Last updated 2026-07-09

TL;DR
The National Do Not Call Registry runs out of the FTC at donotcall.gov. Telemarketers register, pay an annual fee (up to $17,792 for all area codes in 2024), download the list, and scrub before dialing. Call a registered number without consent and you risk $500 to $1,500 per call under TCPA. Federal rules require a list no older than 31 days.
What is the DNC registry and who runs it?
The National Do Not Call Registry is a federal list run by the Federal Trade Commission. Consumers add their phone numbers to stop most telemarketing calls. It went live in 2003 under the Telemarketing Sales Rule (16 CFR Part 310) and the Do-Not-Call Implementation Act of 2003 [1]. The FCC enforces the registry separately under 47 USC 227, the Telephone Consumer Protection Act [2].
The list has more than 248 million active registrations as of 2024 [3]. It grows every year. If you run an outbound program, a large chunk of your prospect list is already on it. Count on that.
Two agencies, two jobs. The FTC handles consumer registration and the database itself, and it sells you access. The FCC writes the rules for what counts as a telemarketing call, who has to comply, and what the penalties are. Private plaintiffs under TCPA are the third party in the room, and they file the most lawsuits. You deal with all of them.
Consumers register at donotcall.gov or by calling 1-888-382-1222. Registration never expires. Congress killed the five-year re-registration requirement in 2008 with the Do-Not-Call Improvement Act, so a number added in 2003 is still protected today [4]. That kills the "it must have lapsed" defense before you can raise it.
For a plain-English overview of what the registry covers and what it skips, see our article on the do not call list.
Who is required to check the DNC registry?
Anyone making telephone solicitations to U.S. consumers has to access and honor the registry before dialing [2]. TCPA defines a telephone solicitation as a call or message meant to encourage the purchase or rental of goods or services, or investment in property or a service. Sales purpose? You're covered.
Some callers get a pass. Calls for tax-exempt nonprofits fall outside the national registry rules, though the caller still needs an established relationship or explicit permission. Straight B2B calls aren't covered by the national list either, though many states run their own lists that do reach certain business solicitations [5].
The established business relationship (EBR) exemption lets you call someone who bought from you in the past 18 months, or made an inquiry in the past 3 months, even if they're registered. That exemption dies the second the consumer tells you to stop. Once they say stop, you stop.
Political calls, survey calls, and charitable calls run under different rules and generally sit outside the national registry. Not sure where your program lands? Assume the rules apply. The FTC treats "informational" calls with a commercial angle as solicitations.
See our breakdown of the government do not call list for the full list of who must comply.
How do you actually check numbers against the DNC registry?
Two paths get you the registry: the FTC's own portal at telemarketingdonotcall.gov, or a third-party scrubbing service. Here's how each one works.
Option 1: FTC portal (direct access)
You register your organization at telemarketingdonotcall.gov with your company name, address, and phone number. Pick the area codes you call, pay the annual fee, and download the data. Files come area code by area code in .txt or .zip format. You load them into your dialer or CRM and suppress any matching number before the campaign runs. The portal offers updates, and federal rules require a version no more than 31 days old at the time of any call [1].
Option 2: Third-party scrubbing services
Compliance vendors (standalone software, CRM integrations, dialer add-ons) pull the registry for you and scrub automatically. You upload your list, the service checks it against the current registry, and you get back a clean file with DNC numbers flagged or removed. Most also scrub state DNC lists, your internal do-not-call list, and known litigator numbers in the same pass.
If you dial more than a few thousand numbers a month, pay for a service. The FTC files need real database management, and one missed update cycle is a gap you'd have to explain to a plaintiff's attorney. Not a conversation you want.
LeadCompliant's free number checker verifies individual numbers against the registry with no subscription. Handy for a spot-check before a campaign goes live.
The 31-day rule
FTC regulations require the registry version you use to be no more than 31 days old at the time you make the call [1]. Pull the list January 1, still dialing from that pull on February 3, and you're out of compliance. Set a calendar reminder. Seriously. This is the most common gap in small teams and the easiest one to close.
What does it cost to access the National DNC Registry?
The FTC charges a per-area-code annual fee. The fee is set by statute and adjusted for inflation. For fiscal year 2024, access costs $79 per area code, with a cap of $17,792 for the whole country [6]. Subscribe to one area code and you pay the minimum. Call nationwide and you hit the cap.
The first five area codes cost $79 each. A team calling in 10 states, touching maybe 20 to 30 area codes, would pay $1,580 to $2,370 a year for direct access. The $17,792 cap kicks in once you'd otherwise exceed it, so national programs pay a flat rate.
Small businesses with annual gross revenue under $25,000 get one area code free [6]. Narrow, but it's there.
Third-party services charge on top, usually per record or per month. Prices range hard. Budget tools start around $50 to $100 a month for small lists. Enterprise platforms with real-time scrubbing, litigator databases, and state DNC coverage run $500 to $2,000 a month or more. You're paying for speed and the extra suppression layers beyond the federal list.
For more on how to pull the list files yourself, see our guide on how do i get the do not call list.
What happens if you call a number that is on the DNC registry?
It gets expensive fast. Under 47 USC 227(c)(5), a consumer who gets more than one telephone solicitation in any 12-month period in violation of FCC rules can sue [2]. Statutory damages are $500 per violation. If the court finds the violation willful or knowing, it can treble that to $1,500 per call [2]. No damages cap.
The FTC can bring its own action under the Telemarketing Sales Rule. TSR civil penalties currently run up to $51,744 per violation, adjusted annually for inflation [7]. Those are per call, per violation. They pile up quickly when a campaign fired 50,000 calls before anyone caught a failed scrub.
Private TCPA litigation is the bigger daily risk for small teams. Class actions are common because the damages structure makes bundling thousands of small violations into one large class attractive for plaintiffs' attorneys. A class of 10,000 people who each got two unconsented calls carries theoretical exposure of $10 million to $30 million before anyone talks settlement.
The scale runs high at the top. The FTC settled with Dish Network in 2017 for $280 million, the largest DNC enforcement action at the time, covering tens of millions of calls to registered numbers [8]. That's an extreme case, but it shows what systemic violations look like.
Even a single valid plaintiff can settle for several thousand dollars once you factor in attorney fees. Many TCPA plaintiffs target small businesses on purpose, because a small business has less capacity to fight than a large corporation.
See our deeper breakdown of do not call list enforcement patterns.
How often do you need to scrub your call list against the registry?
Federal rules require your list to be no more than 31 days old at the time of any call [1]. That's the floor. Some states go stricter.
Most compliance people scrub before every campaign, not on a rolling calendar. Load a new list into your dialer Monday, scrub it Monday. If the same list is still running three weeks later, pull a fresh registry download and scrub again before you hit 31 days from your last pull.
A few things reset the clock. A number added to the registry today gets a 31-day honor window for telemarketers. So someone who registers March 1 is legally protected starting April 1. That's why "we checked the list last month" isn't always a defense when a number registered recently.
Internal do-not-call lists are a separate duty. TCPA says that if a consumer asks you to stop calling (a company-specific DNC request), you honor it within a reasonable time, capped at 30 days, and you keep it on file for at least 5 years [2]. The national registry and your internal list are two different suppression files. You need both.
For state-specific scrubbing rules, especially Florida and Indiana with their aggressive state-level regimes, see our articles on the florida do not call list and indiana do not call list.
Does the DNC registry apply to cell phones?
Yes. Consumers can register any number, mobile included. The registry doesn't split landlines from cell phones, and the FTC and FCC treat them the same for DNC purposes [3].
Cell phones carry an extra layer landlines don't. 47 USC 227(b) bars using an automatic telephone dialing system (ATDS) or a prerecorded voice to call a cell phone without prior express consent, whether or not the number is on the DNC registry [2]. So mobile numbers sit under two overlapping rule sets: the DNC rules and the ATDS/consent rules. Break either one and you're liable.
A mobile number on the registry is protected twice over. Call it with an autodialer and no consent, and you have a possible ATDS violation. Call it for solicitation while it's registered, and you have a DNC violation. Separate claims. A plaintiff can bring both.
For a full breakdown of mobile-specific rules, our article on the mobile phone do not call list covers the ATDS consent layer in detail.
Are state DNC lists different from the federal registry?
Yes, and this is where compliance gets messy. The national registry is the federal floor. Plenty of states run their own separate do-not-call registries, and a number missing from the federal list can still sit on a state list. Call it without checking the state list, and you've broken state law.
Here's how a few notable state lists differ from the federal registry:
| State | Separate list? | Covers B2B? | Fee to access? | Additional protections |
|---|---|---|---|---|
| Florida | Yes (FLDNC) | Partial | Yes | Telemarketing hours limits, mini-TCPA |
| Indiana | Yes | No | No (free lookup) | Fines up to $10,000/violation |
| Pennsylvania | Yes (PADNC) | No | Yes | Residential only, state AG enforcement |
| Texas | Uses federal only | No | N/A | Enforces TCPA state-side |
| Wyoming | Yes | No | No | Smallest list, AG enforcement |
Florida's statute (Fla. Stat. 501.059) ranks among the strictest state telemarketing laws in the country. It carries its own private right of action with damages up to $10,000 per call for willful violations [9]. Indiana runs a separate DNC list and enforces it actively. Pennsylvania keeps its own list with its own state enforcement.
Calling into any state with its own list means scrubbing against both the national registry and that state's list. No shortcut here. See our pages on the florida do not call list, indiana do not call list, and do not call list pa for state-specific guidance.
For a wider view of the do not call telemarketer list framework across jurisdictions, that article covers how federal and state systems interact.
What is a safe harbor and does it protect you from DNC violations?
The FTC and FCC both offer a safe harbor for good-faith reliance on the registry, but it's narrower than most people think. Under 47 CFR 64.1200(c)(2)(i)(D), a telemarketer who accesses the registry, keeps an internal do-not-call list, and trains staff on DNC procedures can claim the safe harbor when a call to a registered number was made in error [10].
To actually use it, you prove three things. One, you accessed a registry version no more than 31 days old. Two, you keep internal DNC lists and procedures. Three, the call happened inside a good-faith process that simply erred, not a systemic breakdown.
The safe harbor won't excuse repeated violations. It won't apply if you never checked the list. It won't apply if you knew a number was registered and dialed anyway. Courts have found that a pattern of calling registered numbers guts any good-faith claim. One documented mistake is defensible. Ten thousand mistakes is a different conversation.
Honestly, understand the safe harbor but don't make it your strategy. Build the scrubbing process right so you rarely need it.
How do you build a DNC compliance process that actually holds up?
Here's what a working process looks like for a small outbound team. None of it is theoretical. It's the practical minimum that survives FTC or private plaintiff scrutiny.
1. Register your organization with the FTC at telemarketingdonotcall.gov and pay for the area codes you call [1]. Keep the registration current.
2. Before any campaign, pull a fresh registry copy for every area code you'll touch. If you use a third-party service, confirm it's pulling updates on a schedule that keeps your data under 31 days old.
3. Scrub your dialing list against (a) the current federal registry, (b) any applicable state DNC lists, and (c) your internal company-specific DNC list. Three separate files. All three matter.
4. Keep an internal DNC list and honor opt-outs within 30 days. Log every request with a timestamp.
5. Train anyone who touches the phones. What DNC means, how to handle an opt-out from an inbound consumer, how to escalate a question.
6. Document everything. The date you pulled the registry, the date you scrubbed, the file versions. In a dispute, a timestamp and a file hash beat any verbal claim you can make.
LeadCompliant's compliance kit includes a scrubbing checklist, an internal DNC log template, and a training outline sized for small teams, if you'd rather start from something than build from scratch.
For how to report violations you've received (not made), see our article on the do not call list report.
What are the most common DNC compliance mistakes small teams make?
Four mistakes show up in nearly every TCPA case involving small outbound teams.
Not scrubbing cell phones separately. Teams check the DNC registry but forget mobile numbers carry the extra ATDS consent requirement under 47 USC 227(b). A mobile number can be clean on the DNC list and still be a violation if you dialed it with an autodialer and no consent.
Skipping state lists. Teams that call Florida, Indiana, or Pennsylvania sometimes run only the federal scrub. The state lists are separate databases. Multistate means both.
Stale list data. Pull the registry once at the start of a campaign, run it for 45 or 60 days, and every call after day 31 is a violation. Drop a calendar alert into your campaign manager's calendar. Five minutes, gap closed.
No internal DNC log. The TCPA company-specific DNC duty stands apart from the national registry. A consumer tells your rep "take me off your list," nobody logs it, and you have no defense when they get called again six weeks later. A spreadsheet with a name, number, and timestamp is enough to start. Move it into your CRM as soon as you can.
Miss any one of these and it's fixable before a lawsuit. After, it's expensive. Want a clean checklist? The dnc registry article walks through the full compliance architecture.
Also useful: the do not call list number guide explains how number registration works from the consumer's side, which helps you understand what your scrub actually catches.
Frequently asked questions
How do I check if a phone number is on the DNC registry?
Telemarketers check through the FTC's portal at telemarketingdonotcall.gov by downloading the registry for each area code they call. Consumers can verify their own numbers at donotcall.gov. Third-party compliance tools let businesses upload full lists and get back a scrubbed file with DNC numbers flagged. You cannot look up a stranger's number; the download exists for your own compliance use.
Is the DNC registry the same as the FTC do not call list?
Yes, same thing. The National Do Not Call Registry is run by the FTC and is sometimes called the FTC do not call list. It launched in 2003 and held over 248 million registrations as of 2024. The FCC enforces compliance under TCPA (47 USC 227), but the list itself lives with the FTC at donotcall.gov.
How long does it take for a number to show up on the DNC registry after someone registers?
The FTC adds numbers within 24 hours of registration. Telemarketers then have 31 days to honor the registration before they're legally required to stop calling it. So the practical protection window is about 31 days after a consumer registers. After that, calling the number without consent or an exemption is a violation.
Do cell phones get DNC protection?
Yes. Consumers can register mobile numbers on the national registry, and those registrations carry the same legal weight as landlines. Cell phones also carry a separate layer under TCPA 47 USC 227(b), which requires prior express consent before using an autodialer or prerecorded voice to call a mobile number, regardless of DNC status. Both layers apply independently.
What is the fine for calling a DNC-registered number?
Under TCPA, private plaintiffs can sue for $500 per call, up to $1,500 if the violation was willful or knowing. The FTC can impose civil penalties up to $51,744 per TSR violation (2024 figure, adjusted annually for inflation). No statutory cap limits how many violations aggregate in a class action, which is why large campaigns that skip DNC scrubbing generate enormous settlement exposure.
Does the DNC registry cover text messages?
The FTC's national registry rules technically cover calls, but the FCC has extended similar protections to text messages under TCPA. Sending marketing texts to registered numbers can be a violation, and the FCC treats SMS solicitations like voice calls for consent purposes. If you run SMS campaigns, treat DNC-registered numbers the way you would for voice and separately confirm you have prior express written consent.
How long do I have to honor a consumer's request to be removed from my calling list?
TCPA regulations require you to honor a company-specific do-not-call request within a reasonable time, which the FCC defines as no more than 30 days from the request. You then keep that number on your internal DNC list for at least five years. This is separate from the national registry scrub. Both obligations apply, and failing either one creates liability.
Are B2B calls exempt from the DNC registry?
The national Do Not Call Registry covers residential numbers and applies to calls to individuals. Calls to businesses for B2B sales are generally not covered by the national registry. Several states, however, extend DNC-style protections to business lines in certain industries. Remember too that TCPA's autodialer consent rules can still apply to B2B calls when you're dialing a person's individual mobile number.
What is the established business relationship (EBR) exemption?
The EBR exemption lets a telemarketer call a registered number if the consumer bought something within the last 18 months or made an inquiry within the last 3 months. It only applies to the company holding the relationship, not affiliates. The exemption disappears immediately if the consumer tells you to stop calling, no matter when the last transaction happened.
Do I need to scrub against state DNC lists separately from the federal registry?
Yes. States like Florida, Indiana, and Pennsylvania run separate DNC registries that aren't part of the federal database. A number might be off the national list but still on a state list. If you dial into any state with its own registry, you must access and scrub that state's list in addition to the federal one. Skipping it violates state telemarketing law regardless of your federal compliance.
Can someone sue me personally for a DNC violation or is it only the company?
TCPA allows suits against both the corporate entity and individuals who personally participated in or directed the violating calls. Officers and owners of small businesses have been named individually and held personally liable in some cases. That's one reason compliance is personal for founders and sales managers, more than a corporate risk exercise.
Is there a free way to check the DNC registry?
The FTC offers free access to a single area code's data for organizations with under $25,000 in annual gross revenue. Beyond that, an annual fee applies per area code. Several compliance tools offer free spot-checking for individual numbers, useful for verifying a specific contact before outreach. Full list scrubbing for larger campaigns requires either FTC portal access or a paid third-party service.
How long does a DNC registration last?
Registrations on the national Do Not Call Registry never expire. Congress eliminated the five-year re-registration requirement with the Do-Not-Call Improvement Act of 2008. A number registered in 2003 is still active today. So you cannot assume an old registration lapsed. If a number is on the list, treat it as protected indefinitely unless the consumer removes it.
What records should I keep to prove DNC compliance?
Keep dated records of every list pull from the FTC portal, including the date, area codes accessed, and file version. Document every scrub run with timestamps and the source file used. Maintain your internal DNC log with consumer opt-out requests, dates, and the rep who took the request. In litigation, a clean audit trail is the difference between a defensible safe harbor claim and an indefensible pattern of violations.
Sources
- FTC, Complying with the Telemarketing Sales Rule (16 CFR Part 310): Telemarketers must access a registry version no more than 31 days old; annual per-area-code fees apply; organizations register at telemarketingdonotcall.gov
- Legal Information Institute, 47 USC 227 (TCPA): 47 USC 227(c)(5) provides $500 per violation, trebled to $1,500 for willful violations; 47 USC 227(b) covers ATDS calls to cell phones; company-specific DNC must be honored within 30 days and kept for 5 years
- FTC, National Do Not Call Registry Data Book FY2024: Over 248 million active registrations on the national DNC registry as of 2024
- FTC, Do-Not-Call Improvement Act of 2008 overview: The Do-Not-Call Improvement Act of 2008 eliminated the five-year re-registration requirement; registrations do not expire
- FTC, Q&A for Telemarketers and Sellers About DNC Provisions: B2B calls are generally not covered by the national DNC registry; nonprofit and political calls follow different rules
- FTC, Do Not Call Registry Fees for FY2024: Annual access fee is $79 per area code; national cap is $17,792 for FY2024; organizations with gross revenues under $25,000 may access one area code free
- FTC, Adjustments to Civil Penalty Amounts (2024): FTC civil penalties for Telemarketing Sales Rule violations are up to $51,744 per violation for 2024, adjusted annually for inflation
- FTC, United States v. Dish Network (2017 judgment): The FTC and states obtained a $280 million judgment against Dish Network in 2017 for calls to registered numbers, the largest DNC enforcement action at the time
- Florida Legislature, Fla. Stat. 501.059 (Florida Telemarketing Act): Florida Statute 501.059 provides damages up to $10,000 per call for willful violations and establishes the Florida Do Not Call list separate from the federal registry
- FCC, 47 CFR 64.1200 (TCPA Implementing Rules): 47 CFR 64.1200(c)(2)(i)(D) sets out the safe harbor requirements for good-faith reliance on the DNC registry; requires 31-day-current list, internal DNC procedures, and personnel training
- Do Not Call Implementation Act of 2003, Pub. L. 108-10: The Do-Not-Call Implementation Act of 2003 established the legal basis for the national DNC Registry and authorized the FTC to collect fees for access