Key Principle: Under TCPA, a company can be held liable for calls made by third parties (vendors, lead generators, call centers) acting "on behalf of" that company. This is known as vicarious liability, and it means you can't simply outsource your way out of TCPA compliance.
Agency Theory Under TCPA
The FCC and courts apply traditional agency principles to determine vicarious liability:
Actual Authority
Express Authority: Contract explicitly authorizes vendor to make calls on your behalf
Implied Authority: Vendor's authority to call is reasonably implied from the business relationship
Key Question: Did you authorize, direct, or condone the calling activity?
Apparent Authority
Test: Would a reasonable consumer believe the vendor was acting on your behalf?
Factors: Use of your brand name, scripts mentioning your company, caller ID showing your name
Key Question: Did you create the appearance that vendor speaks for you?
Ratification
Test: Did you accept the benefits of the vendor's calling activity?
Factors: Accepting leads generated from calls, paying for call volume, continuing relationship after learning of violations
Key Question: Did you adopt the vendor's conduct after the fact?
The "On Behalf Of" Standard
FCC 2015 Declaratory Ruling: The FCC clarified that a person or entity "on whose behalf" a call is made includes anyone who "allows" the telemarketing calls to be made. This is a broad standard that makes it difficult to escape liability.
Factors Courts Consider
Factor
Increases Liability
Decreases Liability
Script Control
You provide or approve scripts
Vendor creates own scripts without your input
Lead Source
You provide calling lists to vendor
Vendor sources its own leads
Branding
Calls made under your brand name
Vendor uses its own identity
Compensation
Pay per call/lead generated
Flat fee unrelated to call volume
Monitoring
You monitor call quality/compliance
Complete vendor independence
Training
You train vendor's agents
Vendor handles all training
FCC Guidance on Vicarious Liability
The FCC has issued several rulings clarifying vicarious liability standards:
2013 Rule: "Seller" liable for telemarketing calls made by "telemarketers" on seller's behalf
2015 Omnibus Ruling: Expanded "on behalf of" to anyone who "allows" calls to be made
Dish Network (2017): Principal liable even without knowledge of specific violations if relationship gave rise to apparent authority
Facebook (2021): Platform operators can be liable for third-party calls made through their systems
Key Takeaway: Contractual provisions stating the vendor is an "independent contractor" do NOT eliminate vicarious liability if other factors show an agency relationship. Courts look at the practical reality, not just contract language.
Common Vendor Relationships Subject to Vicarious Liability
Vendor Type
Liability Risk
Key Considerations
Lead Generators
High
Calls explicitly generate leads for your company
Outbound Call Centers
High
Making calls under your brand using your scripts
Marketing Agencies
Moderate-High
Depends on degree of control over campaigns
Referral Partners
Moderate
Less control but may have apparent authority
Technology Providers
Lower
Usually just providing tools, not making calls
Vendor Defense Strategies
Purpose: When a third party made the calls that led to a TCPA demand, you may have defenses based on the nature of your relationship with that vendor. This section covers arguments to reduce or eliminate your vicarious liability exposure.
Independent Contractor Defense
The Argument
The vendor was a true independent contractor, not an agent, and therefore you are not vicariously liable for their TCPA violations.
Required Showings
No Right to Control: You did not control HOW the vendor performed calling activities
Vendor's Own Methods: Vendor used its own scripts, technology, and procedures
Vendor's Own Lists: Vendor sourced its own calling lists, not lists you provided
No Training: You did not train vendor's personnel
Independent Business: Vendor serves multiple clients, not exclusively you
Contract Language: Agreement clearly designates independent contractor status
Limitation: This defense often fails because courts look beyond contract language to the practical reality. If you provided scripts, approved messaging, or paid per-lead, courts may find an agency relationship despite "independent contractor" labels.
Lack of Control Defense
The Argument
Even if some agency relationship existed, you lacked the specific control that would make you liable for TCPA violations.
Evidence to Gather
No Script Approval: Documentation showing you did not review or approve calling scripts
No Call Monitoring: Evidence you did not monitor or listen to vendor's calls
Vendor's Compliance Program: Vendor maintained its own TCPA compliance (separate from any you required)
No Consent Collection: Vendor collected its own consent, not consent on your behalf
Vendor's DNC: Vendor maintained its own DNC lists independently
Rogue Vendor / Departure from Instructions
The Argument
The vendor departed from your instructions and engaged in unauthorized conduct. A principal is generally not liable for an agent's conduct that exceeds the scope of authority.
Required Showings
Clear Instructions: You gave explicit instructions to comply with TCPA
Contract Provisions: Agreement required TCPA compliance with specific terms
No Knowledge: You had no knowledge of the violations until the demand
No Ratification: Once aware, you took corrective action (terminated, demanded cure)
No Benefit: You did not accept leads or benefits from the non-compliant calls
Strongest Case: If you can show (1) contract required TCPA compliance, (2) vendor made specific representations about compliance, (3) you had no reason to know vendor was violating, and (4) you immediately acted when you learned of violations, you have a strong defense and a potential claim against the vendor.
No Apparent Authority Defense
The Argument
The consumer had no reason to believe the vendor was acting on your behalf, so no apparent authority existed.
Evidence to Gather
Vendor called under its own name, not yours
No mention of your company on the call
Caller ID did not display your company name
No co-branding or joint marketing materials
Consumer was unaware of any connection between vendor and you
Indemnity Trigger Analysis
Even if you are held liable to the consumer, you may have contractual rights to recover from the vendor. Key questions:
Contract Element
Questions to Ask
Indemnification Clause
Does vendor indemnify you for TCPA claims? Any carve-outs?
TCPA Warranties
Did vendor warrant compliance? Breach = indemnity trigger?
Insurance Requirements
Does vendor have TCPA insurance? Were you named as additional insured?
Defense Obligations
Must vendor defend claims? Pay attorneys' fees?
Settlement Approval
Can you settle and recover, or does vendor have settlement rights?
Contract Clauses Review
Purpose: When facing a TCPA claim involving vendor conduct, immediately review your vendor contracts. The contract terms determine your rights to seek defense, indemnification, and contribution from the vendor.
TCPA Representations and Warranties
Look for provisions where the vendor represented or warranted compliance:
Strong Language (Favorable to You)
Example Warranty Clause:
"Vendor represents and warrants that all telemarketing activities performed under this Agreement shall comply with the Telephone Consumer Protection Act (47 U.S.C. 227), FCC regulations (47 CFR 64.1200), the Telemarketing Sales Rule (16 CFR 310), and all applicable state telemarketing laws. Vendor warrants that it has obtained all required consent prior to initiating any call or text message and maintains appropriate do-not-call procedures."
Weak Language (Less Favorable)
Example Weak Clause:
"Vendor agrees to use commercially reasonable efforts to comply with applicable laws."
Watch For: Mutual warranty provisions that also impose TCPA obligations on YOU. Some contracts make both parties warrant compliance, which can undermine your indemnity claim if you also arguably breached (e.g., by providing non-compliant lists).
Indemnification Scope
Key Elements to Review
Triggering Events: What triggers indemnity? TCPA claims specifically named?
Covered Damages: Does indemnity cover settlements? Judgments? Attorneys' fees?
Defense Obligation: Must vendor defend the claim, or just pay after resolution?
Notice Requirements: How quickly must you notify vendor of a claim?
Cooperation: What cooperation is required from you?
Settlement Rights: Can vendor settle without your consent? Can you settle without theirs?
Caps and Limits: Any cap on indemnification amount?
Carve-Outs: Any exclusions (e.g., claims arising from YOUR breach)?
Sample Strong Indemnification Clause
Favorable Indemnification:
"Vendor shall indemnify, defend, and hold harmless Client from and against any and all claims, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising out of or relating to: (a) any violation of the TCPA or any similar state or federal telemarketing law; (b) any claim that calls or texts made by Vendor lacked required consent; (c) any claim that Vendor failed to honor opt-out or do-not-call requests; (d) any claim arising from Vendor's marketing practices. This indemnification shall apply regardless of any negligence or fault on the part of Client, except to the extent a claim arises solely from Client's willful misconduct."
Audit Rights
Audit provisions allow you to investigate vendor compliance and gather evidence:
What to Look For
Right to Audit: Can you audit vendor's TCPA compliance processes?
Record Access: Can you access call logs, consent records, DNC lists?
Notice Requirements: How much notice before an audit? Can you audit immediately after a claim?
Cost: Who pays for audit? Can you recover costs if violations found?
Third-Party Auditors: Can you use outside auditors?
Sample Audit Clause
Comprehensive Audit Right:
"Client shall have the right, upon reasonable notice (which may be immediate in the event of a regulatory inquiry or litigation), to audit Vendor's telemarketing practices, including without limitation: (i) consent collection and storage procedures; (ii) call and text logs; (iii) DNC list maintenance; (iv) opt-out processing; and (v) agent training records. Vendor shall cooperate fully with any such audit and shall make available all records necessary to verify TCPA compliance. If an audit reveals material non-compliance, Vendor shall bear all costs of the audit."
Insurance Requirements
Check if the contract required the vendor to maintain TCPA insurance:
Coverage Type: Does vendor have Errors & Omissions or TCPA-specific coverage?
Coverage Limits: What are the policy limits? Adequate for potential exposure?
Additional Insured: Were you named as additional insured on vendor's policy?
Certificate: Did vendor provide certificate of insurance? Is it current?
Direct Claim Right: Can you claim directly against vendor's insurer?
If Named as Additional Insured: You may be able to tender the claim directly to the vendor's insurance carrier, potentially getting defense costs covered even before establishing the vendor's liability.
Contract Clause Checklist
VENDOR CONTRACT TCPA CLAUSE REVIEW CHECKLIST
Contract: ________________________
Vendor: ________________________
Review Date: ________________________
Reviewer: ________________________
1. TCPA REPRESENTATIONS/WARRANTIES
[ ] Does vendor warrant TCPA compliance? Y/N
[ ] Specific TCPA reference or general "applicable laws"?
[ ] Warranty re: consent collection? Y/N
[ ] Warranty re: DNC compliance? Y/N
[ ] Mutual warranty (you also warrant)? Y/N
Location in contract: Section ___
2. INDEMNIFICATION
[ ] Indemnity clause exists? Y/N
[ ] TCPA claims specifically covered? Y/N
[ ] Defense obligation included? Y/N
[ ] Attorneys' fees covered? Y/N
[ ] Settlements covered? Y/N
[ ] Cap on indemnification? Y/N Amount: $_______
[ ] Carve-outs/exclusions? Y/N Describe: ___________
[ ] Notice requirements? Deadline: _____ days
[ ] Survival clause (survives termination)? Y/N
Location in contract: Section ___
3. AUDIT RIGHTS
[ ] Audit right exists? Y/N
[ ] TCPA compliance specifically auditable? Y/N
[ ] Record access included? Y/N
[ ] Notice requirement: _____ days
[ ] Immediate audit on claim/litigation? Y/N
[ ] Cost allocation: _____________
Location in contract: Section ___
4. INSURANCE
[ ] Insurance requirement exists? Y/N
[ ] TCPA/E&O coverage required? Y/N
[ ] Coverage limit: $_______
[ ] Additional insured status required? Y/N
[ ] Certificate on file? Y/N Current through: _______
Location in contract: Section ___
5. TERMINATION
[ ] Can terminate for TCPA breach? Y/N
[ ] Material breach provision? Y/N
[ ] Cure period: _____ days
Location in contract: Section ___
OVERALL ASSESSMENT
Strength of indemnity position: [ ] Strong [ ] Moderate [ ] Weak
Key gaps identified: ________________________________
Vendor Hold and Records Demand
Immediate Action: Upon receiving a TCPA demand involving vendor conduct, immediately send a litigation hold and records demand to the vendor. This preserves evidence and establishes your rights.
Why Immediate Action Matters
Evidence Preservation: Vendors may have data retention policies that delete records
Spoliation Prevention: Putting vendor on notice creates duty to preserve
Indemnity Protection: Timely notice may be required under contract
Cooperation Rights: Establish your audit rights early
Shifting Blame: Document that vendor is source of potential liability
Template: Litigation Hold Notice to Vendor
[YOUR COMPANY LETTERHEAD]VIA EMAIL AND CERTIFIED MAIL
Date: [DATE]
[Vendor Name]
Attn: Legal Department / General Counsel
[Address]
Re: LITIGATION HOLD NOTICE - TCPA Claim
Contract Reference: [Contract Name/Number]
Claimant: [Claimant Name, if known]
Dear [Vendor Contact]:
We write to notify you of a Telephone Consumer Protection Act (TCPA) claim that has been asserted against [Your Company] arising from telemarketing activities performed by [Vendor Name] under our agreement dated [Contract Date] (the "Agreement").
I. NATURE OF CLAIM
On [Date], [Your Company] received a demand letter / complaint alleging TCPA violations related to [calls/texts] allegedly made to [Claimant Name / phone number]. The claim alleges [brief description: lack of consent, DNC violation, post-opt-out contact, etc.].
Based on our records, any calls to this number would have been made by [Vendor Name] as part of the [Campaign Name / Lead Generation / Outbound Calling] services performed under the Agreement.
II. LITIGATION HOLD
You are hereby directed to immediately preserve and retain all documents, data, and electronically stored information (ESI) related to:
1. Any calls or text messages to [phone number(s) at issue]
2. Any consent records for the phone number(s) at issue
3. Call logs, dialer records, and campaign records for [relevant time period]
4. Do-not-call and suppression list records
5. Opt-out requests and processing records
6. Agent notes, CRM records, and call recordings
7. Compliance policies, training materials, and audit records
8. All communications with [Your Company] regarding this matter
This preservation obligation applies to all media, including but not limited to servers, backup tapes, email systems, cloud storage, mobile devices, and paper records.
You must immediately suspend any routine document destruction or data deletion that could affect these records.III. RECORDS DEMAND
Pursuant to Section [X] of the Agreement [audit rights provision], we demand production of the following within [10/14] business days:
1. Complete call/text log for [phone number] including timestamps, duration, disposition
2. Consent record for [phone number] including method of collection, timestamp, language presented
3. DNC/suppression list showing status of [phone number] and any opt-out history
4. Agent notes or CRM records for [phone number]
5. Call recordings, if any
6. Campaign configuration and script used
7. Compliance certifications for the campaign at issue
IV. INDEMNIFICATION NOTICE
Pursuant to Section [X] of the Agreement [indemnification provision], this letter constitutes notice of a claim for which [Vendor Name] may have indemnification obligations. We reserve all rights under the Agreement, including but not limited to rights to defense, indemnification, and contribution.
Please confirm in writing within 5 business days: (a) receipt of this notice; (b) implementation of litigation hold; and (c) your position on indemnification obligations.
V. CONTACT
Please direct all communications regarding this matter to:
[Your Name]
[Title]
[Email]
[Phone]
We expect your prompt attention to this matter.
Sincerely,
[Signature]
[Name]
[Title]
[Your Company]
cc: [Your outside counsel, if any]
Enclosure: [Copy of demand letter received, if appropriate]
Evidence Export Checklist
Request and obtain the following from the vendor:
VENDOR EVIDENCE EXPORT REQUEST LISTA. CALL/TEXT RECORDS
[ ] Complete call/text log for claimant's number
[ ] Call/text logs for all numbers in same campaign
[ ] Timestamp, duration, disposition for each contact
[ ] Caller ID used for outbound contact
[ ] Agent ID for each contact (if manual dialing)
B. CONSENT RECORDS
[ ] Original consent record for claimant's number
[ ] Screenshot/capture of consent language presented
[ ] Timestamp of consent
[ ] IP address, device info, session data (for web consent)
[ ] Source of lead (if purchased from third party)
[ ] Chain of custody for consent from source to vendor
C. SUPPRESSION/DNC RECORDS
[ ] Internal DNC list as of each contact date
[ ] National Registry access logs and scrub records
[ ] Opt-out/STOP processing logs
[ ] Date claimant's number added to suppression (if ever)
D. CAMPAIGN DOCUMENTATION
[ ] Campaign brief/scope document
[ ] Script(s) used
[ ] Dialer configuration settings
[ ] Compliance review/approval documentation
[ ] List of agents assigned to campaign
E. COMPLIANCE PROGRAM
[ ] TCPA compliance policies
[ ] Agent training materials and completion records
[ ] DNC policy document
[ ] Consent collection procedures
[ ] Opt-out handling procedures
[ ] Audit reports (internal or external)
F. COMMUNICATIONS
[ ] All emails between your company and vendor re: this campaign
[ ] Compliance certifications provided to you
[ ] Any incident reports or complaints related to campaign
G. INSURANCE
[ ] Current certificate of insurance
[ ] Policy declarations page
[ ] Confirmation of additional insured status
Timing is Critical: Many vendors have 30-90 day data retention policies. Call recordings, in particular, are often deleted within 30 days. Send your records demand immediately upon receiving a TCPA claim.
Tendering the Claim to Vendor
What is Tendering? Tendering is the formal process of notifying a party of their indemnification obligations and demanding they defend and/or indemnify you for a claim. Proper tendering can shift defense costs and liability to the vendor.
When to Tender
Tender Immediately If:
Clear Vendor Conduct: The calls at issue were made by the vendor, not your internal team
Insurance Coverage: Vendor has TCPA insurance and you are additional insured
Significant Exposure: Claim is large enough to warrant formal process
Wait to Tender If:
Unclear Responsibility: Not yet sure if vendor or internal team made the calls
Weak Contract: Indemnity clause is ambiguous or has significant carve-outs
Small Claim: Nuisance claim that may be cheaper to settle than litigate indemnity
Relationship Concerns: Need to preserve vendor relationship (tender carefully)
Tender Letter Template
[YOUR COMPANY LETTERHEAD]VIA EMAIL AND CERTIFIED MAIL, RETURN RECEIPT REQUESTED
Date: [DATE]
[Vendor Name]
Attn: Legal Department / General Counsel
[Address]
Re: FORMAL TENDER OF CLAIM - Request for Defense and Indemnification
Contract: [Agreement Name/Date]
Claim: [Claimant Name] TCPA Demand
Dear [Vendor Contact]:
Pursuant to Section [X] of the [Agreement Name] dated [Date] between [Your Company] ("Client") and [Vendor Name] ("Vendor"), Client hereby formally tenders the below-described claim to Vendor for defense and indemnification.
I. THE CLAIM
On [Date], Client received a demand letter from [Claimant Name / Claimant's Counsel] alleging violations of the Telephone Consumer Protection Act arising from [calls/text messages] made to [phone number]. A copy of the demand is enclosed.
The demand alleges [summarize: lack of consent, DNC violation, post-opt-out contact, etc.] and seeks [damages amount, if stated]. The demand [has/has not] been followed by the filing of a lawsuit.
II. BASIS FOR TENDER
The calls at issue were made by Vendor as part of the [Campaign Name / service description] services performed under the Agreement. Specifically:
- Calls/texts were made by Vendor's agents using Vendor's dialer platform
- Lists used were [provided by Client with consent / generated by Vendor]
- Scripts were [provided by Client / created by Vendor]
- Consent collection was performed by [Vendor]
Under Section [X] of the Agreement, Vendor agreed to:
[Quote relevant indemnification language]
The current claim falls squarely within Vendor's indemnification obligations because [explain how claim triggers indemnity].
III. DEMAND
Client demands that Vendor:
1. DEFEND: Assume the defense of this claim, including retention of counsel acceptable to Client, at Vendor's sole expense;
2. INDEMNIFY: Indemnify and hold harmless Client from any and all damages, settlements, judgments, costs, and expenses (including attorneys' fees) arising from this claim;
3. COOPERATE: Provide all records and cooperation necessary to defend the claim, including the evidence previously requested in our [Date] litigation hold notice;
4. INSURANCE: Tender this claim to Vendor's insurance carrier and confirm Client's status as additional insured.
IV. RESPONSE REQUIRED
Please respond in writing within ten (10) business days confirming:
1. Vendor's acceptance of the tender and agreement to defend/indemnify;
2. Identity of defense counsel to be retained;
3. Status of insurance claim;
4. Proposed timeline for producing requested records.
V. RESERVATION OF RIGHTS
This tender is made without prejudice to any other rights Client may have under the Agreement or at law, including but not limited to rights to terminate for material breach, seek contribution, or pursue direct claims against Vendor. Client's acceptance of any defense provided by Vendor shall not constitute a waiver of any claims against Vendor.
If Vendor fails or refuses to accept this tender, Client reserves the right to defend the claim independently and seek full reimbursement of all defense costs and any amounts paid in settlement or judgment.
VI. CONTACT
Please direct all communications to:
[Your Name]
[Title]
[Email]
[Phone]
Sincerely,
[Signature]
[Name]
[Title]
[Your Company]
Enclosures:
- Copy of TCPA Demand Letter
- Relevant Agreement sections
- Prior correspondence re: litigation hold
Follow-Up Procedures
If Vendor Accepts Tender
Confirm in writing the scope of defense being assumed
Approve (or object to) proposed defense counsel
Establish communication protocol for case updates
Clarify settlement authority and approval process
Document all defense costs for potential dispute
If Vendor Rejects Tender
Send written response disputing rejection with legal analysis
Proceed with your own defense; document all costs
Consider whether vendor's rejection is itself a breach
Preserve right to seek reimbursement after resolution
Evaluate whether to file cross-claim or third-party complaint
If Vendor Does Not Respond
Send follow-up letter noting default
State that silence will be treated as rejection
Proceed with own defense; document all costs
Preserve all indemnity rights for later enforcement
Don't Wait Too Long: Contract indemnity provisions often have notice deadlines. Failure to tender promptly may waive your indemnification rights. Send the tender as soon as you can establish the claim involves vendor conduct.
Need Help With Vendor Liability Issues?
Vendor relationships and indemnity disputes can significantly impact your TCPA exposure. Get professional guidance on contract review, tender strategy, and defense coordination.