Do you use QR codes in connection with your collection activities? If you do, you probably actually know what the things are.

I didn't, and so I headed for Mr. Google to see what I could learn. His reply was that a QR code (abbreviated from Quick Response Code) is the trademark for a type of "matrix, or two-dimensional barcode" first designed for the Japanese car industry. A barcode (in case you are as dense as I am) is a machine-readable optical label that contains information about the item to which it is attached. Evidently some debt collectors and creditors show QR codes on the outside of collection correspondence to debtors.

So, what's the problem, you ask? Read on, and you'll find out.

After John Daubert incurred medical debt, the medical service provider forwarded his billing information to Medical Billing and Management Services, a third-party billing provider. MBMS received Daubert's cell phone number with his billing information.

Daubert defaulted on the debt, and MBMS hired NRA Group, LLC, a debt collector, to collect the debt. MBMS provided Daubert's billing information and cell phone number to NRA. NRA sent Daubert a collection letter with a QR code on the outside. When scanned, the QR code revealed Daubert's account number. NRA also placed approximately 69 phone calls using an automated dialer to Daubert's cell phone.

Daubert sued NRA, arguing that the QR code on the letter revealed the existence of his debt and that the revelation violated the Fair Debt Collection Practices Act. Daubert also claimed that NRA violated the Telephone Consumer Protection Act by failing to obtain his consent before calling his cell phone using an autodialer. Daubert moved for summary judgment. The U.S. District Court for the Middle District of Pennsylvania denied Daubert's motion with respect to his FDCPA claim, but granted it with respect to his TCPA claim.

First, the court considered Daubert's FDCPA claim and found that the QR code was capable of revealing his account number. The court applied the precedent in Douglass v. Convergent Outsourcing, 2014 U.S. App. LEXIS 16628 (3d Cir. (E.D. Pa.) April 8, 2014), in which the Third Circuit held that a consumer's account number on the face of an envelope violated the FDCPA by showing the existence of the debt.

In this case, the court reasoned that NRA's placement of the QR code on the outside of the envelope violated the FDCPA because the QR code was capable of revealing the account number which, in turn, according to the Third Circuit in Douglass, revealed the existence of the debt.

The court rejected NRA's argument that the envelope on its face did not reveal the existence of the debt because a third party would have to scan the code to learn the account number. Instead, the court explained, the issue is whether the QR code is capable of revealing the debt's existence, not whether the envelope reveals the debt's existence on its face.

NRA raised a bona fide error defense, arguing that when it sent the letter to Daubert, it reasonably relied on interpretations in other jurisdictions and in Pennsylvania, all of which held that a QR code on the outside of a debt collection envelope does not violate the FDCPA. The court drew a distinction between a mistake of law, typically not a basis for the bona fide error defense, and a misinterpretation of an unsettled issue of law, which is typically a basis for the bona fide error defense. The court denied Daubert's summary judgment motion on his FDCPA claim, holding that a reasonable jury could conclude that NRA satisfied the bona fide error defense by relying on interpretations of an unsettled issue of law.

Next, the court considered Daubert's TCPA claim. The court first found that NRA's autodialer was subject to the TCPA, even though a human intervened to program the call campaign into the dialer, because the dialer was capable of making automated calls to consumers without further human intervention after the call campaign was programmed.

Next, the court considered NRA's affirmative defense that Daubert consented to receive calls from an autodialer on his cell phone. The court found that Daubert did not have to provide consent directly to NRA to contact him using an autodialer on his cell phone, as long as Daubert provided consent to either the medical service provider or MBMS to receive billing or payment-related phone calls from an autodialer on his cell phone. Because NRA failed to provide any evidence that Daubert consented, except to state that both NRA and MBMS received Daubert's cell phone number without conducting any independent research, the court found that NRA failed to establish the defense of consent and granted summary judgment for Daubert on his TCPA claim.

What's to learn here? If you are using QR codes on envelopes to customers in your collection efforts, or a debt collector or other party is using them on your behalf, it's time to go to law school and do a bit of policy review. And, just because you are a "first-party" creditor, exempt from the FDCPA, doesn't mean you're off the hook. The Consumer Financial Protection Bureau pays close attention to FDCPA case law and is not afraid to apply those standards against creditors that would not otherwise be subject to the FDCPA.

Daubert v. NRA Group, LLC, 2016 U.S. Dist. LEXIS 69630 (M.D. Pa. May 27, 2016).