Outbound Campaign Compliance

Check Security and Privacy Compliances @a user

Draft: For Internal Use

Important Notes:

21 Oct 2024 Internal Requirements: SIP Trunk & EF CC Discussion

• DNC List pre-requirements
• Legality of doing outbound campaigns in Europe and US (and Australia)
• Will this be ready in Q1 2025?
• Discuss the above with @a user

__________________________________________________________________________________________________________________________________________________________

Overview

Outbound Campaign Compliance

• Business requirements

• Technical requirements

• Teams Integration

Campaign Compliance

Initiating campaigns while aligning with the legal standards. More details: Meeting notes | DNC/-List-Management

DNC List

Do Not Call refers to the rules and regulations set by governing bodies that require businesses conducting outbound campaigns to maintain a list of individuals who do not wish to be contacted. This list ensures the business refrains from including those individuals in any future outbound efforts.

Do not call customers on the National Do-Not-Call list unless you have an exemption or consent. DNC prohibit calls to a consumer who has asked not to be called again.

Unlike inbound calls, the use of predictive dialers is regulated by various state and federal laws, depending on the intent of the outbound call. For businesses involved in telemarketing, adhering to Do Not Call registries has evolved from being a voluntary internal practice to a requirement under state and federal regulations.

Telephone Consumer Protection Act

A U.S. federal law was enacted in 1991 to regulate telemarketing communication. The Act (TCPA) restricts the use of pre-recorded voice messages, automated dialing systems, as well as SMS and fax communications.

Key provisions:

• Calls can only be made between 8:00 AM and 9:00 PM local time for the recipient.

• Obtain prior express consent, honoring Do Not Call (DNC) lists,

• Provide a clear opt-out mechanism

• Track and maintain records of consent

Telemarketing Sales Rule

The Telemarketing Sales Rule (TSR), enforced by the Federal Trade Commission (FTC), works in conjunction with the Telephone Consumer Protection Act (TCPA) and sets specific guidelines for telemarketing activities.

Key guidelines:

• Avoid contacting individuals who have registered their numbers on the National Do Not Call (DNC) list unless they have prior written consent.

• Calls can only be made between 8:00 AM and 9:00 PM local time for the recipient.

• Disclose certain information during calls, including the seller’s identity, the purpose of the call and any terms related to the promotion/sales.

• Prohibits misinterpretation of products, services and offers.

• Set payment restrictions for the sale of certain goods and services.

• Requires companies to keep business records (sales, customer information) for 24 months.

Exemptions to Federal Regulations

While most organizations that use outbound dialing are subject to the TCPA, TSR, and the Federal Do Not Call Registry, there are certain circumstances where these federal regulations do not apply.

Banks, telephone companies, airlines and non-profit organizations are exempt from TSR. However, third-party companies providing marketing services for these entities are still required to comply with the TSR regulations.

Exemptions include:

• Written consent is an exemption to both the National Do-Not-Call list and the state DNC list. An individual can be on the National DNC list; they can be called if they have given written permission to make telemarketing calls.

• If someone gives new written consent, they can be removed from the internal opt-out list and resume telemarketing to them.

• Established business relationship exemption (EBR) is defined as when the consumer has bought something from the company or paid the company within the last 18 months (transaction EBR) or has made a product or service inquiry within the previous three months (inquiry EBR). These customers can be contacted even if they’re on the National DNC list.

• Business-to-business calls: depends on the type of B2B solicitation (for example, do not call the business with an intent to sell to individual employees). Business phones may not be registered on the Federal Do Not Call Registry.

Managing DNC in dialer see Meeting notes | DNC/-List-Management

Australian Communications and Media Authority (ACMA)

The telemarketing regulations in Australia, enforced by ACMA, provides guidelines for outbound campaigns. Key guidelines as are follows:

• Do not contact individuals whose numbers are registered on the Do Not Call (DNC) Register unless prior consent has been obtained.

• Telemarketing calls are permitted between

  • 09:00 and 20:00 on weekdays

  • 09:00 and 17:00 on Saturdays

  • Calls are prohibited on Sundays and public holidays.

• Disclose certain information during calls, including the seller’s identity, the purpose of the call and any terms related to the promotion/sales.

• Prohibits misinterpretation of products, services and offers.

• Provide clear and easy options for recipients to opt out of future calls.

• Promptly terminate called upon request.

National Do Not Call Registry in India

In India, the National Customer Preference Register (NCPR), managed by the Telecom Regulatory Authority of India (TRAI), allows consumers to opt out of receiving unsolicited commercial communications (UCC) from telemarketers. key guidelines:

• Avoid contacting individuals who have registered their preferences with the NCPR unless they have explicitly opted in for specific categories of communications.

• Customers can opt-out entirely or selectively choose to receive messages related to specific categories, such as banking, real estate, or education.

• Unsolicited calls and messages must comply with prescribed time limits, restricted to between 09:00 and 21:00 local time.

• Register with TRAI and scrub contact list against the NCPR to avoid contacting individuals who have opted out.

• Disclose certain information during calls, including the seller’s identity, the purpose of the call and any terms related to the promotion/sales.

• Prohibits misinterpretation of products, services and offers.

• Implement mechanisms to allow consumers to report violations easily (such as via the DND 3.0 mobile app or by calling 1909.)

Telephone Preference Service (TPS) UK

The Telephone Preference Service (TPS) outlines rules to prevent unsolicited telemarketing calls and ensure consumer privacy. TPS is the UK’s official “Do Not Call” register for landline and mobile numbers.

Key guidelines:

• Do not contact individuals whose numbers are registered on the TPS unless prior consent has been obtained.

• Telemarketing calls are permitted between

  • 09:00 and 21:00 local time on weekdays

  • 09:00 and 17:00 on Saturdays

  • Calls are prohibited on Sundays and public holidays.

• Disclose certain information during calls, including the seller’s identity, the purpose of the call and any terms related to the promotion/sales.

• Prohibits misinterpretation of products, services and offers.

• Provide clear and easy options for recipients to opt out of future calls.

• Ensure compliance with PECR by maintaining updated contact lists and checking them against the TPS database every 28 days.

Business Requirements

The objective is to ensure that all campaigns adhere to relevant regulations, including Do Not Contact (DNC) lists, opt-in/opt-out requirements, and data privacy laws.

Personas

……….

Internal List Management

• internal phone books and call transfer functionality

DNC List integration

• The system should cross-reference outbound campaign contact lists with updated DNC lists to block any numbers registered as "Do Not Contact."

  • Must comply with national DNC regulations, such as,

    • NDNC in India

    • TPS in the UK

    • TSR and TCPA in the USA

    • ACMA in Australia

    • Exemptions to Federal Regulations

Consent Tracking

• The system must track the consent status of each contact. Only contacts who have opted in to receive marketing communications can be included in campaigns

Audit Logging

• A comprehensive audit trail should be maintained, recording all campaign interactions, consents, and opt-outs.

Real-Time Compliance Monitoring

• The system should monitor compliance in real-time during campaign execution

  • Real-time list access and synchronization, especially for importing and comparing lists with DNC lists to ensure compliance.

Contact List Upload and Validation

• Ensure the system automatically checks for:

  • duplicates

  • missing fields, and

  • invalid entries (e.g., invalid phone numbers) when uploading CSV files for campaigns.

• Differentiate customer lists and other types of lists, such as public directories and CRM lists.

Custom Fields & Contact Attributes

• the system should support custom fields for contacts, ensuring only necessary and relevant information is stored in compliance with data minimization principles.

TECHNICAL REQUIREMENTS

API Integration with DNC Services

• The system should integrate with external DNC list providers via API to ensure real-time list updates.

Encrypted Data Storage

• All stored data should be encrypted to ensure compliance with data security laws

Compliance Dashboard

• Provide a dashboard that tracks the compliance status of ongoing campaigns, displaying key metrics such as:

  • DNC list matches,

  • consented contacts, and

  • flagged issues.

TEAMS INTEGRATION (High priority)

• Teams notifications

  • Show real-time information such as presence status and calendar entries for call transfer.

  • Integration with:

    • external calendars, and

    • internal phone directories is required for accurate call transfers.

  • A widget for searching and transferring calls.

  • synchronize lists, detect duplicates, and compare lists against DNC lists

APIs for integration with third-party applications