TCPA Compliance Guide: Requirements, Exemptions & Checklist

Written by

Katherine Stone

Enterprise Analyst, UCaaS, CCaaS, and AI

Katherine Q. Stone has over 5 years of experience covering the B2B tech and Software as a Service beat, with a particular focus on UCaaS, CCaaS, and AI solutions.

September 21, 2023

TCPA Compliance Guide: Requirements, Exemptions & Checklist

Jump to ↓

The Telephone Consumer Protection Act (47 U.S.C. § 227) outlines the laws, penalties, and exceptions for how businesses and their representatives can make telemarketing phone calls to consumers.

The TCPA now also includes solicitation regulations for faxing and sending SMS business text messages to consumers.

Understanding TCPA guidelines is essential for call centers, business owners, and any individual or entity engaged in telemarketing.

In this post, we’ll outline TCPA requirements and the potential penalties for violating them. We’ll also explain exceptions to these rules and provide you with a TCPA compliance checklist.

What Is the TCPA?
Who Does It Apply To?
EBR and PEWC
TCPA Requirements
Exemptions for Calls/Texts
TCPA Compliance Checklist
TCPA Compliance FAQs

What Is the TCPA?

The Telephone Consumer Protection Act (TCPA) is a set of federal telecommunications laws regulating telemarketing practices, particularly the use of Automatic Telephone Dialing Systems (ATDS) and robocalls.

Implemented by the Federal Trade Commission (FTC) and the Federal Communications Commission (FCC) in 1991, the TCPA defines and issues penalties for abusive telemarketing tactics like robocalling, the exploitation of auto dialers and pre-recorded voice messages, and violations of consumer privacy.

The TCPA also includes the Telemarketing Sales Rule (TSR), a series of rules any individual, business, or entity making solicitations to consumers via phone, fax, or SMS text messages must follow.

Since its inception, the FTC, FCC, Congress, and United States Supreme Court have issued continual updates to the TCPA to address evolving technology and new issues affecting consumers.

For example, though the FTC established the National Do Not Call Registry (DNC Registry) in 2003, the 2007 Do-Not-Call Improvement Act ensures phone numbers are permanently registered to the National DNC list database (they previously expired after 5 years).

Who Does the TCPA Apply To?

The TCPA applies to any US-based person, business, common carrier, or entity making telemarketing calls (or sending marketing SMS messages or faxes.)

A telemarketing call (telephone solicitation) is the act of placing an unsolicited phone call to consumers with whom there is no existing business relationship with the express intent of selling goods, services, property, etc.

TCPA regulations are also in effect when the called party or other recipient of the solicitation is located in the United States–even if the person making the solicitation is located outside of the US.

The TCPA primarily restricts the use of automation in solicitation telephone calls, faxes, and texts.

It prohibits the practice of robocalling–using ATDS (outbound auto dialers) to deliver pre-recorded or AI-generated voice messages to consumers without their prior written consent. This helps cut down on potential call center fraud and other consumer scams.

It also prohibits sending automated SMS text message campaigns or using a Telephone Facsimile Machine to fax unsolicited marketing materials/advertisements to consumers.

EBR and PEWC

To understand how to be TCPA compliant, there are a few key terms to know:

Established Business Relationship (EBR)

Sometimes called an Existing Business Relationship, an EBR is established in two ways:

The consumer being contacted has purchased (or rented, etc.) the seller’s products/services within 18 months from the date of the telemarketing call/text
The consumer being contacted has applied for/inquired about the seller’s goods/services within three months before the date of the telemarketing call/text

Telemarketers may not send people they have an EBR with automated voice calls, texts, or pre-recorded/generated messages. However, they do have the right to make live phone calls to them.

Prior Express Written Consent (PWRC)

A customer gives a business written consent establishing they agree to receive automated pre-recorded/artificially-generated telemarketing calls, texts, faxes, etc. They also provide the phone number where these communications can be sent.

Businesses must have Prior Express Consent to place commercial autodialed calls or send automated marketing texts to a consumer.

What Are the TCPA Compliance Requirements?

Below, we’ll outline TCPA requirements and exemptions for commercial phone calls, text messages, and Caller ID displays.

TCPA Compliance for Commercial Phone Calls and Text Messages

The below TCPA Compliance guidelines apply to all individuals, businesses, and entities associated with sending and/or facilitating telemarketing phone calls and commercial text messages/faxes:

Telemarketers cannot send automated, pre-recorded, or AI-generated calls/texts faxes to the cell phone or residential telephone number of anyone without an EBR/PEWC. (They may send existing customers commercial calls/texts/faxes as a part of Informational Outreach)
Telemarketers cannot call, text, or fax consumers before 8:00 AM and after 9:00 PM (in the call recipient’s local time zone)
Telemarketers cannot call, text, or fax anyone on the National Do Not Call Registry and must make/maintain an internal Do Not Call List of numbers that must not be contacted for five years
Telemarketers may not use ATDS to simultaneously call two or more phone lines at the same business (no multi-line dialing)
Any entity placing solicitation calls/sending commercial messages must provide:
- Their name/the name of the business calling/sending messages
- The contact information message of the business they’re making the call on behalf of
- An accurate/verifiable Caller ID free without the use of caller ID blocking services
Telemarketers cannot use ATDs to send pre-recorded/ artificially-generated voice or text messages to emergency services lines including 911, hospital patient rooms, elder care homes, or similar healthcare facilities.
Telemarketers cannot call/text/fax any phone number, including a cell phone number, that results in a charge to the call recipient
Businesses sending commercial text messages must provide consumers with an opt-in agreement obtaining consumer Prior Express Written Consent and disclosing all SMS marketing communications. The disclosures and opt-in message must state the purpose, frequency, terms and conditions of the commercial text messaging, associated data rates, the business name, and information on how to get help and opt out
Customers must receive an opt-out option for ending the receipt of commercial texts (Automated “STOP” response triggers are a popular opt-out method)

Caller ID and TCPA Compliance

The 2019 TRACED Act (Telephone Robocall Abuse Criminal Enforcement and Deterrence) was developed as a response to spoofing.

Caller ID spoofing is when a business intentionally falsifies the information connected to their Caller ID.

The TRACED Act requires telemarketers to implement STIR/SHAKEN technology to verify the legitimacy of their displayed Caller ID.

TCPA Violations and Penalties

TCPA violations may result in:

A small claims court lawsuit
A federal court lawsuit (common with class action lawsuits)
A penalty fee of $500/per violation, or $1500 per willing/intentional violation
A National Do Not Call Registration penalty fee of up to $50,120 per violation

TCPA Exemptions for Commercial Calls/Texts

In addition to establishing EPWR or an EBR, TCPA compliance exceptions include:

Calling/texting/faxing consumers for emergency purposes
Calling/texting/faxing consumers who have made their facsimile number available for public distribution
Calling a residence with HIPAA-related information or on behalf of a tax-exempt nonprofit organization
Calling a wireless number for purposes related to package deliveries, financial debt collection/fraud alerts, healthcare
Manually placing/sending non-commercial calls and texts without using pre-recorded or generated messages (manual dialing)
Using ATDs and prerecorded/generated messaging to send non-commercial calls/texts/faxes to business or residential landlines

TCPA Compliance Checklist

In order to ensure your contact center or auto dialer software remains TCPA compliant, implement the below best practices:

Always keep records of consumer Prior Express Consent
Stay up-to-date on changes and additions to TCPA laws and changes to Do Not Call requests (enable notifications to ensure you don’t miss any)
Institute regular employee training regarding TCPA Compliance, and conduct random tests to ensure compliance
Retain an attorney to monitor and respond to TCPA updates, lawsuits, or other potential legal issues
Use TCPA Compliance Software or look for TCPA-compliant SaaS providers (especially if using auto dialer software or automated SMS marketing tools)

TCPA Compliance FAQs

Below, we've answered the top FAQs about TCPA Compliance.

Do TCPA rules apply to text messaging?

Yes, TCPA rules apply to SMS text messaging as of a 2012 FCC ruling.

Does the TCPA apply to political campaigns?

Calls and texts related to political campaigns allow callers to place outbound automated calls and send prerecorded/generated voice or text messages to landline phones without obtaining prior express written consent. Political campaign calls/texts are also exempt from Do Not Call List regulations.

However, political campaigns are still subject to some TCPA regulations, like:

Political campaigns cannot place automated calls/texts to mobile devices without PEWC (or any other number resulting in a charge to the recipient)
Political campaigns cannot place automated calls/texts to emergency service phone numbers
Political campaigns must provide the name of the entity initiating the call and that entity's phone number

Does the TCPA allow for oral Express Prior Consent?

Only written Express Prior Consent is accepted for businesses to be able to send ADT-powered calls and text messages to consumers.

What are the TCPA compliance standards?

To make TCPA-compliant commercial calls/texts to consumers, businesses must:

Be able to establish an Existing Business Relationship or prove the customer has given their Prior Express Written Consent to be contacted
Send commercial calls/texts only from 8:00 AM to 9:00 PM in the recipient's time zone
Avoid sending commercial messages to emergency lines
Avoid sending commercial messages to any cell phone number or other number that results in a charge to the recipient
Avoid sending commercial messages to anyone in the Do Not Call List registry and maintain an internal Do Not Call List
Avoid multi-line dialing
Provide opt-in and opt-out options
Comply with STIR/SHAKEN Caller ID requirements
Provide consumers with the name/phone number of their business or other entity they are placing the call on behalf of

Katherine Stone

Katherine Q. Stone has over 5 years of experience covering the B2B tech and Software as a Service beat, with a particular focus on UCaaS, CCaaS, and AI solutions. She joined the GetVoIP team at the start of the 2020 COVID-19 pandemic, giving her...