TL;DR

  • The FCC’s TCPA rules continue to evolve, with major 2025-2026 updates focused on consent, revocation handling, and tighter consumer protections for calls and texts.
  • The proposed one-to-one consent rule was delayed and ultimately overturned, so it is no longer moving forward as written.
  • Businesses must still obtain proper consent, honor opt-outs through any reasonable method, process DNC requests within 10 business days, and stay alert to both federal and state rules.
  • TCPA violations can be extremely costly, with penalties of $500 to $1,500 per violation, plus reputational and operational risk.
  • Tools like TrustedForm can help businesses document, retain, and verify proof of consent to better support compliance and reduce risk.

Overview

Businesses rely heavily on communication technologies, including websites, telephone dialing technologies, and text messaging, to reach customers. However, these channels must operate within the legal telemarketing framework set by the Telephone Consumer Protection Act (TCPA). With updates frequently proposed to the FCC TCPA rules, businesses must keep their compliance practices up-to-date to avoid costly penalties

This article will delve into the intricacies of the latest FCC TCPA regulations updates, providing answers to 10 crucial questions that will help organizations navigate the regulatory landscape and safeguard their operations. 

Along the way, we will introduce you to ActiveProspect’s TrustedForm, a cutting-edge solution designed to help businesses stay ahead of the curve and maintain the highest compliance standards for documenting and retaining consent to contact transactions.

1. What are the latest FCC changes to the TCPA?

In 2025, the FCC’s TCPA developments centered on three big themes: The collapse of the proposed one-to-one consent rule, the rollout of new revocation-of-consent requirements, and a late-year FCC effort to revisit parts of those revocation rules. Together, these changes reshaped how businesses should think about consent, opt-outs, and compliance planning for calls and texts.

ChangeKey dateWhat happenedBusiness impact
One-to-one consent rule delayedJanuary 24, 2025FCC postponed the rule before it could take effectBusinesses did not need to implement the rule on January 27, 2025
One-to-one consent rule overturned/removedJanuary 24, 2025The Eleventh Circuit ruled the FCC lacked authority for the rule, and the FCC later formally removed it from its rulesThe proposed seller-specific consent framework is no longer moving forward
Revocation-of-consent rules took effectApril 11, 2025FCC’s updated revocation rules became effective for automated marketing calls and textsBusinesses must accept opt-outs through reasonable methods and process DNC requests quickly
Broad “all communications from one sender” provision delayedWaiver released April 7, 2025FCC delayed the broader application of revocation across all message types from a sender until April 11, 2026Companies received more time before this broader rule would apply
FCC reopened parts of the revocation frameworkOctober 28–29, 2025FCC adopted and released an FNPRM seeking comment on revisiting certain TCPA consent revocation rulesMore change may still be coming, so businesses should keep monitoring FCC action

The one-to-one consent rule was delayed, then effectively invalidated

The FCC’s proposed one-to-one consent rule had been scheduled to take effect on January 27, 2025. It would have required consent to be tied to a specific seller, rather than allowing one broad consent to support outreach from multiple downstream businesses. But on January 24, 2025, the FCC formally postponed the rule pending judicial review. 

That same day, the Eleventh Circuit sided with the Insurance Marketing Coalition and held that the FCC lacked authority to impose the rule as written.

For lead generators and buyers, that meant the industry did not transition into a new one-to-one consent regime in early 2025. Although the concept had been a major compliance focus, the rule itself was stopped before taking effect.

The FCC later formally removed the one-to-one rule from its books

After the court’s decision, the FCC took an additional cleanup step. On July 14, 2025, it released an order removing the one-to-one consent rule language that had been nullified by the Eleventh Circuit. In other words, the rule was not just delayed in practice; it was later formally deleted from the FCC’s regulations to reflect the court’s mandate.

This matters because it gives businesses more certainty. Rather than treating the rule as merely paused, companies can understand that the specific one-to-one consent framework adopted by the FCC is no longer moving forward in that form.

New revocation-of-consent rules began on April 11, 2025

Separate from the one-to-one consent fight, the FCC’s revised revocation-of-consent rules did move forward. These rules became effective on April 11, 2025 and apply to automated marketing calls and text messages. 

Under these changes, businesses must 

  • Allow consumers to revoke consent through any reasonable method, including by text, phone call, or email.
  • Process company-specific Do Not Call requests within 10 business days
  • If a business sends a confirmation text after an opt-out request, treat a consumer’s failure to respond as confirmation of the opt-out.

This update is one of the most practical 2025 TCPA shifts for marketers. It raised the operational bar for opt-out handling and made it harder for businesses to rely on narrow or overly rigid unsubscribe processes.

The broadest revocation provision was delayed until January 31, 2027

Just days before the April 11, 2025 effective date, the FCC issued a waiver delaying one especially broad part of the revocation rules. Specifically, the provision that would have applied a revocation request across “all” future robocalls and robotexts from the same sender, rather than only the specific category of message the consumer opted out of, was postponed until April 11, 2026. Then, in January 2026, the FCC pushed back the “revoke all” provisions to January 31, 2027.

This means businesses still have to comply with the new “reasonable method” opt-out standards in 2026, but they are given more time to prepare for the broader cross-program application of revocation.

FCC TCPA news October 2025: The agency reopened parts of the revocation rules

In late October 2025, the FCC adopted and released a Further Notice of Proposed Rulemaking (FNPRM) that reopened parts of the TCPA consent revocation framework for additional comment. Based on the FCC’s October 2025 meeting materials and legal summaries of the release, the agency signaled that it was reconsidering aspects of the revocation rules as part of a broader robocall and regulatory review effort.

The key takeaway is that the FCC’s 2025 TCPA story did not end in April. Even after the new revocation rules took effect, the agency indicated in October that more revisions could still be on the table, and as expected there were updates in January 2026. For businesses, that means TCPA compliance should be treated as an evolving process, not a one-time update.

2. What is the FCC’s guidance on the TCPA?

Before we dive into the main TCPA-related questions, let’s recap the FCC TCPA guidance. The FCC’s guidance on the TCPA emphasizes key regulations aimed at protecting consumers from unwanted telemarketing and robocalls. Under the FCC TCPA rules, companies must:

  • Obtain prior express written consent before making calls or sending text messages using an automatic telephone dialing system (ATDS) to consumers.
  • Obtain explicit written consent for telemarketing calls and messages, including robocalls and pre-recorded messages.
  • Comply with the National DNC Registry and maintain internal Do-Not-Call lists to avoid contacting registered individuals. Keep in mind that some states also have their own DNC regulations that differ from federal ones.
  • While not a specific requirement in the TCPA, the FCC encourages regular use of the Reassigned Number Databases (RND) service to remove potential wrong numbers or phone numbers that were reassigned to new owners.
  • Call only during specific hours, typically between 8 a.m. and 9 p.m. in the recipient’s time zone. Note that some states have their own specific calling hours.
  • Remember that if they outsource call center services to third parties, they must ensure that these third parties also comply with TCPA regulations.
  • Be aware that non-compliance with the FCC TCPA guidance can result in hefty fines, ranging from $500 to $1,500 per violation, depending on the severity and willfulness of the violation.
  • Provide a clear and easy way for consumers to opt out of receiving future calls or messages.

3. Why should we expect the FCC to continue to crack down on the lead gen ecosystem?

We should expect the FCC to continue cracking down on the lead gen ecosystem because unwanted calls and texts remain one of the agency’s core consumer-protection priorities, and the FCC has repeatedly tied lead generation practices to the robocall problem. 

Even though the one-to-one consent rule was overturned, the agency is still tightening revocation and opt-out requirements, and the broader regulatory environment, including FTC enforcement against unlawful lead generation, points to continued scrutiny of how consent is collected, documented, and used.

4. What is one-to-one consent?

The FCC TCPA one-to-one consent rule was proposed in early 2024 as an update to clarify that lead generators or lead sellers could no longer obtain a single consent to contact about a product or services and then share (sell) individual contact info onward to an unrestricted number of other businesses.

On January 24, 2025, the FCC announced a formal postponement of the one-to-one consent rule for up to a year. That same day, the Eleventh Circuit Court of Appeals ruled in favor of the Insurance Marketing Coalition’s challenge, stating that the FCC did not have the authority to revise the rule as written. This effectively invalidated the new proposed one-to-one consent update.

5. When does the one-to-one FCC TCPA regulations update go into effect?

The one-to-one consent requirement will no longer be implemented as previously written. After entering into an appeals process, on April 30, 2025, the Eleventh Circuit Court of Appeals issued its mandate officially terminating the challenge to the FCC’s TCPA one-to-one consent rule.

6. What if my company manually dials/texts?

Be cautious. According to Attorney Alexandra Krasovec, Partner at Manatt, Phelps & Phillips, LLP, a distinction does exist between automated and non-automated calling, but that does not fully protect your business from possible litigation. So why risk it?

“If you are making marketing outreach… Get that heightened prior express written consent,” Krasovec explained. “It is the laundry list of things that you have to have, but if you obtain it, that is as good as gold.”

7. What about processing revoked consent or a consumer’s “Do Not Contact” response?

Krasovec stated plainly, “The FCC’s made it very clear, consumers can revoke their consent by any reasonable means, and if you get that revocation, you need to honor it.”

The new FCC revocation update to the TCPA – that took effect on April 11, 2025 –  heightens the urgency of processing “Do Not Contact” requests and specifically identifies the number of days (10) allowed to process consent revocation when consumers provide a “reasonable” revocation request. 

This is a move towards clearer consumer rights and requires businesses to adapt swiftly to respect customer preferences while mitigating potential legal repercussions.

8. What are potential TCPA penalties?

TCPA violations can result in penalties that range from $500 to $1,500 per violation (per call), potentially leading to tens of millions of dollars for large-scale marketing campaigns. TCPA violation penalties also extend beyond financials — businesses can risk irreparable reputation damage and the permanent loss of customer trust.

Furthermore, as long as there is money to be made, these steep penalties are never going away. As Attorney Gary Kibel, Partner at Davis+Gilbert, LLP, explained, “You know, regulators are trying to make businesses do the right thing, protect consumers, and get corrective action; class action lawyers are after the money. That’s it. In fact, class action lawyers don’t want corrective action because they want to be able to come back again and sue other parties making the same mistakes.”

9. How does the 2024 FTC update to the Telemarketing Sales Rule (TSR) impact lead-gen businesses?

In addition to the FCC TCPA rules, businesses also need to be aware of the Federal Trade Commission’s (FTC) rules and regulations regarding consumer protection and telemarketing. The FTC’s rules and powers are wider and broader than the FCC TCPA rules. The FTC’s scope can cover unfair or deceptive acts or practices (UDAP) affecting commerce and can apply to a wider range of businesses and organizations.

In March 2024, the FTC announced updates to the TSR, which include:

  • The FTC has extended the TSR scope and can investigate and take action on deceptive B2B (Business-to-Business) calls. However, Do-Not-Call protections were not extended to B2B calls.
  • Expanded B2C (Business-to-Consumer) record-keeping requirements from 2 years to 5 years. 

10. How can I help my business adhere to the FTC and FCC TCPA rules?

It is clear that the FCC and FTC expect the lead gen ecosystem to operate with a higher standard of transparency, consent documentation, and record-keeping. To reduce compliance risk, businesses should work with partners and technology that can independently capture, verify, and retain proof of consent, rather than relying on assumptions or incomplete records.

ActiveProspect’s TrustedForm helps businesses do exactly that by documenting the consumer’s experience at the moment a lead is created:

  • TrustedForm Certify captures the webform lead event or social lead ad event and generates a certificate showing what happened during the form submission, including key details about the session and consent language presented. 
  • TrustedForm Retain stores those certificates for long-term access, making it easier to respond to audits, disputes, and litigation. 
  • TrustedForm Verify helps buyers confirm that the consent collected meets their compliance requirements before they act on a lead. 
  • TrustedForm Insights provides additional lead-level data that can help businesses evaluate source quality and optimize buying decisions.
  • TrustedForm Bot Detection helps identify non-human submissions that can create both compliance and performance risks.

Together, these products give buyers and sellers a more complete way to document consent, assess lead authenticity, and strengthen TCPA compliance with evidence.

CTA_TFCertDemonstration

Final thoughts

TCPA compliance is no longer something businesses can treat as a one-time checklist item. As the FCC continues to revise its approach to consent, revocation, and consumer protections, lead gen businesses need processes that are not only compliant today, but resilient enough to adapt to future changes.

The takeaway is clear: Obtain clear consent, honor opt-outs quickly, maintain strong records, and stay alert to both federal and state developments. In an environment where regulatory expectations keep evolving and penalties can be severe, the businesses best positioned to succeed will be the ones that build compliance into every stage of the lead lifecycle. With the right strategy and tools in place, companies can reduce risk, protect consumer trust, and create a stronger foundation for sustainable growth.

CTA_demo1

DISCLAIMER: This page and all related links are provided for general informational and educational purposes only and are not legal advice. ActiveProspect does not warrant or guarantee this information will provide you with legal protection or compliance. Please consult with your legal counsel for legal and compliance advice. You are responsible for using any ActiveProspect Services in a legally compliant manner pursuant to ActiveProspect’s Terms of Service. Any quotes contained herein belong to the person(s) quoted and do not necessarily represent the views and/or opinions of ActiveProspect.

Stay in the loop! Subscribe to the recAP email list to get our latest updates and insights.