Telemarketing Compliance Lawyer

Navigating the complex intersection of federal and state telemarketing regulations requires experienced legal counsel. As telemarketing and SMS marketing continue to evolve as essential business tools, companies face an increasingly intricate web of compliance obligations spanning the Telephone Consumer Protection Act (TCPA), state-level “mini-TCPA” laws, Federal Trade Commission (FTC) regulations, and emerging privacy frameworks.

At RICHT, we provide comprehensive counsel to businesses of all sizes—from startups to Fortune 500 companies—on telemarketing compliance, helping clients leverage these powerful communication channels while minimizing legal exposure.

The Evolving Telemarketing Compliance Landscape

The regulatory environment governing telemarketing and text message marketing has become significantly more complex in recent years. While the federal TCPA remains the foundational framework, businesses must now navigate a patchwork of state-specific requirements, evolving FCC interpretations, and aggressive private litigation from professional plaintiffs.

Federal Framework: The TCPA and Beyond

The Telephone Consumer Protection Act, enacted in 1991, established baseline protections against unwanted telemarketing calls and texts. The law restricts the use of automated telephone dialing systems (ATDS), prerecorded messages, and artificial voice calls, with more stringencies when contacting wireless phone numbers.

Key federal requirements include:

Express Written Consent: Before using automated technology to contact consumers on their cell phones for marketing purposes, businesses must obtain prior express written consent. This consent must include specific disclosures about the nature of the calls, the use of automated technology, and clarification that consent is not a condition of purchase.

National Do Not Call Registry: Established by the FTC in 2003, the National DNC Registry requires telemarketers to scrub their calling lists against registered numbers, subject to certain exemptions.

Established Business Relationship (EBR): Companies may have limited exemptions based on EBR, which provides a three-month window following an inquiry and an 18-month window following a transaction or purchase. However, these exemptions do not eliminate other compliance obligations and can be revoked at any time by the consumer.

Calling Hours: Federal regulations prohibit telemarketing calls before 8:00 AM or after 9:00 PM in the consumer’s local time zone.

Caller ID Requirements: All telemarketing calls must transmit accurate caller identification information, including a valid callback number.

Internal Do Not Call Lists: Companies must maintain internal DNC lists and honor consumer requests to cease contact. These policies must be documented and available to consumers upon request.

The FTC also enforces the Telemarketing Sales Rule, which works in tandem with the TCPA to establish additional disclosure requirements, prohibited practices, and payment restrictions. Notable enforcement actions include the FTC’s $7.5 million settlement against a mortgage broker targeting U.S. servicemembers.

State-Level “Mini-TCPA” Laws: A Patchwork of Requirements

Nearly 30 states have enacted their own telemarketing laws—often called “mini-TCPAs”—that impose additional or more stringent requirements than federal law. These state laws create significant compliance challenges for businesses operating nationally or regionally.

Texas SB 140: Texas recently expanded its telemarketing law through Senate Bill 140, which took effect September 1, 2025. This legislation significantly increases damages for violations, expanding private right of action exposure and creating new compliance obligations for businesses texting Texas consumers. The law has been subject to constitutional challenges, though it remains in effect.

Florida’s Telephone Solicitation Act: Florida imposes unique requirements under F.S. § 501.059. Florida courts have construed the “prior or existing business relationship” exemption to require a transaction within 18 months or an inquiry within 3 months preceding the call. Additionally, the 2023 amendments created a 15-day safe harbor for text messages: consumers must reply “STOP” before bringing suit, and businesses have 15 days to cease sending text messages after receiving such notice. Florida’s definition of “signature” for consent purposes includes checking boxes or responding affirmatively to electronic communications.

Washington’s CEMA: Washington’s Commercial Electronic Mail Act has been interpreted by courts to apply to text messages. Recently, a Washington court expanded CEMA’s reach to cover recruitment text messages, demonstrating how state courts can broaden the scope of telemarketing laws beyond traditional marketing contexts.

Colorado’s Emerging Litigation: New directories and listing services have become a significant source of TCPA litigation in Colorado, highlighting state-specific enforcement trends.

Other State Requirements: States including Arizona, California, Indiana, and Tennessee have added text messaging to their state DNC programs, requiring businesses to scrub against both federal and state DNC lists. Other states impose varying requirements for quiet hours, consent duration, and disclosure obligations. Companies operating nationally must conduct jurisdiction-by-jurisdiction analyses to ensure compliance with the complete patchwork of state telemarketing laws.

SMS and Text Message Marketing Compliance

Text message marketing has emerged as one of the most effective communication channels, with open rates as high as 98%. However, this effectiveness has also made SMS marketing a significant source of legal exposure.

Core SMS Compliance Requirements

Prior Express Written Consent: Unlike voice calls to landlines, text messages to cell phones always require prior express written consent when using automated technology, regardless of whether the content is marketing or transactional. This consent must meet strict requirements:

Clear and conspicuous disclosure of the program’s purpose
Identification of the business(es) authorized to send messages
Acknowledgment that consent is not required for purchase
Description of automated technology use
Message frequency and data rate disclosures
Clear opt-out instructions

Proving Provenance of Sign-Ups: In an era where denial of opt-ins has become a common defense in TCPA litigation, businesses must maintain robust systems to prove consent. Strategies include:

Implementing double opt-in processes
Timestamping and archiving all consent records
Documenting IP addresses and device information
Sending confirmation messages after opt-in
Maintaining audit trails of consent collection

Quiet Hours and Frequency Limitations: While federal law prohibits calls and texts before 8:00 AM or after 9:00 PM local time, many states impose more restrictive quiet hours. Additionally, businesses should implement frequency caps to avoid overwhelming consumers, as excessive messaging can trigger TCPA claims even with valid consent.

Opt-Out Mechanisms: Every marketing text must include clear opt-out instructions (typically “Reply STOP to opt out”). Businesses must honor opt-out requests in near-real time—the FCC has proposed requiring compliance within 24 hours or less. Opt-out must be free for consumers and cannot require them to navigate complex menus or visit websites.

Content Restrictions: Messages must accurately identify the sender and include relevant disclosures. Marketing messages cannot be disguised as informational or transactional communications.

Refer-a-Friend and Incentivized Referral Programs

Refer-a-friend programs present unique TCPA challenges, as exemplified by recent litigation. When a customer refers a friend, the referred individual has not provided consent to the business. Companies implementing referral programs must:

Require referring parties to confirm they have permission to share contact information
Send initial messages that clearly identify the source of the referral
Provide immediate opt-out mechanisms in the first message
Avoid incentivizing referrers based on message delivery rather than actual conversions
Document the referral process and any obtained permissions

TCPA Subpoenas and Discovery Considerations

When TCPA litigation occurs, companies often face extensive discovery obligations. A common tactic in TCPA cases involves subpoenaing communication service providers like RingCentral for records of all calls and texts made through their platforms. This discovery can reveal:

Call volume and frequency patterns
Use of automated dialing technology
Caller ID information
Time-of-day calling patterns
Opt-out request handling

To prepare for potential litigation, businesses should:

Maintain comprehensive call and text logs
Document all consent records with robust metadata
Retain evidence of ATDS configuration and use
Archive opt-out requests and compliance responses
Preserve written policies and training materials

Business-to-Business (B2B) Nuances

While the TCPA primarily protects consumers, B2B communications present unique considerations:

Landline Exemption: Business landlines are generally exempt from TCPA restrictions, including the National DNC Registry requirements. However, this exemption is narrow and requires careful analysis.

Wireless Business Lines: The critical issue is the nature of the phone number itself, not its use. Even if a wireless number is used exclusively for business purposes, calling or texting that number with an ATDS requires prior express consent. With the proliferation of mobile-first businesses and remote work, the distinction between business and consumer wireless numbers has become increasingly important.

State Law Variations: Some state laws apply more broadly to B2B communications than the federal TCPA. Companies must evaluate state-specific requirements on a jurisdiction-by-jurisdiction basis.

Recording Conversations: State-by-State Requirements

Many telemarketing operations involve call recording for quality assurance, training, or legal compliance purposes. However, call recording laws vary significantly by state, creating a complex compliance matrix.

One-Party vs. Two-Party Consent States: States fall into two categories:

One-party consent: Only one party to the conversation (which can be the business doing the recording) must consent to recording
Two-party (all-party) consent: All parties to the conversation must consent before recording can occur

Two-party consent states include California, Connecticut, Florida, Illinois, Maryland, Massachusetts, Montana, New Hampshire, Pennsylvania, and Washington, among others.

A comprehensive 50-state analysis of recording laws reveals significant variations in notification requirements, consent mechanisms, and penalties for violations. Best practices include:

Implementing automatic disclosure messages at the beginning of calls
Obtaining affirmative consent where required
Training staff on state-specific requirements
Maintaining records of consent to record
Consulting with legal counsel for multi-state operations

Evolving Interpretations: Text Messages and the TCPA

The TCPA was enacted in 1991, before text messaging became ubiquitous. This has led to ongoing legal debates about whether text messages fall within the TCPA’s scope.

District Court Split: Following the McLaughlin v. Priceline.com decision, some district courts—including Dusky v. CVS—have held that text messages were not contemplated by the TCPA’s drafters and therefore fall outside the statute’s restrictions. However, other courts have rejected this interpretation, and the issue remains unsettled at the appellate level.

State Law Remains Applicable: Even in jurisdictions where federal TCPA applicability to texts is questioned, state-level telemarketing laws explicitly include text messages. Florida, Texas, Washington, and many other states expressly regulate SMS marketing, meaning businesses cannot rely on favorable federal interpretations alone.

Practical Approach: Given the unsettled state of federal law and the clear application of state laws, businesses should treat text messages as subject to TCPA-equivalent restrictions regardless of circuit-specific case law.

Privacy Law Intersection

Modern telemarketing compliance increasingly intersects with comprehensive privacy laws:

State Privacy Laws: Comprehensive state privacy laws such as the California Consumer Privacy Act (CCPA/CPRA) impose obligations regarding the collection, use, and disclosure of consumer personal information, including phone numbers. These laws require:

Privacy policy disclosures about data collection and use
Consumer rights to opt out of sales/sharing of personal information
Data minimization and purpose limitation
Security safeguards for personal information

GDPR Considerations: Companies marketing to European consumers must comply with the General Data Protection Regulation, which imposes strict requirements for consent, data processing, and cross-border data transfers.

Biometric Privacy: Some telemarketing operations use voice recognition or other biometric technologies for caller verification or personalization. This implicates biometric privacy laws in states like Illinois, Texas, and Washington. For guidance, see this comprehensive analysis of U.S. biometric privacy laws.

Artificial Intelligence and Automation

The integration of AI into telemarketing operations raises new compliance challenges:

AI-Generated Calls and Messages: The FCC has clarified that AI-generated voices in calls constitute “artificial voices” subject to TCPA restrictions. This may extend to AI-powered chatbots and automated messaging systems if they are capable of making outbound calls or texts.

Predictive Dialers and Smart Dialing Systems: Modern dialing systems use sophisticated algorithms to optimize call timing and connection rates. The question of whether these systems constitute ATDS under the TCPA remains a source of litigation. Following the Supreme Court’s decision in Facebook v. Duguid, the definition of ATDS has narrowed, but businesses must still carefully evaluate whether their technology falls within the statutory definition.

AI in Compliance: Conversely, AI can enhance compliance through automated consent verification, real-time DNC scrubbing, and intelligent call timing based on time zone and state-specific quiet hours.

Managing Reassigned and Disconnected Numbers

The FCC estimates that approximately 37 million phone numbers are reassigned annually, which is about 100,000 per day on average. Because TCPA consent is tied to the individual consumer rather than the phone number, calling a reassigned number without the new subscriber’s consent creates liability.

Reassigned Numbers Database: The FCC launched the Reassigned Numbers Database to help businesses identify when numbers have been disconnected and potentially reassigned. While not mandatory, using the database can provide a safe harbor defense in some circumstances.

Best Practices:

Regularly scrub calling lists against the Reassigned Numbers Database
Monitor for delivery failures and disconnection notices
Implement systems to flag and review numbers showing changed behavior patterns
Maintain detailed records of number screening activities
Remove unresponsive numbers after a reasonable period

Professional Plaintiffs and Serial Litigators

The TCPA’s private right of action has given rise to a cottage industry of professional plaintiffs who systematically target businesses with TCPA claims. These individuals and entities:

Maintain multiple phone lines specifically to receive unwanted calls
Sign up for services with the intent to later claim lack of consent
File numerous lawsuits seeking statutory damages and class certification

Protective Strategies:

Maintain databases of known professional plaintiffs and their phone numbers
Implement enhanced verification for opt-in requests that appear suspicious
Document all aspects of the consent and calling process
Respond promptly and thoroughly to any complaints or opt-out requests
Consider obtaining TCPA litigation insurance

Safe Harbor Protections

The TCPA includes a safe harbor provision that can protect businesses from liability if they can demonstrate that violations resulted from error rather than routine practice. To qualify for safe harbor protection, businesses must:

Maintain written procedures designed to ensure compliance
Train personnel (including third-party vendors) on compliance procedures, with annual refresher training
Maintain an internal DNC list with procedures to honor consumer requests
Implement processes to prevent calls to numbers on the National DNC Registry
Monitor and enforce compliance with established procedures
Retain compliance records for at least five years

Establishing and maintaining a robust compliance program not only provides safe harbor protection but also demonstrates good faith in the event of litigation.

International Considerations

UK ICO Enforcement: The UK Information Commissioner’s Office recently fined a home improvement marketing company £300,000 for telemarketing violations, demonstrating that enforcement extends beyond U.S. borders for companies operating internationally.

GDPR and ePrivacy: European regulations impose additional restrictions on electronic marketing, requiring affirmative opt-in consent and strict data protection safeguards. Companies conducting telemarketing to European consumers must navigate both TCPA-type restrictions and GDPR requirements.

Policy Documentation and Production

Businesses subject to TCPA and related regulations must maintain comprehensive written policies covering:

Required Policy Elements:

Consent collection and verification procedures
DNC list management (both National and internal)
Calling hours and frequency restrictions
Third-party vendor oversight and compliance
Training programs and materials
Record retention and documentation standards
Escalation procedures for complaints
Opt-out request handling

Production Obligations: These policies must be available for production upon demand by consumers, regulators, or courts. Policies should be reviewed and updated regularly to reflect changes in law, technology, and business practices.

Third-Party Vendor Management

Many businesses outsource telemarketing operations to third-party vendors or lead generators. However, this does not eliminate legal liability. Companies remain responsible for their vendors’ TCPA compliance.

Vendor Due Diligence:

Require vendors to demonstrate TCPA compliance programs
Include indemnification provisions in vendor contracts
Audit vendor practices regularly
Require vendors to use scrubbing services for DNC lists and reassigned numbers
Verify that vendors obtain proper consent when generating leads
Maintain oversight of vendor calling practices and complaint rates

Related Marketing Law Compliance

Telemarketing compliance intersects with several other areas of marketing law where we provide counsel:

Email Marketing Compliance: CAN-SPAM Act and related state laws
Online Reviews and Testimonials: FTC endorsement guidelines
Influencer Marketing: Disclosure and sponsorship requirements
Advertising and Marketing Law: Truth in advertising and substantiation
FTC Compliance and Defense: Regulatory investigations and enforcement actions
Sweepstakes and Promotions: Contest and sweepstakes regulations

Emerging Trends and Future Developments

The telemarketing compliance landscape continues to evolve:

FCC Proposed Rulemakings: The FCC regularly issues Notices of Proposed Rulemaking (NPRMs) that may significantly impact telemarketing practices. Recent proposals include:

Revocation of consent protocols requiring near-real-time honoring of opt-outs
Quiet hours restrictions and modifications to permitted calling times
Enhanced requirements for carrier responsibility in blocking illegal calls
Expansion of caller ID authentication requirements

Class Action Trends: TCPA class actions remain one of the most common forms of consumer litigation, with certain states seeing higher concentrations of lawsuits. Recent trends include litigation targeting:

Early morning text messages (e.g., Nespresso lawsuit)
B2B communications to wireless numbers
Refer-a-friend programs
AI-generated voice communications

State Legislative Activity: States continue to enact and amend telemarketing laws, with a general trend toward increased consumer protection and higher penalties for violations.

Our Telemarketing Compliance Services

At RICHT, we provide comprehensive counsel across the full spectrum of telemarketing compliance:

Compliance Program Development:

Audit existing practices against federal and state requirements
Develop customized compliance policies and procedures
Draft consent language, opt-in mechanisms, and associated Terms & Conditions and Privacy Policies
Create training materials for staff and vendors
Establish monitoring and quality assurance programs

Transactional Support:

Draft and review vendor agreements and indemnification provisions
Structure refer-a-friend and incentive programs
Review marketing campaigns for compliance issues
Advise on technology procurement and configuration
Negotiate data processing agreements with service providers

Regulatory Guidance:

Interpret FCC orders and proposed rulemakings
Analyze state-specific requirements for multi-state operations
Provide ongoing counsel on emerging compliance issues
Represent clients in regulatory inquiries and investigations

Litigation Defense and Strategy:

Defend TCPA class actions and individual claims
Respond to demand letters and pre-litigation communications
Conduct discovery and evidence preservation
Negotiate settlements when appropriate
Develop litigation avoidance strategies

Our interdisciplinary approach combines deep focus in privacy law, marketing and advertising law, and technology law, enabling us to provide holistic counsel that accounts for the full range of legal considerations affecting modern telemarketing operations.

Why Choose RICHT Law Firm

Our practice is distinguished by:

Focused Complementary Practices: Focused practice at the intersection of privacy, marketing, and technology law
Practical Approach: Business-minded counsel that balances compliance with operational objectives
Proactive Guidance: Regular updates on regulatory developments and emerging risks through our insights
Industry Knowledge: Experience across diverse sectors, from healthcare and financial services to e-commerce and technology
Multi-State Capability: Counsel on compliance with varying state laws across all U.S. jurisdictions

Whether you’re launching a new text message marketing campaign, responding to a TCPA demand letter, or seeking to overhaul your telemarketing compliance program, we provide the strategic counsel necessary to achieve your business objectives while minimizing legal exposure.

For more information about our telemarketing compliance services or to schedule a consultation, please contact us.

Learn How We Can Help You With Telemarketing Legal Compliance

This page is for informational purposes only and does not constitute legal advice. Telemarketing compliance requirements vary based on specific facts and circumstances. Companies should consult with qualified legal counsel before implementing telemarketing programs or making compliance decisions.

Telemarketing Compliance Legal Developments & News

FCC Extends Waiver That Would Require Callers To Apply a Revocation of Consent to All ‘Robocalls or Robotexts’ from the Caller: The Federal Communications Commission has extended a waiver until January 31, 2027, delaying the rule that would require a consumer’s revocation of consent for one type of message to automatically apply to all robocalls and robotexts from that caller. This extension allows the FCC time to review the record on proposed rule changes and spares organizations from incurring compliance costs for systems that might need immediate modification. OUR TAKEAWAY: Organizations should utilize this reprieve to centralize their consent tracking architectures, ensuring they are technically prepared to execute cross-channel revocations promptly once the waiver expires to avoid future TCPA liability. Read More →
Look Who’s Calling: FCC Includes Proposals to Roll Back Several TCPA Rules As Part of “Call Branding” Initiative: The Federal Communications Commission (FCC) has unanimously approved a Notice of Proposed Rulemaking aimed at modernizing Telephone Consumer Protection Act (TCPA) regulations by eliminating potentially outdated rules, such as call abandonment restrictions, and reconsidering the scope of the recent “revoke all” consent requirement. The proposal also seeks to implement new “call branding” measures to restore consumer trust, including mandates for service providers to verify caller identities and explicitly flag calls originating outside the United States. Read More →
FCC Proposes Overhaul of TCPA and Do Not Call Rules:
The FCC, led by Chairman Brendan Carr, has proposed major updates to streamline the Telephone Consumer Protection Act (TCPA) and Do Not Call (DNC) regulations. The draft rulemaking seeks to eliminate company-specific DNC list requirements, modernize caller ID obligations, and reassess opt-out mechanisms for prerecorded calls. It also considers softening the upcoming “all-or-nothing” consent revocation rule, allowing revocations to apply by call type or business unit instead of universally. If adopted, these changes would reduce administrative complexity and potentially curb opportunistic TCPA litigation, while preserving consumer protections. The proposal will be discussed at the FCC’s October 28, 2025, meeting before opening for public comment.
Read More →

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.