Last updated 2026-07-09

TL;DR
The FTC's National Do Not Call Registry is a free federal database of phone numbers whose owners asked not to get most telemarketing calls. Telemarketers must scrub their call lists against it every 31 days. Violations cost up to $53,088 per call as of 2024. Registering your own number is free at donotcall.gov and takes about 30 seconds.
What is the FTC Do Not Call list, exactly?
The National Do Not Call Registry is a federal database run by the Federal Trade Commission. Consumers add their phone numbers to it to say they don't want most commercial telemarketing calls. Congress created it in 2003 through the Do-Not-Call Implementation Act, which directed the FTC to build and operate the registry and gave the FCC parallel authority over related rules under 47 U.S.C. § 227, the Telephone Consumer Protection Act [1][2].
The registry is not a block list. Your phone company doesn't filter anything. It's a legal notice system. Any telemarketer covered by the rules has to check the list and skip the numbers on it. Whether they actually do is a separate enforcement question.
The registry holds more than 249 million active registrations, according to the FTC's most recent Data Book [3]. That number has grown every year since the registry opened. Most people register once and never think about it again, which is the whole point. The burden sits on callers, not consumers.
For how all the do-not-call databases fit together, see our guide to the do not call list.
Who runs the do not call list, the FTC or the FCC?
Both agencies have authority, and that trips up a lot of people. The FTC operates the registry itself at donotcall.gov. The FCC enforces the TCPA rules that require telemarketers to honor the list when calling wireless numbers, and it runs its own do-not-call obligations under 47 U.S.C. § 227 [2].
The FTC brings most of the civil enforcement actions against telemarketers who ignore the registry. The FCC handles the broader robocall and text complaints, especially anything involving autodialing or prerecorded messages to cell phones. State attorneys general can sue too, under the TCPA's private right of action.
Here's the short version for a telemarketer. You worry about both agencies. Ignoring the registry is an FTC problem. Autodialing or texting without proper consent is an FCC and private-lawsuit problem. The two bodies of law overlap and reinforce each other. They don't run in separate lanes.
For questions about the government do not call list and its official infrastructure, that's the right place to start.
How does a consumer register a number on the donotcall.gov list?
Registration is free and permanent. Go to donotcall.gov, enter up to three phone numbers per email address, and click the confirmation link. Your number goes into the active registry within 24 hours, and telemarketers have to stop calling within 31 days of that date [10].
You can also register by calling 1-888-382-1222 from the number you want to add. Phone registration puts you in the system immediately, though the same 31-day grace period still applies before callers must drop you.
Registration used to expire after five years. Congress killed the expiration date in 2008 with the Do-Not-Call Improvement Act, so your number now stays on the list forever unless you remove it or the number gets disconnected and reassigned [11]. Reassigned numbers are a real compliance headache for callers, which is its own topic.
One thing people get wrong: registering does not stop every unwanted call. Political groups, charities, survey companies, and businesses you already deal with are all exempt. More on those below.
For a step-by-step consumer walkthrough, see do not call list number.
Which calls are actually prohibited, and what are the exemptions?
The rules ban for-profit commercial telemarketers from calling any number on the registry. That's the core prohibition. But the exemptions run wide enough that plenty of people still get calls after they register and wonder why.
Exempt callers include:
- Political organizations and candidates (First Amendment protection)
- Charities and nonprofits calling on their own behalf (though for-profit telemarketers hired by charities ARE covered)
- Survey and research companies (as long as no sale is attempted)
- Businesses with an "established business relationship" (EBR) with the consumer
- Businesses that have the consumer's prior express written consent to call
The established business relationship exemption is the one most commercial callers lean on. An EBR exists when a consumer bought something from you, made an inquiry, or submitted an application in the past 18 months. If they just asked a question, the EBR lasts 3 months from the date of that inquiry [4].
Here's the catch that burns people. The consumer can revoke EBR protection any time by asking to go on your internal do-not-call list. Once they do, you lose the EBR shield for that number forever, no matter how recent your last transaction was.
B2B calls generally fall outside the National Registry, though some states write their own rules that reach business lines. Calls to wireless numbers carry extra restrictions under the TCPA beyond the registry, especially anything autodialed or prerecorded.
What does it cost a telemarketer to call a number on the registry?
The FTC can seek civil penalties up to $53,088 per violation as of 2024 [5]. The FCC has its own penalty authority under the TCPA, and private plaintiffs can sue for $500 to $1,500 per call under 47 U.S.C. § 227(c)(5) [2].
Those figures are per call, not per campaign. One afternoon of sloppy list hygiene can stack into millions in exposure fast. FTC settlements have run from tens of thousands of dollars up past $100 million for the biggest operations [6].
The FTC bumps its penalty ceiling every year for inflation under the Federal Civil Penalties Inflation Adjustment Act. The $53,088 figure applies to violations assessed after January 15, 2024. Don't assume last year's number is still the current one.
A practical note. Enforcement tends to chase repeat violators and high-volume shops. That doesn't make small teams safe. The FTC has gone after small vendors with modest call volumes when the conduct was ugly enough. Ignorance is not a defense the agency has shown much patience for.
For what triggers investigations and what real penalties have looked like, see our article on do not call list violations.
How often must telemarketers scrub their lists against the registry?
Every 31 days. That's the FTC's rule. A telemarketer has to download a fresh copy of the relevant area codes and scrub the calling list against it no less than every 31 calendar days [4].
This is where small teams get burned. They pull the list once, load it into the dialer, and figure they're covered forever. They're not. Numbers get added to the registry every day. Call a number on day 32 without re-scrubbing and you have no safe harbor, even if you pulled the list last month.
The TSR also makes you keep an internal do-not-call list, separate from the national registry. If someone tells you on a call not to ring them again, you honor that for at least 5 years and apply it across your whole organization, more than the division that took the call [4].
The FTC hands out area-code-based subscriptions through donotcall.gov. Small businesses under the volume threshold get up to five area codes for free. Bigger operations pay by the number of area codes they download. For a full walkthrough of the access process, see how do I get the do not call list.
Does the do not call list apply to cell phones?
Yes, and this matters more than almost anything else for modern outbound teams. Cell phones register on the National Do Not Call Registry the same way landlines do. Once registered, they get the same protections [10].
Cell phones also carry a separate layer of protection under the TCPA that has nothing to do with the registry. The TCPA bans using an automatic telephone dialing system (ATDS) or a prerecorded voice to call any wireless number without prior express consent. That rule stands whether or not the number is on the registry [2].
Plain terms: even if a cell number is NOT on the DNC registry, you may still need consent to call it with an autodialer. The two frameworks run in parallel. You satisfy both or you lose.
The myth of a separate secret "cellular do not call list" with its own registration is false. There is no wireless-only registry. The national list covers every phone type. For more on this point, see mobile phone do not call list.
How does the FTC enforce violations, and what does an investigation look like?
Enforcement usually starts with consumer complaints filed at donotcall.gov or reportfraud.ftc.gov. The FTC pools those complaints and hunts for patterns: the same caller ID, the same callback number, the same product pitch showing up thousands of times across different consumers [6].
From there the agency can issue civil investigative demands (CIDs), subpoena call records, and seek preliminary injunctions to stop the calling while the case runs. Most cases settle. Settlements usually pair a permanent injunction with a civil penalty and sometimes disgorgement of profits.
The FTC also uses technology. It runs honeypot phone numbers that no real consumer has ever used but that sit on the registry. A call to one of those is automatic evidence of a violation.
If you rely on third-party lead generators or calling vendors, know this: the FTC has made clear you can be held liable for violations your vendors commit on your behalf. "I didn't know my lead vendor was calling registry numbers" has not worked as a defense in recent actions.
Want to file a complaint about a call you got? Do it at donotcall.gov. The FTC won't reply individually, but your report feeds the pattern data that drives cases. For filing guidance, see do not call list report.
What are the state-level do not call lists, and do they add requirements?
Many states run their own do-not-call databases on top of the federal registry. Telemarketers working in those states scrub against both lists.
State lists often bite harder than the federal one. Some protect a number faster. Some cover call categories (certain financial products, for example) that the federal rules don't name. A few set higher per-violation penalties than the FTC's ceiling.
Here's a quick comparison of selected states with their own DNC programs:
| State | State DNC List | Key Difference from Federal |
|---|---|---|
| Florida | Yes (administered by state AG) | Stricter EBR rules; state penalties up to $10,000/violation [7] |
| Pennsylvania | Yes | Covers intrastate calls specifically; separate registration for businesses [8] |
| Indiana | Yes | State AG enforces independently; some exemptions differ |
| Texas | Follows federal registry | No separate state list; relies on national registry |
| California | Follows federal registry | CCPA adds separate data/consent obligations |
Florida and Pennsylvania are the two states where small outbound teams get surprised most often. If you call Florida numbers, read the Florida Telemarketing Act closely. For details, see florida do not call list, do not call list pa, and indiana do not call list.
The practical advice is simple. Call more than two or three states and you map your coverage and check each one. The federal scrub does not cover you at the state level.
What records do telemarketers need to keep to prove compliance?
The FTC's Telemarketing Sales Rule (TSR) makes telemarketers keep records showing they accessed the registry, when they accessed it, and what their internal do-not-call procedures are [4]. The standard guidance is to hold those records at least 24 months. Longer is better if you're in a sector that draws regulatory attention.
You should be able to produce:
- Date-stamped receipts or logs for each registry access and which area codes you downloaded
- Your internal do-not-call list, with timestamps showing when numbers were added
- Your written do-not-call policy (the TSR requires one in writing)
- Call logs showing you didn't dial numbers on either list after the required honor period
The written policy is the piece small teams skip. The TSR, at 16 C.F.R. § 310.4(b)(3), requires telemarketers to have a written procedure for maintaining the internal list and to train staff on it. "We all know not to call people who say no" is not a written procedure.
LeadCompliant's free compliance kit includes a DNC policy template and a checklist for registry access documentation. Worth downloading if your team doesn't already have these in place.
Honest caveat. If you run a high-volume outbound operation, a one-time document download is not a compliance program. You need someone whose job is to own this, in-house or a vendor who does DNC hygiene as a service.
Can you still call someone on the list if they gave you consent?
Yes. Prior express written consent overrides the registry. If a consumer signed (on paper or electronically) an agreement that clearly authorizes your company to call them, and it names the phone number they're authorizing, that consent clears the TCPA barrier for that number [2].
The consent has to meet specific requirements to count. The FCC's 2012 order, In the Matter of Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991 (CG Docket No. 02-278), requires that consent for autodialed or prerecorded calls to wireless numbers be express, written, and not a condition of purchase. The FTC's TSR sets parallel requirements for telemarketing calls.
The FCC's 2024 one-to-one consent order (effective January 2025, then thrown into legal uncertainty) said lead generators can't use a single blanket consent to cover dozens of sellers. Consent has to be obtained for each seller who will call. If it survives challenge, that change hits any company buying leads from aggregators [9].
The documentation burden sits on the caller. If a consumer denies giving consent and you can't produce a time-stamped, clearly attributed consent record, you're in a bad spot. "The lead vendor told us they had consent" has not held up consistently as a defense.
What should a small outbound team do right now to reduce DNC exposure?
A few concrete steps, in order of importance.
Get access to the national registry at donotcall.gov and set a calendar reminder to re-download the relevant area codes every 30 days, not 31. Build in a day of buffer.
Check every state you call. Calling Florida, Pennsylvania, or Indiana regularly means you need those state lists too. Federal scrub is not enough.
Build an internal DNC list that's actually maintained. Every time someone says "don't call me again," that number gets logged right away and suppressed across your whole calling operation (the FTC expects it honored "as soon as practicable").
Document everything. Pull your registry access logs. Write down your DNC policy. Make sure your callers can explain it.
If you buy leads, ask your vendor for their consent documentation. Ask how they capture it, when, and whether it's one-to-one. If they can't answer clearly, that's your signal.
Nobody has clean data on how many small outbound teams run adequate DNC procedures. The closest proxy is FTC complaint volume, roughly 1.2 million do-not-call complaints in FY2023 alone, which suggests the gap between required and actual practice is wide [3].
For teams that want a structured checklist instead of building from scratch, LeadCompliant's free compliance kit is one starting point. The habit matters more than the document.
Frequently asked questions
How do I register my phone number on the FTC Do Not Call list?
Go to donotcall.gov and enter up to three numbers per email address, then click the confirmation link sent to your email. You can also call 1-888-382-1222 from the number you want registered. Either method is free and permanent. Telemarketers must stop calling your number within 31 days of your registration date.
How long does it take for the do not call list to take effect?
Your number is added to the registry within 24 hours of registration. But telemarketers have 31 days from the date your number was added before they must stop calling it. So you may still get covered calls for up to a month after registering. After that window, most commercial telemarketing calls to your number are prohibited.
Does the do not call list stop all unwanted calls?
No. The registry covers for-profit commercial telemarketers. It doesn't stop calls from political campaigns, charities, survey companies, or businesses you've had a transaction with in the past 18 months. Scammers ignore it entirely. Registering cuts legitimate telemarketing calls sharply but won't kill every unwanted contact.
How much does it cost to access the National Do Not Call Registry as a business?
Small businesses can access up to five area codes for free at donotcall.gov. Beyond five, there are annual subscription fees. As of 2024, the fee for a single additional area code past the free tier is $72 per year, with volume discounts. The FTC posts a current fee schedule on the donotcall.gov business portal.
What is the penalty for calling a number on the do not call list?
The FTC can seek civil penalties up to $53,088 per violation as of 2024. The TCPA also lets private individuals sue for $500 per call, or up to $1,500 per call if the violation was willful, under 47 U.S.C. § 227(c)(5). Both can apply at once, so one bad campaign can generate enormous liability across multiple plaintiffs and agencies.
Can a business call a cell phone that's on the do not call list if the person is a customer?
Possibly, under the established business relationship (EBR) exemption. If the consumer bought from you or made an inquiry within the last 18 months, the EBR may apply. But the consumer can revoke that protection any time by asking to go on your internal do-not-call list. Separate TCPA consent rules for autodialed calls to cell phones apply regardless of the registry or EBR.
How do I file a complaint if I'm still getting calls after registering?
File a complaint at donotcall.gov or reportfraud.ftc.gov. You'll need the number that called you, the date and time, and any detail about what was being sold. The FTC doesn't respond to individual complaints but uses the data to spot patterns and build cases. State attorneys general also take complaints for violations of state-level rules.
Is there a separate do not call list for cell phones?
No. The myth of a separate cellular registry is false. The National Do Not Call Registry covers every type of phone number, including cell phones and VoIP lines. Cell phones do have extra TCPA protections against autodialed and prerecorded calls that apply regardless of registry status, but those are separate rules, not a separate list.
How often must telemarketers check the national do not call registry?
At least every 31 days. The FTC's Telemarketing Sales Rule requires telemarketers to access a current version of the registry no more than 31 days before any call is made. Most compliance-conscious teams scrub every 30 days to build in buffer. Failing to re-scrub kills the safe harbor protection even if you pulled the list recently.
Do state do not call lists apply in addition to the federal list?
Yes, in states that run their own lists. Florida, Pennsylvania, and Indiana maintain independent databases with their own registration requirements and penalties. Telemarketers calling into those states must scrub against both the federal registry and the applicable state list. State penalties can be significant on their own, separate from FTC or private TCPA liability.
What is an established business relationship and how long does it last?
An established business relationship (EBR) exists when a consumer bought from you, made an inquiry, or submitted an application. For purchases or ongoing relationships, the EBR lasts 18 months from the last transaction. For a mere inquiry, it lasts 3 months from the date of contact. The consumer can end the EBR any time by asking to go on your internal do-not-call list.
Can a lead generator's consent cover calls from the company that bought the lead?
Under the FCC's 2024 one-to-one consent rule, consent obtained by a lead generator has to name each seller who will contact the consumer. A single blanket consent covering many potential callers is no longer valid for TCPA purposes under that rule, though it faced legal challenges. If you buy leads, verify consent was captured for your company specifically, not for the lead vendor's broad network.
How long does a number stay on the do not call list?
Permanently, since Congress killed the five-year expiration period in 2008 with the Do-Not-Call Improvement Act. A number stays on the registry unless the consumer removes it or the number is disconnected and later reassigned to a new subscriber. Reassigned numbers are a compliance risk: the new subscriber has protections even though the previous owner may have had an EBR with a caller.
What written records do telemarketers need to prove do not call compliance?
The FTC's Telemarketing Sales Rule requires a written do-not-call policy, documented staff training, dated logs showing registry access and which area codes were downloaded, and a maintained internal do-not-call list with timestamps. Keep records at least 24 months. The written policy itself is a specific regulatory requirement under 16 C.F.R. § 310.4(b)(3), more than a best practice.
Sources
- U.S. Congress, Do-Not-Call Implementation Act of 2003 (Public Law 108-10): Congress created the National Do Not Call Registry in 2003 and directed the FTC to establish and operate it
- Legal Information Institute, Cornell Law School, 47 U.S.C. § 227 (Telephone Consumer Protection Act): The TCPA at 47 U.S.C. § 227(c)(5) provides a private right of action for $500 to $1,500 per call violation; the statute also grants the FCC enforcement authority
- Federal Trade Commission, National Do Not Call Registry Data Book (FY2023): The registry holds more than 249 million active registrations, and the FTC logged roughly 1.2 million do-not-call complaints in FY2023
- Federal Trade Commission, Telemarketing Sales Rule (16 C.F.R. Part 310): Telemarketers must scrub calling lists every 31 days, maintain a written internal do-not-call policy under 16 C.F.R. § 310.4(b)(3), honor internal opt-outs for at least 5 years, and honor established business relationships for 18 months from last transaction or 3 months from inquiry
- Federal Trade Commission, Adjustment of Civil Monetary Penalty Amounts (2024 inflation adjustment): The FTC's maximum civil penalty rose to $53,088 per violation for conduct assessed after January 15, 2024, under the Federal Civil Penalties Inflation Adjustment Act
- Federal Trade Commission, Cases and Proceedings: FTC enforcement settlements have ranged from tens of thousands to over $100 million; the agency uses honeypot phone numbers on the registry as evidence in investigations
- Florida Department of Agriculture and Consumer Services, Florida Telemarketing Act (Section 501.059, Florida Statutes): Florida imposes state-level penalties up to $10,000 per violation under the Florida Telemarketing Act with stricter established business relationship rules than the federal standard
- Pennsylvania Office of Attorney General, Do Not Call Registry Program: Pennsylvania maintains its own do-not-call list covering intrastate calls with separate business registration requirements
- Federal Trade Commission, donotcall.gov consumer registration portal: Registration is free, covers all phone types including cell phones, and numbers are added within 24 hours; registration has been permanent since the Do-Not-Call Improvement Act of 2008
- U.S. Congress, Do-Not-Call Improvement Act of 2007 (Public Law 110-187): Congress eliminated the five-year expiration period for registry registrations in 2008, making registrations permanent