time. A national registry containing individual electronic mail addresses would involve significant resources and cost to set up and administer. Because a registry of individual addresses may potentially contain millions of records, it could also be burdensome for senders of MSCMs, including small businesses, to regularly access, download, and use the registry to check against targeted addresses. It would be less burdensome to do the same with a much smaller list of mobile service domain names. Even if the resources were devoted to establishing such a registry, commenters describe serious concerns about a registry becoming a target for unscrupulous marketers who would target electronic mail addresses on the list. As noted by the DMA, other commenters, and by the FTC in a Report to Congress, because such a list would be considered valuable to such marketers, there is a significant risk that such individuals might be motivated to try to obtain the list specifically for the purpose of sending unsolicited messages to those addresses. The record also reveals that at this time such a registry would not be as effective as one containing only domain names. Commenters note that the annual rate for electronic mail address turnover is high'as much as 32 percent per annum. As the FTC noted, unlike the do-not-call registry, which uses phone databases to purge the list of disconnected phone numbers, there is no database for abandoned electronic mail addresses. Thus, any database containing such addresses would continually expand, and include valid and unused addresses. For all of these reasons, we decline to adopt a registry of individual electronic mail addresses of wireless subscribers at this time.
Additional Mechanisms and CMRS Providers' Roles. There was little consensus on what other technical solutions should be required. Because the rules we adopt today address the statutory requirements for protecting consumers from unwanted messages to mobile devices, we decline to require other specific technical solutions such as the challenge-response mechanisms or technological solutions related to filtering as discussed in the NPRM. The Members of the U.S. House Representatives who commented in the proceeding urge the Commission to make things simple for users. We believe the domain name list does so.
We believe that it is the industry itself that can help give consumers additional protections and abilities to avoid unwanted electronic mail from sources other than legitimate businesses. Wireless and technology providers contend the Commission should not regulate in detail the wireless providers' efforts to combat unwanted messages. Those providers who commented in this proceeding note that they are aggressively working to stop unwanted messages. We applaud them for those efforts and do not want to interfere with this area of evolving technologies and market forces. We agree that at this time it is not necessary for the Commission to become involved in mandating detailed technical solutions. However, we strongly encourage providers to provide subscribers with additional reasonably effective methods to avoid receiving unauthorized MSCMs. We believe service providers should determine for themselves appropriate solutions to employ and offer, and we expect all providers to offer subscribers protections against unwanted messages. We will continue to monitor the effectiveness of our rules and the efforts of wireless providers to protect wireless subscribers from MSCMs and may revisit this issue at a later date to ensure that subscribers are afforded sufficient safeguards from all unwanted commercial messages.
C. Express Prior Authorization
Congress directed the FCC to adopt rules to provide consumers with the ability to avoid receiving MSCMs, unless the subscriber has provided express prior authorization to the sender. We sought comment on the form and content that such “express prior authorization” should take. Specifically, we sought comment on whether senders should be required to obtain a subscriber's express authorization in writing, and how any such requirement could be met electronically. We also asked if senders should be required to provide a notice to recipients about the possibility that costs could be incurred in receiving any such messages. We asked whether the term “affirmative consent” in The CAN SPAM Act would be suited to use in defining “express prior authorization.”
Commenters were generally split on whether the Commission should require senders to obtain express authorization from subscribers in writing. Wireless providers generally oppose any written authorization requirement, while consumers' groups contend that authorization should be obtained in writing, along with a signature. Wireless providers instead argue that senders should be allowed flexibility to obtain authorization via the Internet, orally over the telephone, or through messages sent to the subscriber's wireless device. Some suggest that consent forms requiring a signature would be impractical and hinder communications between sellers and consumers. NAAG, on the other hand, contends that the rules should be modeled after the Commission's “do-not-call” provisions, where express authorization must be evidenced only with a signed, written agreement between the consumer and seller which states that the consumer agrees to be contacted by the seller and includes the telephone number to which calls may be placed. Electronic Privacy Information Center (EPIC) warns that authorization not provided in writing may result in some senders falsely claiming they had the recipient's authorization to send MSCMs. EPIC adds that any authorization notice to the subscriber should be clear and conspicuous and written in plain language for the subscriber.
As mandated by the CAN SPAM Act, we require any sender of MSCMs to obtain the express authorization of the recipient prior to sending any MSCMs to that subscriber. We agree with those commenters that contend that “affirmative consent” as defined in the CAN SPAM Act is not suited to defining “express prior authorization” because protections for wireless subscribers are meant to be more stringent. Given the intent of Congress to afford greater protections from spam to wireless subscribers than to consumers generally, we believe that the burden must rest with the sender of MSCMs to obtain authorization from any subscriber prior to sending any MSCMs. Senders must also do so in a manner that best protects subscribers' privacy interests. However, we decline to require senders to obtain a subscriber's authorization in writing.
We will permit senders to obtain authorization by oral or written means, including electronic methods. A sender may obtain the subscriber's express prior authorization to transmit MSCMs to that subscriber in writing. Written authorization may be obtained in paper form or via an electronic means such as an electronic mail message from the subscriber. It must include the subscriber's signature and the electronic mail address to which MSCMs may be sent. Senders who choose to obtain authorization in oral format are also expected to take reasonable steps to ensure that such authorization can be verified.
We note here that in the event any complaint is filed, the burden of proof rests squarely on the sender, whether authorization has been obtained in written or in oral form. We do so to avoid the likelihood that any businesses will try to fabricate authorization. Given the potential costs and inconvenience to subscribers to receive such MSCMs, it is important that such messages be sent only to those wireless devices belonging to receptive subscribers. We strongly suggest that senders take steps promptly to document that they received such authorization. Recognizing the potential for fraud by both a person signing up someone else to receive MSCMs and by businesses fabricating authorization, we recommend that the business confirm the electronic mail address with a confirmatory notice sent to the recipient requesting a reply. We emphasize that sending any commercial message to a wireless device, including any falsely purporting to be confirmatory messages, is a violation of our rules unless the subscriber has already provided express prior authorization and the sender bears the burden of showing that has occurred.
Whether given orally or in writing, express prior authorization must be express, must be given prior to the sending of any MSCMs, and must include the electronic mail address to which such MSCMs may be sent. In addition, we believe that consistent with the intent of the CAN SPAM Act, consumers must not bear any additional costs to receive a request for authorization, and must be able to reply to such a request without incurring any additional costs. In addition to actual costs for such messages, as noted above, recipients may incur costs for time spent accessing, reviewing, and discarding such mail. Thus, senders are prohibited from sending any request for authorization to any wireless subscriber's wireless devices. Express prior authorization may not be obtained in the form of a “negative option.” If a sender chooses to use a website, we note that such authorization must include an affirmative action on the part of the subscriber, such as checking a box or hitting an “I Accept” button, accompanied by the clear disclosures outlined below. In addition, the subscriber must have an opportunity in the process to input the specific electronic mail address for which they are authorizing MSCMs. Express prior authorization need only be secured once from the recipient in Order to send MSCMs to that subscriber until the subscriber revokes such authorization. Senders who claim they obtained authorization from wireless subscribers to send them MSCMs prior to the effective date of these rules will not be in compliance with the rules unless they can demonstrate that such authorization met all the requirements as adopted herein, including the disclosure requirements below.
We emphasize that if the sender subsequently is notified by the subscriber that the subscriber does not wish to receive MSCMs, the sender must cease sending such messages within 10 business days of the receipt of such request in compliance with section 5(a)(4)(A) of the CAN SPAM Act. We note, however, that this 10-day time period may change should the FTC amend its rules. We delegate to the Consumer & Governmental Affairs Bureau the authority to amend the rules to reflect any updates in the time-frames adopted by the FTC.
A subscriber who provides an electronic mail address for a specific purpose, e.g., notifying the subscriber when a car repair is completed, will not be considered to have given express prior authorization for purposes of sending MSCMs in general. In addition, should a sender allow subscribers to choose the types of MSCMs they receive from that sender, and authorization is provided for those specific types of messages, the sender should transmit only those types of MSCMs to the subscriber. Finally, authorization provided to a particular sender will not entitle that sender to send MSCMs on behalf of third parties, including on behalf of affiliated entities and marketing partners. If a sender obtains express prior authorization, that sender must be identified in the message in a form that will allow a subscriber to reasonably determine that the sender is the authorized entity.
Required Disclosures. As noted above, Congress found that the receipt of unsolicited commercial electronic mail often results in monetary costs and inconvenience for wireless subscribers. Thus, the rules we adopt today require senders to disclose to the subscriber at the time they obtain any subscriber's express prior authorization that: (1) The subscriber is agreeing to receive mobile service commercial messages sent to their wireless device from a particular sender; (2) the subscriber may be charged by their wireless service provider in connection with receipt of such messages; and (3) the subscriber may revoke her authorization to receive MSCMs at any time. Any such disclosure notice containing the required disclosures must be clearly legible, use sufficiently large type (or, if audio, be of sufficiently loud volume), and be placed so as to be readily apparent to a customer. The disclosure notice must also be separate from any other authorizations in the document. And, it must clearly provide the name of the person or entity sending the MSCM and the person or entity whose product or service is advertised or promoted in the MSCMs if different from the sender. Finally, if any portion of the disclosure notice is translated into another language, then all portions of the notice must be translated into that language. Senders are cautioned that if they use a website for obtaining authorization, such authorization notice must comply with these disclosure requirements as well. We note that if authorization is obtained orally, all required disclosures must still be made by the sender.
We decline to carve out any exemptions from the “express prior authorization” requirements. We find that any exemption for a particular industry would be in direct conflict with the intent of the CAN SPAM Act to protect wireless subscribers from commercial electronic mail messages that they do not wish to receive. We also find that permitting senders to obtain authorization orally or in writing, addresses the concerns described by certain commenters in obtaining such authorization.
The legislative history demonstrates that section 14 of the CAN SPAM Act was included so that wireless subscribers would have greater protections from commercial electronic mail messages than those protections provided elsewhere in the CAN SPAM Act. Congress was concerned about the intrusive nature of wireless spam and the costs to subscribers associated with receiving such spam. Thus, we emphasize that any MSCM sender that claims its messages are transmitted based on oral, written, or electronic authorization must be prepared to provide clear and convincing evidence of such express prior authorization by the subscriber. The failure to obtain such authorization before sending MSCMs will be a clear violation of the CAN SPAM Act and Commission's rules.
D. Electronic Rejection of MSCMs
Required technical mechanisms. In the NPRM we sought comment on how we could best fulfill the mandate of section 14 (b)(2) of the CAN SPAM Act to develop rules that “allow recipients of MSCMs to indicate electronically a desire not to receive future MSCMs from the sender.” We also sought comment on technical options that might be used to do this simply.
Commenters suggested technical options for withdrawing authorization including a return electronic mail address, a hyperlink to a website, the use of short code mechanisms, telephone-based techniques such as those that allow the caller to use key pads, or some combination of the foregoing. Members of the U.S. House of Representatives and the Motion Picture Association of America, encourage the Commission to adopt a simple, streamlined electronic response technique to quickly withdraw prior authorization using a recipient's handset. Two commenters contend that requiring small businesses to set-up and maintain a website for the purpose of rejecting future messages would impose an unreasonable burden. NAAG contends the first screen of any MSCM should display the existence of an option to decline to receive messages and the means by which it can be exercised.
As a preliminary matter we note that section 5(a)(3) of the CAN SPAM Act requires that all commercial electronic mail include “a return electronic mail address or other Internet-based mechanism, clearly and conspicuously displayed.” Several commenters endorsed the applicability of the general provision of section 5(a)(3) of the CAN SPAM Act for MSCMs, indicating that a return electronic mail address or other Internet-based mechanism, such as a link to a website, would serve as a mechanism for electronically rejecting further items and should be included in any MSCM sent. We agree that this provision would need to be included in all MSCMs in Order for our rules to be consistent with the CAN SPAM Act.
We believe, however, that more is required. Our decision is informed by the significant differences between the resources that may be available to recipients of MSCM and the resources available to recipients of electronic mail messages in general. In particular our definition of MSCM includes messages that originate on the Internet and that are converted for delivery to wireless devices which may not have Internet access. Some of these wireless services and devices are by nature one-way services. Moreover, we cannot assume that all MSCM recipients have an alternative means of access to Internet-based electronic messaging or to other Internet-based mechanisms, such as a web browser. Consequently, we strongly agree with the Mobile Marketing Code of Conduct principle that “consumers must be allowed to terminate their participation in an ongoing mobile messaging program through channels identical to those through which they can opt to receive messages about a given program.”
Therefore, we conclude that in addition to the general requirement of the CAN SPAM Act that each MSCM have a functioning return electronic mail address or other form of Internet-based communication, a sender of an MSCM must provide the recipient with access to whatever mechanism they were given access to in Order to grant express prior authorization. For example, if a subscriber was given a short-code mechanism for granting authorization for MSCMs to the sender, the sender must provide that subscriber with a way to send a short code as a means to electronically reject future MSCMs from that sender. A sender must also include basic instructions by which this option or these options can be exercised to reject further items.
A sender may include other mechanisms at his discretion, so long as these basic requirements are met. The means by which a recipient notifies the sender that the recipient does not wish to receive additional MSCMs can impose no new requirements on the recipient beyond the means by which he provided prior express authorization. In addition, the sender may not subject the subscriber to further commercial advertising or solicitation as part of the procedure the recipient must use to reject future messages.
Consistent with CAN SPAM Act section 5(a)(3), for no less than 30 days following the transmission of an MSCM, all included mechanisms for acquiring express prior authorization must remain capable of receiving and honoring the recipient's rejection of further messages. As we indicate above, the sender must cease sending further messages within the amount of time that the FTC has allotted for senders to act upon requests for rejecting subsequent messages, currently set at 10 business days after receipt of any request from the subscriber.
In regards to small businesses, we note that the flexibility provided for obtaining express prior authorization and for notifying the sender of the subsequent rejection of further items addresses the concerns of small business interests that, for example, a small business not be required to set-up and maintain a new website. We further note that because the recipient must be given express prior authorization for any MSCM that arrives, we see no need to adopt NAAG's suggestion to require material regarding how to decline to receive more messages to be displayed on the first screen of any MSCM. Finally, the record does not indicate that provider services and subscriber devices currently support a common response-based technique that is simple for subscribers to use and that the Commission could adopt. We therefore encourage industry to develop an industry-standard means by which a subscriber can use his handset to easily respond to a sender that he no longer wishes to receive MSCMs. We will monitor whether industry has developed a standard means by which subscribers can use handsets to respond and may revisit this issue at a later date.
Other technical mechanisms. In the NPRM we sought comment on the applicability of a variety of other technical options that could be used by subscribers for electronically rejecting messages. For example, we asked about the possible applicability of mechanisms for blocking messages from particular senders at the subscriber's request, of an ability to add a changeable personal identifier to a wireless device mail address by means of which the subscriber could easily alter his address, and of challenge-response mechanisms that a subscriber might invoke. One commenter supported establishing a policy framework to deploy subscriber-controlled blocking solutions. Many providers acknowledged that they voluntarily provide their subscribers such means for mitigating unsolicited MSCM, but cautioned the Commission against mandating their availability. Given the record and the apparent success to date of the voluntary approach in generally blocking unwanted MSCMs, we decline to require that all providers make such mechanisms available for use at the option of their subscribers.
E. Consideration of CMRS Provider Exemption
Section 14 (b)(3) of the CAN SPAM Act allows the Commission to exempt providers of commercial mobile services to the general prohibition on the sending of MSCMs. In doing so, the Commission must take into consideration the “relationship that exists between providers of such services and their subscribers.” However, as the CAN SPAM Act clearly states, our overall mandate is to protect consumers from unwanted MSCMs. The CAN SPAM Act does not require the Commission to provide an exemption, only to consider whether such an exemption would be appropriate. As a result, the Commission sought comment in the NPRM on whether there is a need for such an exemption and how it would impact consumers.
In the NPRM, we noted that the CAN SPAM Act already excludes certain “transactional and relationship” messages from the definition of unsolicited commercial electronic mail. Specifically the CAN SPAM Act states that transaction and relationship messages are those messages in which the primary purpose is:
(i) To facilitate, complete, or confirm a commercial transaction that the recipient has previously agreed to enter into with the sender; (ii) to provide warranty information, product recall information, or safety or security information with respect to a commercial product or service used or purchased by the recipient; (iii) to provide (I) notification concerning a change in the terms or features of; (II) notification of a change in the recipient's standing or status with respect to; or (III) at regular periodic intervals, account balance information or other type of account statement with respect to a subscription, membership, account, loan, or comparable ongoing commercial relationship involving the ongoing purchase or use by the recipient of products or services offered by the sender; (iv) to provide information directly related to an employment relationship or related benefit plan in which the recipient is currently involved, participating, or enrolled; or (v) to deliver goods or services, including product updates or upgrades, that the recipient is entitled to receive under the terms of a transaction that the recipient has previously agreed to enter into with the sender.
In light of the exclusions of those types of messages, we asked in the NPRM whether there was a need for a separate exemption for CMRS providers from the section 14 of the CAN SPAM Act “express prior authorization” requirement and, if so, how the Commission would implement the requirements allowing subscribers who indicated a desire not to receive future MSCMs from the provider (1) at the time of subscribing to such service and (2) in any billing mechanism. Additionally, we requested in the NPRM that CMRS providers supply us with specific examples of messages that they send to their customers that are not already excluded from the CAN SPAM Act. Finally, if such an exemption were created, we asked whether there would be any impact on small businesses and whether small wireless service providers should be treated differently.
NAAG, consumer groups, and a privacy organization argue that there is no basis for granting an exemption for CMRS providers. CMRS providers argue they should have an exemption—with two providers noting this should be only if the carriers do not charge subscribers for the messages they send. However, despite the NPRM's request that carriers provide specific examples of messages that would not already be covered by the CAN SPAM Act's exemption for “transactional” or “relationship” messages, CMRS providers offer few such examples and, as discussed below, they might already be allowed under The CAN SPAM Act. NAR says it would be unfair to give an exemption to one business model and not others. Many CMRS providers counter that we should not make a special exemption for small businesses. As to the scope of the exemption, CTIA urges that any exemption for CMRS providers also should extend to its business partners, while the DMA warns that any such exemption must be narrowed to include only messages from a carrier about its own services. Verizon argues that declining to exempt carriers would be an unlawful restriction on commercial speech; however, we have already addressed that issue above.
Based upon the record before us, we decline to grant CMRS providers a special exemption from the requirement to obtain express prior authorization from their current subscribers before sending them any MSCM. In reaching this decision, we are persuaded by commenters, including many consumer groups and individuals, who urge us to provide greater consumer protection for wireless consumers—protection that is not diluted by such an exemption. The CAN SPAM Act itself requires us to protect consumers from “unwanted” commercial messages, not only those that have additional costs. As commenters note, consumers are concerned with the nuisance of receiving such messages.
Several of these commenters emphasize that CMRS providers should not be exempt from the rules requiring express prior authorization because the bulk of CMRS providers' communications with their customers are already expressly exempted under the CAN SPAM Act as “transactional and relationship” messages. We agree that the few examples that CMRS providers supplied in the record appear to already fall within “transactional and relationship” messages or otherwise outside of the definition of “commercial” messages. For example, T-Mobile contends that it needs to be able to send notices to customers about fraud. As noted above, the CAN SPAM Act defines a “commercial electronic mail message” as an electronic message for which the “primary purpose” is the “commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose).” If the primary purpose of the message was to alert customers about fraud, we do not believe T-Mobile's example would fall within the definition of “commercial” and therefore would not fall under the CAN SPAM Act at all. In addition, Nextel provides the example of a carrier needing to send out an alert to a prepaid customer that his account balance is running low. If that was the primary purpose of the message, such a message would fall under the exemption for transaction and relationship message.
As noted previously, the FTC has authority to develop the criteria used to define whether a message is “commercial,” as well as any modifications for what is considered in the exemption of transactional and relationship messages. Therefore, we delegate to the Consumer & Governmental Affairs Bureau the authority to amend the rules we adopt today to ensure consistency with any rule the FTC adopts under the CAN SPAM Act to further define “commercial” and “transactional relationship” messages.
Although CMRS providers contend that an exemption should be provided, very little support for such an exemption was provided in the record in this proceeding. Much of the comment in support of the exemption is conclusory in nature. T-Mobile states that, by empowering the Commission to exempt wireless carriers from section 14 (b)(1) of the CAN SPAM Act, Congress has recognized that the MSCMs sent by wireless carriers are fundamentally different than MSCMs sent by all other senders. Cingular, Nextel and Sprint urge the Commission to presume that the customer is willing to receive information about their providers' new products and services. Nextel notes that, unlike third parties, wireless carriers can ensure that customers are not charged for such messages. Dobson states that, in many cases, a subscriber would prefer an SMS message from its carrier rather than a phone call or bill insert.
We note again that Congress' intent in including section 14 in the CAN SPAM Act was to afford wireless consumers greater protection from unwanted commercial electronic mail messages. Ultimately, we are persuaded that safeguarding wireless consumers from MSCMs, undiluted with an exemption for CMRS providers, will ensure that consumers receive “less, not more, spam.” The record shows that MSCMs sent by CMRS providers are not fundamentally different from those sent by other senders, other than that they may be provided without additional cost to subscribers. An MSCM from a CMRS provider may be just as intrusive, and costly in other respects, as an MSCM from a third party. As Congress noted, the receipt of unwanted mail can result in costs “for the storage of such mail, or for the time spent accessing, reviewing, and discarding such mail.” In addition, providers have unique channels such as monthly statements and web sites, through which they can request a subscriber's prior express authorization. We note that the rules we establish in this proceeding are sufficiently flexible to enable the CMRS provider to readily obtain the subscriber's express prior authorization in a number of ways, if a CMRS provider desires to send an MSCM to any wireless subscriber. For all of those reasons, a promise to make them cost-free alone does not suffice as justification for an exemption.
Accordingly, we decline to exempt CMRS providers from the requirement to obtain express prior authorization from their current subscribers before sending them any MSCM. For similar reasons, we also decline to create an exemption for other entities, such as realtors or small businesses. NAR argues that the MSCM rules should not apply to a real estate professional's communications to their clients about the services they are providing to that client, or to communications between associations and their members. As noted above, the CAN SPAM Act's existing exemption already broadly covers many transaction and relationship messages. Furthermore, the allowance for orally obtaining express prior authorization, which NAR advocates, should allow realtors to obtain such authorizations as needed. NAR has not established that messages sent by its members are fundamentally different from those sent by other senders. An MSCM from a real estate professional may be just as intrusive, and costly as an MSCM from any other entity. ACA International contends that messages sent to wireless devices for the primary purpose of collecting debts are not MSCMs as they are not “commercial” and therefore are exempt from the CAN SPAM Act. As we noted previously, while the statute leaves the interpretation of “transactional and relationship” messages to the FTC, in the absence of any ruling to the contrary, we believe that messages from a person or entity with whom the recipient has previously agreed to enter into a transaction and that concern a debt owed for that transaction would fall under the exemption. However, consistent with our 2003 TCPA Order, a call to sell debt consolidation services, for example, is a commercial call regardless of whether the consumer is also referred to a tax-exempt nonprofit organization for counseling services. We believe that to do so would be inconsistent with our mandate from Congress to protect subscribers from unwanted commercial messages.
F. General Compliance With the CAN SPAM Act
We asked for comment on specific compliance issues that senders of MSCM might have with other sections of the CAN SPAM Act. We noted in the NPRM that although we believed that currently, some carriers choose to limit the length of certain text messages that some commercial mobile service subscribers already appeared to be supplementing the limited text handling functionality with ancillary personal computer technology. We received little response about this issue. CTIA states that some handsets are limited in message storage beyond a certain length and screens are small; thus, CTIA argues that senders should not be required to meet all of the disclosures. Consumer Action, the Consumer Federation of America and the National Consumers League contend that the disclosure requirements of the main provisions of the CAN SPAM Act are so important that they should trump any awkwardness with messages being filled with disclosures. We agree. There is insufficient evidence on the record to warrant a waiver of the basic disclosure requirements mandated by the CAN SPAM Act.
Finally, CTIA contends that wireless carriers should be given special treatment with regard to general compliance with the information requirements of section 5 of the CAN SPAM Act, given that they can provide this data at the time of subscription and in each monthly bill. CTIA contends in a footnote that interpreting the statute to mean that CMRS providers would need to comply with all the information requirements of section 5 would render section 14 (b)(4) of the CAN SPAM Act meaningless. We disagree. Based on the information discussed above regarding messages sent by CMRS providers, we find there is no reason for treating them differently from other businesses.
Final Regulatory Flexibility Analysis
As required by the Regulatory Flexibility Act of 1980, as amended (RFA), an Initial Regulatory Flexibility Analysis (IRFA) was incorporated in the Notice of Proposed Rulemaking and Further Notice of Proposed Rulemaking (NPRM & FNPRM) released by the Federal Communications Commission (Commission) on March 19, 2004. The Commission sought written public comments on the proposals contained in both the NPRM & FNPRM, including comments on the IRFA. None of the comments filed in this proceeding was specifically identified as comments addressing the IRFA. This present Final Regulatory Flexibility Analysis (FRFA) conforms to the RFA.
Need for, and Objectives of, This Order
On December 8, 2003, Congress passed the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN SPAM Act) to address the growing number of unwanted commercial electronic mail messages, which Congress determined to be costly, inconvenient, and often fraudulent or deceptive. Congress found that recipients “who cannot refuse to accept such mail” may incur costs for storage and for “time spent accessing, reviewing, and discarding such mail.” The CAN SPAM Act prohibits any person from transmitting such messages with false or misleading information about the source or content, and gives recipients the right to decline to receive additional messages from the same source. Certain agencies, including the Commission, are charged with enforcement of the CAN SPAM Act.
Section 14 of the CAN SPAM Act requires the Commission to (1) promulgate rules to protect consumers from unwanted mobile service commercial messages, and (2) consider, in doing so, the ability of senders to determine whether a message is a mobile commercial electronic mail message. In addition, the Commission shall consider the ability of senders of mobile service commercial messages to comply with the CAN SPAM Act in general. Furthermore, the CAN SPAM Act requires the Commission to consider the relationship that exists between providers of such services and their subscribers.
On March 19, 2004, the Commission issued the NPRM & FNPRM regarding implementation of section 14 of the CAN SPAM Act. The Commission sought comment on how to protect wireless subscribers from those electronic mail messages, such as traditional e-mail and forms of text messaging, that fall under section 14 of the CAN SPAM Act, while not interfering with regular electronic messages that are covered under the CAN SPAM Act in general. In the NPRM & FNPRM, the Commission sought comment on the ability of senders to determine whether a message is a mobile service commercial electronic mail message, as well as different options and technologies that might enable the sender to make that determination. In addition, the NPRM & FNPRM sought comment on the following six issues or alternatives: (1) The scope of section 14 of the CAN SPAM Act, specifically what falls within the definition of mobile service commercial messages (MSCMs); (2) mechanisms to give consumers the ability to avoid MSCMs without relying upon the sender to determine whether a message is a mobile service message; (3) the requirements for obtaining express prior authorization; (4) whether commercial mobile radio service providers should be exempted from the obligation of obtaining express prior authorization before contacting their customers; (5) how wireless subscribers may electronically reject future MSCMs; and (6) how MSCM senders may generally comply with the CAN SPAM Act.
In 1991, the Telephone Consumer Protection Act (TCPA) was enacted to address certain telemarketing practices, including calls to wireless telephone numbers, which Congress found to be an invasion of consumer privacy and even a risk to public safety. The TCPA specifically prohibits calls using an automatic telephone dialing system or artificial or prerecorded message “to any telephone number assigned to a paging service, cellular telephone service, specialized mobile radio service, or other common carrier service, or any service for which the called party is charged.” The CAN SPAM Act provides that “[n]othing in this Act shall be interpreted to preclude or override the applicability” of the TCPA.
In 2003, we released a Report and Order in which we reaffirmed that the TCPA prohibits any call using an automatic telephone dialing system or an artificial or prerecorded message to any wireless telephone number. We concluded that this encompasses both voice calls and text calls, including Short Message Service (SMS) text messaging calls, to wireless phone numbers.
In the NPRM & FNPRM, we noted that the legislative history of the CAN SPAM Act suggests that section 14, in conjunction with the TCPA, was intended to address wireless text messaging. We sought comment on whether the definition of an MSCM should include SMS messages.
This Order adopts a general prohibition against commercial electronic messages sent to any address using a domain name that appears on a list to be maintained by the Commission and available to the public. We believe these measures are the ones best suited to protect wireless subscribers from unwanted commercial messages and do not overburden carriers and legitimate businesses, especially small businesses.
In addition, this Order clarifies the delineation between the new rules implementing the CAN SPAM Act, and our existing rules concerning messages sent to wireless telephone numbers under the TCPA. Because this Order clarifies this delineation and does not modify any rules, there is no discussion of the TCPA included in this FRFA. All remaining TCPA issues, raised in the NPRM & FNPRM, will be addressed in a separate Order issued by the Commission at a later date.
Summary of Significant Issues Raised by Public Comments in Response to the IRFA
There were no comments filed that specifically addressed the rules and policies proposed in the IRFA.
Description and Estimate of the Number of Small Entities to Which the Rules Will Apply
The RFA directs agencies to provide a description of and, where feasible, an estimate of the number of small entities that may be affected by the rules adopted herein. The RFA generally defines the term “small entity” as having the same meaning as the terms “small business,” “small organization,” and “small governmental jurisdiction.” In addition, the term “small business” has the same meaning as the term “small business concern” under the Small Business Act. Under the Small Business Act, a “small business concern” is one which: (1) Is independently owned and operated; (2) is not dominant in its field of operation; and (3) satisfies any additional criteria established by the Small Business Administration (SBA).
The rules adopted in this Order, concerning the prohibition of sending electronic commercial mail messages, apply to a wide range of entities, including the myriad of businesses throughout the nation that use electronic messaging to advertise. In the IRFA we identified, with as much specificity as possible, all business entities that might be affected by this Order. In Order to assure that we have covered all possible entities we included general categories, such as Wireless Service Providers and Wireless Communications Equipment Manufacturers, while also including more specific categories, such as Cellular Licensees and Common Carrier Paging. Similarly, for completeness, we have also included descriptions of small entities in various categories, such as 700 MHz Guard Band Licenses, who may potentially be affected by this Order but who would not be subject to regulation simply because of their membership in that category.
Sometimes when identifying small entities we provide information describing auctions' results, including the number of small entities that were winning bidders. We note, however, that the number of winning bidders that qualify as small businesses at the close of an auction does not necessarily reflect the total number of small entities currently in a particular service. The Commission does not generally require that applicants do not provide business size information, nor does the Commission track subsequent business size, except in the context of an assignment or transfer of control application where unjust enrichment issues are implicated.
Small Businesses. Nationwide, there are a total of 22.4 million small businesses, according to SBA data.
Telemarketers. SBA has determined that “telemarketing bureaus” with $6 million or less in annual receipts qualify as small businesses. For 1997, there were 1,727 firms in the “telemarketing bureau” category, total, which operated for the entire year. Of this total, 1,536 reported annual receipts of less than $5 million, and an additional 77 reported receipts of $5 million to $9,999,999. Therefore, the majority of such firms can be considered to be small businesses.
Wireless Service Providers. The SBA has developed a small business size standard for wireless firms within the two broad economic census categories of “Paging” and “Cellular and Other Wireless Telecommunications.” Under both SBA categories, a wireless business is small if it has 1,500 or fewer employees. For the census category of Paging, Census Bureau data for 1997 show that there were 1,320 firms in this category, total, that operated for the entire year. Of this total, 1,303 firms had employment of 999 or fewer employees, and an additional 17 firms had employment of 1,000 employees or more. Thus, under this category and associated small business size standard, the great majority of firms can be considered small. For the census category Cellular and Other Wireless Telecommunications, Census Bureau data for 1997 show that there were 977 firms in this category, total, that operated for the entire year. Of this total, 965 firms had employment of 999 or fewer employees, and an additional 12 firms had employment of 1,000 employees or more. Thus, under this second category and size standard, the great majority of firms can, again, be considered small.
Internet Service Providers. The SBA has developed a small business size standard for Internet Service Providers. This category comprises establishments “primarily engaged in providing direct access through telecommunications networks to computer-held information compiled or published by others.” Under the SBA size standard, such a business is small if it has average annual receipts of $21 million or less. According to Census Bureau data for 1997, there were 2,751 firms in this category that operated for the entire year. Of these, 2,659 firms had annual receipts of under $10 million, and an additional 67 firms had receipts of between $10 million and $24,999,999. Thus, under this size standard, the great majority of firms can be considered small entities.
Wireless Communications Equipment Manufacturers. The Commission has not developed special small business size standards for entities that manufacture radio, television, and wireless communications equipment. Therefore, the applicable small business size standard is the definition under the SBA rules applicable to “Radio and Television Broadcasting and Wireless Communications Equipment Manufacturing.” Examples of products that fall under this category include “transmitting and receiving antennas, cable television equipment, GPS equipment, pagers, cellular phones, mobile communications equipment, and radio and television studio and broadcasting equipment” and may include other devices that transmit and receive Internet Protocol enabled services, such as personal digital assistants. Under that standard, firms are considered small if they have 750 or fewer employees. Census Bureau data for 1997 indicate that, for that year, there were a total of 1,215 establishments in this category. Of those, there were 1,150 that had employment under 500, and an additional 37 that had employment of 500 to 999. The percentage of wireless equipment manufacturers in this category is approximately 61.35%, so the Commission estimates that the number of wireless equipment manufacturers with employment under 500 was actually closer to 706, with an additional 23 establishments having employment of between 500 and 999. Given the above, the Commission estimates that the great majority of wireless communications equipment manufacturers are small businesses.
Radio Frequency Equipment Manufacturers. The Commission has not developed a special small business size standard applicable to Radio Frequency Equipment Manufacturers. Therefore, the applicable small business size standard is the definition under the SBA rules applicable to “Radio and Television Broadcasting and Wireless Communications Equipment Manufacturing.” Under that standard, firms are considered small if they have 750 or fewer employees. Census Bureau data for 1997 indicate that, for that year, there were a total of 1,215 establishments in this category. Of those, there were 1,150 that had employment under 500, and an additional 37 that had employment of 500 to 999. Thus, under this size standard, the majority of establishments can be considered small entities.
Paging Equipment Manufacturers. The Commission has not developed a special small business size standard applicable to Paging Equipment Manufacturers. Therefore, the applicable small business size standard is the definition under the SBA rules applicable to “Radio and Television Broadcasting and Wireless Communications Equipment Manufacturing.” Under that standard, firms are considered small if they have 750 or fewer employees. Census Bureau data for 1997 indicate that, for that year, there were a total of 1,215 establishments in this category. Of those, there were 1,150 that had employment under 500, and an additional 37 that had employment of 500 to 999. Thus, under this size standard, the majority of establishments can be considered small entities.
Telephone Equipment Manufacturers. The Commission has not developed a special small business size standard applicable to Telephone Equipment Manufacturers. Therefore, the applicable small business size standard is the definition under the SBA rules applicable to “Telephone Apparatus Manufacturing.” Under that standard, firms are considered small if they have 1,000 or fewer employees. Census Bureau data indicates that for 1997 there were 598 establishments that manufacture telephone equipment. Of those, there were 574 that had fewer than 1,000 employees, and an additional 17 that had employment of 1,000 to 2,499. Thus, under this size standard, the majority of establishments can be considered small.
As noted in paragraph [8], we believe that all small entities affected by the rules contained in this Order will fall into one of the large SBA categories described above. In an attempt to provide as specific information as possible, however, we are providing the following more specific categories.
Cellular Licensees. The SBA has developed a small business size standard for wireless firms within the broad economic census category “Cellular and Other Wireless Telecommunications.” Under this SBA category, a wireless business is small if it has 1,500 or fewer employees. For the census category Cellular and Other Wireless Telecommunications firms, Census Bureau data for 1997 show that there were 977 firms in this category, total, that operated for the entire year. Of this total, 965 firms had employment of 999 or fewer employees, and an additional 12 firms had employment of 1,000 employees or more. Thus, under this category and size standard, the great majority of firms can be considered small. According to the most recent Trends in Telephone Service data, 719 carriers reported that they were engaged in the provision of cellular service, personal communications service, or specialized mobile radio telephony services, which are placed together in the data. We have estimated that 294 of these are small, under the SBA small business size standard.
Common Carrier Paging. The SBA has developed a small business size standard for wireless firms within the broad economic census categories of “Cellular and Other Wireless Telecommunications.” Under this SBA category, a wireless business is small if it has 1,500 or fewer employees. For the census category of Paging, Census Bureau data for 1997 show that there were 1,320 firms in this category, total, that operated for the entire year. Of this total, 1,303 firms had employment of 999 or fewer employees, and an additional 17 firms had employment of 1,000 employees or more. Thus, under this category and associated small business size standard, the great majority of firms can be considered small.
In the Paging Second Report and Order, the Commission adopted a size standard for “small businesses” for purposes of determining their eligibility for special provisions such as bidding credits and installment payments. A small business is an entity that, together with its affiliates and controlling principals, has average gross revenues not exceeding $15 million for the preceding three years. The SBA has approved this definition. An auction of Metropolitan Economic Area (MEA) licenses commenced on February 24, 2000, and closed on March 2, 2000. Of the 2,499 licenses auctioned, 985 were sold. Fifty-seven companies claiming small business status won 440 licenses. An auction of MEA and Economic Area (EA) licenses commenced on October 30, 2001, and closed on December 5, 2001. Of the 15,514 licenses auctioned, 5,323 were sold. One hundred thirty-two companies claiming small business status purchased 3,724 licenses. A third auction, consisting of 8,874 licenses in each of 175 EAs and 1,328 licenses in all but three of the 51 MEAs commenced on May 13, 2003, and closed on May 28, 2003. Seventy-seven bidders claiming small or very small business status won 2,093 licenses. Currently, there are approximately 74,000 Common Carrier Paging licenses. According to the most recent Trends in Telephone Service, 608 private and common carriers reported that they were engaged in the provision of either paging or “other mobile” services. Of these, we estimate that 589 are small, under the SBA-approved small business size standard. We estimate that the majority of common carrier paging providers would qualify as small entities under the SBA definition.
Wireless Communications Services. This service can be used for fixed, mobile, radiolocation, and digital audio broadcasting satellite uses. The Commission defined “small business” for the wireless communications services (WCS) auction as an entity with average gross revenues of $40 million for each of the three preceding years, and a “very small business” as an entity with average gross revenues of $15 million for each of the three preceding years. The SBA has approved these definitions. The Commission auctioned geographic area licenses in the WCS service. In the auction, which commenced on April 15, 1997 and closed on April 25, 1997, there were seven bidders that won 31 licenses that qualified as very small business entities, and one bidder that won one license that qualified as a small business entity. An auction for one license in the 1670-1674 MHz band commenced on April 30, 2003 and closed the same day. One license was awarded. The winning bidder was not a small entity.
Wireless Telephony. Wireless telephony includes cellular, personal communications services, and specialized mobile radio telephony carriers. The SBA has developed a small business size standard for “Cellular and Other Wireless Telecommunications” services. Under that SBA small business size standard, a business is small if it has 1,500 or fewer employees. According to the most recent Trends in Telephone Service data, 719 carriers reported that they were engaged in the provision of wireless telephony. We have estimated that 294 of these are small under the SBA small business size standard.
Broadband Personal Communications Service. The broadband personal communications services (PCS) spectrum is divided into six frequency blocks designated A through F, and the Commission has held auctions for each block. The Commission has created a small business size standard for Blocks C and F as an entity that has average gross revenues of less than $40 million in the three previous calendar years. For Block F, an additional small business size standard for “very small business” was added and is defined as an entity that, together with its affiliates, has average gross revenues of not more than $15 million for the preceding three calendar years. These small business size standards, in the context of broadband PCS auctions, have been approved by the SBA. No small businesses within the SBA-approved small business size standards bid successfully for licenses in Blocks A and B. There were 90 winning bidders that qualified as small entities in the Block C auctions. A total of 93 “small” and “very small” business bidders won approximately 40 percent of the 1,479 licenses for Blocks D, E, and F. On March 23, 1999, the Commission reauctioned 155 C, D, E, and F Block licenses; there were 113 small business winning bidders.
On January 26, 2001, the Commission completed the auction of 422 C and F Broadband PCS licenses in Auction No. 35. Of the 35 winning bidders in this auction, 29 qualified as “small” or “very small” businesses. Subsequent events, concerning Auction 35, including judicial and agency determinations, resulted in a total of 163 C and F Block licenses being available for grant.
Narrowband Personal Communications Services. The Commission held an auction for Narrowband PCS licenses that commenced on July 25, 1994, and closed on July 29, 1994. A second auction commenced on October 26, 1994 and closed on November 8, 1994. For purposes of the first two Narrowband PCS auctions, “small businesses” were entities with average gross revenues for the prior three calendar years of $40 million or less. Through these auctions, the Commission awarded a total of 41 licenses, 11 of which were obtained by four small businesses. To ensure meaningful participation by small business entities in future auctions, the Commission adopted a two-tiered small business size standard in the Narrowband PCS Second Report and Order. A “small business” is an entity that, together with affiliates and controlling interests, has average gross revenues for the three preceding years of not more than $40 million. A “very small business” is an entity that, together with affiliates and controlling interests, has average gross revenues for the three preceding years of not more than $15 million. The SBA has approved these small business size standards. A third auction commenced on October 3, 2001 and closed on October 16, 2001. Here, five bidders won 317 (Metropolitan Trading Areas and nationwide) licenses. Three of these claimed status as a small or very small entity and won 311 licenses.
Lower 700 MHz Band Licenses. We adopted criteria for defining three groups of small businesses for purposes of determining their eligibility for special provisions such as bidding credits. We have defined a “small business” as an entity that, together with its affiliates and controlling principals, has average gross revenues not exceeding $40 million for the preceding three years. A “very small business” is defined as an entity that, together with its affiliates and controlling principals, has average gross revenues that are not more than $15 million for the preceding three years. Additionally, the lower 700 MHz Service has a third category of small business status that may be claimed for Metropolitan/Rural Service Area (MSA/RSA) licenses. The third category is “entrepreneur,” which is defined as an entity that, together with its affiliates and controlling principals, has average gross revenues that are not more than $3 million for the preceding three years. The SBA has approved these small size standards. An auction of 740 licenses (one license in each of the 734 MSAs/RSAs and one license in each of the six Economic Area Groupings (EAGs)) commenced on August 27, 2002, and closed on September 18, 2002. Of the 740 licenses available for auction, 484 licenses were sold to 102 winning bidders. Seventy-two of the winning bidders claimed small business, very small business or entrepreneur status and won a total of 329 licenses. A second auction commenced on May 28, 2003, and closed on June 13, 2003, and included 256 licenses: 5 EAG licenses and 476 Cellular Market Area licenses. Seventeen winning bidders claimed small or very small business status and won 60 licenses, and nine winning bidders claimed entrepreneur status and won 154 licenses.
Upper 700 MHz Band Licenses. The Commission released a Report and Order, authorizing service in the upper 700 MHz band. This auction, previously scheduled for January 13, 2003, has been postponed.
700 MHz Guard Band Licenses. In the 700 MHz Guard Band Order, we adopted size standards for “small businesses” and “very small businesses” for purposes of determining their eligibility for special provisions such as bidding credits and installment payments. A small business in this service is an entity that, together with its affiliates and controlling principals, has average gross revenues not exceeding $40 million for the preceding three years. Additionally, a very small business is an entity that, together with its affiliates and controlling principals, has average gross revenues that are not more than $15 million for the preceding three years. SBA approval of these definitions is not required. An auction of 52 Major Economic Area (MEA) licenses commenced on September 6, 2000, and closed on September 21, 2000. Of the 104 licenses auctioned, 96 licenses were sold to nine bidders. Five of these bidders were small businesses that won a total of 26 licenses. A second auction of 700 MHz Guard Band licenses commenced on February 13, 2001, and closed on February 21, 2001. All eight of the licenses auctioned were sold to three bidders. One of these bidders was a small business that won a total of two licenses.
Specialized Mobile Radio. The Commission awards “small entity” bidding credits in auctions for Specialized Mobile Radio (SMR) geographic area licenses in the 800 MHz and 900 MHz bands to firms that had revenues of no more than $15 million in each of the three previous calendar years. The Commission awards “very small entity” bidding credits to firms that had revenues of no more than $3 million in each of the three previous calendar years. The SBA has approved these small business size standards for the 900 MHz Service. The Commission has held auctions for geographic area licenses in the 800 MHz and 900 MHz bands. The 900 MHz SMR auction began on December 5, 1995, and closed on April 15, 1996. Sixty bidders claiming that they qualified as small businesses under the $15 million size standard won 263 geographic area licenses in the 900 MHz SMR band. The 800 MHz SMR auction for the upper 200 channels began on October 28, 1997, and was completed on December 8, 1997. Ten bidders claiming that they qualified as small businesses under the $15 million size standard won 38 geographic area licenses for the upper 200 channels in the 800 MHz SMR band. A second auction for the 800 MHz band was held on January 10, 2002 and closed on January 17, 2002 and included 23 BEA licenses. One bidder claiming small business status won five licenses.
The auction of the 1,053 800 MHz SMR geographic area licenses for the General Category channels began on August 16, 2000, and was completed on September 1, 2000. Eleven bidders won 108 geographic area licenses for the General Category channels in the 800 MHz SMR band qualified as small businesses under the $15 million size standard. In an auction completed on December 5, 2000, a total of 2,800 Economic Area licenses in the lower 80 channels of the 800 MHz SMR service were sold. Of the 22 winning bidders, 19 claimed small business status and won 129 licenses. Thus, combining all three auctions, 40 winning bidders for geographic licenses in the 800 MHz SMR band claimed status as small business.
In addition, there are numerous incumbent site-by-site SMR licensees and licensees with extended implementation authorizations in the 800 and 900 MHz bands. We do not know how many firms provide 800 MHz or 900 MHz geographic area SMR pursuant to extended implementation authorizations, nor how many of these providers have annual revenues of no more than $15 million. One firm has over $15 million in revenues. We assume, for purposes of this analysis, that all of the remaining existing extended implementation authorizations are held by small entities, as that small business size standard is approved by the SBA.
Description of Projected Reporting, Recordkeeping, and Other Compliance Requirements for Small Entities
There are two distinct types of compliance requirements associated with this Order. First, wireless providers that provide wireless messaging service must provide to the Commission a list of all their domain names used for wireless messages. The record indicates that this list for each service provider is thought to be relatively static and of manageable size. We expect service providers to provide this list electronically and do not expect production of such a list by a business, even a small business, to be expensive or time consuming.
As a result of this mandate, businesses wishing to send commercial electronic messages must avoid sending messages to addresses that reference the domain names for wireless devices unless they have obtained the subscriber's express prior authorization. To do this, senders may check the list of domain names. Thus, prior to sending a commercial message to that address, businesses must also obtain express authorization from any subscriber whose e-mail address includes a domain name that appears on the list. This express authorization may be obtained either by oral or written means and must be obtained only once until the subscriber revokes such authorization. Because the list of domain names is expected to be small, we do not anticipate the compliance burden of checking such a list to be great.
Steps Taken To Minimize the Significant Economic Impact on Small Entities, and Significant Alternatives Considered
The RFA requires an agency to describe any significant alternatives that it has considered in developing its approach, which may include the following four alternatives (among others): “(1) The establishment of differing compliance or reporting requirements or timetables that take into account the resources available to small entities; (2) the clarification, consolidation, or simplification of compliance and reporting requirements under the rule for such small entities; (3) the use of performance rather than design standards; and (4) an exemption from coverage of the rule, or any part thereof, for such small entities.”
Initially, we note that the rules are intended to protect subscribers, including small businesses, from unwanted mobile service commercial messages. Congress found these unwanted messages to be costly and time-consuming for wireless subscribers. The rules adopted in this Order will benefit small businesses by reducing cost and time burdens on small businesses that receive such messages.
One alternative considered by the Commission was a registry of individual e-mail addresses. This list would have been similar to the national “do-not-call” registry; however, after careful consideration of the costs and benefits of creating a national do-not-e-mail registry, including consideration of the burden on small businesses, we believe that the disadvantages of such a system outweigh the possible advantages. We would expect such a system to contain millions of records, which unlike the “do-not-call” registry would each be unique in length and type of characters, making searching and scrubbing of such a list difficult and time consuming, perhaps inordinately so for small businesses. Therefore, we instead chose to adopt rules requiring the registering of domain names used for mobile service with the Commission.
Unlike individual e-mail addresses, the list of domain names is limited and manageable. The record indicates that it is already wireless providers' practice to use certain domain names and that the establishment of such a list would not burden carriers, presumably not even small carriers, and would place the burden of complying with the CAN SPAM Act on the senders of commercial messages. No commercial e-mail can be sent to an address that contains one of the domain names that has been on the list for 30 days or the that sender otherwise knows to be for wireless service, unless the sender has obtained express authorization from the subscriber. The list of domain names will be available without cost from the Commission in an electronic format. While senders of commercial messages will not be required to provide proof that they consulted the wireless domain name list or that they consulted it at a particular time, any person or entity may use as a “safe harbor” defense the fact that a specific domain name was not on the list more than 30 days before the offending message was initiated. This “safe harbor” defense shall not excuse any willful violation—if the sender otherwise know the e-mail address to be protected—of the ban on sending unwanted messages to wireless subscribers. We expect that global searches of senders' electronic mail lists to identify the domain names will be easy and inexpensive.
A second alternative considered by the Commission was in the area of obtaining express authorization. The Commission has declined to require that the express authorization be in writing. Senders, who must obtain this authorization before sending commercial electronic messages, are permitted to obtain such authorization by oral or written means, including electronic methods. Although not alleviating the entire burden on small businesses, the record would suggest that there is less of a burden if authorizations can be made orally instead of in writing. If the authorization is in writing, it may be obtained in a variety of ways—including paper form or electronic mail. By allowing a variety of methods for authorization, the Commission is allowing senders of commercial messages, including any small businesses, to choose the method that works best for them. It is expected that this ability to choose will result in greater efficiencies and less cost for small businesses while still allowing them to comply with the CAN SPAM Act.
Report to Congress
The Commission will send a copy of the Order, including this Final Regulatory Flexibility Analysis (FRFA), in a report to be sent to Congress pursuant to the Congressional Review Act. In addition, the Commission will send a copy of the Order, including this FRFA, to the Chief Counsel for Advocacy of the SBA. A copy of the Order and FRFA (or summaries thereof) will also be published in the Federal Register.
Ordering Clauses
Accordingly, pursuant to authority contained in sections 1-4, 222, 227 and 303(r) of the Communications Act of 1934, as amended; 47 U.S.C. 151-154, 222, 227, and 303(r); and the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, Public Law 108-187, 117 Statute 2699; 15 U.S.C. 7701-7712, the Order in CG Docket Nos. 04-53 and 02-278 is adopted and Part 64 of the Commission's rules, 47 CFR Part 64, is amended as set forth in Appendix B.
The requirements of this Order shall become effective October 18, 2004. The rules in 47 CFR 64.3100 that contain information collection requirements under the PRA are not effective until approved by OMB. Once these information collections are approved by OMB, the Commission will release a public notice and publish a document in the Federal Register announcing the effective date of these rules.
The Commission delegates to the Consumer & Governmental Affairs Bureau the authority to amend the rules to reflect any updates in the time-frames adopted under this Order that are dependent upon the Federal Trade Commission's rules under the CAN SPAM Act, as discussed herein, and to amend the definitions dependent on the Federal Trade Commission's rules under the CAN SPAM Act, as discussed herein.
The Commission's Consumer & Governmental Affairs Bureau, Reference Information Center, shall send a copy of this Order, including the Final Regulatory Flexibility Analysis, to the Chief Counsel for Advocacy of the Small Business Administration.
List of Subjects in 47 CFR Part 64
- Communications common carriers and Reporting and recordkeeping requirements
Federal Communications Commission.
Marlene H. Dortch,
Secretary.
Rule Changes
For the reasons discussed in the preamble, the Federal Communications Commission amends 47 CFR part 64 as follows:
PART 64—MISCELLANEOUS RULES RELATING TO COMMON CARRIERS
1. The authority citation for part 64 continues to read as follows: 47 U.S.C. 154, 254(k); secs. 403(b)(2)(B), (c), Public Law 104-104, 110 Stat. 56. Interpret or apply 47 U.S.C. 201, 218, 225, 226, 228, and 254(k) unless otherwise noted.
2. Subpart BB is added with the Subpart Heading to read as follows:
Subpart BB—Restrictions on Unwanted Mobile Commercial Service Messages
3. Section 64.3100 is added to read as follows:
(a) No person or entity may initiate any mobile service commercial message, as those terms are defined in paragraph (c)(7) of this section, unless:
(1) That person or entity has the express prior authorization of the addressee;
(2) That person or entity is forwarding that message to its own address;
(3) That person or entity is forwarding to an address provided that
(i) The original sender has not provided any payment, consideration or other inducement to that person or entity; and
(ii) That message does not advertise or promote a product, service, or Internet website of the person or entity forwarding the message; or
(4) The address to which that message is sent or directed does not include a reference to a domain name that has been posted on the FCC's wireless domain names list for a period of at least 30 days before that message was initiated, provided that the person or entity does not knowingly initiate a mobile service commercial message.
(b) Any person or entity initiating any mobile service commercial message must:
(1) Cease sending further messages within ten (10) days after receiving such a request by a subscriber;
(2) Include a functioning return electronic mail address or other Internet-based mechanism that is clearly and conspicuously displayed for the purpose of receiving requests to cease the initiating of mobile service commercial messages and/or commercial electronic mail messages, and that does not require the subscriber to view or hear further commercial content other than institutional identification;
(3) Provide to a recipient who electronically grants express prior authorization to send commercial electronic mail messages with a functioning option and clear and conspicuous instructions to reject further messages by the same electronic means that was used to obtain authorization;
(4) Ensure that the use of at least one option provided in paragraphs (b)(2) and (b)(3) of this section does not result in additional charges to the subscriber;
(5) Identify themselves in the message in a form that will allow a subscriber to reasonably determine that the sender is the authorized entity; and
(6) For no less than 30 days after the transmission of any mobile service commercial message, remain capable of receiving messages or communications made to the electronic mail address, other Internet-based mechanism or, if applicable, other electronic means provided by the sender as described in paragraph (b)(2) and (b)(3) of this section.
(c) Definitions. For the purpose of this subpart:
(1) Commercial Mobile Radio Service Provider means any provider that offers the services defined in 47 CFR Section 20.9.
(2) Commercial electronic mail message means the term as defined in the CAN SPAM Act, 15 U.S.C. Section 7702. The term is defined as “an electronic message for which the primary purpose is commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose).” The term “commercial electronic mail message” does not include a transactional or relationship message.
(3) Domain name means any alphanumeric designation which is registered with or assigned by any domain name registrar, domain name registry, or other domain name registration authority as part of an electronic address on the Internet.
(4) Electronic mail address means a destination, commonly expressed as a string of characters, consisting of a unique user name or mailbox and a reference to an Internet domain, whether or not displayed, to which an electronic mail message can be sent or delivered.
(5) Electronic mail message means a message sent to a unique electronic mail address.
(6) Initiate, with respect to a commercial electronic mail message, means to originate or transmit such messages or to procure the origination or transmission of such message, but shall not include actions that constitute routine conveyance of such message. For purposes of this paragraph, more than one person may be considered to have initiated a message. “Routine conveyance” means the transmission, routing, relaying, handling, or storing, through an automatic technical process, or an electronic mail message for which another person has identified the recipients or provided the recipient addresses.
(7) Mobile Service Commercial Message means a commercial electronic mail message that is transmitted directly to a wireless device that is utilized by a subscriber of a commercial mobile service (as such term is defined in section 332(d) of the Communications Act of 1934 (47 U.S.C. 332(d)) in connection with such service. A commercial message is presumed to be a mobile service commercial message if it is sent or directed to any address containing a reference, whether or not displayed, to an Internet domain listed on the FCC's wireless domain names list. The FCC's wireless domain names list will be available on the FCC's website and at the Commission headquarters, 445 12th St., SW., Washington, DC 20554.
(8) Transactional or relationship message means any electronic mail message the primary purpose of which is:
(i) To facilitate, complete, or confirm a commercial transaction that the recipient has previously agreed to enter into with the sender;
(ii) To provide warranty information, product recall information, or safety or security information with respect to a commercial product or service used or purchased by the recipient;
(iii) To provide:
(A) Notification concerning a change in the terms or features of;
(B) Notification of a change in the recipient's standing or status with respect to; or
(C) At regular periodic intervals, account balance information or other type of account statement with respect to a subscription, membership, account, loan, or comparable ongoing commercial relationship involving the ongoing purchase or use by the recipient of products or services offered by the sender;
(D) To provide information directly related to an employment relationship or related benefit plan in which the recipient is currently involved, participating, or enrolled; or
(E) To deliver goods or services, including product updates or upgrades, that the recipient is entitled to receive under the terms of a transaction that the recipient has previously agreed to enter into with the sender.
(d) Express Prior Authorization may be obtained by oral or written means, including electronic methods.
(1) Written authorization must contain the subscriber's signature, including an electronic signature as defined by 15 U.S.C. 7001 (E-Sign Act).
(2) All authorizations must include the electronic mail address to which mobile service commercial messages can be sent or directed. If the authorization is made through a website, the website must allow the subscriber to input the specific electronic mail address to which commercial messages may be sent.
(3) Express Prior Authorization must be obtained by the party initiating the mobile service commercial message. In the absence of a specific request by the subscriber to the contrary, express prior authorization shall apply only to the particular person or entity seeking the authorization and not to any affiliated entities unless the subscriber expressly agrees to their being included in the express prior authorization.
(4) Express Prior Authorization may be revoked by a request from the subscriber, as noted in paragraph (b)(2) and (b)(3) of this section.
(5) All requests for express prior authorization must include the following disclosures:
(i) That the subscriber is agreeing to receive mobile service commercial messages sent to his/her wireless device from a particular sender. The disclosure must state clearly the identity of the business, individual, or other entity that will be sending the messages;
(ii) That the subscriber may be charged by his/her wireless service provider in connection with receipt of such messages; and
(iii) That the subscriber may revoke his/her authorization to receive MSCMs at any time.
(6) All notices containing the required disclosures must be clearly legible, use sufficiently large type or, if audio, be of sufficiently loud volume, and be placed so as to be readily apparent to a wireless subscriber. Any such disclosures must be presented separately from any other authorizations in the document or oral presentation. If any portion of the notice is translated into another language, then all portions of the notice must be translated into the same language.
(e) All CMRS providers must identify all electronic mail domain names used to offer subscribers messaging specifically for wireless devices in connection with commercial mobile service in the manner and time-frame described in a public notice to be issued by the Consumer & Governmental Affairs Bureau.
(f) Each CMRS provider is responsible for the continuing accuracy and completeness of information furnished for the FCC's wireless domain names list. CMRS providers must:
(1) File any future updates to listings with the Commission not less than 30 days before issuing subscribers any new or modified domain name;
(2) Remove any domain name that has not been issued to subscribers or is no longer in use within 6 months of placing it on the list or last date of use; and
(3) Certify that any domain name placed on the FCC's wireless domain names list is used for mobile service messaging.
[FR Doc. 04-20901 Filed 9-15-04; 8:45 am]
BILLING CODE 6712-01-U