On June 13, 2019, the 9th Circuit handed down a decision in Duguid v. Facebook, Inc., 926 F.3d 1146 (9th Cir. 2019), which has at least partially brought into question the future of the Telephone Consumer Protection Act (“TCPA”).

Around January 2014 Facebook started sending Noah Duguid sporadic text messages, alerting Duguid that an unrecognized browser was attempting to access his Facebook account. The messages followed a template akin to “Your Facebook account was accessed [by/from] <browser> at <time>. Log in for more info.” While this type of message may be alarming to the everyday Facebook user believing their account may be hacked, these text messages alarmed Duguid for a completely different reason – he does not have a Facebook account.

Because Duguid does not have a Facebook and thus he could not log-in to get any more information, Duguid responded to the text messages by texting “OFF,” with a subsequent response by Facebook assuring him that that Facebook texts would be turned off. Unfortunately, the texts did not stop. Duguid also tried to contact Facebook via email, and was once again assured that the texts would stop. Again, the texts did not stop, and sporadically continued until October 2014.

Duguid sued Facebook in federal court, for violations of the federal TCPA. Congress enacted the TCPA to “protect the privacy interests of residential telephone subscribers by placing restrictions on unsolicited, automated telephone calls.” With certain exceptions, the TCPA bans calls (including text messages) placed using an automated telephone dialing system (“ATDS”). According to the lawsuit, Duguid alleged that Facebook maintained a database of phone numbers, and somehow Facebook managed to obtain Duguid’s mobile number and sent automated messages to him. Duguid brought the lawsuit on behalf of two classes: people who received messages without providing Facebook their phone number, and people who notified Facebook that they did not want to receive messages, but still received at least one message after notifying Facebook of their request.

The definition of an ATDS includes equipment that has the capacity “to store or produce telephone numbers to be called, using a random or sequential number generator.” Using that definition, the trial court originally dismissed the case, claiming that Duguid failed to allege that Facebook sent its messages through an ATDS in order to meet the jurisdictional requirements of the TCPA. On appeal, the 9th Circuit reversed, holding that Duguid’s allegations that Facebook maintains a database of phone numbers, and Duguid’s detail as to how Facebook programs its equipment to generate messages to such numbers, in fact fits within the definition of ATDS and thus falls within the TCPA. The 9th Circuit’s view of ATDS is broad, stating that to be classified an ATDS, “it suffices to merely have the capacity to store numbers to be called and to dial such numbers automatically.” The issue of defining ATDS and its scope has been the subject of disagreement in the courts, with the 9th Circuit’s reaffirming the broad definition, in contrast with other courts who have found that merely storing and dialing numbers is not enough to qualify as an ATDS.

Because the 9th Circuit ruled that Duguid had alleged a prima facie case under the TCPA, the 9th Circuit then addressed the TCPA itself. Under the TCPA, there are three exceptions to the ban on unsolicited calls or text messages: (1) calls “made for emergency purposes” and (2) calls “made with prior express consent of the called party”; and (3) calls “made solely to collect a debt owed to or guaranteed by the United States.” The third of these exceptions was recently added to the TCPA in a 2015 amendment.

Facebook first tried to argue that it was entitled to dismissal on the pleadings because it felt that such texts fit within the first exception of calls “made for emergency purposes,” and pointed out that the FCC has broadly construed such an exception to include “calls made necessary in any situation affecting the health and safety of consumers.” The court rejected the argument, since Duguid specifically alleged that he was not a Facebook customer nor had an account, and thus Facebook is not entitled to the exception. Facebook then challenged the validity of the TCPA as a whole, stating that it infringed on First Amendment rights. The court found that the pre-2015 version of the TCPA was consistent with the First Amendment (including the first two exceptions), and thus the court only looked to the 2015 amendment third exception to the TCPA, the debt collection exception. In conducting a First Amendment constitutional analysis, the Court had to first determine whether the exception was content-neutral and subject to an intermediate scrutiny analysis, or content-based and subject to strict scrutiny. The 9th Circuit found that the TCPA’s amendment “favors speech ‘solely to collect a debt owed’” and “target[s] speech based on its communicative content,” therefore the exception is content-based and must survive strict scrutiny. The court found that the exception was “insufficiently tailored to advance the government’s interests in protecting privacy,” rendering the exception unconstitutional. The Court declined to render the entire TCPA unconstitutional, rather, it severed the exception from the TCPA.

This holding establishes makes the 9th Circuit the second federal appellate court to strike down the exception, the first being the Fourth Circuit in American Association of Political Consultants, Inc. v. FCC, 923 F.3d 159 (4th Cir. 2019). The disagreement of the circuit courts involving the definition of ATDS, and the severing of the TCPA debt collecting exception, may very well be slated for a Supreme Court appearance. In the meantime, companies should always exercise caution in terms of not only the numbers they store, but also what actions they take with such numbers.