Over the past year, the Telephone Consumer Protection Act (TCPA) landscape has undergone a series of significant shifts. TCPA defendants received a boost last year when the Supreme Court of the United States narrowed a key statutory definition in Facebook v. Duguid. Plaintiffs adjusted quickly with novel theories around the issue of whether minors can validly consent (Hall v. Smosh Dot Com., Inc.) to receive automated calls and text messages under the law. Now, a federal district court in the state of Washington has issued a decision in Johansen v. EFinancial, LLC, No. 2:20-CV-01351-DGE, 2022 WL 168170 (W.D. Wash. Jan. 18, 2022), that highlights the importance of the TCPA safe harbor and the need for companies to be careful when obtaining consent through electronic means.

The Background

The Supreme Court's decision in Facebook v. Duguid, 137 S.Ct. 2148 (2021) was a boon to TCPA defendants by narrowing the definition of what constitutes an automatic telephone dialing system (ATDS) under the statute, thus eliminating a key avenue of attack for plaintiffs. The decision has already had the predicted result of getting claims dismissed in federal courts across the country.

The E-Sign Act and the TCPA Safe Harbor

A defendant may incur liability, even without using an ATDS, by calling or texting a number on the National Do Not Call (DNC) Registry. But a defendant can avoid that liability by first obtaining prior express written consent signed by the recipient of the communication. 47 C.F.R. § 64.1200(c)(2)(ii). In a 2012 Report and Order, the FCC blessed the use of website forms, email, text messages, telephone key presses and voice recordings to obtain prior express written consent, so long as the method used to record the recipient's consent complies with the E-SIGN Act, which provides that "a signature, contract, or other record relating to such transaction may not be denied legal effect, validity, or enforceability solely because it is an electronic form." 15 U.S.C. §7001(a). Valid consent under the act must provide, among other things, a "clear and conspicuous statement" establishing (1) the right to withdraw consent, (2) the scope of the transaction to which the consent applies, and (3) the procedures to withdraw consent. 15 U.S.C. § 7001(c)(1).

Where consent is lacking, a call may sometimes be placed to a number on the DNC Registry despite best efforts to avoid it. That is why the TCPA offers a safe harbor allowing a defendant to raise the affirmative defense that it "has established and implemented, with due care, reasonable practices and procedures to effectively prevent telephone solicitations in violation of the regulations prescribed under this subsection." 47 U.S.C. § 227(c)(5). The practical result is that defendants can potentially avoid liability for a TCPA violation by showing that the call was placed in error and that they had routine policies and procedures in place designed to avoid a violation. 47 C.F.R. § 64.1200(c)(2)(i)(A)-(E).

Johansen v. EFinancial, LLC

Factual and Procedural Background

In April 2020, EFinancial, a third-party company that helps consumers find life insurance policies, received a request for a life insurance quote through its website that purported to be from Kenneth Johansen. EFinancial's website required anyone submitting a request to enter several pieces of personal information about themselves and give consent to be contacted through various means. The form also informed the consumer about the scope of the consent. EFinancial called Johansen twice, but Johansen only answered once. At the start of the call, the EFinancial representative identified herself and the company, disclosed the purpose of the call, and confirmed Johansen's personal information as reflected in the website form. Rather than object to the call, Johansen volunteered additional detailed information about his criminal and medical history and told the representative he was seeking insurance quotes because he was concerned about covering expenses and "taking care of everything." Only after speaking with the representative for nearly 26 minutes did Johansen raise the concern that his name was on the DNC Registry and press the representative for her contact information and the name of the specific insurer offering the quote. Once the call was over, EFinancial placed Johansen on its internal "do not call" list and ceased attempts to call him.

In September 2020, Johansen brought a claim against EFinancial under the TCPA on behalf of himself and a potential class, alleging the company violated the law by calling him and the putative class members even though their numbers are on the national DNC Registry. Although Johansen sought relief for both phone calls, the court concluded that only the one he answered subjected EFinancial to potential TCPA liability.

EFinancial moved for summary judgment on Johansen's claims, and a magistrate judge issued a Report and Recommendation (R&R) that the district court grant the motion. Johansen objected to the R&R on the basis that the magistrate judge erred in finding (1) Johansen consented to the call; (2) EFinancial had a basis to contact him; and (3) that EFinancial was protected by the safe harbor provision of the TCPA. The district court disagreed with Johansen, adopting the R&R and holding a reasonable jury would find that the website request form supplied EFinancial with proper consent and a basis to contact Johansen, and the safe harbor provision applied even if Johansen's claim were true that he did not submit the request.

The Court's Decision

EFinancial Had Johansen's Consent and a Basis for Contact

The summary judgment standard of review meant the court's analysis turned on Johansen's actual evidence, rather than the allegations of his complaint, and thus gave Johansen a steep hill to climb. Johansen tried in vain to marshal technical evidence that overseas hackers were involved or that EFinancial fraudulently sent the request to itself. Unmoved, the court concluded Johansen's contentions were highly speculative and, in any event, found the evidence showed that even if some indicators were inconclusive, others showed he completed the form. And the form itself clearly indicated Johansen's consent to be called, emailed, and receive both SMS and MMS messages.

Johansen also gained no traction with the belated argument that he was using the call to uncover other bad companies. Noting the absence of that contention in Johansen's declaration, the court found instead that Johansen's cooperation during the majority of the 26-minute call, coupled with his choice to voluntarily share more personal information, supported the conclusion that he wanted an insurance quote.

The Safe Harbor Applied Regardless

Johansen argued that EFinancial did not qualify for protection under the safe harbor because it never purchased the DNC list, and substantial compliance with the TCPA was not enough to escape liability. EFinancial supported its bid for summary judgment with a declaration from employees, as well as training materials that detailed its compliance framework. That, in the court's view, was enough to provide "significant evidence" that the company's routine business procedures complied with the TCPA, preventing calls to Johansen himself except for the one at issue in the case.

The court also declined Johansen's invitation to conclude the call was not made "in error" because the facts did not point to a procedural breakdown or unintentional solicitation. The court reasoned that a defendant need not suffer a procedural breakdown to be covered by the safe harbor provision. Instead, the court noted the plain meaning of "error" is "a mistake" and found the evidence before it showed EFinancial's call was a mistake because Johansen argued he never consented to the call but EFinancial clearly believed he had.

Takeaways

This case highlights important considerations for TCPA compliance and litigation.

First, while the decision affirms the viability of the safe harbor for inadvertent calls, a few aspects still warrant caution. To begin with, the safe harbor only applies to certain calls under certain conditions. To qualify, a company must have made the call "in error," and while the court here found that EFinancial did, its analysis of the concept may offer plaintiffs wiggle room to challenge those facts in other cases. Nevertheless, the decision highlights the necessity of having proper policies and procedures in place to be eligible for the safe harbor. Thus, companies should assess their TCPA compliance plan to ensure its sufficiency and develop one if it does not already exist.

Second, the decision upholds the ability to use website forms and other electronic means to obtain prior express written consent. But companies should be sure that any such method complies with the E-SIGN Act by properly disclosing that a consumer is providing consent to be contacted, the scope of the consent provided, and methods to withdraw it. Moreover, based on this decision and a recent one in the District of Massachusetts, Mantha v. QuoteWizard.com, LLC, No. 19-12235, 2020 U.S. Dist. LEXIS 45481 (D. Mass. March 16, 2020), companies should also be sure they can verify that the person they are calling is the same person who provided electronic consent.

Third, the plaintiff himself: Johansen is a prolific TCPA plaintiff who was excoriated by a federal court in the Southern District of Florida in Johansen v. Bluegreen Vacations Unlimited, No. 20-81076-CIV-SMITH, 2021 U.S. Dist. LEXIS 207872 (S.D. Fla. Sep. 30, 2021) for filing some 60 lawsuits that brought him an average of $60,000 per year by posing as a customer or potential customer in calls with companies and prolonging them to create claims and enhance damages. Johansen's behavior prompted the Florida federal court to deny his motion to certify a putative class for lack of typicality, because the putative class members did not engage in the kind of behavior Johansen admitted in deposition testimony was "deceptive." And as evidenced by a single, lengthy footnote, the Washington federal court weighed the claim against EFinancial while being cognizant of Johansen's checkered past. Serial plaintiffs like Johansen thus potentially offer defendants a viable path to defeating class certification. Such serial plaintiffs also highlight the importance of TCPA compliance.

Finally, as we have noted before, companies should bear in mind that plaintiffs are hard at work producing novel theories to challenge consent, including that a minor is legally incapable of providing valid consent under the TCPA. The proliferation of these new legal theories makes it critical that companies obtain proper consent and have adequate policies and procedures if they hope to avoid TCPA liability.

For More Information

If you have any questions about this Alert, please contact John D. Huh, Simeon S. Poles, any of the attorneys in our Trial Practice Group any of the attorneys in our Technology, Media and Telecom Industry Group or the attorney in the firm with whom you are regularly in contact.

Disclaimer: This Alert has been prepared and published for informational purposes only and is not offered, nor should be construed, as legal advice. For more information, please see the firm's full disclaimer.