B2B vs B2C cold calling: how TCPA rules actually differ

B2B cold calls get real but limited TCPA relief. Learn exactly where the exemptions end, when B2B calls need consent, and the $500, $1,500 per-call risk.

LeadCompliant Team
23 min read
In This Article

Last updated 2026-07-10

Sales professional making a cold call at a desk with telephone and notebook
Sales professional making a cold call at a desk with telephone and notebook

TL;DR

The TCPA does not fully exempt B2B cold calls. It exempts business landlines from the residential do-not-call rules, but autodialed or prerecorded calls to any number, including a business cell phone, still need prior express consent. B2C cold calls face the full framework. Knowing which rule applies to which call type is the difference between a small compliance project and a seven-figure class action.

What does the TCPA actually say about B2B calls?

There is no "B2B exemption" in the TCPA. What exists is narrower: the FCC's rules exempt calls to business subscribers from the residential do-not-call list. That carve-out is real. A lot of sales teams read it as a blanket pass. It is not.

The Telephone Consumer Protection Act (47 U.S.C. § 227) was written mainly to protect residential subscribers and individual consumers from unwanted telemarketing. Section 227(b)(1)(A) prohibits using an automatic telephone dialing system (ATDS) or an artificial or prerecorded voice to call any number without prior express consent, with narrow exceptions for emergencies and certain non-advertising commercial calls. [1] The FCC has held for years that this prohibition covers business numbers when an ATDS or prerecorded message is used. The business/consumer distinction does not switch off the autodialer rules. It only changes the do-not-call registry obligation.

So the line runs like this. Your SDR manually dials a company's main office line and a human answers? The residential DNC rules are mostly off the table. Your dialer auto-dials a field rep's cell phone? You are in full TCPA territory, and it does not matter that the rep works for a Fortune 500 company. That single distinction decides how you build your outbound stack.

What is the B2B exemption from the National Do Not Call Registry?

The B2B exemption means one thing: you skip the federal registry scrub for confirmed business landlines. It does not mean you skip everything else. The National Do Not Call Registry is maintained by the FTC under the Telemarketing Sales Rule and given effect under FCC rules implementing the TCPA. Consumers register their personal phone numbers. Businesses cannot register office lines. [2]

The FCC's rules at 47 C.F.R. § 64.1200(e) limit the residential do-not-call protections to "residential telephone subscribers." A call to a company's listed office number, a front-desk line, or a direct business line that sits on no personal DNC list falls outside the registry framework. Your team can call those numbers without scrubbing against the National DNC Registry, and there is no business version of the consumer registry to check.

That freedom has edges. You still cannot use a prerecorded message without consent. You still have to honor a business contact's opt-out, because 47 C.F.R. § 64.1200(d) requires every telemarketer to keep an internal DNC list and respect a stop request from anyone, business or consumer. And several states go further than the federal floor. [3]

How do B2C cold calling rules differ from B2B?

For B2C calls, the TCPA runs at full strength on every axis. Here is the side-by-side:

RuleB2B (business landline)B2B (employee cell)B2C (consumer cell or home)
National DNC scrub requiredNoNo (not on registry)Yes
ATDS/autodialer consent requiredYesYesYes
Prerecorded voice consent requiredYesYesYes
Prior express written consent for telemarketingNo (not a residential sub)Yes if cell/ATDSYes
Internal DNC list & opt-out requiredYesYesYes
State DNC rules may applyVariesVariesUsually yes

The two differences that matter most are the DNC scrub and the written consent standard. For a B2C telemarketing call to a cell phone using an autodialer, the TCPA requires "prior express written consent," meaning a signed agreement, paper or electronic, that authorizes the specific seller to call that specific number. [4] That standard does not touch a human agent manually dialing a business landline.

For B2C calls to residential landlines, you scrub against the National DNC Registry at least every 31 days before calling. [2] You also respect state-level DNC lists, which in Florida, Texas, and Indiana go past the federal requirements. [3]

The risk is lopsided. A B2C TCPA violation carries statutory damages of $500 per call, trebled to $1,500 per call for willful violations, with no cap in a class action. [1] An unchecked autodial campaign against consumer cell phones can reach eight figures fast. The Credit One TCPA settlement and Cash App TCPA class action settlement show how expensive that gets.

TCPA statutory damages per call by violation type Minimum and maximum per-call exposure under 47 U.S.C. § 227 Base violation (unintentional) $500 Willful or knowing violation $1,500 Florida TSA base violation (state… $500 Source: 47 U.S.C. § 227(b)(3) and § 227(c)(5), via GovInfo.gov

Does the TCPA apply to calls made to cell phones used for business?

Yes. This is the most common misread in B2B sales. If a prospect uses a personal cell for work, or your data vendor hands you a mobile number for a business contact, that number is still a cellular number under the TCPA. The statute protects the number, not the job title.

The FCC treats the ATDS prohibition in 47 U.S.C. § 227(b)(1)(A)(iii) as covering cellular subscribers whether the number is used for business or personal purposes. [5] There is no "business use" exception built into cell phone protection.

That matters because most decision-makers hand out mobile numbers, not desk lines. Run a predictive dialer, a power dialer, or any system that places calls from a list without a human starting each one, and you have to think hard about whether it counts as an ATDS. After the 2021 Supreme Court decision in Facebook v. Duguid, the ATDS definition narrowed: the system must use a random or sequential number generator to store or produce numbers. [6] Do not assume your dialer is clear. FCC rulemaking is ongoing, and some state autodialer definitions are broader.

The safest B2B move for cell phones is one of two things. Get consent in writing before calling. Or confirm your dialing system meets the post-Duguid standard for not being an ATDS, documented and reviewed by counsel.

For a human agent manually dialing a business landline, the consent bar is low. You do not need written consent to have a live conversation or leave a voicemail with a human who answers. The real consent questions live in three B2B scenarios.

First, prerecorded messages to any number. Drop a prerecorded voicemail, including through "ringless voicemail" tools, and you need prior express consent. The FCC has stayed consistent on this. [5] Several suits have targeted ringless voicemail, with courts split on whether delivery to voicemail is a "call" while the FCC treats it as one.

Second, ATDS calls to cell phones. That needs prior express consent at minimum, and prior express written consent for telemarketing. [4]

Third, calls to numbers on your own internal DNC list. Once a business contact asks you to stop, you honor it within 30 days and keep honoring it for at least five years. [3] Cell or desk line, it makes no difference.

For cold calling in B2B, the working answer is simple. Document where every number came from. Confirm it is a landline if you are relying on the business-subscriber exemption. Keep a written process for opt-outs. That is the minimum defensible posture.

Are there state laws that affect B2B cold calls beyond the federal TCPA?

Yes, and this is where the "B2B is basically exempt" assumption falls apart. Several states have telemarketing statutes that ignore the federal consumer/business split.

Florida's Telephone Solicitation Act, amended in 2021 by HB 7017, requires written consent before an autodialed or prerecorded call or text to a Florida area code number, with no clear exception for business numbers. Florida defines the covered call more broadly than the post-Duguid federal standard. [7] Violations run $500 per call, and the law has a private right of action, which creates Florida-specific class action exposure.

Texas runs a separate No-Call list under its Business and Commerce Code, with its own registration and scrubbing requirements. [8] Indiana, Oklahoma, and other states keep separate state DNC lists that require their own registration and scrubbing.

California's CCPA and CPRA add another layer for companies handling California resident data in the sales process. Those are data privacy statutes, not call-restriction statutes, but they shape how you store and process contact records, which feeds into your outbound compliance.

Federal law is a floor, not a ceiling. Before any outbound program, B2B included, check the state law for every area code you dial into, more than the state where you are headquartered.

What are the penalties for TCPA violations on B2B calls?

The penalty math is the same whether the call went to a consumer or a business: $500 per violation under 47 U.S.C. § 227(c)(5) and § 227(b)(3), up to $1,500 per willful violation. [1] The per-call structure is what makes TCPA cases expensive. A campaign of 100,000 prerecorded calls without consent generates $50 million in base statutory exposure.

B2B TCPA class actions show up less often than B2C ones. The class is usually smaller, and a business recipient has a harder time claiming the distress a consumer can. But they happen. Solo plaintiff suits from recipients who know their rights are common in B2B, especially around ringless voicemail and cell phone autodials to business contacts.

The FCC can also impose its own forfeitures. The Commission has issued multi-million-dollar forfeiture orders for prerecorded call violations and treats those violations as serious whether the target was a consumer or a business. [9]

Uncertainty is itself a risk factor. If you are running B2B outbound and you cannot say whether your dialing technology is an ATDS, or whether your voicemail drops need consent, that gap can hurt you. Courts have found that a company "on notice" of TCPA issues that kept calling can face the trebled $1,500 figure instead of the $500 base.

Does the established business relationship exemption help with B2B calls?

Barely, and not where you would want it to. The established business relationship (EBR) is an FCC concept that historically let companies call existing customers for a set window after a transaction without treating it as a cold call under all the DNC restrictions. Under 47 C.F.R. § 64.1200(f)(5), an EBR exists when a consumer made a purchase within the prior 18 months or an inquiry within the prior 3 months. [3]

For calls to business landlines, the EBR barely matters, because the residential DNC rules do not apply anyway. It gets tempting in a B2B context when you are calling a business contact's personal cell phone and want to argue a prior relationship gives you a basis to call. Courts and the FCC have been skeptical of stretching the EBR to stand in for actual prior express consent on cell phones.

Treat the EBR as a weak defense and build actual consent into your sales process instead. Get a prospect to fill out a web form, reply to an email, or agree in writing to calls. That holds up far better than reconstructing a relationship argument after a demand letter lands.

LeadCompliant's free compliance kit includes a consent-language template and a call-scrubbing checklist built for B2B teams that dial both business lines and mobile numbers in the same sequence, which is exactly where mixed compliance postures leave gaps.

How should B2B sales teams handle the do-not-call list for business contacts?

The National DNC Registry, run by the FTC at donotcall.gov, is for residential numbers. Business numbers are not on it, and companies cannot register their lines there. [2] For confirmed business landlines, you do not need to scrub against the federal registry.

You still have to keep your own internal DNC list. Any business contact who says stop has to be logged and honored. The 47 C.F.R. § 64.1200(d) rules apply to persons making telemarketing calls, more than calls to consumers. [3] Your internal process has to capture every opt-out however it arrives (call, email, voicemail), add the number within 30 days, retain it for at least five years, and push it to anyone in your company who might call that number.

For B2B teams also dialing mobile numbers, which is most of them, scrub the wireless numbers on your list using a cell phone identification tool. You do not want to apply "it's a business number" logic to what is actually a personal cell. Tools that flag wireless versus landline at point of contact are worth the money. Learn more about the do-not-call list and how to get the do-not-call list for the mechanics of the registry itself.

State DNC lists sit apart from the federal registry. Texas, Indiana, and others keep separate lists with their own access, fees, and scrubbing cadence. [8] If your list includes contacts in those states, you may need those registrations even for business lines, depending on state law.

What is the safest calling practice for a B2B outbound team right now?

Given where the law sits today, here is the framework I would build.

For business landlines you have confirmed as non-mobile: manual dialing by human agents is the lowest-risk posture. No prerecorded messages without consent. No auto-dropping voicemails. Keep your internal DNC list. No federal DNC scrub required, but check state laws for the states you dial.

For mobile numbers attached to business contacts: treat them like consumer cell phones. Either get prior express written consent before autodialing or dropping prerecorded messages, or have agents dial individually and manually, with no system selecting or initiating the call. Keep records of how you got each number and when consent came in.

For any automated or AI-assisted calling technology: get written confirmation from your vendor that the system does not qualify as an ATDS under the post-Duguid standard, then have your counsel review that claim. The FCC is working on new rulemaking that may revisit what counts as an autodialer, and vendor marketing language is not a compliance strategy.

For text and SMS in a B2B context: the TCPA treats texts the same as calls. A text to a business cell is not exempt. Read up on SMS and TCPA rules and text message marketing compliance before building any automated SMS sequence.

Keep records. If you get audited or hit with a demand letter, your ability to show what numbers you called, what technology you used, what consent you had, and how your internal DNC process worked is the difference between a quick dismissal and a long fight. LeadCompliant's cold call resources include templates for that documentation stack.

Can a business contact sue you personally under the TCPA?

Yes. Any person who receives a call in violation of 47 U.S.C. § 227 can bring a private action in state court. [1] The statute does not limit standing to residential consumers. A business owner, a sales rep, or an executive who gets an autodialed prerecorded call to their cell phone can sue, alone or as a named plaintiff in a class.

Professional TCPA plaintiffs are real. They register large numbers of cell phones, receive autodialed calls, and file suit or send demand letters on a system. Some work the B2B space by putting business-sounding names on contact databases. There is no reliable way to screen them out before you call, which is one more reason to run a consent-based workflow rather than lean on the B2B exemption.

Individual suits usually settle in the $500 to $5,000 range per violation, often quietly. Class actions are where the numbers turn ugly. A small class of 10,000 cell phone recipients who each got one prerecorded call produces $5 million in base statutory exposure. Plaintiffs' attorneys take these on contingency because the math works.

The mobile phone do-not-call list article covers cell-specific DNC protections in more detail if you want the consumer-side framework your B2B contacts can invoke.

Frequently asked questions

Yes, with conditions. The TCPA exempts business landlines from the National Do Not Call Registry rules, so a human agent manually dialing a confirmed business line faces minimal TCPA restrictions. But autodialed calls, prerecorded messages, and calls to cell phones, even business cell phones, still need prior express consent under 47 U.S.C. § 227(b). 'Legal' depends heavily on your technology and the type of number you call.

Do I need to scrub a B2B call list against the National DNC Registry?

Not for confirmed business landlines. The federal DNC Registry covers residential subscribers, and businesses cannot register their office lines there. But if your B2B list includes mobile numbers, or you have any doubt whether a number is residential or commercial, scrub it. You must also keep your own internal DNC list and honor any business contact who asks not to be called, regardless of registry status.

Does the TCPA apply to calls I make to a business owner's cell phone?

Yes. The TCPA protects cellular numbers regardless of whether the owner uses that number for business. If you use an autodialer or prerecorded message to call a business owner's cell phone, you need prior express consent at minimum, and prior express written consent for telemarketing. The Supreme Court's 2021 ruling in Facebook v. Duguid narrowed the ATDS definition but did not eliminate cell phone protections.

What is the penalty for calling a business number without consent?

The TCPA sets statutory damages at $500 per violation, trebled to $1,500 per willful violation. There is no cap in a class action. For an autodialed campaign to business cell phones without consent, per-call damages stack quickly. A campaign of 50,000 calls could generate $25 million in base statutory exposure. The structure is the same whether the recipient is a consumer or a business contact.

Can I leave a prerecorded voicemail for a B2B prospect without consent?

No. Prerecorded messages, including ringless voicemail drops, require prior express consent under the TCPA regardless of whether the recipient is a business or a consumer. The FCC has treated prerecorded voice delivery as covered by 47 U.S.C. § 227(b)(1)(A). Several lawsuits targeting B2B ringless voicemail campaigns have been filed, and the FCC has issued guidance treating voicemail delivery as a 'call.'

Does the TCPA apply to SMS texts sent to business contacts?

Yes. Text messages are treated as 'calls' under the TCPA. An automated or prerecorded text to a business contact's cell phone requires prior express consent, the same as an autodialed voice call. There is no B2B exemption for text messaging. If you are building any automated SMS sequence for B2B outreach, you need a consent collection process before the first text goes out.

It requires a signed agreement, paper or electronic, from the specific person you are calling, authorizing the specific company to call that specific number using an autodialer or prerecorded voice. The agreement must clearly state that consent is not a condition of purchase. A web form opt-in, an email checkbox, or a signed agreement can qualify. A business card or LinkedIn connection does not.

How does Florida's telemarketing law affect B2B cold calling?

Florida's Telephone Solicitation Act, amended in 2021, requires written consent before any autodialed or prerecorded call or text to a Florida area code number. It does not clearly exempt business numbers the way federal rules do. Violations carry $500 per call with a private right of action. Florida has become one of the highest-risk states for TCPA-adjacent class actions, and B2B teams dialing Florida numbers should treat it as consumer-grade exposure.

Does a prior business relationship substitute for TCPA consent for B2B calls?

For calls to business landlines that are already outside the DNC rules, the established business relationship question rarely matters. For cell phones and prerecorded messages, the EBR does not substitute for prior express consent. The FCC's EBR exemption under 47 C.F.R. § 64.1200(f)(5) applies to residential DNC obligations, not to the autodialer and prerecorded-voice consent requirements.

Can a B2B prospect sue me personally under the TCPA?

Yes. Any person who receives a call in violation of 47 U.S.C. § 227 can bring a private right of action in state court. The statute does not limit standing to residential consumers. A business owner or employee who receives an unconsented autodialed or prerecorded call to their cell phone can sue individually or as part of a class. Professional TCPA plaintiffs actively use B2B contact databases to generate cases.

What internal DNC requirements apply to B2B outbound teams?

47 C.F.R. § 64.1200(d) requires every company making telemarketing calls to maintain an internal DNC list and honor opt-out requests within 30 days. This applies to B2B calls. You must retain each opt-out for at least five years and distribute the list across anyone in your organization who might call that contact. There is no exception for business-to-business calls.

How often do I need to scrub my B2B call list against state DNC registries?

Federal rules require scrubbing against the National DNC Registry no less than every 31 days before calling. For state DNC lists, the cadence varies by state, and most require monthly scrubbing similar to the federal standard. States like Texas and Indiana keep separate registries with their own access requirements. For B2B lists, the more pressing issue is identifying which numbers are actually residential or mobile and applying the correct scrub to each.

Does the post-Duguid ATDS definition make B2B autodialers safer to use?

Somewhat, but not as much as vendors claim. The Supreme Court's Facebook v. Duguid decision in 2021 narrowed the ATDS definition to systems that use a random or sequential number generator. Systems that dial from a fixed stored list are less likely to qualify. But FCC rulemaking is ongoing, some states use broader definitions, and the prerecorded-voice prohibition exists independently of the ATDS question. Have counsel review your specific dialing system.

What records should a B2B sales team keep to defend against a TCPA claim?

At minimum: the source and date of acquisition for every number you called, confirmation of whether each number is a landline or cellular, any consent records including web form submissions or signed agreements, your internal DNC list with timestamps, call logs showing who called what number and when, and documentation of your dialing system's technical operation. Courts look at whether you had a process and followed it, more than whether a single violation occurred.

Sources

  1. U.S. Government, 47 U.S.C. § 227 (Telephone Consumer Protection Act), full statute: Statutory damages of $500 per violation, up to $1,500 for willful violations; prohibition on ATDS and prerecorded calls without prior express consent
  2. FTC, National Do Not Call Registry (donotcall.gov): The National DNC Registry covers residential subscribers; businesses cannot register office lines
  3. FCC, 47 C.F.R. § 64.1200 regulations implementing TCPA: Internal DNC list requirements, honor within 30 days, retain 5 years; residential subscriber limitation on DNC rules; EBR exemption; state DNC list obligations
  4. FCC, 2012 TCPA Report and Order (CG Docket 02-278), prior express written consent requirement for autodialed telemarketing calls: Prior express written consent required for autodialed or prerecorded telemarketing calls to wireless numbers
  5. U.S. Supreme Court, Facebook, Inc. v. Duguid, 592 U.S. 395 (2021): ATDS definition requires use of a random or sequential number generator; systems dialing from a stored list are less likely to qualify
  6. Florida Legislature, Telephone Solicitation Act, Fla. Stat. § 501.059 (as amended 2021 by HB 7017): Florida requires written consent before autodialed or prerecorded calls/texts to Florida area code numbers; $500 per call private right of action
  7. Texas Legislature, Texas Business and Commerce Code, Chapter 304 (Texas No-Call list): Texas maintains a separate state DNC list with its own registration and scrubbing requirements
  8. FTC, Telemarketing Sales Rule, 16 C.F.R. Part 310: Telemarketing Sales Rule governs DNC registry and applies to calls to consumers; separate from but complementary to TCPA
  9. Federal Register, TCPA consent and revocation rulemaking (FCC CG Docket 02-278): FCC active rulemaking on consent requirements and autodialer definition

Disclaimer: LeadCompliant is a compliance review tool, not a law firm. We do not provide legal advice. Consult with a TCPA attorney for legal guidance on specific compliance questions. Compliance scores, audits, and risk assessments are informational only.

LeadCompliant Team

LeadCompliant provides expert guidance and tools to help you succeed. Our content is reviewed for accuracy and kept up to date.

Related Articles

Related Glossary Terms

LeadCompliant
Build My Kit