Texting or calling your customers? So is everyone else. With over 6 billion texts flying around every day, it’s no surprise that businesses rely on phone outreach to stay connected. But if you’re not following TCPA compliance, one message or call could cost you thousands.
The Telephone Consumer Protection Act (TCPA) was designed to protect consumers from unwanted calls, texts, and robocalls. With fines reaching upto 210 million, it’s one rulebook you don’t want to ignore.
In this blog, we’ll cover major rules, the exemptions, real cases where companies got it wrong, and how you can stay compliant (without slowing down).
So, what’s at stake if you don’t follow TCPA compliance?
Reaching out to your customers via call or message is easy – just a click away. However, getting sued isn’t part of the plan.
TCPA violation penalties are no joke. Fines range from $500 to $1,500 per violation (that’s per call or text) for businesses that don’t follow TCPA compliance. But it’s not just about the money. Here’s what’s really at stake:
- Class-action lawsuits can amount to hundreds of millions, making settlements challenging.
- However, the biggest hit isn’t financial; it’s your reputation. News of a lawsuit spreads fast, and once trust is lost, rebuilding it is harder (and costlier) than paying any fine.
Let’s see this example of how one mistake cost a cruise millions of dollars!
Caribbean Cruise Line’s $76M Mistake
Source: Youtube
What happened?
Between August 2011 and August 2012,Caribbean Cruise Line and its affiliates robocalled nearly 1 million people, offering “free cruises” in exchange for answering a political survey without obtaining prior consent.
The mistake:
They launched a text marketing opt-in campaign from scratch, promoting it in-store, via email, and on their website.
They used automated calls
without express written consent —a clear violation of TCPA compliance.
What happened next?
- A class-action lawsuit was filed by Grant Birchmeir and Stephen Parkes.
- After 4 years of legal battles, the company agreed to a $76 million settlement, with payouts of up to $500 per call.
- The story made headlines as “cruise ship robocall settlement” flooded the news.
Lesson learned:
Don’t dial or text your customers unless you’ve got proper consent.
Now, let’s see what rules a business should abide by to avoid TCPA complaints.
TCPA compliance essentials
Without any more delays, let us jump straight into the main rules businesses must follow:
1. Consent
Express written consent is a must for marketing calls or texts. Here is what is considered as express consent:
| Method | Example |
| Online/paper form | The customer submits a form with a statement like: “By providing your number, you agree to receive promotional texts from [Company].” |
| Checkbox opt-in | A non-pre-checked box that says: “Yes, I’d like to receive updates via text.” |
| Keyword texting | The customer texts the keyword “JOIN” to 12345 to subscribe to messages. |
For informational outreach, oral consent is okay. For example, A customer gives their number over a call and confirms,
“Sure, you can text me the appointment details.”
Just remember to keep a record of who consented, when, and how (using a form, a checkbox, or a call log).
2. Timing & DNC rules
Nobody likes getting calls or texts at odd hours. That’s why the rules are clear:
Businesses can only reach out between 8 AM and 9 PM local time. And yes, “local time” refers to the customer’s time zone, not yours.
In March 2025 alone, a South Florida firm filed over 100 lawsuits alleging TCPA violations of these timing restrictions, many of which involved text messages.
Good news? Gaglers timezone texting and calling takes care of that for you. It automatically sends messages at the right time, customized to each contact’s timezone, so you stay TCPA-compliant.
Also, before you hit send, make sure you’ve scrubbed your list against the National Do-Not-Call (DNC) registry. If someone’s on it, you can’t contact them—unless you fall under a few specific exemptions (like certain political or nonprofit outreach).
| New FCC rules alert! Recent court decisions revoked the one-to-one consent requirement, but the FCC has responded with stricter rules for businesses. Notably, the time allowed to process opt-out requests has been reduced to just 10 days. |
3. Opt‑out must be easy
Always include a clear opt-out option for customers to stop receiving texts when they don’t wish to:
- In text messages, “Reply STOP to unsubscribe.”
- Allow a verbal opt-out for calls.
Ensure that you frequently inform your customers of how to opt out or revoke TCPA consent if they are no longer interested. Let’s examine what happens when you don’t, using an example from this famous clothing brand.
American Eagle Outfitters’ $14.5M texting mistake
Source: Top Class Actions
What happened?
Between 2010 and 2017, American Eagle Outfitters sent over 600,000 promotional texts, but many recipients never provided written consent, and some continued to receive texts after opting out.
The mistake:
First, they sent marketing text messages without consent They send texts even after people opted out
What happened next?
Customers filed a class-action lawsuit. After years in court, American Eagle settled for $14.5 million. Each person affected got $142–$285.
Lesson learned:
No consent, no text. And once someone opts out—stop messaging. Simple.
4. Identify yourself
Whether it’s a live agent or a robocall, you must identify yourself as a business every time to keep up call center compliance. Here’s what to include while calling:
- State your name and the company’s at the beginning.
- Explain why you’re calling—don’t leave people guessing.
- Provide a way to opt out, either verbally or by pressing a key.
Here is an example:
“Hi, this is Maya from GreenLeaf Solar. We’re reaching out to let you know about a limited-time offer on home energy upgrades. If you’d like to stop receiving these calls, just say ‘Stop’ or press 9 now.”
| New FCC rules alert! States like Florida, New York, and Maryland now have their own “mini-TCPA laws”. For example: 1. In Florida, if someone opts out of messages, you must remove their number within 15 days. 2. In New York, you could face a $20,000 fine for each violation. So what’s okay in one state might break the rules in another. Always check state laws before starting a campaign. |
Here is a short table on the differences between calls, texts, and robocall TCPA compliance
| Aspect | Calls compliance | Texts compliance | Robocalls compliance |
| Consent needed | Prior express written consent for marketing; express consent for informational calls | Prior express written consent for marketing; express consent for informational texts | Prior express written consent for all marketing robocalls (prerecorded or auto-dialed) |
| Opt-out requirement | Must provide an opt-out mechanism to revoke TCPA consent (e.g., DNC list, verbal request) | Must include clear opt-out instructions in every message (e.g., “Reply STOP”) | Must provide an automated opt-out option during the call (e.g., “Press 2 to be removed”) |
| Documentation | Must document and store consent records | Must document and store consent records | Must document and store consent records |
| Penalties for violations | $500–$1,500 per violation (per call) | $500–$1,500 per violation (per text) | $500–$1,500 per violation (per robocall) |
| Common violations | Calling DNC numbers, lack of consent, failing to honor opt-outs | Texting without consent, unclear opt-out, mass unsolicited texts | Robocalling without consent, prerecorded sales messages to cells |
Read also: Best Auto Dialer for Small Business: Great Features in 2025
However, along with the rules, some businesses or campaigns are exempt from following these rules. Let’s see who they are.
TCPA compliance exemptions: Who gets a pass?
Not every call, text, or robocall triggers a TCPA complaint. While most marketing text messages require clear consent, the law does allow for a few key exceptions.
Here are the three significant exceptions every business should know:
1. Emergency purposes:
This covers situations where immediate communication is crucial, such as:
| • Natural disasters like hurricanes, floods, or earthquakes alert • TCPA healthcare exemptions, such as disease outbreaks, water contamination • Safety warnings like active shooter alerts or evacuation orders • Critical outages, such as power or utility failures, pose a significant risk to operations. |
2. Manual texting:
The TCPA targets automated outreach. If you’re typing and sending each text manually (yes, with your fingers), you’re generally in the clear.
- What qualifies: One-by-one, human-sent message.
- What doesn’t: Any use of autodialers or mass texting tools—even if sent to just a few people
3. Nonprofit organizations:
Tax-exempt nonprofit organizations have more leeway under the TCPA.
- Fundraising: Nonprofits can utilize autodialers or prerecorded calls to solicit donations or promote events.
- Outreach: Educational, volunteer, and service update calls are generally exempt from this requirement.
- Events: Reminders or changes about upcoming events are allowed.
Rule update: Even exempted prerecorded calls to landlines now have limits:
- Max 3 calls in 30 days
- For healthcare: 1 call per day, 3 per week
| Industries | What’s covered |
| Financial institutions | Account updates, security alerts, fraud notifications |
| Healthcare providers | Appointment reminders, test results, follow-ups |
| Pharmacies | Prescription refill or pickup alerts |
| Utilities | Outage notices, service updates |
| Schools | Closures, health alerts, attendance messages |
These types of messages are exempt from TCPA because they’re non-commercial and critical to the recipient, but remember:
- If you sneak in promotional content, you lose the exemption
- Even exempt messages must clearly offer an opt-out option and identify the sender.
- Each state may have its own stricter version of these rules; be aware of your local rules.
Read also: Best Call Center Quality Assurance Guide for 2025
Quick TCPA compliance checklist
As Eric J. Troutman, a leading TCPA defense attorney, said
“The TCPA has become the biggest cash cow in history for the plaintiff’s bar.”
That’s your cue to tighten up TCPA compliance before someone turns your outreach into their next payday. Here’s a quick checklist to make sure your business is staying TCPA-compliant without slowing down your campaigns
| Checklist | What to do? | Best practice |
| Get consent | Collect express written consent before sending marketing calls and texts. | Use simple opt-in language that’s easy to understand. |
| Document everything | Keep detailed records of consent — who gave it, when, how, and what was agreed to | Store securely in CRM or dedicated compliance software. |
| Honor opt-outs | Make it easy to unsubscribe and respond quickly to requests. | Test your opt-outs regularly ( once or twice a week) to check if it works |
| Scrub your lists | Regularly clean your contact lists against the National Do Not Call registry and updated numbers. | Schedule monthly list clean-ups to avoid costly mistakes. |
| Train your team | Ensure that everyone involved is aware of and adheres to TCPA rules—businesses are responsible for their actions. | Conduct regular training sessions and provide easy-to-reference guides. |
| Know your exemptions | Use exemptions only if your message truly qualifies; when in doubt, obtain consent anyway. | Double-check exemptions with legal advice before launching campaigns. |
| Stay updated | Stay up-to-date with new FCC rules and any state laws that may impact your campaigns. | Keep a tab on the FCC news and events section. |
Pro tip: Gaglers integrates with popular CRMs like NationBuilder, Salesforce, Blackbaud, NGPVan, and more. Helping you to store data.
FAQs of TCPA compliance
What are the rules of the TCPA?
Get consent, honor opt-outs, and avoid calling during restricted hours.
What is a violation of the TCPA?
Sending calls or texts without consent, ignoring opt-out requests, or misusing autodialers counts as a violation.
What activities are prohibited by the TCPA?
Unsolicited marketing calls/texts without consent, robocalls without proper disclosure, and calls to numbers on the National Do Not Call Registry during restricted times are prohibited.
Is 10 DLC registration a TCPA compliance requirement?
No, 10DLC registration isn’t a direct TCPA requirement—but yes, it is very important for staying compliant with carrier regulations and avoiding message filtering or fines. It’s the mobile carriers who have mandated 10DLC to reduce spam and ensure only verified businesses can send mass texts. This builds trust, avoids message filtering or fines and improves deliverability.
Stay TCPA compliant with Gaglers.
In the first quarter of 2025 alone, 507 TCPA class action lawsuits were filed — that’s a staggering 112% increase compared to the same period in 2024. This sharp rise highlights the importance of taking TCPA compliance seriously for businesses. Ignoring the rules isn’t just risky; it could cost your company millions in fines and irreparable damage to your reputation.
Don’t let your outreach become the next headline. Stay ahead of the curve with Gaglers, a TCPA-compliant outreach platform designed to help you manage your campaigns seamlessly. Start your business outreach the right way — compliant, confident, and effective.