PrivacySpeak
Navigating the world of telemarketing, data privacy & AI
Breaking News: FCC Delays Part of the Consent Revocation Rule Until 2026
This morning, the Federal Communications Commission (FCC) announced it is delaying part of its consent revocation rule, specifically Section 64.1200(a)(10), until April 11, 2026.
The Reassigned Number Database: A Safe Harbor or a Costly Trap?
Imagine this: your company calls a long-time customer, only to find out their phone number was reassigned. Now you’re facing a TCPA class action with potential damages in the millions. You had no idea the number changed hands, but it doesn’t matter.
Easy Peasy: Vicarious Liability Claims Survive Motion to Dismiss in TCPA Suit
Dismissing a TCPA lawsuit early is no small feat. The recent case of Jubb v. CHW Grp., Inc., 2025 U.S. Dist. LEXIS 59172 (D.N.J. Mar. 28, 2025), highlights how easily plaintiffs can plead both direct and vicarious liability, keeping businesses entangled in litigation.
Michigan Ruling Opens Door to Lawsuits Over Caller ID Violations
In a case that could have nationwide implications, the Eastern District of Michigan has ruled that individuals can sue for caller ID violations under the Telephone Consumer Protection Act.
A Tale of Time Frames: The Established Business Relationship
If you’ve ever worked in sales, marketing, or compliance, you’ve probably heard: “You can call someone on the federal “do-not-call” list if you have an established business relationship (EBR), i.e., a purchase within the past 18 months or an inquiry within the past 3 months.” But state laws often have their own, much stricter time frames.
California’s Privacy Laws Have Teeth, and They’re Biting
California isn’t playing around when it comes to data privacy. With recent crackdowns on Background Alert, Inc. and Honda, the California Privacy Protection Agency (CPPA) is making it clear: violating the state’s privacy laws can come with serious consequences.
Definitely, Maybe: Will the FCC Cut Red Tape or Just Talk About It?
In a move that surprises few, the FCC is looking to scale back its regulatory oversight. Last week, it issued a public notice requesting comments on rules that “have outlived their usefulness, for which there is no longer any (or only substantially diminished) need, or which otherwise give rise to harms….” It’s not hard to see where this is headed.
Heads Up, Businesses: Tennessee and Minnesota’s Data Privacy Laws Take Effect This Summer
This summer, Tennessee and Minnesota are rolling out new consumer data privacy laws—the Tennessee Information Protection Act (TIPA) on July 1 and the Minnesota Consumer Data Privacy Act (MCDPA) on July 31.
Does “Do-Not-Call” Mean Do It Now? Plaintiffs Argue for Faster Opt Outs
Under the TCPA, businesses must honor internal “do-not-call” requests within a reasonable time, but no later than 30 days. But some plaintiffs now argue that companies should act even faster.
Click-to-Cancel: The FTC’s New Rule That’s Shaking Up Subscription Businesses
On May 14, 2025, the FTC “Click-to-Cancel” rule will finally take effect, and let’s be honest—this is the regulation subscription-based businesses secretly feared. The rule requires businesses to comply with a new mandate: if signing up was easy, canceling must be just as simple. No more requiring customers to send a carrier pigeon to end their subscriptions.
Say Goodbye to the 30-Day Window: TCPA Now Requires 10-Day Opt-Out Compliance
If you work in marketing, customer service, or any field involving consumer communications, get ready—significant changes are coming to the TCPA.
Starting April 11, 2025, new FCC rules will introduce stricter guidelines for revoking consent, and you don’t want to be caught off guard.
Bifurcated Discovery Is Alive and Well
I’ll keep this brief: If you're a defendant in a TCPA class action and the judge requires a joint proposed scheduling order, your counsel should always request bifurcated (or phased) discovery.
Don’t Overlook the TCPA Safe Harbor Defense for “Do-Not-Call” Claims
After the Supreme Court narrowed the definition of an “automatic telephone dialing system” (ATDS) in the 2021 Facebook v. Duguid case, plaintiffs’ attorneys have shifted their approach. They now focus on certifying classes of individuals who claim to have received marketing calls or texts while their numbers were listed on the federal "do-not-call" registry under 47 U.S.C. § 227(c).
Talk is Cheap: Court Sides with Retailer in TCPA Case
What happens when a shopper says they don’t want marketing texts—but then enters their phone number at checkout anyway?
In Thompson v. Vintage Stock, Inc., 2025 U.S. Dist. LEXIS 18712 (Feb. 3, 2025), the United States District Court for the Eastern District of Missouri ruled in favor of the retailer, highlighting the importance of digital consent.
The Problem with Using a Template Privacy Policy
It might seem tempting to think that complying with state privacy laws is as easy as Googling a template privacy policy, swapping in your company name, and calling it a day. But here’s the thing—many state privacy laws don’t apply to all companies. Whether they do depends on factors like your company’s annual revenue, how much personal data you buy, sell, or share, and how much of your revenue comes from selling or sharing that data. Some states also have exemptions for certain nonprofits and specific types of data, i.e., employment records.
Contracts 101: Why You Should Be Careful with Indemnification Clauses in the Age of TCPA Class Actions
As TCPA class actions continue to be filed at a steady pace, there’s been a noticeable uptick in cases where defendants are suing their third-party marketing partners or sub-vendors over indemnification issues. This is a good reminder that you need to pay close attention to the indemnification language in every contract. A small mistake could lead to huge liabilities, especially if your contract includes overly broad language like “any and all claims.”
The Importance of State Telemarketing Registration: What You Need to Know
While there’s no federal requirement for telemarketing registration, most states do require businesses to register if they’re making telemarketing calls. Although consumers typically don’t have the right to sue over violations, some states take telemarketing rules seriously, and failing to comply could result in fines.
The Rise of AI Regulation: What’s Happening in Colorado, Utah, and California?
As artificial intelligence (AI) becomes more integrated into our lives, from smart assistants to recruitment tools, new laws are emerging to ensure these technologies are used responsibly. In 2024, three states—California, Colorado, and Utah—took major steps to regulate AI.
The content of PrivacySpeak is not legal advice and should not be used as a substitute for consulting with a qualified attorney. Information provided may not apply to all jurisdictions and may be subject to change. © 2025 Bubeck Law LLC