Hall’s theory of liability is novel and, consequently, there is little case law to guide businesses dealing with similar situations.
The Telephone Communications Protection Act (TCPA) has long been a hotbed of consumer litigation, particularly for class actions. For many years, plaintiffs were successful in alleging that a defendant used an automatic telephone dialing system (ATDS) to call or send messages to their cellphone without first obtaining prior express written consent. Then, in April 2021, the Supreme Court of the United States issued its ruling in Facebook v. Duguid, narrowing the definition of what devices count as an ATDS and creating a more difficult path to recovery under the TCPA. But a lawsuit filed recently in California federal court appears to open yet another front in TCPA litigation by questioning whether minors can give valid consent under the law. This is an issue that compliance and defense attorneys will have to consider moving forward.
The Lawsuit
In Hall v. Smosh Dot Com., Inc., No. 2:21-cv-01997 (E.D. Cal. 2021), the plaintiff, Hall, filed a putative class action suit against an online entertainment company, Smosh, alleging that the company sent text messages to her minor son without valid consent under the TCPA. The complaint alleges that Smosh sent a series of text message solicitations to Hall’s cellphone—which she allowed her son to use periodically—between December 2019 and June 2020. Those messages offered discounts on Smosh merchandise through its online store. Notably, Hall does not allege that Smosh failed to obtain her son’s consent before sending the text message solicitations; rather, she alleges that her son was legally incapable of providing the consent necessary under the TCPA because he was 13 years old at the time.
Potential Implications
Hall’s theory of liability is novel and, consequently, there is little case law to guide businesses dealing with similar situations. However, some clues exist in the way courts and regulators have addressed comparable situations: For example, both courts and regulators have looked to contract law in interpreting the TCPA. Settled contract law in most jurisdictions dictates that minors lack the capacity to contract and their consent is legally insufficient to bind them to an agreement, though any resulting agreement is valid and voidable, but not void. Looking to state contract law, courts may conclude that the consent provided by a minor under the TCPA is valid when gathered but can be revoked immediately by a parent. However, state contract law may present an impediment to plaintiffs who seek to certify a class, because contract law can differ in important ways from jurisdiction to jurisdiction.
The Federal Trade Commission’s efforts to enforce the Children’s Online Privacy Protection Act (COPPA) may also provide some clues. COPPA requires businesses to obtain a parent’s verifiable consent before gathering personal data from children under the age of 13. In addition to cracking down on companies who do not obtain verification in the first place, the FTC has also taken action against companies that lack a mechanism to verify parental consent properly.
For example, the FTC pursued an administrative action in 2019 for violations of COPPA in connection with the website iDressup.com, where children could play dress-up games, design clothing and decorate spaces, all while communicating with each other through a social network. According to the complaint, the operators of the website knew its users were girls and boys between the ages of 7 and 17, but failed to employ proper methods to verify parental consent. During registration, the website required the user to submit a user name, password, birthdate and email address. Users whose birthdate placed them under the age of 13 received a prompt to enter a parent’s email address, after which an email was sent to the purported parent with a link to verify consent for the child’s use of the website. The FTC alleged that the verification measure violated COPPA because anyone who received the link could verify consent by simply clicking on it, and there was no technical method to ensure the person verifying consent was actually the minor’s parent. Notably, the FTC also enforces the Telemarketing Sales Rule, which substantially overlaps with the TCPA.
Takeaways
With the explosion of litigation under the TCPA, businesses have since adopted a cautious approach when sending telemarketing text messages. Lawsuits like Hall’s reinforce that notion, given that minors have more access to cellular phones than ever, and the law on the issue presented there remains unsettled. Businesses that send telemarketing text messages may now face exposure to TCPA liability inadvertently in a number of ways. One potential pitfall is the large quantity of cellphone numbers that are reassigned from one subscriber to another, increasing the likelihood that a number once belonging to an adult may now belong to a minor. Courts and regulators may conclude that protecting minors takes precedence over providing leeway and predictability to businesses, and the result may be the unavailability of safe harbors under the TCPA and its implementing rules when a minor is involved. From a compliance perspective, businesses would do well to know whether their customer bases include minors or if their products or services appeal to them, and if so, to obtain the consent of a minor’s parent in a manner that permits actual verification.
For More Information
If you have any questions about this Alert, please contact John D. Huh, Simeon S. Poles, any of the attorneys in our Trial Practice Group any of the attorneys in our Technology, Media and Telecom Industry Group the attorney in the firm with whom you are regularly in contact.
Disclaimer: This Alert has been prepared and published for informational purposes only and is not offered, nor should be construed, as legal advice. For more information, please see the firm's full disclaimer.