Last updated 2026-07-09

TL;DR
A TCPA plaintiff's attorney looks for three things: evidence your system qualifies as an autodialer or uses a prerecorded voice, proof the called party never gave prior express written consent, and a pattern of calls large enough to certify a class. Find those three, and a single campaign can produce statutory damages of $500 to $1,500 per message or call with no actual harm required.
Why TCPA cases are so attractive to plaintiff attorneys
The TCPA is one of the few federal statutes that lets a private plaintiff sue without showing any real injury. You don't need to prove emotional distress, lost income, or even that the call annoyed you. The statute sets the damage itself: $500 per violation, up to $1,500 if the court finds the violation was willful [1]. Multiply that by a list of 100,000 people and you see why plaintiff attorneys treat TCPA like a lottery ticket with unusually good odds.
The economics flip the normal litigation math. Defense costs alone for a TCPA class action routinely run into six figures before trial, which pushes defendants toward settlement. A 2021 analysis by law firm Seyfarth Shaw found TCPA class action settlements averaged around $6.5 million, though the range is enormous, from small four-figure nuisance settlements to the $75 million Dish Network paid to resolve federal and state claims [2]. Plaintiff attorneys typically work on contingency, so they bear no out-of-pocket risk. They need a viable plaintiff and a findable defendant. That's the whole entry ticket.
Small outbound teams often assume they're too small to attract this attention. Wrong. Smaller defendants often settle faster and with less resistance than large corporations. One serial plaintiff filing dozens of individual TCPA suits can earn more per hour than an attorney running a massive class action, and they skip the headache of class certification entirely.
What evidence does a TCPA attorney collect first?
The first thing a competent plaintiff attorney does is document the call or text in detail before they even file. They note the caller ID, the exact time, whether a live person came on or a recording played first, whether there was a telltale pause before connection (the so-called "dead air" that signals predictive dialing), and the exact wording of any prerecorded message. Some attorneys use call-recording apps to capture audio automatically.
They pull the client's phone records to confirm the number is a cell phone, because TCPA protections for cell phones are stronger than for landlines [1]. Calling a cell phone with an autodialer or prerecorded voice without consent is a standalone violation, regardless of whether the number sits on the National Do Not Call Registry.
After that comes the demand letter or the complaint, and then discovery. Discovery is where cases get built or fall apart. Attorneys request the dialing system's technical architecture and vendor contracts, the contact list and how each number was sourced, every consent record tied to the plaintiff's number, call logs showing the full volume of similar calls, and any internal compliance policies or training materials. If your records are incomplete or contradictory, that's not a defense. Gaps in consent records read as no consent in most courts.
How do TCPA attorneys prove a system is an autodialer?
This is the most legally contested element in any TCPA case right now. The statute defines an automatic telephone dialing system (ATDS) as equipment with "the capacity to store or produce telephone numbers to be called, using a random or sequential number generator; and to dial such numbers" [1]. The Supreme Court narrowed that definition in Facebook v. Duguid (2021), holding that the ATDS definition requires use of a random or sequential number generator, and that automated dialing from a stored list alone doesn't qualify [3].
Don't get comfortable. Plaintiff attorneys adjusted their approach fast. They now focus on systems that actually use random or sequential generation, predictive dialers that function that way, and ringless voicemail platforms. They also argue that many modern cloud dialers meet the technical definition even after Duguid, and several district courts have agreed depending on the specific architecture [4].
Here's what a plaintiff attorney does in practice. They subpoena the dialing vendor, request the system's technical documentation, and hire an expert witness (usually a software engineer or telephony consultant) to opine that the system meets the ATDS definition. If your vendor is a well-known predictive dialer or power dialer, there's probably already expert testimony about that specific product in prior cases they can reuse. That lowers their cost considerably.
The safest framing for defendants is blunt: the more automated your dialing, the more exposure you carry. Even if you think you fall outside the ATDS definition post-Duguid, the cost of proving it in court is real money.
How do TCPA attorneys challenge your consent records?
Consent is where most TCPA defendants lose. The FCC requires "prior express written consent" for telemarketing calls and texts to cell phones using an ATDS or prerecorded voice [5]. That means a written agreement, signed by the consumer, that clearly authorizes the specific seller to contact them at a specific number using an automated system. A checkbox buried in a terms-of-service page, consent to "partners" that never names your company, or consent obtained through a lead vendor who played fast and loose with their forms, none of those reliably meet the standard.
Plaintiff attorneys attack consent from several angles. First, they request the actual consent record for their client's specific number. If you can't produce it, the burden shifts to you and you're already losing. Second, if you did capture consent, they examine the lead flow. Was the consent page clear? Did it name your company by name? Did the consumer check the box, or was it pre-checked? Was the form compliant with E-SIGN requirements? Third, they hunt for lead-chain problems. If you bought the lead from an aggregator who bought it from another vendor, the consent may have been obtained for a different company entirely and fails to cover your calls.
One tactic has become common: attorneys test consent forms themselves. They use the Wayback Machine and paid data tools to reconstruct what your opt-in page looked like on the date the plaintiff allegedly consented. If the form didn't disclose automated calling clearly, the consent is void [6].
For teams running cold calling campaigns or buying leads for outbound text message marketing, this is the single highest-risk area. Nothing else comes close.
What role does the Do Not Call Registry play in a TCPA case?
The National Do Not Call Registry and the TCPA are separate rules that often show up in the same lawsuit. The TCPA at 47 U.S.C. § 227(c) creates a private right of action for residential subscribers who get telemarketing calls after registering on the DNC list [1]. Two calls within a 12-month period is enough to trigger a claim.
Plaintiff attorneys often pair a DNC claim with an ATDS claim because it stacks per-call damages and makes class certification easier. A class of "all people on the DNC list who received calls from defendant" is often easier to certify than an autodialer class, because DNC registration is public record and the class definition is precise.
Scrubbing frequency matters a lot here. The FTC requires telemarketers to access the registry at least every 31 days [7]. If a plaintiff can show your company pulled the list once at the start of a campaign and then ran it for three months without re-scrubbing, every call made after day 32 to a DNC-registered number is potentially a willful violation worth $1,500.
If you're managing an outbound team, understanding the do not call list and the mobile phone do not call list obligations is baseline. Not a nice-to-have. Baseline.
How do TCPA attorneys find plaintiffs and build a class?
Some plaintiffs come to attorneys organically: people who got buried in robocalls, got fed up, and searched for what to do. But plaintiff firms also solicit hard. They run Google ads targeting TCPA keywords, they monitor complaint databases including the FCC's consumer complaint portal and PACER for defendants with prior cases, and they use social media to find people who publicly complained about specific companies.
Serial plaintiffs are a real thing. Courts have recognized individuals who file dozens of TCPA suits a year, often people who deliberately keep their number on lead lists to attract calls. Courts split on how to treat them, some allow them, some scrutinize their standing harder, but a serial plaintiff doesn't invalidate an otherwise meritorious case. If your system called without proper consent, the plaintiff's motive for answering doesn't save you.
For a class action, the attorney has to meet Rule 23 requirements: numerosity (usually 40 or more class members), commonality, typicality, and adequacy of representation [8]. TCPA class actions clear these bars often, because a large dialing campaign, by definition, calls thousands of people using the same system and the same (or absent) consent process. If your dialer ran the same campaign script to 500,000 numbers, you've essentially handed the plaintiff attorney a pre-built class.
The TCPA statute's per-violation damages structure means class size directly controls settlement value. That's why plaintiff attorneys spend real money on discovery to nail down total call volume.
What internal documents hurt defendants the most in discovery?
Reported TCPA cases show a consistent pattern of damaging internal documents. Here's what plaintiffs' attorneys actually find and use.
| Document type | Why it hurts |
|---|---|
| Emails discussing "scrubbing" complaints | Shows awareness of violations |
| Scripts that skip DNC disclosure | Evidence of willfulness |
| Sales team training materials | Demonstrates systemic practices |
| Vendor contracts with auto-dial provisions | Proves ATDS use |
| Spreadsheets of purchased lead lists | Exposes sourcing problems |
| Prior cease-and-desist letters | Kills "first violation" defense |
| Internal compliance audits with uncorrected findings | Devastating for treble damages |
The willfulness finding is the one that triples damages from $500 to $1,500 per call [1]. Courts have found willfulness where a company knew about a violation (through a customer complaint, a prior lawsuit, or an internal audit) and kept calling anyway. An email chain where a compliance person flags a problem and a sales VP replies "keep running the campaign" is exactly the kind of document that anchors a plaintiff attorney's settlement demand.
For reference, the Credit One TCPA settlement and the Cash App TCPA class action settlement both involved situations where internal evidence showed the companies had reason to know about violations before they stopped calling.
The practical takeaway: treat every compliance email as if plaintiff counsel will read it. Because after a lawsuit lands, they will.
How do plaintiff attorneys use call logs and carrier records?
Call logs are the DNA of a TCPA case. Plaintiff attorneys subpoena them from your dialing vendor, your CRM, and sometimes directly from carriers. A well-preserved call log shows the full universe of calls in a campaign, the ANI (originating number) for each, the called number, the disposition (answered, voicemail, abandoned), and timestamps. That data lets an expert witness calculate total violations almost mechanically.
Carrier records get useful when defendants claim low call volumes. The plaintiff attorney can subpoena records from the terminating carrier showing every call that hit a given number, cross-reference with your logs, and find the gaps. If your logs show 50,000 calls but carrier records show 80,000, you have a perjury problem stacked on top of a TCPA problem.
Abandonment rate records matter too. FTC rules require that no more than 3 percent of answered calls be abandoned (connected to silence rather than a live agent), measured over a 30-day period [9]. If your predictive dialer ran at 7 percent abandonment, that's a separate violation log the plaintiff attorney uses to show your system was operating at exactly the automated scale the TCPA targets.
What defenses actually work against TCPA claims, and which are mostly wishful thinking?
Let's be honest about what works.
The established business relationship (EBR) defense survives for residential landline DNC claims under narrow conditions, but it does not exist as a defense for ATDS or prerecorded voice calls to cell phones [1]. If you've heard that a prior business relationship shields you from TCPA liability for cell phone calls, that's wrong. It offers limited protection only for the residential landline DNC-based claim.
Scrubbed consent records can work if they're complete. If you can produce a specific consent record with a timestamp, the consumer's IP address, the exact disclosure text, and evidence it matches the version live on your site that day, that's a real defense. Most companies can't produce this. Lead aggregators often hand over nothing beyond a name and a phone number.
Facebook v. Duguid (2021) genuinely helped defendants who use systems that dial from a pre-loaded static list without any random or sequential generation [3]. If your legal team is confident your dialer architecture falls outside the narrowed ATDS definition, and you have expert support for that position, it's a viable strategy.
The bona fide error defense exists but is narrow. You have to show the violation happened despite procedures reasonably adapted to avoid it. Courts read "reasonably adapted" strictly. A boilerplate compliance policy you wrote and never trained anyone on won't satisfy it.
What doesn't work: arguing you hired a vendor and didn't know. Under the FCC's 2013 order, a seller who initiates or directs TCPA-covered calls through an agent is liable for the agent's violations [5]. The "I didn't know my vendor was using a predictive dialer" line has failed over and over.
How much does a TCPA case actually cost to defend or settle?
Individual TCPA suits (not class actions) typically settle in the range of $5,000 to $25,000, though that varies enormously with call volume, evidence strength, and whether the plaintiff is a serial litigant working with a volume practice [2]. Some settle for less. Some serial plaintiffs have pulled six-figure settlements out of companies with obvious violations.
Class actions are a different magnitude. The settlements that make the news range from around $2 million at the low end to $75 million in the Dish Network case [2]. Defense legal fees alone often reach $500,000 to $2 million for a case that goes through class certification. Most defendants settle long before that point, which is exactly what plaintiff attorneys count on.
The FTC separately holds civil penalty authority that runs past $50,000 per violation after inflation adjustments [10]. FTC enforcement tends to target larger-scale operations, but smaller companies aren't immune if the conduct is egregious.
Run a quick sanity check on your own exposure before a lawsuit does it for you. LeadCompliant's free TCPA compliance tools at leadcompliant.com let you check numbers against the DNC registry and audit basic consent parameters at no cost.
Reverse the numbers and it gets ugly. At $500 per violation with 100,000 calls and a 10 percent error rate on consent, you're staring at $5 million in potential statutory damages. Defense costs to fight that would eat most of the savings anyway.
What can outbound teams do right now to reduce their exposure?
The things that actually cut TCPA exposure are unglamorous and operational. Here's what matters in practice.
First, document consent at the point of capture with a timestamp, the consumer's IP address, the exact disclosure text, and the URL of the form. Store it permanently and make sure you can retrieve it by phone number within hours, not days. If you buy leads, contractually require vendors to provide this documentation for every lead, then test that they actually can.
Second, scrub against the National DNC Registry on a schedule no longer than 31 days, and scrub against your internal do-not-call list before every single campaign [7]. The internal DNC list matters as much as the federal registry. Anyone who has asked you to stop calling gets honored immediately.
Third, audit your dialer configuration. Know whether your system qualifies as an ATDS under the Facebook v. Duguid standard. If your vendor can't answer that question clearly in writing, that itself is a problem. Get the answer, and get it documented.
Fourth, train your team to recognize and escalate TCPA complaints fast. A single complaint letter that reaches the CEO's inbox, gets ignored, and surfaces in discovery two years later can turn a defensible case into a willfulness finding.
If you want a structured starting point, the LeadCompliant compliance kit walks through these steps with checklists and template documentation you can adapt for your own team.
For teams relying on cold call outreach, reviewing your dialing practices against the do not call telemarketer list and learning how to get the do not call list for your own scrubbing process are both practical next steps.
Frequently asked questions
Can a TCPA plaintiff sue even if they never asked to be put on a do not call list?
Yes. The TCPA creates separate rights. The DNC claim under 47 U.S.C. § 227(c) requires registry registration or a company-specific opt-out request. But the ATDS and prerecorded-voice claims under 47 U.S.C. § 227(b) require only that you lacked prior express written consent. A plaintiff who never registered with the DNC can still sue for automated calls to their cell phone without consent.
How long does a plaintiff have to file a TCPA lawsuit?
The TCPA has a four-year federal statute of limitations under 28 U.S.C. § 1658. Some states have their own TCPA-equivalent laws with different limitations periods. A plaintiff can recover for calls made up to four years before filing, which is why a large-volume campaign from years ago can still become a lawsuit today if a plaintiff only recently learned about their rights.
What is "prior express written consent" under the TCPA?
The FCC's 2013 rule defines it as a written agreement, signed by the consumer, that clearly and conspicuously authorizes the seller to deliver autodialed or prerecorded calls or texts to a specific phone number. The agreement must state it authorizes automated contacts and cannot be a condition of buying goods or services. A verbal agreement or an unchecked checkbox does not meet this standard.
Does Facebook v. Duguid mean autodialer claims are dead?
No. The Supreme Court narrowed the ATDS definition in 2021 to require a random or sequential number generator, which eliminated some claims against systems dialing from static lists. But predictive dialers, ringless voicemail platforms, and some cloud-based systems may still qualify. Plaintiff attorneys have adapted their expert testimony accordingly, and litigation over specific dialer architectures continues in district courts.
Can I be liable for TCPA violations if I used a third-party vendor to make the calls?
Yes. The FCC's 2013 declaratory ruling held that sellers who initiate or direct telemarketing calls through agents are liable for those calls under the TCPA. You can't outsource TCPA compliance by hiring a dialing vendor. You're responsible for making sure the vendor follows the statute, the consent records are valid, and the dialing system meets applicable standards.
What damages can a TCPA plaintiff actually collect?
The statute sets $500 per violation for standard violations and up to $1,500 per violation for willful or knowing violations. Courts have discretion to award the higher amount if evidence shows the defendant knew about the requirements and violated them anyway. In a class action with 100,000 class members, even $500 per call yields $50 million in potential exposure before legal fees.
Do TCPA rules apply to text messages the same way they apply to calls?
Yes. The FCC confirmed in 2003 that text messages to cell phones fall under the TCPA's automated call restrictions. A text sent via an ATDS or prerecorded-voice platform requires the same prior express written consent as a phone call. Each individual text message counts as a separate violation, which makes high-volume SMS campaigns especially risky if consent documentation is incomplete.
What is a serial TCPA plaintiff and should I be worried about them?
A serial plaintiff is someone who repeatedly signs up for marketing lists, receives calls, and sues under the TCPA. Courts are split on whether this conduct affects standing or damages, but most have held that even a plaintiff who deliberately attracted the calls has standing if consent was absent or defective. Your best protection is proper consent documentation, not trying to identify and avoid serial plaintiffs.
How do plaintiff attorneys find out about my calling campaign if no one has complained yet?
Several ways. FCC consumer complaint records are public. PACER shows prior TCPA cases against defendants by name. Some plaintiff firms use data brokers and call-tracking services to monitor large-scale dialing activity. Employees, former employees, and competitors have also reported companies. By the time a demand letter arrives, the attorney usually already holds substantial documentation of your calling volume.
Does the TCPA apply to B2B calls?
It depends on the call type and the number called. The residential DNC list applies specifically to residential subscribers. But if your sales rep calls a person's cell phone using an ATDS or prerecorded voice, the TCPA's § 227(b) restrictions apply regardless of whether the context is business-to-business. Calling a business contact's personal cell phone without consent using automated technology is still a potential violation.
Can I revoke my liability if a consumer revokes consent?
Revocation of consent is recognized under the TCPA, and the FCC clarified in 2015 that consumers can revoke consent using any reasonable method. Once a consumer clearly communicates they no longer consent, any subsequent automated call or text is a violation. You need a system that captures opt-out requests in real time, updates your dialing lists immediately, and keeps a permanent record of the revocation.
What's the difference between an individual TCPA suit and a class action?
An individual suit involves one plaintiff seeking $500 to $1,500 per call they personally received. A class action aggregates all similarly situated people, which can mean hundreds of thousands of plaintiffs. Individual suits settle faster and cheaper but attract serial plaintiffs. Class actions take years but produce much larger settlements. Both are viable plaintiff strategies; your call volume and consent hygiene determine which is more likely.
Sources
- U.S. Government Publishing Office, 47 U.S.C. § 227 (TCPA statute text): Statutory damages of $500 per violation, up to $1,500 for willful violations; ATDS definition; private right of action for DNC violations after two calls in 12 months
- Seyfarth Shaw LLP (law firm publications and litigation reviews): TCPA class action settlements averaged around $6.5 million; Dish Network paid $75 million to resolve TCPA and related claims
- U.S. Supreme Court, Facebook, Inc. v. Duguid, 592 U.S. 395 (2021): ATDS definition requires use of a random or sequential number generator; systems dialing from static stored lists do not qualify
- FTC, Complying with the Telemarketing Sales Rule (business guidance): Consent forms must clearly disclose the nature of automated contact to be valid under telemarketing rules
- FTC, National Do Not Call Registry (business guidance and registration site): Telemarketers must access the DNC registry at least every 31 days
- Legal Information Institute, Cornell Law School, Federal Rule of Civil Procedure 23: Class certification requires numerosity, commonality, typicality, and adequacy of representation
- FTC, Telemarketing Sales Rule, 16 CFR 310.4 (abandoned call provisions): Rules require that no more than 3 percent of answered calls be abandoned, measured over a 30-day period, for predictive dialers
- FTC, business guidance on civil penalties and inflation adjustments: FTC civil penalties for telemarketing violations are adjusted periodically for inflation and have exceeded $50,000 per violation in recent years