Telephone Consumer Protection Act (TCPA)

    United States of America (USA)

    Telephone Consumer Protection Act (TCPA)

    47 U.S.C. § 227

    The TCPA was enacted by the Congress in 1991, and its implementation rules were adopted by the Federal Communication Commission (FCC) in 1992. Since then, the FCC has revised the TCPA rules (a) in 2003, to establish, in coordination with the Federal Trade Commission (FTC), a national Do-Not-Call registry, and (b) in 2012, to impose new obligations on telemarketers’ under the Act.

    Last Updated: July 30, 2019


  • General

    The TCPA aims to address the massive growth of telemarketing calls. The Act restricts the making of telemarketing calls and the use of automatic telephone dialing systems and artificial or prerecorded voice messages. The TCPA applies to any telemarketer within the U.S., or any telemarketer outside the United States if the recipient is within the U.S.

    The TCPA rules require telemarketers to institute procedures for maintaining company-specific do-not-call lists. In addition, the FCC revised its TCPA rules in 2003 to establish a national Do-Not-Call registry in coordination with the FTC. The registry covers all telemarketers nationwide, except certain nonprofit organizations, and applies to both interstate and intrastate calls. The registry went into effect on October 1, 2003, and is administered by the FTC. To reduce the number of hang-ups and dead air calls consumers experience, the FCC also retrains the use of autodialers and sets requirements for transmitting caller ID information in the Commission’s Telemarketing Rules.

    The TCPA rules also require telemarketers (a) to obtain prior express written consent from consumers before robocalling them (the exemption based on an “established business relationship” is not longer allowed since the 2012 revision), and (b) to require telemarketers to provide an automated, interactive “opt-out” mechanism during each robocall so consumers can immediately tell the telemarketer to stop calling.

    The Commission’s Telemarketing Rules define an express written consent, which is a written agreement signed by the consumer showing he or she has received a clear and conspicuous disclosure that:

    • the consumer will receive advertisement or telemarketing messages from an automatic telephone dialing system or an artificial or prerecorded voice; and
    • the consumer is not required to sign the agreement (directly or indirectly), or agree to enter into such an agreement as a condition of purchasing any property, goods, or services

    In addition, the written agreement must bear the telephone number to which the consumer signatory authorizes such advertisements or telemarketing messages to be delivered.

    Exemptions from the consent requirement include:

    • making calls for emergency purposes, or other non-commercial purposes; or
    • making calls for commercial purposes but the calls (a) will not adversely affect the consumer’s privacy rights protected under the Act, and (b) do not include the transmission of any unsolicited advertisement.

    Private Right of Action

    The TCPA allows a person (natural person or an entity) to bring private actions in a State court (a) to enjoin any TCPA violation, and/or (b) to recover for actual monetary loss from such a violation, or to receive $500 in damages for each such violation, whichever is greater. In addition, a court may increase damages up to $1500 or three times the actual damages if the court finds that the defendant willfully or knowingly violated the Act.

Want to learn more? Login to the full DataGuidance platform.

About OneTrust


OneTrust is the #1 most widely used privacy, security and third-party risk technology platform trusted by more than 3,000 companies to comply with the CCPA, GDPR, ISO27001 and hundreds of the world’s privacy and security laws. OneTrust's three primary offerings include OneTrust Privacy Management Software, OneTrust PreferenceChoice™ consent and preference management software, and OneTrust Vendorpedia™ third-party risk management software and vendor risk exchange. To learn more, visit OneTrust.com or connect on LinkedIn, Twitter and Facebook.