Incognito June 2024 — How to Stop Political Text Messages

Welcome to the June 2024 issue of Incognito, the monthly newsletter from DeleteMe that keeps you posted on all things privacy and security.

Here’s what we’re talking about this month: 

• Political text messages. They’re annoying and never-ending. Is there a way to opt out of them once and for all? 
• Recommended reads, including “US Spy Agencies Get a Rulebook for Purchasing Americans Data.”
• Q&A: How can I stop companies from using my data to train AI?

How many political SMS messages did you get today? What about this week?

As we get closer to November, those annoying messages will keep coming.

One of our readers even emailed us to report that political campaigns don’t honor opt-out requests and constantly change phone numbers, making blocking ineffective. 

So, what, if anything, can you do to fight back against political text spam? We took a deep dive to find out.

Auto-Dialing Is Illegal, But There Are Loopholes

The Federal Communications Commission (FCC) oversees communications in the US and enforces the Telephone Consumer Protection Act (TSPA), which prohibits political campaign-related auto-dialed/pre recorded voice calls and texts (except to landline phones) without the recipient’s prior express consent. 

Why, then, do you keep getting all those text messages even if you know for a fact you haven’t given political campaigns permission to send them to you?

Either:

1. You’ve given your consent without realizing it.

As cybersecurity expert Peter Tran said to WBZ News:

“If you have used your number in any type of online ordering, or any type of marketing, or any type of social media platform, those simple end user agreements may have in fine print that they may also share your phone number with other service providers.”

Or:

2. The text messages you’re getting are “peer-to-peer” (P2P), not application-to-person (A2P).

Unlike A2P text messages, which are automatically sent from an app to thousands of individuals, P2P messaging typically involves volunteers clicking “send” on text messages to each person at a time.

Because P2P texting involves human actions, these messages are not classified as auto-dialer and, therefore, get a pass. 

As the FCC says in their guidelines: 

“Political text messages can be sent without the intended recipient’s prior consent if the message’s sender does not use autodialing technology to send such texts and instead manually dials them.”

Text messaging services have made a business out of this loophole. Here’s how one P2P text messaging service sells its services:

“Best of all, peer-to-peer text messaging is TCPA-compliant. Since you are manually hitting send for every text and the text is sent from a 10-digit phone number, you can legally text anyone you have a phone number for, whether they’ve opted in or not.”

Mobile Carriers Can’t (or Won’t) Stop Them

Several years ago, carriers like T-Mobile and AT&T rolled out a new policy known as “10DLC,” requiring organizations—including political campaigns—that use +1 10DLC phone numbers and send a high volume of texts to register with The Campaign Registry (TCR), a “reputation authority.” 

Interesting: There was talk of TCR issuing “trust scores” that would determine how many texts an organization could send per day. 

The Intercept wrote at the time (2021) that “all registered campaigns will be required to get opt-in consent.” 

About a year later, Vox wrote about a political committee whose texting campaign was suspended after at least five recipients (out of ~50,000) complained about unsolicited texts. 

Where are we with 10DLC now? 

Up-to-date information on political 10DLC infringements is hard to find.

It looks like Scott Goodstein, who led Barack Obama’s texting program in 2008 and said he didn’t think 10DLC regulations would do much to stem political spam texts, was right. 

Goodstein’s reasoning was that the penalties for 10DLC infringement are too low, and there’s nothing stopping political campaigns from texting voters who opt out or complain from a different number.

Make It Stop!!!

Is stopping political spam texts actually possible? Our conclusion is: “Probably not.” At least not conclusively. 

Still, there are certain actions you can take, like texting back “STOP” or “CANCEL.” 

Note: Make sure your opt-out request comes from a number on the campaign’s texting list (and not a Google Voice number, for example); otherwise, the campaign won’t know who made the request. 

Opting out probably won’t completely stop the texts, but it might reduce the amount you receive. 

The other step you can take is to report political texts as being autodialed.

If you suspect the political text message you received is autodialed: 

• Forward the text to 7726 (or “SPAM”).
• File a complaint with the FCC at https://www.fcc.gov/complaints.

And blocking likely political spam from your phone’s inbox.

Try:

1. Downloading an app that can block texts based on keywords. You can add political keywords like “Democrats,” “Republicans,” “Survey,” “Voting,” “Vote,” etc.

2. Blocking both texts from unknown senders AND text message notifications until the election season ends. 

On iOs devices

Filter unknown senders: Settings > Messages, then flip “Filter Unknown Senders.”

Block text messages notifications: Settings > Messages > Notifications > Customize Notifications > Allow Notifications > Unknown Senders > Off.

On Android devices

Settings > Notifications > Do not disturb > toggle on Do not disturb > Calls and messages > Messages > Contacts only.

More Than Just An Annoyance

At least some of the political text messages being sent right now are actually from criminals.

Beware of texts that ask for your personal or financial information, and never click on links – even if the message looks legitimate. If you want to find out more about a specific campaign or make a donation, go to the campaign’s official website independently, i.e., through a Google search and not via a link in a text message. 

Tip: If you’re unsure whether a text is a scam, ask online (on forums like Reddit and social media like X). Chances are, other people received the same message, too. 

We’d Love to Hear Your Privacy Stories, Advice and Requests

Do you have any privacy stories you’d like to share or ideas on what you’d like to see in Incognito going forward? 

Don’t keep them private!

We’d really love to hear from you this year. Drop me a line at laura.martisiute@joindeleteme.com.  

I’m also keen to hear any feedback you have about this newsletter.

Recommended Reads

Our recent favorites to keep you up to date in today’s digital privacy landscape. 

Dell Breach Affects 49M Customers

In May, Dell confirmed a data breach that exposed the personal information of 49 million customers. The information, which has been put for sale on the dark web, allegedly dates back seven years and involves customer order data, including warranty information, customer names, order numbers, and physical addresses. Cybersecurity experts worry that cybercriminals will use this information for phishing attacks. 

US Spy Agencies Get a Rulebook for Purchasing Americans Data

Director of National Intelligence Avril Haines issued a framework to guide how US intelligence agencies collect and use commercially available data on Americans and foreigners. The framework doesn’t mandate agencies to get a warrant before acquiring this data and, according to Sen. Ron Wyden, D-Ore, who released documents confirming intelligence agencies were purchasing Americans’ data from data brokers earlier in the year, is generally too vague.

FCC Fines Verizon, AT&T, and T-Mobile $200M for Location-Data Sharing

The Federal Communications Commission (FCC) fined the largest US wireless carriers—AT&T, Verizon, T-Mobile, and Sprint—almost $200 million for illegally sharing access to customer real-time location data without consent. The fines come from a claim brought against the carriers (including Sprint, which has since been acquired by T-Mobile) by the FCC in 2020. All three carriers believe the fine is unfair and plan to appeal it. 

Microsoft’s New AI Feature a “Privacy Nightmare” 

Microsoft’s new AI computers, Copilot + PCs, will come with an AI feature called “Recall.” This feature will take and save regular screenshots of a user’s screen (storing them on the device), allowing the user to find anything they’ve ever seen on their PC. Privacy experts are concerned about this feature, and the UK’s Information Commissioner’s Office (ICO) is looking into it to understand what safeguards are in place to protect users’ privacy.

You Asked, We Answered

Here are some of the questions our readers asked us last month.

Q: How can I stop companies from using my data to train AI?

A: What a great question! 

First things first: Whatever personal data of yours is on the web right now has more than likely already been scraped by various companies to train their AI models. 

Can you remove this data from their systems? Probably not.  

But you can opt out of future scraping. 

Since many companies bury the opt-out option somewhere they know most people won’t find it, here are direct links to AI opt-outs or instructions for the same (for some of the most popular services – if we’re missing a service that allows you to opt out of your data being used to train AI models, email us at laura.martisiute@joindeleteme.com):

• Meta (Facebook, WhatsApp, Instagram, Meta Quest, Threads)
• Tumblr
• Adobe
• ChatGPT
• DALL-E 3
• Quora
• Substack
• WordPress
• Dropbox (only available for some accounts)
• Slack (Basically, you have to contact the Slack Customer Experience team at feedback@slack.com with your workspace/org URL and the subject line ‘Slack global model opt-out request’). 

And of course, remember that anything you post online is fair game for companies like Google looking to train their AI models. 

Q: Any way to make LinkedIn more private?

A: There are so many things you can do to make your LinkedIn more private. We actually wrote a whole blog post on this. 

Read it to learn how to:

• Stop your LinkedIn profile from showing up in Google Search results.
• Edit who can see your connections. 
• Limit data sharing with third-party researchers.
• Enable anonymous browsing (this one is my personal favorite)
• Turn off targeted ads
• And more! 

Back to You

We’d love to hear your thoughts about all things data privacy.

Get in touch with us. We love getting emails from our readers (or tweet us @DeleteMe).

Don’t forget to share! If you know someone who might enjoy learning more about data privacy, feel free to forward them this newsletter. If you’d like to subscribe to the newsletter, use this link.

Let us know. Are there any specific data privacy topics you’d like us to explore in the upcoming issues of Incognito? 

That’s it for this issue of Incognito. Stay safe, and we’ll see you in your inbox next month.