Last updated 2026-07-09

TL;DR
The National Do Not Call Registry is a free FTC database where consumers register phone numbers they don't want telemarketers to call. Sellers and telemarketers must scrub call lists against it no more than 31 days before dialing. One registered number can cost up to $53,088 in FTC penalties, or $500 to $1,500 per call in a private TCPA suit. Data access runs $75 per area code, capped at $18,936 a year.
What is the DNC list registry and who runs it?
The National Do Not Call Registry is a database run by the Federal Trade Commission. Consumers add their home or mobile number by calling 1-888-382-1222 or visiting donotcall.gov, and that registration never expires.[1] As of 2024, about 249 million numbers sit on the list.[2]
The FTC built the registry under the Do Not Call Implementation Act of 2003, which told the Commission to create and run a single national registry. The FCC then adopted its own rules under 47 U.S.C. § 227 (the TCPA) requiring telemarketers to honor that registry. Two agencies, one list. That split still trips people up. The FTC owns the database and the consumer side. The FCC writes the calling rules telemarketers follow and handles some enforcement against common carriers.[3]
So when someone asks whether the DNC registry is an FTC thing or an FCC thing, the honest answer is both. You pull the data through the FTC portal at donotcall.gov. You follow the FCC's calling rules under the TCPA. A do not call list violation can draw an action from either agency, or a private lawsuit from the consumer.
State attorneys general can also sue on behalf of their residents. Many states run their own registries with stricter rules stacked on top of the federal floor. More on that later.
Who is legally required to check the DNC registry before calling?
Any person or entity making telephone solicitations or telemarketing calls to residential subscribers in the United States has to check.[4] The FTC's Telemarketing Sales Rule at 16 C.F.R. Part 310 and the FCC's rules at 47 C.F.R. § 64.1200 use nearly identical language.
That covers a lot of ground. B2C outbound sales teams, political fundraising (with carve-outs), nonprofit solicitations, debt collectors who slip into a sales pitch, and third-party lead generators all fall under the requirement to some degree. Pure B2B calls to a business subscriber are generally exempt from the national registry. That exemption has edges, though. Call a person's personal cell that happens to double as their work line, and you're on thin ice.
Some categories get explicit exemptions. A caller with an established business relationship (EBR) can reach a registered number, but the window is short: 18 months from the last transaction, or 3 months from the last inquiry. Charities are exempt from the TSR registry requirement, yet the FCC's TCPA rules still govern their calls to cell phones. Political calls skip the national registry under federal rules, though several states shut that door.
If you run a small outbound team and you're wondering whether you truly need to scrub, the answer is yes. The TCPA's private right of action lets any consumer whose number is registered sue you directly, no FTC or FCC action required, and courts award statutory damages of $500 to $1,500 per call.[5]
How does DNC registry access work and what does it cost?
The FTC charges telemarketers for registry data, and it bills by area code. Each area code costs $75 a year. One organization's total is capped at $18,936, which buys every U.S. area code.[6] That cap means a national caller pulling all area codes pays the same ceiling as anyone else who maxes out.
Some callers get in free. Sellers calling their own existing customers (pure EBR calls), organizations under a defined call-volume minimum, and certain tax-exempt nonprofits can verify specific numbers at no cost without buying area code subscriptions. You register at donotcall.gov, agree to the subscriber agreement (which bars using the data for anything other than blocking calls to registered numbers), and download the files for the area codes you paid for.
The data arrives as a flat file, refreshed nightly. The government portal gives you no simple yes/no lookup API for single numbers. You download the full area code file and run your own comparison. Plenty of third-party vendors wrap this into a real-time API or a scrubbing service, and for most teams that don't want to babysit flat-file imports, that's money well spent.
Access credentials expire every year. Let your subscription lapse and keep calling off an old copy, and you're exposed. The registry is live. Numbers get added every day. A number registered the day after your last download is nowhere in your file.[7]
| Access type | Annual cost | Who qualifies |
|---|---|---|
| Per area code | $75 | Any registered organization |
| All area codes (cap) | $18,936 | Any registered organization |
| Free access | $0 | Nonprofits, small-volume callers, EBR verification |
Want the step-by-step on registration? Our guide on how to get the do not call list walks through it.
How do you run a list through the DNC registry?
Two paths: do it yourself with the FTC's data files, or hand it to a third-party scrubbing service.
The DIY route goes like this. You subscribe, download the area code files you need, then compare your call list against the registry data. Formatting decides everything here. Strip all punctuation from both lists and normalize to 10-digit numbers before you compare. The FTC files hold registered numbers with no dashes or parentheses. Your CRM data probably has a mess of formats. A formatting mismatch lets a registered number slip through, and that kind of quiet procedural failure is exactly what buries teams in litigation.
The third-party route uses a vendor that keeps a continuously updated copy of the registry and exposes it by API or batch upload. You submit your list, get back a scrubbed version with registered numbers flagged or removed, and log the scrub date. That log matters. In litigation or an FTC inquiry, you have to show you scrubbed within 31 days of the call and what came back.
The 31-day rule comes straight from the FCC. Under 47 C.F.R. § 64.1200(c)(2), a telemarketer must access the registry no more than 31 days before any call. That does not mean scrub once a month and batch every call on day 30. Scrub January 1, call February 1, and you're outside the window. Most compliance teams scrub weekly, or right before each campaign launches.
Here's a clean process. Pull the calling list. Submit it to your scrubbing service. Receive the flagged output. Remove or suppress every flagged number. Log the scrub date and the tool you used. Then dial. Keep that log at least 4 years, which matches the TCPA statute of limitations.[8]
If you dial through a platform, most major ones (Five9, NICE, Genesys, and others) have DNC scrubbing built in. Confirm the integration hits a current registry copy, not a cached one. Ask your vendor to put the data refresh frequency in writing.
What are the penalties for calling a number on the DNC registry?
The numbers get serious fast. The FTC can seek civil penalties up to $53,088 per violation under the Telemarketing Sales Rule. That figure adjusts for inflation: it was $51,744 in 2024, and the FTC set $53,088 effective January 2025.[9] The FCC can pursue its own forfeitures separately.
The penalty most outbound teams actually meet is the private lawsuit. The TCPA gives any "person or entity" the right to sue for $500 per violation, or $1,500 for a willful or knowing one.[5] The plaintiff doesn't have to prove real harm, which is why TCPA class actions pile up. A campaign that hit 10,000 registered numbers could face $5 million in statutory damages on paper, or $15 million if a court finds the conduct willful.
Courts have treated calling someone again after they asked you to stop, or after your own team added them to an internal DNC list, as the jump from negligent to willful. The gap between $500 and $1,500 per call is a cliff, not a step.
Enforcement is real. In 2022 the FTC sued a Florida operation over more than 1 billion illegal robocalls and sought hundreds of millions in penalties.[10] Private TCPA class settlements routinely land in the tens of millions. Even small shops have settled in the $50,000 to $500,000 range over a few hundred bad calls, because fighting costs more than that.
This is why you can't treat scrubbing as optional or approximate. One angry plaintiff holding a screenshot of their registration date and your call log has a case.
What's the difference between the national registry and state DNC lists?
The national registry is the federal floor. States can build higher, and many have. As of 2026, more than a dozen states run their own do not call registries or layer extra calling restrictions on top of federal rules.[11]
Timing is the biggest difference. Florida's Do Not Call Act, for instance, uses a 12-month prior-business-relationship window instead of the federal 18 months. Indiana and Pennsylvania each run state registries that need separate registration and separate scrubbing. A number can be absent from the national registry and still sit on Indiana's list. Call it and you break Indiana law, even if you're clean under federal rules.
State violations carry their own per-call penalties too. Florida's law allows private civil actions with damages up to $500 per call. Some states set higher floors.
The takeaway is practical. If you call into states with heavy litigation activity (Florida, California, and Texas draw disproportionate TCPA plaintiff activity), scrub against both the national registry and every applicable state list. Treating the federal registry as your only check is a documented gap, and plaintiff attorneys know exactly how to work it.
Our state guides cover the exact steps for Florida, Indiana, and Pennsylvania.
Do cell phones get the same DNC registry protection as landlines?
Yes, and cell phones actually carry more protection in places. The TCPA's autodialer and prerecorded call restrictions apply to cell numbers whether or not they're on the national registry.[5] The registry stacks on top: if a cell number is registered, you can't make a non-consensual telemarketing call to it by any method.
The established business relationship exception applies to landlines but works out narrower for cells. The TCPA separately requires prior express written consent before you call a cell number with an autodialer or prerecorded message. So even a valid EBR that lets you bypass the registry may not let you fire up your dialer without consent.
Consumers have registered mobile numbers since 2003, and FTC guidance confirms they're fully eligible. Most registered numbers on the national list are now mobile, tracking the general drop-off in landlines.[2]
The mobile phone do not call list article digs into the cell-specific TCPA rules, which sit apart from the registry requirements and matter a great deal for teams running predictive dialers.
What is the established business relationship (EBR) exception and when does it actually apply?
The EBR exception lets you call a registered number when you already have a relationship with that consumer. The FTC and FCC define it in similar terms: a prior transaction, contract, or inquiry between the seller and the consumer inside a set time window.[4]
Transactions give you 18 months from the last one. Someone who bought from you 19 months ago and went quiet? The EBR is gone, and their registered number is off-limits.
Inquiries give you 3 months from the date the consumer asked about you or applied. A lead who filled out a form 4 months ago and never answered a follow-up is outside the window.
Two hard limits override the clock. First, if the consumer tells you to stop calling, the EBR dies on the spot no matter how recent the relationship. Under 47 C.F.R. § 64.1200(d), you have to honor that request within a reasonable time and keep your own internal do not call list. Second, the EBR belongs only to the specific seller who earned it. It does not pass to affiliated companies, third-party lead buyers, or anyone else in a sales chain. Buy a lead list from a third party and you cannot borrow the prior seller's EBR.
Misreading the EBR is one of the most common ways small teams get burned. They assume any "warm" lead list comes with calling rights. It doesn't.
How do you build an internal DNC list and why does it matter beyond the registry?
The national registry is a floor, not a ceiling. On top of it, the FCC's rules at 47 C.F.R. § 64.1200(d) require telemarketers to keep a company-specific internal do not call list and honor opt-out requests from anyone who asks not to be called, even numbers that never touched the national registry.[4]
The internal list works like this: if anyone tells your agent they don't want calls, you record it, suppress the number from every future campaign, and keep it suppressed forever (an individual opt-out has no expiration). The FCC also requires a written policy, trained personnel, and a copy of that policy available on request.
In practice, your CRM or dialer needs a "do not contact" flag that keeps the number out of any campaign for good. Plenty of teams use the national registry scrub as their only check and skip internal list upkeep entirely. That's a separate, independent violation the moment someone who opted out gets dialed again.
The internal list matters for lead buyers too. If a consumer opted out with the original lead generator, that opt-out may live in the lead data. Check for opt-out flags in any third-party lead file before you dial, more than national registry status.
Want a ready-made process for both national scrubbing and internal list upkeep? The LeadCompliant compliance kit covers both, with templates for CRM suppression workflows and scrub logging.
Can you report DNC violations and what happens when you do?
Consumers report violations at donotcall.gov or by calling 1-888-382-1222.[1] The FTC gathers these complaints and uses the aggregated data to spot patterns, rank enforcement targets, and build cases. One complaint rarely triggers anything. A company racking up thousands of complaints against a phone number or entity gets attention.
The FTC publishes complaint statistics and enforcement data. In 2023, it received more than 1.8 million DNC complaints, most about prerecorded calls.[10] Those records feed straight into investigations.
Consumers can also sue privately without filing an FTC complaint at all. The TCPA's private right of action under 47 U.S.C. § 227(c)(5) requires that a person receive more than one call within any 12-month period by or on behalf of the same entity before suing over registry violations. One accidental call annoys; it isn't immediately actionable under the registry-specific provision. Two calls open the door.
Some plaintiff attorneys run what people call TCPA "traps": registering numbers built to catch telemarketing calls, then suing. Courts have looked hard at bad-faith plaintiffs in some cases, but the statute never asks the plaintiff to show harm, so the risk stays real. Your best defense is a documented, consistent scrubbing process you can produce in discovery.
For more on the reporting side, see do not call list report.
What should a compliant DNC scrubbing process look like step by step?
Here's a process that satisfies both the FTC's TSR and the FCC's TCPA rules.
Step 1: Register with the FTC at donotcall.gov. Subscribe to the area codes covering your calling territory. Set a calendar reminder to renew before your subscription lapses.
Step 2: Scrub against the national registry no more than 31 days before any campaign call. Use the FTC's direct download or a third-party service with daily or weekly registry refreshes. Record the scrub date, the service used, and the number of records checked.
Step 3: Scrub against any applicable state DNC registries. Calling into Florida, Indiana, Pennsylvania, or another state with its own list means a separate scrub.
Step 4: Check your own internal DNC list. Every number in the campaign gets cross-referenced against your company suppression list before dialing.
Step 5: Check consent flags in your lead data. If a lead came from a third party, confirm what consents were captured and whether any opt-outs were logged at acquisition.
Step 6: Log everything. Scrub date, total records scrubbed, records removed, the tool used. Keep logs at least 4 years.
Step 7: Train your agents. The FCC's 47 C.F.R. § 64.1200(d) rules require personnel who make solicitations to be informed and trained on your DNC policy. An untrained agent who keeps calling after a stop request is a compliance failure that lands on you, not on them.
LeadCompliant's free checklist tool at leadcompliant.com helps you audit each step against the actual regulatory requirements before your next campaign launches.
What are the most common DNC registry compliance mistakes small teams make?
Stale data tops the list. Teams scrub once, build a "clean" file, and call off it for three months. The registry updates daily. Every number registered after your scrub date is missing from your file.
Forgetting state lists is second. The FTC do not call list and state lists are separate databases. Scrub only nationally, then call into a state with its own registry, and you're exposed on state law claims even when your federal compliance is spotless.
Misreading the EBR window is third. Eighteen months sounds generous until you launch a reactivation campaign aimed at people from two years ago and blow past it without noticing.
Skipping the internal DNC list is fourth, and probably the sloppiest. Agents take verbal opt-outs and never record them. The same number lands in the next campaign. The consumer sues. You have no proof of a suppression process.
Buying "pre-scrubbed" lead lists without checking the scrub date is fifth. A vendor who scrubbed 60 days ago hands you data that's already stale. Verifying currency is your job, not theirs.
Sharing one subscription across multiple entities is sixth. The FTC subscriber agreement bars sharing registry data with affiliated companies under a single account. Every entity that makes calls needs its own subscription.
For teams that buy leads, the do not call telemarketer list article covers the rules that apply when you're the downstream caller, not the original lead generator.
Frequently asked questions
How long does a phone number stay on the DNC registry once registered?
Permanently. The FTC dropped the old 5-year expiration in 2008. A registered number stays on the list indefinitely unless the consumer removes it or the carrier reassigns it to a new subscriber. If a number is reassigned, telemarketers still have to scrub it, and the new subscriber inherits the same protections.
Is the DNC registry free for consumers to use?
Yes, completely free for consumers. Anyone can register at donotcall.gov or by calling 1-888-382-1222 at no cost. The fees fall only on telemarketers and sellers who need registry data to scrub their call lists. Consumers also don't have to register to get TCPA protection covering cell phones and automated calls.
How quickly does a new registration take effect for telemarketers?
Within 31 days. Under the rules, a telemarketer has up to 31 days after a number is registered before they must stop calling it. In practice the number shows up in the downloadable files soon after registration, but the legal safe harbor for continuing to call runs until that 31-day period ends. After 31 days, calling the number is a violation.
Does the DNC registry apply to text messages and SMS?
Yes. The FCC treats texts to mobile numbers as calls under the TCPA, so the same do-not-call principles apply. A number on the national DNC list can't receive unsolicited commercial texts from telemarketers. The TCPA's separate autodialer consent requirements for SMS apply on their own too, so SMS compliance means checking both the registry and consent records.
Can a business register its number on the DNC registry?
The national registry is built for residential subscribers. A business can register its number, but the FTC's rules mainly protect residential consumers, and B2B calls are generally exempt from the national registry requirement. If a business number is registered, a telemarketing pitch could still create exposure under some state laws or specific FCC rules. Most compliance teams just scrub every number regardless.
What is the difference between the national DNC registry and a company's internal DNC list?
The national registry is a government database run by the FTC where consumers opt out of all telemarketing. An internal DNC list is your own company suppression list, required under 47 C.F.R. § 64.1200(d). When someone asks your company specifically to stop calling, that request goes on your internal list whether or not their number sits on the national registry. Scrub both before every campaign.
How many phone numbers are currently on the national DNC registry?
About 249 million as of 2024, per the FTC's published data. The registry has grown steadily since its 2003 launch. Early adoption was fast, with 10 million registrations in the first four days sign-ups opened. Growth kept going as mobile numbers became eligible and consumers got more aware of their rights.
What is the government DNC registry website and how do telemarketers access it?
The official site is donotcall.gov, run by the FTC. Telemarketers and sellers register for access at the same site, then subscribe to area code data files at $75 per area code a year, capped at $18,936 for all area codes. After subscribing, they download flat files for the area codes they bought and run those against their calling lists. It's the only official government source; third-party providers pull from it.
Do political calls and nonprofit calls have to follow DNC registry rules?
Under federal law, purely political calls and calls from tax-exempt nonprofits are exempt from the national DNC registry requirement. They still fall under TCPA rules for calls to cell phones, autodialer restrictions, and the duty to honor individual opt-out requests. Several states have also closed the political call exemption at the state level, so callers into those states face stricter requirements than federal rules alone suggest.
Can you get in trouble for calling a number on the DNC registry even if the call was an honest mistake?
Yes, though the penalty level can differ. The TCPA's private right of action allows $500 per call for standard violations and $1,500 for willful or knowing ones. Courts have found that systematic scrubbing failures, even without malice, can count as willful. Documented evidence of a good-faith program (written policy, regular scrubbing, training records) does factor into how courts and agencies judge willfulness and can shape settlement outcomes.
How does the FTC enforce DNC registry violations?
The FTC investigates complaints aggregated through donotcall.gov, can issue civil investigative demands, and sues violators in federal court under the FTC Act and the Telemarketing Sales Rule. The maximum civil penalty is $53,088 per violation as of 2025. The FTC also seeks injunctions and asset freezes in bad cases. State attorneys general can bring parallel actions, and consumers can sue privately under the TCPA without waiting for the agency.
If I buy leads from a third party, am I responsible for DNC compliance when I call those leads?
Yes, fully. The TCPA and TSR put responsibility on the entity making the call, not the one that generated the lead. Buy a list, call a registered number, and you're the violator, not the seller. Your vendor contract may give you indemnification rights, but that won't stop a consumer from suing you directly or the FTC from pursuing you. Scrub purchased lists against the current registry before dialing, whatever the seller claims.
Are there any calls that are completely exempt from DNC registry requirements?
Yes. The FTC's TSR exempts calls to consumers with an established business relationship (within 18 months of a transaction or 3 months of an inquiry), calls where the consumer gave prior express written permission, calls from certain exempt organizations (charities under the TSR), and most B2B calls. The TCPA has similar but not identical exemptions. No caller is ever exempt from keeping an internal DNC list or honoring individual opt-out requests.
Does registering on the DNC list stop all unwanted calls?
No. The registry stops telemarketing and sales calls from legitimate businesses that have to comply. It does nothing against scammers, robocallers who ignore the law, companies with an established business relationship, political calls, survey calls, or charities. Consumers still getting calls after registration can report them at donotcall.gov, but the registry is not a universal call blocker and never was.
Sources
- FTC, National Do Not Call Registry consumer information page: Consumers register at donotcall.gov or 1-888-382-1222; registration never expires
- FTC, National Do Not Call Registry Data Book FY 2024: Approximately 249 million phone numbers registered on the national DNC registry as of 2024
- FCC, 47 C.F.R. § 64.1200, Delivery restrictions on telephone solicitations: Telemarketers must honor the national registry, maintain internal DNC lists, and honor individual opt-out requests; EBR window is 18 months for transactions, 3 months for inquiries
- U.S. Congress, 47 U.S.C. § 227, Telephone Consumer Protection Act statutory text: TCPA private right of action allows $500 per violation, $1,500 for willful violations; autodialer restrictions apply to cell phones
- FTC, Fees for Access to the National Do Not Call Registry: Registry access costs $75 per area code per year, capped at $18,936 annually for all area codes
- FTC, Complying with the Telemarketing Sales Rule: Telemarketers must access updated registry data; numbers are added continuously and stale data creates compliance gaps
- FTC, Telemarketing Sales Rule, 16 C.F.R. Part 310: TSR requires scrubbing no more than 31 days before calls; recordkeeping requirements apply; statute of limitations for TCPA is 4 years
- FTC, Civil Penalty Adjustments 2025: Maximum civil penalty under the TSR is $53,088 per violation as of 2025, adjusted for inflation
- FTC, Do Not Call Registry complaint statistics and enforcement actions: FTC received more than 1.8 million DNC complaints in 2023; FTC sued a Florida operation for over 1 billion illegal robocalls in 2022
- National Conference of State Legislatures, State Do Not Call Laws: More than a dozen states maintain their own DNC registries with rules stricter than the federal floor