How to calculate TCPA damages: per-call math and real exposure

TCPA damages are $500, $1,500 per call or text. Learn exactly how to calculate your exposure, what courts have awarded, and how to reduce your risk.

LeadCompliant Team
22 min read
In This Article

Last updated 2026-07-10

Person reviewing TCPA compliance spreadsheets on a desk in afternoon light
Person reviewing TCPA compliance spreadsheets on a desk in afternoon light

TL;DR

TCPA statutory damages are $500 per unlawful call or text, rising to $1,500 if a court finds the violation was willful. Multiply that by every message or call sent without proper consent and your exposure compounds fast. A 10,000-message blast with a consent defect could mean $5 million to $15 million before a single attorney fee is added.

What is the TCPA damages formula?

The math is simple. The risk is not.

47 U.S.C. § 227(b)(3) gives a private plaintiff the right to recover 'actual monetary loss' or '$500 in damages for each such violation,' whichever is greater. If the court finds the defendant 'willfully or knowingly' violated the Act, the judge can triple that to $1,500 per violation. [1]

So the base formula is:

Total exposure = (number of violating calls or texts) x ($500 standard OR $1,500 if willful)

That's it. No actuarial table, no discount rate, no fine print. The danger sits in that first number. 'Number of violations' scales with your list size, your call volume, and whether you have clean consent records. A 1,000-contact campaign you ran without proper prior express written consent is $500,000 in standard exposure, or $1.5 million if plaintiffs' counsel can show your team knew the rules and ran the dials anyway.

Actual damages almost never come up. Statutory damages of $500 per violation beat out-of-pocket harm in nearly every case. The statute pays whichever is greater, so if a robocall somehow cost someone $1,200 in provable economic loss, they'd claim that instead. That's rare. In practice, statutory damages run TCPA litigation.

What counts as a single 'violation' under the TCPA?

Each call, each text, and in some arguments each attempt counts as its own violation. This is where the numbers get scary, and it's where plaintiffs' lawyers make their fees. [1]

Federal courts have generally held that every individual communication is a separate violation. Call someone 47 times without consent and that's 47 separate $500 hits, not one. That exact logic drove the $61-per-call award in Krakauer v. Dish Network, where roughly 51,119 calls to people on the Do Not Call Registry produced a judgment near $20 million. [2]

Text campaigns work the same way. Courts treat each outbound message as one violation. Send a 50,000-person blast and you've created 50,000 potential violations in a single afternoon. The Credit One TCPA settlement and the Truist Bank TCPA class action settlement both show how fast mass text or auto-dialer campaigns turn into eight-figure exposure.

One honest caveat: not every court reads the statute identically. A few have asked whether a single 'campaign' could count as fewer violations, but that minority view never took hold as precedent. Plan for one violation per contact attempt. That's the assumption plaintiffs will use, so it should be yours too.

How do courts decide whether a violation is willful (the $1,500 trigger)?

Willfulness under the TCPA does not require malice. Courts read it broadly: if you knew the law existed, knew your practices might break it, and kept going, that's enough for trebling to $1,500 per violation. [1]

Signals courts use to find willfulness include:

  • Evidence your compliance team flagged the risk and got overruled
  • Prior TCPA complaints or demand letters you received and ignored
  • Contracts with lead vendors that had no consent verification requirements
  • Internal emails showing speed-to-dial mattered more than scrubbing
  • Calling numbers after someone revoked consent

The FCC's 2015 Omnibus Declaratory Ruling put the burden on callers to show they had consent, and applied a reasonable reliance standard. [3] If you can't produce consent records, courts often infer you never had them, and that inference bleeds straight into a willfulness argument.

For outbound sales teams the practical rule is short. Document everything, and stop the second someone asks you to. Ignoring a written or spoken opt-out is one of the fastest ways to jump from $500 to $1,500 per violation.

TCPA exposure by campaign size and consent defect rate Standard damages ($500/violation) at varying defect rates 1,000 contacts, 20% defect $100k 10,000 contacts, 10% defect $500k 50,000 contacts, 5% defect $1.2M 100,000 contacts, 5% defect $2.5M 100,000 contacts, 5% defect, will… $7.5M Source: 47 U.S.C. § 227(b)(3), statute; calculations by LeadCompliant

Step-by-step: how to estimate your own TCPA exposure

Run this before your next campaign launches, not after a demand letter shows up in the mail.

Step 1: Count the universe of contacts. How many unique phone numbers will you call or text? Pull the exact figure. Round numbers kill companies in litigation, because plaintiffs can prove the true count straight from your own CRM exports.

Step 2: Identify which contacts have documented prior express written consent. For autodialed or prerecorded calls and texts, the FCC requires prior express written consent. [3] That is not an oral agreement or a checkbox buried in 2012 terms of service. It's a clear and conspicuous disclosure that the person agrees to receive autodialed messages from your specific company, signed or electronically affirmed by the consumer. [3] Subtract these from your total.

Step 3: Flag any numbers that have opted out. Anyone who has revoked consent, by voice or in writing, comes off the list before the next contact. The FCC ruled in 2015 that revocation can happen through any reasonable means. [3] If you don't honor revocations promptly (the FCC says promptly, though the federal rule sets no hard day count), every later call to that number is a knowing violation.

Step 4: Run the DNC scrub. Numbers on the National Do Not Call Registry get their own layer of protection. [4] Calling a registered number without an established business relationship or written agreement costs $500 to $1,500 per call under the TCPA, plus separate exposure under the FTC's Telemarketing Sales Rule. [5] These are different pools. Don't merge them.

Step 5: Do the math.

ScenarioContactsAssumed violation rateStandard exposureWillful exposure
Small cold-call campaign1,00020% no valid consent$100,000$300,000
Mid-size SMS blast10,00010% consent defect$500,000$1,500,000
Large auto-dialer campaign100,0005% consent defect$2,500,000$7,500,000

These numbers assume only the contacts with consent defects are actionable. In a class action, plaintiffs' counsel will argue the whole list lacks compliant consent unless you can prove otherwise for each number, one at a time.

Step 6: Add attorney fees and litigation cost. The TCPA has no fee-shifting provision, but class actions settle with plaintiffs' attorneys taking 25 to 33% of the fund. Your real cost is the settlement or judgment plus your own defense. Defense costs in a contested TCPA class action commonly run $500,000 to several million dollars before you ever reach trial. That range comes from published reports on TCPA litigation economics, not from thin air. [6]

If you hold clean prior express written consent for every number you contact, your TCPA exposure on the consent claim sits near zero. That one phrase carries enormous financial weight.

The FCC defines it in 47 C.F.R. § 64.1200(f)(9) as an agreement, in writing, that clearly authorizes the seller to deliver telemarketing messages using an autodialer or prerecorded voice to the consumer's phone number. [7] The agreement has to include the specific phone number, name your company, and stay separate from any condition of buying goods or services.

Leads bought from third-party vendors are the biggest consent gap for outbound teams. Even when the vendor swears consent was captured, the FCC's one-to-one consent rule (effective January 27, 2025) requires each seller to get consent individually and specifically. [8] A single checkbox covering a network of 'marketing partners' no longer counts. The TCPA 2025 changes article walks through this shift.

This rule change moves the exposure math for anyone who buys leads. If your whole pipeline runs on vendor-captured consent and that vendor used a broad, multi-party form, nearly your entire list may be unprotected now. Drop that through the Step 5 table and the reason it matters gets obvious fast.

How do real TCPA settlements and judgments compare to the statutory math?

Courts almost never award full statutory damages across an entire class, because the resulting number gets so large it raises constitutional due process concerns. Settlements still run into eight figures.

A few real data points:

The pattern holds: settlements land between a few cents and a few dollars per class member rather than the full $500, because defendants negotiate down from the theoretical maximum. Even $5 per class member across a million-contact campaign is $5 million. The plaintiffs' attorneys who cut that deal take their percentage off the top before a single class member sees a dollar.

Nobody has clean public data on average TCPA settlement per call, because so many cases settle under confidentiality. The closest published tracking, WebRecon's annual TCPA litigation report, follows filing counts and notes that smaller individual cases often settle in the $1,000 to $5,000 range total, not per call. [6] Class actions are a different animal entirely.

Does the TCPA cover texts the same way it covers calls?

Yes. The FCC confirmed in 2003 that text messages are calls under the TCPA, and the $500/$1,500 per-violation structure applies identically. [3]

This surprises marketing teams who assume SMS runs on softer rules. It doesn't. An SMS sent through any platform that uses an autodialer triggers the same consent requirement and the same damages math as a robocall. The definition of autodialer stays contested after Facebook v. Duguid, but it still reaches most mass-text platforms. [9]

Text marketing brings state-level additions too. California's consumer privacy rules and its AG guidance on text consent add a layer, and several states run their own mini-TCPA statutes with different damage floors. The TCPA guidelines overview and state-specific compliance considerations are worth reading next to the federal calculation.

One note on shortcodes versus 10DLC. Using a registered 10-digit long code or short code does not exempt you from the TCPA. Carrier registration is a separate telecom rule. TCPA consent and damages don't care how the message reaches the phone.

What reduces your TCPA exposure in practice?

Four things actually move the number. Everything else is theater.

1. Documented consent at the point of capture. The record needs to show who consented, what they consented to, which company was named, which phone number was given, and when. Timestamp plus IP address is the standard. Without it, you're arguing from absence, and absence loses.

2. Real-time DNC scrubbing. The National DNC Registry has to be checked within 31 days of a call. [4] Plenty of teams scrub once at list purchase and never again. Anyone who registers after that first scrub is exposed by your stale data. A 30-day scrub cycle is the floor, not the goal. Tools like LeadCompliant's free DNC checker let you verify numbers before launch without a contract.

3. Prompt revocation handling. Build a process that pulls opt-outs from every dialing system within 24 hours, more than your CRM. If your CRM feeds three dialers and an email platform, the revocation has to reach all of them. That gap is a common source of repeat-contact violations.

4. Written vendor contracts with consent warranties. If you buy leads, the contract should make the vendor represent and warrant that consent met current FCC standards, including the January 2025 one-to-one rule. Get indemnification in writing. Courts have held buyers liable even after a vendor lied about consent quality, so the clause won't erase your risk. It gives you a claim to chase the vendor with.

None of this makes TCPA risk disappear. But solid documentation is what turns a $1,500 willful finding into a $500 standard one, and it gives you the ground to negotiate the per-call value down.

What about state TCPA equivalents and how do they stack on top of federal damages?

Federal TCPA damages and state damages can stack. That is not a theoretical concern.

California's Invasion of Privacy Act, Florida's Telephone Solicitation Act (amended in 2021 with some of the tightest consent rules in the country), and Washington's Commercial Electronic Mail Act each carry their own penalty structures. Florida's statute allows damages of $500 per text, separate from and on top of federal TCPA damages, for certain solicitations sent without prior express written consent. [10]

When a campaign reaches consumers across multiple states, per-violation exposure is the sum of the applicable federal and state penalties, not the higher of the two. A text to a Florida consumer who never consented can carry $500 federal plus $500 Florida, before trebling under either statute.

Here's the practical move. Calculate federal exposure first with the formula above. Then figure out what percentage of your list sits in high-risk states (Florida, California, Washington, and Oklahoma are the ones I'd flag first) and apply a multiplier to that slice. It's imprecise. It's also directionally honest, which beats a false sense of a single tidy number.

The TCPA existing business relationship protections article covers where state rules split from federal.

Should you settle or fight a TCPA demand letter?

This is a business decision more than a legal one, and I'll tell you how I'd think about it instead of pretending there's one right answer.

A demand letter from an individual plaintiff, not a class, usually asks $1,500 to $10,000 to go away. If the exposure is real (you called without consent and you can't prove otherwise), settling in that range almost always beats defense cost. A single deposition can run more than a $5,000 settlement.

A class action threat is a different beast. Once a class complaint lands, the whole calculation shifts to a classwide exposure number. Get TCPA-specialized counsel that day. The TCPA lawyer resources page is one starting point if you're in that region.

Fighting makes sense in two situations. Your consent documentation is clean and provable. Or the plaintiff's liability theory has a real legal weakness, like a genuine dispute over whether the platform qualifies as an ATDS under Facebook v. Duguid. [9] Without strong factual or legal ground, defense burns cash and rarely beats early settlement.

LeadCompliant's compliance kit includes consent documentation templates and a vendor contract checklist. They only help if you put them in place before the demand letter arrives.

For rule changes that move the calculation, the TCPA news tracker and telemarketing rules updates cover FCC orders as they drop.

What are the most common mistakes that inflate TCPA exposure?

The same mistakes show up again and again in how settlements unfold and what plaintiffs' counsel goes after.

Buying leads without auditing consent language. This is the single biggest source of avoidable exposure. A vendor's 'compliant' claim means nothing until you read the actual opt-in language and confirm it named your company by name.

Calling reassigned numbers. Phone numbers get reassigned to new consumers all the time. The FCC's Reassigned Numbers Database exists for exactly this problem. [11] Call a number that got reassigned to a new consumer after your original customer consented, and that new consumer never agreed to anything. The database lets you check reassignments before you dial.

Ignoring the 8 a.m. to 9 p.m. local time rule. Under 47 C.F.R. § 64.1200(c)(1), calls can't go out before 8 a.m. or after 9 p.m. in the called party's time zone. [7] It doesn't change the per-violation rate, but each out-of-hours call is an independent violation that stacks on top of any consent violation.

Not training your team on oral revocation. If a consumer says 'stop calling me' on a live call, that's revocation. Your agent needs a protocol to record it, escalate it, and suppress the number the same day. Agents who log 'callback later' instead of 'opt-out' are minting willful violations for your company.

Relying on the established business relationship exemption for autodialed calls. The EBR exemption applies to the DNC Registry for non-automated calls. It does nothing for autodialed or prerecorded calls to wireless numbers without prior express written consent. [1] Those are different consent standards, and confusing them gets expensive.

Frequently asked questions

How do I calculate TCPA damages for a text message campaign?

Multiply the number of texts sent without valid prior express written consent by $500. If a court finds the violation willful, multiply by $1,500 instead. For a 10,000-message blast with a 10% consent defect rate, that's $500,000 standard or $1.5 million willful. Each individual text counts as one violation, not the campaign as a whole.

What is the maximum TCPA penalty per call?

The statutory maximum under 47 U.S.C. § 227(b)(3) is $1,500 per call or text when a court finds the violation willful or knowing. The baseline is $500 per violation. Courts can award actual damages if they exceed the statutory amount, but that's rare because $500 per call almost always beats provable out-of-pocket harm.

Does the $500 TCPA penalty apply per call or per campaign?

Per call, per text, per individual communication. One campaign touching 50,000 people without consent is 50,000 separate violations. Courts have applied this structure consistently, and it's the reason mass-contact campaigns turn into eight-figure class action exposure when consent records are missing or defective.

Can TCPA damages be trebled and when does that happen?

Yes. The statute authorizes trebling to $1,500 per violation when the defendant 'willfully or knowingly' violated the Act. Courts read willfulness broadly: knowing the law existed and continuing risky practices is often enough. Prior demand letters, internal compliance warnings, or continued calling after opt-outs are all evidence courts use to find willfulness.

How does a class action change the TCPA damages calculation?

In a class action, every class member is a potential claimant. If 100,000 people got an autodialed call without consent, the theoretical exposure is 100,000 times $500 to $1,500. Courts rarely award full statutory damages across a whole class because constitutional proportionality concerns arise, but settlements commonly reach millions. Defense costs alone often top $500,000.

Do I count voicemails and missed calls as separate TCPA violations?

An unanswered call that triggers an autodialer and drops a prerecorded voicemail still counts as a TCPA violation. Courts have found the call itself is the violation, regardless of whether the consumer answered. Each attempt counts separately, so 5 calls to the same number without consent is 5 violations, not 1.

Since January 27, 2025, a single consent form can't cover multiple sellers. Each company has to be named and consented to individually. If your lead vendor used a multi-party consent page, those leads likely lack valid consent now. Every contact from that source becomes a potential $500 to $1,500 violation. Audit vendor consent language against the new rule immediately.

Does calling a cell phone versus a landline change the TCPA calculation?

For autodialed or prerecorded calls, the $500/$1,500 structure applies to wireless numbers under 47 U.S.C. § 227(b)(1)(A). Landlines have separate protections, mainly for prerecorded telemarketing calls under § 227(b)(1)(B). Most modern TCPA litigation targets wireless numbers, because nearly all consumer phones are cell phones and the consent requirements run stricter.

What is the statute of limitations for TCPA claims?

The TCPA sets no limitations period of its own, so courts apply the closest analogous rule. Most federal courts use the 4-year federal catch-all under 28 U.S.C. § 1658. Some apply state 2- or 3-year periods. The practical answer: calls and texts from the past 2 to 4 years are in play, depending on the jurisdiction.

Can I reduce TCPA exposure by relying on a lead vendor's consent representation?

Relying on a vendor does not erase your liability as the caller. Courts have held the calling party, not the lead source, is the primary defendant under the TCPA. Vendor representations help with indemnification claims against the vendor, but only if they're in writing and the contract requires consent that meets current FCC standards. Verbal assurances are worthless in litigation.

How do Do Not Call Registry violations affect the damages calculation?

DNC Registry violations carry the same $500 to $1,500 per-call structure under the TCPA's § 227(c). They're separate from consent violations under § 227(b), so a single call to an unconsented wireless number that's also on the DNC Registry could produce claims under both subsections. Courts handle this differently, but doubling up claims is a real risk with some plaintiffs' firms.

Does the TCPA B2B exemption reduce my damages exposure for business calls?

The TCPA B2B exemption is narrower than most teams assume. Autodialed calls to business landlines have some protection, but calls to an employee's personal cell phone, even for business purposes, may not qualify. The exemption does not cover prerecorded calls or SMS to wireless numbers without consent. Review the TCPA B2B exemption details before relying on it.

Are there any TCPA safe harbors that lower the damages number?

No formal statutory safe harbor reduces the $500 floor. An established business relationship (EBR) can protect against DNC-based claims for non-autodialed calls. Good-faith reliance on the FCC's Reassigned Numbers Database can support arguments against willfulness, which keeps you at $500 rather than $1,500 per call. Documentation of compliance efforts matters most.

How should I present my TCPA risk calculation to my company's leadership?

Use the step-by-step method: total contacts times estimated consent-defect rate times $500 for the base case, then the same times $1,500 for the willful scenario. Add a line for estimated defense costs of $250,000 to $1 million depending on case size. Present both as a range. Leadership responds better to a specific dollar range than to 'significant liability.' Show the cost of a compliance fix against those numbers.

Sources

  1. Cornell Law School LII, 47 U.S.C. § 227 (TCPA full statute text): TCPA authorizes $500 per violation and up to $1,500 per willful violation; each call or text is a separate violation
  2. U.S. Court of Appeals for the Fourth Circuit, Krakauer v. Dish Network LLC, 925 F.3d 643 (4th Cir. 2019): Judgment of roughly $20 million ($61 per call across 51,119 calls) to DNC-registered numbers upheld on appeal
  3. FTC, National Do Not Call Registry (information for businesses): Telemarketers must scrub the National DNC Registry within 31 days before calling
  4. FTC, Telemarketing Sales Rule, 16 C.F.R. Part 310: TSR violations carry civil penalties separate from TCPA statutory damages
  5. WebRecon LLC, Annual TCPA Litigation Statistics Report: Individual TCPA cases frequently settle in the $1,000 to $5,000 total range; class action defense costs can exceed $500,000
  6. FCC, 47 C.F.R. § 64.1200 (implementing rules under the TCPA, including consent definitions and calling hours): Prior express written consent definition at § 64.1200(f)(9); calling hours restricted to 8 a.m. to 9 p.m. local time under § 64.1200(c)(1)
  7. U.S. Supreme Court, Facebook Inc. v. Duguid, 592 U.S. 395 (2021): Narrowed the definition of automatic telephone dialing system (ATDS) under the TCPA, requiring capacity to generate random or sequential numbers, not merely store and dial a list
  8. Florida Legislature, Florida Telephone Solicitation Act, Fla. Stat. § 501.059 (as amended 2021): Florida's 2021 amendments impose $500 per-text damages for unsolicited automated texts, separate from federal TCPA damages

Disclaimer: LeadCompliant is a compliance review tool, not a law firm. We do not provide legal advice. Consult with a TCPA attorney for legal guidance on specific compliance questions. Compliance scores, audits, and risk assessments are informational only.

LeadCompliant Team

LeadCompliant provides expert guidance and tools to help you succeed. Our content is reviewed for accuracy and kept up to date.

Related Articles

Related Glossary Terms

LeadCompliant
Build My Kit