15 Critical Questions

TCPA FAQ: 15 Gotchas

Non-obvious questions about lead lists, willfulness, class threats, and settlement terms that can make or break your defense

Back to TCPA Response Hub

Why These 15 Questions Matter

These are the questions that trip up businesses facing TCPA claims. They're not covered in basic compliance guides, but they determine outcomes in real litigation. Each answer reflects patterns from actual cases and settlement negotiations.

Jump to Question

1 Lead list liability 2 Missing consent records 3 Webform consent 4 Stopping after complaint 5 STOP not syncing 6 Multiplied damages 7 Class action threat 8 Records to preserve 9 Contractor liability 10 Willfulness triggers 11 Contacting claimant 12 Reassigned numbers 13 Retroactive DNC scrub 14 Settlement terms 15 Fixing consent language
1
If we bought a "compliant lead list," are we still liable?

Short Answer: Almost certainly yes.

Buying a "TCPA-compliant" lead list does not transfer liability or create a defense. Here's why:

The Consent Problem

  • Consent is non-transferable by default: When someone consents to receive calls from Company A, that consent doesn't automatically extend to Company B, even if Company A sold the lead
  • "Prior express written consent" must be specific: For marketing calls, the consent must "clearly authorize" the calls from the specific caller
  • Generic consent language often fails: Language like "and its partners" or "affiliated companies" is frequently challenged as too vague

What Lead Sellers Promise vs. Reality

  • What they say: "All leads are TCPA-compliant with documented consent"
  • What this usually means: Someone filled out a form somewhere
  • What you need: Consent that specifically names your company or describes your category with enough specificity that a court would find it covers you
Critical Issue: Even if the lead seller had valid consent for their own calls, that consent likely does not extend to you. The FCC has repeatedly stated that consent cannot be "sold" or transferred unless the original consent language specifically authorized it.

Your Options

  • Indemnification: Your contract with the lead seller may include indemnification, but this only helps if they're solvent and honor it
  • Tender the claim: Notify your lead seller and demand they defend/indemnify per contract
  • Joint liability: You're still liable to the plaintiff regardless of what the lead seller promised you
Key Takeaway

Never assume purchased leads have valid consent for your calls. Verify the actual consent language and ensure it specifically authorizes calls from you or your company category.

2
What if the person "consented" but our vendor can't produce the original record?

Short Answer: You likely can't prove consent, and that's your burden.

The Burden of Proof Problem

  • Defendant's burden: Once plaintiff establishes they received a call/text, the burden shifts to you to prove consent
  • No record = no defense: If you can't produce the actual consent record, you can't meet your burden
  • "We had consent" is not enough: Courts require contemporaneous documentation, not after-the-fact assertions

What Counts as Adequate Consent Documentation

  • Ideal: Screenshot/archive of exact form, checkbox state, timestamp, IP address, user agent
  • Acceptable: Database record showing consent timestamp, form version, and checkbox status
  • Marginal: Business records showing lead acquisition date and source
  • Insufficient: "Our vendor says they had consent" without underlying documentation
Vendor Contracts Should Require:
  • Retention of original consent records for 5+ years
  • Ability to produce records within 72 hours of request
  • Indemnification for consent failures
  • Audit rights to verify consent practices

What To Do Now

  • Request records immediately: Put vendor on formal notice and demand production
  • Document the request: If they can't produce, document that failure
  • Review your contract: Identify indemnification and record-keeping obligations
  • Consider tender: Formally tender the claim to the vendor
Key Takeaway

If you can't produce the original consent record, assume you can't prove consent. Build settlement strategy around minimizing exposure rather than winning on consent defense.

3
Does a generic "contact me" webform count as consent for marketing texts?

Short Answer: Almost never for autodialed or prerecorded marketing messages.

The "Prior Express Written Consent" Standard

For telemarketing calls/texts using an autodialer or prerecorded voice, you need "prior express written consent" which requires:

  • Written agreement: Can be electronic (checkbox + click)
  • Clear authorization: Must specifically authorize the type of communication
  • Signature: Electronic signature (clicking "submit" after checkbox) is sufficient
  • Disclosure: Must state consent isn't required for purchase

Why Generic "Contact Me" Forms Fail

Form Element What It Typically Says Why It Fails
CTA Button "Contact Me" or "Get Info" Doesn't authorize marketing texts
Disclosure None or "We may contact you" Doesn't mention autodialed/prerecorded
Phone Field "Phone (optional)" Providing number isn't consent to text
Consent Language Buried in terms link Not "clear and conspicuous"

What Valid Consent Language Looks Like

Example Compliant Language:

"By checking this box, I consent to receive marketing text messages from [Company] at the phone number provided using automated technology. Consent is not required to make a purchase. Message & data rates may apply. Reply STOP to unsubscribe."

Key Takeaway

A form that just says "contact me" or collects a phone number without specific autodialed/marketing text disclosure does NOT provide valid consent. Review your exact form language.

4
What if we stopped after the first complaint - does that reduce damages?

Short Answer: It helps, but doesn't eliminate liability for calls already made.

How Stopping Helps

  • Limits volume: Fewer calls = fewer violations = lower exposure
  • Shows good faith: Helps argue against "willfulness" finding (which would treble damages)
  • Reduces class risk: Smaller affected population = less attractive for class certification
  • Settlement leverage: Demonstrates responsiveness, facilitates negotiation

What It Doesn't Fix

  • Past violations: Every call/text already sent is still a potential $500-$1,500 violation
  • Pattern evidence: If you sent many messages before stopping, that pattern is still there
  • Discovery: Plaintiff can still subpoena full campaign records
Timing Matters: Courts look at when you stopped relative to when you should have known there was a problem. Stopping after a formal demand is expected. Stopping after the first informal complaint shows more proactive compliance.

Document Your Response

  • Timestamp when complaint received
  • Timestamp when campaign paused
  • Evidence of immediate suppression of complainant's number
  • Notes from whoever made the decision to stop
Key Takeaway

Stopping quickly is essential but isn't a get-out-of-jail-free card. It helps with willfulness arguments and limits ongoing exposure but doesn't erase liability for calls already made.

5
What if we kept texting after STOP because the suppression didn't sync?

Short Answer: Technical failures don't excuse post-opt-out contacts, and they often support willfulness.

Why "System Glitch" Is a Dangerous Defense

  • You're responsible for your systems: Choosing to use a system with sync delays is your business decision
  • Known issue = knowledge: If sync delays are a known issue, continuing to use the system may be willful
  • Post-STOP = always bad: Contacts after opt-out are the most sympathetic claims for plaintiffs

How Courts View This

Typical Plaintiff Argument: "Defendant knew its suppression system had delays. Defendant chose to continue high-volume texting despite knowing some recipients who opted out would receive additional messages. This was willful."

Mitigation Strategies

  • Document the technical issue: Get written confirmation from your vendor about sync intervals
  • Show immediate remediation: What steps did you take to fix the sync issue?
  • Demonstrate good faith: Did you have compliance procedures in place? Regular audits?
  • Limit the window: How many messages went out during the sync delay? (Smaller number = better)

Going Forward

  • Implement real-time suppression (not batch sync)
  • Add confirmation step before sending to recently-acquired numbers
  • Audit sync delays across all platforms monthly
  • Document your compliance improvements
Key Takeaway

Sync delays are a systemic problem you chose to accept. Focus defense on showing limited scope and immediate remediation. Fix the underlying issue to prevent future claims.

6
Do repeated texts to the same number multiply damages?

Short Answer: Yes, each text is a separate violation with separate damages.

The Per-Call/Per-Text Rule

  • TCPA damages are per-violation: $500 per call/text, up to $1,500 if willful
  • Each message counts: 10 texts to one person = 10 violations = $5,000-$15,000 exposure to that one person
  • No "single course of conduct" defense: Courts have rejected arguments that a campaign is one violation

How This Multiplies Exposure

Scenario Regular ($500) Willful ($1,500)
1 text to 1 person $500 $1,500
5 texts to 1 person $2,500 $7,500
10 texts to 1 person $5,000 $15,000
10 texts to 100 people (class) $500,000 $1,500,000
Class Action Multiplier: This is why TCPA class actions are so dangerous. A marketing campaign with 10,000 recipients who each got 5 texts creates potential exposure of $25-75 million.

Defense Considerations

  • Challenge willfulness: Reducing from $1,500 to $500 cuts exposure by two-thirds
  • Audit actual volume: Sometimes records show fewer messages than claimed
  • Constitutional challenges: Some courts have reduced awards as unconstitutionally excessive (BMW v. Gore)
Key Takeaway

Every single text multiplies your exposure. A "drip campaign" of 5-10 messages per lead dramatically increases risk compared to single-contact outreach.

7
How do plaintiffs turn one complaint into a class threat?

Short Answer: By showing your violation was systematic, not isolated.

The Class Action Playbook

Plaintiffs' attorneys evaluate TCPA cases for class potential by asking:

  • Common script: Did everyone receive the same or similar message?
  • Same source: Did all numbers come from the same lead list or campaign?
  • Uniform process: Was the same autodialer/platform used for all contacts?
  • Pattern violations: Was consent obtained (or not) the same way for everyone?

Red Flags That Signal Class Risk

High Class Risk Indicators:
  • Mass marketing campaign with standardized messaging
  • Purchased lead list with thousands of numbers
  • Same consent deficiency applies to all recipients
  • Centralized platform (Twilio, CallFire) with complete logs
  • Public complaints (BBB, Yelp, Reddit) showing pattern

How Individual Claims Become Class Claims

  1. Initial demand: One person complains
  2. Discovery: Plaintiff's attorney subpoenas your records
  3. Pattern identification: Records show 5,000 people got same texts
  4. Class certification motion: Attorney argues all 5,000 have identical claims
  5. Settlement pressure: Even if certification uncertain, exposure makes settlement attractive

Defense Strategies

  • Individualized consent: If consent was obtained individually (not form-based), argue individual issues predominate
  • Varying circumstances: Different lead sources, time periods, or consent mechanisms
  • Early settlement: Resolve individual claims before class formation
  • Confidential settlements: Prevent word from spreading to other recipients
Key Takeaway

If your texting was systematic (same list, same script, same platform), assume any complaint has class potential. Structure your response and settlement accordingly.

8
What records should we preserve from Twilio/CallFire/CRMs?

Short Answer: Everything related to the campaign, consent, and opt-outs - and do it immediately.

Litigation Hold Obligation

Once you receive a demand letter (or reasonably anticipate litigation), you have a legal duty to preserve potentially relevant evidence. Failure to preserve can result in:

  • Spoliation sanctions: Adverse inference that destroyed evidence was harmful
  • Cost shifting: Pay opponent's discovery costs
  • Default judgment: In extreme cases

Critical Records to Preserve

Category Specific Records
Communication Logs Call detail records (CDRs), SMS logs, timestamps, phone numbers, message content
Consent Records Form submissions, checkbox states, IP addresses, timestamps, form versions
Opt-Out Logs STOP messages, DNC additions, suppression list changes, timestamps
Lead Data Lead source, acquisition date, vendor information, purchase records
Campaign Configuration Scripts, message templates, sending schedules, targeting criteria
System Configurations Autodialer settings, suppression sync settings, caller ID configuration

Platform-Specific Export Steps

Twilio: Export call logs, message logs via Console or API. Note: logs may auto-delete after retention period.

CallFire: Download campaign reports, contact lists, broadcast histories.

HubSpot/Salesforce: Export contact records, activity history, email/SMS logs, consent fields.

Preservation Checklist

  • Send litigation hold notice to all relevant employees
  • Disable auto-deletion on relevant platforms
  • Export and backup all platform data
  • Preserve email communications about the campaign
  • Document chain of custody for all preserved records
Key Takeaway

Export everything from Twilio/CallFire/CRM immediately. Platform retention policies may delete data you need. Preserving evidence is not optional once litigation is anticipated.

9
If a contractor/agency sent the texts, can the business still be on the hook?

Short Answer: Yes, almost always. Vicarious liability is broadly applied in TCPA cases.

The Vicarious Liability Standard

Under FCC rules and court interpretations, a company can be liable for calls made on its behalf even if a third party actually made them. Liability attaches through:

  • Agency relationship: Contractor acted as your agent (most marketing agencies qualify)
  • Apparent authority: Caller appeared to be acting for you from recipient's perspective
  • Ratification: You accepted the benefits of the calls (leads, sales)

Why "We Didn't Make the Calls" Fails

Courts Have Rejected:
  • "The agency did this without our knowledge" - You chose the agency
  • "Our contract prohibited TCPA violations" - Contract doesn't bind plaintiffs
  • "We told them to be compliant" - You're still vicariously liable
  • "They were an independent contractor" - Agency law still applies

Your Recourse Against the Vendor

  • Indemnification: Most agency contracts include indemnification - enforce it
  • Tender: Formally tender the claim to the agency and demand defense
  • Contribution: Seek contribution from co-defendants
  • Separate litigation: Sue agency for breach of contract/indemnity

Practical Reality

  • Plaintiffs sue the deep pocket (you, not the small agency)
  • Agency indemnification only helps if agency is solvent
  • Insurance may or may not cover TCPA claims - check your policy
  • You defend the claim now, pursue indemnity later
Key Takeaway

Using an agency doesn't shield you from TCPA liability. Plaintiffs can and will sue you directly. Your remedy is against the agency through indemnification, not against the plaintiff.

10
What's the biggest "willfulness" tripwire in real cases?

Short Answer: Continuing to call/text after receiving complaints or knowing about compliance issues.

The Willfulness Standard

"Willful" under TCPA doesn't require intent to violate the law. Courts generally find willfulness when:

  • Knowledge of risk: You knew or should have known calls might violate TCPA
  • Continued anyway: Despite that knowledge, you proceeded
  • No reasonable compliance: Failed to implement reasonable procedures

Top Willfulness Tripwires

Tripwire Why It's Dangerous
#1: Post-complaint contacts You knew they objected and called anyway
#2: Ignoring opt-outs Direct evidence you disregarded consent withdrawal
#3: Known system issues If sync delays are documented, continuing is willful
#4: Prior TCPA claims You were already on notice about compliance issues
#5: No compliance program Shows you didn't try to comply
#6: Purchased "scrubbed" leads without verification Reckless reliance on vendor representations
Real Case Example: Company received BBB complaints about unwanted texts, internal email discussed the complaints, but texting continued. Court found this was willful - they knew about complaints and continued anyway.

How to Protect Against Willfulness Finding

  • Document your compliance efforts (training, policies, audits)
  • Respond immediately to any complaints
  • Fix known issues before they generate claims
  • Maintain contemporaneous records of compliance decisions
  • Get legal advice and document that you followed it
Key Takeaway

The biggest willfulness tripwire is continuing after you know there's a problem. Once you receive any complaint or identify any compliance issue, stop and fix it immediately.

11
Can we safely reach out to the claimant to "make it right"?

Short Answer: Be extremely careful. Direct contact can backfire or create additional violations.

Risks of Direct Contact

  • Additional TCPA violation: If you call/text them again, that's another potential violation
  • Represented party: If they have an attorney, direct contact may violate ethics rules
  • Admissions: Anything you say can be used as evidence
  • Retaliation appearance: Contact could appear threatening or harassing
  • Settlement without release: Informal resolution without proper documentation leaves you exposed

When Direct Contact Might Work

  • Initial informal complaint: Before lawyers involved, quick resolution may prevent escalation
  • Clear error: Genuine one-time mistake with obvious fix
  • Existing relationship: Customer who just wants the calls to stop

Safe Communication Protocol

If You Do Reach Out:
  • Use postal mail or email - NOT phone/text
  • Verify they don't have legal representation first
  • Don't admit liability or apologize for "violating" anything
  • Offer to discuss resolution
  • Any payment must include proper release language
  • Have an attorney review any settlement offer

Better Approach

If they've sent a demand letter, respond through proper channels:

  • Written response to their demand
  • Through their attorney if they have one
  • With appropriate settlement documentation
Key Takeaway

Don't call or text the claimant. If you reach out, use written communication, make no admissions, and ensure any resolution includes a proper release.

12
What if the number was reassigned and the user changed?

Short Answer: This is a valid defense, but it requires proof and the safe harbor has specific requirements.

The Reassigned Number Problem

Phone numbers get reassigned to new users. If you had consent from the old user but the number was reassigned:

  • Your consent from the old user doesn't apply to the new user
  • Calls to the new user are potentially violations
  • This happens frequently - millions of numbers reassigned annually

FCC Safe Harbor (2020 Order)

The FCC created a limited safe harbor:

  • One free call: After reassignment, you get one call/text before liability attaches
  • After notification: Once the new user tells you it's the wrong number, stop immediately
  • Reassigned Number Database: FCC database to check reassignment status (use it)

How to Prove Reassignment

  • Reassigned Number Database check: Shows reassignment date
  • Carrier records: Subpoena can reveal reassignment date
  • Your records: Show when you acquired consent and from whom
  • Timing: If consent date predates reassignment, original consenter was different person
Reassigned Number Database: The FCC's database allows callers to check if numbers have been reassigned. Using it demonstrates good faith compliance efforts.

Defense Strategy

  • Request discovery on when plaintiff acquired the number
  • Compare to when you acquired consent
  • If dates show reassignment occurred between consent and call, you have a defense
  • Document that you stopped after learning of reassignment
Key Takeaway

Reassigned numbers are a valid defense but require proof. Use the FCC Reassigned Number Database, and immediately stop calling when someone says wrong number.

13
Should we run a DNC scrub retroactively - does that help or hurt?

Short Answer: Run it for future compliance, but it doesn't fix past violations and can create adverse evidence.

Why Retroactive Scrubbing Is Complicated

  • Past violations already occurred: Scrubbing now doesn't un-send past messages
  • Creates evidence: The scrub results show which numbers were on DNC when you called
  • Timing issues: DNC status today may differ from status on call date
  • Admission risk: Running a scrub "because of the lawsuit" could imply you weren't scrubbing before

When Retroactive Scrubbing Helps

  • Going forward: Prevents new violations with your existing list
  • Demonstrates remediation: Shows you're taking compliance seriously
  • Limits class: Reduces number of people you'll contact going forward

When It Can Hurt

Potential Problems:
  • Scrub shows 500 numbers were on DNC - now plaintiff knows there are 500 potential class members
  • If you scrubbed before sending, why didn't scrub catch these numbers?
  • If you didn't scrub before, why not? (Strengthens willfulness argument)

Best Practice

  • Do scrub going forward: Don't compound problems with new violations
  • Document carefully: Note that scrub is for future compliance, not admission of past failures
  • Consult counsel: Discuss discovery implications before running retroactive analysis
  • Preserve original data: Don't delete or modify historical records
Key Takeaway

Scrub your list for future campaigns, but be aware that retroactive analysis creates discoverable evidence. Consult with counsel about timing and documentation.

14
What settlement terms prevent follow-on claims?

Short Answer: Broad release language, confidentiality, and non-solicitation provisions are essential.

Essential Settlement Terms

1. Comprehensive Release

  • Scope: All TCPA claims, state law equivalents, UCL, common law
  • Time period: All past conduct through settlement date
  • Parties: Include your company, affiliates, vendors, agents
  • Known and unknown: Include California Civil Code 1542 waiver
Sample Release Language:

"Releasor releases all claims arising from or relating to any telephone calls or text messages sent by or on behalf of [Company], including but not limited to claims under 47 U.S.C. 227, state telemarketing statutes, unfair competition laws, and common law..."

2. California Civil Code 1542 Waiver

Critical for California settlements - releases unknown claims:

  • Without this waiver, plaintiff can later claim they didn't know about certain violations
  • Must be explicitly cited and waived in the settlement

3. Confidentiality Provisions

  • Settlement amount: Keep payment amount confidential
  • Terms: Restrict disclosure of settlement terms
  • Why it matters: Prevents other recipients from learning about the settlement and filing similar claims

4. Non-Solicitation/Non-Cooperation

  • Settling party agrees not to solicit or assist other claimants
  • Agrees not to participate in class action against you
  • Agrees not to provide testimony or assistance to other plaintiffs

5. No Admission Clause

  • Settlement is not admission of liability
  • Prevents use of settlement as evidence in other proceedings
Key Takeaway

A settlement without proper release language is just a payment that invites more claims. Invest in proper settlement documentation including broad release, 1542 waiver, and confidentiality.

15
How do we fix our intake/consent language without admitting past wrongdoing?

Short Answer: Frame changes as "enhancements" and "best practices," not corrections of deficiencies.

The Documentation Dilemma

You need to fix compliance issues, but written documentation of changes could be used against you:

  • Problem: "We updated our consent form because the old one didn't comply with TCPA"
  • This implies: The old form was deficient = admission of past violations
  • Better framing: "We enhanced our consent process to reflect evolving best practices"

Safe Language for Compliance Updates

Use This Language:
  • "Enhanced to reflect current best practices"
  • "Updated in light of evolving regulatory guidance"
  • "Strengthened to exceed industry standards"
  • "Refined based on counsel's recommendations"
Avoid This Language:
  • "Fixed compliance issues"
  • "Corrected TCPA violations"
  • "Old form was non-compliant"
  • "We weren't getting proper consent before"

Practical Steps

  1. Conduct privileged review: Have attorney analyze current practices under privilege
  2. Create enhancement memo: Document changes as "best practice enhancements," not fixes
  3. Version control: Keep records of form versions with dates (you may need to show what was used when)
  4. Training records: Document staff training on "enhanced procedures"
  5. Prospective application: New procedures apply to new leads - don't purge old consent records

Attorney-Client Privilege Protection

  • Have attorney direct the compliance review
  • Mark internal documents "ATTORNEY-CLIENT PRIVILEGED"
  • Analysis should be for purpose of legal advice, not business operations
  • Don't share privileged analysis outside need-to-know
Key Takeaway

Fix your consent language, but frame all changes as enhancements and best practices. Conduct the review under attorney-client privilege. Never document that old practices were non-compliant.

Questions About Your Specific Situation?

These FAQs cover common scenarios, but every TCPA case has unique facts. Schedule a consultation to discuss your specific exposure, defenses, and strategy.