[Federal Register: September 16, 2004 (Volume 69, Number 179)]
[Rules and Regulations]
[Page 55765-55780]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr16se04-11]
=======================================================================
-----------------------------------------------------------------------
FEDERAL COMMUNICATIONS COMMISSION
47 CFR Part 64
[CG Docket Nos. 04-53 and 02-278; FCC 04-194]
Rules and Regulations Implementing the Controlling the Assault of
Non-Solicited Pornography and Marketing Act of 2003; Rules and
Regulations Implementing the Telephone Consumer Protection Act of 1991
AGENCY: Federal Communications Commission.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: In this document, the Commission adopts rules to implement
those aspects of the Controlling the Assault of the Non-Solicited
Pornography and Marketing Act of 2003 (CAN SPAM Act) directed to the
Federal Communications Commission (FCC or Commission). Also, in this
document, the Commission adopts a general prohibition on sending
commercial messages to any address referencing an Internet domain name
associated with wireless subscriber messaging services. Furthermore,
the Commission clarifies the delineation between these new rules
implementing the CAN SPAM Act and our existing rules concerning
messages sent to wireless telephone numbers under the Telephone
Consumer Protection Act (TCPA).
DATES: Effective October 18, 2004 except Sec. 64.3100(a)(4), (d), (e)
and (f) of the Commission's rules, which contain information collection
requirements under the Paperwork Reduction Act (PRA) that are not
effective until approved by Office of Management and Budget (OMB).
Written comments by the public on the new and modified information
collections are due November 15, 2004. The Commission will publish a
document in the Federal Register announcing the effective date for
these rules.
ADDRESSES: Federal Communications Commission, 445 12th Street, SW.,
Washington, DC 20554. In addition to filing comments with the
Secretary, a copy of any comments on the
[[Page 55766]]
Paperwork Reduction Act (PRA) information collection requirements
contained herein should be submitted to Judith B. Herman, Federal
Communications Commission, Room 1-C804, 445 12th Street, SW.,
Washington, DC 20554, or via the Internet to Judith-B.Herman@fcc.gov,
and to Kristy L. LaLonde, OMB Desk Officer, Room 10234 NEOB, 725 17th
Street, NW., Washington, DC 20503, via the Internet to
Kristy_L._LaLonde@omb.eop.gov, or via fax at (202) 395-5167.
FOR FURTHER INFORMATION CONTACT: Ruth Yodaiken, of the Consumer &
Governmental Affairs Bureau at (202) 418-7928 (voice), or e-mail
Ruth.Yodaiken@fcc.gov. For additional information concerning the PRA
information collection requirements contained in this document, contact
Judith B. Herman at (202) 418-0214, or via the Internet at
Judith-B.Herman@fcc.gov.
SUPPLEMENTARY INFORMATION: This Order contains new or modified
information collection requirements subject to the PRA of 1995, Public
Law 104-13. These will be submitted to the Office of Management and
Budget (OMB) for review under section 3507(d) of the PRA. OMB, the
general public, and other Federal agencies are invited to comment on
the new or modified information collection requirements contained in
this proceeding. The Order addresses issues arising from Rules and
Regulations Implementing the Controlling the Assault of Non-Solicited
Pornography and Marketing Act of 2003; Rules and Regulations
Implementing the Telephone Consumer Protection Act of 1991 Notice of
Proposed Rulemaking (NPRM), CG Docket Nos. 02-278 and 04-53; FCC 04-52.
Copies of any subsequently filed documents in this matter will be
available for public inspection and copying during regular business
hours at the FCC Reference Information Center, Portals II, 445 12th
Street, SW., Room CY-A257, Washington, DC 20554. The complete text of
this decision may be purchased from the Commission's duplicating
contractor, Best Copy and Printing, Inc. (BCPI), Portals II, 445 12th
Street, SW., Room CY-B402, Washington, DC 20554. Customers may contact
BCPI, Inc. at their web site: http://www.bcpiweb.com or call 1-800-378-3160.
To request materials in accessible formats for people with disabilities
(Braille, large print, electronic files, audio format), send an e-mail
to fcc504@fcc.gov or call the Consumer & Governmental Affairs Bureau at
(202) 418-0530 (voice) or (202) 418-0432 (TTY). This Order can also be
downloaded in Word and Portable Document Format (PDF) at: http://www.fcc.gov/cgb/pol
.
Paperwork Reduction Act of 1995 Analysis
This Order contains new or modified information collection
requirements. The Commission, as part of its continuing effort to
reduce paperwork burdens, invites the general public to comment on the
information collection requirements contained in the Order as required
by the Paperwork Reduction Act (PRA) of 1995, Public Law 104-13. Public
and agency comments are due November 15, 2004. In addition, the
Commission notes that pursuant to the Small Business Paperwork Relief
Act of 2002, Public Law 107-198, see 44 U.S.C. 3506(c)(4), we
previously sought specific comment on how the commission might
``further reduce the information collection burden for small business
concerns with fewer than 25 employees.'' In the present document we
have assessed the effects of adopting these rules, and find that there
may be an administrative burden on businesses with fewer than 25
employees. However, since this action is consistent with our mandate
from Congress under the Controlling the Assault of Non-Solicited
Pornography and Marketing Act of 2003, we believe small businesses will
also benefit from this requirement in that they too will receive less
unwanted commercial messages. In addition, the rules allow entities and
persons a variety of ways to obtain express prior authorization to send
such messages, which should substantially alleviate any burdens imposed
on all businesses, including those with fewer than 25 employees.
Synopsis
In this Order, the Commission adopts rules to implement those
aspects of the Controlling the Assault of Non-Solicited Pornography and
Marketing Act of 2003 (CAN SPAM Act) directed to the Federal
Communications Commission (FCC or Commission). The CAN SPAM Act directs
the Commission to issue regulations to protect consumers from
``unwanted mobile service commercial messages.'' Thus, we adopt a
general prohibition on sending commercial messages to any address
referencing an Internet domain name associated with wireless subscriber
messaging services. To assist the senders of such messages in
identifying those subscribers, we require that commercial mobile radio
service (CMRS) providers submit those domain names to the Commission,
for inclusion in a list that will be made publicly available. We also
clarify the delineation between these new rules implementing the CAN
SPAM Act, and our existing rules concerning messages sent to wireless
telephone numbers under the Telephone Consumer Protection Act (TCPA).
Discussion
A. Mobile Service Commercial Message (MSCM)
Section 14 (b)(1) of the CAN SPAM Act requires that the Commission
adopt rules to provide subscribers with the ability to avoid receiving
a ``mobile service commercial message'' unless the subscriber has
expressly authorized such messages beforehand. An MSCM is defined in
the CAN SPAM Act as a ``commercial electronic mail message that is
transmitted directly to a wireless device that is utilized by a
subscriber of commercial mobile service'' as defined in 47 U.S.C.
332(d) ``in connection with that service.'' The CAN SPAM Act defines an
electronic mail message as a message having a unique electronic mail
address that includes ``a reference to an Internet domain.''
In the CAN SPAM NPRM, we asked whether it was appropriate to find
that only commercial electronic mail messages transmitted directly to a
wireless device used by a CMRS subscriber would fall within the
definition of MSCMs under the CAN SPAM Act. We sought comment on
whether the statutory language would be satisfied by our proposed
interpretation that an MSCM is a message transmitted to an electronic
mail address provided by a CMRS provider for delivery to the addressee
subscriber's wireless device. We asked for comment on whether an MSCM
must be limited to a message sent to a wireless device used by a
subscriber of CMRS ``in connection with that service.''
Few commenters directly addressed the scope of MSCMs, aside from
references to forwarding, SMS, and similar technology discussed below.
We agree with Dobson that the definition of MSCM should be limited to
messages sent to addresses referencing domain names assigned by each
CMRS carrier for mobile service message (MSM) service. This is
consistent with the intent of the CAN SPAM Act in that section 14 of
the CAN SPAM Act governs only those messages that are mobile services
messages. We therefore adopt a definition of MSCM that is limited to a
message transmitted to an electronic mail address provided by a CMRS
provider for delivery to the subscriber's wireless device. Our
definition of MSCM only applies to
[[Page 55767]]
those CMRS mail addresses designated by carriers specifically for
mobile service messaging. For example, if a wireless carrier offered
general electronic mail service not designed specifically for mobile
devices, such service would not be covered by section 14 of the CAN
SPAM Act. Forwarded messages. We sought comment on our tentative
conclusion that messages ``forwarded'' by a subscriber to his or her
own wireless device are not covered under section 14 of the CAN SPAM
Act. Commenters agree with the Commission that section 14 of the CAN
SPAM Act is not meant to cover forwarding in general. The Consumers
Union warned the Commission not to allow the exclusion of ``forwarded''
messages to become a loophole for marketers who encourage others to
forward messages to their friends and associates. We agree that the
rules should exclude those messages forwarded by the subscriber's
actions to forward messages to his or her own wireless device. However,
a person who receives consideration or inducement to forward a
commercial message to a wireless device other than his or her own
device would be subject to the rules implementing section 14 of the CAN
SPAM Act. In addition, VeriSign notes that some technologies being
explored would allow for differentiation of forwarded mail from other
mail. We do not rule out revisiting this issue in the future if such
technology becomes widely available.
SMS Messages: In the NPRM, we asked for comment on whether the
definition of an MSCM should include messages using different
technologies, including Internet-to-phone SMS. We noted that the TCPA
and Commission's rules that specifically prohibit using automatic
telephone dialing systems to call wireless numbers already apply to any
type of call, including both voice and text calls. We also noted in the
NPRM that the legislative history of The CAN SPAM Act suggests section
14, in conjunction with the TCPA, was intended to address wireless text
messaging. We proposed that Internet-to-phone SMS calls, which include
addresses that reference Internet domains, should be considered MSCMs
and should be addressed under section 14 of the CAN SPAM Act.
Commenters in general agree with our proposal that Internet-to-
phone SMS calls should be covered by section 14 of the CAN SPAM Act.
National Association of Attorneys General (NAAG) and other commenters
argue that the FCC should also address all SMS, whether Internet-to-
phone or phone-to-phone SMS service. Several commenters raise the issue
of whether MSCMs should include all types of message services,
including those transmitting images, audio messages and those using
short codes.
We conclude that the definition of MSCM under the CAN SPAM Act
includes any commercial electronic mail message as long as the address
to which it is sent or transmitted includes a reference to the Internet
and is for a wireless device as discussed above. This holds true
regardless of the format of the message, such as audio messages. We
believe this interpretation best applies the statutory language to the
evolving technology for delivering such messages. Therefore, messages
sent using Internet-to-phone SMS technology are among messages covered
by section 14 of the CAN SPAM Act when they include an Internet
reference in the address to which the message is sent or delivered.
We find, however, that the CAN SPAM Act does not apply to those
technologies that use other types of addresses or numbers to send or
deliver messages to wireless devices. For example, as discussed above,
we agree with those commenters who maintain that phone-to-phone SMS is
not captured by section 14 of the CAN SPAM Act because such messages do
not have references to Internet domains. However, we note that while
section 14 of the CAN SPAM Act is limited in scope to messages sent or
transmitted to addresses that have references to Internet domains, the
TCPA provides separate protections for calls made to wireless telephone
numbers (without such references). And, as we explained in the NPRM and
a previous Commission Order, the TCPA prohibition on using automatic
telephone dialing systems to make calls to wireless phone numbers
applies to text messages (e.g., phone-to-phone SMS), as well as voice
calls. We clarify here that this prohibition applies to all autodialed
calls made to wireless numbers, including audio and visual services,
regardless of the format of the message.
B. Avoiding Unwanted MSCMs
As a preliminary matter, we noted in the NPRM that one possible
interpretation of section 14 of the CAN SPAM Act is that it was
intended to prohibit senders of commercial electronic mail from sending
any MSCMs unless they first obtain express authorization from the
recipient. This reading would allow a subscriber to avoid all MSCMs
unless the subscriber acts affirmatively to give express prior
authorization to receive messages from individual senders. Another
interpretation of this provision is that Congress intended the
subscriber to take affirmative steps to avoid receiving MSCMs by
indicating his or her desire not to receive such messages.
Most commenters argue that Congress intended section 14 of the CAN
SPAM Act to be a flat prohibition on sending MSCMs unless authorized by
a given subscriber, and that such a prohibition is, in fact, necessary
to protect subscribers. NAAG indicates that wireless devices are often
used not for receiving commercial messages, but rather as security and
safety devices--for emergencies and to communicate with family members.
NAAG contends that Congress intended to craft a flat prohibition unless
the consumer first consented to receive the messages, and that any rule
treating inaction by the consumer as consent to receive any commercial
messages would conflict with Congressional intent. The Direct Marketing
Association (DMA) argues that the prohibition should apply only to
messages for which the recipient must pay. The National Association of
Realtors (NAR) contends that a general prohibition without certain
exceptions would harm small businesses.
We conclude that wireless subscribers would be best protected by a
flat prohibition on sending MSCMs unless express prior authorization
has been obtained from the subscriber. We agree that wireless devices
are not ones on which subscribers would expect to receive commercial
messages. We agree that it is the intrusive nature of such messages, in
addition to the costs to receive them, which necessitates our adopting
a ban unless the consumer has taken some action to invite them. We
believe that NAR's concerns about the burden on small businesses are
addressed by the exemption for express prior authorization, discussed
below.
Verizon Wireless argues that a prohibition without an exemption for
wireless providers would violate the First Amendment. We disagree. A
flat prohibition here satisfies the criteria set forth in Central
Hudson Gas & Elec. v. Pub. Serv. Comm. of N.Y., in which the Supreme
Court established the applicable analytical framework for determining
the constitutionality of a regulation of commercial speech. Under the
framework established in Central Hudson, a regulation of commercial
speech will be found compatible with the First Amendment if (1) there
is a substantial government interest; (2) the regulation directly
advances the substantial government interest; and (3) the proposed
regulations are not more extensive than necessary to serve that
interest.
[[Page 55768]]
Under the first prong, we find that there is a substantial
governmental interest in protecting privacy. Congress found that
``there is a substantial government interest in regulation of
commercial electronic mail on a nationwide basis.'' Specifically,
Congress found that (1) electronic mail has become an extremely
important and popular means of communication, (2) that the convenience
and efficiency of electronic mail are threatened by the high volume of
unsolicited commercial electronic mail, (3) that the receipt of
unsolicited commercial electronic mail may result in costs for storage
and/or time spent accessing, reviewing, and discarding such mail, and
(4) that the growth in such electronic mail imposes significant
monetary costs on providers of Internet access services, businesses,
and educational and nonprofit institutions. NAAG notes that in addition
to being intrusive in general, unwanted calls to wireless devices use
battery power and interfere with a consumer's ability to use devices
during emergencies.
We find that the rules we adopt today will advance those interests,
and do so with regulations that are no more extensive than necessary.
Under the second prong, the method we adopt directly advances the
government's interest by alerting senders to the electronic mail
addresses that are associated with mobile services and prohibiting the
sending of such messages to wireless devices. Under the third prong, we
have reviewed other possible options and we believe the method we adopt
today, tailored to affect only those addresses associated with mobile
service, is no more extensive than necessary. In addition, senders of
such messages may continue to contact recipients that have provided
express prior authorization to do so. Our conclusion is also consistent
with Court of Appeals decisions regarding First Amendment challenges to
the TCPA. We conclude we have the authority and a mandate to adopt
measures to protect the public from such messages. We believe that a
prohibition, combined with a domain name list as discussed below, is
the most effective method, but it is no more extensive than necessary,
to accomplish that end.
1. List of Wireless Domain Names
In the NPRM we noted that a key problem with regulating MSCMs, as
opposed to messages sent to other devices such as desktop computers, is
the current difficulty senders have in recognizing electronic mail
addresses associated with wireless service and devices. Our task,
therefore, differs substantially from that of the FTC's efforts to
implement the CAN SPAM Act. We note that should the FTC or Congress
take significant action to change the landscape of commercial
electronic mail messaging, such as requiring labeling of all commercial
electronic mail, the Commission may revisit the options discussed
below.
We sought comment on several proposals to enable senders to
recognize which addresses were associated with wireless devices. These
included developing a list of domain names, requiring carriers to use
standard subdomain names, requiring a registry of individual electronic
mail addresses, incorporating challenge-response technology, and
otherwise maximizing use of filters.
We believe that creating a list of Internet domain names associated
with CMRS subscribers and prohibiting the sending of commercial
messages to addresses using those domain names is the best option at
this time to allow subscribers to avoid unwanted MSCMs. We believe that
if senders are able to identify wireless subscribers by domain name,
consumers and carriers alike will benefit. The record reveals that it
is already industry practice for CMRS providers to use certain
subdomains exclusively to serve their MSM subscribers and that these
subdomains distinguish such customers from other customers. Therefore
the burden on wireless providers, even small wireless providers, to
supply such names for a directory would be minimal. In addition, we
agree with those commenters who indicate that making available to
senders of MSCMs a list of the domains used by wireless subscribers is
the most efficient option to assist senders in complying with the
rules.
Senders will need to check the list on a regular basis to avoid
sending MSCMs to the domain names on the list. We believe that, due to
the estimated small size of the list and the evidence that the list is
anticipated to remain relatively static; the list is the option that
imposes a burden that is no more extensive than necessary for senders
as well. Furthermore, such a registry places no burdens on subscribers
who wish to avoid unwanted MSCMs and it does not collect personal
information about those subscribers. Subscribers need not change their
electronic mail addresses or take any further action to avail
themselves of the protections under section 14 of the CAN SPAM Act.
Thus, despite the concerns of some commenters regarding other proposals
in the NPRM, under this system wireless subscribers will not have to
change addresses, and incur associated advertising and administrative
costs, if they wish to avoid commercial electronic mail.
T-Mobile urges the Commission not to require wireless service
providers to provide domain names for a domain name list. T-Mobile
argues instead that a voluntary list would afford each provider the
ability to choose whether to publicize its domain name. However, we
note that many of these domain names are already widely known or
publicly available. Congress has directed us to give all wireless
consumers the ability to avoid unwanted MSCMs, and we have no authority
to limit such protections to subscribers of those carriers that elect
to submit a domain name to the list. Therefore, we decline to make the
submission of domain names to the list voluntary for wireless
providers.
Therefore, we require all CMRS carriers, including small carriers,
to file with the Commission the names of all electronic mail domain
names used to offer subscribers messaging specifically for mobile
devices. Once we have obtained approval from the Office of Management
and Budget (OMB) for information collections associated with these
rules, the Commission will issue a separate public notice in this
docket outlining the process for submitting this information and the
timeframe for doing so. Carriers will also be required to file any
updates to their listings with the Commission not less than 30 days
before issuing subscribers a new or modified domain name. Carriers are
encouraged to file updated information further in advance. In addition,
to ensure the continued accuracy of the list, carriers must remove any
domain name that has not been issued to subscribers or is no longer in
use within 6 months of placing it on the list or last date of use.
We will make the official list of domain names available to the
public from the FCC's website, in a similar fashion to the list of
Section 255 Service Provider contacts. The list will be updated
regularly. The Commission will issue a second public notice announcing
the date on which senders of commercial electronic mail will have
access to the domain name list from the Commission's website. Senders
will then have an additional 30 days from the date the list becomes
publicly available to comply with the rules to avoid sending MSCMs to
wireless subscribers absent their express prior authorization.
As discussed above, to make such a list effective, we also adopt
rules to prohibit the sending of any commercial
[[Page 55769]]
message to an address that references a domain name on the Commission's
domain name list, unless the sender has received the express prior
authorization of the person or entity to which the message is sent or
delivered. This prohibition only applies to ``commercial'' messages, as
defined in the CAN SPAM Act, and as interpreted by the FTC. We note
that in promulgating the rules we adopt today, we have incorporated
portions of the CAN SPAM Act directly.
Persons initiating commercial messages would be expected to check
the domain name list to ensure that they are not sending MSCMs without
express prior authorization. While we will not require any person or
entity to provide proof of when they consulted the domain name list,
any person or entity may use as a ``safe harbor'' defense proof that a
specific domain name was not on the list more than 30 days before the
offending message was initiated. This ``safe harbor'' defense shall not
excuse any willful violation of the ban on sending unwanted messages to
wireless subscribers. Any person or entity will be considered in
violation of the prohibition if the message is initiated knowingly to a
subscriber of MSM service, even if it is sent within 30 days of the
domain name appearing on the list. This prohibition applies to the
entity on whose behalf the message is sent and to any other entity that
knowingly transmits an MSCM without consulting the domain name list.
2. Other Proposals
Standard subdomain names. We decline at this time to require CMRS
providers to adopt a standard subdomain name for wireless devices. In
the NPRM we sought comment on two related proposals. First, we sought
comment on whether it would be possible and useful to require the use
of specific top-level and second-level domains, which form the last two
portions of the Internet domain address. No commenter specifically
addressed our proposal. Second, we sought comment on whether we should
require one portion of the domain to follow a standard naming
convention to be used for all MSM service. As we noted in the NPRM,
unless we required use of a limited top-level domain, we have no way to
prevent entities that do not provide MSM service from adopting such
names. In addition, any ban associated with such a subdomain outside a
limited top-level domain, could inadvertently ban commercial messages
for any entities that happened to already have such subdomains. Thus,
the sender would not be able to distinguish between those addresses
which were truly used for wireless messaging, and other addresses.
Cingular, Nextel, VeriSign and Verizon Wireless caution the
Commission against requiring subdomain naming standards. They note this
would be costly for subscribers, especially small businesses, who could
have large administrative costs to change their advertising and
business materials to reflect a new address. Cingular states that a
subdomain naming standard would also force carriers to absorb
considerable costs. Carriers argue also that any cost to protect
wireless subscribers from unwanted commercial mail should fall instead
to the senders of such mail. While we agree with NAAG and National
Automobile Dealers Association (NADA) that a standard subdomain name
would be simpler for senders, we believe it would be more burdensome
for carriers, especially small businesses, to implement than a domain
name list. In addition, we agree that, consistent with the intent of
the CAN SPAM Act, subscribers should not have to bear additional costs,
such as the administrative costs mentioned, in Order to avoid unwanted
MSCMs. Thus, we decline to adopt this option at this time.
Registry of Individual E-mail Addresses. We also decline to
establish a limited national registry containing individual electronic
mail addresses, similar to the national ``do-not-call'' registry. In
the NPRM, we noted that the FTC is tasked with reviewing whether a
nationwide marketing ``Do-Not-E-Mail'' registry might offer protection
for those consumers who opt to place their electronic mail addresses on
such a registry. In June, the FTC released its report to Congress
recommending against adopting a national do-not-e-mail registry at this
time. The FTC noted that there is no directory of valid individual
addresses and, therefore, creating a registry of individual addresses
would create ``a gold mine'' for marketers, both legitimate and
illegal. The report stated that existing security measures are
currently inadequate to protect such a registry. In addition, the
report noted that there were practical concerns with the large number
of anticipated addresses.
Commenters generally oppose the establishment of a registry of
individual subscriber addresses, even if it is limited to MSM
subscribers. They contend that such a registry would not be secure,
could enable spammers to send more unwanted electronic mail messages,
and that the security risk would threaten consumer privacy interests.
Commenters also maintain that such a registry would be burdensome for
consumers and for senders, that there would be huge operational
problems with setting up such a registry, that it would be ineffective,
and that it would be costly to train senders to use it properly. The
DMA submitted a detailed study demonstrating what it believes are
significant problems with the security, practicality, and technical
feasibility of such a registry. Only a few commenters argue that a
registry of electronic mail addresses would be useful, with little or
no support for their conclusions, and one commenter saying it would be
beneficial if combined with other anti-spam measures.
Upon careful consideration of the costs and benefits of creating a
national wireless do-not-e-mail registry of individual electronic mail
addresses, we believe that the disadvantages of such a system described
in the record outweigh any possible advantages at this time. A national
registry containing individual electronic mail addresses would involve
significant resources and cost to set up and administer. Because a
registry of individual addresses may potentially contain millions of
records, it could also be burdensome for senders of MSCMs, including
small businesses, to regularly access, download, and use the registry
to check against targeted addresses. It would be less burdensome to do
the same with a much smaller list of mobile service domain names. Even
if the resources were devoted to establishing such a registry,
commenters describe serious concerns about a registry becoming a target
for unscrupulous marketers who would target electronic mail addresses
on the list. As noted by the DMA, other commenters, and by the FTC in a
Report to Congress, because such a list would be considered valuable to
such marketers, there is a significant risk that such individuals might
be motivated to try to obtain the list specifically for the purpose of
sending unsolicited messages to those addresses. The record also
reveals that at this time such a registry would not be as effective as
one containing only domain names. Commenters note that the annual rate
for electronic mail address turnover is high'as much as 32 percent per
annum. As the FTC noted, unlike the do-not-call registry, which uses
phone databases to purge the list of disconnected phone numbers, there
is no database for abandoned electronic mail addresses. Thus, any
database containing such addresses would continually expand, and
include valid and unused addresses. For all of these
[[Page 55770]]
reasons, we decline to adopt a registry of individual electronic mail
addresses of wireless subscribers at this time.
Additional Mechanisms and CMRS Providers' Roles. There was little
consensus on what other technical solutions should be required. Because
the rules we adopt today address the statutory requirements for
protecting consumers from unwanted messages to mobile devices, we
decline to require other specific technical solutions such as the
challenge-response mechanisms or technological solutions related to
filtering as discussed in the NPRM. The Members of the U.S. House
Representatives who commented in the proceeding urge the Commission to
make things simple for users. We believe the domain name list does so.
We believe that it is the industry itself that can help give
consumers additional protections and abilities to avoid unwanted
electronic mail from sources other than legitimate businesses. Wireless
and technology providers contend the Commission should not regulate in
detail the wireless providers' efforts to combat unwanted messages.
Those providers who commented in this proceeding note that they are
aggressively working to stop unwanted messages. We applaud them for
those efforts and do not want to interfere with this area of evolving
technologies and market forces. We agree that at this time it is not
necessary for the Commission to become involved in mandating detailed
technical solutions. However, we strongly encourage providers to
provide subscribers with additional reasonably effective methods to
avoid receiving unauthorized MSCMs. We believe service providers should
determine for themselves appropriate solutions to employ and offer, and
we expect all providers to offer subscribers protections against
unwanted messages. We will continue to monitor the effectiveness of our
rules and the efforts of wireless providers to protect wireless
subscribers from MSCMs and may revisit this issue at a later date to
ensure that subscribers are afforded sufficient safeguards from all
unwanted commercial messages.
C. Express Prior Authorization
Congress directed the FCC to adopt rules to provide consumers with
the ability to avoid receiving MSCMs, unless the subscriber has
provided express prior authorization to the sender. We sought comment
on the form and content that such ``express prior authorization''
should take. Specifically, we sought comment on whether senders should
be required to obtain a subscriber's express authorization in writing,
and how any such requirement could be met electronically. We also asked
if senders should be required to provide a notice to recipients about
the possibility that costs could be incurred in receiving any such
messages. We asked whether the term ``affirmative consent'' in The CAN
SPAM Act would be suited to use in defining ``express prior
authorization.''
Commenters were generally split on whether the Commission should
require senders to obtain express authorization from subscribers in
writing. Wireless providers generally oppose any written authorization
requirement, while consumers' groups contend that authorization should
be obtained in writing, along with a signature. Wireless providers
instead argue that senders should be allowed flexibility to obtain
authorization via the Internet, orally over the telephone, or through
messages sent to the subscriber's wireless device. Some suggest that
consent forms requiring a signature would be impractical and hinder
communications between sellers and consumers. NAAG, on the other hand,
contends that the rules should be modeled after the Commission's ``do-
not-call'' provisions, where express authorization must be evidenced
only with a signed, written agreement between the consumer and seller
which states that the consumer agrees to be contacted by the seller and
includes the telephone number to which calls may be placed. Electronic
Privacy Information Center (EPIC) warns that authorization not provided
in writing may result in some senders falsely claiming they had the
recipient's authorization to send MSCMs. EPIC adds that any
authorization notice to the subscriber should be clear and conspicuous
and written in plain language for the subscriber.
As mandated by the CAN SPAM Act, we require any sender of MSCMs to
obtain the express authorization of the recipient prior to sending any
MSCMs to that subscriber. We agree with those commenters that contend
that ``affirmative consent'' as defined in the CAN SPAM Act is not
suited to defining ``express prior authorization'' because protections
for wireless subscribers are meant to be more stringent. Given the
intent of Congress to afford greater protections from spam to wireless
subscribers than to consumers generally, we believe that the burden
must rest with the sender of MSCMs to obtain authorization from any
subscriber prior to sending any MSCMs. Senders must also do so in a
manner that best protects subscribers' privacy interests. However, we
decline to require senders to obtain a subscriber's authorization in
writing.
We will permit senders to obtain authorization by oral or written
means, including electronic methods. A sender may obtain the
subscriber's express prior authorization to transmit MSCMs to that
subscriber in writing. Written authorization may be obtained in paper
form or via an electronic means such as an electronic mail message from
the subscriber. It must include the subscriber's signature and the
electronic mail address to which MSCMs may be sent. Senders who choose
to obtain authorization in oral format are also expected to take
reasonable steps to ensure that such authorization can be verified.
We note here that in the event any complaint is filed, the burden
of proof rests squarely on the sender, whether authorization has been
obtained in written or in oral form. We do so to avoid the likelihood
that any businesses will try to fabricate authorization. Given the
potential costs and inconvenience to subscribers to receive such MSCMs,
it is important that such messages be sent only to those wireless
devices belonging to receptive subscribers. We strongly suggest that
senders take steps promptly to document that they received such
authorization. Recognizing the potential for fraud by both a person
signing up someone else to receive MSCMs and by businesses fabricating
authorization, we recommend that the business confirm the electronic
mail address with a confirmatory notice sent to the recipient
requesting a reply. We emphasize that sending any commercial message to
a wireless device, including any falsely purporting to be confirmatory
messages, is a violation of our rules unless the subscriber has already
provided express prior authorization and the sender bears the burden of
showing that has occurred.
Whether given orally or in writing, express prior authorization
must be express, must be given prior to the sending of any MSCMs, and
must include the electronic mail address to which such MSCMs may be
sent. In addition, we believe that consistent with the intent of the
CAN SPAM Act, consumers must not bear any additional costs to receive a
request for authorization, and must be able to reply to such a request
without incurring any additional costs. In addition to actual costs for
such messages, as noted above, recipients may incur costs for time
spent accessing, reviewing, and discarding such mail. Thus, senders are
prohibited from sending any request for authorization to any wireless
subscriber's wireless devices. Express prior authorization may not be
obtained in the form of a ``negative option.'' If a
[[Page 55771]]
sender chooses to use a website, we note that such authorization must
include an affirmative action on the part of the subscriber, such as
checking a box or hitting an ``I Accept'' button, accompanied by the
clear disclosures outlined below. In addition, the subscriber must have
an opportunity in the process to input the specific electronic mail
address for which they are authorizing MSCMs. Express prior
authorization need only be secured once from the recipient in Order to
send MSCMs to that subscriber until the subscriber revokes such
authorization. Senders who claim they obtained authorization from
wireless subscribers to send them MSCMs prior to the effective date of
these rules will not be in compliance with the rules unless they can
demonstrate that such authorization met all the requirements as adopted
herein, including the disclosure requirements below.
We emphasize that if the sender subsequently is notified by the
subscriber that the subscriber does not wish to receive MSCMs, the
sender must cease sending such messages within 10 business days of the
receipt of such request in compliance with section 5(a)(4)(A) of the
CAN SPAM Act. We note, however, that this 10-day time period may change
should the FTC amend its rules. We delegate to the Consumer &
Governmental Affairs Bureau the authority to amend the rules to reflect
any updates in the time-frames adopted by the FTC.
A subscriber who provides an electronic mail address for a specific
purpose, e.g., notifying the subscriber when a car repair is completed,
will not be considered to have given express prior authorization for
purposes of sending MSCMs in general. In addition, should a sender
allow subscribers to choose the types of MSCMs they receive from that
sender, and authorization is provided for those specific types of
messages, the sender should transmit only those types of MSCMs to the
subscriber. Finally, authorization provided to a particular sender will
not entitle that sender to send MSCMs on behalf of third parties,
including on behalf of affiliated entities and marketing partners. If a
sender obtains express prior authorization, that sender must be
identified in the message in a form that will allow a subscriber to
reasonably determine that the sender is the authorized entity.
Required Disclosures. As noted above, Congress found that the
receipt of unsolicited commercial electronic mail often results in
monetary costs and inconvenience for wireless subscribers. Thus, the
rules we adopt today require senders to disclose to the subscriber at
the time they obtain any subscriber's express prior authorization that:
(1) The subscriber is agreeing to receive mobile service commercial
messages sent to their wireless device from a particular sender; (2)
the subscriber may be charged by their wireless service provider in
connection with receipt of such messages; and (3) the subscriber may
revoke her authorization to receive MSCMs at any time. Any such
disclosure notice containing the required disclosures must be clearly
legible, use sufficiently large type (or, if audio, be of sufficiently
loud volume), and be placed so as to be readily apparent to a customer.
The disclosure notice must also be separate from any other
authorizations in the document. And, it must clearly provide the name
of the person or entity sending the MSCM and the person or entity whose
product or service is advertised or promoted in the MSCMs if different
from the sender. Finally, if any portion of the disclosure notice is
translated into another language, then all portions of the notice must
be translated into that language. Senders are cautioned that if they
use a website for obtaining authorization, such authorization notice
must comply with these disclosure requirements as well. We note that if
authorization is obtained orally, all required disclosures must still
be made by the sender.
We decline to carve out any exemptions from the ``express prior
authorization'' requirements. We find that any exemption for a
particular industry would be in direct conflict with the intent of the
CAN SPAM Act to protect wireless subscribers from commercial electronic
mail messages that they do not wish to receive. We also find that
permitting senders to obtain authorization orally or in writing,
addresses the concerns described by certain commenters in obtaining
such authorization.
The legislative history demonstrates that section 14 of the CAN
SPAM Act was included so that wireless subscribers would have greater
protections from commercial electronic mail messages than those
protections provided elsewhere in the CAN SPAM Act. Congress was
concerned about the intrusive nature of wireless spam and the costs to
subscribers associated with receiving such spam. Thus, we emphasize
that any MSCM sender that claims its messages are transmitted based on
oral, written, or electronic authorization must be prepared to provide
clear and convincing evidence of such express prior authorization by
the subscriber. The failure to obtain such authorization before sending
MSCMs will be a clear violation of the CAN SPAM Act and Commission's
rules.
D. Electronic Rejection of MSCMs
Required technical mechanisms. In the NPRM we sought comment on how
we could best fulfill the mandate of section 14 (b)(2) of the CAN SPAM
Act to develop rules that ``allow recipients of MSCMs to indicate
electronically a desire not to receive future MSCMs from the sender.''
We also sought comment on technical options that might be used to do
this simply.
Commenters suggested technical options for withdrawing
authorization including a return electronic mail address, a hyperlink
to a website, the use of short code mechanisms, telephone-based
techniques such as those that allow the caller to use key pads, or some
combination of the foregoing. Members of the U.S. House of
Representatives and the Motion Picture Association of America,
encourage the Commission to adopt a simple, streamlined electronic
response technique to quickly withdraw prior authorization using a
recipient's handset. Two commenters contend that requiring small
businesses to set-up and maintain a website for the purpose of
rejecting future messages would impose an unreasonable burden. NAAG
contends the first screen of any MSCM should display the existence of
an option to decline to receive messages and the means by which it can
be exercised.
As a preliminary matter we note that section 5(a)(3) of the CAN
SPAM Act requires that all commercial electronic mail include ``a
return electronic mail address or other Internet-based mechanism,
clearly and conspicuously displayed.'' Several commenters endorsed the
applicability of the general provision of section 5(a)(3) of the CAN
SPAM Act for MSCMs, indicating that a return electronic mail address or
other Internet-based mechanism, such as a link to a website, would
serve as a mechanism for electronically rejecting further items and
should be included in any MSCM sent. We agree that this provision would
need to be included in all MSCMs in Order for our rules to be
consistent with the CAN SPAM Act.
We believe, however, that more is required. Our decision is
informed by the significant differences between the resources that may
be available to recipients of MSCM and the resources available to
recipients of electronic mail messages in general. In particular our
definition of MSCM includes messages that originate on the Internet and
that
[[Page 55772]]
are converted for delivery to wireless devices which may not have
Internet access. Some of these wireless services and devices are by
nature one-way services. Moreover, we cannot assume that all MSCM
recipients have an alternative means of access to Internet-based
electronic messaging or to other Internet-based mechanisms, such as a
web browser. Consequently, we strongly agree with the Mobile Marketing
Code of Conduct principle that ``consumers must be allowed to terminate
their participation in an ongoing mobile messaging program through
channels identical to those through which they can opt to receive
messages about a given program.''
Therefore, we conclude that in addition to the general requirement
of the CAN SPAM Act that each MSCM have a functioning return electronic
mail address or other form of Internet-based communication, a sender of
an MSCM must provide the recipient with access to whatever mechanism
they were given access to in Order to grant express prior
authorization. For example, if a subscriber was given a short-code
mechanism for granting authorization for MSCMs to the sender, the
sender must provide that subscriber with a way to send a short code as
a means to electronically reject future MSCMs from that sender. A
sender must also include basic instructions by which this option or
these options can be exercised to reject further items.
A sender may include other mechanisms at his discretion, so long as
these basic requirements are met. The means by which a recipient
notifies the sender that the recipient does not wish to receive
additional MSCMs can impose no new requirements on the recipient beyond
the means by which he provided prior express authorization. In
addition, the sender may not subject the subscriber to further
commercial advertising or solicitation as part of the procedure the
recipient must use to reject future messages.
Consistent with CAN SPAM Act section 5(a)(3), for no less than 30
days following the transmission of an MSCM, all included mechanisms for
acquiring express prior authorization must remain capable of receiving
and honoring the recipient's rejection of further messages. As we
indicate above, the sender must cease sending further messages within
the amount of time that the FTC has allotted for senders to act upon
requests for rejecting subsequent messages, currently set at 10
business days after receipt of any request from the subscriber.
In regards to small businesses, we note that the flexibility
provided for obtaining express prior authorization and for notifying
the sender of the subsequent rejection of further items addresses the
concerns of small business interests that, for example, a small
business not be required to set-up and maintain a new website. We
further note that because the recipient must be given express prior
authorization for any MSCM that arrives, we see no need to adopt NAAG's
suggestion to require material regarding how to decline to receive more
messages to be displayed on the first screen of any MSCM. Finally, the
record does not indicate that provider services and subscriber devices
currently support a common response-based technique that is simple for
subscribers to use and that the Commission could adopt. We therefore
encourage industry to develop an industry-standard means by which a
subscriber can use his handset to easily respond to a sender that he no
longer wishes to receive MSCMs. We will monitor whether industry has
developed a standard means by which subscribers can use handsets to
respond and may revisit this issue at a later date.
Other technical mechanisms. In the NPRM we sought comment on the
applicability of a variety of other technical options that could be
used by subscribers for electronically rejecting messages. For example,
we asked about the possible applicability of mechanisms for blocking
messages from particular senders at the subscriber's request, of an
ability to add a changeable personal identifier to a wireless device
mail address by means of which the subscriber could easily alter his
address, and of challenge-response mechanisms that a subscriber might
invoke. One commenter supported establishing a policy framework to
deploy subscriber-controlled blocking solutions. Many providers
acknowledged that they voluntarily provide their subscribers such means
for mitigating unsolicited MSCM, but cautioned the Commission against
mandating their availability. Given the record and the apparent success
to date of the voluntary approach in generally blocking unwanted MSCMs,
we decline to require that all providers make such mechanisms available
for use at the option of their subscribers.
E. Consideration of CMRS Provider Exemption
Section 14 (b)(3) of the CAN SPAM Act allows the Commission to
exempt providers of commercial mobile services to the general
prohibition on the sending of MSCMs. In doing so, the Commission must
take into consideration the ``relationship that exists between
providers of such services and their subscribers.'' However, as the CAN
SPAM Act clearly states, our overall mandate is to protect consumers
from unwanted MSCMs. The CAN SPAM Act does not require the Commission
to provide an exemption, only to consider whether such an exemption
would be appropriate. As a result, the Commission sought comment in the
NPRM on whether there is a need for such an exemption and how it would
impact consumers.
In the NPRM, we noted that the CAN SPAM Act already excludes
certain ``transactional and relationship'' messages from the definition
of unsolicited commercial electronic mail. Specifically the CAN SPAM
Act states that transaction and relationship messages are those
messages in which the primary purpose is:
(i) To facilitate, complete, or confirm a commercial transaction
that the recipient has previously agreed to enter into with the
sender; (ii) to provide warranty information, product recall
information, or safety or security information with respect to a
commercial product or service used or purchased by the recipient;
(iii) to provide (I) notification concerning a change in the terms
or features of; (II) notification of a change in the recipient's
standing or status with respect to; or (III) at regular periodic
intervals, account balance information or other type of account
statement with respect to a subscription, membership, account, loan,
or comparable ongoing commercial relationship involving the ongoing
purchase or use by the recipient of products or services offered by
the sender; (iv) to provide information directly related to an
employment relationship or related benefit plan in which the
recipient is currently involved, participating, or enrolled; or (v)
to deliver goods or services, including product updates or upgrades,
that the recipient is entitled to receive under the terms of a
transaction that the recipient has previously agreed to enter into
with the sender.
In light of the exclusions of those types of messages, we asked in
the NPRM whether there was a need for a separate exemption for CMRS
providers from the section 14 of the CAN SPAM Act ``express prior
authorization'' requirement and, if so, how the Commission would
implement the requirements allowing subscribers who indicated a desire
not to receive future MSCMs from the provider (1) at the time of
subscribing to such service and (2) in any billing mechanism.
Additionally, we requested in the NPRM that CMRS providers supply us
with specific examples of messages that they send to their customers
that are not already excluded from the CAN SPAM Act. Finally, if such
an exemption were created, we asked whether there would
[[Page 55773]]
be any impact on small businesses and whether small wireless service
providers should be treated differently.
NAAG, consumer groups, and a privacy organization argue that there
is no basis for granting an exemption for CMRS providers. CMRS
providers argue they should have an exemption--with two providers
noting this should be only if the carriers do not charge subscribers
for the messages they send. However, despite the NPRM's request that
carriers provide specific examples of messages that would not already
be covered by the CAN SPAM Act's exemption for ``transactional'' or
``relationship'' messages, CMRS providers offer few such examples and,
as discussed below, they might already be allowed under The CAN SPAM
Act. NAR says it would be unfair to give an exemption to one business
model and not others. Many CMRS providers counter that we should not
make a special exemption for small businesses. As to the scope of the
exemption, CTIA urges that any exemption for CMRS providers also should
extend to its business partners, while the DMA warns that any such
exemption must be narrowed to include only messages from a carrier
about its own services. Verizon argues that declining to exempt
carriers would be an unlawful restriction on commercial speech;
however, we have already addressed that issue above.
Based upon the record before us, we decline to grant CMRS providers
a special exemption from the requirement to obtain express prior
authorization from their current subscribers before sending them any
MSCM. In reaching this decision, we are persuaded by commenters,
including many consumer groups and individuals, who urge us to provide
greater consumer protection for wireless consumers--protection that is
not diluted by such an exemption. The CAN SPAM Act itself requires us
to protect consumers from ``unwanted'' commercial messages, not only
those that have additional costs. As commenters note, consumers are
concerned with the nuisance of receiving such messages.
Several of these commenters emphasize that CMRS providers should
not be exempt from the rules requiring express prior authorization
because the bulk of CMRS providers' communications with their customers
are already expressly exempted under the CAN SPAM Act as
``transactional and relationship'' messages. We agree that the few
examples that CMRS providers supplied in the record appear to already
fall within ``transactional and relationship'' messages or otherwise
outside of the definition of ``commercial'' messages. For example, T-
Mobile contends that it needs to be able to send notices to customers
about fraud. As noted above, the CAN SPAM Act defines a ``commercial
electronic mail message'' as an electronic message for which the
``primary purpose'' is the ``commercial advertisement or promotion of a
commercial product or service (including content on an Internet website
operated for a commercial purpose).'' If the primary purpose of the
message was to alert customers about fraud, we do not believe T-
Mobile's example would fall within the definition of ``commercial'' and
therefore would not fall under the CAN SPAM Act at all. In addition,
Nextel provides the example of a carrier needing to send out an alert
to a prepaid customer that his account balance is running low. If that
was the primary purpose of the message, such a message would fall under
the exemption for transaction and relationship message.
As noted previously, the FTC has authority to develop the criteria
used to define whether a message is ``commercial,'' as well as any
modifications for what is considered in the exemption of transactional
and relationship messages. Therefore, we delegate to the Consumer &
Governmental Affairs Bureau the authority to amend the rules we adopt
today to ensure consistency with any rule the FTC adopts under the CAN
SPAM Act to further define ``commercial'' and ``transactional
relationship'' messages.
Although CMRS providers contend that an exemption should be
provided, very little support for such an exemption was provided in the
record in this proceeding. Much of the comment in support of the
exemption is conclusory in nature. T-Mobile states that, by empowering
the Commission to exempt wireless carriers from section 14 (b)(1) of
the CAN SPAM Act, Congress has recognized that the MSCMs sent by
wireless carriers are fundamentally different than MSCMs sent by all
other senders. Cingular, Nextel and Sprint urge the Commission to
presume that the customer is willing to receive information about their
providers' new products and services. Nextel notes that, unlike third
parties, wireless carriers can ensure that customers are not charged
for such messages. Dobson states that, in many cases, a subscriber
would prefer an SMS message from its carrier rather than a phone call
or bill insert.
We note again that Congress' intent in including section 14 in the
CAN SPAM Act was to afford wireless consumers greater protection from
unwanted commercial electronic mail messages. Ultimately, we are
persuaded that safeguarding wireless consumers from MSCMs, undiluted
with an exemption for CMRS providers, will ensure that consumers
receive ``less, not more, spam.'' The record shows that MSCMs sent by
CMRS providers are not fundamentally different from those sent by other
senders, other than that they may be provided without additional cost
to subscribers. An MSCM from a CMRS provider may be just as intrusive,
and costly in other respects, as an MSCM from a third party. As
Congress noted, the receipt of unwanted mail can result in costs ``for
the storage of such mail, or for the time spent accessing, reviewing,
and discarding such mail.'' In addition, providers have unique channels
such as monthly statements and web sites, through which they can
request a subscriber's prior express authorization. We note that the
rules we establish in this proceeding are sufficiently flexible to
enable the CMRS provider to readily obtain the subscriber's express
prior authorization in a number of ways, if a CMRS provider desires to
send an MSCM to any wireless subscriber. For all of those reasons, a
promise to make them cost-free alone does not suffice as justification
for an exemption.
Accordingly, we decline to exempt CMRS providers from the
requirement to obtain express prior authorization from their current
subscribers before sending them any MSCM. For similar reasons, we also
decline to create an exemption for other entities, such as realtors or
small businesses. NAR argues that the MSCM rules should not apply to a
real estate professional's communications to their clients about the
services they are providing to that client, or to communications
between associations and their members. As noted above, the CAN SPAM
Act's existing exemption already broadly covers many transaction and
relationship messages. Furthermore, the allowance for orally obtaining
express prior authorization, which NAR advocates, should allow realtors
to obtain such authorizations as needed. NAR has not established that
messages sent by its members are fundamentally different from those
sent by other senders. An MSCM from a real estate professional may be
just as intrusive, and costly as an MSCM from any other entity. ACA
International contends that messages sent to wireless devices for the
primary purpose of collecting debts are not MSCMs as they are not
``commercial'' and therefore are exempt from the CAN SPAM Act. As we
noted
[[Page 55774]]
previously, while the statute leaves the interpretation of
``transactional and relationship'' messages to the FTC, in the absence
of any ruling to the contrary, we believe that messages from a person
or entity with whom the recipient has previously agreed to enter into a
transaction and that concern a debt owed for that transaction would
fall under the exemption. However, consistent with our 2003 TCPA Order,
a call to sell debt consolidation services, for example, is a
commercial call regardless of whether the consumer is also referred to
a tax-exempt nonprofit organization for counseling services. We believe
that to do so would be inconsistent with our mandate from Congress to
protect subscribers from unwanted commercial messages.
F. General Compliance With the CAN SPAM Act
We asked for comment on specific compliance issues that senders of
MSCM might have with other sections of the CAN SPAM Act. We noted in
the NPRM that although we believed that currently, some carriers choose
to limit the length of certain text messages that some commercial
mobile service subscribers already appeared to be supplementing the
limited text handling functionality with ancillary personal computer
technology. We received little response about this issue. CTIA states
that some handsets are limited in message storage beyond a certain
length and screens are small; thus, CTIA argues that senders should not
be required to meet all of the disclosures. Consumer Action, the
Consumer Federation of America and the National Consumers League
contend that the disclosure requirements of the main provisions of the
CAN SPAM Act are so important that they should trump any awkwardness
with messages being filled with disclosures. We agree. There is
insufficient evidence on the record to warrant a waiver of the basic
disclosure requirements mandated by the CAN SPAM Act.
Finally, CTIA contends that wireless carriers should be given
special treatment with regard to general compliance with the
information requirements of section 5 of the CAN SPAM Act, given that
they can provide this data at the time of subscription and in each
monthly bill. CTIA contends in a footnote that interpreting the statute
to mean that CMRS providers would need to comply with all the
information requirements of section 5 would render section 14 (b)(4) of
the CAN SPAM Act meaningless. We disagree. Based on the information
discussed above regarding messages sent by CMRS providers, we find
there is no reason for treating them differently from other businesses.
Final Regulatory Flexibility Analysis
As required by the Regulatory Flexibility Act of 1980, as amended
(RFA), an Initial Regulatory Flexibility Analysis (IRFA) was
incorporated in the Notice of Proposed Rulemaking and Further Notice of
Proposed Rulemaking (NPRM & FNPRM) released by the Federal
Communications Commission (Commission) on March 19, 2004. The
Commission sought written public comments on the proposals contained in
both the NPRM & FNPRM, including comments on the IRFA. None of the
comments filed in this proceeding was specifically identified as
comments addressing the IRFA. This present Final Regulatory Flexibility
Analysis (FRFA) conforms to the RFA.
Need for, and Objectives of, This Order
On December 8, 2003, Congress passed the Controlling the Assault of
Non-Solicited Pornography and Marketing Act of 2003 (CAN SPAM Act) to
address the growing number of unwanted commercial electronic mail
messages, which Congress determined to be costly, inconvenient, and
often fraudulent or deceptive. Congress found that recipients ``who
cannot refuse to accept such mail'' may incur costs for storage and for
``time spent accessing, reviewing, and discarding such mail.'' The CAN
SPAM Act prohibits any person from transmitting such messages with
false or misleading information about the source or content, and gives
recipients the right to decline to receive additional messages from the
same source. Certain agencies, including the Commission, are charged
with enforcement of the CAN SPAM Act.
Section 14 of the CAN SPAM Act requires the Commission to (1)
promulgate rules to protect consumers from unwanted mobile service
commercial messages, and (2) consider, in doing so, the ability of
senders to determine whether a message is a mobile commercial
electronic mail message. In addition, the Commission shall consider the
ability of senders of mobile service commercial messages to comply with
the CAN SPAM Act in general. Furthermore, the CAN SPAM Act requires the
Commission to consider the relationship that exists between providers
of such services and their subscribers.
On March 19, 2004, the Commission issued the NPRM & FNPRM regarding
implementation of section 14 of the CAN SPAM Act. The Commission sought
comment on how to protect wireless subscribers from those electronic
mail messages, such as traditional e-mail and forms of text messaging,
that fall under section 14 of the CAN SPAM Act, while not interfering
with regular electronic messages that are covered under the CAN SPAM
Act in general. In the NPRM & FNPRM, the Commission sought comment on
the ability of senders to determine whether a message is a mobile
service commercial electronic mail message, as well as different
options and technologies that might enable the sender to make that
determination. In addition, the NPRM & FNPRM sought comment on the
following six issues or alternatives: (1) The scope of section 14 of
the CAN SPAM Act, specifically what falls within the definition of
mobile service commercial messages (MSCMs); (2) mechanisms to give
consumers the ability to avoid MSCMs without relying upon the sender to
determine whether a message is a mobile service message; (3) the
requirements for obtaining express prior authorization; (4) whether
commercial mobile radio service providers should be exempted from the
obligation of obtaining express prior authorization before contacting
their customers; (5) how wireless subscribers may electronically reject
future MSCMs; and (6) how MSCM senders may generally comply with the
CAN SPAM Act.
In 1991, the Telephone Consumer Protection Act (TCPA) was enacted
to address certain telemarketing practices, including calls to wireless
telephone numbers, which Congress found to be an invasion of consumer
privacy and even a risk to public safety. The TCPA specifically
prohibits calls using an automatic telephone dialing system or
artificial or prerecorded message ``to any telephone number assigned to
a paging service, cellular telephone service, specialized mobile radio
service, or other common carrier service, or any service for which the
called party is charged.'' The CAN SPAM Act provides that ``[n]othing
in this Act shall be interpreted to preclude or override the
applicability'' of the TCPA.
In 2003, we released a Report and Order in which we reaffirmed that
the TCPA prohibits any call using an automatic telephone dialing system
or an artificial or prerecorded message to any wireless telephone
number. We concluded that this encompasses both voice calls and text
calls, including Short Message Service (SMS) text messaging calls, to
wireless phone numbers.
In the NPRM & FNPRM, we noted that the legislative history of the
CAN SPAM Act suggests that section 14, in
[[Page 55775]]
conjunction with the TCPA, was intended to address wireless text
messaging. We sought comment on whether the definition of an MSCM
should include SMS messages.
This Order adopts a general prohibition against commercial
electronic messages sent to any address using a domain name that
appears on a list to be maintained by the Commission and available to
the public. We believe these measures are the ones best suited to
protect wireless subscribers from unwanted commercial messages and do
not overburden carriers and legitimate businesses, especially small
businesses.
In addition, this Order clarifies the delineation between the new
rules implementing the CAN SPAM Act, and our existing rules concerning
messages sent to wireless telephone numbers under the TCPA. Because
this Order clarifies this delineation and does not modify any rules,
there is no discussion of the TCPA included in this FRFA. All remaining
TCPA issues, raised in the NPRM & FNPRM, will be addressed in a
separate Order issued by the Commission at a later date.
Summary of Significant Issues Raised by Public Comments in Response to
the IRFA
There were no comments filed that specifically addressed the rules
and policies proposed in the IRFA.
Description and Estimate of the Number of Small Entities to Which the
Rules Will Apply
The RFA directs agencies to provide a description of and, where
feasible, an estimate of the number of small entities that may be
affected by the rules adopted herein. The RFA generally defines the
term ``small entity'' as having the same meaning as the terms ``small
business,'' ``small organization,'' and ``small governmental
jurisdiction.'' In addition, the term ``small business'' has the same
meaning as the term ``small business concern'' under the Small Business
Act. Under the Small Business Act, a ``small business concern'' is one
which: (1) Is independently owned and operated; (2) is not dominant in
its field of operation; and (3) satisfies any additional criteria
established by the Small Business Administration (SBA).
The rules adopted in this Order, concerning the prohibition of
sending electronic commercial mail messages, apply to a wide range of
entities, including the myriad of businesses throughout the nation that
use electronic messaging to advertise. In the IRFA we identified, with
as much specificity as possible, all business entities that might be
affected by this Order. In Order to assure that we have covered all
possible entities we included general categories, such as Wireless
Service Providers and Wireless Communications Equipment Manufacturers,
while also including more specific categories, such as Cellular
Licensees and Common Carrier Paging. Similarly, for completeness, we
have also included descriptions of small entities in various
categories, such as 700 MHz Guard Band Licenses, who may potentially be
affected by this Order but who would not be subject to regulation
simply because of their membership in that category.
Sometimes when identifying small entities we provide information
describing auctions' results, including the number of small entities
that were winning bidders. We note, however, that the number of winning
bidders that qualify as small businesses at the close of an auction
does not necessarily reflect the total number of small entities
currently in a particular service. The Commission does not generally
require that applicants do not provide business size information, nor
does the Commission track subsequent business size, except in the
context of an assignment or transfer of control application where
unjust enrichment issues are implicated.
Small Businesses. Nationwide, there are a total of 22.4 million
small businesses, according to SBA data.
Telemarketers. SBA has determined that ``telemarketing bureaus''
with $6 million or less in annual receipts qualify as small businesses.
For 1997, there were 1,727 firms in the ``telemarketing bureau''
category, total, which operated for the entire year. Of this total,
1,536 reported annual receipts of less than $5 million, and an
additional 77 reported receipts of $5 million to $9,999,999. Therefore,
the majority of such firms can be considered to be small businesses.
Wireless Service Providers. The SBA has developed a small business
size standard for wireless firms within the two broad economic census
categories of ``Paging'' and ``Cellular and Other Wireless
Telecommunications.'' Under both SBA categories, a wireless business is
small if it has 1,500 or fewer employees. For the census category of
Paging, Census Bureau data for 1997 show that there were 1,320 firms in
this category, total, that operated for the entire year. Of this total,
1,303 firms had employment of 999 or fewer employees, and an additional
17 firms had employment of 1,000 employees or more. Thus, under this
category and associated small business size standard, the great
majority of firms can be considered small. For the census category
Cellular and Other Wireless Telecommunications, Census Bureau data for
1997 show that there were 977 firms in this category, total, that
operated for the entire year. Of this total, 965 firms had employment
of 999 or fewer employees, and an additional 12 firms had employment of
1,000 employees or more. Thus, under this second category and size
standard, the great majority of firms can, again, be considered small.
Internet Service Providers. The SBA has developed a small business
size standard for Internet Service Providers. This category comprises
establishments ``primarily engaged in providing direct access through
telecommunications networks to computer-held information compiled or
published by others.'' Under the SBA size standard, such a business is
small if it has average annual receipts of $21 million or less.
According to Census Bureau data for 1997, there were 2,751 firms in
this category that operated for the entire year. Of these, 2,659 firms
had annual receipts of under $10 million, and an additional 67 firms
had receipts of between $10 million and $24,999,999. Thus, under this
size standard, the great majority of firms can be considered small
entities.
Wireless Communications Equipment Manufacturers. The Commission has
not developed special small business size standards for entities that
manufacture radio, television, and wireless communications equipment.
Therefore, the applicable small business size standard is the
definition under the SBA rules applicable to ``Radio and Television
Broadcasting and Wireless Communications Equipment Manufacturing.''
Examples of products that fall under this category include
``transmitting and receiving antennas, cable television equipment, GPS
equipment, pagers, cellular phones, mobile communications equipment,
and radio and television studio and broadcasting equipment'' and may
include other devices that transmit and receive Internet Protocol
enabled services, such as personal digital assistants. Under that
standard, firms are considered small if they have 750 or fewer
employees. Census Bureau data for 1997 indicate that, for that year,
there were a total of 1,215 establishments in this category. Of those,
there were 1,150 that had employment under 500, and an additional 37
that had employment of 500 to 999. The percentage of wireless equipment
manufacturers in this category is approximately 61.35%, so
[[Page 55776]]
the Commission estimates that the number of wireless equipment
manufacturers with employment under 500 was actually closer to 706,
with an additional 23 establishments having employment of between 500
and 999. Given the above, the Commission estimates that the great
majority of wireless communications equipment manufacturers are small
businesses.
Radio Frequency Equipment Manufacturers. The Commission has not
developed a special small business size standard applicable to Radio
Frequency Equipment Manufacturers. Therefore, the applicable small
business size standard is the definition under the SBA rules applicable
to ``Radio and Television Broadcasting and Wireless Communications
Equipment Manufacturing.'' Under that standard, firms are considered
small if they have 750 or fewer employees. Census Bureau data for 1997
indicate that, for that year, there were a total of 1,215
establishments in this category. Of those, there were 1,150 that had
employment under 500, and an additional 37 that had employment of 500
to 999. Thus, under this size standard, the majority of establishments
can be considered small entities.
Paging Equipment Manufacturers. The Commission has not developed a
special small business size standard applicable to Paging Equipment
Manufacturers. Therefore, the applicable small business size standard
is the definition under the SBA rules applicable to ``Radio and
Television Broadcasting and Wireless Communications Equipment
Manufacturing.'' Under that standard, firms are considered small if
they have 750 or fewer employees. Census Bureau data for 1997 indicate
that, for that year, there were a total of 1,215 establishments in this
category. Of those, there were 1,150 that had employment under 500, and
an additional 37 that had employment of 500 to 999. Thus, under this
size standard, the majority of establishments can be considered small
entities.
Telephone Equipment Manufacturers. The Commission has not developed
a special small business size standard applicable to Telephone
Equipment Manufacturers. Therefore, the applicable small business size
standard is the definition under the SBA rules applicable to
``Telephone Apparatus Manufacturing.'' Under that standard, firms are
considered small if they have 1,000 or fewer employees. Census Bureau
data indicates that for 1997 there were 598 establishments that
manufacture telephone equipment. Of those, there were 574 that had
fewer than 1,000 employees, and an additional 17 that had employment of
1,000 to 2,499. Thus, under this size standard, the majority of
establishments can be considered small.
As noted in paragraph [8], we believe that all small entities
affected by the rules contained in this Order will fall into one of the
large SBA categories described above. In an attempt to provide as
specific information as possible, however, we are providing the
following more specific categories.
Cellular Licensees. The SBA has developed a small business size
standard for wireless firms within the broad economic census category
``Cellular and Other Wireless Telecommunications.'' Under this SBA
category, a wireless business is small if it has 1,500 or fewer
employees. For the census category Cellular and Other Wireless
Telecommunications firms, Census Bureau data for 1997 show that there
were 977 firms in this category, total, that operated for the entire
year. Of this total, 965 firms had employment of 999 or fewer
employees, and an additional 12 firms had employment of 1,000 employees
or more. Thus, under this category and size standard, the great
majority of firms can be considered small. According to the most recent
Trends in Telephone Service data, 719 carriers reported that they were
engaged in the provision of cellular service, personal communications
service, or specialized mobile radio telephony services, which are
placed together in the data. We have estimated that 294 of these are
small, under the SBA small business size standard.
Common Carrier Paging. The SBA has developed a small business size
standard for wireless firms within the broad economic census categories
of ``Cellular and Other Wireless Telecommunications.'' Under this SBA
category, a wireless business is small if it has 1,500 or fewer
employees. For the census category of Paging, Census Bureau data for
1997 show that there were 1,320 firms in this category, total, that
operated for the entire year. Of this total, 1,303 firms had employment
of 999 or fewer employees, and an additional 17 firms had employment of
1,000 employees or more. Thus, under this category and associated small
business size standard, the great majority of firms can be considered
small.
In the Paging Second Report and Order, the Commission adopted a
size standard for ``small businesses'' for purposes of determining
their eligibility for special provisions such as bidding credits and
installment payments. A small business is an entity that, together with
its affiliates and controlling principals, has average gross revenues
not exceeding $15 million for the preceding three years. The SBA has
approved this definition. An auction of Metropolitan Economic Area
(MEA) licenses commenced on February 24, 2000, and closed on March 2,
2000. Of the 2,499 licenses auctioned, 985 were sold. Fifty-seven
companies claiming small business status won 440 licenses. An auction
of MEA and Economic Area (EA) licenses commenced on October 30, 2001,
and closed on December 5, 2001. Of the 15,514 licenses auctioned, 5,323
were sold. One hundred thirty-two companies claiming small business
status purchased 3,724 licenses. A third auction, consisting of 8,874
licenses in each of 175 EAs and 1,328 licenses in all but three of the
51 MEAs commenced on May 13, 2003, and closed on May 28, 2003. Seventy-
seven bidders claiming small or very small business status won 2,093
licenses. Currently, there are approximately 74,000 Common Carrier
Paging licenses. According to the most recent Trends in Telephone
Service, 608 private and common carriers reported that they were
engaged in the provision of either paging or ``other mobile'' services.
Of these, we estimate that 589 are small, under the SBA-approved small
business size standard. We estimate that the majority of common carrier
paging providers would qualify as small entities under the SBA
definition.
Wireless Communications Services. This service can be used for
fixed, mobile, radiolocation, and digital audio broadcasting satellite
uses. The Commission defined ``small business'' for the wireless
communications services (WCS) auction as an entity with average gross
revenues of $40 million for each of the three preceding years, and a
``very small business'' as an entity with average gross revenues of $15
million for each of the three preceding years. The SBA has approved
these definitions. The Commission auctioned geographic area licenses in
the WCS service. In the auction, which commenced on April 15, 1997 and
closed on April 25, 1997, there were seven bidders that won 31 licenses
that qualified as very small business entities, and one bidder that won
one license that qualified as a small business entity. An auction for
one license in the 1670-1674 MHz band commenced on April 30, 2003 and
closed the same day. One license was awarded. The winning bidder was
not a small entity.
Wireless Telephony. Wireless telephony includes cellular, personal
communications services, and specialized mobile radio telephony
[[Page 55777]]
carriers. The SBA has developed a small business size standard for
``Cellular and Other Wireless Telecommunications'' services. Under that
SBA small business size standard, a business is small if it has 1,500
or fewer employees. According to the most recent Trends in Telephone
Service data, 719 carriers reported that they were engaged in the
provision of wireless telephony. We have estimated that 294 of these
are small under the SBA small business size standard.
Broadband Personal Communications Service. The broadband personal
communications services (PCS) spectrum is divided into six frequency
blocks designated A through F, and the Commission has held auctions for
each block. The Commission has created a small business size standard
for Blocks C and F as an entity that has average gross revenues of less
than $40 million in the three previous calendar years. For Block F, an
additional small business size standard for ``very small business'' was
added and is defined as an entity that, together with its affiliates,
has average gross revenues of not more than $15 million for the
preceding three calendar years. These small business size standards, in
the context of broadband PCS auctions, have been approved by the SBA.
No small businesses within the SBA-approved small business size
standards bid successfully for licenses in Blocks A and B. There were
90 winning bidders that qualified as small entities in the Block C
auctions. A total of 93 ``small'' and ``very small'' business bidders
won approximately 40 percent of the 1,479 licenses for Blocks D, E, and
F. On March 23, 1999, the Commission reauctioned 155 C, D, E, and F
Block licenses; there were 113 small business winning bidders.
On January 26, 2001, the Commission completed the auction of 422 C
and F Broadband PCS licenses in Auction No. 35. Of the 35 winning
bidders in this auction, 29 qualified as ``small'' or ``very small''
businesses. Subsequent events, concerning Auction 35, including
judicial and agency determinations, resulted in a total of 163 C and F
Block licenses being available for grant.
Narrowband Personal Communications Services. The Commission held an
auction for Narrowband PCS licenses that commenced on July 25, 1994,
and closed on July 29, 1994. A second auction commenced on October 26,
1994 and closed on November 8, 1994. For purposes of the first two
Narrowband PCS auctions, ``small businesses'' were entities with
average gross revenues for the prior three calendar years of $40
million or less. Through these auctions, the Commission awarded a total
of 41 licenses, 11 of which were obtained by four small businesses. To
ensure meaningful participation by small business entities in future
auctions, the Commission adopted a two-tiered small business size
standard in the Narrowband PCS Second Report and Order. A ``small
business'' is an entity that, together with affiliates and controlling
interests, has average gross revenues for the three preceding years of
not more than $40 million. A ``very small business'' is an entity that,
together with affiliates and controlling interests, has average gross
revenues for the three preceding years of not more than $15 million.
The SBA has approved these small business size standards. A third
auction commenced on October 3, 2001 and closed on October 16, 2001.
Here, five bidders won 317 (Metropolitan Trading Areas and nationwide)
licenses. Three of these claimed status as a small or very small entity
and won 311 licenses.
Lower 700 MHz Band Licenses. We adopted criteria for defining three
groups of small businesses for purposes of determining their
eligibility for special provisions such as bidding credits. We have
defined a ``small business'' as an entity that, together with its
affiliates and controlling principals, has average gross revenues not
exceeding $40 million for the preceding three years. A ``very small
business'' is defined as an entity that, together with its affiliates
and controlling principals, has average gross revenues that are not
more than $15 million for the preceding three years. Additionally, the
lower 700 MHz Service has a third category of small business status
that may be claimed for Metropolitan/Rural Service Area (MSA/RSA)
licenses. The third category is ``entrepreneur,'' which is defined as
an entity that, together with its affiliates and controlling
principals, has average gross revenues that are not more than $3
million for the preceding three years. The SBA has approved these small
size standards. An auction of 740 licenses (one license in each of the
734 MSAs/RSAs and one license in each of the six Economic Area
Groupings (EAGs)) commenced on August 27, 2002, and closed on September
18, 2002. Of the 740 licenses available for auction, 484 licenses were
sold to 102 winning bidders. Seventy-two of the winning bidders claimed
small business, very small business or entrepreneur status and won a
total of 329 licenses. A second auction commenced on May 28, 2003, and
closed on June 13, 2003, and included 256 licenses: 5 EAG licenses and
476 Cellular Market Area licenses. Seventeen winning bidders claimed
small or very small business status and won 60 licenses, and nine
winning bidders claimed entrepreneur status and won 154 licenses.
Upper 700 MHz Band Licenses. The Commission released a Report and
Order, authorizing service in the upper 700 MHz band. This auction,
previously scheduled for January 13, 2003, has been postponed.
700 MHz Guard Band Licenses. In the 700 MHz Guard Band Order, we
adopted size standards for ``small businesses'' and ``very small
businesses'' for purposes of determining their eligibility for special
provisions such as bidding credits and installment payments. A small
business in this service is an entity that, together with its
affiliates and controlling principals, has average gross revenues not
exceeding $40 million for the preceding three years. Additionally, a
very small business is an entity that, together with its affiliates and
controlling principals, has average gross revenues that are not more
than $15 million for the preceding three years. SBA approval of these
definitions is not required. An auction of 52 Major Economic Area (MEA)
licenses commenced on September 6, 2000, and closed on September 21,
2000. Of the 104 licenses auctioned, 96 licenses were sold to nine
bidders. Five of these bidders were small businesses that won a total
of 26 licenses. A second auction of 700 MHz Guard Band licenses
commenced on February 13, 2001, and closed on February 21, 2001. All
eight of the licenses auctioned were sold to three bidders. One of
these bidders was a small business that won a total of two licenses.
Specialized Mobile Radio. The Commission awards ``small entity''
bidding credits in auctions for Specialized Mobile Radio (SMR)
geographic area licenses in the 800 MHz and 900 MHz bands to firms that
had revenues of no more than $15 million in each of the three previous
calendar years. The Commission awards ``very small entity'' bidding
credits to firms that had revenues of no more than $3 million in each
of the three previous calendar years. The SBA has approved these small
business size standards for the 900 MHz Service. The Commission has
held auctions for geographic area licenses in the 800 MHz and 900 MHz
bands. The 900 MHz SMR auction began on December 5, 1995, and closed on
April 15, 1996. Sixty bidders claiming that they qualified as small
businesses under the $15 million size standard won
[[Page 55778]]
263 geographic area licenses in the 900 MHz SMR band. The 800 MHz SMR
auction for the upper 200 channels began on October 28, 1997, and was
completed on December 8, 1997. Ten bidders claiming that they qualified
as small businesses under the $15 million size standard won 38
geographic area licenses for the upper 200 channels in the 800 MHz SMR
band. A second auction for the 800 MHz band was held on January 10,
2002 and closed on January 17, 2002 and included 23 BEA licenses. One
bidder claiming small business status won five licenses.
The auction of the 1,053 800 MHz SMR geographic area licenses for
the General Category channels began on August 16, 2000, and was
completed on September 1, 2000. Eleven bidders won 108 geographic area
licenses for the General Category channels in the 800 MHz SMR band
qualified as small businesses under the $15 million size standard. In
an auction completed on December 5, 2000, a total of 2,800 Economic
Area licenses in the lower 80 channels of the 800 MHz SMR service were
sold. Of the 22 winning bidders, 19 claimed small business status and
won 129 licenses. Thus, combining all three auctions, 40 winning
bidders for geographic licenses in the 800 MHz SMR band claimed status
as small business.
In addition, there are numerous incumbent site-by-site SMR
licensees and licensees with extended implementation authorizations in
the 800 and 900 MHz bands. We do not know how many firms provide 800
MHz or 900 MHz geographic area SMR pursuant to extended implementation
authorizations, nor how many of these providers have annual revenues of
no more than $15 million. One firm has over $15 million in revenues. We
assume, for purposes of this analysis, that all of the remaining
existing extended implementation authorizations are held by small
entities, as that small business size standard is approved by the SBA.
Description of Projected Reporting, Recordkeeping, and Other Compliance
Requirements for Small Entities
There are two distinct types of compliance requirements associated
with this Order. First, wireless providers that provide wireless
messaging service must provide to the Commission a list of all their
domain names used for wireless messages. The record indicates that this
list for each service provider is thought to be relatively static and
of manageable size. We expect service providers to provide this list
electronically and do not expect production of such a list by a
business, even a small business, to be expensive or time consuming.
As a result of this mandate, businesses wishing to send commercial
electronic messages must avoid sending messages to addresses that
reference the domain names for wireless devices unless they have
obtained the subscriber's express prior authorization. To do this,
senders may check the list of domain names. Thus, prior to sending a
commercial message to that address, businesses must also obtain express
authorization from any subscriber whose e-mail address includes a
domain name that appears on the list. This express authorization may be
obtained either by oral or written means and must be obtained only once
until the subscriber revokes such authorization. Because the list of
domain names is expected to be small, we do not anticipate the
compliance burden of checking such a list to be great.
Steps Taken To Minimize the Significant Economic Impact on Small
Entities, and Significant Alternatives Considered
The RFA requires an agency to describe any significant alternatives
that it has considered in developing its approach, which may include
the following four alternatives (among others): ``(1) The establishment
of differing compliance or reporting requirements or timetables that
take into account the resources available to small entities; (2) the
clarification, consolidation, or simplification of compliance and
reporting requirements under the rule for such small entities; (3) the
use of performance rather than design standards; and (4) an exemption
from coverage of the rule, or any part thereof, for such small
entities.''
Initially, we note that the rules are intended to protect
subscribers, including small businesses, from unwanted mobile service
commercial messages. Congress found these unwanted messages to be
costly and time-consuming for wireless subscribers. The rules adopted
in this Order will benefit small businesses by reducing cost and time
burdens on small businesses that receive such messages.
One alternative considered by the Commission was a registry of
individual e-mail addresses. This list would have been similar to the
national ``do-not-call'' registry; however, after careful consideration
of the costs and benefits of creating a national do-not-e-mail
registry, including consideration of the burden on small businesses, we
believe that the disadvantages of such a system outweigh the possible
advantages. We would expect such a system to contain millions of
records, which unlike the ``do-not-call'' registry would each be unique
in length and type of characters, making searching and scrubbing of
such a list difficult and time consuming, perhaps inordinately so for
small businesses. Therefore, we instead chose to adopt rules requiring
the registering of domain names used for mobile service with the
Commission.
Unlike individual e-mail addresses, the list of domain names is
limited and manageable. The record indicates that it is already
wireless providers' practice to use certain domain names and that the
establishment of such a list would not burden carriers, presumably not
even small carriers, and would place the burden of complying with the
CAN SPAM Act on the senders of commercial messages. No commercial e-
mail can be sent to an address that contains one of the domain names
that has been on the list for 30 days or the that sender otherwise
knows to be for wireless service, unless the sender has obtained
express authorization from the subscriber. The list of domain names
will be available without cost from the Commission in an electronic
format. While senders of commercial messages will not be required to
provide proof that they consulted the wireless domain name list or that
they consulted it at a particular time, any person or entity may use as
a ``safe harbor'' defense the fact that a specific domain name was not
on the list more than 30 days before the offending message was
initiated. This ``safe harbor'' defense shall not excuse any willful
violation--if the sender otherwise know the e-mail address to be
protected--of the ban on sending unwanted messages to wireless
subscribers. We expect that global searches of senders' electronic mail
lists to identify the domain names will be easy and inexpensive.
A second alternative considered by the Commission was in the area
of obtaining express authorization. The Commission has declined to
require that the express authorization be in writing. Senders, who must
obtain this authorization before sending commercial electronic
messages, are permitted to obtain such authorization by oral or written
means, including electronic methods. Although not alleviating the
entire burden on small businesses, the record would suggest that there
is less of a burden if authorizations can be made orally instead of in
writing. If the authorization is in writing, it may be obtained in a
variety of ways--including paper form or electronic mail. By
[[Page 55779]]
allowing a variety of methods for authorization, the Commission is
allowing senders of commercial messages, including any small
businesses, to choose the method that works best for them. It is
expected that this ability to choose will result in greater
efficiencies and less cost for small businesses while still allowing
them to comply with the CAN SPAM Act.
Report to Congress
The Commission will send a copy of the Order, including this Final
Regulatory Flexibility Analysis (FRFA), in a report to be sent to
Congress pursuant to the Congressional Review Act. In addition, the
Commission will send a copy of the Order, including this FRFA, to the
Chief Counsel for Advocacy of the SBA. A copy of the Order and FRFA (or
summaries thereof) will also be published in the Federal Register.
Ordering Clauses
Accordingly, pursuant to authority contained in sections 1-4, 222,
227 and 303(r) of the Communications Act of 1934, as amended; 47 U.S.C.
151-154, 222, 227, and 303(r); and the Controlling the Assault of Non-
Solicited Pornography and Marketing Act of 2003, Public Law 108-187,
117 Statute 2699; 15 U.S.C. 7701-7712, the Order in CG Docket Nos. 04-
53 and 02-278 is adopted and Part 64 of the Commission's rules, 47 CFR
Part 64, is amended as set forth in Appendix B.
The requirements of this Order shall become effective October 18,
2004. The rules in 47 CFR 64.3100 that contain information collection
requirements under the PRA are not effective until approved by OMB.
Once these information collections are approved by OMB, the Commission
will release a public notice and publish a document in the Federal
Register announcing the effective date of these rules.
The Commission delegates to the Consumer & Governmental Affairs
Bureau the authority to amend the rules to reflect any updates in the
time-frames adopted under this Order that are dependent upon the
Federal Trade Commission's rules under the CAN SPAM Act, as discussed
herein, and to amend the definitions dependent on the Federal Trade
Commission's rules under the CAN SPAM Act, as discussed herein.
The Commission's Consumer & Governmental Affairs Bureau, Reference
Information Center, shall send a copy of this Order, including the
Final Regulatory Flexibility Analysis, to the Chief Counsel for
Advocacy of the Small Business Administration.
List of Subjects in 47 CFR Part 64
Communications common carriers and Reporting and recordkeeping
requirements.
Federal Communications Commission.
Marlene H. Dortch,
Secretary.
Rule Changes
0
For the reasons discussed in the preamble, the Federal Communications
Commission amends 47 CFR part 64 as follows:
PART 64--MISCELLANEOUS RULES RELATING TO COMMON CARRIERS
0
1. The authority citation for part 64 continues to read as follows: 47
U.S.C. 154, 254(k); secs. 403(b)(2)(B), (c), Public Law 104-104, 110
Stat. 56. Interpret or apply 47 U.S.C. 201, 218, 225, 226, 228, and
254(k) unless otherwise noted.
0
2. Subpart BB is added with the Subpart Heading to read as follows:
Subpart BB--Restrictions on Unwanted Mobile Commercial Service
Messages
0
3. Section 64.3100 is added to read as follows:
Sec. 64.3100 Restrictions on mobile service commercial messages.
(a) No person or entity may initiate any mobile service commercial
message, as those terms are defined in paragraph (c)(7) of this
section, unless:
(1) That person or entity has the express prior authorization of
the addressee;
(2) That person or entity is forwarding that message to its own
address;
(3) That person or entity is forwarding to an address provided that
(i) The original sender has not provided any payment, consideration
or other inducement to that person or entity; and
(ii) That message does not advertise or promote a product, service,
or Internet website of the person or entity forwarding the message; or
(4) The address to which that message is sent or directed does not
include a reference to a domain name that has been posted on the FCC's
wireless domain names list for a period of at least 30 days before that
message was initiated, provided that the person or entity does not
knowingly initiate a mobile service commercial message.
(b) Any person or entity initiating any mobile service commercial
message must:
(1) Cease sending further messages within ten (10) days after
receiving such a request by a subscriber;
(2) Include a functioning return electronic mail address or other
Internet-based mechanism that is clearly and conspicuously displayed
for the purpose of receiving requests to cease the initiating of mobile
service commercial messages and/or commercial electronic mail messages,
and that does not require the subscriber to view or hear further
commercial content other than institutional identification;
(3) Provide to a recipient who electronically grants express prior
authorization to send commercial electronic mail messages with a
functioning option and clear and conspicuous instructions to reject
further messages by the same electronic means that was used to obtain
authorization;
(4) Ensure that the use of at least one option provided in
paragraphs (b)(2) and (b)(3) of this section does not result in
additional charges to the subscriber;
(5) Identify themselves in the message in a form that will allow a
subscriber to reasonably determine that the sender is the authorized
entity; and
(6) For no less than 30 days after the transmission of any mobile
service commercial message, remain capable of receiving messages or
communications made to the electronic mail address, other Internet-
based mechanism or, if applicable, other electronic means provided by
the sender as described in paragraph (b)(2) and (b)(3) of this section.
(c) Definitions. For the purpose of this subpart:
(1) Commercial Mobile Radio Service Provider means any provider
that offers the services defined in 47 CFR Section 20.9.
(2) Commercial electronic mail message means the term as defined in
the CAN SPAM Act, 15 U.S.C. Section 7702. The term is defined as ``an
electronic message for which the primary purpose is commercial
advertisement or promotion of a commercial product or service
(including content on an Internet website operated for a commercial
purpose).'' The term ``commercial electronic mail message'' does not
include a transactional or relationship message.
(3) Domain name means any alphanumeric designation which is
registered with or assigned by any domain name registrar, domain name
registry, or other domain name registration authority as part of an
electronic address on the Internet.
[[Page 55780]]
(4) Electronic mail address means a destination, commonly expressed
as a string of characters, consisting of a unique user name or mailbox
and a reference to an Internet domain, whether or not displayed, to
which an electronic mail message can be sent or delivered.
(5) Electronic mail message means a message sent to a unique
electronic mail address.
(6) Initiate, with respect to a commercial electronic mail message,
means to originate or transmit such messages or to procure the
origination or transmission of such message, but shall not include
actions that constitute routine conveyance of such message. For
purposes of this paragraph, more than one person may be considered to
have initiated a message. ``Routine conveyance'' means the
transmission, routing, relaying, handling, or storing, through an
automatic technical process, or an electronic mail message for which
another person has identified the recipients or provided the recipient
addresses.
(7) Mobile Service Commercial Message means a commercial electronic
mail message that is transmitted directly to a wireless device that is
utilized by a subscriber of a commercial mobile service (as such term
is defined in section 332(d) of the Communications Act of 1934 (47
U.S.C. 332(d)) in connection with such service. A commercial message is
presumed to be a mobile service commercial message if it is sent or
directed to any address containing a reference, whether or not
displayed, to an Internet domain listed on the FCC's wireless domain
names list. The FCC's wireless domain names list will be available on
the FCC's website and at the Commission headquarters, 445 12th St.,
SW., Washington, DC 20554.
(8) Transactional or relationship message means any electronic mail
message the primary purpose of which is:
(i) To facilitate, complete, or confirm a commercial transaction
that the recipient has previously agreed to enter into with the sender;
(ii) To provide warranty information, product recall information,
or safety or security information with respect to a commercial product
or service used or purchased by the recipient;
(iii) To provide:
(A) Notification concerning a change in the terms or features of;
(B) Notification of a change in the recipient's standing or status
with respect to; or
(C) At regular periodic intervals, account balance information or
other type of account statement with respect to a subscription,
membership, account, loan, or comparable ongoing commercial
relationship involving the ongoing purchase or use by the recipient of
products or services offered by the sender;
(D) To provide information directly related to an employment
relationship or related benefit plan in which the recipient is
currently involved, participating, or enrolled; or
(E) To deliver goods or services, including product updates or
upgrades, that the recipient is entitled to receive under the terms of
a transaction that the recipient has previously agreed to enter into
with the sender.
(d) Express Prior Authorization may be obtained by oral or written
means, including electronic methods.
(1) Written authorization must contain the subscriber's signature,
including an electronic signature as defined by 15 U.S.C. 7001 (E-Sign
Act).
(2) All authorizations must include the electronic mail address to
which mobile service commercial messages can be sent or directed. If
the authorization is made through a website, the website must allow the
subscriber to input the specific electronic mail address to which
commercial messages may be sent.
(3) Express Prior Authorization must be obtained by the party
initiating the mobile service commercial message. In the absence of a
specific request by the subscriber to the contrary, express prior
authorization shall apply only to the particular person or entity
seeking the authorization and not to any affiliated entities unless the
subscriber expressly agrees to their being included in the express
prior authorization.
(4) Express Prior Authorization may be revoked by a request from
the subscriber, as noted in paragraph (b)(2) and (b)(3) of this
section.
(5) All requests for express prior authorization must include the
following disclosures:
(i) That the subscriber is agreeing to receive mobile service
commercial messages sent to his/her wireless device from a particular
sender. The disclosure must state clearly the identity of the business,
individual, or other entity that will be sending the messages;
(ii) That the subscriber may be charged by his/her wireless service
provider in connection with receipt of such messages; and
(iii) That the subscriber may revoke his/her authorization to
receive MSCMs at any time.
(6) All notices containing the required disclosures must be clearly
legible, use sufficiently large type or, if audio, be of sufficiently
loud volume, and be placed so as to be readily apparent to a wireless
subscriber. Any such disclosures must be presented separately from any
other authorizations in the document or oral presentation. If any
portion of the notice is translated into another language, then all
portions of the notice must be translated into the same language.
(e) All CMRS providers must identify all electronic mail domain
names used to offer subscribers messaging specifically for wireless
devices in connection with commercial mobile service in the manner and
time-frame described in a public notice to be issued by the Consumer &
Governmental Affairs Bureau.
(f) Each CMRS provider is responsible for the continuing accuracy
and completeness of information furnished for the FCC's wireless domain
names list. CMRS providers must:
(1) File any future updates to listings with the Commission not
less than 30 days before issuing subscribers any new or modified domain
name;
(2) Remove any domain name that has not been issued to subscribers
or is no longer in use within 6 months of placing it on the list or
last date of use; and
(3) Certify that any domain name placed on the FCC's wireless
domain names list is used for mobile service messaging.
[FR Doc. 04-20901 Filed 9-15-04; 8:45 am]
BILLING CODE 6712-01-U