Last updated 2026-07-09

TL;DR
The FTC's National Do Not Call Registry is a free federal database of phone numbers whose owners have asked not to receive most telemarketing calls. Sellers and telemarketers must scrub their call lists against it every 31 days. Violations carry fines up to $53,088 per call as of 2024. Registering a number is free at donotcall.gov.
What is the FTC DNC registry and who runs it?
The National Do Not Call Registry is a database run by the Federal Trade Commission under the Telemarketing Sales Rule (16 CFR Part 310) [1]. Any consumer can register a residential or mobile number, and telemarketers have to stop calling that number within 31 days of registration [2].
The FTC and the FCC both have jurisdiction here, which confuses a lot of people. Here is how it breaks down: the FTC created and manages the registry through the Do-Not-Call Implementation Act of 2003 and the Telemarketing Sales Rule. The FCC enforces compliance for common carriers and applies parallel requirements under the TCPA (47 U.S.C. § 227) through its own rules [3]. Your outbound team has to satisfy both agencies.
The registry holds roughly 249 million active phone numbers as of the FTC's most recent Data Book [4]. That is not a list of people who happen to dislike calls. That is a list of people who took a deliberate step to opt out of telemarketing. Call even one of them without a legal basis and you hand the other side a loaded weapon.
The registry lives at donotcall.gov. Consumers register for free. Telemarketers pay a subscription fee to access the data, which I break down later in this article.
What law created the Do Not Call Registry?
Congress passed the Do-Not-Call Implementation Act in 2003, giving the FTC authority to charge fees for list access and to enforce violations [5]. The FTC's Telemarketing Sales Rule (TSR), first issued in 1995 and amended in 2003 to add the registry provisions, is the main regulatory vehicle [1].
The TCPA, passed in 1991 and codified at 47 U.S.C. § 227, is the parallel federal statute the FCC enforces. Section 227(c)(1) directs the FCC to "compare and reconcile" its rules with the FTC's "to maximize consistency" [3]. The two agencies coordinate, but their enforcement timelines and penalty structures differ in ways that matter to you.
The TSR defines telemarketing as a plan, program, or campaign to sell goods or services through more than one interstate telephone call. That definition catches most outbound sales operations. Business-to-business calls are partly exempt, but the exemption has limits that catch people off guard, especially when they call a consumer's cell phone that also gets used for work.
State law adds another layer. Many states run their own DNC lists with shorter grace periods, narrower exemptions, and higher per-call penalties. Call into Florida, Texas, or Indiana and you are playing by several rulesets at once. See our articles on the florida do not call list and the indiana do not call list for the state-specific rules.
How big is the registry and how fast is it growing?
The registry passed 200 million numbers in 2010 and reached roughly 249 million by the FTC's fiscal year 2023 Data Book [4]. That is about three-quarters of all U.S. phone numbers in active use.
Growth has slowed since the 2003 launch, when millions of consumers signed up in the first weeks. But the database keeps growing because registrations are permanent unless a consumer removes the number or the number gets reassigned. The FTC drops numbers that have been disconnected and reassigned, which is one reason you scrub against current data every 31 days rather than every quarter.
The practical read: if you call consumer numbers without first scrubbing against the dnc registry, your odds of hitting a registered number on a cold list are very high. On an aged consumer list, assume most numbers are registered.
Who is required to scrub against the registry?
Any seller or telemarketer under the TSR has to scrub. A seller is a person or entity that provides goods or services for payment and initiates or causes telemarketing calls. A telemarketer is anyone who initiates those calls on behalf of a seller [1].
This covers more people than most assume. Run a SaaS company where your SDRs cold-call consumer-facing prospects, and you are a seller. Hire an outsourced calling agency, and both you and the agency can be liable. The FTC has gone after principals and their vendors in the same action.
Exemptions exist for calls to businesses (though cell phones blur this line), calls under an established business relationship within 18 months of a purchase, calls to people who gave written consent, calls by tax-exempt nonprofit organizations, calls answering a consumer inquiry made in the past three months, and survey or polling calls where no sale happens [1].
The established business relationship (EBR) exemption does not last forever. Under the TSR, it expires 18 months after the last purchase or transaction, or three months after the consumer's last inquiry. Once it expires, you need consent or you stop calling.
One note: this article is general compliance information, not legal advice. Your situation may involve extra exemptions or restrictions depending on your industry and the states you call into.
How do you access and scrub against the FTC registry?
You access the data through the FTC's telemarketers-only portal at telemarketing.donotcall.gov [2]. You register as an organization, agree to the subscriber agreement, and pay the area code access fees.
Here is how the fees work. The first five area codes are free. Each additional area code costs $80 per year under the current fee schedule, and a subscription covering every U.S. area code costs $19,060 per year [2]. The FTC sets those fees and adjusts them periodically. If you only call into a handful of states, subscribe to just the area codes you actually dial and save the money.
Once you have access, you download the data for your subscribed area codes and compare it against your calling list. Any match means the number is registered and off-limits without an exemption (EBR, prior written consent, and so on).
The scrub has to happen every 31 days. Not every quarter. Not every month loosely defined. Every 31 calendar days. If your last scrub was 32 days ago and you call a registered number today, you have no safe harbor [1].
Most teams automate this through their CRM or a third-party compliance data provider. Do it by hand with spreadsheet lookups and you are one busy week away from letting the scrub lapse. For a walkthrough of getting the data, see how do i get the do not call list.
LeadCompliant's free number checker lets you verify individual numbers against the federal registry without a full subscription, which helps during list vetting before you commit to a download cycle.
What are the fines for calling a number on the DNC registry?
The maximum civil penalty under the TSR is about $51,744 per violation as of 2023, adjusted annually for inflation under the Federal Civil Penalties Inflation Adjustment Act [6]. Some sources cite $53,088 as the 2024 figure. The FTC publishes updated numbers in the Federal Register each January, so check the current year's notice for the exact ceiling.
That is per call. Not per campaign. Not per day. Per individual call to a registered number.
The FCC's parallel TCPA structure for willful or knowing violations under 47 U.S.C. § 227 runs $500 to $1,500 per call, with the $1,500 figure applying to willful violations [3]. TCPA also carries a private right of action, meaning consumers can sue directly without waiting for the FCC. Class actions are where the truly catastrophic exposure lives, with settlements routinely reaching seven or eight figures.
The FTC pursues these cases hard. Its enforcement docket includes multi-million-dollar judgments against operations that called registered numbers, and the Commission has sued multiple companies in a single sweep for alleged violations totaling tens of millions of dollars [7]. These are not edge cases.
The table below shows the financial thresholds you need to know:
| Penalty type | Amount | Authority |
|---|---|---|
| FTC / TSR max per violation | up to ~$51,744-$53,088 | 16 CFR 310 + annual adjustment |
| FCC / TCPA statutory damages | $500 per call | 47 U.S.C. § 227(c)(5) |
| FCC / TCPA willful violation | $1,500 per call | 47 U.S.C. § 227(c)(5) |
| TCPA class action settlements (range) | $1M-$75M+ | Private right of action |
See our breakdown at do not call list report for what happens after a consumer complaint lands with the FTC.
How do consumers register a number on the DNC list?
Any consumer with a residential or mobile number can register at donotcall.gov or by calling 1-888-382-1222 from the number they want to register [2]. Registration is permanent. The FTC does not require re-registration, though it did in the program's early years.
Mobile numbers can be registered. The idea that cell phones sit outside the DNC registry is a myth that has cost companies real money. If a consumer registers a cell number, you honor it [8]. For more on cell phone coverage, see mobile phone do not call list.
Registrations take effect within 31 days. During that first 31-day window, a telemarketer is technically allowed to call. Most compliance teams flag numbers the moment they register anyway, to dodge the PR and litigation risk of calling someone who just asked to be left alone.
Consumers can also report violations through the same donotcall.gov portal. The FTC uses those complaints to spot patterns and build enforcement cases. A spike in complaints about a single company or phone number is one of the main ways the FTC picks its investigation targets.
Does the DNC registry cover SMS text messages?
This one is genuinely complicated. The FTC's Telemarketing Sales Rule applies to telephone solicitations, which the TSR frames in terms of calls. Text messages sit in a gray zone under the TSR.
The FCC's TCPA rules, though, plainly cover texts to cell phones. Under 47 U.S.C. § 227(b)(1)(A), sending a text to a cell phone with an automatic telephone dialing system (ATDS) without prior express consent is prohibited, regardless of whether the number is on the DNC registry [3]. The 2021 Supreme Court decision in Facebook v. Duguid narrowed the ATDS definition, but consent is still the rule for most mass-SMS campaigns [9].
The practical answer: DNC registry status governs voice calls. TCPA consent requirements govern SMS separately. A number that is not on the DNC registry can still be protected against unsolicited texts under the TCPA. You need both a DNC scrub and a consent check to cover outbound fully.
There is also the FTC's 2024 TSR amendment on one-to-one consent for lead generators. That rule requires consent to be specific to the seller making the call, not bundled into a generic form [10]. The change hits text campaigns as hard as voice for covered sellers.
What exemptions let you call DNC-registered numbers?
Four exemptions carry most of the weight, and each one has conditions that are easy to blow through.
First, prior written consent. If the consumer gave you written consent to call their specific number, the registration does not block the call. The consent has to be written (electronic is fine), clear, specific to your company (after the FTC's 2024 amendment, a general opt-in shared across sellers no longer counts for TSR purposes), and not revoked [10].
Second, established business relationship. You can call within 18 months of the last purchase, payment, or delivery, or within three months of the consumer's last inquiry. Once either clock runs out, the EBR is gone. You cannot stack EBRs or reset the clock with token contact.
Third, B2B calls. Calls to businesses fall outside the DNC registry provisions of the TSR. But call a person on their personal cell phone and the business exemption gets slippery, even when the call's purpose is commercial on its face.
Fourth, certain regulated industries. Insurance, financial services, and other sectors have carve-outs under some state laws, but the federal TSR exemptions are narrow. Do not assume your industry is exempt without reading the actual regulatory text for your sector.
The do not call telemarketer list article goes deeper on the internal suppression lists telemarketers must keep on top of the federal registry.
What is the difference between the FTC DNC registry and an internal do-not-call list?
The federal registry is the government-run database. An internal do-not-call list is a company-level suppression list you keep separately, and you are required to maintain it.
Under the TSR, any seller or telemarketer that gets a do-not-call request straight from a consumer (the person asks during a call to never be called again) has to add that number to the internal list and honor it immediately and permanently [1]. That requirement holds even for companies that qualify for an exemption from the national registry, like nonprofits.
The two lists stack. You scrub against the national registry every 31 days, and you scrub against your own internal suppression list before every outbound call. Companies that conflate the two, or forget the internal list entirely, create liability on top of any registry problem.
For company-specific number lookup and suppression workflows, see do not call list number.
How do state DNC lists interact with the federal registry?
Around 14 states run their own separate Do Not Call registries alongside the federal list [11]. States with active independent lists include Florida, Indiana, Pennsylvania, Texas, and Wyoming, among others. In most cases you scrub against both the federal registry and any state list for the states you call into.
State lists often run stricter. Pennsylvania's list, for example, covers intrastate calls by state-registered telemarketers and has its own registration and fee requirements separate from the federal system [11]. Indiana's list has its own enforcement arm and penalty schedule.
Some states also set shorter EBR windows, narrower exemptions, or lower consent thresholds. Treat the federal rules as a floor, not a ceiling, and research every state where you have real call volume. See do not call list pa for Pennsylvania specifics, and government do not call list for how federal and state lists sit together.
Building a compliance stack for multi-state outbound? A data provider that aggregates both federal and state lists earns the subscription cost. Running two separate scrub processes by hand is exactly where gaps open up.
How does the FTC enforce DNC violations and what triggers an investigation?
The FTC finds targets mostly through consumer complaint data in its Consumer Sentinel Network, which also pulls in complaints from the FCC, state attorneys general, and other agencies [7]. When a company's number generates a high volume of DNC complaints in a short window, it rises to the top of the enforcement queue.
The FTC also runs robocall honeypot systems, where registered numbers get answered by automated systems that record the calls, capture the originating numbers, and trace the call chain back to the seller or telemarketer.
Once an investigation opens, the FTC has subpoena power to demand call records, consent documentation, scrub logs, and lead-generator contracts. This is where companies with sloppy records get destroyed. If you cannot produce a scrub log showing you checked the registry within 31 days of the offending call, you have no safe harbor defense.
The FTC's authority reaches both the corporate entity and the individual officers and owners who knew about or controlled the violations. Personal liability is real in DNC enforcement.
The FTC's Do Not Call Data Book, published each fiscal year, includes complaint volume, enforcement summaries, and industry breakdowns. Read the latest one and you get a clear picture of which industries are drawing the most heat right now [4].
How should a small outbound team set up a compliant DNC scrub process?
Start with the data subscription. Call into more than five area codes and you need a telemarketers subscription at telemarketing.donotcall.gov [2]. Budget $80 per area code per year, or the flat $19,060 for national access.
Then build the scrub into your list intake, not as a manual step someone remembers to do. Every list that enters your CRM should carry the date of its last DNC scrub. Any list older than 31 days triggers an automatic re-scrub before dialing. If your CRM cannot enforce that calendar rule on its own, your data provider or a middleware tool can handle it.
Document everything. Keep scrub logs with timestamps. Keep consent records with timestamps and source documentation. Keep your internal suppression list, and log every entry with the date, reason, and agent who added it. Documentation does not stop violations from happening, but it is your entire defense if you are ever investigated.
Train your callers on the immediate opt-out rule. If a consumer says "stop calling me" or any reasonable version of it, that is an instant add to the internal suppression list. The caller should not push back, promise to confirm on a follow-up call, or wait until the end of a shift to log it.
LeadCompliant's compliance kit includes a DNC scrub workflow template and a consent documentation checklist that small teams have used to build this process from scratch. You can also use the ftc do not call list article for a focused walkthrough of registry access.
For the do not call list as a broader concept, including what it covers and how it interacts with different call types, the do not call list article covers the fundamentals.
Frequently asked questions
How do I register my number on the FTC Do Not Call Registry?
Go to donotcall.gov or call 1-888-382-1222 from the number you want to register. Registration is free, takes effect within 31 days, and is permanent. You can register both residential landlines and mobile numbers. There is no need to re-register unless your number is reassigned to a new subscriber.
How much does it cost telemarketers to access the DNC registry?
Access to the first five area codes is free. Each additional area code costs $80 per year. A national subscription covering all U.S. area codes costs $19,060 per year. These fees are set by the FTC under the Do-Not-Call Implementation Act and are adjusted periodically. Small teams calling into only a few states can save by subscribing to only those area codes.
How often do telemarketers have to scrub against the registry?
Every 31 calendar days. The FTC's safe harbor for good-faith compliance requires that the call list was scrubbed no more than 31 days before each call was made. A scrub conducted 32 days ago does not count. Most compliance teams set automated reminders or build scrub triggers into their CRM intake workflow to prevent lapses.
Can I still call a number on the DNC registry if we have done business before?
Yes, under the established business relationship (EBR) exemption, but only within 18 months of the last purchase, payment, or delivery, or within three months of the consumer's last inquiry to you. Once either window closes, the EBR expires and you cannot call the registered number without fresh written consent from the consumer.
Does the DNC registry apply to text messages?
Not directly under the TSR, which governs the registry. However, the TCPA (47 U.S.C. § 227) independently restricts unsolicited texts to cell phones sent via autodialer without prior express consent. In practice, you need a DNC scrub for voice calls and a separate consent check for SMS campaigns. One does not substitute for the other.
What is the maximum fine for calling a number on the DNC registry?
Under the FTC's Telemarketing Sales Rule, the maximum civil penalty is approximately $51,744 to $53,088 per violation (each individual call), adjusted annually for inflation. The FCC can also impose $500 to $1,500 per call under TCPA. These are per-call figures, not per-campaign. A single mass-dial run against an unscrubbed list can produce enormous aggregate liability.
Are business-to-business calls exempt from the DNC registry?
Calls to a business as an entity are generally exempt from the national registry requirements under the TSR. However, the exemption has limits. If you are calling a person on their personal cell phone, even for a business purpose, you may trigger TCPA obligations. The B2B exemption is not a blank pass for calling mobile numbers of individual professionals.
What happens if a consumer complains about a DNC violation?
Consumers file complaints at donotcall.gov. The FTC aggregates complaint data in its Consumer Sentinel Network and uses it to identify investigation targets. A single complaint rarely triggers direct action, but a pattern of complaints about the same company or phone number can prompt a formal investigation. The FCC also receives TCPA complaints and refers cases to enforcement.
Do nonprofits have to follow DNC registry rules?
Tax-exempt nonprofits under 501(c)(3) are exempt from the national registry requirements when calling to solicit charitable donations. However, they must still maintain their own internal do-not-call list and honor immediate opt-out requests. If a nonprofit uses a commercial telemarketer to make calls on its behalf, the rules around that relationship get more complicated and require careful review.
How does the FTC find out if a company is violating the DNC registry?
Primarily through consumer complaint data from donotcall.gov, aggregated in the Consumer Sentinel Network, which is shared with state attorneys general and the FCC. The FTC also uses honeypot phone systems that record calls to registered numbers. When complaint patterns point to a specific company or call originator, that typically triggers an investigation with subpoena power for records and documentation.
Is there a state-level DNC list in addition to the federal registry?
Yes. Approximately 14 states maintain their own Do Not Call lists with separate registration requirements, fees, and enforcement. States include Florida, Indiana, Pennsylvania, Texas, and Wyoming, among others. For calls into those states, you need to scrub against both the federal registry and the applicable state list. State rules often have stricter exemptions or shorter EBR windows than federal rules.
What records do I need to keep to prove DNC compliance?
You need timestamped scrub logs showing each list was checked against the federal registry no more than 31 days before dialing. You need consent records with date, source, and specific consent language for any calls made under the prior written consent exemption. You also need your internal suppression list with dated entries. The FTC can demand all of this during an investigation.
What is the difference between the FTC Do Not Call Registry and the FCC's TCPA rules?
The FTC runs the registry under the Telemarketing Sales Rule and enforces it through the FTC Act. The FCC enforces TCPA (47 U.S.C. § 227), which covers autodialers, prerecorded voice calls, and text messages to cell phones. Both agencies coordinate under a statutory mandate to maximize consistency, but they have separate penalty structures and enforcement timelines. Outbound teams need to satisfy both.
Sources
- FTC, Telemarketing Sales Rule (16 CFR Part 310): Sellers and telemarketers must scrub call lists against the registry every 31 days; internal DNC list requirements; exemptions including EBR and prior written consent
- FTC, National Do Not Call Registry (donotcall.gov): Registry access fees ($80 per area code, $19,060 national), 31-day scrub requirement, consumer registration at donotcall.gov or 1-888-382-1222
- Legal Information Institute / Cornell, 47 U.S.C. § 227 (TCPA): TCPA private right of action, $500-$1,500 per violation, FCC/FTC coordination requirement, prohibition on autodialed calls to cell phones without consent
- FTC, National Do Not Call Registry Data Book (fiscal year reports): Registry holds approximately 249 million active phone numbers; complaint volume and enforcement data by fiscal year
- FTC, statutes enforced by the Commission (Do-Not-Call Implementation Act of 2003): Congressional authorization for FTC to create registry, charge access fees, and enforce violations
- FTC, rules and Federal Register civil penalty inflation adjustments: Maximum TSR civil penalty of approximately $51,744 per violation as of 2023, adjusted annually under the Federal Civil Penalties Inflation Adjustment Act
- FTC, Cases and Proceedings (DNC enforcement actions): FTC enforcement cases including multi-million-dollar judgments for DNC registry violations; Consumer Sentinel Network as complaint aggregation system
- FTC Consumer Advice, National Do Not Call Registry: Mobile phone numbers can be registered on the national DNC registry; registration is free and permanent
- Supreme Court of the United States, Facebook, Inc. v. Duguid, 592 U.S. 395 (2021): Supreme Court narrowed ATDS definition under TCPA in 2021, requiring a device to use a random or sequential number generator to qualify
- FTC, News and press releases (2024 Telemarketing Sales Rule amendments): 2024 TSR amendment requires consent to be specific to the individual seller; bundled lead-generator consent forms no longer sufficient; effective January 2025
- National Association of Attorneys General, State Do Not Call Registry overview: Approximately 14 states maintain independent DNC registries with separate fees, registration requirements, and enforcement; includes Florida, Indiana, Pennsylvania, Texas