The contact center landscape is heavily regulated, and as an agent, it is essential to be up to speed on all the major rules so that you can serve as a trusted advisor to customers.
Here is a breakdown of some of the top contact center regulations to know about heading into 2021.
Telephone Consumer Privacy Act (TCPA) and TRACED Act
For decades, the TCPA has been protecting consumers by limiting unsolicited prerecorded telemarketing calls to landline home telephones, as well as text messages and prerecorded calls. But what many may not know is there was a change in 2019 that hit stride in 2020.
The TCPA expanded in 2019 when Congress passed the Pallone-Thune Telephone Robocall Criminal Enforcement and Deterrence (TRACED) Act. The TRACED Act aimed to further decrease the unwanted amount of robocall being sent to consumers by building off the existing TCPA framework.
Under the TRACED Act, the FCC has more authority to target responsible parties for illegal robocalls and the ability to levy fines of up to $10,000 per call against companies that intentionally violate it. This is a significant increase in the per-call fine.
In addition, the TRACED Act expands the statute of limitations for violations to four years, increases the Department of Justice’s involvement in prosecuting criminal cases, and requires carriers to provide robocall blocking services to consumers at no additional charge.
The TRACED Act also introduced the Secure Telephone Identity Revisited and Signature-based Handling of Asserted Information Using toKENS (STIR/SHAKEN) framework, which is a validation system to ensure that incoming calls are in fact originating from the number displayed on a caller ID system.
In short, all U.S. carriers must implement STIR/SHAKEN protocols or have a robocall mitigation plan in place by June 31, 2021. Then the question quickly becomes who bears the cost for these new changes. It is unlikely the carriers will absorb the cost completely, so this is something for customers to consider.
Call center administrators should be working closely with carriers at this time to make sure that they are doing everything possible to prepare for this looming deadline. Since most people procrastinate, it is good to start the conversations early to avoid the deadline rush.
National Do Not Call Registry (DNC)
The National Do Not Call Registry (DNC) is a database maintained by the U.S. federal government, containing the contact information of people who have requested not to be contacted by telemarketers.
In August, the FTC announced updated FY21 fees for telemarketers accessing numbers on the DNC registry. Most annual fees increased slightly from FY21. For a complete breakdown, click here.
General Data Protection Regulation (GDPR)
GDPR was drafted by the European Union and put into law on May 25, 2018. Widely regarded as the most far-reaching and toughest privacy law in the world, GDPR threatens harsh fines against companies that violate its strict standards.
GDPR applies to all companies located in the EU as well as companies that do business with European companies. GDPR contains hundreds of pages of requirements governing how and where data containing personal information can be stored.
When GDPR was first unveiled, there was confusion about how the EU would enforce it and if it would be taken seriously by global companies. To date, there have been over 340 GDPR fines issued, totaling roughly $192 million — proving that GDPR is for real and businesses need to be serious about how they hold and protect consumer information.
There is a high possibility that the success of GDPR in the US will drive more stringent rules and fines in the US.
CCPA (California Consumer Privacy Act)
Following the deployment of GDPR, a landmark piece of legislation was passed in the U.S. with the California Consumer Privacy Act of 2018, also known as AB 375 or the CCPA.
This law, which went into effect on January 1, 2020, regulates how global businesses handle California resident’s personal information. California consumers now have the right to understand what data is being collected about them, and how it’s being used. Also, they can revoke consent.
CCPA applies to any business that sells the personal data of more than 50,000 California residents annually, companies that have an annual gross revenue of $25 million, or those that derive more than 50 percent of annual revenue from selling personal data on California residents.
As you can see, contact center regulation is complicated and costly — which is why it pays to have a trusted advisor in Telarus on standby to provide information and updates.