What is TCPA
Aug
04

What is TCPA? An Expert Guide to Understanding Telemarketing Regulations   

/in /by

You’ve probably seen articles about the TCPA before. Some give you a basic definition, others copy the same legal text without really explaining what you should do with it. This blog is different, and we made it easier for you to comply.

This blog collates all important information about the latest TCPA compliance updates. We’re breaking down the TCPA in a way that makes sense—what it covers, who it applies to, what changed in 2025, and how to avoid the mistakes that can cost you thousands or millions.

Whether you’re making cold calls, sending texts, or following up with leads, these rules affect your business more than you might think.

Let’s start!

What is TCPA?   

The Telephone Consumer Protection Act (TCPA) was passed in 1991. It was created to stop businesses from overloading consumers with robocalls, faxes, and unsolicited texts. The law gave people more control over how and when they get contacted.

The Federal Communications Commission (FCC) manages TCPA enforcement. It requires businesses to get prior consent before using automated technology to reach consumers. Also, it sets calling time limits and helps protect consumer privacy. This law applies whether you’re a solo agent or a national brand.

Over the years, TCPA has also evolved with technology. It went from controlling landline robocalls to now regulating SMS campaigns and AI-powered dialers. It continues to shape how businesses must treat consumer communication preferences.

What is Covered Under TCPA?  

TCPA doesn’t just apply to phone calls. It also applies to:

  • Voice Calls: Live agents or prerecorded messages need consent before contacting people, especially when using autodialers.
  • Text Messages: SMS marketing is subject to the same consent requirements as phone calls.
  • Faxes: Businesses can’t send marketing faxes without written permission.

If you’re contacting anyone using automated tools, you need to follow TCPA rules. Consent must be clear, and you need to keep records of it. Even ringless voicemails and abandoned calls from predictive dialers are being examined under TCPA interpretations.

What is the DNC Registry?  

The National Do Not Call (DNC) Registry is a list maintained by the Federal Trade Commission (FTC). People can add their phone numbers to this list to stop unsolicited sales calls.

That is why it is important for telemarketers to check their call lists against the DNC Registry every 31 days. Calling someone on the list without their written permission can lead to steep fines. What makes it more complicated is that there are 13 states with their own DNC regulations.

Some state DNC registries require businesses to register annually, pay fees, or keep internal opt-out logs, and more. These extra steps add more responsibility to compliance management.

Who Should Comply with TCPA Regulations?  

If you call, text, or fax consumers for business, marketing, or collections, then TCPA applies to you. It doesn’t matter if you use a predictive dialer or just send one text a week. Here’s why the following industries should pay close attention:

  • Call centers: Whether outbound or blended, call centers are often flagged for TCPA violations due to high volume and use of auto-dialers. Even a single call to a reassigned or DNC-listed number can trigger lawsuits.
  • Real estate: Agents and firms often contact prospects using lead lists or cold calling, which can easily result in unintentional violations without DNC checks or consent logs.
  • Financial services: Banks, lenders, and fintech platforms regularly send alerts, payment reminders, or promotions. Without clear consent and opt-out methods, these actions can cross legal lines.
  • Insurance agencies: Agents rely heavily on outbound marketing to generate leads and upsell. Many use robocalls or text blasts, which require prior express written consent.
  • Healthcare providers: While some healthcare-related calls are exempt, reminders and marketing messages still fall under TCPA. Providers need to ensure HIPAA and TCPA compliance don’t conflict.
  • Debt collectors: Collection efforts must be handled carefully. Calling a number that no longer belongs to the original debtor or failing to honor opt-out requests can result in heavy penalties.
  • Retail and e-commerce: SMS promotions, loyalty campaigns, and abandoned cart messages are common. Without consent and opt-out options, these messages violate TCPA.

Even non-profits and political campaigns, though partially exempt, must still follow key rules such as honoring opt-out requests and avoiding robocalls without clear permission.

Common TCPA Violations  

These are the most common mistakes businesses fall into:

  • Calling numbers on the National or State DNC Registry: Telemarketers must scrub contact lists against both federal and state registries. Calling a registered number without permission leads to steep fines.
  • Using prerecorded messages or auto-dialers without consent: You can’t legally use automated systems to deliver messages unless you have prior express written consent. Without that, your campaign becomes a TCPA violation.
  • Texting without written consent: Texts are treated the same as calls. You need clear, written permission before sending marketing texts. Even transactional texts can be risky if consent isn’t documented.
  • Ignoring opt-out requests: If someone says stop, you stop. Any message sent after a user opts out increases the chance of complaints and lawsuits.
  • Calling outside of permitted hours (before 8 AM or after 9 PM): The law only allows calls during specific windows in a person’s local time zone. Anything earlier or later is considered harassment under TCPA.
  • Failing to maintain internal DNC lists: Even if a number isn’t on the national registry, people can ask your company to stop contacting them. You need to honor and track these requests.
  • Not screening reassigned or disconnected numbers: Consent is tied to a person, not a number. If someone else now owns the number, contacting it could count as unauthorized outreach.
  • Not identifying yourself on the call: Every call must clearly state who is calling, from what business, and provide a contact number or address. Failure to do this breaks basic TCPA transparency rules. This applies to both live calls and prerecorded messages.

Other overlooked mistakes include failing to give clear identification at the start of a call or not providing a working callback number during prerecorded messages.

TCPA Exceptions  

Some communications are not restricted under TCPA. These include:

  • Calls for emergency purposes: These are not restricted under TCPA as long as the call is made for an urgent situation that affects health or safety. For example, hospitals or public safety alerts may issue emergency notifications without prior consent.
  • Calls or texts to customers with an existing business relationship (EBR): If a customer has made an inquiry, purchase, or transaction within the past 18 months, businesses may contact them without written consent. But if the customer opts out at any point, this exception no longer applies.
  • Non-commercial calls: Informational messages, such as school closures or appointment reminders (not tied to promotions), are generally allowed. The content must not include any advertising or promotional offers.
  • Survey or political calls (with some limits): These calls are typically allowed without consent as long as they are not used to market or sell something. However, if the calls use auto-dialers or prerecorded messages, additional rules still apply. And once a person asks not to be called again, those requests must be honored.

Still, even these exceptions can get murky. For example, if a customer opts out, the EBR rule no longer protects you.

Also, healthcare-related messages that follow HIPAA rules are usually exempt, but they must still follow specific limits, such as no marketing without written consent.

10 Most Expensive TCPA Violations  

These lawsuits cause a headache and broke the bank:

1. Assurance IQ – $21.875 Million (2024) 

Violated TCPA by making marketing calls about insurance services without prior express written consent. These promotional calls were made to consumers who never opted in.

2. Citibank – $29.5 Million (2024) 

Faced penalties for placing prerecorded or artificial voice calls to individuals about overdue credit accounts, even though those people were not Citibank customers. No valid consent was on record.

3. Bank of America – $32.08 Million (2014) 

Used autodialers and prerecorded messages to contact people regarding credit and mortgage services. Many recipients never gave consent for these calls or texts.

4. HSBC – $39.98 Million (2014) 

Reached a settlement after being accused of calling mobile numbers using robocalls without consent. The calls were tied to collections and other account notifications.

5. AT&T Mobility – $45 Million (2014) 

Made autodialed collection calls to mobile numbers that had been reassigned. The recipients were no longer customers and had not given consent.

6. US Coachways – $49.9 Million (2016) 

Sent thousands of marketing text messages promoting travel deals without obtaining prior express written consent. The messages were classified as advertising under TCPA.

7. Dish Network – $61 Million (2017) 

Responsible for over 50,000 telemarketing calls to numbers on the National Do Not Call Registry. The calls were made through a third-party vendor, and Dish was held liable.

8. Capital One – $75.5 Million (2014) 

Along with third-party debt collectors, they made autodialed calls to about 21 million phone numbers without permission. The calls were linked to unpaid accounts.

9. Caribbean Cruise Line – $76 Million (2016) 

Used robocalls to advertise cruises. These calls were sent to both landline and mobile users without prior express consent.

10. ViSalus – $925 Million (2019) 

Made nearly 2 million robocalls for marketing purposes using outdated consent standards. The court ruled that their previous opt-ins did not meet current TCPA requirements.

Each case shows why staying compliant can keep your company afloat. Many of these companies had to settle because defending the lawsuits would have cost even more. But others didn’t make it, just like ViSalus, which went bankrupt because of an expensive TCPA settlement that cost them the whole company.

TCPA Compliance Tools to Avoid TCPA Lawsuits   

Staying compliant doesn’t have to slow you down. These tools help you screen risky contacts, confirm consent, and avoid the common mistakes that lead to TCPA complaints and fines, even before you ever make a call or send a text.

 1. DNC and TCPA Litigator Check 

The DNC and TCPA Litigator Check helps protect your business by screening your contact list before you make any calls or send messages. It checks your leads against:

  • National DNC Registry
  • State-level DNC lists
  • DNC complainers
  • TCPA litigators

Why this matters:

  • Flags high-risk contacts who are likely to file complaints or lawsuits
  • Reduces your exposure to TCPA fines and litigation
  • Helps maintain clean and compliant lead lists
  • Can be used in both bulk and real-time API formats

2. Reassigned Numbers Database (RND) 

Consent is only valid if the phone number still belongs to the same person who gave it. The RND API helps confirm that before any outreach.

What the results mean:

  • NO – The number has not been reassigned since the date of consent. You’re safe to contact and protected under Safe Harbor.
  • YES – The number has been reassigned to a different person. Do not contact. Consent is no longer valid.
  • NO_DATA – The number isn’t in the database. Proceed with caution. Safe Harbor does not apply in this case.

Why this matters:

  • Prevents accidental violations from calling reassigned numbers
  • Offers FCC-approved Safe Harbor protection when the result is “NO”
  • Helps validate consent before every campaign or automated message

3. Advanced Phone Validator with Time zone Check 

This tool gives you detailed phone number intelligence so you don’t waste resources or violate TCPA restrictions.

What it verifies:

  • Current Line and Carrier
  • Geographic Data such as location, time zone, and state

Why this matters:

  • Helps you avoid calling outside of allowed hours
  • Improves your campaign efficiency while staying compliant

Other Important TCPA Terms You Should Know  

1. Vicarious Liability 

If your third-party vendors or contractors violate TCPA rules, you can be held liable too. To avoid vicarious liability, you need to screen your partners as carefully as your leads. This includes marketing agencies, dialer software vendors, and list brokers.

2. Safe Harbor Protection 

This means that if a business checks a phone number through the RND before calling or texting and receives a result showing the number has not been reassigned, then the business is protected from TCPA liability—even if the number was later found to belong to someone else.

To qualify for Safe Harbor, the business must:

  • Query the RND no more than 45 days before making the call
  • Keep detailed records of the query and result
  • Use the number exactly as it appeared during the query (no changes)

This protection only applies when the RND returns a “No” (not reassigned). If you skip the check or ignore the result, you lose this protection.

3. DNC Complainers 

These are individuals who report businesses to the FTC or state regulators for receiving telemarketing calls or texts, especially when their number is on the Do Not Call (DNC) list or they have already requested not to be contacted.

It doesn’t need to be a repeated complainer to be tagged as one. As long as someone complained even once, they are considered a DNC Complainer.

However, some DNC Complainers are highly active and file repeated complaints, even against businesses that may have contacted them unintentionally. These people are often alert to violations and may monitor their phone activity closely.

Why it matters:

  • They increase your risk of being flagged for investigation
  • Their complaints can lead to fines or lawsuits
  • Screening tools can help identify and exclude these numbers from your campaigns before outreach

Identifying DNC Complainers early in your contact list helps reduce risk and shows you take consent and compliance seriously.

4. TCPA Litigators 

TCPA Litigators are phone number owners who have been involved in TCPA lawsuits, whether just once or multiple times. Some are known for repeatedly suing businesses over unwanted calls or texts, often using the TCPA as a legal strategy.

These individuals may monitor for violations like calls without consent, robocalls, or messages after opting out. While some cases are legitimate, others are from people actively looking to trigger a violation. Identifying and avoiding these numbers can help you reduce legal risk and avoid being targeted.

Who Are the TCPA Litigators I Should Avoid Calling?

Using a DNC with TCPA Litigator Check will help you catch phone number owners who were involved in TCPA litigations in the past. Here are the serial TCPA Litigators to watch out for, and if you see them in your list, it’s best to remove them from your CRM:

1. Craig Cunningham

Based in Texas, Cunningham has filed over 150 TCPA lawsuits. He targets robocalls, missed calls, and unsolicited texts. Companies like Vivint and Radius Global have settled with him. He’s widely known in legal circles and frequently monitors telemarketing behavior to file claims.

2. James Everett Shelton

A Pennsylvania-based litigator who has made over $800K from TCPA settlements. He sues companies for repeated DNC violations and robocalls. One notable case against Fast Advance Funding earned him $33,000. He understands TCPA rules deeply and uses that to his advantage.

3. Ethan Radvansky

Radvansky often sues e-commerce brands over promotional text messages sent without proper opt-in consent. His cases have included Maelys Cosmetics and 1-800-Flowers. He focuses on retail SMS campaigns and repeat violations.

4. Fred Heidarpour

Heidarpour, operating under Abante Rooter and Plumbing Inc., files TCPA suits related to robocalls and cold calling. He’s been part of class actions against mortgage and auto warranty firms and is active in multistate litigation.

5. Andrew Perrong

Known for suing companies and executives personally, Perrong has filed TCPA cases since 2015. He represents himself and has taken action against Citibank and Verizon. He documents past filings and looks for new TCPA violations regularly.

6. Joseph Friel

Friel has sued tech firms and telecom providers like ETN America, even naming CEOs individually. He focuses on calls and texts made without consent and often pushes courts to consider executive-level accountability under TCPA.

7. Joseph Brennan

Brennan targets companies like Pizza Hut and DIRECTV for contacting numbers on the DNC Registry. He often files cases against both marketers and third-party dialers. His lawsuits center on autodialed calls and SMS campaigns.

Use compliance tools to screen them out before they screen you into court.

New TCPA Updates in 2025  

In 2025, the FCC updated some TCPA regulations with tighter rules on consumer rights and more pressure on businesses to clean up their act.

 1. One-to-One Consent 

The initial purpose of this proposal was to solve the lead generation loophole and remove “blanket consent,” which will require businesses to obtain consent separately. Basically, shared consent across multiple marketers will no longer be valid. Each company must secure consent for its own activities, and outreach must remain relevant to the context in which consent was initially provided.

It was supposed to be implemented in January 2025, but was halted, and soon struck down by the Eleventh Circuit Court of Appeals.

So, if you are wondering the new status about One-to-One Consent, according to Eric J. Troutman of Troutman Amin, LLP & TCPAWorld, it’s safe to say that it is finally dead, and you no longer need to design your consent process around the one‑to‑one restriction. A well-worded, clear opt‑in statement that indicates willingness to receive calls or texts is still valid if it meets the FCC’s high standard of clarity, even when it covers multiple companies or campaign types.

2. Faster Opt-out (10 Business Days) 

Implemented in April 2025, you must honor all opt-out requests within 10 business days. No more 30-day buffer. Keep opt-out tracking logs and update internal records promptly to avoid complaints.

3. Flexible Opt-out 

On the same day, this new rule says that people don’t need to text “STOP” anymore. If someone texts back “unsubscribe” or “don’t message me,” you need to treat that as a valid opt-out. The FCC wants businesses to accept more natural language responses for opting out.

Frequently Asked Questions about TCPA  

How frequently should you screen numbers against the DNC Registry? 

Every 31 days. That’s the rule. And you should document every check. Use automated tools to schedule and log these checks consistently.

What’s the difference between the National and State DNC Registries? 

The Federal Trade Commission run the National DNC. Some states run their own lists with separate rules and penalties. You need to comply with both. Some states even require separate registration or fees for telemarketers.

When is the best time to query the RND? 

It’s best to query the RND on the 17th of the month. The RND completes monthly updates by 8 AM ET on the 17th. Querying on or after the 17th ensures you’re using the most current data.

Are there any time calling restrictions? 

Yes. Generally, you can only contact someone between 8 AM and 9 PM in their local time zone. However, there are 26 States that have special time calling restrictions, including holidays, days of the week, and time of calling on weekdays. Read this blog to learn more.

Why You Should Choose Searchbug as Your TCPA Compliance Solution Provider   

Searchbug’s Complete TCPA Compliance Solutions makes it easy to stay compliant and avoid risk. Here’s why businesses choose us:

  • Free API Testing: We give you $10 in credits to test our API tools—no risk, no strings attached.
  • No Credit Card Required: You don’t need to enter payment details to start testing. Add billing only when you’re ready to go live.
  • No Subscription: There’s no monthly commitment. You pay only for the data you use, whenever you need it.
  • No Long Waiting Time: Unlike the FCC’s DNC access process, we get you started fast. For RND, just submit a Letter of Authorization. For DNC, it’s plug-and-play—we’re already authorized to provide both.
  • No Expiring Credits: Your prepaid credits stay in your account as long as it’s active. They don’t expire like some FCC-direct tools.
  • Cumulative volume-based Pricing: The more you query, the better your pricing. It applies whether you’re using the API or uploading in bulk.
  • Real-time Results: APIs return results instantly. Batch uploads vary by volume—some take minutes, others a few hours or more.

Whether you want to clean up your lead list, check for TCPA litigators, or stay on top of DNC rules, we have tools built for that. Our support team also helps with setup and integration if needed.

Final Thoughts  

There you have it! TCPA compliance isn’t here to be a burden. Yes, it was made mainly to protect consumers. However, it doesn’t need to be complicated on your end. There are ways to keep your marketing legal, your business protected, and your contacts respected. With constant rule changes and watchdogs everywhere, you should have TCPA Compliance tools in place to do the heavy lifting.

Searchbug gives you everything you need to run outreach campaigns without crossing the line. From DNC checks to phone validation and real-time RND access, we make it easier to stay compliant without slowing down your workflow.

Ready to take action? Register for a FREE API Test Account today and see how our tools help you stop TCPA problems before they start.

Now that we’ve laid out the complete guide in navigating TCPA Compliance, are you confident about our TCPA compliance process? Let’s put that to test! Here are some TCPA quizzes we’ve put together for you to assess how well you know TCPA, from the basics to the advanced topics of TCPA, we aim for you to assess your compliance system in place.

This blog serves as your review, so, good luck!

You might also like
What Is the Reassigned Numbers Database (RND) What Is the Reassigned Numbers Database (RND)?
TCPA Compliance 10 Things Lead Generation Companies Need to Consider TCPA Compliance: 10 Things Lead Generation Companies Need to Consider
TCPA Compliance Isn’t Just for Call Centers TCPA Requirements Companies Often Miss TCPA Compliance Isn't Just for Call Centers: TCPA Requirements Companies Often Miss
NEW TCPA Litigator Feature Added to Phone Validator APIs NEW: TCPA Litigator Feature Added to Phone Validator APIs
What Are the Key Features to Look for in a Forex Prop Trading Firm What Are the Key Features to Look for in a Forex Prop Trading Firm?  
2025 TCPA Regulations What You Need to Know About Updated Opt-Out Rules 2025 TCPA Regulations: What You Need to Know About Updated Opt-Out Rules