Last updated 2026-07-09

TL;DR
The National Do Not Call Registry is a federal database run by the FTC where US consumers register phone numbers to block most commercial telemarketing calls. Telemarketers must scrub their lists against it every 31 days. Each violating call can cost up to $51,744. Consumer registration is free and permanent. Sellers pay annual fees to download the data.
What is the National Do Not Call Registry and who runs it?
The National Do Not Call Registry is a federal database where US residents list phone numbers they do not want commercial telemarketers calling. The Federal Trade Commission built it and runs it under the Do-Not-Call Implementation Act of 2003 [1]. That same year, the FCC adopted parallel rules under the Telephone Consumer Protection Act (TCPA), codified at 47 U.S.C. § 227, so DNC compliance is enforceable by both agencies at once [2].
The registry holds about 249 million active phone numbers as of the FTC's most recent Data Book [3]. That count has grown every year since the registry opened in June 2003.
Think of it as a national opt-out list. A consumer adds a number once and the protection holds indefinitely. Telemarketers then have to check whether a number is on the list before dialing. No expiration. No renewal fee for consumers. No re-registration.
Two agencies split enforcement. The FTC brings most civil penalty actions against telemarketers who call registered numbers without a valid exemption. The FCC enforces the rules that apply to auto-dialed or prerecorded calls under the TCPA. State attorneys general can sue on behalf of their residents too [4]. That three-way structure is why ignoring the registry is genuinely dangerous. You can face federal civil penalties, FCC forfeitures, and private lawsuits over the same calls.
For a wider look at how the do not call list fits into your compliance program, that article covers the full consumer-facing side.
How does a consumer register a number on the DNC registry?
Registration is free and takes about two minutes. Consumers go to donotcall.gov or call 1-888-382-1222 from the number they want to register [3]. Online registration allows up to three numbers per email address in one session. Phone registration handles one number at a time, which works for people who cannot or will not go online.
Registration takes effect within 31 days of sign-up. So a consumer who registers July 1 should stop getting most telemarketing calls by August 1. Some callers treat this as a grace period. Legally, it is a processing window, not permission to keep calling during those 31 days.
Numbers stay on the registry permanently. The FTC dropped the five-year expiration that existed in the early version. Cell phones, landlines, and VoIP numbers all qualify. There is no separate mobile-only list at the federal level, though some states run their own wireless registries. You can read more about how the mobile phone do not call list rules apply to cell numbers.
If a consumer sells or transfers a number to someone else, the new subscriber can request removal, but the default is that the number stays registered. That matters for callers. Never assume a recycled number is clean.
Who is legally required to check the DNC registry before calling?
Any "seller or telemarketer" making outbound telephone solicitations to US consumers has to check the registry [1]. The FTC's Telemarketing Sales Rule (TSR), 16 C.F.R. Part 310, defines a telemarketer as any person who calls consumers on behalf of a seller as part of a plan to induce the purchase of goods or services [5].
The obligation covers B2C calls and, in some cases, B2B calls where the person you reach is acting as a consumer rather than in a business role. Pure B2B calls to business numbers are generally exempt. But calling a sole proprietor at a home number is not automatically exempt just because you're selling a business product.
Who has to comply: for-profit businesses making sales calls, lead generation companies calling consumers to feed leads to sellers, and third-party call centers dialing on a seller's behalf. The seller is liable even when a vendor makes the calls. Read that twice. Outsourcing the dialing does not outsource the legal risk.
The ftc do not call list article goes deeper on which entities fall under the FTC's jurisdiction versus the FCC's.
What exemptions exist to the DNC registry rules?
Several categories of callers are either fully exempt or operate under modified rules.
Charities calling on their own behalf are exempt from the federal DNC registry requirements, though some state laws are stricter [5]. Political calls are exempt because the First Amendment complicates regulating political speech. Survey and research calls that make no sales pitch are also exempt, as are calls from companies with an established business relationship (EBR) with the consumer.
The EBR exemption is the one most commercial callers reach for, and the one they misapply most. Under the TSR, an established business relationship gives you 18 months from the date of the last purchase, delivery, or payment to call a customer even if their number is on the registry. An inquiry or application without a purchase gives you only 3 months [5]. The clock resets if the consumer transacts again inside that window.
There is also the prior express written consent exemption. If the consumer gave you written permission to call, the DNC listing does not bar the call. But that consent has to meet specific requirements, and the TCPA rules for auto-dialed calls set an even higher bar. Getting consent right is its own discipline. See what qualifies as an established do not call telemarketer list exemption for a practical breakdown.
Insurance agents, mortgage originators, and financial services firms sometimes assume they have broader exemptions because another agency regulates them. They don't. FINRA, the OCC, and state insurance regulators do not preempt the FTC and FCC DNC rules.
| Exemption type | Duration / condition | Source |
|---|---|---|
| Established business relationship (purchase) | 18 months from last transaction | TSR 16 CFR 310.4(b)(1)(iii)(B) |
| Established business relationship (inquiry only) | 3 months from inquiry date | TSR 16 CFR 310.4(b)(1)(iii)(B) |
| Prior express written consent | Indefinite, until revoked | TCPA 47 U.S.C. § 227 |
| Charitable organization (own calls) | Full exemption | TSR 16 CFR 310.6(a) |
| Political calls | Full exemption | First Amendment, FCC guidance |
| B2B calls (true business-to-business) | Generally exempt | TSR 16 CFR 310.6(b) |
How do telemarketers get access to the DNC registry data?
Telemarketers get the registry through the FTC's business portal at telemarketing.donotcall.gov [3]. You register your organization, pay the fee, and download the data for the area codes you need.
The fee is based on area codes, not the number of records. Under the current schedule, one area code costs $75 per year. Each additional area code adds to the bill, capped at $18,936 for the right to access every US area code for a year [3]. If you only dial into three or four states, buying just those area codes is far cheaper than full national access.
You have to scrub your call lists against the downloaded data at least every 31 days. The registry updates daily, so the 31-day rule means you cannot run a list for 45 days against a month-old download. If you download on the first of the month and call a number that registered on the second of the previous month, you are in violation. Plenty of compliance teams scrub weekly or daily just to kill that timing risk.
For a step-by-step guide on pulling the actual file, see how do i get the do not call list.
Even with a valid EBR or written consent, you still need to access the registry and document why each called number is exempt. If you cannot produce your scrub records and exemption basis in an enforcement action, you lose.
What are the penalties for violating the DNC registry?
The FTC's civil penalty for each Telemarketing Sales Rule violation is currently up to $51,744 per call [6]. The FCC's maximum forfeiture for TCPA violations tracks similarly and gets adjusted for inflation under the Federal Civil Penalties Inflation Adjustment Act.
Those are per-call maximums. A campaign that dials 10,000 registered numbers with no valid exemption can theoretically generate $517 million in FTC exposure. Courts rarely stack the absolute maximum on every call, but multi-million dollar settlements are common. The FTC has collected more than $1.5 billion in civil penalties from DNC violators since the registry launched, though some judgments stay uncollected because defendants have no assets [3].
Private citizens can sue under the TCPA too: $500 per negligent violation, $1,500 per willful violation, per call or text [2]. Class actions are the real money threat. One campaign can produce a class of tens of thousands of plaintiffs. Several TCPA class actions have settled in the $30 million to $75 million range.
State penalties stack on top of federal ones. Florida's Telephone Solicitation Act, for example, allows up to $500 per violation with a private right of action, separate from any federal claim [7]. Call into multiple states and you are under multiple penalty regimes at the same time.
The FTC's public case list shows hundreds of completed actions. Ameridebt, Caribbean Cruise Line, and Dish Network are among the bigger defendants. Dish Network paid $280 million in a 2017 settlement, still one of the largest DNC-related penalties on record [3].
For more on do not call list report procedures and how complaints trigger investigations, that article walks through the consumer complaint pipeline.
Does the DNC registry cover text messages and robocalls?
Yes, texts and robocalls are covered, though the legal frame differs a bit from live-agent voice calls.
The DNC registry applies to "telephone solicitations," which the FTC reads broadly enough to include text messages that count as solicitations [5]. The TCPA's separate rules go further. Section 227(b) bars using an automatic telephone dialing system (ATDS) or prerecorded voice to call any residential line or cell phone without prior express consent [2]. That ban is separate from and on top of the DNC registry requirement.
So a robocall or text blast to a cell number carries two layers of risk. One, the DNC registry rule if the number is registered. Two, the TCPA's ATDS and consent rule no matter the DNC status. A cell number that is not on the registry can still trigger TCPA liability if you used an autodialer without consent.
The FCC has tightened what counts as an ATDS in recent years, with ongoing litigation after the Supreme Court's 2021 decision in Facebook v. Duguid narrowed the definition [12]. Even post-Duguid, most modern dialing platforms qualify under at least some court readings. Assuming Duguid exempts you from the ATDS rules is legally risky.
For SMS work, the rules on consent, opt-out handling, and carrier filtering run somewhat separately from the DNC registry. The registry is a necessary check. It is not sufficient compliance for a text campaign on its own.
How does the DNC registry interact with state do not call lists?
More than 30 states run their own do not call registries or have DNC laws that go past the federal rules [8]. The federal registry is a floor, not a ceiling. Where a state law is stricter, the stricter rule applies to calls made into that state.
Indiana's Telephone Solicitation of Consumers law, for one, has provisions the federal rules do not mirror exactly, and compliance means scrubbing against Indiana's state list separately [9]. Pennsylvania runs a state DNC list through its Attorney General's Bureau of Consumer Protection [10]. Florida's Telephone Solicitation Act adds calling-time restrictions and specific disclosure requirements [7].
Some states charge separate fees for their list data. Others hand it over free. A few keep no separate registry and lean entirely on the federal list. The patchwork is real, and a national outbound program that only checks the federal registry is not fully compliant.
The workflow for a multi-state team is straightforward. Scrub against the federal registry first, which removes the largest block of numbers. Then scrub against the relevant state lists for each number's area code or the state you're calling into. Keep records of every scrub.
Check the specifics for your states: florida do not call list, indiana do not call list, and do not call list pa cover those three in depth.
What internal do not call list requirements exist beyond the federal registry?
Beyond the federal and state registries, the TSR requires every seller and telemarketer to keep its own internal do not call list [5]. If a consumer tells you during a call that they do not want to be called again, you have to add their number to your internal list and honor the request for at least five years. Calling that person back is a violation no matter what the federal registry says.
The internal list requirement has teeth the federal registry sometimes misses. A consumer might never register with the FTC but tells your agent "never call me again." From that moment, your legal obligation is the same as if they were on the national registry.
You also need written policies describing how you keep and honor the list, and you have to train anyone who makes or supervises telemarketing calls on those policies. In an enforcement action or lawsuit, the plaintiff's attorney will subpoena your written DNC policy and training records immediately. If you don't have them, that absence itself becomes evidence of willfulness.
Good teams keep the internal list inside the CRM with a timestamp and source for every entry ("consumer requested on call dated X"), and they scrub against it at the same moment they scrub the federal registry.
What records should you keep to prove DNC compliance?
Documentation is where most enforcement cases are won or lost for the defending company. The FTC and FCC both pull records when investigating complaints, and private plaintiffs in class actions go after this data in discovery on day one.
At a minimum, keep:
1. Date and area codes for every registry scrub, with a log showing the file version you downloaded. 2. The call list before and after scrubbing, to show which numbers came out. 3. Exemption documentation for any registered number you called anyway (EBR transaction records, consent capture with timestamps). 4. Your internal DNC list with timestamps for every add and the reason for the entry. 5. A written do not call policy, dated and version-controlled. 6. Training records showing which employees finished DNC compliance training and when.
The TSR requires you to keep telemarketing records for 24 months [5]. Many teams keep them longer because TCPA class actions can be filed up to four years after the violation under federal law, and some states allow longer.
The dnc registry article has a tighter checklist you can print and post at a call center workstation.
LeadCompliant's free compliance kit includes a DNC policy template and a record-keeping log built to cover both the TSR 24-month requirement and the TCPA's longer exposure window. If you want to build your documentation stack without starting from a blank page, that is a reasonable place to begin.
How do you handle DNC compliance for a third-party lead or purchased list?
Buying a lead list or taking leads from a third-party generator does not move the compliance obligation onto the vendor. The seller is liable for calls made on its behalf, full stop [5].
When you buy a list, the vendor usually scrubs against the DNC registry before delivery. But if that scrub happened 45 days ago and your campaign runs today, the scrub is stale. Re-scrub any purchased list before dialing, even when the vendor certifies it was clean at delivery.
Some lead vendors sell "DNC-compliant" lists. That is a marketing claim, not a legal guarantee. The obligation runs to you, not the vendor. Call a registered number from a vendor's list and you own the violation, not them, unless you have a specific indemnification agreement and can actually collect on it.
Prior express written consent from a third-party lead is legally fragile too. To protect you under both the TSR and the TCPA, the consent has to name your company or the category of seller specifically [2]. Generic consent to "receive calls from partners" has been rejected by courts and is not enough. The FCC's one-to-one consent rule requires consent to be obtained for each individual seller by name, not bundled [11]. That rule tightens what third-party leads are worth in legal terms.
The safest posture with third-party lists: re-scrub yourself, verify the consent paperwork actually names your company, and keep copies of all of it.
What does DNC compliance look like as a day-to-day process?
For most small outbound teams, the workflow looks like this.
Pull the federal DNC registry data for the area codes you call at least monthly, ideally weekly. Download it in the format your dialer or CRM accepts (most platforms take the FTC's .txt file). Run your calling list through the scrub before every campaign launch, more often than monthly. Tag any removed numbers in your CRM so a future vendor list doesn't re-add them.
Add state list scrubs to the same workflow for the states you dial heavily. The effort is lower than it sounds, because the big-population states (California, Texas, Florida, New York) hold the most registered numbers and carry the highest litigation risk. Prioritizing those four covers a large share of your national exposure.
Set up your CRM or dialer to flag any inbound "do not call" request in real time and add the number to your internal list right then, not in a Friday batch job. Batch processing opens a window of violation.
Run a quarterly internal audit. Pull 50 random call records from the past 90 days and verify each number was either off the registry at call time or had a documented valid exemption. Find a gap, fix the process before an enforcement action tells you to.
For the government do not call list data access process, including how to set up your account on the FTC portal, that article has the step-by-step.
Frequently asked questions
How many numbers are on the US DNC registry?
The National Do Not Call Registry holds about 249 million active phone numbers as of the FTC's most recent Data Book. The count has grown every year since the 2003 launch. Both landlines and cell phones can be registered, and numbers stay on the list permanently with no expiration or renewal required for consumers.
Is the DNC registry free for consumers to use?
Yes. Consumers register for free at donotcall.gov or by calling 1-888-382-1222. No fee, no expiration, no renewal. Registration takes effect within 31 days. Businesses that want the registry data to scrub their calling lists do pay annual fees, but those fees fall on the caller, never the consumer.
How often must telemarketers scrub their lists against the DNC registry?
At least every 31 days. The FTC's Telemarketing Sales Rule requires call lists to be checked against a version of the registry downloaded no more than 31 days before the call. Most compliance-conscious teams scrub more often, usually weekly, to avoid calling a number that registered right after the last download.
What is the fine for calling a number on the DNC registry?
The FTC's civil penalty is up to $51,744 per call. The FCC can impose similar forfeitures under the TCPA. Private individuals can also sue for $500 per negligent violation or $1,500 per willful violation, per call. These penalties are per-call, so one campaign with thousands of registered numbers in the list can create enormous exposure.
Does the DNC registry apply to cell phones?
Yes. Cell phones can be registered on the federal DNC registry and carry the same protections as landlines. Cell numbers also get a separate layer of protection under the TCPA's autodialer rules, which require prior express consent regardless of DNC status. Calling a cell number with an autodialer and no consent is a TCPA violation even if the number is not on the registry.
Can a business call a customer who is on the DNC registry?
Yes, under the established business relationship (EBR) exemption. If the customer made a purchase within the past 18 months, or an inquiry within the past 3 months, you can call even if their number is registered. Prior express written consent is another valid basis. Document which exemption applies; calling without documentation is treated the same as calling with no exemption at all.
Does registering on the DNC list stop all unwanted calls?
No. The registry blocks commercial telemarketing from for-profit businesses. It does not stop political calls, charitable solicitations, survey calls, informational calls, or calls from companies with an existing business relationship. Scammers and illegal robocallers ignore the registry entirely. Consumers who still get calls after registering can report them at donotcall.gov.
Do businesses need to pay to access the DNC registry?
Yes. Businesses access the registry at telemarketing.donotcall.gov and pay $75 per area code per year. The fee is capped at $18,936 for national access to all US area codes. Organizations calling a limited geographic area can save money by buying only the area codes they need. Charities calling on their own behalf may qualify for free access.
How do I look up whether my number is on the DNC registry?
Go to donotcall.gov and use the verification tool. Enter your phone number and you'll see whether it's registered and the date it was added. If it is not registered, you can register on the same page. Businesses cannot use this tool to scrub call lists; they must download the full registry data through the paid business portal.
Are text messages covered by the DNC registry?
Text messages that count as solicitations fall under the FTC's definition of a telephone solicitation and are subject to DNC registry rules. They are also separately regulated under the TCPA's autodialer rules, which require prior express written consent to send marketing texts to cell numbers. Both layers apply; passing one check does not clear the other.
Does each state have its own DNC registry?
More than 30 states maintain separate DNC registries or have state DNC laws that add requirements beyond the federal rules. Call into those states and you must scrub against both the federal registry and the applicable state list. Indiana, Pennsylvania, and Florida each run their own lists with separate enforcement authority. Federal compliance alone is not enough for multi-state calling.
What happens if a third-party lead vendor provides a list that includes DNC numbers?
You are still liable. The seller is responsible for compliance no matter where the list came from. Any purchased list has to be re-scrubbed against the current registry before you dial. Vendor certifications of DNC compliance are not a legal defense; they only help if you have an indemnification agreement and can collect on it. Re-scrub every list, every time.
How long does a business need to keep DNC compliance records?
The FTC's Telemarketing Sales Rule requires 24 months of record retention for telemarketing records. Because TCPA class actions can be filed up to four years after a violation under federal law, most compliance attorneys recommend keeping scrub logs, exemption documentation, and internal DNC lists for at least four years. Some state statutes allow even longer windows.
What is the difference between the FTC and FCC DNC rules?
The FTC enforces DNC rules through the Telemarketing Sales Rule for commercial sellers and telemarketers. The FCC enforces the TCPA's rules, which focus on automated dialing technology and prerecorded calls. Both agencies can act on the same violation. The FCC's rules matter most for robocalls and texts; the FTC's rules cover the broader definition of telemarketing.
Sources
- FTC, Do-Not-Call Implementation Act (15 U.S.C. § 6151): The FTC operates the National Do Not Call Registry under the Do-Not-Call Implementation Act of 2003
- Cornell LII, 47 U.S.C. § 227 (TCPA statute text): TCPA 47 U.S.C. § 227 prohibits using an ATDS or prerecorded voice to call residential or cell lines without prior express consent; private right of action $500/$1,500 per violation
- FTC, National Do Not Call Registry Data Book FY 2023: Registry holds approximately 249 million active numbers; area code access costs $75/year, capped at $18,936 for national access; Dish Network paid $280 million in 2017 settlement
- FTC, Telemarketing Sales Rule Overview: State attorneys general can bring DNC enforcement actions on behalf of residents under the TSR
- FTC, Telemarketing Sales Rule 16 C.F.R. Part 310: TSR defines telemarketer and seller obligations, EBR durations (18 months/3 months), exemptions for charities, and 24-month record retention requirement; internal DNC list must be honored for 5 years
- FTC, Civil Penalty Inflation Adjustments (Federal Register annual rule): FTC civil penalty for each TSR/DNC violation is currently up to $51,744 per call
- Florida Legislature, Florida Telephone Solicitation Act (§ 501.059, F.S.): Florida's Telephone Solicitation Act imposes up to $500 per violation with a private right of action, separate from federal claims
- NCSL, State Telemarketing and Do Not Call Laws: More than 30 states maintain their own DNC registries or laws that exceed federal requirements
- Indiana Attorney General, Consumer Protection Division: Indiana's Telephone Solicitation of Consumers law requires separate compliance with Indiana's state DNC list
- Pennsylvania Office of Attorney General, Consumer Protection: Pennsylvania runs a state Do Not Call list through the Attorney General's Bureau of Consumer Protection
- Supreme Court of the United States, Facebook, Inc. v. Duguid, 592 U.S. 395 (2021): Facebook v. Duguid (2021) narrowed the definition of an ATDS under the TCPA but did not eliminate autodialer liability