Last updated 2026-07-10

TL;DR
Before cold calling, scrub your list against the National Do Not Call Registry, run every number through a line-type lookup (Twilio Lookup or a carrier-grade provider), and check state DNC lists. Any number that comes back as a cell needs prior express consent under 47 U.S.C. § 227 before you use an autodialer or prerecorded voice. Skip it and you're exposed to $500 to $1,500 per call.
Why does it matter whether a number is a cell phone?
The TCPA treats cell phones differently than landlines. Full stop.
Under 47 U.S.C. § 227(b)(1)(A), you can't use an automatic telephone dialing system or a prerecorded voice to call any cell phone number without the called party's prior express consent [1]. That rule holds whether the number is on the Do Not Call Registry or not. A number that has never opted out of anything can still trigger a violation if it's a cell and you dialed it with an autodialer and no consent.
The damages are $500 per call for an unintentional violation and up to $1,500 per call if a court finds the violation was willful or knowing [1]. Call a list of 10,000 numbers, discover 3,000 were cells without consent, and your exposure starts at $1.5 million before any class action does its multiplying.
Landlines sit in a different bucket. You can call a residential landline with a prerecorded message as long as the number isn't on the National DNC Registry and you follow the calling-hours rules. The risk is genuinely lower. That's why sorting cells from landlines is the first move a competent scrubbing process makes.
This is where small teams get burned. They buy a B2B lead list, assume every number is an office line, and find out too late that half the contacts handed over their personal cell. Or they inherit a consumer list and figure a DNC scrub covers them. It doesn't. DNC scrubbing and cell-phone identification are two separate checks. You need both.
What exactly is "scrubbing" a phone list?
Scrubbing means running your dialing list through one or more databases to remove or flag numbers you shouldn't call. A responsible outbound team runs at least three separate scrubs before touching a fresh list.
First is the National Do Not Call Registry scrub. The FTC maintains the registry under 16 C.F.R. Part 310 (the Telemarketing Sales Rule) and the FCC backs it under 47 C.F.R. Part 64 [2]. Telemarketers are required to access and use the registry, and you have to re-scrub at least every 31 days on an ongoing campaign [2]. Numbers on the registry are off-limits for telemarketing, cell or landline.
Second is the wireless identification scrub. This is a database check that classifies each number as mobile or landline. It doesn't tell you whether to call. It tells you which rules apply.
Third is internal DNC scrubbing. Any number where a person has asked you not to call must be honored within 30 days and stay on your company's own do-not-call list for at least five years [2]. This is separate from the national registry, and it's the one small teams forget.
Some teams stack on state DNC scrubs (several states run their own lists), litigator scrubs (databases of known serial TCPA plaintiffs), and reassigned number checks. Each layer costs something. I'll walk the tradeoffs below.
How do you identify which numbers on your list are cell phones?
Line-type lookup services query carrier databases to tell you whether a number is mobile, landline, VoIP, or toll-free. The underlying data traces back to the number portability system that tracks every number ported in the United States [3].
The main commercial options:
| Service | Pricing model | Notes |
|---|---|---|
| Twilio Lookup | ~$0.005 per lookup | Returns line type, carrier, ported status |
| Neustar (now TransUnion) | Volume contracts | High accuracy, widely used in enterprise |
| Melissa Data | Per-record or batch | Good for B2B list hygiene |
| Ekata (Mastercard) | Per-query | Identity signals alongside line type |
| TCPA Litigator List | Subscription | Combines cell ID with known plaintiff data |
A small team pulling lists occasionally should start with Twilio Lookup at half a cent per number. For a team dialing 50,000+ numbers a month, a volume contract with a carrier-grade data provider costs less per record and often reads recently ported numbers more accurately.
Here's the part nobody says out loud: no lookup service is 100% accurate. Numbers port between carriers all the time, and there's always a lag between a port event and the database catching up. A number that was a landline last month can be a cell today. That's why you re-scrub before each campaign, not once when you first buy the list.
VoIP numbers are their own headache. The FCC has taken the position that some VoIP numbers can act like cell phones for TCPA purposes, and courts have gone back and forth. If a lookup returns "VoIP," treat it as a cell for consent purposes until you have clearer guidance for your specific case. That's the conservative call, and it's the one I'd make.
What is the step-by-step process for scrubbing a list before cold calling?
Here's the actual workflow a small outbound team should run. Not theory. What it looks like when you're doing it.
Step 1: Download and normalize your list. Export leads into a spreadsheet or CSV. Strip every phone number down to 10 digits (no dashes, parentheses, or country codes). Deduplicate first, because duplicates inflate your scrubbing costs and muddy your counts.
Step 2: Scrub against the National DNC Registry. Access the registry through the FTC's telemarketer portal at telemarketing.donotcall.gov [11]. You need a subscription (free for small-volume callers, tiered fees above that). Download the data for your area codes and pull any matching numbers off your list. Write down the date you ran it. You'll want that if you're ever audited.
Step 3: Run a wireless identification lookup. Send the remaining list through a line-type lookup API or batch service. Flag every number that comes back mobile or VoIP.
Step 4: Separate, don't just delete. Move cell numbers into their own segment. Those numbers may still be callable if you have documented prior express consent, so don't trash them blind.
Step 5: Cross-reference your consent records. For any cell you want to call, confirm you have prior express written consent (for marketing calls using an autodialer) or prior express consent (for informational calls) on file [1]. Not certain? Don't call.
Step 6: Check state DNC lists if they apply. Florida, Indiana, Texas, and Wyoming, among others, run state-level registries that go beyond the federal rules [4]. Targeting those states means scrubbing against their lists too.
Step 7: Run a reassigned number check. Optional, but I'd do it. The FCC's Reassigned Numbers Database lets you check whether a number went to a new subscriber since you last had consent from the old one [5]. A safe harbor from liability applies if you check and it shows no reassignment [5].
Step 8: Document everything. Log which services you used, the dates, and the record counts before and after each scrub. This is your primary defense when a complaint or lawsuit lands.
For an ongoing outbound program, steps 2 through 8 repeat at least every 31 days. That's the FTC's ceiling on how stale your DNC data can be [2].
What is the FCC's Reassigned Numbers Database and do you actually need it?
The FCC launched the Reassigned Numbers Database in 2021, following a 2018 order [5]. The logic is simple. When a phone number gets reassigned to a new subscriber, the consent you had from the old subscriber is worthless. Call the new person without their consent and you've committed a TCPA violation, even though your consent record looked valid.
The database hands you a safe harbor. Query it before calling, get back "no reassignment" since the date you last had consent, and you're protected from strict liability for that call even if the number turns out to have been reassigned [5]. If it shows the number moved, you stop calling it.
Do you need it? My honest answer: if you're calling any list older than 30 to 60 days, yes. Consumer cell numbers churn at a real rate. The FCC has estimated that tens of millions of numbers are reassigned each year [5], which means a list you scrubbed six months ago carries real contamination.
The database charges a monthly subscription for bulk callers and a per-query fee for smaller users. Current rates live on the FCC site [5]. For most small teams the cost is nothing next to a single settlement. The cash app tcpa class action settlement and cases like it show how fast litigation dwarfs the price of a compliance tool.
One catch: the database only holds reassignment data from its launch forward. Numbers reassigned before it went live won't show up. That's a real gap, and it's why pairing the database with fresh consent verification matters.
How often do you need to re-scrub your list?
For DNC purposes, the FTC's Telemarketing Sales Rule requires you to access registry data no more than 31 days before placing a call [2]. Download the registry on June 1 and you can dial against it through July 1. After that you need a fresh pull or you're out of compliance.
For cell phone identification there's no hard regulatory deadline, but the practical standard is to re-scrub any list you haven't touched in 30 days. Ports happen constantly. A landline that flipped to mobile months ago looks identical in your spreadsheet.
For the Reassigned Numbers Database, the safe harbor requires you to check at a "reasonable" interval before calling. The FCC hasn't pinned an exact number of days, so most practitioners treat monthly as the safe read.
Internal DNC opt-outs get honored within 30 days of the request, and the number stays on your list for five years [2].
The simplest policy for a small team: set a calendar reminder to re-scrub every 30 days on any active campaign. Treat it like a subscription renewal. Miss the window and you're more than taking legal risk, you're also paying to call people who actively don't want the call.
Does scrubbing cell numbers apply to B2B cold calling?
This is where B2B sales teams get comfortable when they shouldn't.
The TCPA's cell phone restrictions attach to the number being called, not the business purpose of the call. Dial a businessperson's personal cell with an autodialer and you need their consent, full stop [1]. Selling software or recruiting for a trade group doesn't buy you a B2B exemption from the wireless rule.
Where B2B gets some relief is the Do Not Call rules. The national DNC registry generally covers residential subscribers, not businesses [2]. Calling a company's main landline for a B2B purpose doesn't trigger a DNC check the way a consumer call does. But that says nothing about the cell phone consent issue.
The practical trap is that B2B lists are packed with cell numbers. A "VP of Sales" paired with a 10-digit number often resolves to that person's personal mobile. Run those through any autodialer or click-to-dial system that meets the TCPA's autodialer definition and you're in the liability zone.
Safest B2B play: run wireless identification on every number before you dial, then manually dial any cells rather than routing them through an automated system. Manual dialing takes you out of the autodialer restriction, though it does nothing for prerecorded messages. For the rules that wrap around all of this, see our overview of cold calling.
What counts as an autodialer under the TCPA?
This question has fueled years of litigation and a Supreme Court decision.
In Facebook v. Duguid (2021), the Court held that an autodialer under 47 U.S.C. § 227(a)(1) has to use a random or sequential number generator either to store or to produce the numbers it calls [6]. A system that just dials from a stored list, with no randomization or sequential generation, doesn't fit that definition.
The practical effect: predictive dialers working from a fixed list may or may not qualify, depending on how they're built. Don't read that as a green light. Many courts and the FCC still apply TCPA restrictions broadly, and the FCC continues to issue rules and guidance on robocalls and texts [7].
My honest take: if you're asking whether your software is an autodialer, assume it is and act like it. Treating it as one costs you a few extra steps. Being wrong costs you a lawsuit. The credit one tcpa settlement is one of many cases where a company found out its dialer met the legal definition only after the complaints started.
Prerecorded messages are a separate issue. The autodialer definition doesn't matter for them. Prerecorded calls to a cell need consent no matter how the call gets placed [1].
What happens if you call a cell phone without consent?
For many violations the TCPA is a strict liability statute. Intent doesn't save you. If the call happened, the number was a cell, and there was no consent, the violation occurred.
47 U.S.C. § 227(b)(3) gives the person called a private right of action for "an amount equal to $500 in damages for each such violation" or actual damages, whichever is greater, and courts can award up to $1,500 per call for willful violations [1].
Plaintiffs can sue individually or as a class. TCPA class actions are common because one campaign can reach thousands of unconsenting cell users, and the aggregated damages get enormous. Call 50,000 cells without consent and your theoretical exposure is $25 million at $500 per call, or $75 million at the willful rate.
The FCC and FTC can pursue enforcement on their own, with civil penalties that reach into the tens of thousands of dollars per violation under the FTC's inflation-adjusted schedule [8].
State attorneys general can bring TCPA actions too, and several states run their own mini-TCPA statutes with extra remedies stacked on the federal floor [4]. Florida's Telephone Solicitation Act, amended in 2021, allows $500 per call in additional state-level damages [4].
Want to see how settlements land in real dollars? The cash app tcpa class action settlement and cases like it give you a concrete range.
Are there free tools to check if a number is a cell phone?
Yes, with limits.
Twilio Lookup gives you trial credits when you open an account, and the production rate of about $0.005 per lookup is low enough that small teams treat it as basically free for modest lists. For a list under a few thousand numbers, that's the most accessible option out there [9].
Numverify runs a free tier of 100 lookups per month through its API. Fine for spot-checking, useless for scrubbing a whole list.
For the National DNC Registry, small telemarketers (calling fewer than a set number of area codes) get free access through the FTC's subscription portal [11]. Larger access scales up in cost.
For the Reassigned Numbers Database, the SOMOS-operated portal has a per-query fee and a monthly bulk model [12]. No truly free tier for ongoing use.
LeadCompliant's free checker tools handle DNC and wireless lookups for teams just getting started, without a full vendor contract. Handy for a compliance spot-check before you commit to a bigger campaign.
Honest advice: don't anchor to "free" for your main scrubbing workflow on any real list. Twilio Lookup at $0.005 per number runs $50 for 10,000 numbers. That's nothing against one plaintiff's minimum $500 statutory damages. The math isn't close.
What records should you keep from each scrub?
Documentation is your defense. When a plaintiff claims you called their cell without consent, your ability to show that you ran a compliant scrub, on a specific date, using a recognized service, and that their number either wasn't flagged as a cell or was flagged and you had consent on file, is what turns a settlement into a dismissable claim.
Keep, at minimum: the date each scrub ran, the service or database used, the data vintage of the registry you pulled, the before and after record counts, your consent records for any cells you dialed, and your reassigned number query logs.
Store all of it for at least four years. The TCPA carries a four-year statute of limitations under 28 U.S.C. § 1658, and some state claims run longer [10].
Consent records need to show who gave consent, when, through what channel, and what they agreed to. A lead form submission timestamp plus the form's exact language is the gold standard. A verbal consent captured in a rep's note is weaker, but it beats nothing.
The FTC's Telemarketing Sales Rule requires sellers and telemarketers to keep DNC compliance records for 24 months [2]. The TCPA's litigation timeline pushes you to hold everything longer than that.
LeadCompliant's compliance kit includes a documentation template, which saves you building one from scratch. Whatever you use, build the habit: scrub, log, archive, then dial.
How does scrubbing fit into a broader TCPA compliance program?
Scrubbing is necessary but not enough. It's one piece of a compliance program, and treating it as the whole program is a common mistake.
A full TCPA program also needs a written internal DNC policy, calling-hours controls (the FTC's TSR bars calls before 8 a.m. or after 9 p.m. in the recipient's local time [2]), consent acquisition processes for cell numbers, training for anyone who touches the dialer, and a process to handle opt-out requests within 30 days.
Scrubbing is the input filter. Consent management is the ongoing permission layer. Documentation is the audit trail. You need all three.
If you're just building this out, here's the priority order: (1) stop calling cells without documented consent, (2) set up DNC scrubbing on a 31-day refresh cycle, (3) run wireless identification on every new list, (4) build the documentation habit. Add reassigned number checks and state DNC scrubs as you scale.
The do not call list overview and the mobile phone do not call list pages go deeper on the registry mechanics. The cold call guide covers the broader calling rules that surround this scrubbing process.
Frequently asked questions
Can I cold call a cell phone number without consent?
Not if you're using an autodialer or a prerecorded message. Under 47 U.S.C. § 227(b)(1)(A), both require prior express consent before you call a cell. Manually dialing a cell for a non-marketing purpose is generally fine, but the line for what counts as an autodialer has been litigated hard. If your system automates any part of the dialing, treat it as an autodialer and get consent first.
What is the difference between a DNC scrub and a cell phone scrub?
A DNC scrub checks whether a number sits on the National Do Not Call Registry or an internal opt-out list. A cell phone scrub checks whether a number is a mobile line. They're separate. A number can be a cell that's not on the DNC list (needs consent to autodial) or a landline that is on the DNC list (needs removal from telemarketing). Run both.
How much does it cost to scrub a phone list for cell phones?
Wireless identification lookups run about $0.003 to $0.01 per number depending on provider and volume. Twilio Lookup charges roughly $0.005 per query, so 10,000 numbers cost around $50 to scrub for line type. National DNC Registry access is free for small telemarketers and scales to a few hundred dollars a year for high-volume access. The Reassigned Numbers Database charges separate per-query or monthly fees.
How do I access the National Do Not Call Registry to scrub my list?
You register as a telemarketer at telemarketing.donotcall.gov, the FTC's subscription portal. Small organizations calling fewer than a set number of area codes get free access; larger access is tiered. Once registered, download the data for your target area codes and match it against your list. Re-download and re-scrub at least every 31 days on any active campaign. See how do i get the do not call list for more.
What is the FCC's Reassigned Numbers Database?
The Reassigned Numbers Database, launched in 2021 and operated by SOMOS under FCC authority, lets callers check whether a number went to a new subscriber since they last had consent. Check it, get back no reassignment, and you get a one-call safe harbor from TCPA liability even if the number was actually reassigned. The FCC estimates tens of millions of numbers get reassigned each year, which makes this check worth running on any older list.
Do B2B cold calls to cell phones require consent?
Yes, if you're using an autodialer or a prerecorded message. The TCPA's cell phone restriction attaches to the number, not the business purpose. Calling a businessperson's personal cell for a B2B pitch by autodialer, without consent, violates 47 U.S.C. § 227(b)(1)(A). Manual dialing is safer for cells where you lack documented consent. Always run wireless identification on B2B lists, because they're full of personal cell numbers.
What is prior express written consent and when do you need it?
Prior express written consent is the highest standard under TCPA rules, required for telemarketing calls or texts to cells using an autodialer. It's a written agreement (electronic form submissions count) that clearly authorizes the seller to contact that specific number with an autodialing system, signed by the person. The agreement has to disclose that consent isn't a condition of purchase. For informational, non-marketing calls, the lower standard of prior express consent (which can be oral) may apply.
Can a VoIP number be treated the same as a landline for TCPA purposes?
No, not reliably. The FCC and several courts have treated VoIP numbers as potentially covered by the TCPA's cell phone restrictions when they behave like mobile phones. If your line-type lookup returns VoIP, the conservative and recommended move is to treat it as a cell for consent purposes. Assuming it's a landline and being wrong costs far more than requiring consent.
How long do you have to honor a do not call request?
Under the FTC's Telemarketing Sales Rule, you must honor a consumer's do-not-call request within 30 days of getting it and keep that number on your internal DNC list for at least five years. The 30-day window is a legal deadline, not a suggestion. If a prospect tells your rep to stop calling and your system dials them again 45 days later, that's a documented violation no matter what the National DNC Registry shows.
What TCPA penalties apply for calling a cell phone without consent?
The TCPA sets $500 per violation in statutory damages, rising to $1,500 per violation for a willful or knowing violation, under 47 U.S.C. § 227(b)(3). These are per-call numbers. In class actions covering thousands of calls, total exposure reaches millions. The FTC can also pursue civil penalties in the tens of thousands of dollars per violation in separate enforcement actions. State laws like Florida's can layer additional per-call damages on top.
Does scrubbing protect you completely from TCPA lawsuits?
No, but it cuts your exposure hard and gives you a documented defense. Scrubbing shows good-faith compliance, which matters in settlement talks and at trial. The one-call safe harbor from the Reassigned Numbers Database is the closest thing to formal protection, and it only applies if you actually checked and the database showed no reassignment. Beyond that, thorough scrubbing and documentation shift the burden in disputes without eliminating risk.
Are there state-level cell phone calling rules beyond the federal TCPA?
Yes. Several states have their own telephone solicitation laws that go past federal TCPA minimums. Florida's Telephone Solicitation Act, amended in 2021, allows $500 per call in state-level damages. Texas, Indiana, and Wyoming run state DNC registries with separate requirements. Washington and California add restrictions of their own. Targeting these states means checking state rules on top of federal ones. See our state-laws resources.
What is a litigator scrub and should small teams bother with it?
A litigator scrub checks your list against databases of known serial TCPA plaintiffs, people who file TCPA claims as a primary income source. Several vendors sell it. For small teams it's a reasonable precaution, because serial plaintiffs actively hunt for companies with weak scrubbing. It won't stop a legitimate claim, but it removes the easy targets. Cost is usually a small monthly subscription, worth it once you're making more than a few hundred calls a month.
How do you document consent for cell phone numbers you legitimately dial?
The gold standard is a timestamped web form submission that captures the exact consent language shown to the user, the IP address, the number entered, and the specific seller named. If consent was verbal (valid for non-marketing informational calls), log the recording, the date, the rep's name, and what was said. Keep these records at least four years to cover the TCPA's statute of limitations. A consent record you can't produce in court is legally the same as no consent.
Sources
- U.S. Government, 47 U.S.C. § 227 (TCPA statute text via Cornell LII): TCPA prohibits autodialer or prerecorded calls to cell phones without prior express consent; statutory damages are $500 per violation, up to $1,500 for willful violations
- FTC, Telemarketing Sales Rule (16 C.F.R. Part 310) and Do Not Call Registry requirements: TSR requires DNC scrubs at least every 31 days; internal DNC requests honored within 30 days; records kept for 24 months; calling hours restricted to 8 a.m. to 9 p.m. recipient local time
- Florida Legislature, Florida Telephone Solicitation Act, § 501.059 F.S.: Florida's Telephone Solicitation Act (2021 amendment) allows $500 per call in state-level damages on top of federal TCPA remedies
- Supreme Court of the United States, Facebook, Inc. v. Duguid, 592 U.S. 395 (2021): Supreme Court held that an autodialer must use a random or sequential number generator to store or produce numbers; systems dialing from a fixed list may not qualify
- FTC, Federal Trade Commission enforcement and civil penalty authority: FTC civil penalty authority reaches into the tens of thousands of dollars per violation under current inflation-adjusted figures
- Twilio, Lookup API product and pricing: Twilio Lookup charges approximately $0.005 per phone number query for line type and carrier information
- U.S. Government, 28 U.S.C. § 1658, four-year statute of limitations for federal civil claims: TCPA claims are subject to a four-year statute of limitations, requiring compliance records to be kept at least that long
- FTC, National Do Not Call Registry telemarketer portal: Telemarketers access the National DNC Registry through this FTC portal; small-volume access is free; larger access is tiered by area codes
- SOMOS, Reassigned Numbers Database operator: SOMOS operates the FCC's Reassigned Numbers Database under FCC authority; per-query and monthly bulk access fees apply