Is TCPA a Four-Letter Word?

One of the plaintiffs’ class action bar’s favorite play toys is the federal Telephone Consumer Protection Act of 1991(TCPA), which imposes a host of requirements and constraints on telephone calls and text messages made on behalf of a business both to other businesses and to consumers.

Plaintiffs are entitled to receive $500 to $1,500 in statutory damages for each call placed in a manner that violates any of the Act’s requirements. Those damages can be aggregated across a class and the Act does not cap the amount a defendant must pay for TCPA violations in any way. Presumably for that reason, recent TCPA class action settlements have averaged almost $7 million per case, according to a September 2024 CRC Group report. And presumably for that reason, new TCPA complaint filings increased 98% year over year in 2023 and another 17.6% through the first five months of 2024, the report says.

No industry is immune to TCPA scrutiny, and a company need not have directly engaged in the challenged conduct to have liability exposure. In March of this year, for example, Allstate was held vicariously liable by a federal court in Illinois for TCPA violations based on calls placed by a third-party telemarketer (Atlantic Telemarketing) that was subcontracted by a different third-party telemarketer (Transfer Kings) that had been hired by two Allstate agents to place telemarketing calls regarding insurance quotes.

Allstate itself apparently was unaware that two of its agents had hired Transfer Kings and the Allstate agents may not have known that Transfer Kings engaged Atlantic Telemarketing. Allstate nevertheless was subject to statutory damages for each of Atlantic Telemarketing’s calls to the plaintiff. Because the court previously had denied class certification, however, the damages award was relatively small ($18,000 total stemming from 12 calls).

Not all companies are that lucky, though. In 2020, for example, dietary supplement company ViSalus was on the wrong end of a $925 million jury verdict even though that defendant had evidence of “prior express consent” from each recipient of its calls. However, it did not have the requisite heightened level of “prior express written consent” necessary to place the “robocalls” at issue. (The excessive amount of the award caught the attention of the Ninth Circuit, which remanded the case to district court for further analysis of whether the damages were constitutional; it is still ongoing.)

Many businesses—including insurance agencies and brokerage firms—often call and text existing clients for normal-course account servicing and to offer additional valuable products and services. Many of your firms likely also regularly call and text prospective personal lines customers. To help you limit exposure, here is an overview of the TCPA’s rules for calling and texting.

Autodialers and Prerecorded Messages. First, the TCPA prohibits non-emergency calls or text messages placed or sent via an “automatic telephone dialing system” (i.e., an autodialer) or that use an artificial or prerecorded voice (i.e., a prerecorded message) to any cell phone without the recipient’s consent.

For non-telemarketing autodialed or prerecorded message communications, a company only needs the consumer’s “prior express consent,” which is generally deemed to exist whenever the consumer has voluntarily provided the caller/texter with his or her telephone number. For example, prior express consent typically would exist where a policyholder has provided an insurance agent with his or her cell phone number as part of the policy application or binding process.

In order to use an autodialer or prerecorded message to telemarket, a company must have the recipient’s “prior express written consent.” That is a heightened standard, requiring a written agreement that includes:

1. The signature of the recipient (either traditional “wet” signature or an electronic/digital one) that clearly authorizes the specific company to deliver telemarketing calls or messages

2. The telephone number to which the signatory authorizes such telemarketing communications

3. A clear and conspicuous disclosure stating both that (a) the calls and messages may be delivered using an autodialer and/or a prerecorded message, and that (b) the consumer is not required to provide consent as a condition of purchasing any goods or services

Calls to Residential Lines. Second, prerecorded message telemarketing calls to a “residential” telephone line require the recipient’s prior express written consent consistent with the written agreement and disclosures noted above.

Do Not Call List Calls. Third, the TCPA’s “do not call” rules prohibit placing “telephon[ic] solicitations” to telephone numbers registered on either the National Do Not Call Registry (NDNC) or a company’s own internal do not call list.

In other words, manual, live operator telemarketing calls and text messages may not be placed or sent to a telephone number registered on the NDNC unless an exception applies, such as the company having an “established business relationship” with the consumer or the consumer’s “prior express invitation or permission.” If a number is registered on a company’s internal do not call list, telemarketing calls and text messages may be placed or sent only if that consumer subsequently has provided prior express written consent.

In addition to the core consent requirements, the TCPA includes a number of additional compliance requirements, which apply to any company that uses the telephone to communicate with current or prospective customers, including:

• Caller ID Information
• Do Not Call Policy Requirement
• Call Time Restrictions
• Opt-Out Requirements (both in terms of mechanisms to allow opt-outs and deadlines by when opt-outs must be honored)
• Recordkeeping Obligations

The details of each of these requirements are oddly complicated and many states are enacting their own regimes—including the Florida Telephone Solicitation Act (FTSA) of 2021, the Oklahoma Telephone Solicitation Act (OTSA) of 2022, and Maryland’s Stop the Spam Calls Act of 2023—which add compliance nuances of their own and expand the potential damages liability.

Every TCPA issue therefore is basically a Choose Your Own Adventure decision tree. It is tricky stuff and the devil is always in the details on what a company is or intends to do, which is why even the most compliant companies can get themselves into trouble. And the cherry on top of the TCPA sundae? Congress is actively considering amendments that will expand the overall TCPA compliance obligations by, for example, broadening the Act’s definition of an autodialer through the proposed Do Not Disturb Act to encompass text messaging and other technologies not addressed by current law.

As is true with so many other regulatory regimes, an ounce of compliance now can prevent a pound of calling and texting exposure later.