The TCPA (Telephone Consumer Protection Act) regulations are constantly evolving to keep up with the ever-changing paradigms of online marketing and online consumers’ habits. As a marketer, it’s important for you to stay up-to-date and alert, because you need to know how these changes are going to impact your business, for better or for worse.

We’ve had the pleasure of chatting with Eric J. Troutman of the Troutman Firm and, one of the best-known lawyers in the U.S. telecom legal space, and in this article we will go over the new TCPA rules and regulations to see what’s changing and how to be prepared for it.

TCPA rules: a general overview

If you’re not familiar with the TCPA, here is a high-level definition to help you understand what it is. In Eric Troutman’s own words: “The TCPA is part of the federal response to the robocall epidemic. It’s the statute that prevents the use of certain regulated technology to make calls to cell phones and landlines without certain levels of consent – that are use-case specific – and prevents unsolicited marketing calls to phone numbers that are residential lines on the national DNC (Do Not Call) list.”

Violating the TCPA can result in a penalty ranging from $500 to $1,500 per violation. The TCPA includes a four-year statute of limitations, meaning that every call that is made by a company can be used to initiate legal proceedings up to four years after it was made. Also, class actions are enabled, which means that one call could result in a class involving millions of different consumers who received similar calls. And millions of consumers involved equal millions of dollars in fines.

To learn more about the TCPA and why it’s so important (for everyone, but especially for lead vendors) to comply with it, read this article: Why obtaining TrustedForm certificates is vital to keep your lead-selling business running smoothly.

TCPA rules: What changes in the regulations

Considering his great knowledge of the matter and hands-on experience, we asked Eric J. Troutman to share with us the newest trends regarding the TCPA rules and regulations.

New TCPA rules banning the transfer of online consent forms

The Federal Communications Commission (FCC) recently made a Notice of Proposed Rulemaking (NPRM) in which they include a section titled “Closing the Lead Generator Loophole.” In it, the FCC is proposing to review the limitations of express written consent and specifically when and how it can be obtained. 

They’re suggesting that prior express consent to receive calls or texts should be granted directly by one entity at a time versus including a list of partner companies. 

Today, publishers obtain express written consent on a website with broad disclosures, including hundreds of companies from which the consumer might consent to contact. Furthermore, the website operator might sell that consent as a lead, either directly to a company that would make the call or, more commonly, to intermediary companies who sell it until it ends up in the hands of a company that wants to call that consumer.

The FCC is very concerned about this because what eventually happens is that one lead may be sold hundreds of times, and a consumer may ultimately receive thousands of unwanted phone calls because they filled out one form online.

So now, as stated by the FCC: “We propose to ban the practice of obtaining a single consumer consent as grounds for delivering calls and text messages from multiple marketers on subjects beyond the scope of the original consent. […] We seek comment on amending our TCPA consent requirements to require that such consent be considered granted only to callers logically and topically associated with the website that solicits consent and whose names are clearly disclosed on the same web page.”

The FCC is basically considering banning the sale of leads altogether, proposing that from now on consumers only provide consent directly to one end user, who’s going to actually offer the service that they’re looking for.

While the way it works now is clearly abusive for the consumer and needs to be reined in, if this change goes through, it will absolutely upend the lead generation industry, with significant repercussions to companies that generate and sell shared leads.

New limitations for non-marketing calls to landlines

There is a new limitation that is being put into place with regard to non-marketing pre-recorded calls made to a landline.

Prior to December 2020, these calls were all categorically exempt from the TCPA, while following December 2020, the FCC issued a ruling that only three such calls can be made per month without consent, and this rule will be effective starting July 20, 2023.

Under this new TCPA rule, in order to be exempt from the TCPA’s consent requirements, callers would be limited to three prerecorded non-commercial, non-telemarketing, or non-profit calls per 30 days, or three calls per week (one per day) for healthcare-related calls, and would need to include an opportunity to opt out of prerecorded calls as part of the message.

The definition of ATDS is narrowing down

Following the 2021 Facebook v. Duguid ruling, the FCC is ruling that avatar technology constitutes a pre-recorded call, thus narrowing down the definition of Automatic Telephone Dialing System (ATDS).

As reported by Eric J. Troutman, the TCPA defines an ATDS as a system that uses a random or sequential number generator to either store or produce telephone numbers to dial. This includes randomly dialing, dialing from a list of numbers that are being selected using a randomizer, and dialing from a list of numbers where the sequence is being determined by a randomizer.

However, despite this new paradigm, courts continue to struggle with the definition of ATDS. Currently, there is a split of authority between:

  • The prevailing majority view, according to which you have to be randomly creating phone numbers to consider your system an ATDS;
  • And the minority view, where even systems that have the capacity to dial automatically from a list using a randomizer can still be considered an ATDS.

TCPA state rules are proliferating

Every state in the US already has some form of anti-telemarketing rules in place. However, most were watered down and ignored.

Following the Facebook ruling, things started to change. Florida was the first state to amend its current telemarketing statute, making it a very powerful one (referred to as the “Mini-TCPA”), which prevents calls using an autodialer, to both cellphones and landlines. The definition of “autodialer” in Florida, however, is extremely broad, covering any system that either randomly dials or selects a number to be dialed, which basically could include any workflow tool, making Florida a very tricky state to make telemarketing calls in.

Here are a few examples to show how some states are individually approaching TCPA rules and regulations:

  • Oklahoma adopted the Florida Telephone Solicitation Act (FTSA) and made its own Telephone Solicitation Act (OTSA).
  • The state of New York adopted a different set of statutes that look at the content of a call and require marketers to provide consumers an opt-out opportunity within three seconds from the beginning of the call, regardless of whether or not they have consent.
  • Michigan has a bill that’s being considered (but hasn’t passed yet) that is a completely different paradigm of protection. The proposed bill – in addition to similar limitations on outbound calls and the creation of its own DNC list – provides limitations to calls made to the elder and vulnerable communities.
  • In Washington and California states, additional restrictions prevent marketers from sending unsolicited text messages, regardless of the technology used to send the messages.
  • Maryland just proposed a new bill that would adopt a Florida-style prohibition on autodialer usage.
  • Virginia has an enhanced DNC provision.

The above shows you a glimpse of how much is going on at the state level, where every state has its own set of “TCPA” rules that are becoming more and more restrictive and likely to be enforced in lawsuits.

Now, let’s deep dive into the TCPA rules that are in place for each marketing medium.

TCPA rules for pre-recorded calls

Pre-recorded calls or artificial voice calls or robocalls are the most highly regulated by the TCPA. At the federal level, marketers cannot make a pre-recorded call or send an artificial voice message to any call phone without express written consent for marketing purposes, and without regular express consent for informational purposes.

Moreover, they cannot make pre-recorded calls or send artificial voice messages to landlines for marketing purposes without express written consent, but they can make unlimited pre-recorded calls for informational purposes with regular express consent. Or, as we’ve explained before, they can make up to three non-telemarketing calls via pre-recorded voice calls to a landline per month. After that, they need to have express written consent.

But what is the difference between express written consent and regular express consent? Also, what is the difference between a tele-marketing and an informational call? Let’s deep dive into that.

Express written consent vs. regular express consent

As explained by Eric J. Troutman, express written consent is defined by the FCC and needs to comply with nine requirements in the disclosure. It’s a written agreement between the caller and the receiver of the call that clearly authorizes the caller to deliver “advertisements or telemarketing messages using an automatic telephone dialing system (ATDS) or an artificial pre-recorded voice.”

This type of consent must be conspicuously disclosed and separately signed. Here is an example of how express written consent should look.


On the other hand, regular express consent is not as specifically regulated or defined, and it usually consists of a fine print inside the terms of conditions. Regular express consent can also be presumed.

For example, if you give your phone number to your bank, your bank has presumed express consent that it can contact you for informational purposes consistent with the reason you provided the number. For instance, they’re allowed to send you automated text messages about your bank account if you provide your phone number.

Tele-marketing vs informational calls

The definition of tele-marketing or telephone solicitation is “introducing a good or a service to the consumer for sale or for rent.” So, technically, everything else may be considered an informational call.

However, there are many instances where the dividing line between the two is not so clear. The classic example being the mortgage company calling to communicate that rates have dropped. On a surface level, it sounds informational, but the core purpose of the call is to get the consumer to call back to schedule a refinancing. So, is it really informational?

What appears to be informational calls can be considered tele-marketing calls, depending on the intent with which they are made.

TCPA autodialer and manual calls rules

If you are dialing using an ATDS, then you have to have express written consent for tele-marketing calls, and regular express consent for informational calls.

If you are calling without an ATDS, at the federal level, you do not need any type of consent for informational calls that are made manually, but you still need to have express written consent for a manual marketing call to a number on the national DNC list.

If the phone number is not on the national DNC list, then you are free to call that number – as long as you’re not using an ATDS – even for marketing purposes.

TCPA text message rules

TCPA texting rules are generally the same as those that apply to calls and voice channels. At a federal level, text messages are treated as calls for regulated technology purposes so, if you are using an ATDS, then you have to have express written consent to send marketing texts, and regular express consent to send informational texts.

If you are not using an ATDS and are sending a text manually, you do not need prior express written consent but you must ensure the number is not on the national DNC list. If the number is on the national DNC list and you’re sending a text with marketing purposes, then you probably need to have prior express written consent. 

And we say “probably” because, as Eric J. Troutman explains, the FCC just issued a new NPRM that suggests that text messages shouldn’t be subject to DNC protection. However, this is still an open issue.

TCPA email rules

Email marketing is still pretty wide open. The CAN-SPAM Act, a law that sets the rules for commercial email, is not very well enforced. However, the most important thing when it comes to TCPA email rules is to be honest.

For instance, you can’t say the email is coming from ActiveProspect if it’s in fact coming from The Troutman Firm. So, as long as you’re honest in your email campaign, and you’re not hiding who it’s really coming from, the only thing you’re required to have is an “unsubscribe” button at the bottom of your emails.

Essentially, at a federal level, you are always free to send emails, even without consent, as long as you enable an opt-out, making emails the safest way to run marketing campaigns.

At a state level, however, there are laws that apply to emails that are more robust. California, for instance, has its own law that aggressively punishes lying and cheating in the content of an email.

Implement a solution that allows you to comply with the TCPA rules

Proving consent to contact was obtained can be a tricky matter, without the right solution in place. Whether you’re generating leads (for your own use or to sell) or purchasing them from third parties, TrustedForm offers a safe way to provide unbiased documentation of consent, allowing you to mitigate the risk of incurring TCPA litigation.

Issue TrustedForm certificates for every lead you generate

If you’re selling leads, TrustedForm Certify allows you to document exactly when and where consent was obtained, providing evidence for each lead you generate quickly and reliably.

You can capture every lead event by simply adding a javascript snippet to your web forms. These lead events, such as mouse movements, clicks, and key presses, are captured and stored.

Watch this short video to see how easy it is to implement TrustedForm Certify. The Web SDK is available to everyone for free by simply signing up for an ActiveProspect account.

Retain the certificates so you can access them when you need it

If you generate leads for your own use, TrustedForm Auto-Retain helps you comply with TCPA rules by retaining proof of consent for every domain you verify with ActiveProspect.

Implementing Auto-Retain is extremely easy. All you have to do is:

Verify and retain TrustedForm certificates for every lead you buy

If you’re purchasing leads from third parties, TrustedForm Consent allows you to claim certificates for each lead you buy, and verify the certificate is authentic and matches the lead.

Thanks to Session Replay, you can see a moment-by-moment replay of precisely what happened on the page in the order it happened to provide the most authentic record of the end user’s interaction with the form.

This will help you find the exact moment consent was obtained and shut down TCPA litigation.

Get started with TrustedForm Consent now!

Final thoughts

The TCPA rules are constantly evolving, forcing marketers to find new ways to keep their businesses going, while maintaining TCPA compliance. Thanks to Eric J. Troutman of the Troutman Firm and – who is always ready to share his knowledge and the latest TCPA news – and ActiveProspect – which provides the best solution for consent-based marketing – adapting to the new TCPA rules and regulations becomes a little easier.

Gain protection to mitigate the risk of TCPA litigation. Get started with TrustedForm for free now!