Telemarketing consent + DNC program (TCPA)

telemarketing-consent-programDomain: advertisingType: process

Description

A working TCPA program captures consent, records it in a form a court will accept, scrubs against the federal and applicable state Do-Not-Call lists, enforces time-of-day routing, and processes revocations within a documented window. The headline rule under 47 U.S.C. § 227 and 47 CFR § 64.1200 is that prior express written consent is required before any autodialed or pre-recorded call or text to a wireless number, and that consent has to be signed (electronic signature counts), specific to the seller, and unbundled from any other agreement (a single checkbox that bundles telemarketing consent with terms-of-service acceptance does not satisfy the statute and is the most-litigated structural defect). The components on the operational side are the consent-capture surface (typically a checkbox plus disclosure language adjacent to the phone-number field, with the disclosure naming the seller and the kinds of communication being authorized), the consent-record retention that proves what was disclosed and what was agreed (the four-year statute of limitations is the practical floor; many operators retain longer), the internal Do-Not-Call list synced with the federal DNC scrub and any applicable state DNC lists at a documented per-campaign cadence, the time-of-day enforcement at 8am to 9pm in the recipient's local time zone, the caller-identification disclosure on the call itself, and the opt-out mechanism that revokes consent on a reasonable channel and propagates the revocation across every adjacent campaign within the SLA the program publishes. The state overlays have raised the practical bar above the federal floor in non-trivial ways. Florida's mini-TCPA, Oklahoma's Telephone Solicitation Act, and Washington's CPA each carry per-call statutory damages, longer limitations periods, or stricter consent specificity than the federal regime, and a campaign that satisfies the federal floor can still attract state-court class actions. The 2024 FCC declaratory ruling extended TCPA's autodialer rules to AI-generated voice, and app push-notification edge cases have become the active litigation frontier. Class-action exposure is the operationally interesting piece: per-call statutory damages compound quickly when the consent record fails, and a defective consent template applied across a campaign of a hundred thousand calls produces an exposure on the order of the company's enterprise value before any single complaint reaches motion practice. Evidence formats that hold up include the consent-capture proof (signed E-SIGN form or opt-in checkbox audit trail), the internal DNC list and processing log, the federal DNC scrub timestamp per campaign, the time-of-day routing rule documentation, and the revocation processing log with SLA evidence.

Applicability

Applies when: markets include US.

How predicates are evaluated

Required by (1 regulation)

TCPA
47 U.S.C. § 227 + 47 CFR 64.1200: prior express written consent for autodialed / pre-recorded calls + AI-voice consent (FCC 2024 ruling) + internal DNC + time-of-day + identification + revocation.
47 U.S.C. §227; 47 CFR §64.1200
Source →

Fulfilled by (6)

twilio · partial · medium effort · $$
Twilio Programmable Voice + Messaging exposes time-of-day routing + opt-out keyword handling; consumer of consent records, not source of truth.
gryphon-networks · full · medium effort · $$$
Gryphon Compliance Suite combines federal DNC scrub + state DNC + internal DNC + time-zone routing + AI-voice consent flagging.
convoso · partial · medium effort · $$
Convoso outbound dialer with built-in DNC + TCPA-aware time-of-day controls.
blacklist-alliance · partial · low effort · $
Blacklist Alliance provides litigator-DB scrub + DNC + reassigned-numbers database for risk reduction.
onetrust · partial · medium effort · $$$
OneTrust UCM ingests consent capture across web / IVR / SMS and feeds downstream systems.
In-house build · high effort
Building a TCPA program from scratch requires consent capture + DNC scrub + reassigned-number database + retention infrastructure + training.

Magist does not accept payment from vendors. Methodology.

Evidence formats

consent capture proof (signed E-SIGN form, opt-in checkbox audit trail)
internal DNC list + processing log
federal DNC scrub timestamp per campaign
time-of-day routing rule documentation
revocation processing log + SLA evidence

Magist provides legal information based on publicly available regulatory sources. It does not constitute legal advice and does not create an attorney-client relationship. Consult a licensed attorney in your jurisdiction before making compliance decisions.

Description

Fulfilled by (6)

twilio · partial · medium effort · $$

Twilio Programmable Voice + Messaging exposes time-of-day routing + opt-out keyword handling; consumer of consent records, not source of truth.

gryphon-networks · full · medium effort · $$$

Gryphon Compliance Suite combines federal DNC scrub + state DNC + internal DNC + time-zone routing + AI-voice consent flagging.

convoso · partial · medium effort · $$

Convoso outbound dialer with built-in DNC + TCPA-aware time-of-day controls.

blacklist-alliance · partial · low effort · $

Blacklist Alliance provides litigator-DB scrub + DNC + reassigned-numbers database for risk reduction.

onetrust · partial · medium effort · $$$

OneTrust UCM ingests consent capture across web / IVR / SMS and feeds downstream systems.

In-house build · high effort

Building a TCPA program from scratch requires consent capture + DNC scrub + reassigned-number database + retention infrastructure + training.

Magist does not accept payment from vendors. Methodology.