Skip to content

Frequently Asked Questions

Who needs to comply with the DNC list?

Companies who make outbound telephone calls or send text messages containing sales or marketing messages must comply with the National Do Not Call (DNC) Registry rules and regulations. It is important to note that individual state Do Not Call laws may also apply.

What is the TCPA?

The Telephone Consumer Protection Act (TCPA) is the primary federal law governing the regulation of telephone solicitations. It was first signed into law by President George H.W. Bush in 1991 and has remained the bedrock of federal telemarketing regulations ever since. Further legislation, such as 2019’s TRACED Act, and rulemaking by the Federal Communications Commission (FCC) and Federal Trade Commission (FTC) have built on the TCPA’s foundation. Numerous court decisions—including recent, prominent ones from the Supreme Court—have further entrenched the TCPA’s regulatory preeminence.

TCPA & DNC Fines

Maximum Standard TCPA Fine

$500 per violation

Maximum Treble TCPA Fine

$1,500 per willful violation

Maximum DNC List Fine

$43,792 per violation

 

Who Must Comply With the TCPA?

The TCPA regulates telephone solicitations. Therefore, any person, business, or entity that conducts telephone solicitations should comply with the TCPA. The TCPA covers voice calls, faxes, VoIP calls, and text messages.

The text of the law itself defines “telephone solicitation” as "the initiation of a telephone call or message for the purpose of encouraging the purchase or rental of, or investment in, property, goods, or services, which is transmitted to any person, but such term does not include a call or message (A) to any person with that person’s prior express invitation or permission, (B) to any person with whom the caller has an established business relationship, or (C) by a tax exempt nonprofit organization.”

The TCPA does not solely apply to the entities that conduct calling campaigns. Entities may be found vicariously liable for TCPA violations committed by agents that the entities have hired to conduct their calling campaigns, even if the hiring entities did not commit the violations directly.

 

What Are the Requirements of the TCPA?

The TCPA contains a number of different provisions. In order to avoid committing TCPA violations, callers must comply with all of these requirements.

Calling Time Restrictions

Callers may contact residential consumers only between 8:00 AM and 9:00 PM (recipient’s time zone).

Internal Do Not Call (DNC) List

Callers are required to maintain an internal DNC list of consumers who asked not to be called or texted.

Automatic Telephone Dialing Systems (ATDS)

The TCPA restricts autodialed marketing calls and texts to cell phones and other devices where the recipient might be charged for the call without prior express written consent, and non-marketing autodialed calls without prior express consent.

Robocalls

The TCPA does not allow the use of an artificial or prerecorded voice to be used to call a residential landline or wireless number for marketing purposes without prior express written consent.

Identification Requirements

Among other things, the TCPA requires the caller to provide their name, the name of the company on whose behalf they are calling, and a telephone number or address which can be used to contact them again.

National Do Not Call Registry

Marketers are required to suppress phone numbers on the National Do Not Call Registry. Remember that some states have their own local DNC lists as well, separate from the federal list.

 

How Is the TCPA Enforced?

The TCPA allows for a variety of enforcement mechanisms. The most significant is a private right of action that allows consumers to bring individual lawsuits and class actions. In 2019 and 2020, more than 3,000 TCPA complaints were filed in federal court. The TCPA is a strict liability statute with uncapped statutory damages and per-violation penalties that can be as high as $500-per-violation. Willful violations can be trebled as high as $1,500-per-violation. All of these elements combine to make for settlements and judgments in TCPA class actions that routinely reach tens of millions of dollars. One TCPA class action resulted in $925 million worth of penalties against a debt collector.

Additionally, through the TCPA itself and its legislative successors such as the TRACED Act, the TCPA gives the authority to enact regulatory enforcement to a number of government entities. In particular, the FCC and FTC have broad regulatory powers to enforce the TCPA.

 

What Are the Biggest TCPA Risks?

Reassigned Numbers

Nearly 100,00 numbers are reassigned each day. Since consent is associated with the called party and not the phone number, the possibility of contacting reassigned numbers brings an enormous amount of TCPA risk.

Personal Liability

In certain situations, executives and compliance officers are being targeted personally for litigation stemming from TCPA violations. This risk compounds the already unnecessarily punitive nature of TCPA litigation.

DNC Violations

Following the Supreme Court’s decision in Facebook v. Duguid, TCPA litigators have turned their focus to alleging DNC violations. Additionally, an increased emphasis on state-level telemarketing regulations is likely to raise the risk level of DNC violations. There are different DNC lists—federal, state, and internal DNC—and DNC compliance is taking on renewed importance.

Inaccurate Data

Marketers often acquire contact information from outside lead generators. While this can be a valuable source of new leads, it also brings the possibility of inaccurate or outdated data. Having the wrong information is often the first step in the pathway to TCPA violations.

 

Why Is the TCPA So Costly?

There are four key elements of the law itself that combine to make it the perfect vehicle for truly outlandish settlements and judgments.

Strict Liability Statute

The TCPA is a strict liability statute, meaning no forgiveness is given for unknowing or good faith mistakes. Marketers can rack up thousands of violations (or more) without even realizing that they are doing so and the TCPA offers no forgiveness. In fact, there are treble penalties for knowing violations.

Uncapped Statutory Damages

This element of the TCPA makes it such a costly source of litigation is the fact that it has uncapped statutory damages. The only limit on how large a penalty can be assessed is how many violations were committed.

 

Private Right of Action

The law’s private right of action—and court opinion determining that it can be used to pursue nationwide class actions—allows for such enormous penalties for TCPA violations. While the FCC has, on occasion, levied large fines for violations of telemarketing laws, that sort of regulatory action rarely happens at the scale and frequency of class actions brought by plaintiffs under the TCPA’s private right of action.

Per-Violation Penalties

TCPA penalties are assessed on a per-violation basis—up to $500-per-violation and up to $1,500-per-willful-violation. Combined with the uncapped statutory damages, these penalties can add up.

 

These four elements combine to make the TCPA an unprecedentedly lucrative vehicle for litigation. This has, unsurprisingly, encouraged a veritable cottage industry of TCPA litigators and professional plaintiffs to seek out and, in some cases, manufacture as many and as costly TCPA lawsuits and class actions as possible.

Four Most Dangerous Elements of TCPA Litigation

Strict Liability Statute

Companies are legally responsible regardless of fault or intent

Uncapped Statutory Damages

Companies may be liable for exorbitant damages

Private Right of Action

Consumers may bring individual lawsuits and class actions

Per-Violation Penalties

Multiple TCPA violations can be applied to a single call

 

What About State-Level Telemarketing Laws?

There are dozens of state-level telemarketing laws, with new ones being passed every year. Many of these state laws are modeled on the TCPA and often make use of the National DNC Registry. But it is important to note that the TCPA expressly does not preempt state or local telemarketing regulations. Compliance with regulations at every level is mandatory.

Are small companies exempt from the TCPA?

There is no exemption to the Telephone Consumer Protection Act (TCPA) based on company size.

How many numbers are on the DNC list?

There are over 200 million phone numbers on the National Do Not Call (DNC) Registry.

How many DNC lists are there?

In addition to the National Do Not Call (DNC) Registry, there are 11 individual state Do Not Call lists, including Colorado, Florida, Indiana, Louisiana, Massachusetts, Missouri, Oklahoma, Pennsylvania, Tennessee, Texas, and Wyoming.

Do companies need to keep an internal DNC list?

Every company engaged in outbound telephone solicitation must maintain an internal Do Not Call (DNC) list. Requests to have a phone number placed on an internal Do Not Call list should be honored immediately and must remain on the list indefinitely, or until the consumer chooses to opt back in. Some states have no limit on how long you must honor an opt-out.

I only take inbound calls but occasionally may call outbound for follow-up, or I only call Internet leads. Do I need to adhere to the Do Not Call list rules?

The National Do Not Call (DNC) Registry and most state registries allow you to make calls in response to consumer inquiries. The general Federal Trade Commission (FTC)/Federal Communications Commission (FCC) rule is that you have 3 months from the established relationship in which to make such calls.

For more information on this topic, check out our FAQ entries on Established Business Relationships (EBR).

What is the penalty for violating Do Not Call list rules?

A violation of the Do Not Call (DNC) provision of the Telemarketing Sales Rule (TSR) can be up to $43,792 per call. The fines for a violation of state Do Not Call rules can vary from $100 up to $25,000 per call.

How do I get a copy of the DNC list?

If you are a for-profit seller that directly (or indirectly through vendors) makes outbound calls to sell goods or services to residential telephone numbers, and you do not fall under any applicable exemption, then you must purchase a subscription to the National Do Not Call (DNC) Registry.

For more information, click HERE.

Is my business considered telemarketing?

A telemarketer is a company or non-profit entity that engages in telephone solicitation. If this definition fits your business, then it is considered telemarketing.

What is the TSR?

First enacted into the federal register in 1995 and amended numerous times since, the Telemarketing Sales Rule (TSR) is the Federal Trade Commission’s (FTC) primary document for enforcing telemarketing regulations, particularly the National Do Not Call (DNC) Registry. According to the FTC’s rule summary, the TSR “requires telemarketers to make specific disclosures of material information; prohibits misrepresentations; sets limits on the times telemarketers may call consumers; prohibits calls to a consumer who has asked not to be called again; and sets payment restrictions for the sale of certain goods and services.”

Do I need to register as a telemarketer in all 50 states?

You only need to register as a telemarketer in the states where you make calls, provided that those states require registration. 32 states and the District of Columbia currently require registration. 

Those states are as follows: Alabama, Alaska, Arizona, Arkansas, California, Colorado, Delaware, Florida, Idaho, Indiana, Kentucky, Louisiana, Maine, Mississippi, Montana, Nevada, New Jersey, New York, North Carolina, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Dakota, Texas, Utah, Vermont, Washington, West Virginia, Wisconsin, and Wyoming.

My call center is not in the US. Do I need to comply with US telemarketing regulations?

If you are calling consumers in the United States, you need to comply with the appropriate telemarketing regulations. Any region-specific aspects of these regulations apply to the location of the called party, not of the caller.

Are B2B calls exempt from TCPA regulations?

It is a common misconception that Business to Business (B2B) calls are not covered under the Telephone Consumer Protection Act (TCPA). B2B calls and texts are subject to the same TCPA wireless restrictions as Business to Consumer (B2C). The use of any kind of Automatic Telephone Dialing System (ATDS) to send marketing calls or texts to a wireless number is illegal under the TCPA without prior express written consent.

Further Reading

What is an EBR?

Pennsylvania’s Telemarketer Registration Act provides a useful definition of an Established Business Relationship (EBR): “A prior or existing relationship formed by a voluntary two-way communication between a person or entity and a residential or wireless telephone subscriber, with or without an exchange of consideration, on the basis of an inquiry, application, purchase or transaction by the residential or wireless telephone subscriber regarding products or services offered by such persons of a entity. In regard to an inquiry, the person or entity shall obtain the consent of a residential or wireless telephone subscriber to continue the business relationship beyond the initial inquiry.”

Are EBR calls exempt from DNC regulations?

Yes, there are exemptions for Established Business Relationships (EBR)—sometimes called Existing Business Relationships. If you can demonstrate that you have an established business relationship with a consumer, and they have not asked to be on your internal Do Not Call (DNC) list, you can make live calls to that consumer even if they are on the National Do Not Call Registry. This exemption does not allow organizations to make automated calls or texts or to use pre-recorded messages. This exemption is limited to 18 months from the initial purchase, rental, lease or financial transaction between you and the consumer, or 90 days from the consumer’s product or service inquiry. This exemption only applies to the organization that established the relationship and does not normally extend to subsidiaries or corporate parents. Individual state telemarketing laws may have additional EBR exemptions.

Do federal telemarketing regulations supersede state-level laws?

No. Most state telemarketing regulations are written to serve as additional regulations on top of the federal regulations. Some states with Do Not Call (DNC) provisions simply choose to adopt the federal DNC rules rather than create their own rules.

Do I need a SAN?

According to the Federal Trade Commission (FTC), “Every Seller should subscribe, pay the appropriate fee, and agree to the certification requirements to receive a Subscription Account Number (SAN) with the National Do Not Call Registry.”

What is a SAN number?

"SAN" stands for Subscription Account Number. If you conduct any form of telemarketing, you are required to purchase a SAN on an annual basis. 

How do I obtain a SAN number?

This number can be obtained directly from the Federal Trade Commission (FTC) at https://telemarketing.donotcall.gov.

Can I use someone else's SAN?

If a seller purchases some sort of telemarketing services from a telemarketer or service provider, the seller must share its Subscription Account Number (SAN) with that provider. But outside of this particular business relationship, nobody may share SANs with anyone else.

Do I need to subscribe to all area codes with a SAN?

You must subscribe to every area code that you will be calling. You do not need to purchase a SAN for area codes that you will not call.

How many area codes can I subscribe to for free?

Your first 5 area codes are free. After that, you must pay a per-area-code fee.

How many TCPA violations do I have to commit to be sued?

Ostensibly, even a single Telephone Consumer Protection Act (TCPA) violation is enough to precipitate litigation.

Does the TCPA apply to text messages?
The Federal Communications Commission (FCC) 2015 Omnibus Declaratory Ruling and Order reaffirmed that text messages are subject to the same Telephone Consumer Protection Act (TCPA) restrictions as phone calls. The courts have also consistently held that a call is a text and a text is a call.

The Federal Communications Commission (FCC) 2015 Omnibus Declaratory Ruling and Order reaffirmed that text messages are subject to the same Telephone Consumer Protection Act (TCPA) restrictions as phone calls. The courts have also consistently held that a call is a text and a text is a call. Automated text messages would be considered the same as phone calls placed from autodialers. The Supreme Court's decision in Facebook v. Duguid significantly restricts which sorts of text messaging technology fits within the definition of an autodialer. But the prohibition on the use of autodialers to send text messages stands for any devices that are still considered autodialers.

Are there TCPA exemptions for non-profits?

No. While there are exemptions to the Telephone Consumer Protection Act (TCPA) that may apply to some non-profit organizations depending on the content of the messages, there is no blanket exemption. Non-profits are still required to abide by the strictures of the TCPA.

Are there TCPA exemptions for schools?

In certain circumstances, schools are exempt from following the Telephone Consumer Protection Act’s (TCPA) usual consent requirements. Namely, they are allowed to use the less stringent standard of implied consent if they are a bona fide non-profit or when sending non-marketing messages. Examples of such messages would be information about such topics as emergencies, school closures, and unexpected absences.

If parents or guardians provide their phone numbers to schools without conditions and don’t opt out, this generally constitutes implied consent. As long as no part of the informational messages constitute any form of marketing, the messages should be complying with the consent rules. Remember, the number must have been provided to the school directly in the normal course of business without conditions on use and the messaging must cease when the number is reassigned or the consumer opts out.

Are there TCPA exemptions for utilities?

In certain circumstances, utilities are exempt from following the Telephone Consumer Protection Act’s (TCPA) usual consent requirements. Namely, they are allowed to use the less stringent standard of implied consent if they are a bona fide non-profit or when sending non-marketing messages. Examples of such messages would be information about such topics as emergencies, circumstances where services will be shut off, and service notifications.

If customers provide their phone numbers to utilities without conditions and don’t opt out, this generally constitutes implied consent. As long as no part of the informational messages constitute any form of marketing, the messages should be complying with the consent rules. Remember, the number must have been provided to the utility company directly in the normal course of business without conditions on use and the messaging must cease when the number is reassigned or the consumer opts out.

What's the difference between the TCPA and DNC?

The Telephone Consumer Protection Act (TCPA) is a law passed by Congress in 1991 to protect consumers against unwanted telephone solicitation. The National Do Not Call (DNC) Registry is a specific provision of TCPA enforcement that was created by the Do-Not-Call Implementation Act of 2003.

Further Reading

What happens if I call a reassigned number?

Consent applies to the called party. So, if a number is reassigned to a different person, whatever consent you may have had for that number is no longer valid. Because the Telephone Consumer Protection Act (TCPA) is a strict liability statute—meaning violation is not contingent on fault or criminal intent—any call placed to a recycled number is a potential TCPA violation.

What happens if I violate the TCPA?

The Telephone Consumer Protection Act (TCPA) contains a private right of action, which means a private individual is legally entitled to enforce the statute, often in small claims court. As a result, TCPA violations are enforced through individual lawsuits and class actions. This is the primary enforcement mechanism for the TCPA but it is also possible that states can initiate civil actions against offenders. The Federal Communications Commission (FCC) also has the authority to assess penalties for TCPA violations. Those penalties could be as high as $26,000 per violation.

What happens if I violate the DNC list?

Depending on the particular details of the violations, penalties could be enforced by either the Federal Communications Commission (FCC) or the Federal Trade Commission (FTC). State attorneys general may also bring civil actions on behalf of the residents of their states.

How many DNC violations do I have to commit to incur civil penalties?

It is possible that a single complaint of a Do Not Call (DNC) violation could trigger enforcement actions from the Federal Trade Commission (FTC).

Is there a reassigned number safe harbor?

The Federal Communications Commission’s (FCC) 2015 Telephone Consumer Protection Act (TCPA) Omnibus Declaratory Ruling and Order established a one-call safe harbor for reassigned phone numbers. This safe harbor applied to situations in which callers mistakenly called a phone number for which they had previously received consent but had since been reassigned to another person. Because consent is tied to the called party and not the phone number, the phone call in this situation would be considered a violation. In order to provide some protection to good faith telemarketers who encountered these circumstances, the FCC adopted a rule whereby callers were allowed to make one phone call to a phone number that had been reassigned without being held liable for a violation—whether or not the call resulted in the caller being informed of the number’s reassignment.

In 2018, the D.C. Circuit court’s ruling in ACA International v. FCC struck down this safe harbor. Finding it “arbitrary and capricious,” the court did away with the rule because the FCC did not offer any argument for why a caller should be held liable if it has no reason for being aware of the number’s reassignment. Indeed, the rule worked such that the safe harbor was exhausted after one call even if the call was not answered. Unfortunately, the court did not offer any remedy for how this situation should be handled. So, rather than a flawed TCPA safe harbor for reassigned numbers, there is no safe harbor at all.

In December 2018, the FCC announced a plan to create a reassigned number database. Callers would be able to scrub their number lists against this database in order to remove any numbers that have been reassigned to new users, thus decreasing the possibility of incurring TCPA violations by calling these new users.

Included in this plan is a new safe harbor rule for dealing with reassigned numbers, replacing the old one-call rule that had been vacated by the ACA Int’l ruling. With documentation requirements similar to what is required for the national Do Not Call (DNC) safe harbor, callers are able to claim safe harbor for any reassigned numbers that they have dialed as long as they have scrubbed their numbers lists against the FCC database within 30 days.

This Safe Harbor became valid with the implementation of the FCC Reassigned Number Database in November 2021.

Is there a national DNC safe harbor?

The federal government’s National Do Not Call (DNC) Registry is managed by the Federal Trade Commission (FTC) under the auspices of the Telemarketing Sales Rule (TSR). Within that regulatory framework, there are best practices guidelines that, when paired with supporting documentation, allow for the possibility of claiming safe harbor.

As a legal defense, this safe harbor helps to protect companies from inadvertent mistakes that violate DNC rules. It provides a defense against consumer allegations by allowing the calling party to offer proof that they had followed those best practices as defined under the TSR.
In order to invoke a safe harbor defense, a telemarketer is required to provide documentation of the following:

  • Policies and Procedures
    The company must have written policies and procedures for complying with DNC list requirements as outlined by the appropriate regulatory agencies.
  • Employee Training
    The company must have a program in place for training employees on the aforementioned policies and procedures. There must also be a process for internal monitoring to ensure compliance.
  • In-House DNC Suppression List
    For the purposes of call suppression, the company must maintain an internal list of telephone numbers from consumers who directly requested not to be called by the company or any third-party telemarketer.
  • National DNC Lists
    The company and third-party telemarketers must access the National DNC Registry no more than 31 days before calling any consumer. The company must maintain records documenting this process of obtaining the list and suppressing phone numbers from its calling file.
Is there a call abandonment safe harbor?

The Telemarketing Sales Rule (TSR) safe harbor has a 3% call abandonment rule. Under the TSR, it is illegal for telemarketers to abandon any outbound call—with an abandoned call being defined as a call that does not connect the consumer to a sales representative within two seconds of the consumer answering the phone. But the TSR also makes some allowances for predictive dialers, which necessarily have a certain amount of abandoned calls because of how they operate.

The Federal Trade Commission’s (FTC) website explains that the conditions under which a caller would be eligible to claim this safe harbor are if the caller:

  • uses technology that ensures abandonment of no more than three percent of all calls answered by a live person, measured over the duration of a single calling campaign, if less than 30 days, or separately over each successive 30-day period or portion thereof that the campaign continues. 
  • allows the telephone to ring for 15 seconds or four rings before disconnecting an unanswered call. 
  • plays a recorded message stating the name and telephone number of the seller on whose behalf the call was placed whenever a live sales representative is unavailable within two seconds of a live person answering the call. 
  • maintains records documenting adherence to the three requirements above.
Is there a ported wireless safe harbor?

Generally, the Telephone Consumer Protection Act (TCPA) prohibits calls to a wireless number using an Automatic Telephone Dialing System (ATDS) without prior express written consent. However, there is a limited safe harbor in cases where a landline number was recently ported to a wireless number without prior knowledge from the marketer.

Declared by the Federal Communications Commission (FCC) in 2004, the ported wireless numbers safe harbor established a limited safe harbor on calls placed to wireless numbers using an ATDS or prerecorded voice when that number was recently ported from wireline service to wireless service. Companies placing autodialed calls or using a prerecorded message to call wireless numbers have 15 days from the time that number was ported from wireline to wireless, provided that the number is not already on the National Do Not Call (DNC) Registry or that company’s internal Do Not Call list. This safe harbor works in conjunction with the national DNC safe harbor.

This safe harbor does not extend to erroneous calls and will not absolve any company of a willful violation.

What is the definition of prior express consent?

The Telephone Consumer Protection Act (TCPA) itself does not specifically define “prior express consent” in the statute, but an agreement, written or oral, clearly indicating consent to receive calls at a particular number constitutes prior express consent. For non-marketing calls, if a consumer knowingly provides a phone number to a company in the normal course of business, without conditions, express consent can be implied so long as the messages closely relate to the purpose for which the number was originally provided.

This same standard is also applicable to faxes. In Physicians Healthsource, Inc. v. Cephalon, Inc., et al., the Third Circuit found that providing a business card that included a fax number constituted "prior express consent" to receive faxes.

What is the definition of express written consent?

As defined by the Federal Communications Commission (FCC), prior express written consent is a written agreement between the caller and the receiver of the call that clearly authorizes the caller to deliver “advertisements or telemarketing messages using an automatic telephone dialing system [(ATDS)]or an artificial pre-recorded voice.” This type of consent must specify the phone number to be called and must also include the receiver’s written or electronic signature, which may be a signed piece of paper, or simply a button press affirming the agreement. You must also disclose that consent is not a condition of purchase.

Further Reading

Does my consent expire?

There is no time limit or expiration date on consent. However, consent is tied to the called party, not the phone number. So if a number is reassigned to a new person, whatever consent you may have had for that number is no longer valid. Also, consumers can revoke their consent at any time and by any means.

Can consumers revoke consent?

Yes. Moreover, recent court decisions have generally held that consumers can revoke their consent by any reasonable means. The Telephone Consumer Protection Act (TCPA) does not offer explicit guidance on revocation of consent, but it is best practice to recognize and honor all consent revocation requests immediately.

What are some TCPA litigator tricks?

Unscrupulous Telephone Consumer Protection Act (TCPA) litigators and professional plaintiffs often make use of a deep bag of tricks to induce costly TCPA violations. Some of their more frequent and damaging techniques are as follows:

Dual-Purpose Phone Lines
Sometimes referred to as “mixed-use” lines. Litigators will use one phone number for both business and personal purposes, potentially entrapping marketers who believe they are making calls to a business line when, in fact, it is a personal line for TCPA purposes.

Waiting to Receive Multiple Calls Before Threatening Litigation
Because TCPA fines are levied on a per violation basis, litigators can juice their numbers by intentionally allowing a company to call them multiple times before they take action against the company.

Bullying for an Out of Court Settlement
Litigators will ambush defendants by threatening litigation with the intent of forcing an out-of-court settlement.

Taking Advantage of Reassigned Numbers
Litigators and serial plaintiffs will purchase multiple cell phones with the intent of manufacturing claims using phone numbers they know have been reassigned from their original owner.

Personally Targeting Corporate Officers in Lawsuits
By naming corporate officers and owners rather than merely the company itself, a litigator can apply additional pressure on a defendant.

Call Seeding
Litigators and their professional plaintiff accomplices will give consent for their numbers to be called. But rather than answering when called, they will call back from a different cell phone number for which they have not given consent, and talk just enough to identify themselves before hanging up, thus baiting agents into calling back without consent.

Who do TCPA litigators target?

Litigators will often target companies with particular, perceived vulnerabilities. Among the sorts of targets for unscrupulous litigators are the following:

Companies with Deep Pockets
Large companies are often targets of large Telephone Consumer Protection Act (TCPA) lawsuits, resulting in very large payouts.

Companies with a History of TCPA Lawsuits
Once a company has paid out a large settlement or judgment for TCPA violations, it can attract more litigators, like sharks drawn to blood in the water.

Easy Targets
Litigators will take advantage of companies who have inadequate opt-in language or poorly written terms of service. Litigators will also focus their attention on companies such as collections agencies whose essential business structure puts them at greater risk for TCPA violations.

Companies that May Not Know the TCPA Applies to Them
Many companies operate under the mistaken assumption that they are not bound to TCPA calling restrictions, including companies that focus on business-to-business (B2B), political organizations, schools, non-profits, and public utilities. Another similar category of businesses at risk are those who purchase leads from or outsource calling duties to third-party vendors and do not account for the possibility of their vicarious liability under the TCPA.

What is an autodialer?

The text of the Telephone Consumer Protection Act (TCPA) defines an Automatic Telephone Dialing System (ATDS)—colloquially known as an autodialer—as “equipment which has the capacity—(A) to store or produce telephone numbers to be called, using a random or sequential number generator; and (B) to dial such numbers.” Of course, it is not clear how that relatively vague definition written in 1991 applies to the wide panoply of dialing technology available today. Unfortunately, Federal Communications Commission (FCC) rulemaking and case law have not resolved this and instead have created circumstances where the definition of what constitutes an autodialer varies from jurisdiction to jurisdiction.

Much of the conflict regarding the definition of an autodialer revolves around interpreting the TCPA’s use of the word “capacity.” The FCC’s most recent major overhaul of the TCPA is its 2015 TCPA Omnibus Declaratory Ruling and Order. In that document, it interpreted “capacity” in a broad sense, determining that equipment without the “’present ability’ to dial randomly or sequentially” could still qualify as an autodialer if it had “potential functionalities” to do so. This interpretation essentially meant that any device that could potentially dial numbers from a list might be considered an autodialer and thus subject to the TCPA’s regulations on the use of an ATDS.

In 2018, the D.C. Circuit Court issued a decision in ACA International, et al. v. FCC, et al. that struck down the FCC’s broad definition of autodialer, paving the way for the creation of a more reasonable standard. Noting that the 2015 Order’s interpretation of “capacity” essentially had the effect of designating every smartphone as an ATDS, the court vacated that interpretation. This ruling, fortunately, eliminated the overly broad autodialer definition but unfortunately did not offer another definition as a clear replacement, leaving it up to individual courts to interpret the meaning of “capacity” in the TCPA’s definition of ATDS. Two subsequent circuit court decisions have created two conflicting definitions of what exactly is an autodialer.

Three months after the ACA Int’l decision, the Third Circuit Court issued a ruling in Dominguez v. Yahoo that set forth one of the multiple forking paths of what constitutes an autodialer. Following the D.C. Circuit vacating the FCC Order’s interpretation, the Third Circuit determined that its decision was required to interpret the TCPA’s definition of ATDS. The Third Circuit determined that, based on the facts of the case, there was “a genuine dispute of fact as to whether [Yahoo's system] had the present capacity to function as an autodialer by generating random or sequential telephone numbers and dialing those numbers.” This created the precedent that an autodialer must have the present capacity to both generate and dial numbers either randomly or sequentially. 

Three months after the Third Circuit’s Dominguez decision, the Ninth Circuit reached a decision in Marks v. Crunch San Diego, LLC that offered a much more broad interpretation of what “capacity” means in the TCPA’s definition of an autodialer. The Ninth Circuit acknowledged the Dominguez decision but pointedly declined to follow it. Instead, the court found that the TCPA’s statutory definition of an autodialer was ambiguous and “the term ‘automatic telephone dialing system’ means equipment which has the capacity — (1) to store numbers to be called or (2) to produce numbers to be called, using a random or sequential number generator — and to dial such numbers automatically (even if the system must be turned on or triggered by a person).” According to this precedent, an ATDS is any device that has the capacity to automatically dial numbers that are stored in a list.

In early 2020, two new rulings in cases in two different circuits set potential precedents for a third definition of what constitutes an ATDS. In Glasser v. Hilton Grand Vacations Company, LLC, the Eleventh Circuit interpreted a key clause (“to store or produce telephone numbers to be called, using a random or sequential number generator”) in the TCPA’s definition of an ATDS such that the phrase “using a random or sequential number generator” modifies both “produce” and “store”. This essentially means that, in the Eleventh Circuit, dialers are only subject to the TCPA’s restrictions on the use of autodialers if they are dialing phone numbers that are randomly or sequentially generated. This interprets the ATDS definition even more narrowly than the Third Circuit’s Dominguez decision. Less than a month later, the Seventh Circuit issued a decision in Gadelhak v. AT&T Services that reached the same conclusion as the Glasser court, extending that narrow ATDS definition to another jurisdiction.

In March 2020, two different district courts in two different circuits handed down rulings in two different Telephone Consumer Protection Act (TCPA) cases that rejected a common argument that would have essentially rendered any computer-based dialer as an Automatic Telephone Dialing System (ATDS). These cases—Decapua v. Metro. Prop. & Cas. Ins. Co. and Hagood v. Portfolio Recovery Assocs.—generally followed the definitions set forth by the Gadelhak and Glasser decisions.

As if to forestall any possibility of a coherent trend, another early 2020 ATDS ruling went the other direction, favoring a broad interpretation of the ATDS definition. The Second Circuit found, in Duran v. La Boom Disco, that the texting programs used by the defendant should be regulated as autodialers. Following the Marks precedent, the Court determined that any device that can dial from numbers stored in a list is an ATDS, holding that “an ATDS may call numbers from stored lists, such as those generated, initially, by humans.” The court also found that a human hitting a “send” button to initiate the text campaign is insufficient human intervention to preclude an ATDS designation.

In July 2020, the Sixth Circuit staked a claim to the broader definition of an ATDS. In Allan v. Pa. Higher Ed. Assist. Agency, the court adopted the Marks definition of an autodialer as essentially anything that dials numbers from a list.

As a result of these wildly differing interpretations of the TCPA’s definition of an autodialer, there were multiple competing precedents that courts are following. This led to a confusing circumstance where the definition of what constitutes an ATDS depended entirely on the particular court jurisdiction—including a split within the state of Michigan where one district followed the Dominguez precedent while the other followed the Marks precedent.

On April 1 (April fools Day) 2021, the Supreme Court handed down a ruling in Facebook v. Duguid that finally resolved these disparities in favor of the more narrow, statutory definition. In the court's unanimous opinion, Justice Sonia Sotomayor wrote, ““We hold that a necessary feature of an autodialer under [the TCPA] is the capacity to use a random or sequential number generator to either store or produce phone numbers to be called.” Thus, the autodialer is finally properly defined.

What are the provisions of the TCPA?

The main provisions of the Telephone Consumer Protection Act (TCPA) are as follows:

Calling Time Restrictions
Companies can contact residential consumers only between 8:00 AM and 9:00 PM (recipient’s time zone).

Automatic Telephone Dialing Systems (ATDS)
The TCPA restricts autodialed marketing calls and texts to cell phones and other devices where the recipient might be charged for the call without written consent, and non-marketing autodialed calls without prior express consent.

Robocalls
The TCPA does not allow the use of an artificial or prerecorded voice to be used to call a residential landline or wireless number for marketing purposes without prior express written consent.

Identification Requirements
Among other things, the TCPA requires the caller to provide their name, the name of the company on whose behalf they are calling, and a telephone number or address which can be used to contact them again.

National Do Not Call (DNC) Registry
Telemarketers are required to suppress phone numbers on the National Do Not Call Registry. Remember that some states have their own local DNC lists as well, separate from the federal list.

Internal Do Not Call List
Companies are required to maintain an internal DNC list of consumers who asked not to be called or texted.

What is the penalty for violating the TCPA?

TCPA violations can result in penalties of up to $500 per violation, with willful violations trebled up to $1,500 per violation. There is no cap on statutory damages so thousands of violations can result in millions of dollars in penalties.

Further Reading

What are some particular TCPA vulnerabilities for B2B callers?

Businesses that conduct Business-to-Business (B2B) marketing should be aware of the following vulnerabilities specific to their manner of business:

Dual Purpose (Mixed Business & Personal Use) Lines
B2B marketers should be checking their data against state and federal consumer Do Not Call (DNC) lists to reduce the risk of calling or texting dual purpose phone lines.

Business Fax Lines
The Telephone Consumer Protection Act (TCPA) prohibits the use of “any telephone facsimile machine, computer, or other device to send an unsolicited advertisement to a telephone facsimile machine,” which includes business fax lines.

Vicarious Liability
If you use outsourced vendors to make B2B calls or texts on your behalf, you may be held vicariously liable for their potential violations of the TCPA.

Individual Employees vs. the “Business Entity”
Marketing calls that solicit consumers at their place of business rather than the “business entity” itself are not B2B solicitations and would be subject to all normal TCPA and DNC laws.

What are the B2B consent requirements?

Marketers can make Business-to-Business (B2B) calls/texts using an Automatic Telephone Dialing System (ATDS) provided they have proper consent. For marketing purposes, you must have express written consent. The written consent may be an e-signature or button press, but it must include the following disclosures:

  • You must disclose that the calls or texts will be sent for marketing purposes.
  • You must disclose that the calls or texts will be or may be sent using an Automatic Telephone Dialing System.
  • You must indicate that consent to receive the calls or texts is not a condition of any purchase.
  • You must identify which brand will call and which number will be called.
Are there exemptions for B2B calls?

Yes. These exemptions cause much confusion in the industry, leading to devastating fines and settlements. In the face of these exemptions, the vagueness of whether Business-to-Business (B2B) calls are covered under the Telephone Consumer Protection Act (TPCA) often leads reasonable people to think they are not.

The Federal Trade Commission (FTC) exempts all solicitation calls between a marketer and a business except marketing of nondurable office or cleaning supplies. This means most B2B are exempt from national Do Not Call (DNC) laws, but not every state exempts B2B calls under state law. Some jurisdictions require B2B marketers to register and place a bond before making calls.

B2B marketing calls are normally exempt from Telemarketing Sales Rule (TSR) DNC rules. They are also likely to be exempt from the Federal Communications Commission’s (FCC) DNC rules. However, some federal rules still apply and, as above, some state rules may still apply including laws specific to B2B.

Are cell phones considered an autodialer?

It is not clear whether or not a cell phone would be considered an Automatic Telephone Dialing System (ATDS). The Supreme Court's decision in Facebook v. Duguid mentions the possibility that the broad interpretation of the TCPA's ATDS definition could potentially render all smartphones as dialers, citing this possibility as part of its rationale for adopting the narrower ATDS definition.

What is a robocall?

An autodialer with a prerecorded message (commonly referred to as a “robocall”) automatically dials a phone number and waits for a live answer. Upon answer, a prerecorded message will play. If the consumer is then prompted to interact with the system by pressing buttons, this is known as interactive voice response. There is normally a delay between the consumer answering and the connection to the prerecorded message.

Further Reading

What is an avatar autodialer?

Also known as “soundboard technology,” avatar technology was described by the D.C. District Court of Appeals as a technology that “enables telemarketing agents to communicate with consumers over the phone by playing prerecorded audio clips instead of using the agent’s live voice. The agent can choose a prerecorded clip to ask questions or respond to a consumer while retaining the ability to break into the call and speak to the consumer directly. Soundboard also enables agents to make and participate in multiple calls simultaneously.”

What is a predictive dialer?

A predictive dialer system operates from a list of phone numbers, automatically dials multiple numbers simultaneously and directs the calls to live agents based on predictions about when the agent will likely be available to handle the call. If the consumer answers, the system directs them to an agent. If the agent is unavailable, it often drops the call.

The Telemarketing Sales Rule (TSR) has a safe harbor provision specifically designed for predictive dialers that allows for a 3% call abandonment rate.

Are cell phones considered a predictive dialer?

There has been no clear or consistent guidance from the Federal Communications Commission (FCC) or the courts as to whether or not a cell phone is considered a predictive dialer. Telephone Consumer Protection Act (TCPA) compliance on this issue depends entirely on specific district court rulings for specific jurisdictions.

What is click-to-dial?

A click-to-dial system is a less automated version of a predictive dialer system. Like a predictive dialer, it operates from a list of phone numbers. However, rather than automatically placing the calls and directing them to agents like in a predictive dialer system, it sends the phone numbers to a live agent, who clicks something to initiate each individual call.

Are cell phones considered click-to-dial?

Cell phones are generally thought to be manual calling devices, like many click-to-dial systems. However, there has been no clear or consistent guidance from the Federal Communications Commission (FCC) or the courts as to whether or not a cell phone is considered a click-to-dial device. Telephone Consumer Protection Act (TCPA) compliance on this issue depends entirely on specific district court rulings for specific jurisdictions.

What is ringless voicemail?

Ringless voicemail is a calling method whereby a prerecorded message is placed directly into a voicemail inbox without normally making the target phone number ring or display a missed call. Recipients are also generally not billed for the delivery of the ringless message.

What is an automated text message?

An automated text message is a text message sent to a consumer or consumers through the use of an automated text messaging platform. Regardless of whether the message itself is manually or automatically generated, it is treated as an automated text message if an autodialer platform is used to deliver the message.

The courts have been unanimous in the viewpoint that a call is a text and a text is a call. Automated text messages should be treated exactly like calls placed using an autodialer and the same consent rules should be observed.

Even after the Supreme Court's ruling in Facebook v. Duguid, the TCPA's regulations on automated text messages stand. While SCOTUS's decision to adopt the narrow definition of what constitutes an ATDS may well exclude most (or possibly all) current text messaging systems from being considered autodialers, the restrictions on automatic texting still exist.

Do TCPA and DNC regulations apply to the real estate industry?

There is an assumption that because real estate agents are independent contractors that Do Not Call (DNC) and Telephone Consumer Protection Act (TCPA) regulations do not apply to them.

Big businesses are often seen in the spotlight for being violators of these statutes and individuals may think that their actions will go unnoticed by Federal Trade Commission (FTC) and Federal Communications Commission (FCC) regulators—these assumptions are false.

Compliance is mandatory for real estate agents.

Is it a TCPA violation to call about a for sale by owner real estate listing?

As an agent, you may contact a seller marketing a for sale by owner (FSBO) property about your client’s potential interest in purchasing the property, even if that seller’s number is on the National Do Not Call (DNC) Registry. The pitfall is that as a buyer’s representative, you may only discuss your client’s interest in the property. You cannot use your client’s interest as a way to solicit the listing. Doing so puts you in violation of DNC regulations.

Is it a TCPA violation to call about expired real estate listings?

As an agent, you can call homeowners who originally listed their home with you for up to 18 months after the contract expiration date. Calling during that period of time is allowed as long as the homeowner has not requested that you do not call them.

What are the DNC provisions of the TSR?

The Do Not Call (DNC) provisions of the Telemarketing Sales Rule (TSR) are as follows:

Internal Do Not Call List Requirements
The internal DNC list refers to the Entity-Specific Do Not Call Provision. This provision mandates that telemarketers keep and maintain their own do not call list, specific to their organization. When a consumer asks to be put on your do not call list, you should honor that request immediately.

National Do Not Call Registry Requirements
The DNC list is comprised of both landline and wireless numbers and has been open to telemarketers since September 2003. All telemarketers are required to check their lists against the National Do Not Call Registry at least every 31 days.

Misuse of the Do Not Call List
Neither the National Do Not Call Registry nor any internal Do Not Call list may be used for any purpose other than compliance with the TSR’s Do Not Call provisions. This includes attempting to “share” the cost of accessing the national Do Not Call data. All organizations must have their own individual subscription.

Interfering with Someone’s Do Not Call Rights
When a consumer asks to be placed on your internal do not call list, you should accept this request and honor it immediately. Hanging up, refusing to honor or demanding the consumer listens to a sales pitch all constitute violations of this provision. Any organization caught violating this rule will lose any benefit from the TSR’s safe harbor from erroneous violations and may be subject to civil penalties.

How do I avoid a TCPA lawsuit?

The best practices for avoiding Telephone Consumer Protection Act (TCPA) violations and the attendant lawsuits are as follows:

Make Sure You Have Clear Consent
In order for a court to proceed with a class action, the class must first be certified. When it comes to the TCPA, if the defendant can provide evidence of consent procedures, and prove consent for the individual plaintiff, the class as a whole, or a subset of the class, then the class certification may be denied.

Make Sure You Have Strong Arbitration Language
It is critical in consumer contracts to draft clear arbitration agreements, broad enough to cover any and all future disputes. Failure to do so could result in denial of arbitration or even class action lawsuits. When drafting your arbitration clause, be sure to include a detailed opt-out provision that contains specifics on how and where a consumer can opt out.

Have a Well Written Consent Clause
If you ever need to contact a consumer with an autodialer or pre-recorded voice, make sure your contract includes a well written TCPA consent clause. The clause should include language that supersedes any existing opt-in or opt-out, clearly indicate the methods of consent revocation, clearly indicate the methods by which you may contact them, and include any third parties or affiliates that may contact them as it pertains to the contract.

Use Your Dialer Technology Correctly
If you’re calling or texting a wireless number, the TCPA mandates that you must have express written consent to place those calls or texts using an Automatic Telephone Dialing System (ATDS). The Federal Communications Commission (FCC) defines an ATDS as equipment which has the capacity “(A) to store or produce telephone numbers to be called, using a random or sequential number generator; and (B) to dial such numbers.” The Supreme Court's decision in Facebook v. Duguid may limit which kinds of devices fit this definition but it does nothing to change the ATDS restrictions or the penalties that come with violating them.

Document Everything, Follow the Rules, Be Able to Prove It
The courts may allow you to claim a “Safe Harbor Defense,” a strategy which allows companies to show proof that they have done all the things they can to be compliant with the TCPA. Those things include but are not limited to: 

  • Having written policies and procedures in place and training employees to follow them. 
  • Maintaining an internal do not call list 
  • Scrubbing against the National Do Not Call (DNC) Registry 
  • Scrubbing against the individual state DNC registries 
  • Checking your data for reassigned numbers
What are co-venture calls?

If a for-profit organization is making calls or texts on behalf of a non-profit or political campaign and the calls or texts are not substantially related, they would be subject to the Telephone Consumer Protection Act (TCPA). Additionally, if there is a commercial message as any part of the communication, even if it also contains a charitable or political purpose, it is considered a “telephone solicitation” under the TCPA.

Can I got to prison for violating telemarketing laws?

It may be unlikely but technically it is possible. Willfully violating the Rhode Island Telephone Sales Solicitation Act is punishable by imprisonment for up to one year.

Are there TCPA exemptions for financial institutions?

Financial institutions are sometimes exempt from the Telephone Consumer Protection Act’s (TCPA) prohibition on the use of Automatic Telephone Dialing Systems (ATDS) when they send time-sensitive, voice or text messages which address financial issues related to the customer’s account, so long as no part of the message could be considered marketing.

In order to exercise the exemption for financial institutions, some basic rules must also be followed:

  • Must Be Free for The Customer
    Financial institutions are responsible for making arrangements with telephone providers so that no communications count against the consumer’s plan minutes or texts. 
  • Use Provided Phone Number Only
    Calls and texts may only be sent to the telephone number provided by the consumer.
  • No Marketing Allowed
    Calls and texts are strictly limited to the purposes specified above and must not include any marketing or advertising content. 
  • Protected Numbers
    No calls or texts may be made to protected phone lines such as emergency or toll-free lines without the called party’s prior express consent. 
  • Debt Collection
    Calls and texts for the purposes of debt collection are not exempt and still require prior express consent. 

Frequency of Calls Limit
A financial institution may call or message a customer, who has not given their prior express consent, no more than three times over a three-day period.

  • Call limits apply per event, regardless of which exemption is triggered.
  • Any contact beyond the limited number of three calls or messages per event, over a three-day period, is not exempt and requires the express consent of the consumer.

Consent Requirements
Calls or texts from financial institutions may be sent to customers for the purpose of:

  • Notifying the customer of transactions and events that suggest a risk of fraud or identity theft. 
  • Notifying the customer of a possible breach of the security of the customer’s personal information. 
  • Conveying measures consumers may take to prevent identity theft following a data breach. 
  • Informing them of actions needed to arrange for a receipt of pending money transfers.

Additionally:

  • Calls and text messages must state the name and contact information of the company calling (for voice calls, these disclosures must occur at the beginning of the call). 
  • Calls and text messages must be concise, generally one minute or less in length for voice calls (unless more time is needed to obtain customer responses or answer customer questions) and 160 characters or less in length for text messages.

Financial institutions must include in their messages a method for recipients to easily opt-out of future calls and messages.

  • Live Phone Call
    Automated voice calls that could be answered by a live person must include an automated, interactive voice and/or key press activated opt-out mechanism that enables the recipient to make an opt-out request prior to terminating the call. 
  • Answering Machine
    Voice calls that could be answered by an answering machine or voice mail service must include a toll-free number that the consumer can call to opt-out of future financial calls 
  • Text Message
    Text messages must inform recipients of the ability to opt-out by replying “STOP”. 
  • Financial institutions should honor opt-out requests immediately.
     
Are there TCPA exemptions for healthcare providers?

The Federal Communications Commission (FCC) allows two exemptions under the Telephone Consumer Protection Act (TCPA) for healthcare providers. 

Healthcare Messages (The “Health Care Rule”) 
Healthcare providers are allowed to make calls to residential landlines from an entity covered by the Health Insurance Portability and Accountability Act (HIPAA), including its business associates, using an artificial or prerecorded message to deliver a healthcare-related message without the consent of the called party. 

Calls and texts to cell phones using an Automatic Telephone Dialing System (ATDS) or artificial prerecorded voice that deliver a healthcare-related message are subject to the TCPA, but only require prior express consent, rather than the normally required prior express written consent. 

Healthcare Treatment Purpose Exemption 
Healthcare providers are allowed to place autodialed and artificial prerecorded voice and text messages to cell phones without consent in order to convey “healthcare messages” as defined by HIPAA.

Are there TCPA exemptions for package delivery?

So long as consumers are not charged and can easily opt-out, delivery companies are exempt from obtaining consent under the Telephone Consumer Protection Act (TCPA) when sending delivery notifications. Standard non-marketing and opt-out rules apply.

Are there TCPA exemptions for political campaigns?

Political campaigns get a small amount of wiggle room when making calls or sending texts using an Automatic Telephone Dialing System (ATDS). Calls to landlines numbers do not require consent and it is not required to suppress numbers against the National Do Not Call (DNC) Registry. However, calls or texts to wireless numbers require prior express consent.

Further Reading

What is vicarious liability?

Vicarious liability is defined as an attachment of responsibility to a party for harm or damages caused by another party in a lawsuit or civil action.

It is a common practice for many businesses to market their products through the use of independent sales forces and lead aggregator websites. While these can be great sources for obtaining fresh leads, they can also be a trap for Telephone Consumer Protection Act (TCPA) litigation. 

If your third-party agents violate the TCPA, you can be found vicariously liable for any resulting damages. Examples of possible violations include the third-party agents calling consumers without the proper consent, making calls or texts on your behalf using an Automatic Telephone Dialing System (ATDS) or prerecorded voice, and not honoring opt-out requests. 

When you don’t fully control the strategies that lead generators use to conduct their campaigns, the risk of vicarious liability can be enormous. TCPA violations incurred by independent agents and lead generators acting on behalf of a company will draw that company into any related lawsuits.

Do insurance companies cover TCPA damages?

Commercial liability insurers have brought a growing number of cases seeking declaratory judgments that they do not have to provide coverage for their insureds’ alleged Telephone Consumer Protection Act (TCPA) violations. Some commercial liability policies have express exclusions for TCPA claims, while others may contain more general exclusions that may not fully exclude the TCPA. 

Some insurers have amended existing policies to add TCPA exclusions but courts have not always found this practice to be legally enforceable. Other insurers have successfully managed to avoid covering TCPA damages by successfully arguing that TCPA violations fall under exclusionary clauses relating to invasion of privacy.

There are some companies that offer insurance policies specifically tailored to TCPA litigation, but they are very expensive.

If I realize that I may have sent text messages to reassigned numbers, am I required to send notice to those consumers?

No, if you find yourself in this situation, there is no requirement to send notice to consumers.

What is the risk of calling reassigned numbers?

Approximately 100,000 mobile phone numbers are reassigned by wireless carriers every day. Potentially 20% of data in an average consumer contact list could be made up of reassigned phone numbers. Therefore, theoretically, you could be liable for the maximum Telephone Consumer Protection Act (TCPA) violation of $500 per call or text on up to 20% of your entire campaign.

While the Federal Communications Commission (FCC) has promised to create a comprehensive database of reassigned numbers, none exists currently. Your best defense is to scrub for reassigned numbers and to actively maintain your contact database by asking consumers for updated information.

What are the risks of peer-to-peer texting under the TCPA?

The Federal Communications Commission (FCC) issued a declaratory ruling in 2020 affirming that peer-to-peer (P2P) texting systems should not be considered automatic telephone dialing systems (ATDS). The Supreme Court's ruling in Facebook v. Duguid also ensures that P2P systems should not be regulated as autodialers.

Can I obtain verbal consent by asking a consumer to respond affirmatively to an audio recording asking for consent to receive marketing calls?

The Federal Communications Commission (FCC) has held that “written” consent can be obtained on a recorded telephone call, but you must ensure you meet all the requirements of the ESIGN Act or similar state laws regarding electronic signatures.

Can consumers opt in via text message?

Yes, but you cannot send a text from an ATDS that says, “Sign up for our marketing program.” That message would be marketing in and of itself, and you would have already violated the Telephone Consumer Protection Act (TCPA). However, you could do a call to action that says, “For automated offers, text DISCOUNT to XYZ number…” When the consumer responds to your offer, request a double opt-in, and get the consumer to agree to the required disclosures. Always ensure full TCPA disclosures are utilized, as well as an opt-out instruction.

Do I need consent for Direct Response Text Marketing?

You do not need consent for the initial automated response if the message is consistent with what your direct response offer has promised. The message must be sent immediately, containing only the requested information and nothing more. Any additional marketing messages would require consent.

Am I legally required to let consumers know how to opt out?

It is not legally required to provide customers with instructions on how to opt out. But it is a very strongly recommended best practice to provide customers with this information. If you don’t do so, it is possible that people will opt out with their own legally sufficient language that is not recognized by your system, leading you to continue to send messages or make calls which now violate the Telephone Consumer Protection Act (TCPA). You need to be able to recognize and honor opt-outs, so always include a simple opt-out instruction (“Reply STOP to Opt-Out” for example).

If a consumer opts out, can I send a confirmation message?

Yes, you can send one final message confirming the opt-out and offering information on how to opt back in. However, this final message cannot contain any sort of marketing. The Federal Communications Commission (FCC) recommends you send this message no later than 5 minutes after the opt-out occurs.

If my consent language covers both calls and texts, does a consumer opting out of one mean they have opted out of both?

Yes, opting out of one should result in opting out of both unless you’ve made it clear that there are different requirements. However, you can clarify with the consumer whether they are seeking to opt out of one particular program, or all calls and texts to the number.

If a consumer wishes to opt out of receiving marketing texts from campaign A but still wants to get texts from campaign B, are multiple opt-out options allowed?

Yes, you can have multiple campaigns with their own opt-out requirements, but you should make it very clear to consumers how to do it. For example, text “STOP A” to stop receiving messages from campaign A vs. “STOP B” to stop receiving messages from campaign B. It is also best practice to offer an inclusive opt-out option such as “STOP ALL.”

Are purely informational texts exempt?

Purely informational texts follow the same implied consent rules as delivery and service notifications. However, if any part of your informational text could be considered marketing and you are using a device that meets the current standards for what constitutes an automatic telephone dialing system (ATDS), you would need express written consent. Therefore, best practices are to get express written consent even for informational texts.

Are there state-specific telemarketing laws related to texting?

Yes, just as with telemarketing regulations for phone calls, there are state-specific laws covering texting. 15 states have their own laws regarding text messaging. State-level laws on texting are typically more complex and stringent than federal-level laws. However, consent is still always the key to compliance.

What about AI texting?

Following the Supreme Court's Facebook v. Duguid decision, AI texting systems are not likely to be considered autodialers.

Do I need to make special considerations for declared states of emergency?

Yes, some state telemarketing laws prohibit you from making calls during a state of emergency. However, it is less clear when it comes to texting. Other than the 15 states that treat text messages separately, it is not clear whether a regulator would say texting is a call. A lot of state-level statutes about states of emergency are worded in such a way that calls are explicitly prohibited while texts are not. But as a practical matter, it is best not to call or text during states of emergency.

Can I send texts to collect on debts?

Yes—as long as you can meet the implied express consent standards. Courts have generally accepted the argument that a consumer listing their phone number on a credit card or loan application constitutes giving consent to be contacted at that number for issues involving that account.

What is the potential liability of marketing texts that offer consumers discounts or benefits for forwarding offers to their friends?

This specific scenario has not been addressed by the Federal Communications Commission (FCC). In these sorts of circumstances, the FCC looks at a number of factors to determine who is responsible for user-initiated messages such as: Who decides when the text is going to be sent? Is it being used to do an unlawful activity? Are you spoofing? The issue is control. In this case, the fact that the consumers are going to be the ones sending the message and are choosing who receives the message makes it seem like the consumer should be responsible. But they are promoting your product, so there could be a vicarious liability issue.

Are push notifications on smartphone apps considered to be texts by the FCC?

No. Push notifications are user-controlled, making it difficult to argue that the Federal Communications Commission (FCC) should consider them to be a “call.”

Is there a TCPA exemption for debt collection?

In July 2015, the Federal Communications Commission (FCC) issued a Telephone Consumer Protection Act (TCPA) Omnibus Declaratory Ruling and Order that overhauled and updated a number of aspects of the statute. Among the changes was a debt exemption that permitted automated calls to cellphones when the calls were for the collection of government-backed debt such as a student loan. 

However, in 2019, the Fourth Circuit found this exemption to be unconstitutional on free speech grounds. In fact, in finding the exemption to be a content-based restriction that favored a select group, the court nearly invalidated the TCPA as a whole. The court was able to avoid invalidating the entire statute only by severing the “flawed exemption” from the rest of the TCPA. In 2020, the Supreme Court upheld this ruling in Barr v. AAPC.

What is the FDCPA?

The Fair Debt Collection Practices Act (FDCPA) was originally passed in 1977 but was significantly amended as a part of the legislative reforms instituted by the Dodd-Frank Act of 2010. Enforced by the Consumer Financial Protection Bureau (CFPB), the FDCPA enumerates restrictions for the behavior of third-party debt collectors who collect on debts owed to another person or entity. Debt collectors who violate the FDCPA can be sued in state or federal court for damages and legal fees within one year of the violation(s).

What are the provisions of the FDCPA?

As it governs debt collection practices, the Fair Debt Collections Practices Act (FDCPA) provides a number of rules that telemarketers who collect debt as third-party debt collectors must follow: 

  • Call Time Restrictions
    A debt collector should not contact a debtor before 8 AM or after 9 PM (according to the debtor’s local time) unless they have made an arrangement with the debtor to call outside those hours. 
  • Honoring Workplace Opt-Outs
    A debt collector may attempt to reach a debtor at their place of work as well as their home. But if the debtor informs the debt collector to stop contacting their workplace, either verbally or in writing, the debt collector must honor that request. 
  • Honoring Home Phone Opt-Outs
    Debtors can also request that debt collectors not call their home phones. But they must send this request in the form of a letter. 
  • Restrictions Against Harassment
    Debt collectors are not allowed to threaten bodily harm or arrest, and are prohibited from using profane or obscene language. 
  • Restrictions Against Unfair Practices
    Debt collectors are not allowed to use abusive, unfair, or deceptive practices in order to collect debts. 
  • Restrictions Against False Lawsuit Threats
    Debt collectors are prohibited from threatening to sue a debtor unless they intend to follow through on that threat.
What is the FCRA?

The Fair Credit Reporting Act (FCRA) is the primary federal law covering the rules on the collection and reporting of consumer credit information. It was passed into law in 1970. It is enforced by the Federal Trade Commission (FTC) and Consumer Financial Protection Bureau (CFPB). 

The FCRA sets rules on how credit bureaus can obtain consumer credit information, how long they can store that information, who they can share that information with, and what sort of information they can collect. The FCRA allows credit bureaus to collect the following kinds of information: 

  • Bill payment history 
  • Loan history 
  • Current debts 
  • Employment information 
  • Bankruptcy history 
  • Child support payment history 
  • Arrest history 
What is the TILA?

First enacted into law in 1968, the Truth In Lending Act (TILA) governs the way lenders and creditors disclose information about their financial goods and services to consumers. Initially overseen by the Federal Reserve Board (FRB), the TILA has been enforced by the Consumer Financial Protection Bureau (CFPB) since 2011. 

The TILA’s provisions cover most sorts of consumer credit—such as home mortgages, car loans, credit cards, and equity lines of credit—which are the sorts of credit that can lead to debt collection.

What is the TRACED Act?

The Pallone-Thune TRACED Act was signed into law by President Donald Trump on December 30, 2019. The act—whose name is an acronym for Telephone Robocall Abuse Criminal Enforcement and Deterrence—is sponsored by South Dakota Republican Senator John Thune and New Jersey Democratic Congressman Frank Pallone.

The TRACED ACT modifies sections of the Telephone Consumer Protection Act (TCPA), which is itself an amendment to the Communications Act of 1934, codified as 47 U.S.C. § 227.

As can be inferred from its full name, the TRACED Act is a new legal mechanism for the regulation of robocalls. It instructs the Federal Communications Commission (FCC) to enact rulemaking on a number of issues relating to robocalls.

What are the provisions of the TRACED Act?

The TRACED Act implements a number of new regulations on robocalls, primarily by way of instructions to the FCC and other federal agencies and departments. Among the main provisions of the TRACED Act are the following:

Stopping Robocalls
The Act directs the FCC to take final action on its June 2019 Declaratory Ruling on Advanced Methods To Target and Eliminate Unlawful Robocalls. It directs the commission to implement these rules “with transparency and effective redress options for both… consumers; and… callers.”

SHAKEN/STIR
Service providers are required to implement SHAKEN/STIR—an acronym for Signature-based Handling of Asserted Information Using toKENs (SHAKEN) and the Secure Telephone Identity Revisited (STIR)—call authentication protocols. The protocol digitally validates a phone call as it passes through the complex web of telecom networks, allowing phone providers to verify that the call is actually coming from whoever appears to be placing the call.

Monetary Penalties
The FCC is authorized to assess penalties of up to $10,000 per call for violation with intent.

Statute of Limitations
The statute of limitations for a general violation is one year while the statute of limitations for violation with intent is four years.

Interagency Task Force
The FCC is required to convene an interagency task force to study government prosecution of robocall violations. The other agencies included in the task force are the Federal Trade Commission (FTC), Department of Justice (DOJ), Department of Commerce (DOC), Department of State (DOS), Department of Homeland Security (DHS), Consumer Financial Protection Bureau (CFPB), and state attorneys general.

Annual Reports to Congress
The FCC is required to provide an annual report to Congress on its robocall enforcement efforts. Additionally, the FCC and FTC are required to annually report to Congress on “Robocalls and Transmission of Misleading or Inaccurate Caller Identification Information”—suggesting that Congress has considered the possibility of good faith, law abiding callers being mistakenly affected by call-blocking technology. Many of the other sections of the Act also require reporting on the progress in implementing the various provisions.

Protections from Spoofed Calls
The Act instructs the FCC to enact a rulemaking to “help protect a subscriber from receiving unwanted calls or text messages from a caller using an unauthenticated number.”

Report on Reassigned Number Database
Within a year of the date of enactment, the FCC must give a report to Congress on its progress in implementing its proposed official database of reassigned phone numbers. This report must also be made available to the public on the FCC website.

Protection from One-Ring Scams
The FCC is required to “initiate a proceeding to protect called parties from one-ring scams.” The FCC is required to coordinate with the FTC and state-level officials on these efforts.

Coordination with AG on Certain Robocall Violations
The FCC is required to provide evidence to the Attorney General in circumstances where it “obtains evidence that suggest a willful, knowing, and repeated robocall violation with an intent to defraud, cause harm, or wrongly obtain anything of value.” This suggests the possibility of criminal enforcement of robocall violations.

Eliminating Warnings for Robocall Violations
The act eliminates the FCC's existing practice of issuing warnings to individuals and companies who are violating robocall regulations. The FCC can now levy fines for those violations without ever warning the alleged violators.

Does the TRACED Act contain any Safe Harbor provisions?

The Act instructs the FCC to establish a safe harbor for telephone providers who inadvertently block calls or callers whose calls should not be blocked, provided that the provider can demonstrate that they were given incorrect information by the call authentication frameworks.

How did SCOTUS rule in Facebook v. Duguid?

The Supreme Court ruled in favor of Facebook, determining that the text messages sent to Noah Duguid did not violate the TCPA. They accepted Facebook's argument that the device used to send the messages does not fit the TCPA's definition of an ATDS. For more information, see this news article.

What is TCPA? - Editing

The Telephone Consumer Protection Act (TCPA) is the primary federal law governing the regulation of telephone solicitations. It was first signed into law by President George H.W. Bush in 1991 and has remained the bedrock of federal telemarketing regulations ever since. Further legislation, such as 2019’s TRACED Act, and rulemaking by the Federal Communications Commission (FCC) and Federal Trade Commission (FTC) have built on the TCPA’s foundation. Numerous court decisions—including recent, prominent ones from the Supreme Court—have further entrenched the TCPA’s regulatory preeminence.

TCPA & DNC Fines

Maximum Standard TCPA Fine

$500 per violation

Maximum Treble TCPA Fine

$1,500 per willful violation

Maximum DNC List Fine

$43,280 per violation

 

Who Must Comply With the TCPA?

The TCPA regulates telephone solicitations. Therefore, any person, business, or entity that conducts telephone solicitations should comply with the TCPA. The TCPA covers voice calls, faxes, VoIP calls, and text messages.

The text of the law itself defines “telephone solicitation” as "the initiation of a telephone call or message for the purpose of encouraging the purchase or rental of, or investment in, property, goods, or services, which is transmitted to any person, but such term does not include a call or message (A) to any person with that person’s prior express invitation or permission, (B) to any person with whom the caller has an established business relationship, or (C) by a tax exempt nonprofit organization.”

The TCPA does not solely apply to the entities that conduct calling campaigns. Entities may be found vicariously liable for TCPA violations committed by agents that the entities have hired to conduct their calling campaigns, even if the hiring entities did not commit the violations directly.

 

What Are the Requirements of the TCPA?

The TCPA contains a number of different provisions. In order to avoid committing TCPA violations, callers must comply with all of these requirements.

Calling Time Restrictions

Callers may contact residential consumers only between 8:00 AM and 9:00 PM (recipient’s time zone).

Internal Do Not Call (DNC) List

Callers are required to maintain an internal DNC list of consumers who asked not to be called or texted.

Automatic Telephone Dialing Systems (ATDS)

The TCPA restricts autodialed marketing calls and texts to cell phones and other devices where the recipient might be charged for the call without prior express written consent, and non-marketing autodialed calls without prior express consent.

Robocalls

The TCPA does not allow the use of an artificial or prerecorded voice to be used to call a residential landline or wireless number for marketing purposes without prior express written consent.

Identification Requirements

Among other things, the TCPA requires the caller to provide their name, the name of the company on whose behalf they are calling, and a telephone number or address which can be used to contact them again.

National Do Not Call Registry

Marketers are required to suppress phone numbers on the National Do Not Call Registry. Remember that some states have their own local DNC lists as well, separate from the federal list.

 

How Is the TCPA Enforced?

The TCPA allows for a variety of enforcement mechanisms. The most significant is a private right of action that allows consumers to bring individual lawsuits and class actions. In 2019 and 2020, more than 3,000 TCPA complaints were filed in federal court. The TCPA is a strict liability statute with uncapped statutory damages and per-violation penalties that can be as high as $500-per-violation. Willful violations can be trebled as high as $1,500-per-violation. All of these elements combine to make for settlements and judgments in TCPA class actions that routinely reach tens of millions of dollars. One TCPA class action resulted in $925 million worth of penalties against a debt collector.

Additionally, through the TCPA itself and its legislative successors such as the TRACED Act, the TCPA gives the authority to enact regulatory enforcement to a number of government entities. In particular, the FCC and FTC have broad regulatory powers to enforce the TCPA.

 

What Are the Biggest TCPA Risks?

Reassigned Numbers

Nearly 100,00 numbers are reassigned each day. Since consent is associated with the called party and not the phone number, the possibility of contacting reassigned numbers brings an enormous amount of TCPA risk.

Personal Liability

In certain situations, executives and compliance officers are being targeted personally for litigation stemming from TCPA violations. This risk compounds the already unnecessarily punitive nature of TCPA litigation.

DNC Violations

Following the Supreme Court’s decision in Facebook v. Duguid, TCPA litigators have turned their focus to alleging DNC violations. Additionally, an increased emphasis on state-level telemarketing regulations is likely to raise the risk level of DNC violations. There are different DNC lists—federal, state, and internal DNC—and DNC compliance is taking on renewed importance.

Inaccurate Data

Marketers often acquire contact information from outside lead generators. While this can be a valuable source of new leads, it also brings the possibility of inaccurate or outdated data. Having the wrong information is often the first step in the pathway to TCPA violations.

 

Why Is the TCPA So Costly?

There are four key elements of the law itself that combine to make it the perfect vehicle for truly outlandish settlements and judgments.

Strict Liability Statute

The TCPA is a strict liability statute, meaning no forgiveness is given for unknowing or good faith mistakes. Marketers can rack up thousands of violations (or more) without even realizing that they are doing so and the TCPA offers no forgiveness. In fact, there are treble penalties for knowing violations.

Uncapped Statutory Damages

This element of the TCPA makes it such a costly source of litigation is the fact that it has uncapped statutory damages. The only limit on how large a penalty can be assessed is how many violations were committed.

 

Private Right of Action

The law’s private right of action—and court opinion determining that it can be used to pursue nationwide class actions—allows for such enormous penalties for TCPA violations. While the FCC has, on occasion, levied large fines for violations of telemarketing laws, that sort of regulatory action rarely happens at the scale and frequency of class actions brought by plaintiffs under the TCPA’s private right of action.

Per-Violation Penalties

TCPA penalties are assessed on a per-violation basis—up to $500-per-violation and up to $1,500-per-willful-violation. Combined with the uncapped statutory damages, these penalties can add up.

 

These four elements combine to make the TCPA an unprecedentedly lucrative vehicle for litigation. This has, unsurprisingly, encouraged a veritable cottage industry of TCPA litigators and professional plaintiffs to seek out and, in some cases, manufacture as many and as costly TCPA lawsuits and class actions as possible.

Four Most Dangerous Elements of TCPA Litigation

Strict Liability Statute

Companies are legally responsible regardless of fault or intent

Uncapped Statutory Damages

Companies may be liable for exorbitant damages

Private Right of Action

Consumers may bring individual lawsuits and class actions

Per-Violation Penalties

Multiple TCPA violations can be applied to a single call

 

What About State-Level Telemarketing Laws?

There are dozens of state-level telemarketing laws, with new ones being passed every year. Many of these state laws are modeled on the TCPA and often make use of the National DNC Registry. But it is important to note that the TCPA expressly does not preempt state or local telemarketing regulations. Compliance with regulations at every level is mandatory.

How do courts determine if a dialer is an autodialer?

The Supreme Court's decision in Facebook v. Duguid finally set a consistent precedent for how to interpret the TCPA's definition of an ATDS: “The capacity to use a random or sequential number generator to either store or produce phone numbers to be called.” However, the practical application of this definition to specific dialers can still be confusing.

An October 2021 decision by the Southern District of California Court in Wilson v. Rater8 offers a useful precedent for answering this question. In dismissing the plaintiff's ATDS claims, the court identified six potential factors in determining if a device is an autodialer:

  1. “the nature of the message” with a generic, impersonal, or promotional message suggesting ATDS;
  2. “the number or frequency of messages, ” with “repetitive messages sent over a short period of time” suggesting ATDS;
  3. “[t]he ability to respond to or interact with the text messages (i.e., sending ‘Stop'), ” with interactivity of this character suggesting use of an ATDS;
  4. “the relationship between the parties, ” with a pre-existing relationship weighing against ATDS;
  5. whether identical messages were sent to multiple numbers simultaneously;
  6. whether the message was sent from a SMS short code or long code, with a SMS short code suggesting an ATDS.

While this is not a definitive set of factors that every court will use in every ATDS case, it offers a useful framework for determining what courts are likely to consider.

What is a litigation firewall?

In a general sense, a litigation firewall could be any effort to protect your business from the multimillion-dollar litigation industry enabled by the Telephone Consumer Protection Act. The most obvious and direct way to do so would be to purchase software or make a business alliance with a company that can help you blacklist any litigators. Experienced marketing attorneys and industry professionals alike agree that robust and remarkably effective solutions against predatory litigation are essential.

How do you know if somebody is on the Do Not Call list?

The best way to make sure you don't call a number on the Do Not Call (DNC) list is to purchase a SAN, download the list, and use it to scrub numbers from your calling lists. The procedures should be similar for state DNC lists. The Federal Trade Commission (FTC) does offer a way to check up to three numbers to see if they are on the federal DNC list, but this tool is intended to be use for consumers to check if their own numbers are registered.