Understanding AI’s potential and risks in an evolving TCPA landscape
In our latest webinar “AI’s Moral Compass: Harnessing its good and confronting its dark side”, we engaged in an in-depth discussion with our Chief Revenue Officer (CRO), Margaret Wise, Michele Shuster, Attorney Partner at MacMurray & Shuster, and Rich Kahn, CEO of Anura, on the evolving regulatory environment and the considerations for businesses using artificial intelligence (AI) in and around lead generation and contacting consumers.
As we venture into uncharted territory with generative AI attracting regulatory scrutiny from the Federal Communications Commission (FCC), Federal Trade Commission (FTC), and other governmental bodies, we’d like to take a closer look at the key questions that you should consider when incorporating generative AI around your marketing strategies.
In what ways can AI affect businesses, positively and negatively?
In Rich Kahn’s own words: “The best way I can describe AI – for good and bad – was when I got inside the first Tesla that drove itself and I let it take control of the car for the first time. And the only way I can describe it is ‘scary cool’. Right? Because it’s this new technology that you can see 20 years down the road – this is gonna be the technology – but you’re in it 20 years before it’s ready and you really don’t have a lot of control over it. And that’s kind of what AI is all about now.”
As Rich explains, AI offers numerous benefits, particularly in content creation, information retrieval, and process optimization. Its capabilities extend far beyond, enhancing efficiency and productivity across various domains. However, with the advent of new technologies, there are inevitable risks due to their potential misuse by malicious individuals.
As Rich goes on to elaborate, in the cybersecurity realm, AI tools are employed by bad actors to commit fraud on websites. This misconduct spans a spectrum of deceptive practices, not limited solely to the issue of visitor fraud but extending to a broader range of illicit activities as well.
VPNs (Virtual Private Networks) can play a crucial role in enhancing security and privacy by encrypting data and protecting user identities, making it more difficult for malicious actors to exploit vulnerabilities or intercept sensitive information.
According to Rich, despite these challenges, the positive implications of AI are worth noting. AI’s ability to quickly analyze vast datasets far surpasses human capacity, providing invaluable insights and discoveries in a fraction of the time it would take data analysts.
We’re still in the early stages of AI development, which makes the future both exciting and somewhat unpredictable: “That’s why I say it’s ‘scary cool’ because we just don’t know what’s coming down the road,” says Rich.
What’s the most crucial precaution businesses should take when implementing AI?
According to attorney Michele Shuster, the type of business matters greatly when considering AI uses and technology integration. However, “one of the things that we would recommend that companies look at first is: do you have sensitive or private information that would be used to feed an AI source that would be publicly available?”
For example, ChatGPT draws from a communal knowledge base. Inputting confidential business information into such systems as part of a query could result in confidentiality issues and may even contravene data protection laws.
According to Michele, it’s crucial for businesses to realize the importance of monitoring the data they’re feeding into generative AI systems. Establishing clear policies and boundaries about generative AI usage could prevent unintended data disclosures. Incorporating generative AI within your marketing strategies also calls for implementing AI safety measures to safeguard against vulnerabilities and minimize potential risks.
Furthermore, the use of AI bots recording calls requires close attention. As Michele explains, in some states, notably California, consent must be obtained before any such recordings are made. Without consent, companies might face claims of illegal recording or surveillance, leading to hefty fines – up to $5,000 per incident. This underscores the importance of being mindful of these regulations and using AI responsibly.
Should AI be included within the company’s cybersecurity handbook, integrated into the employee handbook, or established as a distinct set of policies and guidelines?
According to Rich, “it makes sense to have its own separate policy” for AI.
He’s noticed a trend where certain organizations and individuals establish standalone policies in areas such as non-competes and computer usage. Therefore, with AI policy potentially expanding in scope, its separation can ensure clarity and prevent it from getting buried in increasingly voluminous employee handbooks.
In his view, a standalone AI policy is a prudent measure to ensure prominence and accessibility.
According to Michele, “It depends on the size and the sophistication of the business.”
A universal policy on AI usage might work, but specific departments, like IP and customer service, require tailored guidelines. It’s crucial to evaluate how AI is or will be used in your business and establish appropriate safeguards. Legally, intellectually, or technologically, the factors vary. As Michele advises, grasping this early on is vital, as AI risks and harms are still emerging.
Is there potential for AI to be implemented to auto detect revocation language to expedite the opt out process and keep up with the FCC’s latest requirements?
According to Rich, “I would say you can do anything in code. AI is code, right? So, if you can think it, you can make it happen.”
As he goes on to elaborate, the ability of AI to auto-detect is readily accessible today, as long as developers stay abreast of current laws and industry trends. This is where the potential of AI becomes fascinating, offering us the capability to bring any concept to life.
Innovators are utilizing AI for beneficial advancements, while others may choose to harness it for less ethical objectives. Technology itself, much like the advent of automobiles, isn’t inherently negative; it’s the intentions of the users that define its impact. According to Rich, despite technology’s neutrality, “bad actors are bad actors no matter what technology or what type of stuff you give them.”
The language surrounding opt-out and revocation is in a state of constant change, with increasingly tighter deadlines for your systems to react and comply. Additionally, a growing number of terms are now being recognized as signs of revocation, necessitating a proactive approach. So, according to our CRO, Margaret Wise, leveraging AI for analysis and summarization to help remain at the forefront of these developments represents a smart strategy for staying compliant.
Should businesses hesitate to implement AI due to the complexity of compliance, or is it still advisable to move forward with it?
As Rich explains, in the foreseeable future, within the next decade or two, it’s inevitable that AI will come under stricter regulation. Its potential for both beneficial and harmful applications demands that control measures be put in place to safeguard consumer interests.
According to Rich, businesses shouldn’t shy away from leveraging AI technology – on the contrary, they should harness it. By using AI ethically and sensibly, companies align themselves with the protection that future regulations will offer. Ultimately, as a society, our goal is to adopt this emerging technology enthusiastically but to do so with a strong sense of responsibility, as we should with all technological advancements.
Will AI voice or text sequences be acceptable to use under the new one-to-one consent laws that will be coming into effect soon?
As Michele says, “Just make sure that whatever you’re doing, you’re covering that in the [consent] language. And I do think that if you are getting consent anyway, getting consent to use a pre-recorded or artificial voice is something you should just do as a best practice.”
AI robocalls
AI robocalls refer to automated telephone calls that use artificial intelligence technologies to simulate human conversations. These calls are programmed to deliver pre-recorded messages or engage in interactive communication with the recipient, often without direct human oversight.
AI robocalls can adapt their responses based on the input from the person answering the call, making them more sophisticated than traditional robocalls that simply play a recorded message. They are commonly used for a variety of purposes, including marketing, customer service, and public information campaigns. However, their ability to mimic human interaction raised ethical concerns, which led to the FCC stepping in this past year.
Recent AI robocall rules updated under TCPA
In February 2024, according to the FCC, AI robocalls are now illegal without first obtaining prior express written consent (PEWC). From the FCC press release on February 8, 2024:
“The Telephone Consumer Protection Act is the primary law the FCC uses to help limit junk calls. It restricts the making of telemarketing calls and the use of automatic telephone dialing systems and artificial or prerecorded voice messages. Under FCC rules, it also requires telemarketers to obtain prior express written consent from consumers before robocalling them. This Declaratory Ruling ensures AI-generated voices in calls are also held to those same standards.”
If you are using AI to transcribe calls, does it need to be disclosed?
As explained by Michele, on a federal level, recording or monitoring a phone call meets legal requirements with just one party’s consent. However, in approximately 12 to 14 states, you’ll need all parties involved to agree. Failing to get this consent might expose you to lawsuits and financial penalties.
Therefore, as Michele says, “The transcribing of those calls is gonna fit under those eavesdropping laws because in order to transcribe it, you have to record it or monitor it in some way.” These activities are precisely what the regulations aim to manage.
How can you use AI to help with the new FCC regulation in regards to TrustedForm?
TrustedForm provides independent lead certification used for legal compliance (TCPA) and campaign optimization. If you’re considering TrustedForm, it’s essential to recognize its primary function: it provides independent proof of lead generation events. Incorporating TrustedForm helps provide proof of consent, assisting with record-keeping requirements, by providing a sharable record of the consent transaction.
With TrustedForm’s Verify feature, you get the benefit of analyzing consent language before accepting the lead, so you can have visibility and decisioning rules set up for potential leads.
Additionally, TrustedForm Insights offers a deeper analysis of related lead form metadata for additional data-based insights into lead performance or source metrics. While it can go beyond TCPA notice and consent needs, leveraging TrustedForm Insights can be revolutionary in risk decisioning and lead management. Our most sophisticated customers utilize TrustedForm Insights for even more strategic lead performance assessments.
We invite you to connect with our team for a more in-depth discussion about how TrustedForm can significantly enhance your lead management processes.
Key takeaways
Here are the main takeaways that we were able to gather from our conversation with attorney Michele Shuster and fraud expert Rich Kahn:
- “You’re gonna have different sides of the coin, you’re gonna have good and bad for both of what [AI] can do.”
- “We’ve always considered that AI is an artificial voice and that, as an artificial voice, it would be regulated under the TCPA and require prior express written consent for marketing telephone calls, so we see [the FCC] moving in that direction.”
- “If you’re gonna use artificial intelligence to place telephone calls, you’re gonna have to get consent from your called parties.”
Stay ahead of the curve on TCPA changes with ActiveProspect’s help. Watch the full episode of our latest webinar “AI’s Moral Compass: Harnessing its good and confronting its dark side” and sign up for our FCC webinar series by clicking here.
For regular TCPA updates, ensure you’re in the know by subscribing to InsideCBM today!
DISCLAIMER: This page and all related links are provided for general informational and educational purposes only and are not legal advice. ActiveProspect does not warrant or guarantee this information will provide you with legal protection or compliance. Please consult with your legal counsel for legal and compliance advice. You are responsible for using any ActiveProspect Services in a legally compliant manner pursuant to ActiveProspect’s Terms of Service. Any quotes contained herein belong to the person(s) quoted and do not necessarily represent the views and/or opinions of ActiveProspect.