Ok, so we have truly become a technology-dependent society. I get that. But seriously, I just want to throw a scenario at you and get your thoughts – no peeking ahead! Just go with the flow. Here’s the situation – what are your thoughts?
You get a text from First National Bank (your bank). Here’s what it says:
“A data breach at XYZ Processor may have exposed your personal information. Click here for more information.” (complete with a handy-dandy hyperlink!)
Here’s another variation, try this one and see if it fits better: you get a robo-call (automated dialer with a pre-recorded message) stating:
“A data breach at XYZ Processor may have exposed your personal information. Please press 1 if this is (insert name) to continue with this message.”
Is anyone else seriously creeped out by this? I’m told (and preach) don’t click the link in texts! AND I delete robo-call voicemails. Who knows who they are from anyway – mine always go to voicemail and I only catch half the message because they always start the recording before my voicemail actually records.
Here’s the skinny of what’s going on.
The Federal Communications Commission has clarified the Telephone Consumer Protection Act (TCPA) to now allow for automated data breach notifications to consumer’s wireless phones. What this means is that the above scenarios could soon be a reality.
And it’s not just restricted to financial institutions; you could soon be receiving vital healthcare reminders (i.e. you have a medication coming up due for a refill!) via, you guessed it, text or robo-calls without doing anything more than giving them your cell phone number. No opt-in for the service required.
You can’t disclose too much without violating privacy laws, but we’ve been teaching account holders for, like YEARS, not to trust these type of vague messages.
Now, there are some exceptions - the calls or texts must still be free and the consumer must still have a way to opt-out of future messages. Naughty naughty is the healthcare provider who robo-slams you with unwanted messages.
But users beware; under the section of Reassigned Numbers in the TCPA, the caller (i.e Financial Institution or pharmacy) has just one single opportunity to call a number that has been reassigned to a different consumer, and don’t call again. The FCC hasn’t done any exploration on the issue of consumers who gave legitimate consent to robo-calls or text messages, but then changes phone numbers without notifying the entity they gave original permission to.
The phone number the business has on file is now a wrong number. Aside from the obvious implications (i.e. you aren’t talking to your account holder!) there are the consumer lawsuits that have long waged when a consumer is assigned a new cell number, gets these “unwanted messages” but doesn’t tell the business, then sues (successfully). So, proceed with caution. Especially if I am your account holder, because I won’t consider myself notified of something like a data breach just because you texted me. Just saying.