[Federal Register Volume 69, Number 179 (Thursday, September 16, 2004)]
[Rules and Regulations]
[Pages 55765-55780]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 04-20901]


=======================================================================
-----------------------------------------------------------------------

FEDERAL COMMUNICATIONS COMMISSION

47 CFR Part 64

[CG Docket Nos. 04-53 and 02-278; FCC 04-194]


Rules and Regulations Implementing the Controlling the Assault of 
Non-Solicited Pornography and Marketing Act of 2003; Rules and 
Regulations Implementing the Telephone Consumer Protection Act of 1991

AGENCY: Federal Communications Commission.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: In this document, the Commission adopts rules to implement 
those aspects of the Controlling the Assault of the Non-Solicited 
Pornography and Marketing Act of 2003 (CAN SPAM Act) directed to the 
Federal Communications Commission (FCC or Commission). Also, in this 
document, the Commission adopts a general prohibition on sending 
commercial messages to any address referencing an Internet domain name 
associated with wireless subscriber messaging services. Furthermore, 
the Commission clarifies the delineation between these new rules 
implementing the CAN SPAM Act and our existing rules concerning 
messages sent to wireless telephone numbers under the Telephone 
Consumer Protection Act (TCPA).

DATES: Effective October 18, 2004 except Sec.  64.3100(a)(4), (d), (e) 
and (f) of the Commission's rules, which contain information collection 
requirements under the Paperwork Reduction Act (PRA) that are not 
effective until approved by Office of Management and Budget (OMB). 
Written comments by the public on the new and modified information 
collections are due November 15, 2004. The Commission will publish a 
document in the Federal Register announcing the effective date for 
these rules.

ADDRESSES: Federal Communications Commission, 445 12th Street, SW., 
Washington, DC 20554. In addition to filing comments with the 
Secretary, a copy of any comments on the

[[Page 55766]]

Paperwork Reduction Act (PRA) information collection requirements 
contained herein should be submitted to Judith B. Herman, Federal 
Communications Commission, Room 1-C804, 445 12th Street, SW., 
Washington, DC 20554, or via the Internet to [email protected], 
and to Kristy L. LaLonde, OMB Desk Officer, Room 10234 NEOB, 725 17th 
Street, NW., Washington, DC 20503, via the Internet to [email protected], or via fax at (202) 395-5167.

FOR FURTHER INFORMATION CONTACT: Ruth Yodaiken, of the Consumer & 
Governmental Affairs Bureau at (202) 418-7928 (voice), or e-mail 
[email protected]. For additional information concerning the PRA 
information collection requirements contained in this document, contact 
Judith B. Herman at (202) 418-0214, or via the Internet at [email protected].

SUPPLEMENTARY INFORMATION: This Order contains new or modified 
information collection requirements subject to the PRA of 1995, Public 
Law 104-13. These will be submitted to the Office of Management and 
Budget (OMB) for review under section 3507(d) of the PRA. OMB, the 
general public, and other Federal agencies are invited to comment on 
the new or modified information collection requirements contained in 
this proceeding. The Order addresses issues arising from Rules and 
Regulations Implementing the Controlling the Assault of Non-Solicited 
Pornography and Marketing Act of 2003; Rules and Regulations 
Implementing the Telephone Consumer Protection Act of 1991 Notice of 
Proposed Rulemaking (NPRM), CG Docket Nos. 02-278 and 04-53; FCC 04-52. 
Copies of any subsequently filed documents in this matter will be 
available for public inspection and copying during regular business 
hours at the FCC Reference Information Center, Portals II, 445 12th 
Street, SW., Room CY-A257, Washington, DC 20554. The complete text of 
this decision may be purchased from the Commission's duplicating 
contractor, Best Copy and Printing, Inc. (BCPI), Portals II, 445 12th 
Street, SW., Room CY-B402, Washington, DC 20554. Customers may contact 
BCPI, Inc. at their web site: www.bcpiweb.com or call 1-800-378-3160. 
To request materials in accessible formats for people with disabilities 
(Braille, large print, electronic files, audio format), send an e-mail 
to [email protected] or call the Consumer & Governmental Affairs Bureau at 
(202) 418-0530 (voice) or (202) 418-0432 (TTY). This Order can also be 
downloaded in Word and Portable Document Format (PDF) at: http://www.fcc.gov/cgb/pol.

Paperwork Reduction Act of 1995 Analysis

    This Order contains new or modified information collection 
requirements. The Commission, as part of its continuing effort to 
reduce paperwork burdens, invites the general public to comment on the 
information collection requirements contained in the Order as required 
by the Paperwork Reduction Act (PRA) of 1995, Public Law 104-13. Public 
and agency comments are due November 15, 2004. In addition, the 
Commission notes that pursuant to the Small Business Paperwork Relief 
Act of 2002, Public Law 107-198, see 44 U.S.C. 3506(c)(4), we 
previously sought specific comment on how the commission might 
``further reduce the information collection burden for small business 
concerns with fewer than 25 employees.'' In the present document we 
have assessed the effects of adopting these rules, and find that there 
may be an administrative burden on businesses with fewer than 25 
employees. However, since this action is consistent with our mandate 
from Congress under the Controlling the Assault of Non-Solicited 
Pornography and Marketing Act of 2003, we believe small businesses will 
also benefit from this requirement in that they too will receive less 
unwanted commercial messages. In addition, the rules allow entities and 
persons a variety of ways to obtain express prior authorization to send 
such messages, which should substantially alleviate any burdens imposed 
on all businesses, including those with fewer than 25 employees.

Synopsis

    In this Order, the Commission adopts rules to implement those 
aspects of the Controlling the Assault of Non-Solicited Pornography and 
Marketing Act of 2003 (CAN SPAM Act) directed to the Federal 
Communications Commission (FCC or Commission). The CAN SPAM Act directs 
the Commission to issue regulations to protect consumers from 
``unwanted mobile service commercial messages.'' Thus, we adopt a 
general prohibition on sending commercial messages to any address 
referencing an Internet domain name associated with wireless subscriber 
messaging services. To assist the senders of such messages in 
identifying those subscribers, we require that commercial mobile radio 
service (CMRS) providers submit those domain names to the Commission, 
for inclusion in a list that will be made publicly available. We also 
clarify the delineation between these new rules implementing the CAN 
SPAM Act, and our existing rules concerning messages sent to wireless 
telephone numbers under the Telephone Consumer Protection Act (TCPA).

Discussion

A. Mobile Service Commercial Message (MSCM)

    Section 14 (b)(1) of the CAN SPAM Act requires that the Commission 
adopt rules to provide subscribers with the ability to avoid receiving 
a ``mobile service commercial message'' unless the subscriber has 
expressly authorized such messages beforehand. An MSCM is defined in 
the CAN SPAM Act as a ``commercial electronic mail message that is 
transmitted directly to a wireless device that is utilized by a 
subscriber of commercial mobile service'' as defined in 47 U.S.C. 
332(d) ``in connection with that service.'' The CAN SPAM Act defines an 
electronic mail message as a message having a unique electronic mail 
address that includes ``a reference to an Internet domain.''
    In the CAN SPAM NPRM, we asked whether it was appropriate to find 
that only commercial electronic mail messages transmitted directly to a 
wireless device used by a CMRS subscriber would fall within the 
definition of MSCMs under the CAN SPAM Act. We sought comment on 
whether the statutory language would be satisfied by our proposed 
interpretation that an MSCM is a message transmitted to an electronic 
mail address provided by a CMRS provider for delivery to the addressee 
subscriber's wireless device. We asked for comment on whether an MSCM 
must be limited to a message sent to a wireless device used by a 
subscriber of CMRS ``in connection with that service.''
    Few commenters directly addressed the scope of MSCMs, aside from 
references to forwarding, SMS, and similar technology discussed below. 
We agree with Dobson that the definition of MSCM should be limited to 
messages sent to addresses referencing domain names assigned by each 
CMRS carrier for mobile service message (MSM) service. This is 
consistent with the intent of the CAN SPAM Act in that section 14 of 
the CAN SPAM Act governs only those messages that are mobile services 
messages. We therefore adopt a definition of MSCM that is limited to a 
message transmitted to an electronic mail address provided by a CMRS 
provider for delivery to the subscriber's wireless device. Our 
definition of MSCM only applies to

[[Page 55767]]

those CMRS mail addresses designated by carriers specifically for 
mobile service messaging. For example, if a wireless carrier offered 
general electronic mail service not designed specifically for mobile 
devices, such service would not be covered by section 14 of the CAN 
SPAM Act. Forwarded messages. We sought comment on our tentative 
conclusion that messages ``forwarded'' by a subscriber to his or her 
own wireless device are not covered under section 14 of the CAN SPAM 
Act. Commenters agree with the Commission that section 14 of the CAN 
SPAM Act is not meant to cover forwarding in general. The Consumers 
Union warned the Commission not to allow the exclusion of ``forwarded'' 
messages to become a loophole for marketers who encourage others to 
forward messages to their friends and associates. We agree that the 
rules should exclude those messages forwarded by the subscriber's 
actions to forward messages to his or her own wireless device. However, 
a person who receives consideration or inducement to forward a 
commercial message to a wireless device other than his or her own 
device would be subject to the rules implementing section 14 of the CAN 
SPAM Act. In addition, VeriSign notes that some technologies being 
explored would allow for differentiation of forwarded mail from other 
mail. We do not rule out revisiting this issue in the future if such 
technology becomes widely available.
    SMS Messages: In the NPRM, we asked for comment on whether the 
definition of an MSCM should include messages using different 
technologies, including Internet-to-phone SMS. We noted that the TCPA 
and Commission's rules that specifically prohibit using automatic 
telephone dialing systems to call wireless numbers already apply to any 
type of call, including both voice and text calls. We also noted in the 
NPRM that the legislative history of The CAN SPAM Act suggests section 
14, in conjunction with the TCPA, was intended to address wireless text 
messaging. We proposed that Internet-to-phone SMS calls, which include 
addresses that reference Internet domains, should be considered MSCMs 
and should be addressed under section 14 of the CAN SPAM Act.
    Commenters in general agree with our proposal that Internet-to-
phone SMS calls should be covered by section 14 of the CAN SPAM Act. 
National Association of Attorneys General (NAAG) and other commenters 
argue that the FCC should also address all SMS, whether Internet-to-
phone or phone-to-phone SMS service. Several commenters raise the issue 
of whether MSCMs should include all types of message services, 
including those transmitting images, audio messages and those using 
short codes.
    We conclude that the definition of MSCM under the CAN SPAM Act 
includes any commercial electronic mail message as long as the address 
to which it is sent or transmitted includes a reference to the Internet 
and is for a wireless device as discussed above. This holds true 
regardless of the format of the message, such as audio messages. We 
believe this interpretation best applies the statutory language to the 
evolving technology for delivering such messages. Therefore, messages 
sent using Internet-to-phone SMS technology are among messages covered 
by section 14 of the CAN SPAM Act when they include an Internet 
reference in the address to which the message is sent or delivered.
    We find, however, that the CAN SPAM Act does not apply to those 
technologies that use other types of addresses or numbers to send or 
deliver messages to wireless devices. For example, as discussed above, 
we agree with those commenters who maintain that phone-to-phone SMS is 
not captured by section 14 of the CAN SPAM Act because such messages do 
not have references to Internet domains. However, we note that while 
section 14 of the CAN SPAM Act is limited in scope to messages sent or 
transmitted to addresses that have references to Internet domains, the 
TCPA provides separate protections for calls made to wireless telephone 
numbers (without such references). And, as we explained in the NPRM and 
a previous Commission Order, the TCPA prohibition on using automatic 
telephone dialing systems to make calls to wireless phone numbers 
applies to text messages (e.g., phone-to-phone SMS), as well as voice 
calls. We clarify here that this prohibition applies to all autodialed 
calls made to wireless numbers, including audio and visual services, 
regardless of the format of the message.

B. Avoiding Unwanted MSCMs

    As a preliminary matter, we noted in the NPRM that one possible 
interpretation of section 14 of the CAN SPAM Act is that it was 
intended to prohibit senders of commercial electronic mail from sending 
any MSCMs unless they first obtain express authorization from the 
recipient. This reading would allow a subscriber to avoid all MSCMs 
unless the subscriber acts affirmatively to give express prior 
authorization to receive messages from individual senders. Another 
interpretation of this provision is that Congress intended the 
subscriber to take affirmative steps to avoid receiving MSCMs by 
indicating his or her desire not to receive such messages.
    Most commenters argue that Congress intended section 14 of the CAN 
SPAM Act to be a flat prohibition on sending MSCMs unless authorized by 
a given subscriber, and that such a prohibition is, in fact, necessary 
to protect subscribers. NAAG indicates that wireless devices are often 
used not for receiving commercial messages, but rather as security and 
safety devices--for emergencies and to communicate with family members. 
NAAG contends that Congress intended to craft a flat prohibition unless 
the consumer first consented to receive the messages, and that any rule 
treating inaction by the consumer as consent to receive any commercial 
messages would conflict with Congressional intent. The Direct Marketing 
Association (DMA) argues that the prohibition should apply only to 
messages for which the recipient must pay. The National Association of 
Realtors (NAR) contends that a general prohibition without certain 
exceptions would harm small businesses.
    We conclude that wireless subscribers would be best protected by a 
flat prohibition on sending MSCMs unless express prior authorization 
has been obtained from the subscriber. We agree that wireless devices 
are not ones on which subscribers would expect to receive commercial 
messages. We agree that it is the intrusive nature of such messages, in 
addition to the costs to receive them, which necessitates our adopting 
a ban unless the consumer has taken some action to invite them. We 
believe that NAR's concerns about the burden on small businesses are 
addressed by the exemption for express prior authorization, discussed 
below.
    Verizon Wireless argues that a prohibition without an exemption for 
wireless providers would violate the First Amendment. We disagree. A 
flat prohibition here satisfies the criteria set forth in Central 
Hudson Gas & Elec. v. Pub. Serv. Comm. of N.Y., in which the Supreme 
Court established the applicable analytical framework for determining 
the constitutionality of a regulation of commercial speech. Under the 
framework established in Central Hudson, a regulation of commercial 
speech will be found compatible with the First Amendment if (1) there 
is a substantial government interest; (2) the regulation directly 
advances the substantial government interest; and (3) the proposed 
regulations are not more extensive than necessary to serve that 
interest.

[[Page 55768]]

    Under the first prong, we find that there is a substantial 
governmental interest in protecting privacy. Congress found that 
``there is a substantial government interest in regulation of 
commercial electronic mail on a nationwide basis.'' Specifically, 
Congress found that (1) electronic mail has become an extremely 
important and popular means of communication, (2) that the convenience 
and efficiency of electronic mail are threatened by the high volume of 
unsolicited commercial electronic mail, (3) that the receipt of 
unsolicited commercial electronic mail may result in costs for storage 
and/or time spent accessing, reviewing, and discarding such mail, and 
(4) that the growth in such electronic mail imposes significant 
monetary costs on providers of Internet access services, businesses, 
and educational and nonprofit institutions. NAAG notes that in addition 
to being intrusive in general, unwanted calls to wireless devices use 
battery power and interfere with a consumer's ability to use devices 
during emergencies.
    We find that the rules we adopt today will advance those interests, 
and do so with regulations that are no more extensive than necessary. 
Under the second prong, the method we adopt directly advances the 
government's interest by alerting senders to the electronic mail 
addresses that are associated with mobile services and prohibiting the 
sending of such messages to wireless devices. Under the third prong, we 
have reviewed other possible options and we believe the method we adopt 
today, tailored to affect only those addresses associated with mobile 
service, is no more extensive than necessary. In addition, senders of 
such messages may continue to contact recipients that have provided 
express prior authorization to do so. Our conclusion is also consistent 
with Court of Appeals decisions regarding First Amendment challenges to 
the TCPA. We conclude we have the authority and a mandate to adopt 
measures to protect the public from such messages. We believe that a 
prohibition, combined with a domain name list as discussed below, is 
the most effective method, but it is no more extensive than necessary, 
to accomplish that end.
1. List of Wireless Domain Names
    In the NPRM we noted that a key problem with regulating MSCMs, as 
opposed to messages sent to other devices such as desktop computers, is 
the current difficulty senders have in recognizing electronic mail 
addresses associated with wireless service and devices. Our task, 
therefore, differs substantially from that of the FTC's efforts to 
implement the CAN SPAM Act. We note that should the FTC or Congress 
take significant action to change the landscape of commercial 
electronic mail messaging, such as requiring labeling of all commercial 
electronic mail, the Commission may revisit the options discussed 
below.
    We sought comment on several proposals to enable senders to 
recognize which addresses were associated with wireless devices. These 
included developing a list of domain names, requiring carriers to use 
standard subdomain names, requiring a registry of individual electronic 
mail addresses, incorporating challenge-response technology, and 
otherwise maximizing use of filters.
    We believe that creating a list of Internet domain names associated 
with CMRS subscribers and prohibiting the sending of commercial 
messages to addresses using those domain names is the best option at 
this time to allow subscribers to avoid unwanted MSCMs. We believe that 
if senders are able to identify wireless subscribers by domain name, 
consumers and carriers alike will benefit. The record reveals that it 
is already industry practice for CMRS providers to use certain 
subdomains exclusively to serve their MSM subscribers and that these 
subdomains distinguish such customers from other customers. Therefore 
the burden on wireless providers, even small wireless providers, to 
supply such names for a directory would be minimal. In addition, we 
agree with those commenters who indicate that making available to 
senders of MSCMs a list of the domains used by wireless subscribers is 
the most efficient option to assist senders in complying with the 
rules.
    Senders will need to check the list on a regular basis to avoid 
sending MSCMs to the domain names on the list. We believe that, due to 
the estimated small size of the list and the evidence that the list is 
anticipated to remain relatively static; the list is the option that 
imposes a burden that is no more extensive than necessary for senders 
as well. Furthermore, such a registry places no burdens on subscribers 
who wish to avoid unwanted MSCMs and it does not collect personal 
information about those subscribers. Subscribers need not change their 
electronic mail addresses or take any further action to avail 
themselves of the protections under section 14 of the CAN SPAM Act. 
Thus, despite the concerns of some commenters regarding other proposals 
in the NPRM, under this system wireless subscribers will not have to 
change addresses, and incur associated advertising and administrative 
costs, if they wish to avoid commercial electronic mail.
    T-Mobile urges the Commission not to require wireless service 
providers to provide domain names for a domain name list. T-Mobile 
argues instead that a voluntary list would afford each provider the 
ability to choose whether to publicize its domain name. However, we 
note that many of these domain names are already widely known or 
publicly available. Congress has directed us to give all wireless 
consumers the ability to avoid unwanted MSCMs, and we have no authority 
to limit such protections to subscribers of those carriers that elect 
to submit a domain name to the list. Therefore, we decline to make the 
submission of domain names to the list voluntary for wireless 
providers.
    Therefore, we require all CMRS carriers, including small carriers, 
to file with the Commission the names of all electronic mail domain 
names used to offer subscribers messaging specifically for mobile 
devices. Once we have obtained approval from the Office of Management 
and Budget (OMB) for information collections associated with these 
rules, the Commission will issue a separate public notice in this 
docket outlining the process for submitting this information and the 
timeframe for doing so. Carriers will also be required to file any 
updates to their listings with the Commission not less than 30 days 
before issuing subscribers a new or modified domain name. Carriers are 
encouraged to file updated information further in advance. In addition, 
to ensure the continued accuracy of the list, carriers must remove any 
domain name that has not been issued to subscribers or is no longer in 
use within 6 months of placing it on the list or last date of use.
    We will make the official list of domain names available to the 
public from the FCC's website, in a similar fashion to the list of 
Section 255 Service Provider contacts. The list will be updated 
regularly. The Commission will issue a second public notice announcing 
the date on which senders of commercial electronic mail will have 
access to the domain name list from the Commission's website. Senders 
will then have an additional 30 days from the date the list becomes 
publicly available to comply with the rules to avoid sending MSCMs to 
wireless subscribers absent their express prior authorization.
    As discussed above, to make such a list effective, we also adopt 
rules to prohibit the sending of any commercial

[[Page 55769]]

message to an address that references a domain name on the Commission's 
domain name list, unless the sender has received the express prior 
authorization of the person or entity to which the message is sent or 
delivered. This prohibition only applies to ``commercial'' messages, as 
defined in the CAN SPAM Act, and as interpreted by the FTC. We note 
that in promulgating the rules we adopt today, we have incorporated 
portions of the CAN SPAM Act directly.
    Persons initiating commercial messages would be expected to check 
the domain name list to ensure that they are not sending MSCMs without 
express prior authorization. While we will not require any person or 
entity to provide proof of when they consulted the domain name list, 
any person or entity may use as a ``safe harbor'' defense proof that a 
specific domain name was not on the list more than 30 days before the 
offending message was initiated. This ``safe harbor'' defense shall not 
excuse any willful violation of the ban on sending unwanted messages to 
wireless subscribers. Any person or entity will be considered in 
violation of the prohibition if the message is initiated knowingly to a 
subscriber of MSM service, even if it is sent within 30 days of the 
domain name appearing on the list. This prohibition applies to the 
entity on whose behalf the message is sent and to any other entity that 
knowingly transmits an MSCM without consulting the domain name list.
2. Other Proposals
    Standard subdomain names. We decline at this time to require CMRS 
providers to adopt a standard subdomain name for wireless devices. In 
the NPRM we sought comment on two related proposals. First, we sought 
comment on whether it would be possible and useful to require the use 
of specific top-level and second-level domains, which form the last two 
portions of the Internet domain address. No commenter specifically 
addressed our proposal. Second, we sought comment on whether we should 
require one portion of the domain to follow a standard naming 
convention to be used for all MSM service. As we noted in the NPRM, 
unless we required use of a limited top-level domain, we have no way to 
prevent entities that do not provide MSM service from adopting such 
names. In addition, any ban associated with such a subdomain outside a 
limited top-level domain, could inadvertently ban commercial messages 
for any entities that happened to already have such subdomains. Thus, 
the sender would not be able to distinguish between those addresses 
which were truly used for wireless messaging, and other addresses.
    Cingular, Nextel, VeriSign and Verizon Wireless caution the 
Commission against requiring subdomain naming standards. They note this 
would be costly for subscribers, especially small businesses, who could 
have large administrative costs to change their advertising and 
business materials to reflect a new address. Cingular states that a 
subdomain naming standard would also force carriers to absorb 
considerable costs. Carriers argue also that any cost to protect 
wireless subscribers from unwanted commercial mail should fall instead 
to the senders of such mail. While we agree with NAAG and National 
Automobile Dealers Association (NADA) that a standard subdomain name 
would be simpler for senders, we believe it would be more burdensome 
for carriers, especially small businesses, to implement than a domain 
name list. In addition, we agree that, consistent with the intent of 
the CAN SPAM Act, subscribers should not have to bear additional costs, 
such as the administrative costs mentioned, in Order to avoid unwanted 
MSCMs. Thus, we decline to adopt this option at this time.
    Registry of Individual E-mail Addresses. We also decline to 
establish a limited national registry containing individual electronic 
mail addresses, similar to the national ``do-not-call'' registry. In 
the NPRM, we noted that the FTC is tasked with reviewing whether a 
nationwide marketing ``Do-Not-E-Mail'' registry might offer protection 
for those consumers who opt to place their electronic mail addresses on 
such a registry. In June, the FTC released its report to Congress 
recommending against adopting a national do-not-e-mail registry at this 
time. The FTC noted that there is no directory of valid individual 
addresses and, therefore, creating a registry of individual addresses 
would create ``a gold mine'' for marketers, both legitimate and 
illegal. The report stated that existing security measures are 
currently inadequate to protect such a registry. In addition, the 
report noted that there were practical concerns with the large number 
of anticipated addresses.
    Commenters generally oppose the establishment of a registry of 
individual subscriber addresses, even if it is limited to MSM 
subscribers. They contend that such a registry would not be secure, 
could enable spammers to send more unwanted electronic mail messages, 
and that the security risk would threaten consumer privacy interests. 
Commenters also maintain that such a registry would be burdensome for 
consumers and for senders, that there would be huge operational 
problems with setting up such a registry, that it would be ineffective, 
and that it would be costly to train senders to use it properly. The 
DMA submitted a detailed study demonstrating what it believes are 
significant problems with the security, practicality, and technical 
feasibility of such a registry. Only a few commenters argue that a 
registry of electronic mail addresses would be useful, with little or 
no support for their conclusions, and one commenter saying it would be 
beneficial if combined with other anti-spam measures.
    Upon careful consideration of the costs and benefits of creating a 
national wireless do-not-e-mail registry of individual electronic mail 
addresses, we believe that the disadvantages of such a system described 
in the record outweigh any possible advantages at this time. A national 
registry containing individual electronic mail addresses would involve 
significant resources and cost to set up and administer. Because a 
registry of individual addresses may potentially contain millions of 
records, it could also be burdensome for senders of MSCMs, including 
small businesses, to regularly access, download, and use the registry 
to check against targeted addresses. It would be less burdensome to do 
the same with a much smaller list of mobile service domain names. Even 
if the resources were devoted to establishing such a registry, 
commenters describe serious concerns about a registry becoming a target 
for unscrupulous marketers who would target electronic mail addresses 
on the list. As noted by the DMA, other commenters, and by the FTC in a 
Report to Congress, because such a list would be considered valuable to 
such marketers, there is a significant risk that such individuals might 
be motivated to try to obtain the list specifically for the purpose of 
sending unsolicited messages to those addresses. The record also 
reveals that at this time such a registry would not be as effective as 
one containing only domain names. Commenters note that the annual rate 
for electronic mail address turnover is high'as much as 32 percent per 
annum. As the FTC noted, unlike the do-not-call registry, which uses 
phone databases to purge the list of disconnected phone numbers, there 
is no database for abandoned electronic mail addresses. Thus, any 
database containing such addresses would continually expand, and 
include valid and unused addresses. For all of these

[[Page 55770]]

reasons, we decline to adopt a registry of individual electronic mail 
addresses of wireless subscribers at this time.
    Additional Mechanisms and CMRS Providers' Roles. There was little 
consensus on what other technical solutions should be required. Because 
the rules we adopt today address the statutory requirements for 
protecting consumers from unwanted messages to mobile devices, we 
decline to require other specific technical solutions such as the 
challenge-response mechanisms or technological solutions related to 
filtering as discussed in the NPRM. The Members of the U.S. House 
Representatives who commented in the proceeding urge the Commission to 
make things simple for users. We believe the domain name list does so.
    We believe that it is the industry itself that can help give 
consumers additional protections and abilities to avoid unwanted 
electronic mail from sources other than legitimate businesses. Wireless 
and technology providers contend the Commission should not regulate in 
detail the wireless providers' efforts to combat unwanted messages. 
Those providers who commented in this proceeding note that they are 
aggressively working to stop unwanted messages. We applaud them for 
those efforts and do not want to interfere with this area of evolving 
technologies and market forces. We agree that at this time it is not 
necessary for the Commission to become involved in mandating detailed 
technical solutions. However, we strongly encourage providers to 
provide subscribers with additional reasonably effective methods to 
avoid receiving unauthorized MSCMs. We believe service providers should 
determine for themselves appropriate solutions to employ and offer, and 
we expect all providers to offer subscribers protections against 
unwanted messages. We will continue to monitor the effectiveness of our 
rules and the efforts of wireless providers to protect wireless 
subscribers from MSCMs and may revisit this issue at a later date to 
ensure that subscribers are afforded sufficient safeguards from all 
unwanted commercial messages.

C. Express Prior Authorization

    Congress directed the FCC to adopt rules to provide consumers with 
the ability to avoid receiving MSCMs, unless the subscriber has 
provided express prior authorization to the sender. We sought comment 
on the form and content that such ``express prior authorization'' 
should take. Specifically, we sought comment on whether senders should 
be required to obtain a subscriber's express authorization in writing, 
and how any such requirement could be met electronically. We also asked 
if senders should be required to provide a notice to recipients about 
the possibility that costs could be incurred in receiving any such 
messages. We asked whether the term ``affirmative consent'' in The CAN 
SPAM Act would be suited to use in defining ``express prior 
authorization.''
    Commenters were generally split on whether the Commission should 
require senders to obtain express authorization from subscribers in 
writing. Wireless providers generally oppose any written authorization 
requirement, while consumers' groups contend that authorization should 
be obtained in writing, along with a signature. Wireless providers 
instead argue that senders should be allowed flexibility to obtain 
authorization via the Internet, orally over the telephone, or through 
messages sent to the subscriber's wireless device. Some suggest that 
consent forms requiring a signature would be impractical and hinder 
communications between sellers and consumers. NAAG, on the other hand, 
contends that the rules should be modeled after the Commission's ``do-
not-call'' provisions, where express authorization must be evidenced 
only with a signed, written agreement between the consumer and seller 
which states that the consumer agrees to be contacted by the seller and 
includes the telephone number to which calls may be placed. Electronic 
Privacy Information Center (EPIC) warns that authorization not provided 
in writing may result in some senders falsely claiming they had the 
recipient's authorization to send MSCMs. EPIC adds that any 
authorization notice to the subscriber should be clear and conspicuous 
and written in plain language for the subscriber.
    As mandated by the CAN SPAM Act, we require any sender of MSCMs to 
obtain the express authorization of the recipient prior to sending any 
MSCMs to that subscriber. We agree with those commenters that contend 
that ``affirmative consent'' as defined in the CAN SPAM Act is not 
suited to defining ``express prior authorization'' because protections 
for wireless subscribers are meant to be more stringent. Given the 
intent of Congress to afford greater protections from spam to wireless 
subscribers than to consumers generally, we believe that the burden 
must rest with the sender of MSCMs to obtain authorization from any 
subscriber prior to sending any MSCMs. Senders must also do so in a 
manner that best protects subscribers' privacy interests. However, we 
decline to require senders to obtain a subscriber's authorization in 
writing.
    We will permit senders to obtain authorization by oral or written 
means, including electronic methods. A sender may obtain the 
subscriber's express prior authorization to transmit MSCMs to that 
subscriber in writing. Written authorization may be obtained in paper 
form or via an electronic means such as an electronic mail message from 
the subscriber. It must include the subscriber's signature and the 
electronic mail address to which MSCMs may be sent. Senders who choose 
to obtain authorization in oral format are also expected to take 
reasonable steps to ensure that such authorization can be verified.
    We note here that in the event any complaint is filed, the burden 
of proof rests squarely on the sender, whether authorization has been 
obtained in written or in oral form. We do so to avoid the likelihood 
that any businesses will try to fabricate authorization. Given the 
potential costs and inconvenience to subscribers to receive such MSCMs, 
it is important that such messages be sent only to those wireless 
devices belonging to receptive subscribers. We strongly suggest that 
senders take steps promptly to document that they received such 
authorization. Recognizing the potential for fraud by both a person 
signing up someone else to receive MSCMs and by businesses fabricating 
authorization, we recommend that the business confirm the electronic 
mail address with a confirmatory notice sent to the recipient 
requesting a reply. We emphasize that sending any commercial message to 
a wireless device, including any falsely purporting to be confirmatory 
messages, is a violation of our rules unless the subscriber has already 
provided express prior authorization and the sender bears the burden of 
showing that has occurred.
    Whether given orally or in writing, express prior authorization 
must be express, must be given prior to the sending of any MSCMs, and 
must include the electronic mail address to which such MSCMs may be 
sent. In addition, we believe that consistent with the intent of the 
CAN SPAM Act, consumers must not bear any additional costs to receive a 
request for authorization, and must be able to reply to such a request 
without incurring any additional costs. In addition to actual costs for 
such messages, as noted above, recipients may incur costs for time 
spent accessing, reviewing, and discarding such mail. Thus, senders are 
prohibited from sending any request for authorization to any wireless 
subscriber's wireless devices. Express prior authorization may not be 
obtained in the form of a ``negative option.'' If a

[[Page 55771]]

sender chooses to use a website, we note that such authorization must 
include an affirmative action on the part of the subscriber, such as 
checking a box or hitting an ``I Accept'' button, accompanied by the 
clear disclosures outlined below. In addition, the subscriber must have 
an opportunity in the process to input the specific electronic mail 
address for which they are authorizing MSCMs. Express prior 
authorization need only be secured once from the recipient in Order to 
send MSCMs to that subscriber until the subscriber revokes such 
authorization. Senders who claim they obtained authorization from 
wireless subscribers to send them MSCMs prior to the effective date of 
these rules will not be in compliance with the rules unless they can 
demonstrate that such authorization met all the requirements as adopted 
herein, including the disclosure requirements below.
    We emphasize that if the sender subsequently is notified by the 
subscriber that the subscriber does not wish to receive MSCMs, the 
sender must cease sending such messages within 10 business days of the 
receipt of such request in compliance with section 5(a)(4)(A) of the 
CAN SPAM Act. We note, however, that this 10-day time period may change 
should the FTC amend its rules. We delegate to the Consumer & 
Governmental Affairs Bureau the authority to amend the rules to reflect 
any updates in the time-frames adopted by the FTC.
    A subscriber who provides an electronic mail address for a specific 
purpose, e.g., notifying the subscriber when a car repair is completed, 
will not be considered to have given express prior authorization for 
purposes of sending MSCMs in general. In addition, should a sender 
allow subscribers to choose the types of MSCMs they receive from that 
sender, and authorization is provided for those specific types of 
messages, the sender should transmit only those types of MSCMs to the 
subscriber. Finally, authorization provided to a particular sender will 
not entitle that sender to send MSCMs on behalf of third parties, 
including on behalf of affiliated entities and marketing partners. If a 
sender obtains express prior authorization, that sender must be 
identified in the message in a form that will allow a subscriber to 
reasonably determine that the sender is the authorized entity.
    Required Disclosures. As noted above, Congress found that the 
receipt of unsolicited commercial electronic mail often results in 
monetary costs and inconvenience for wireless subscribers. Thus, the 
rules we adopt today require senders to disclose to the subscriber at 
the time they obtain any subscriber's express prior authorization that: 
(1) The subscriber is agreeing to receive mobile service commercial 
messages sent to their wireless device from a particular sender; (2) 
the subscriber may be charged by their wireless service provider in 
connection with receipt of such messages; and (3) the subscriber may 
revoke her authorization to receive MSCMs at any time. Any such 
disclosure notice containing the required disclosures must be clearly 
legible, use sufficiently large type (or, if audio, be of sufficiently 
loud volume), and be placed so as to be readily apparent to a customer. 
The disclosure notice must also be separate from any other 
authorizations in the document. And, it must clearly provide the name 
of the person or entity sending the MSCM and the person or entity whose 
product or service is advertised or promoted in the MSCMs if different 
from the sender. Finally, if any portion of the disclosure notice is 
translated into another language, then all portions of the notice must 
be translated into that language. Senders are cautioned that if they 
use a website for obtaining authorization, such authorization notice 
must comply with these disclosure requirements as well. We note that if 
authorization is obtained orally, all required disclosures must still 
be made by the sender.
    We decline to carve out any exemptions from the ``express prior 
authorization'' requirements. We find that any exemption for a 
particular industry would be in direct conflict with the intent of the 
CAN SPAM Act to protect wireless subscribers from commercial electronic 
mail messages that they do not wish to receive. We also find that 
permitting senders to obtain authorization orally or in writing, 
addresses the concerns described by certain commenters in obtaining 
such authorization.
    The legislative history demonstrates that section 14 of the CAN 
SPAM Act was included so that wireless subscribers would have greater 
protections from commercial electronic mail messages than those 
protections provided elsewhere in the CAN SPAM Act. Congress was 
concerned about the intrusive nature of wireless spam and the costs to 
subscribers associated with receiving such spam. Thus, we emphasize 
that any MSCM sender that claims its messages are transmitted based on 
oral, written, or electronic authorization must be prepared to provide 
clear and convincing evidence of such express prior authorization by 
the subscriber. The failure to obtain such authorization before sending 
MSCMs will be a clear violation of the CAN SPAM Act and Commission's 
rules.

D. Electronic Rejection of MSCMs

    Required technical mechanisms. In the NPRM we sought comment on how 
we could best fulfill the mandate of section 14 (b)(2) of the CAN SPAM 
Act to develop rules that ``allow recipients of MSCMs to indicate 
electronically a desire not to receive future MSCMs from the sender.'' 
We also sought comment on technical options that might be used to do 
this simply.
    Commenters suggested technical options for withdrawing 
authorization including a return electronic mail address, a hyperlink 
to a website, the use of short code mechanisms, telephone-based 
techniques such as those that allow the caller to use key pads, or some 
combination of the foregoing. Members of the U.S. House of 
Representatives and the Motion Picture Association of America, 
encourage the Commission to adopt a simple, streamlined electronic 
response technique to quickly withdraw prior authorization using a 
recipient's handset. Two commenters contend that requiring small 
businesses to set-up and maintain a website for the purpose of 
rejecting future messages would impose an unreasonable burden. NAAG 
contends the first screen of any MSCM should display the existence of 
an option to decline to receive messages and the means by which it can 
be exercised.
    As a preliminary matter we note that section 5(a)(3) of the CAN 
SPAM Act requires that all commercial electronic mail include ``a 
return electronic mail address or other Internet-based mechanism, 
clearly and conspicuously displayed.'' Several commenters endorsed the 
applicability of the general provision of section 5(a)(3) of the CAN 
SPAM Act for MSCMs, indicating that a return electronic mail address or 
other Internet-based mechanism, such as a link to a website, would 
serve as a mechanism for electronically rejecting further items and 
should be included in any MSCM sent. We agree that this provision would 
need to be included in all MSCMs in Order for our rules to be 
consistent with the CAN SPAM Act.
    We believe, however, that more is required. Our decision is 
informed by the significant differences between the resources that may 
be available to recipients of MSCM and the resources available to 
recipients of electronic mail messages in general. In particular our 
definition of MSCM includes messages that originate on the Internet and 
that

[[Page 55772]]

are converted for delivery to wireless devices which may not have 
Internet access. Some of these wireless services and devices are by 
nature one-way services. Moreover, we cannot assume that all MSCM 
recipients have an alternative means of access to Internet-based 
electronic messaging or to other Internet-based mechanisms, such as a 
web browser. Consequently, we strongly agree with the Mobile Marketing 
Code of Conduct principle that ``consumers must be allowed to terminate 
their participation in an ongoing mobile messaging program through 
channels identical to those through which they can opt to receive 
messages about a given program.''
    Therefore, we conclude that in addition to the general requirement 
of the CAN SPAM Act that each MSCM have a functioning return electronic 
mail address or other form of Internet-based communication, a sender of 
an MSCM must provide the recipient with access to whatever mechanism 
they were given access to in Order to grant express prior 
authorization. For example, if a subscriber was given a short-code 
mechanism for granting authorization for MSCMs to the sender, the 
sender must provide that subscriber with a way to send a short code as 
a means to electronically reject future MSCMs from that sender. A 
sender must also include basic instructions by which this option or 
these options can be exercised to reject further items.
    A sender may include other mechanisms at his discretion, so long as 
these basic requirements are met. The means by which a recipient 
notifies the sender that the recipient does not wish to receive 
additional MSCMs can impose no new requirements on the recipient beyond 
the means by which he provided prior express authorization. In 
addition, the sender may not subject the subscriber to further 
commercial advertising or solicitation as part of the procedure the 
recipient must use to reject future messages.
    Consistent with CAN SPAM Act section 5(a)(3), for no less than 30 
days following the transmission of an MSCM, all included mechanisms for 
acquiring express prior authorization must remain capable of receiving 
and honoring the recipient's rejection of further messages. As we 
indicate above, the sender must cease sending further messages within 
the amount of time that the FTC has allotted for senders to act upon 
requests for rejecting subsequent messages, currently set at 10 
business days after receipt of any request from the subscriber.
    In regards to small businesses, we note that the flexibility 
provided for obtaining express prior authorization and for notifying 
the sender of the subsequent rejection of further items addresses the 
concerns of small business interests that, for example, a small 
business not be required to set-up and maintain a new website. We 
further note that because the recipient must be given express prior 
authorization for any MSCM that arrives, we see no need to adopt NAAG's 
suggestion to require material regarding how to decline to receive more 
messages to be displayed on the first screen of any MSCM. Finally, the 
record does not indicate that provider services and subscriber devices 
currently support a common response-based technique that is simple for 
subscribers to use and that the Commission could adopt. We therefore 
encourage industry to develop an industry-standard means by which a 
subscriber can use his handset to easily respond to a sender that he no 
longer wishes to receive MSCMs. We will monitor whether industry has 
developed a standard means by which subscribers can use handsets to 
respond and may revisit this issue at a later date.
    Other technical mechanisms. In the NPRM we sought comment on the 
applicability of a variety of other technical options that could be 
used by subscribers for electronically rejecting messages. For example, 
we asked about the possible applicability of mechanisms for blocking 
messages from particular senders at the subscriber's request, of an 
ability to add a changeable personal identifier to a wireless device 
mail address by means of which the subscriber could easily alter his 
address, and of challenge-response mechanisms that a subscriber might 
invoke. One commenter supported establishing a policy framework to 
deploy subscriber-controlled blocking solutions. Many providers 
acknowledged that they voluntarily provide their subscribers such means 
for mitigating unsolicited MSCM, but cautioned the Commission against 
mandating their availability. Given the record and the apparent success 
to date of the voluntary approach in generally blocking unwanted MSCMs, 
we decline to require that all providers make such mechanisms available 
for use at the option of their subscribers.

E. Consideration of CMRS Provider Exemption

    Section 14 (b)(3) of the CAN SPAM Act allows the Commission to 
exempt providers of commercial mobile services to the general 
prohibition on the sending of MSCMs. In doing so, the Commission must 
take into consideration the ``relationship that exists between 
providers of such services and their subscribers.'' However, as the CAN 
SPAM Act clearly states, our overall mandate is to protect consumers 
from unwanted MSCMs. The CAN SPAM Act does not require the Commission 
to provide an exemption, only to consider whether such an exemption 
would be appropriate. As a result, the Commission sought comment in the 
NPRM on whether there is a need for such an exemption and how it would 
impact consumers.
    In the NPRM, we noted that the CAN SPAM Act already excludes 
certain ``transactional and relationship'' messages from the definition 
of unsolicited commercial electronic mail. Specifically the CAN SPAM 
Act states that transaction and relationship messages are those 
messages in which the primary purpose is:

    (i) To facilitate, complete, or confirm a commercial transaction 
that the recipient has previously agreed to enter into with the 
sender; (ii) to provide warranty information, product recall 
information, or safety or security information with respect to a 
commercial product or service used or purchased by the recipient; 
(iii) to provide (I) notification concerning a change in the terms 
or features of; (II) notification of a change in the recipient's 
standing or status with respect to; or (III) at regular periodic 
intervals, account balance information or other type of account 
statement with respect to a subscription, membership, account, loan, 
or comparable ongoing commercial relationship involving the ongoing 
purchase or use by the recipient of products or services offered by 
the sender; (iv) to provide information directly related to an 
employment relationship or related benefit plan in which the 
recipient is currently involved, participating, or enrolled; or (v) 
to deliver goods or services, including product updates or upgrades, 
that the recipient is entitled to receive under the terms of a 
transaction that the recipient has previously agreed to enter into 
with the sender.

    In light of the exclusions of those types of messages, we asked in 
the NPRM whether there was a need for a separate exemption for CMRS 
providers from the section 14 of the CAN SPAM Act ``express prior 
authorization'' requirement and, if so, how the Commission would 
implement the requirements allowing subscribers who indicated a desire 
not to receive future MSCMs from the provider (1) at the time of 
subscribing to such service and (2) in any billing mechanism. 
Additionally, we requested in the NPRM that CMRS providers supply us 
with specific examples of messages that they send to their customers 
that are not already excluded from the CAN SPAM Act. Finally, if such 
an exemption were created, we asked whether there would

[[Page 55773]]

be any impact on small businesses and whether small wireless service 
providers should be treated differently.
    NAAG, consumer groups, and a privacy organization argue that there 
is no basis for granting an exemption for CMRS providers. CMRS 
providers argue they should have an exemption--with two providers 
noting this should be only if the carriers do not charge subscribers 
for the messages they send. However, despite the NPRM's request that 
carriers provide specific examples of messages that would not already 
be covered by the CAN SPAM Act's exemption for ``transactional'' or 
``relationship'' messages, CMRS providers offer few such examples and, 
as discussed below, they might already be allowed under The CAN SPAM 
Act. NAR says it would be unfair to give an exemption to one business 
model and not others. Many CMRS providers counter that we should not 
make a special exemption for small businesses. As to the scope of the 
exemption, CTIA urges that any exemption for CMRS providers also should 
extend to its business partners, while the DMA warns that any such 
exemption must be narrowed to include only messages from a carrier 
about its own services. Verizon argues that declining to exempt 
carriers would be an unlawful restriction on commercial speech; 
however, we have already addressed that issue above.
    Based upon the record before us, we decline to grant CMRS providers 
a special exemption from the requirement to obtain express prior 
authorization from their current subscribers before sending them any 
MSCM. In reaching this decision, we are persuaded by commenters, 
including many consumer groups and individuals, who urge us to provide 
greater consumer protection for wireless consumers--protection that is 
not diluted by such an exemption. The CAN SPAM Act itself requires us 
to protect consumers from ``unwanted'' commercial messages, not only 
those that have additional costs. As commenters note, consumers are 
concerned with the nuisance of receiving such messages.
    Several of these commenters emphasize that CMRS providers should 
not be exempt from the rules requiring express prior authorization 
because the bulk of CMRS providers' communications with their customers 
are already expressly exempted under the CAN SPAM Act as 
``transactional and relationship'' messages. We agree that the few 
examples that CMRS providers supplied in the record appear to already 
fall within ``transactional and relationship'' messages or otherwise 
outside of the definition of ``commercial'' messages. For example, T-
Mobile contends that it needs to be able to send notices to customers 
about fraud. As noted above, the CAN SPAM Act defines a ``commercial 
electronic mail message'' as an electronic message for which the 
``primary purpose'' is the ``commercial advertisement or promotion of a 
commercial product or service (including content on an Internet website 
operated for a commercial purpose).'' If the primary purpose of the 
message was to alert customers about fraud, we do not believe T-
Mobile's example would fall within the definition of ``commercial'' and 
therefore would not fall under the CAN SPAM Act at all. In addition, 
Nextel provides the example of a carrier needing to send out an alert 
to a prepaid customer that his account balance is running low. If that 
was the primary purpose of the message, such a message would fall under 
the exemption for transaction and relationship message.
    As noted previously, the FTC has authority to develop the criteria 
used to define whether a message is ``commercial,'' as well as any 
modifications for what is considered in the exemption of transactional 
and relationship messages. Therefore, we delegate to the Consumer & 
Governmental Affairs Bureau the authority to amend the rules we adopt 
today to ensure consistency with any rule the FTC adopts under the CAN 
SPAM Act to further define ``commercial'' and ``transactional 
relationship'' messages.
    Although CMRS providers contend that an exemption should be 
provided, very little support for such an exemption was provided in the 
record in this proceeding. Much of the comment in support of the 
exemption is conclusory in nature. T-Mobile states that, by empowering 
the Commission to exempt wireless carriers from section 14 (b)(1) of 
the CAN SPAM Act, Congress has recognized that the MSCMs sent by 
wireless carriers are fundamentally different than MSCMs sent by all 
other senders. Cingular, Nextel and Sprint urge the Commission to 
presume that the customer is willing to receive information about their 
providers' new products and services. Nextel notes that, unlike third 
parties, wireless carriers can ensure that customers are not charged 
for such messages. Dobson states that, in many cases, a subscriber 
would prefer an SMS message from its carrier rather than a phone call 
or bill insert.
    We note again that Congress' intent in including section 14 in the 
CAN SPAM Act was to afford wireless consumers greater protection from 
unwanted commercial electronic mail messages. Ultimately, we are 
persuaded that safeguarding wireless consumers from MSCMs, undiluted 
with an exemption for CMRS providers, will ensure that consumers 
receive ``less, not more, spam.'' The record shows that MSCMs sent by 
CMRS providers are not fundamentally different from those sent by other 
senders, other than that they may be provided without additional cost 
to subscribers. An MSCM from a CMRS provider may be just as intrusive, 
and costly in other respects, as an MSCM from a third party. As 
Congress noted, the receipt of unwanted mail can result in costs ``for 
the storage of such mail, or for the time spent accessing, reviewing, 
and discarding such mail.'' In addition, providers have unique channels 
such as monthly statements and web sites, through which they can 
request a subscriber's prior express authorization. We note that the 
rules we establish in this proceeding are sufficiently flexible to 
enable the CMRS provider to readily obtain the subscriber's express 
prior authorization in a number of ways, if a CMRS provider desires to 
send an MSCM to any wireless subscriber. For all of those reasons, a 
promise to make them cost-free alone does not suffice as justification 
for an exemption.
    Accordingly, we decline to exempt CMRS providers from the 
requirement to obtain express prior authorization from their current 
subscribers before sending them any MSCM. For similar reasons, we also 
decline to create an exemption for other entities, such as realtors or 
small businesses. NAR argues that the MSCM rules should not apply to a 
real estate professional's communications to their clients about the 
services they are providing to that client, or to communications 
between associations and their members. As noted above, the CAN SPAM 
Act's existing exemption already broadly covers many transaction and 
relationship messages. Furthermore, the allowance for orally obtaining 
express prior authorization, which NAR advocates, should allow realtors 
to obtain such authorizations as needed. NAR has not established that 
messages sent by its members are fundamentally different from those 
sent by other senders. An MSCM from a real estate professional may be 
just as intrusive, and costly as an MSCM from any other entity. ACA 
International contends that messages sent to wireless devices for the 
primary purpose of collecting debts are not MSCMs as they are not 
``commercial'' and therefore are exempt from the CAN SPAM Act. As we 
noted

[[Page 55774]]

previously, while the statute leaves the interpretation of 
``transactional and relationship'' messages to the FTC, in the absence 
of any ruling to the contrary, we believe that messages from a person 
or entity with whom the recipient has previously agreed to enter into a 
transaction and that concern a debt owed for that transaction would 
fall under the exemption. However, consistent with our 2003 TCPA Order, 
a call to sell debt consolidation services, for example, is a 
commercial call regardless of whether the consumer is also referred to 
a tax-exempt nonprofit organization for counseling services. We believe 
that to do so would be inconsistent with our mandate from Congress to 
protect subscribers from unwanted commercial messages.

F. General Compliance With the CAN SPAM Act

    We asked for comment on specific compliance issues that senders of 
MSCM might have with other sections of the CAN SPAM Act. We noted in 
the NPRM that although we believed that currently, some carriers choose 
to limit the length of certain text messages that some commercial 
mobile service subscribers already appeared to be supplementing the 
limited text handling functionality with ancillary personal computer 
technology. We received little response about this issue. CTIA states 
that some handsets are limited in message storage beyond a certain 
length and screens are small; thus, CTIA argues that senders should not 
be required to meet all of the disclosures. Consumer Action, the 
Consumer Federation of America and the National Consumers League 
contend that the disclosure requirements of the main provisions of the 
CAN SPAM Act are so important that they should trump any awkwardness 
with messages being filled with disclosures. We agree. There is 
insufficient evidence on the record to warrant a waiver of the basic 
disclosure requirements mandated by the CAN SPAM Act.
    Finally, CTIA contends that wireless carriers should be given 
special treatment with regard to general compliance with the 
information requirements of section 5 of the CAN SPAM Act, given that 
they can provide this data at the time of subscription and in each 
monthly bill. CTIA contends in a footnote that interpreting the statute 
to mean that CMRS providers would need to comply with all the 
information requirements of section 5 would render section 14 (b)(4) of 
the CAN SPAM Act meaningless. We disagree. Based on the information 
discussed above regarding messages sent by CMRS providers, we find 
there is no reason for treating them differently from other businesses.

Final Regulatory Flexibility Analysis

    As required by the Regulatory Flexibility Act of 1980, as amended 
(RFA), an Initial Regulatory Flexibility Analysis (IRFA) was 
incorporated in the Notice of Proposed Rulemaking and Further Notice of 
Proposed Rulemaking (NPRM & FNPRM) released by the Federal 
Communications Commission (Commission) on March 19, 2004. The 
Commission sought written public comments on the proposals contained in 
both the NPRM & FNPRM, including comments on the IRFA. None of the 
comments filed in this proceeding was specifically identified as 
comments addressing the IRFA. This present Final Regulatory Flexibility 
Analysis (FRFA) conforms to the RFA.

Need for, and Objectives of, This Order

    On December 8, 2003, Congress passed the Controlling the Assault of 
Non-Solicited Pornography and Marketing Act of 2003 (CAN SPAM Act) to 
address the growing number of unwanted commercial electronic mail 
messages, which Congress determined to be costly, inconvenient, and 
often fraudulent or deceptive. Congress found that recipients ``who 
cannot refuse to accept such mail'' may incur costs for storage and for 
``time spent accessing, reviewing, and discarding such mail.'' The CAN 
SPAM Act prohibits any person from transmitting such messages with 
false or misleading information about the source or content, and gives 
recipients the right to decline to receive additional messages from the 
same source. Certain agencies, including the Commission, are charged 
with enforcement of the CAN SPAM Act.
    Section 14 of the CAN SPAM Act requires the Commission to (1) 
promulgate rules to protect consumers from unwanted mobile service 
commercial messages, and (2) consider, in doing so, the ability of 
senders to determine whether a message is a mobile commercial 
electronic mail message. In addition, the Commission shall consider the 
ability of senders of mobile service commercial messages to comply with 
the CAN SPAM Act in general. Furthermore, the CAN SPAM Act requires the 
Commission to consider the relationship that exists between providers 
of such services and their subscribers.
    On March 19, 2004, the Commission issued the NPRM & FNPRM regarding 
implementation of section 14 of the CAN SPAM Act. The Commission sought 
comment on how to protect wireless subscribers from those electronic 
mail messages, such as traditional e-mail and forms of text messaging, 
that fall under section 14 of the CAN SPAM Act, while not interfering 
with regular electronic messages that are covered under the CAN SPAM 
Act in general. In the NPRM & FNPRM, the Commission sought comment on 
the ability of senders to determine whether a message is a mobile 
service commercial electronic mail message, as well as different 
options and technologies that might enable the sender to make that 
determination. In addition, the NPRM & FNPRM sought comment on the 
following six issues or alternatives: (1) The scope of section 14 of 
the CAN SPAM Act, specifically what falls within the definition of 
mobile service commercial messages (MSCMs); (2) mechanisms to give 
consumers the ability to avoid MSCMs without relying upon the sender to 
determine whether a message is a mobile service message; (3) the 
requirements for obtaining express prior authorization; (4) whether 
commercial mobile radio service providers should be exempted from the 
obligation of obtaining express prior authorization before contacting 
their customers; (5) how wireless subscribers may electronically reject 
future MSCMs; and (6) how MSCM senders may generally comply with the 
CAN SPAM Act.
    In 1991, the Telephone Consumer Protection Act (TCPA) was enacted 
to address certain telemarketing practices, including calls to wireless 
telephone numbers, which Congress found to be an invasion of consumer 
privacy and even a risk to public safety. The TCPA specifically 
prohibits calls using an automatic telephone dialing system or 
artificial or prerecorded message ``to any telephone number assigned to 
a paging service, cellular telephone service, specialized mobile radio 
service, or other common carrier service, or any service for which the 
called party is charged.'' The CAN SPAM Act provides that ``[n]othing 
in this Act shall be interpreted to preclude or override the 
applicability'' of the TCPA.
    In 2003, we released a Report and Order in which we reaffirmed that 
the TCPA prohibits any call using an automatic telephone dialing system 
or an artificial or prerecorded message to any wireless telephone 
number. We concluded that this encompasses both voice calls and text 
calls, including Short Message Service (SMS) text messaging calls, to 
wireless phone numbers.
    In the NPRM & FNPRM, we noted that the legislative history of the 
CAN SPAM Act suggests that section 14, in

[[Page 55775]]

conjunction with the TCPA, was intended to address wireless text 
messaging. We sought comment on whether the definition of an MSCM 
should include SMS messages.
    This Order adopts a general prohibition against commercial 
electronic messages sent to any address using a domain name that 
appears on a list to be maintained by the Commission and available to 
the public. We believe these measures are the ones best suited to 
protect wireless subscribers from unwanted commercial messages and do 
not overburden carriers and legitimate businesses, especially small 
businesses.
    In addition, this Order clarifies the delineation between the new 
rules implementing the CAN SPAM Act, and our existing rules concerning 
messages sent to wireless telephone numbers under the TCPA. Because 
this Order clarifies this delineation and does not modify any rules, 
there is no discussion of the TCPA included in this FRFA. All remaining 
TCPA issues, raised in the NPRM & FNPRM, will be addressed in a 
separate Order issued by the Commission at a later date.

Summary of Significant Issues Raised by Public Comments in Response to 
the IRFA

    There were no comments filed that specifically addressed the rules 
and policies proposed in the IRFA.

Description and Estimate of the Number of Small Entities to Which the 
Rules Will Apply

    The RFA directs agencies to provide a description of and, where 
feasible, an estimate of the number of small entities that may be 
affected by the rules adopted herein. The RFA generally defines the 
term ``small entity'' as having the same meaning as the terms ``small 
business,'' ``small organization,'' and ``small governmental 
jurisdiction.'' In addition, the term ``small business'' has the same 
meaning as the term ``small business concern'' under the Small Business 
Act. Under the Small Business Act, a ``small business concern'' is one 
which: (1) Is independently owned and operated; (2) is not dominant in 
its field of operation; and (3) satisfies any additional criteria 
established by the Small Business Administration (SBA).
    The rules adopted in this Order, concerning the prohibition of 
sending electronic commercial mail messages, apply to a wide range of 
entities, including the myriad of businesses throughout the nation that 
use electronic messaging to advertise. In the IRFA we identified, with 
as much specificity as possible, all business entities that might be 
affected by this Order. In Order to assure that we have covered all 
possible entities we included general categories, such as Wireless 
Service Providers and Wireless Communications Equipment Manufacturers, 
while also including more specific categories, such as Cellular 
Licensees and Common Carrier Paging. Similarly, for completeness, we 
have also included descriptions of small entities in various 
categories, such as 700 MHz Guard Band Licenses, who may potentially be 
affected by this Order but who would not be subject to regulation 
simply because of their membership in that category.
    Sometimes when identifying small entities we provide information 
describing auctions' results, including the number of small entities 
that were winning bidders. We note, however, that the number of winning 
bidders that qualify as small businesses at the close of an auction 
does not necessarily reflect the total number of small entities 
currently in a particular service. The Commission does not generally 
require that applicants do not provide business size information, nor 
does the Commission track subsequent business size, except in the 
context of an assignment or transfer of control application where 
unjust enrichment issues are implicated.
    Small Businesses. Nationwide, there are a total of 22.4 million 
small businesses, according to SBA data.
    Telemarketers. SBA has determined that ``telemarketing bureaus'' 
with $6 million or less in annual receipts qualify as small businesses. 
For 1997, there were 1,727 firms in the ``telemarketing bureau'' 
category, total, which operated for the entire year. Of this total, 
1,536 reported annual receipts of less than $5 million, and an 
additional 77 reported receipts of $5 million to $9,999,999. Therefore, 
the majority of such firms can be considered to be small businesses.
    Wireless Service Providers. The SBA has developed a small business 
size standard for wireless firms within the two broad economic census 
categories of ``Paging'' and ``Cellular and Other Wireless 
Telecommunications.'' Under both SBA categories, a wireless business is 
small if it has 1,500 or fewer employees. For the census category of 
Paging, Census Bureau data for 1997 show that there were 1,320 firms in 
this category, total, that operated for the entire year. Of this total, 
1,303 firms had employment of 999 or fewer employees, and an additional 
17 firms had employment of 1,000 employees or more. Thus, under this 
category and associated small business size standard, the great 
majority of firms can be considered small. For the census category 
Cellular and Other Wireless Telecommunications, Census Bureau data for 
1997 show that there were 977 firms in this category, total, that 
operated for the entire year. Of this total, 965 firms had employment 
of 999 or fewer employees, and an additional 12 firms had employment of 
1,000 employees or more. Thus, under this second category and size 
standard, the great majority of firms can, again, be considered small.
    Internet Service Providers. The SBA has developed a small business 
size standard for Internet Service Providers. This category comprises 
establishments ``primarily engaged in providing direct access through 
telecommunications networks to computer-held information compiled or 
published by others.'' Under the SBA size standard, such a business is 
small if it has average annual receipts of $21 million or less. 
According to Census Bureau data for 1997, there were 2,751 firms in 
this category that operated for the entire year. Of these, 2,659 firms 
had annual receipts of under $10 million, and an additional 67 firms 
had receipts of between $10 million and $24,999,999. Thus, under this 
size standard, the great majority of firms can be considered small 
entities.
    Wireless Communications Equipment Manufacturers. The Commission has 
not developed special small business size standards for entities that 
manufacture radio, television, and wireless communications equipment. 
Therefore, the applicable small business size standard is the 
definition under the SBA rules applicable to ``Radio and Television 
Broadcasting and Wireless Communications Equipment Manufacturing.'' 
Examples of products that fall under this category include 
``transmitting and receiving antennas, cable television equipment, GPS 
equipment, pagers, cellular phones, mobile communications equipment, 
and radio and television studio and broadcasting equipment'' and may 
include other devices that transmit and receive Internet Protocol 
enabled services, such as personal digital assistants. Under that 
standard, firms are considered small if they have 750 or fewer 
employees. Census Bureau data for 1997 indicate that, for that year, 
there were a total of 1,215 establishments in this category. Of those, 
there were 1,150 that had employment under 500, and an additional 37 
that had employment of 500 to 999. The percentage of wireless equipment 
manufacturers in this category is approximately 61.35%, so

[[Page 55776]]

the Commission estimates that the number of wireless equipment 
manufacturers with employment under 500 was actually closer to 706, 
with an additional 23 establishments having employment of between 500 
and 999. Given the above, the Commission estimates that the great 
majority of wireless communications equipment manufacturers are small 
businesses.
    Radio Frequency Equipment Manufacturers. The Commission has not 
developed a special small business size standard applicable to Radio 
Frequency Equipment Manufacturers. Therefore, the applicable small 
business size standard is the definition under the SBA rules applicable 
to ``Radio and Television Broadcasting and Wireless Communications 
Equipment Manufacturing.'' Under that standard, firms are considered 
small if they have 750 or fewer employees. Census Bureau data for 1997 
indicate that, for that year, there were a total of 1,215 
establishments in this category. Of those, there were 1,150 that had 
employment under 500, and an additional 37 that had employment of 500 
to 999. Thus, under this size standard, the majority of establishments 
can be considered small entities.
    Paging Equipment Manufacturers. The Commission has not developed a 
special small business size standard applicable to Paging Equipment 
Manufacturers. Therefore, the applicable small business size standard 
is the definition under the SBA rules applicable to ``Radio and 
Television Broadcasting and Wireless Communications Equipment 
Manufacturing.'' Under that standard, firms are considered small if 
they have 750 or fewer employees. Census Bureau data for 1997 indicate 
that, for that year, there were a total of 1,215 establishments in this 
category. Of those, there were 1,150 that had employment under 500, and 
an additional 37 that had employment of 500 to 999. Thus, under this 
size standard, the majority of establishments can be considered small 
entities.
    Telephone Equipment Manufacturers. The Commission has not developed 
a special small business size standard applicable to Telephone 
Equipment Manufacturers. Therefore, the applicable small business size 
standard is the definition under the SBA rules applicable to 
``Telephone Apparatus Manufacturing.'' Under that standard, firms are 
considered small if they have 1,000 or fewer employees. Census Bureau 
data indicates that for 1997 there were 598 establishments that 
manufacture telephone equipment. Of those, there were 574 that had 
fewer than 1,000 employees, and an additional 17 that had employment of 
1,000 to 2,499. Thus, under this size standard, the majority of 
establishments can be considered small.
    As noted in paragraph [8], we believe that all small entities 
affected by the rules contained in this Order will fall into one of the 
large SBA categories described above. In an attempt to provide as 
specific information as possible, however, we are providing the 
following more specific categories.
    Cellular Licensees. The SBA has developed a small business size 
standard for wireless firms within the broad economic census category 
``Cellular and Other Wireless Telecommunications.'' Under this SBA 
category, a wireless business is small if it has 1,500 or fewer 
employees. For the census category Cellular and Other Wireless 
Telecommunications firms, Census Bureau data for 1997 show that there 
were 977 firms in this category, total, that operated for the entire 
year. Of this total, 965 firms had employment of 999 or fewer 
employees, and an additional 12 firms had employment of 1,000 employees 
or more. Thus, under this category and size standard, the great 
majority of firms can be considered small. According to the most recent 
Trends in Telephone Service data, 719 carriers reported that they were 
engaged in the provision of cellular service, personal communications 
service, or specialized mobile radio telephony services, which are 
placed together in the data. We have estimated that 294 of these are 
small, under the SBA small business size standard.
    Common Carrier Paging. The SBA has developed a small business size 
standard for wireless firms within the broad economic census categories 
of ``Cellular and Other Wireless Telecommunications.'' Under this SBA 
category, a wireless business is small if it has 1,500 or fewer 
employees. For the census category of Paging, Census Bureau data for 
1997 show that there were 1,320 firms in this category, total, that 
operated for the entire year. Of this total, 1,303 firms had employment 
of 999 or fewer employees, and an additional 17 firms had employment of 
1,000 employees or more. Thus, under this category and associated small 
business size standard, the great majority of firms can be considered 
small.
    In the Paging Second Report and Order, the Commission adopted a 
size standard for ``small businesses'' for purposes of determining 
their eligibility for special provisions such as bidding credits and 
installment payments. A small business is an entity that, together with 
its affiliates and controlling principals, has average gross revenues 
not exceeding $15 million for the preceding three years. The SBA has 
approved this definition. An auction of Metropolitan Economic Area 
(MEA) licenses commenced on February 24, 2000, and closed on March 2, 
2000. Of the 2,499 licenses auctioned, 985 were sold. Fifty-seven 
companies claiming small business status won 440 licenses. An auction 
of MEA and Economic Area (EA) licenses commenced on October 30, 2001, 
and closed on December 5, 2001. Of the 15,514 licenses auctioned, 5,323 
were sold. One hundred thirty-two companies claiming small business 
status purchased 3,724 licenses. A third auction, consisting of 8,874 
licenses in each of 175 EAs and 1,328 licenses in all but three of the 
51 MEAs commenced on May 13, 2003, and closed on May 28, 2003. Seventy-
seven bidders claiming small or very small business status won 2,093 
licenses. Currently, there are approximately 74,000 Common Carrier 
Paging licenses. According to the most recent Trends in Telephone 
Service, 608 private and common carriers reported that they were 
engaged in the provision of either paging or ``other mobile'' services. 
Of these, we estimate that 589 are small, under the SBA-approved small 
business size standard. We estimate that the majority of common carrier 
paging providers would qualify as small entities under the SBA 
definition.
    Wireless Communications Services. This service can be used for 
fixed, mobile, radiolocation, and digital audio broadcasting satellite 
uses. The Commission defined ``small business'' for the wireless 
communications services (WCS) auction as an entity with average gross 
revenues of $40 million for each of the three preceding years, and a 
``very small business'' as an entity with average gross revenues of $15 
million for each of the three preceding years. The SBA has approved 
these definitions. The Commission auctioned geographic area licenses in 
the WCS service. In the auction, which commenced on April 15, 1997 and 
closed on April 25, 1997, there were seven bidders that won 31 licenses 
that qualified as very small business entities, and one bidder that won 
one license that qualified as a small business entity. An auction for 
one license in the 1670-1674 MHz band commenced on April 30, 2003 and 
closed the same day. One license was awarded. The winning bidder was 
not a small entity.
    Wireless Telephony. Wireless telephony includes cellular, personal 
communications services, and specialized mobile radio telephony

[[Page 55777]]

carriers. The SBA has developed a small business size standard for 
``Cellular and Other Wireless Telecommunications'' services. Under that 
SBA small business size standard, a business is small if it has 1,500 
or fewer employees. According to the most recent Trends in Telephone 
Service data, 719 carriers reported that they were engaged in the 
provision of wireless telephony. We have estimated that 294 of these 
are small under the SBA small business size standard.
    Broadband Personal Communications Service. The broadband personal 
communications services (PCS) spectrum is divided into six frequency 
blocks designated A through F, and the Commission has held auctions for 
each block. The Commission has created a small business size standard 
for Blocks C and F as an entity that has average gross revenues of less 
than $40 million in the three previous calendar years. For Block F, an 
additional small business size standard for ``very small business'' was 
added and is defined as an entity that, together with its affiliates, 
has average gross revenues of not more than $15 million for the 
preceding three calendar years. These small business size standards, in 
the context of broadband PCS auctions, have been approved by the SBA. 
No small businesses within the SBA-approved small business size 
standards bid successfully for licenses in Blocks A and B. There were 
90 winning bidders that qualified as small entities in the Block C 
auctions. A total of 93 ``small'' and ``very small'' business bidders 
won approximately 40 percent of the 1,479 licenses for Blocks D, E, and 
F. On March 23, 1999, the Commission reauctioned 155 C, D, E, and F 
Block licenses; there were 113 small business winning bidders.
    On January 26, 2001, the Commission completed the auction of 422 C 
and F Broadband PCS licenses in Auction No. 35. Of the 35 winning 
bidders in this auction, 29 qualified as ``small'' or ``very small'' 
businesses. Subsequent events, concerning Auction 35, including 
judicial and agency determinations, resulted in a total of 163 C and F 
Block licenses being available for grant.
    Narrowband Personal Communications Services. The Commission held an 
auction for Narrowband PCS licenses that commenced on July 25, 1994, 
and closed on July 29, 1994. A second auction commenced on October 26, 
1994 and closed on November 8, 1994. For purposes of the first two 
Narrowband PCS auctions, ``small businesses'' were entities with 
average gross revenues for the prior three calendar years of $40 
million or less. Through these auctions, the Commission awarded a total 
of 41 licenses, 11 of which were obtained by four small businesses. To 
ensure meaningful participation by small business entities in future 
auctions, the Commission adopted a two-tiered small business size 
standard in the Narrowband PCS Second Report and Order. A ``small 
business'' is an entity that, together with affiliates and controlling 
interests, has average gross revenues for the three preceding years of 
not more than $40 million. A ``very small business'' is an entity that, 
together with affiliates and controlling interests, has average gross 
revenues for the three preceding years of not more than $15 million. 
The SBA has approved these small business size standards. A third 
auction commenced on October 3, 2001 and closed on October 16, 2001. 
Here, five bidders won 317 (Metropolitan Trading Areas and nationwide) 
licenses. Three of these claimed status as a small or very small entity 
and won 311 licenses.
    Lower 700 MHz Band Licenses. We adopted criteria for defining three 
groups of small businesses for purposes of determining their 
eligibility for special provisions such as bidding credits. We have 
defined a ``small business'' as an entity that, together with its 
affiliates and controlling principals, has average gross revenues not 
exceeding $40 million for the preceding three years. A ``very small 
business'' is defined as an entity that, together with its affiliates 
and controlling principals, has average gross revenues that are not 
more than $15 million for the preceding three years. Additionally, the 
lower 700 MHz Service has a third category of small business status 
that may be claimed for Metropolitan/Rural Service Area (MSA/RSA) 
licenses. The third category is ``entrepreneur,'' which is defined as 
an entity that, together with its affiliates and controlling 
principals, has average gross revenues that are not more than $3 
million for the preceding three years. The SBA has approved these small 
size standards. An auction of 740 licenses (one license in each of the 
734 MSAs/RSAs and one license in each of the six Economic Area 
Groupings (EAGs)) commenced on August 27, 2002, and closed on September 
18, 2002. Of the 740 licenses available for auction, 484 licenses were 
sold to 102 winning bidders. Seventy-two of the winning bidders claimed 
small business, very small business or entrepreneur status and won a 
total of 329 licenses. A second auction commenced on May 28, 2003, and 
closed on June 13, 2003, and included 256 licenses: 5 EAG licenses and 
476 Cellular Market Area licenses. Seventeen winning bidders claimed 
small or very small business status and won 60 licenses, and nine 
winning bidders claimed entrepreneur status and won 154 licenses.
    Upper 700 MHz Band Licenses. The Commission released a Report and 
Order, authorizing service in the upper 700 MHz band. This auction, 
previously scheduled for January 13, 2003, has been postponed.
    700 MHz Guard Band Licenses. In the 700 MHz Guard Band Order, we 
adopted size standards for ``small businesses'' and ``very small 
businesses'' for purposes of determining their eligibility for special 
provisions such as bidding credits and installment payments. A small 
business in this service is an entity that, together with its 
affiliates and controlling principals, has average gross revenues not 
exceeding $40 million for the preceding three years. Additionally, a 
very small business is an entity that, together with its affiliates and 
controlling principals, has average gross revenues that are not more 
than $15 million for the preceding three years. SBA approval of these 
definitions is not required. An auction of 52 Major Economic Area (MEA) 
licenses commenced on September 6, 2000, and closed on September 21, 
2000. Of the 104 licenses auctioned, 96 licenses were sold to nine 
bidders. Five of these bidders were small businesses that won a total 
of 26 licenses. A second auction of 700 MHz Guard Band licenses 
commenced on February 13, 2001, and closed on February 21, 2001. All 
eight of the licenses auctioned were sold to three bidders. One of 
these bidders was a small business that won a total of two licenses.
    Specialized Mobile Radio. The Commission awards ``small entity'' 
bidding credits in auctions for Specialized Mobile Radio (SMR) 
geographic area licenses in the 800 MHz and 900 MHz bands to firms that 
had revenues of no more than $15 million in each of the three previous 
calendar years. The Commission awards ``very small entity'' bidding 
credits to firms that had revenues of no more than $3 million in each 
of the three previous calendar years. The SBA has approved these small 
business size standards for the 900 MHz Service. The Commission has 
held auctions for geographic area licenses in the 800 MHz and 900 MHz 
bands. The 900 MHz SMR auction began on December 5, 1995, and closed on 
April 15, 1996. Sixty bidders claiming that they qualified as small 
businesses under the $15 million size standard won

[[Page 55778]]

263 geographic area licenses in the 900 MHz SMR band. The 800 MHz SMR 
auction for the upper 200 channels began on October 28, 1997, and was 
completed on December 8, 1997. Ten bidders claiming that they qualified 
as small businesses under the $15 million size standard won 38 
geographic area licenses for the upper 200 channels in the 800 MHz SMR 
band. A second auction for the 800 MHz band was held on January 10, 
2002 and closed on January 17, 2002 and included 23 BEA licenses. One 
bidder claiming small business status won five licenses.
    The auction of the 1,053 800 MHz SMR geographic area licenses for 
the General Category channels began on August 16, 2000, and was 
completed on September 1, 2000. Eleven bidders won 108 geographic area 
licenses for the General Category channels in the 800 MHz SMR band 
qualified as small businesses under the $15 million size standard. In 
an auction completed on December 5, 2000, a total of 2,800 Economic 
Area licenses in the lower 80 channels of the 800 MHz SMR service were 
sold. Of the 22 winning bidders, 19 claimed small business status and 
won 129 licenses. Thus, combining all three auctions, 40 winning 
bidders for geographic licenses in the 800 MHz SMR band claimed status 
as small business.
    In addition, there are numerous incumbent site-by-site SMR 
licensees and licensees with extended implementation authorizations in 
the 800 and 900 MHz bands. We do not know how many firms provide 800 
MHz or 900 MHz geographic area SMR pursuant to extended implementation 
authorizations, nor how many of these providers have annual revenues of 
no more than $15 million. One firm has over $15 million in revenues. We 
assume, for purposes of this analysis, that all of the remaining 
existing extended implementation authorizations are held by small 
entities, as that small business size standard is approved by the SBA.

Description of Projected Reporting, Recordkeeping, and Other Compliance 
Requirements for Small Entities

    There are two distinct types of compliance requirements associated 
with this Order. First, wireless providers that provide wireless 
messaging service must provide to the Commission a list of all their 
domain names used for wireless messages. The record indicates that this 
list for each service provider is thought to be relatively static and 
of manageable size. We expect service providers to provide this list 
electronically and do not expect production of such a list by a 
business, even a small business, to be expensive or time consuming.
    As a result of this mandate, businesses wishing to send commercial 
electronic messages must avoid sending messages to addresses that 
reference the domain names for wireless devices unless they have 
obtained the subscriber's express prior authorization. To do this, 
senders may check the list of domain names. Thus, prior to sending a 
commercial message to that address, businesses must also obtain express 
authorization from any subscriber whose e-mail address includes a 
domain name that appears on the list. This express authorization may be 
obtained either by oral or written means and must be obtained only once 
until the subscriber revokes such authorization. Because the list of 
domain names is expected to be small, we do not anticipate the 
compliance burden of checking such a list to be great.

Steps Taken To Minimize the Significant Economic Impact on Small 
Entities, and Significant Alternatives Considered

    The RFA requires an agency to describe any significant alternatives 
that it has considered in developing its approach, which may include 
the following four alternatives (among others): ``(1) The establishment 
of differing compliance or reporting requirements or timetables that 
take into account the resources available to small entities; (2) the 
clarification, consolidation, or simplification of compliance and 
reporting requirements under the rule for such small entities; (3) the 
use of performance rather than design standards; and (4) an exemption 
from coverage of the rule, or any part thereof, for such small 
entities.''
    Initially, we note that the rules are intended to protect 
subscribers, including small businesses, from unwanted mobile service 
commercial messages. Congress found these unwanted messages to be 
costly and time-consuming for wireless subscribers. The rules adopted 
in this Order will benefit small businesses by reducing cost and time 
burdens on small businesses that receive such messages.
    One alternative considered by the Commission was a registry of 
individual e-mail addresses. This list would have been similar to the 
national ``do-not-call'' registry; however, after careful consideration 
of the costs and benefits of creating a national do-not-e-mail 
registry, including consideration of the burden on small businesses, we 
believe that the disadvantages of such a system outweigh the possible 
advantages. We would expect such a system to contain millions of 
records, which unlike the ``do-not-call'' registry would each be unique 
in length and type of characters, making searching and scrubbing of 
such a list difficult and time consuming, perhaps inordinately so for 
small businesses. Therefore, we instead chose to adopt rules requiring 
the registering of domain names used for mobile service with the 
Commission.
    Unlike individual e-mail addresses, the list of domain names is 
limited and manageable. The record indicates that it is already 
wireless providers' practice to use certain domain names and that the 
establishment of such a list would not burden carriers, presumably not 
even small carriers, and would place the burden of complying with the 
CAN SPAM Act on the senders of commercial messages. No commercial e-
mail can be sent to an address that contains one of the domain names 
that has been on the list for 30 days or the that sender otherwise 
knows to be for wireless service, unless the sender has obtained 
express authorization from the subscriber. The list of domain names 
will be available without cost from the Commission in an electronic 
format. While senders of commercial messages will not be required to 
provide proof that they consulted the wireless domain name list or that 
they consulted it at a particular time, any person or entity may use as 
a ``safe harbor'' defense the fact that a specific domain name was not 
on the list more than 30 days before the offending message was 
initiated. This ``safe harbor'' defense shall not excuse any willful 
violation--if the sender otherwise know the e-mail address to be 
protected--of the ban on sending unwanted messages to wireless 
subscribers. We expect that global searches of senders' electronic mail 
lists to identify the domain names will be easy and inexpensive.
    A second alternative considered by the Commission was in the area 
of obtaining express authorization. The Commission has declined to 
require that the express authorization be in writing. Senders, who must 
obtain this authorization before sending commercial electronic 
messages, are permitted to obtain such authorization by oral or written 
means, including electronic methods. Although not alleviating the 
entire burden on small businesses, the record would suggest that there 
is less of a burden if authorizations can be made orally instead of in 
writing. If the authorization is in writing, it may be obtained in a 
variety of ways--including paper form or electronic mail. By

[[Page 55779]]

allowing a variety of methods for authorization, the Commission is 
allowing senders of commercial messages, including any small 
businesses, to choose the method that works best for them. It is 
expected that this ability to choose will result in greater 
efficiencies and less cost for small businesses while still allowing 
them to comply with the CAN SPAM Act.

Report to Congress

    The Commission will send a copy of the Order, including this Final 
Regulatory Flexibility Analysis (FRFA), in a report to be sent to 
Congress pursuant to the Congressional Review Act. In addition, the 
Commission will send a copy of the Order, including this FRFA, to the 
Chief Counsel for Advocacy of the SBA. A copy of the Order and FRFA (or 
summaries thereof) will also be published in the Federal Register.

Ordering Clauses

    Accordingly, pursuant to authority contained in sections 1-4, 222, 
227 and 303(r) of the Communications Act of 1934, as amended; 47 U.S.C. 
151-154, 222, 227, and 303(r); and the Controlling the Assault of Non-
Solicited Pornography and Marketing Act of 2003, Public Law 108-187, 
117 Statute 2699; 15 U.S.C. 7701-7712, the Order in CG Docket Nos. 04-
53 and 02-278 is adopted and Part 64 of the Commission's rules, 47 CFR 
Part 64, is amended as set forth in Appendix B.
    The requirements of this Order shall become effective October 18, 
2004. The rules in 47 CFR 64.3100 that contain information collection 
requirements under the PRA are not effective until approved by OMB. 
Once these information collections are approved by OMB, the Commission 
will release a public notice and publish a document in the Federal 
Register announcing the effective date of these rules.
    The Commission delegates to the Consumer & Governmental Affairs 
Bureau the authority to amend the rules to reflect any updates in the 
time-frames adopted under this Order that are dependent upon the 
Federal Trade Commission's rules under the CAN SPAM Act, as discussed 
herein, and to amend the definitions dependent on the Federal Trade 
Commission's rules under the CAN SPAM Act, as discussed herein.
    The Commission's Consumer & Governmental Affairs Bureau, Reference 
Information Center, shall send a copy of this Order, including the 
Final Regulatory Flexibility Analysis, to the Chief Counsel for 
Advocacy of the Small Business Administration.

List of Subjects in 47 CFR Part 64

    Communications common carriers and Reporting and recordkeeping 
requirements.

Federal Communications Commission.
Marlene H. Dortch,
Secretary.

Rule Changes

0
For the reasons discussed in the preamble, the Federal Communications 
Commission amends 47 CFR part 64 as follows:

PART 64--MISCELLANEOUS RULES RELATING TO COMMON CARRIERS

0
1. The authority citation for part 64 continues to read as follows: 47 
U.S.C. 154, 254(k); secs. 403(b)(2)(B), (c), Public Law 104-104, 110 
Stat. 56. Interpret or apply 47 U.S.C. 201, 218, 225, 226, 228, and 
254(k) unless otherwise noted.

0
2. Subpart BB is added with the Subpart Heading to read as follows:

Subpart BB--Restrictions on Unwanted Mobile Commercial Service 
Messages

0
3. Section 64.3100 is added to read as follows:


Sec.  64.3100  Restrictions on mobile service commercial messages.

    (a) No person or entity may initiate any mobile service commercial 
message, as those terms are defined in paragraph (c)(7) of this 
section, unless:
    (1) That person or entity has the express prior authorization of 
the addressee;
    (2) That person or entity is forwarding that message to its own 
address;
    (3) That person or entity is forwarding to an address provided that
    (i) The original sender has not provided any payment, consideration 
or other inducement to that person or entity; and
    (ii) That message does not advertise or promote a product, service, 
or Internet website of the person or entity forwarding the message; or
    (4) The address to which that message is sent or directed does not 
include a reference to a domain name that has been posted on the FCC's 
wireless domain names list for a period of at least 30 days before that 
message was initiated, provided that the person or entity does not 
knowingly initiate a mobile service commercial message.
    (b) Any person or entity initiating any mobile service commercial 
message must:
    (1) Cease sending further messages within ten (10) days after 
receiving such a request by a subscriber;
    (2) Include a functioning return electronic mail address or other 
Internet-based mechanism that is clearly and conspicuously displayed 
for the purpose of receiving requests to cease the initiating of mobile 
service commercial messages and/or commercial electronic mail messages, 
and that does not require the subscriber to view or hear further 
commercial content other than institutional identification;
    (3) Provide to a recipient who electronically grants express prior 
authorization to send commercial electronic mail messages with a 
functioning option and clear and conspicuous instructions to reject 
further messages by the same electronic means that was used to obtain 
authorization;
    (4) Ensure that the use of at least one option provided in 
paragraphs (b)(2) and (b)(3) of this section does not result in 
additional charges to the subscriber;
    (5) Identify themselves in the message in a form that will allow a 
subscriber to reasonably determine that the sender is the authorized 
entity; and
    (6) For no less than 30 days after the transmission of any mobile 
service commercial message, remain capable of receiving messages or 
communications made to the electronic mail address, other Internet-
based mechanism or, if applicable, other electronic means provided by 
the sender as described in paragraph (b)(2) and (b)(3) of this section.
    (c) Definitions. For the purpose of this subpart:
    (1) Commercial Mobile Radio Service Provider means any provider 
that offers the services defined in 47 CFR Section 20.9.
    (2) Commercial electronic mail message means the term as defined in 
the CAN SPAM Act, 15 U.S.C. Section 7702. The term is defined as ``an 
electronic message for which the primary purpose is commercial 
advertisement or promotion of a commercial product or service 
(including content on an Internet website operated for a commercial 
purpose).'' The term ``commercial electronic mail message'' does not 
include a transactional or relationship message.
    (3) Domain name means any alphanumeric designation which is 
registered with or assigned by any domain name registrar, domain name 
registry, or other domain name registration authority as part of an 
electronic address on the Internet.

[[Page 55780]]

    (4) Electronic mail address means a destination, commonly expressed 
as a string of characters, consisting of a unique user name or mailbox 
and a reference to an Internet domain, whether or not displayed, to 
which an electronic mail message can be sent or delivered.
    (5) Electronic mail message means a message sent to a unique 
electronic mail address.
    (6) Initiate, with respect to a commercial electronic mail message, 
means to originate or transmit such messages or to procure the 
origination or transmission of such message, but shall not include 
actions that constitute routine conveyance of such message. For 
purposes of this paragraph, more than one person may be considered to 
have initiated a message. ``Routine conveyance'' means the 
transmission, routing, relaying, handling, or storing, through an 
automatic technical process, or an electronic mail message for which 
another person has identified the recipients or provided the recipient 
addresses.
    (7) Mobile Service Commercial Message means a commercial electronic 
mail message that is transmitted directly to a wireless device that is 
utilized by a subscriber of a commercial mobile service (as such term 
is defined in section 332(d) of the Communications Act of 1934 (47 
U.S.C. 332(d)) in connection with such service. A commercial message is 
presumed to be a mobile service commercial message if it is sent or 
directed to any address containing a reference, whether or not 
displayed, to an Internet domain listed on the FCC's wireless domain 
names list. The FCC's wireless domain names list will be available on 
the FCC's website and at the Commission headquarters, 445 12th St., 
SW., Washington, DC 20554.
    (8) Transactional or relationship message means any electronic mail 
message the primary purpose of which is:
    (i) To facilitate, complete, or confirm a commercial transaction 
that the recipient has previously agreed to enter into with the sender;
    (ii) To provide warranty information, product recall information, 
or safety or security information with respect to a commercial product 
or service used or purchased by the recipient;
    (iii) To provide:
    (A) Notification concerning a change in the terms or features of;
    (B) Notification of a change in the recipient's standing or status 
with respect to; or
    (C) At regular periodic intervals, account balance information or 
other type of account statement with respect to a subscription, 
membership, account, loan, or comparable ongoing commercial 
relationship involving the ongoing purchase or use by the recipient of 
products or services offered by the sender;
    (D) To provide information directly related to an employment 
relationship or related benefit plan in which the recipient is 
currently involved, participating, or enrolled; or
    (E) To deliver goods or services, including product updates or 
upgrades, that the recipient is entitled to receive under the terms of 
a transaction that the recipient has previously agreed to enter into 
with the sender.
    (d) Express Prior Authorization may be obtained by oral or written 
means, including electronic methods.
    (1) Written authorization must contain the subscriber's signature, 
including an electronic signature as defined by 15 U.S.C. 7001 (E-Sign 
Act).
    (2) All authorizations must include the electronic mail address to 
which mobile service commercial messages can be sent or directed. If 
the authorization is made through a website, the website must allow the 
subscriber to input the specific electronic mail address to which 
commercial messages may be sent.
    (3) Express Prior Authorization must be obtained by the party 
initiating the mobile service commercial message. In the absence of a 
specific request by the subscriber to the contrary, express prior 
authorization shall apply only to the particular person or entity 
seeking the authorization and not to any affiliated entities unless the 
subscriber expressly agrees to their being included in the express 
prior authorization.
    (4) Express Prior Authorization may be revoked by a request from 
the subscriber, as noted in paragraph (b)(2) and (b)(3) of this 
section.
    (5) All requests for express prior authorization must include the 
following disclosures:
    (i) That the subscriber is agreeing to receive mobile service 
commercial messages sent to his/her wireless device from a particular 
sender. The disclosure must state clearly the identity of the business, 
individual, or other entity that will be sending the messages;
    (ii) That the subscriber may be charged by his/her wireless service 
provider in connection with receipt of such messages; and
    (iii) That the subscriber may revoke his/her authorization to 
receive MSCMs at any time.
    (6) All notices containing the required disclosures must be clearly 
legible, use sufficiently large type or, if audio, be of sufficiently 
loud volume, and be placed so as to be readily apparent to a wireless 
subscriber. Any such disclosures must be presented separately from any 
other authorizations in the document or oral presentation. If any 
portion of the notice is translated into another language, then all 
portions of the notice must be translated into the same language.
    (e) All CMRS providers must identify all electronic mail domain 
names used to offer subscribers messaging specifically for wireless 
devices in connection with commercial mobile service in the manner and 
time-frame described in a public notice to be issued by the Consumer & 
Governmental Affairs Bureau.
    (f) Each CMRS provider is responsible for the continuing accuracy 
and completeness of information furnished for the FCC's wireless domain 
names list. CMRS providers must:
    (1) File any future updates to listings with the Commission not 
less than 30 days before issuing subscribers any new or modified domain 
name;
    (2) Remove any domain name that has not been issued to subscribers 
or is no longer in use within 6 months of placing it on the list or 
last date of use; and
    (3) Certify that any domain name placed on the FCC's wireless 
domain names list is used for mobile service messaging.
[FR Doc. 04-20901 Filed 9-15-04; 8:45 am]
BILLING CODE 6712-01-U