Supporting Statement OMB 3060-1078 (2022 extension)

Supporting Statement OMB 3060-1078 (2022 extension).docx

Rules and Regulations Implementing the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM ACT); CG Docket No. 04-53

OMB: 3060-1078

Document [docx]
Download: docx | pdf

OMB Control Number: 3060-1078 May 2022

Rules and Regulations Implementing the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM Act); CG Docket No. 04-53



SUPPORTING STATEMENT

A. Justification


1.

Congress passed the CAN-SPAM Act to address the growing number of unwanted commercial electronic mail messages,1 which Congress had determined to be costly, inconvenient, and often fraudulent or deceptive. Section 14 of the CAN-SPAM Act requires the FCC, in consultation with the FTC, to promulgate rules to protect consumers from unwanted “mobile service commercial messages.”2 Section 14 also directs the FCC to provide wireless subscribers with the ability: (1) to avoid receiving mobile service commercial messages sent without the subscribers’ prior consent and (2) to indicate electronically a desire not to receive future such messages.


In 2004, the Commission released the Report and Order (Order), Rules and Regulations Implementing the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003; Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991, CG Docket Nos. 04-53 and 02-278, FCC 04-52, which adopted rules to prohibit the transmission of commercial messages to any address referencing an Internet domain name associated with wireless subscriber messaging services, unless the individual addressee has given the sender express prior authorization.


To assist the senders of such messages in identifying those subscribers, the Commission requires that Commercial Mobile Radio Service (CMRS) providers submit those domain names to the Commission, for inclusion in a list that will be made publicly available on the FCC’s website. No individual subscriber’s electronic mail addresses will be collected or included on this list. CMRS providers are required to supply the Commission with names of all Internet domains on which they offer mobile messaging service. The rules prohibit sending any commercial messages to addresses that contain domain names that have been included on the official list for at least 30 days or at any time prior to 30 days if the sender otherwise knows that the message is addressed to a wireless device.


Among other things, the information collection requirements consist of:


(A) 47 CFR § 64.3100(d): In the Order, the Commission adopted a rule that no person or entity may send commercial messages to wireless subscribers unless certain conditions are met, one of which is that the person or entity sending the message has obtained the recipient’s prior express authorization as defined in 47 CFR § 64.3100(d). Specifically, 47 CFR § 64.3100(d) states: “Express Prior Authorization” may be obtained by oral or written means, including electronic methods, as follows:


(1) Written authorization must contain the subscriber’s signature, including an electronic signature as defined by 15 U.S.C. § 7001 (E-Sign Act).


(2) All authorizations must include the electronic mail address to which mobile service commercial messages can be sent or directed. If the authorization is made through a website, the website must allow the subscriber to input the specific electronic mail address to which commercial messages may be sent.


(3) Express Prior Authorization must be obtained by the party initiating the mobile service commercial message. In the absence of a specific request by the subscriber to the contrary, “express prior authorization” shall apply only to the particular person or entity seeking the authorization and not to any affiliated entities unless the subscriber expressly agrees to their being included in the express prior authorization.


(4) Express Prior Authorization may be revoked by a request from the subscriber, as noted in paragraph 47 CFR §§ 64.3100(b)(2) and (b)(3).3


(5) All requests for express prior authorization must include the following disclosures:


(i) that the subscriber is agreeing to receive mobile service commercial messages sent to his/her wireless device from a particular sender. The disclosure must state clearly the identity of the business, individual, or other entity that will be sending the messages.


(ii) that the subscriber may be charged by his/her wireless service provider in connection with receipt of such messages.


(iii) that the subscriber may revoke his/her authorization to receive MSCMs at any time.


(6) All notices containing the required disclosures must be clearly legible, use sufficiently large type or, if audio, be of sufficiently loud volume, and be placed so as to be readily apparent to a wireless subscriber. Any such disclosures must be presented separately from any other authorizations in the document or oral presentation. If any portion of the notice is translated into another language, then all portions of the notice must be translated into the same language.


(B) 47 CFR § 64.3100(a)(4): The Commission adopted a rule that no person or entity may send commercial messages to wireless subscribers, with certain exceptions. Such an exception, under 47 CFR § 64.3100(a)(4), is that the address to which the message is sent or directed does not include a reference to a “domain name”4 that has been posted on the FCC’s wireless domain names list for a period of at least 30 days before that message was initiated, provided that the person or entity does not knowingly initiate a mobile service commercial message (MSCM).


To assist the senders of such messages in identifying wireless subscribers, the Commission has made available to the public a list of mailing domain names used for mobile service messaging (an example of such a domain name would be “@wirelesscompany.com”). Businesses or individuals that market by sending commercial electronic mail messages may take advantage of this exception by checking the publicly available list and avoid sending such messages to addresses associated with the domain names on the list.


(C) 47 CFR § 64.3100(f): Carriers are also required to file any updates to their listings with the Commission. Specifically 47 CFR § 64.3100(f) states:


Each CMRS provider is responsible for the continuing accuracy and completeness of information furnished for the FCC’s wireless domain names list. CMRS providers must:


(1) file any future updates to listings with the Commission not less than 30 days before issuing subscribers any new or modified domain name;


(2) remove any domain name that has not been issued to subscribers or is no longer in use within 6 months of placing it on the list or last date of use; and


(3) certify that any domain name placed on the FCC’s wireless domain names list is used for mobile service messaging.


The Commission is requesting an extension of this information collection in order to receive the full three-year OMB approval/clearance.

The statutory authority for this information collection is the CAN-SPAM Act of 2003, 15 U.S.C. § 7701 – 7713, Public Law No. 108-187, 117 Stat. 2719.


2. The information collection requirements apply only to senders of commercial electronic mail messages and CMRS providers. The Commission uses the data, i.e., the list(s) of domain names, which are supplied by these commercial electronic mail messaging services and CMRS providers, to allow these entities to avoid sending unwanted commercial electronic mail to wireless subscribers and to determine if these entities are violating the CAN-SPAM Act. Among other things, the data show:


(a) what domain names are associated with wireless subscriber addresses so that senders can avoid sending messages to such addresses; and


(b) that companies have secured the necessary authorization from any wireless subscriber to whom they wish to send commercial electronic mail.


If subscribers receive commercial electronic messages for which they have not provided express prior authorization, or if they believe the Commission’s CAN-SPAM rules have been otherwise violated, they can file an informal complaint with the Commission.


The collection of information may contain personally identifiable information on individuals (PII).


(a) As required by OMB Memorandum M-03-22 (September 26, 2003), the FCC completed a Privacy Impact Assessment (PIA) on June 28, 2007, that gives a full and complete explanation of how the FCC collects, stores, maintains, safeguards, and destroys the PII covered by these information collection requirements. The PIA may be viewed at http://www.fcc.gov/omd/privacyact/Privacy_Impact_Assessment.html.


(b) Furthermore, as required by the Privacy Act, 5 U.S.C. 552a, the Commission also published a system

of records notice (SORN),FCC/CGB-1 “Informal Complaints, Inquiries, and Request for Dispute

Assistance”, in the Federal Register on August 15, 2014 (79 FR 48152) which became effective on

September 24, 2014.


3. Because the FCC’s CAN-SPAM rules apply only to the transmission of electronic mail messages, most records continue to be kept electronically. The Commission’s wireless domain name list enables entities that market through electronic mail to:


(a) download the information so that they can use it in conjunction with their own databases of electronic mail addresses or to view it on a computer screen; and


(b) print or manually copy the entire list or applicable portions.


Senders access the list as often as they wish. CMRS providers submit their domain names to the Commission electronically.


4. The information collection requirements are not duplicative of any currently existing federal regulatory obligation.


5. There will not be a significant impact on a substantial number of small businesses/entities by this information being collected.

6. The CAN-SPAM Act directs the Commission to provide subscribers with the ability to avoid receiving unwanted mobile service commercial messages. Congress determined that such unwanted messages are costly, inconvenient, and often fraudulent or deceptive. The Commission determined that the statute’s mandate required it to adopt a prohibition on sending mobile service commercial messages without the subscriber’s authorization.


The CAN-SPAM Act requires the Commission to consider the technical ability for senders of such messages to know which messages will go to wireless devices. The Commission compared and evaluated alternatives to creating a wireless domain name list that can identify for these commercial senders the addresses of the mobile wireless services subscribers who do not wish to receive these messages, and in doing so, determined that the list best protects subscribers from unwanted electronic mail messages. The Commission concluded that the alternatives were more costly and/or ineffective for both businesses and consumers and that the wireless domain list was the best option. Without the domain name list collection, or if the collection were conducted less frequently, wireless subscribers would receive more unwanted commercial messages, defeating the purpose of the CAN-SPAM Act’s protections.


7. The Collection is not conducted in any manner that is inconsistent with the guidelines in 5 C.F.R. § 1320.


8. Pursuant to 5 CFR § 1320.8(d), the Commission published a notice in the Federal Register on February 22, 2022, published at 87 FR 9616 seeking public comment on the information collection requirements contained in this supporting statement. No comments were received from the public.


9. The Commission does not anticipate providing any payment or gift to any respondents.


10. Assurances of confidentiality are being provided to the respondents. The PIA that the FCC completed on June 28, 2007 gives a full and complete explanation of how the FCC collects stores, maintains, safeguards, and destroys the PII, as required by OMB regulations and the Privacy Act, 5 U.S.C. 552a. The PIA may be viewed at: http://www.fcc.gov/omd/privacyact/Privacy_Impact_Assessment.html.

11. This information collection does not raise any questions or issues of a sensitive nature.


  1. Extension Request. Estimates of the burden hours for the information collection are as follow(s):


  1. 47 CFR § 64.3100(d): The Commission previously adopted a rule that no person or entity may send commercial messages to wireless subscribers unless certain conditions are met, one of which is that the person or entity sending the message has obtained prior express authorization as defined in 47 CFR § 64.3100(d).


The Commission estimates that there are approximately 22,620,000 businesses in the United States. The Commission believes that, at most, one quarter of those businesses (5,655,000) send unwanted commercial electronic mail messages. Out of these 5,655,000 businesses, the Commission estimates that one tenth—565,500 businesses (respondents)—will comply with these rules by obtaining authorizations before adding that electronic mail address to their existing marketing list of authorized recipients.


This process will be done “on occasion” and requires approximately 1 hour for the 565,500 respondents obtaining the authorization.


Annual Number of Respondents: 565,500 businesses


Annual Number of Responses: 565,500 authorizations for commercial electronic mail messages


Annual Burden Hours:

565,500 respondents x 1 authorization/respondent x 1 hour/authorization = 565,500 hours


Annual In-House Cost: The Commission assumes that respondents use “in house” personnel to obtain authorization whose pay is comparable to a federal GS-3, Step 5 level employee. Thus, the Commission estimates respondents’ cost to be about $17.68 per hour to comply with the requirements:


565,500 respondents x 1 authorization/respondent x 1 hour/authorization x $17.68/hr = $9,998,040


  1. 47 CFR § 64.3100 (a)(4): The Commission previously adopted a rule that no person or entity may send commercial messages to wireless subscribers unless certain conditions are met, one of which is that “the address to which that message is sent or directed does not include a reference to a domain name that has been posted on the FCC’s wireless domain names list for a period of at least 30 days before that message was initiated, provided that the person or entity does not knowingly initiate a mobile service commercial message.”


The Commission estimated that there are approximately 22,620,000 businesses in the United States. The Commission believes that, at most, one quarter of those businesses (5,655,000) send unwanted commercial electronic mail messages. Out of the 5,655,000 businesses, the Commission estimates that one quarter – 1,413,750 businesses (respondents) -- will comply with these rules by consulting the FCC’s public list of wireless mailing domain names to purge their marketing lists. The Commission believes that 5 percent (70,688) of these 1,413,750 respondents will hire outside consultants to do so, so that only 1,343,062 will consult the list themselves:


This process will be done “on occasion” and will require approximately .5 hours annually for the 1,343,062 respondents to check periodically the wireless domain name list.


Annual Number of Respondents: 1,343,062 businesses


Annual Number of Responses: 1,343,062 Domain Name List


Annual Burden Hours:

1,343,062 respondents x 1 domain name list check/respondent x .5 hours/list check/respondent = 671,531 hours


Annual In House Cost: The Commission assumes that respondents use “in house” personnel to check periodically the wireless domain name list, whose pay is comparable to a federal GS-3, Step 5 level employee. Thus, the Commission estimates respondents’ cost to be about $17.68 per hour to comply with the requirements:


1,343,062 respondents x 1 domain name list check/respondent x .5 hours/list check/respondent x $17.68 = $11,872,668.10


(c) 47 CFR § 64.3100(f): CMRS providers are responsible for the continuing accuracy and

completeness of information furnished for the FCC’s wireless domain names list. The Commission has re-estimated its existing burdens for this the information collection requirements contained under 47 CFR § 64.3100(f) and determined, based on actual experience, that, despite increased in-house labor costs, burdens on CMRS providers to submit domain names for the domain name data base have decreased because the number of domain names submitted annually is lower than previously estimated. The re-evaluated estimates of the hour burden for the collection of information are as follows:


The Commission estimates that there will be approximately 10 wireless carriers (respondents) at most that will supply mailing domain names to the Commission, which will take approximately .5 hours per respondent.


Annual Number of Respondents: 10 Wireless Carriers


Annual Number of Responses: 10 Mailing Domain Name List Requirements


Annual Burden Hours:

10 respondents x 1 mailing requirement/respondent x .5 hours to supply mailing domain names/respondent = 5 hours


Annual “In House Cost”: The Commission assumes that respondents use “in house” personnel to obtain authorization whose pay is comparable to a federal GS-3, Step 5 level employee. Thus, the Commission estimates respondents’ cost to be about $17.68 per hour to comply with the requirements:


10 respondents x 1 mailing requirement/respondent x .5 hours to supply mailing domain names/respondent x $17.68 = $88.40


Total Number of Annual Respondents:

565,500 businesses + 1,343,062 businesses + 10 carriers = 1,908,572 businesses/carriers (respondents)


Total Number of Annual Responses:

565,500 authorizations + 1,343,062 domain list checks + 10 mailing requirements = 1,908,572


Total Annual Burden Hours:

565,500 hours + 671,531 hours + 5 hours = 1,237,036 hours


Total In-House Costs:

$9,998,040 + $11,872,668.10 + $88.40 = $21,870,796.50


13. The potential cost to senders of commercial mail messages of complying with these rules may depend on whether they hire a third party to set up a system to remove the electronic mail addresses on their own marketing lists which contain those domain names on the wireless domain name list. It is unclear how many senders may hire third parties to check their marketing lists to make sure they do not contain such wireless domain names unless permission has been obtained. However, the Commission estimates that approximately 5 percent (0.05) of senders may hire a third party to perform this function. Thus, the following represents the Commission’s estimate of the annual cost burden to respondents or record keepers resulting from all the foregoing collections of information.


(a) Total annualized capital/start-up costs, calculated as follows: $0


(b) Total annual costs (maintenance and operation), calculated as follows:


70,688 senders (5% of 1,413,750) x 1 list check/respondent x $17.68/hour x .5 hours/list check = $624,882


(c) Total annualized cost requested: $624,882


14. The FCC administers the wireless domain name list “in house” (using Commission staff):


(a) the Commission will use technical support staff at the GS-13, Step 5 level, to post the domain name list to the FCC website, and we estimate the time to process each carrier domain name list to be approximately 15 minutes (0.25 hours); and


(b) the Commission will use staff attorneys at the GS-14, Step 5 level, to write the rulemakings that may be necessary to keep its CAN-SPAM rules current with revisions to the FTC’s CAN-SPAM rules and any changes in technology used in sending commercial messages to wireless devices. The Commission estimates the time to write each Order to be approximately 40 hours.


On average, the Commission estimates that CMRS providers will send the FCC their domain list postings approximately 1 time a year, thus:


10 domain name lists x 0.25 hours/posting x $58.01/hour = $145.03

1 rulemakings x 40 hours/rulemaking x $68.55/hour = $2,742

Total Cost to the Federal Government: $2,887.03


15. There are adjustments of $44,887 to the annual cost for this collection. There are no program changes to this information collection.


16. There are no plans to publish the result of the collection of information.


17. The Commission does not intend to seek approval not to display the expiration date for OMB approval of this information.


18. There are no exceptions to the Certification Statement.


B. Collections of Information Employing Statistical Methods.


The Commission does not anticipate that the collection of information will employ statistical methods.

1 A “commercial electronic mail message” means the term as defined in the CAN-SPAM Act, 15 U.S.C. § 7702. The term is defined as “an electronic message for which the primary purpose is commercial advertisement or promotion of a commercial product of service (including content on an Internet website operated for a commercial purpose).” The term “commercial electronic mail message” does not include a transactional or relationship message. See 47 C.F.R. § 64.3100(c)(2).


2 “Mobile Service Commercial Message” means a commercial electronic mail message that is transmitted directly to a wireless device that is utilized by a subscriber of a commercial mobile service (as such term is defined in section 332(d) of the Communications Act of 1934 (47 U.S.C. 332(d))) in connection with such service. A commercial message is presumed to be a mobile service commercial message if it is sent or directed to any address containing a reference, whether or not displayed, to an Internet domain listed on the FCC’s wireless domain names list. See 47 C.F.R. 64.3100(c)(7).

3 The Commission notes that it has required, under 47 CFR § 64.3100(b), that any person or entity initiating any mobile service commercial message must: (1) Include a functioning return electronic mail address or other Internet-based mechanism that is clearly and conspicuously displayed for the purpose of receiving requests to cease the initiating of mobile service commercial messages and/or commercial electronic mail messages; (2) Provide to a recipient who electronically grants express prior authorization to send commercial electronic mail messages with a functioning option and clear and conspicuous instructions to reject further messages by the same electronic means that was used to obtain authorization; and (3) Identify themselves in the message in a form that will allow a subscriber to reasonably determine that the sender is the authorized entity.

4 Under 47 CFR § 64.3100(c)(3), a domain name means any alphanumeric designation which is registered with or assigned by any domain name registrar, domain name registry, or other domain name registration authority as part of an electronic address on the Internet.

10


File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
File Title3060-0519
Authoremcmahon
File Modified0000-00-00
File Created2022-05-06

© 2024 OMB.report | Privacy Policy