Despite a plague of data breaches, banks fear lawsuits if they send fraud alerts via text messages and cellphone calls, according to an industry group
Editor’s note: See later story on this topic: “FCC allows fraud alerts on cellphones”With data breaches regularly compromising consumer accounts, bankers say they want to send more fraud alerts via cellphone calls or text messages, if regulators would let them by carving out an exception to anti-telemarketing rules.
Banks now hold back some alerts fearing potential legal hassles under rules protecting cellphones from unsolicited calls, according to the American Bankers Association. The lobby group for big banks filed a petition with the Federal Communications Commission Tuesday, seeking an exemption from the Telephone Consumer Protection Act.
About 40 percent of households have only a wireless phone, according to a written statement from ABA president Frank Keating. “Unfortunately, the rules were designed for a time when nearly everyone had a landline,” he said.
Prior approval required
The TCPA bars autodialed calls to a cellphone unless the consumer gives permission beforehand. The law is a legal hot-zone for businesses, who are being hit with lawsuits over automated debt collection calls, among other things. In September, AT&T’s mobile unit agreed to settle a lawsuit over autodialed calls for $45 million.
While the association doesn’t know of any lawsuits over fraud alerts, the fear of crossing the legal line is chilling some banks from sending notices as broadly as they could, according to the petition.
The alerts are seen as a key weapon against credit and debit card fraud stemming from data breaches at Home Depot, Target and other retailers. “Research shows that 98 percent of text messages are opened and most are read within three minutes of delivery, enabling consumers and financial institutions to react promptly to time-critical information and contain any potential damage that might be caused by a fraudulent transaction, data security breach or other event,” the association said in its petition.
Research shows that 98 percent of text messages are opened and most are read within three minutes of delivery, enabling consumers and financial institutions to react promptly to time-critical information and contain any potential damage …
|— American Bankers Association|
Petition for rule exemption
Virginia O’Neill says she was among those affected by the chill. O’Neill, the ABA’s assistant chief compliance counsel, recently noticed a new email in an old account that she rarely checks. The message said that her account information was among those stolen in the Home Depot data breach.
“Fortunately nothing happened,” she said. But if the bank had used her cellphone to notify her instead, “I would have taken action on it quicker.”
Why not get consent?
But some consumer advocates are skeptical of the need to carve an exemption in consumer protection law. “I do wonder why it’s not possible to get advance consent for these kinds of calls from customers with which banks already have relations,” said Susan Grant, director of consumer protection at the Consumer Federation of America.
Consumer groups have fought attempts to modify the TCPA in the past, saying that the law protects consumers’ privacy from intrusive corporate marketing. A 2011 proposal to allow nonmarketing “informational” calls drew the opposition of Consumers Union and Consumer Watchdog.
Rather than modifying the consumer protection law itself, the banking group’s petition seeks specific exemptions for alerts about data breaches and suspicious purchases. It also covers “remediation” messages about things to do, such as filing a fraud alert with credit bureaus or watching the mailbox for a new card.
Aside from fraud, the filing also seeks an exemption for money-transfer notifications. Banks are offering online person-to-person payments, but these can be difficult to complete if the recipient is not with the same bank as the sender. Texts would help let people know there is money waiting for them, the ABA said.
Calls, texts would be short
The banking group’s petition sets out conditions for the exemptions, saying that automated calls or texts will only go to the individuals directly involved, and won’t contain any marketing content. Messages will be a minute or less for voice calls and under 160 characters for text.
An FCC representative said that the agency would not comment on the filing, but the agency has received it and may solicit public comment before deliberating.
“We’re hopeful the FCC will give our petition prompt consideration,” Keating’s statement said.