Spoofing tactic appears to backfire on robocaller.

As a public service, we offer a couple of helpful CommLawBlog tips to folks who feel like violating the Telephone Consumer Protection Act (TCPA) by making unsolicited prerecorded advertising calls:

  1. First and foremost, DON’T violate the TCPA;
  2. If you insist on ignoring Tip No. 1, at least:
  • Don’t call numbers on the National Do No Call Registry;
  • Don’t provide an “opt-out” number that doesn’t work;
  • Don’t “spoof” somebody else’s number so that their number, not yours, shows up in the caller ID display of the folks you’re illegally calling;
  • And, ABOVE ALL, don’t tick off constituents of Senator John McCain.

Security First of Alabama (Security First) made all these mistakes, and it’s now got $342,000 worth of reasons to regret having done so.

As our readers know, the TCPA requires (among other things) that telemarketers obtain a consumer’s prior express consent before making robocalls (i.e., calls using prerecorded voice messages) to the consumer’s residential phone. (There are some very limited exemptions to that prohibition, but they don’t come into play here. Also, there are additional requirements – like getting the consent in writing – when robocalls to mobile phones are involved, but those also didn’t come into play here.) We have previously reported big fines imposed by the FCC for violating that prior consent requirement. Security First’s fine may be somewhat smaller than those, but it does highlight a couple of points of interest.

Security First’s story began in November, 2008, when the Commission received a consumer complaint alleging that Security First had delivered unsolicited, prerecorded advertising messages. The FCC’s Enforcement Bureau issued a citation to Security First, advising it of the apparent violation, offering it the opportunity to respond to the allegation (in writing or in person), and warning it that, if further violations were to occur, it would be looking at a hefty fine.

Security First didn’t respond to the citation, but it apparently did keep violating the telemarketing rules: another 33 complaints rolled in alleging a total of 43 new violations.

Fast forward to April, 2011. The FCC issues a Notice of Apparent Liability to Security First. Proposed penalty: $342,000. Again, Security First is given an opportunity to respond and defend itself. This time it does respond, but late, and only with a cursory denial which the FCC does not find credible. (The FCC’s reaction to Security First’s denial may have been influenced by the fact that, while the denial was dated before Security First’s response was due, the envelope in which it was mailed showed a postmark almost a month later … and an attachment included with the response was also dated later than the response itself.)

The FCC may not have been impressed by Security First’s response, but it was impressed – although not favorably – by a few factors which caught our eye as well. While some of the offending calls appeared to have been just plain old garden variety unconsented robocalls, most of the complaints indicated that Security First’s abuses didn’t stop there. It had apparently: called phone numbers registered on the National Do Not Call Registry; provided an opt-out telephone number in the recorded message that was always busy or disconnected; failed to honor do-not-call requests that were made; and deliberately caused inaccurate telephone numbers to appear on consumer caller ID displays.

That last practice – commonly referred to as “spoofing” – may have been Security First’s biggest tactical mistake. By showing somebody else’s phone number on consumer caller ID displays, Security First led consumers to direct their opt-out requests and complaints to some other, innocent, company. Wouldn’t you know it, the innocent company whose number got spoofed happened to be a constituent of Senator McCain. And sure enough, the FCC received a letter from McCain on behalf of that innocent company. He noted that, as a result of Security First’s spoofing of the constituent’s number, the innocent company’s office was “bombarded with hundreds of phone calls … from irate people….” The Senator was obviously not happy.

The FCC fined Security First “only” $4,500 for each of the plain old garden variety robocalls. But when it came to calls that included the further violations, it bumped up the fine to $10,000 for each of those calls, to reach the grand total of $342,000.

We don’t know for sure what influenced the FCC to act here. Perhaps it was the spoofing, or the Do Not Call violations, or the letter from Senator McCain – he can be an intimidating figure. Or maybe the Commission would have lowered the boom on Security First regardless of those factors.  We do know, though, that Security First is now $342,000 in the hole to the FCC for having violated the TCPA telemarketing rules. With the FCC currently on an enforcement spree, other telemarketers would be wise to make sure that they are complying with the TCPA.