TCPA Litigation

How TCPA Lawsuits Get Built (and Where the Risk Really Lives)

Bill Rice

30+ years in mortgage & lead gen

June 26, 2026

Why TCPA Cases Are a Cottage Industry

If you generate, buy, or sell leads that end up in a phone call or a text message, the Telephone Consumer Protection Act (TCPA) is the law most likely to turn a routine marketing slip-up into a lawsuit. I'm an operator, not a lawyer, and what follows is how these cases tend to get built from the outside looking in — so you can spot the exposure before a demand letter shows you the hard way.

The engine that makes TCPA litigation attractive is written right into the statute: a private right of action. A consumer doesn't need a regulator to act. They can sue on their own under 47 U.S.C. § 227(b)(3), and the damages are fixed by statute rather than tied to any actual harm.

Statutory damages, not actual damages

Under 47 U.S.C. § 227(b)(3), a plaintiff can recover their actual monetary loss OR **$500 for each violation, whichever is greater**. If the court finds the violation was **willful or knowing**, it has discretion to increase the award up to **three times** that amount — as much as **$1,500 per call or text**.

Think about what that means at volume. A consumer doesn't have to prove they lost a dime. Each individual call or text carries its own price tag. A campaign that dials or texts the same person a dozen times has stacked a dozen violations before anyone argues about consent.

How a Case Comes Together

Most TCPA suits I've seen follow a recognizable arc. A plaintiff (sometimes a serial one, sometimes a genuinely annoyed consumer) documents the calls or texts — screenshots, call logs, carrier records. Their counsel then works backward through the chain: who placed the call, what platform sent it, who supplied the number, and whether there's any record of consent.

That backward trace is exactly why lead-gen sits in the blast radius. The brand that made the call will point to the lead seller. The lead seller points to the publisher. Everyone in the chain becomes a potential defendant, and the party with the weakest paperwork tends to absorb the most risk.

Per-violation math scales fast

Because damages attach to each individual contact, the exposure in a class action isn't theoretical. A class of thousands of recipients, each with multiple contacts at $500 to $1,500 apiece, is how a marketing program becomes a balance-sheet event. This is the lever that drives settlements.

The Three Theories You'll See Most

TCPA complaints in the lead-gen world usually rest on one of three theories:

  • No consent. The plaintiff says they never agreed to be contacted at all. If you can't produce a record showing they did, you're defending a negative.
  • Revoked consent. They consented once, then asked you to stop — by reply, by phone, by any reasonable means — and contact continued anyway. Honoring opt-outs promptly and across every system matters here.
  • Do-not-call (DNC) violations. Separate from the autodialer rules, the statute provides its own private right of action under 47 U.S.C. § 227(c)(5) for people on the National Do-Not-Call Registry, with a parallel $500 / up to $1,500 damages structure and an affirmative defense for companies that maintain reasonable do-not-call practices and procedures.

Notice that two of the three theories are won or lost on documentation, not intent. Good faith doesn't help much if you can't show the paper.

The Operator’s Compliance Brief

What changed in lead-gen compliance, and what to do about it. Free, no spam.

The One-to-One Consent Rule: What Actually Happened

This is the current-events piece every operator should get right, because there's a lot of confusion about it.

In December 2023, the FCC issued an order interpreting "prior express consent" to require one-to-one consent — consent given to a single identified seller at a time, for calls logically and topically related to the interaction that prompted it. The aim was to close the so-called "lead generator loophole," where one checkbox could authorize contact from dozens or hundreds of partners. The rule was scheduled to take effect January 27, 2025.

It never took effect. In Insurance Marketing Coalition Ltd. v. FCC, No. 24-10277, the U.S. Court of Appeals for the Eleventh Circuit issued its decision on January 24, 2025 — days before the effective date — and vacated the one-to-one consent restriction. The court held that the FCC had exceeded its authority: "prior express consent" carries its ordinary common-law meaning, and the agency couldn't bolt on the one-to-one and "logically and topically related" requirements.

What the vacatur did and didn't do

The heightened **one-to-one consent requirement did not take effect federally**. The TCPA's underlying consent requirement, the autodialer and prerecorded-call rules, the DNC provisions, and the per-violation damages all remain fully in force. The vacatur removed a *new, stricter* federal standard — it did not deregulate lead-gen calling.

Where the Risk Concentrates for Operators

So if the strictest rule is off the table, why stay disciplined? Because the lawsuit machinery I described above runs on the rules that are still standing — and on your records.

  • Documentation is the whole game. When a plaintiff says "I never consented," your defense is the consent record: the form, the timestamp, the IP, the exact language shown, the page URL. If you can't reproduce it, you can't rebut it.
  • State law didn't get vacated. A number of states run their own "mini-TCPA" statutes, some with their own consent and one-to-one-style requirements. A federal vacatur says nothing about Florida, Oklahoma, or any other state regime.
  • The chain is only as strong as its weakest record. Buyers should demand and retain proof of consent from sellers; sellers should generate consent records they'd be comfortable handing to a court.

Keep the consent record you'd want in discovery

Capture and store, for every lead: the exact consent language displayed, a screenshot or rendered copy of the form, timestamp, IP address, and the source URL — retained well beyond your sales cycle. The operators who sleep well aren't the ones who never get a demand letter; they're the ones who can answer it in an afternoon.

Not Legal Advice

This is an operator's field guide, not legal advice. TCPA exposure turns on specific facts, evolving federal and state law, and how a given court reads them. Nothing here creates an attorney-client relationship. Consult qualified TCPA counsel before making compliance decisions for your business.

Sources

  1. 47 U.S. Code § 227 - Restrictions on use of telephone equipmentLegal Information Institute, Cornell Law School (accessed 2026-06-30)
  2. Insurance Marketing Coalition Limited v. FCC, No. 24-10277 (11th Cir. Jan. 24, 2025) — published opinionU.S. Court of Appeals for the Eleventh Circuit (accessed 2026-06-30)
  3. Eleventh Circuit vacates FCC one-to-one consent ruleReed Smith LLP (accessed 2026-06-30)
Bill Rice

30+ years in lead gen · BRSG Founder

Bill Rice has spent 30+ years in mortgage, lending, and performance marketing — generating leads, buying them, and building the systems that route and work them. He founded a performance-marketing agency, owned a direct-to-consumer lender, and wrote The Lead Buyer's Playbook. He built Lead Compliance Hub to help operators navigate the legal landmines of online lead generation from an operator's seat, not a law firm's. Nothing he writes here is legal advice.

View all articles →LinkedIn

The Operator’s Compliance Brief

What changed in lead-gen compliance, and what to do about it. Free, no spam.