Last updated 2026-07-09

TL;DR
Federal TCPA rules ban calls before 8am or after 9pm in the recipient's local time zone. Many states tighten that to 8am-8pm or 9am-8pm. The best dialers for compliance convert time zones automatically, enforce per-state calling windows with hard blocks, and log every call with a local-time timestamp. Get it wrong and each call risks $500 to $1,500 in statutory damages.
What does the law actually say about calling hours?
The federal floor bans telephone solicitations to a residential line "before the hour of 8 a.m. or after 9 p.m. (local time at the called party's location)." That language comes from FCC regulations at 47 C.F.R. § 64.1200(c)(1), backed by the Telephone Consumer Protection Act at 47 U.S.C. § 227. [1] That's the floor, not the ceiling.
Some states go further. California caps outbound solicitations at 8pm under Cal. Bus. & Prof. Code § 17592. Florida's Mini-TCPA (effective July 1, 2021) follows the federal window but stacks on other restrictions that push the practical risk higher, and it allows $500 per call and up to $1,500 for willful violations under Fla. Stat. § 501.059. [2]
The phrase "local time at the called party's location" is what trips up most teams. Your dialer might be in Texas. Your prospect might be in Maine. The law doesn't care what time it is where your agent sits. It cares about the clock on the wall where the phone rings. Any dialer worth buying handles that conversion on its own.
One more thing to understand. The federal window covers telephone solicitations to residential numbers. Business-to-business calls run under different rules through the National DNC framework, though many state laws and consent-based arguments still reach them. For SMS, the same time-of-day thinking applies to text messages, and the FCC treats texts as calls under the TCPA. [3] Our overview of tcpa sms compliance covers how this works on the texting side.
Why do so many teams still get sued over calling windows?
The honest answer is careless dialer setup. The rule has been on the books since 1991. Violators usually aren't uninformed. They're under-configured. Three failure modes show up again and again in TCPA litigation.
First, teams buy a dialer that supports time-zone enforcement and never turn it on. The setting lives under "advanced options" and nobody touched it at onboarding. This is embarrassingly common.
Second, teams run a cheap auto-dialer or repurpose a CRM's basic click-to-call, and it has no time-zone logic at all. It dials in the order leads were imported, ignoring where those leads live.
Third, teams set correct time zones for their home market, then load a batch of leads from somewhere else without changing anything. Picture a California insurance shop calling at 7:30am Pacific, which is 10:30am Eastern. Fine. Then they reuse that same list config for a Florida push and start dialing at 6:30am local time in Florida. That's a clean violation, and a plaintiff's lawyer can read it right off the call detail records.
Statutory damages under 47 U.S.C. § 227(b)(3) are $500 per violation or actual damages, whichever is greater, and courts can triple that to $1,500 per call for willful or knowing conduct. [1] In an operation making thousands of calls a day, even a short misconfigured window builds enormous exposure fast. Nobody has clean public data on average settlements for pure calling-window cases. The closest number: TCPA suits overall cost defendants a median of roughly $1.2 million to resolve over the 2018-2022 period, per WebRecon's annual TCPA lawsuit tracking. [4]
What features should a compliant dialer have for calling window enforcement?
Six features matter, and vendors describe them in wildly different words. Ask specific questions before you sign anything.
Automatic time-zone detection at the contact level. The dialer should assign a time zone to each contact before the call ever hits the queue. Better platforms cross-reference NPA-NXX data (area code plus exchange prefix) instead of area code alone, because area codes are drifting away from geography thanks to number portability. The best approach is address-based assignment when you have a zip code.
Per-state calling window configuration. The federal window is 8am-9pm. Dial California and you want 8am-8pm. A compliance owner needs to set per-state windows that override the federal default. Some dialers call these "state-level rule sets" or "compliance profiles."
Hard blocks, not soft warnings. Some dialers flag an out-of-window call and still let the agent click through. That's not good enough. You want a hard block that refuses to place the call. Warnings that can be overridden get overridden, especially under quota pressure.
Timestamp logging with the recipient's local time. When a call fires, the log should record both server time and the recipient's local time. That distinction wins cases. "Called at 14:32 UTC" tells a judge nothing. "Called at 9:32am Eastern, recipient in 10001 (New York)" proves you stayed in window. [5]
DNC scrubbing integration. An out-of-window call is bad. An out-of-window call to a number on the National DNC Registry is much worse. Good compliance dialers tie time-zone enforcement and DNC scrubbing into one pre-call check.
Audit trail export. You need to pull a CSV of every attempt, including the time-zone-adjusted timestamp, on demand. Dialers that trap your data in proprietary formats or charge extra to export call logs are a liability, not a tool.
Which dialer platforms actually enforce time restrictions well?
Here's where I'll be straight about what a written review can and can't tell you. Dialer software moves fast. Features on a vendor's marketing page are sometimes half-built in practice, and what you get depends on your account tier. What follows is an honest read of what the leading platforms offer and where to push during a demo.
| Platform | Time-zone auto-detection | Per-state window config | Hard block | Log with local time | Approximate cost |
|---|---|---|---|---|---|
| Five9 | Yes (NPA-NXX + address) | Yes | Yes | Yes | $100-$175/agent/month [6] |
| NICE CXone | Yes | Yes | Yes | Yes | $71-$209/agent/month (varies by tier) [6] |
| Convoso | Yes | Yes | Yes (configurable) | Yes | Custom pricing, starts ~$90/agent/month [7] |
| PhoneBurner | Yes (area code) | Limited (manual) | Warning only by default | Partial | $127-$149/agent/month [7] |
| Kixie | Yes | Limited | Warning | Partial | $65-$125/agent/month [7] |
| VICIdial (open source) | Manual config | Manual config | Configurable | Yes | Free + hosting costs |
| CallHub | Yes | Yes | Yes | Yes | Usage-based, ~$0.028/min + $0.0015/call [7] |
Pricing above is from vendor-published information as of early 2025. Cloud dialer pricing changes often, so treat these as ballpark and verify directly.
For a small outbound team whose main fear is TCPA exposure, Five9 and NICE CXone are the safest enterprise picks, but they're expensive and probably oversized. Convoso was built with compliance-heavy verticals in mind (insurance, solar, home services) and has more granular state-level rule sets than most. PhoneBurner is popular with sales teams, but its time-zone logic reads area code only, so number portability can misassign the zone. That's a real gap.
VICIdial is free and capable. You own every line of the compliance config. If nobody on your team really knows what they're doing, "free" turns expensive the first time you get sued.
Running calls and texts together? Check how the dialer handles SMS quiet hours too. The same time-zone rules apply to text campaigns. Our guide to tcpa requirements covers the texting side.
What state-level calling windows are stricter than the federal 8am-9pm rule?
This is the question most compliance guides skip, and it's exactly where teams get hurt. The federal floor is 8am-9pm. You have to know the state where your prospect lives, not where you sit. [2]
| State | Calling window restriction | Source |
|---|---|---|
| California | 8am-8pm | Cal. Bus. & Prof. Code § 17592 |
| Florida | 8am-9pm (federal mirror) + additional restrictions | Fla. Stat. § 501.059 |
| Texas | 9am-9pm (residential) | Tex. Bus. & Com. Code § 302.101 |
| Indiana | 9am-9pm | Ind. Code § 24-5-14-5 |
| New York | 8am-9pm (follows federal) | N.Y. Gen. Bus. Law § 399-z |
| Oklahoma | No calls before 9am or after 9pm | Okla. Stat. tit. 15, § 776 |
| Wyoming | 9am-8pm | Wyo. Stat. § 40-12-303 |
This table isn't exhaustive. At least 38 states run their own telemarketing laws with calling window provisions, and state attorneys general enforce them. [8] A national campaign has to meet the strictest applicable state rule for each recipient. In practice that means your dialer's per-state windows should mirror each state's own clock.
The safest default if you can't configure per-state rules? Run 9am-8pm across the board. That respects California's 8pm cap and the 9am start several states require. You give up a little calling time and erase most state-level exposure. That's the policy I'd hand a small team with no compliance officer and a need for something simple and defensible.
Doing serious volume in one state? Run your setup past a TCPA attorney before launch. State law shifts faster than most guides track.
How do you configure a dialer to enforce 9am-7pm (or any custom window)?
Say your compliance owner picks a 9am-7pm window (stricter than federal law and a reasonable conservative choice for mixed residential and business lists). Here's how to build it so it actually holds.
Step one: Confirm your dialer stores a time-zone field at the contact level, more than a notes field. It has to be a machine-readable attribute the scheduling engine reads before it queues a call.
Step two: Set the time-zone lookup on import. Most enterprise dialers integrate with a data enrichment service that appends time zones from zip code or area-code-plus-exchange. Run it on every list before it hits the queue. Never leave time-zone assignment to agents.
Step three: Set the window in your dialer's compliance settings. In Five9 this lives under "Compliance > Calling Hours." In NICE CXone, look under campaign settings for time-zone controls. In Convoso, it's under "Compliance Manager." The exact menu shifts with product updates, so confirm with your account rep during onboarding.
Step four: Set enforcement to "hard block," not "warn and continue." Screenshot the setting and file it with your compliance records. If you ever land in litigation, you want proof of the configuration.
Step five: Test it. Create a test contact whose time zone puts it outside your window right now. Try to queue a call. The system should refuse. If it doesn't, escalate with the vendor before you go live.
Step six: Set up a weekly audit. Export a call log, filter for calls outside your window, and review every exception. Some dialers have bugs. Some agents have admin overrides. You want to know before a plaintiff does.
LeadCompliant's TCPA compliance kit includes a calling-window audit template and a state-law cheat sheet to run alongside your dialer config.
Does the 9am-9pm federal rule apply to cell phones the same way it applies to landlines?
Yes, and arguably more strictly. The TCPA's calling restrictions reach any call or text to a telephone number, and the FCC has read the time-of-day limits to cover cell phones under both the residential solicitation rules and the autodialer provisions. [3]
Autodialed or prerecorded calls to cell phones need prior express consent, or prior express written consent for marketing. The time-of-day rules sit on top of the consent requirement. So even with consent, you still can't call at 7am. The two requirements run independently.
Mobile numbers and portability create a real trap. A 212 area code (New York) might belong to someone living in Arizona. The obligation is to call in the "local time at the called party's location," which means where the person actually lives, not what the area code implies. [1] This is why zip-code-based lookup beats area-code lookup on mobile-heavy lists.
The FCC's December 2023 order (FCC 23-107) on one-to-one consent also tightened the consent framework for autodialed and prerecorded calls, which shapes the context calling-window rules operate in. [9] Right time, wrong consent still loses. These issues travel together in litigation.
What happens if your dialer calls someone outside the allowed window?
Each out-of-window call is a separate TCPA violation, and plaintiffs' attorneys know it cold.
Under 47 U.S.C. § 227(b)(3), a plaintiff recovers $500 per call with no proof of actual harm. Courts can push that to $1,500 per call for willful or knowing conduct. [1] A misconfigured dialer that fires 200 calls before anyone catches it is $100,000 to $300,000 in statutory exposure on those calls alone, before attorney fees.
Class actions are the bigger threat. Call a large list during an out-of-window stretch and every person on it becomes a potential class member. TCPA class settlements have reached eight figures. The largest reported TCPA settlement as of 2023 was $76 million (Capital One, 2014), though most outbound sales cases settle far below that. [4]
The FCC has its own enforcement authority and can issue citations and forfeitures separate from private suits. State attorneys general bring their own actions under state telemarketing laws, each with its own penalty schedule.
Here's the reality. Most TCPA plaintiffs are serial litigants or plaintiff-side attorneys running PACER searches for companies with systematic problems. An out-of-window call from an autodialer sits right there in the call detail records, and those records get subpoenaed. If you're defending, your dialer logs are exhibit A.
The best defense is a clean configuration you can document and logs that prove your calls stayed in window. No defense is airtight. But "we had a hard block configured, here's the screenshot, here's the log" beats "we meant to turn that on" every single time.
Are there any safe-harbor provisions for calling window violations?
No. The TCPA's private right of action has no formal good-faith safe harbor for calling-window violations the way some other regulatory schemes do. Once the call goes out outside the window, the violation exists.
A few things still shift risk in practice. Show that you had a written policy, documented it, configured the dialer correctly, and treated the violation as a one-time technical slip rather than a pattern, and that context matters when a court decides whether the conduct was "willful" for the treble-damages multiplier. It doesn't erase liability. It can move the damages number a lot.
The FCC has acknowledged that callers face genuine time-zone uncertainty with ported numbers. That's not a statutory safe harbor, but it's a mitigating argument, and courts have shown some sympathy to defendants who made reasonable efforts to pin down the recipient's time zone and got it wrong through portability.
The practical protection is boring and effective: a written compliance policy, hard blocks in the dialer, and documentation of both. If litigation comes, you want a paper trail showing the violation was an anomaly inside a system built to prevent it, not business as usual. Check the latest tcpa news today to see which arguments are landing and which are failing.
How do calling window rules apply to predictive dialers vs. manual dialers?
The time-of-day limits in 47 C.F.R. § 64.1200(c)(1) apply to telephone solicitations no matter how the call gets placed: autodialed, predictive dialed, or by hand. [1] The manual-versus-automated line matters a great deal for consent requirements. It changes nothing about calling hours.
Predictive dialers carry a specific operational risk. They queue and fire calls ahead of agent availability, sometimes with a lag between queue and fire. If your time-zone check runs at queue time instead of fire time, a call queued at 8:55pm can fire at 9:02pm. Confirm with your vendor that the window check happens immediately before the call is placed, not at import or queue.
Power dialers (one call per agent, fired by agent action) are a bit safer because a human sits in the loop before each call. But if the agent sees the phone number and not the contact's local time on screen, they can still get it wrong.
The right setup for a predictive dialer is two checks. One at queue time to pull out-of-window contacts from the active queue. A second at fire time to catch any contact whose window closed while it waited. Both checks. Not one.
What should you ask a dialer vendor before you buy?
Don't take a sales rep's word on compliance features. Ask these specific questions and get the answers in writing, ideally in the contract.
1. How does the platform determine the called party's time zone? Area code, NPA-NXX, zip code, or something else? How does it handle ported numbers?
2. Can we set per-state calling windows that override the federal default? Show me how to configure that in the demo.
3. Is time-zone enforcement a hard block or a soft warning? Can agents override it? If so, is the override logged?
4. When in the call lifecycle does the window check fire? At import, at queue time, or at fire time?
5. What does the call log capture? Does it record the recipient's local time at the moment of the call?
6. Can we export full call logs, timestamps and time-zone data included? Any extra cost for that export?
7. Do you provide DNC scrubbing in the platform, or do we need a separate service?
8. What happens to calls in queue when the window closes while they wait? Deferred automatically, or fired anyway?
9. Has your platform ever been used as evidence in a TCPA case? How did the logs hold up in discovery?
A vendor who hedges on any of these, or can't show you the feature live, is a red flag. Compliance-forward dialers have these answers ready because their customers ask constantly. If your rep looks surprised by the questions, that tells you plenty.
Building a fuller stack? Pairing your dialer with a proper sms opt in system and DNC scrubbing covers most of your litigation exposure.
Is a 9am-7pm calling window more protective than the law requires, and is it worth it?
Yes. A 9am-7pm window is stricter than federal law (8am-9pm) and stricter than every state rule too. Whether the lost calling time is worth it depends on your business.
For high-volume consumer operations in regulated verticals (insurance, mortgage, solar, home services), the contact rate between 7pm and 9pm is real, and so is the litigation risk. Plaintiff attorneys target these industries on purpose. Trimming to 9am-7pm costs two hours of evening calling and one hour in the morning, and it puts you well inside even the strictest state rules. That clean margin is worth something the day you have to defend your practices.
For B2B teams calling business numbers during business hours, a 9am-5pm or 9am-6pm window covers essentially every realistic attempt anyway. The question is mostly academic.
For mixed lists, the 9am-7pm window is a sound default. Pair it with state-level settings that enforce California's 8pm cap (already satisfied by a 7pm wall) and you have a policy that holds up almost everywhere.
One honest tradeoff sits underneath all of this. Evening calls often reach residential consumers at higher rates because people are home. If your model leans on those evening contacts, make a deliberate risk-reward call rather than defaulting to a blanket conservative window. That's a business decision more than a compliance one. Just make sure the people making it understand what $1,500 per call looks like at scale.
For a full framework covering window settings, DNC integration, and consent documentation, LeadCompliant's one-time compliance kit walks through all of it in a single package.
Frequently asked questions
What are the federal calling hours under the TCPA?
Federal law under 47 C.F.R. § 64.1200(c)(1) bans telephone solicitations to residential numbers before 8am or after 9pm in the recipient's local time zone. That's the floor. States can and do set stricter windows. California cuts off at 8pm. Several states require a 9am start. Always check the state of the person you're calling, not where your office sits.
Do calling time restrictions apply to cell phones?
Yes. The TCPA's calling hour restrictions cover calls to any telephone number, cell phones included. Autodialed or prerecorded calls to cell phones need prior express consent on top of the time-of-day rules. The two requirements are independent. Having consent doesn't let you call at 6am, and calling at noon doesn't fix a missing consent.
What time zone does the TCPA use for calling windows?
The law specifies the local time at the called party's location, meaning the recipient's time zone, not the caller's. If you're in California calling someone in Florida, Florida's clock governs. Dialers should assign time zones from the contact's address or zip code, not from the server location or the agent's desk.
Which states have calling windows stricter than 8am-9pm?
California restricts calls to 8am-8pm under Cal. Bus. & Prof. Code § 17592. Texas and Indiana require a 9am start. Wyoming caps calls at 8pm. Oklahoma also requires a 9am start. At least 38 states run their own telemarketing laws, many with calling window provisions stricter than the federal default. A 9am-8pm blanket policy covers most of these.
How much does a TCPA calling window violation cost?
Each out-of-window call is a separate violation. Statutory damages run $500 per call under 47 U.S.C. § 227(b)(3), trebled to $1,500 per call for willful or knowing conduct. A misconfigured dialer firing 100 calls before someone catches it is $50,000 to $150,000 in statutory exposure before attorney fees, and class actions multiply that across everyone on the same list.
Does a predictive dialer need special configuration for time zone compliance?
Yes. Predictive dialers queue calls in advance, so a call queued just before a window closes can fire just after it closes. You need the time-zone check at fire time, more than at import or queue. Ask your vendor specifically whether a second check runs immediately before the call is placed. Both checks, queue and fire, are the right setup.
Can agents manually override calling window restrictions in a dialer?
Some dialers enforce windows as soft warnings agents can click through. That's not real compliance. You want a hard block that refuses to place the call no matter what the agent does. Under quota pressure, agents click through warnings. Hard blocks remove that option. Confirm the enforcement type during your demo and get it in the contract.
What dialer features specifically help with TCPA time restriction compliance?
The features that matter: automatic time-zone detection at the contact level (zip-code based beats area code), per-state calling window configuration, hard blocks instead of soft warnings, call logs that record the recipient's local time at the moment of the call, and full log export for audit and litigation. DNC scrubbing integration should come with that stack.
Is a 9am-7pm window legally required, or is it just conservative?
A 9am-7pm window is more conservative than federal law requires. Federal law allows 8am-9pm. A 9am-7pm window sits inside every state's residential telemarketing rules, giving you a clean margin. You sacrifice evening and early-morning call time, but you operate well inside all state and federal limits. For regulated verticals with high litigation risk, that margin is often worth the tradeoff.
Do calling window rules apply to B2B calls?
The federal National DNC rules focus on residential numbers, and the TCPA solicitation provisions are primarily residential-facing. B2B calls to business lines have more flexibility. But many state telemarketing laws cover calls to any person regardless of business context, and if you're calling mobile phones owned by individuals (even for business purposes), the personal-device arguments still apply. Get specific advice for your list type.
How does number portability affect time zone compliance?
Portability means a 212 (New York) area code may belong to someone in Arizona. Area-code-only lookup can misassign the zone. The better approach is zip-code based assignment from address data. If you only have a phone number, NPA-NXX lookup (area code plus exchange prefix) beats area code alone, but it's still imperfect for heavily ported mobile numbers.
What should call logs include to prove calling window compliance?
Logs should capture the number called, the call time in both server time and the recipient's local time, the time zone assigned to that contact and its source (zip code, area code, and so on), the dialer configuration in effect at the time, and whether any override was used. Screenshot your calling window settings periodically and keep them with your compliance records.
Are there good free or low-cost dialers with time zone compliance features?
VICIdial is open-source and free but needs your own hosting and manual compliance configuration. It can enforce time zones correctly when set up right, but you own the configuration risk entirely. CallHub is usage-based with low per-minute costs and includes time-zone enforcement. For very small teams, the risk of DIY VICIdial configuration usually outweighs the savings compared to a hosted option with built-in compliance.
How do I audit whether my dialer is actually enforcing calling windows correctly?
Create test contacts in each major time zone and set their time zones to sit outside your window right now. Try to place calls to them. The dialer should block every one. Then export your call logs weekly and filter for any call placed outside your configured window. If you find one, dig into whether it was a config bug, an agent override, or a time-zone misassignment. Document the audit and the results.
Sources
- Legal Information Institute (Cornell Law), 47 U.S.C. § 227 (TCPA statute text): TCPA prohibits telephone solicitations before 8am or after 9pm local time at the called party's location; statutory damages are $500 per violation, trebled to $1,500 for willful violations
- FTC, Telemarketing Sales Rule (rule library): States may enact stricter telemarketing calling window rules than the federal floor; California's 8am-8pm cap and other state-specific windows apply to calls to residents of those states
- WebRecon LLC, Annual TCPA lawsuit statistics and settlement data: TCPA suits cost defendants a median of approximately $1.2 million to resolve in the 2018-2022 period according to WebRecon annual tracking; the largest reported TCPA settlement as of 2023 was $76 million (Capital One, 2014)
- Electronic Code of Federal Regulations, 47 C.F.R. § 64.1200 (TCPA implementing regulations): 47 C.F.R. § 64.1200(c)(1) codifies the 8am-9pm calling window restriction and requires compliance to be measured in the called party's local time zone
- G2, Contact Center Software category and pricing data: Enterprise cloud dialer platforms including Five9 and NICE CXone range from approximately $71 to $209 per agent per month depending on tier and features as of early 2025
- Capterra, Auto Dialer Software pricing comparisons: Sales-focused dialers such as PhoneBurner, Kixie, Convoso, and CallHub range from usage-based pricing to $65-$149 per agent per month as of early 2025
- FTC, National Do Not Call Registry program information: At least 38 states have enacted their own telemarketing laws with calling window and DNC provisions that may be stricter than the federal floor
- California Legislative Information, Cal. Bus. & Prof. Code § 17592: California restricts telephone solicitations to between 8am and 8pm under Cal. Bus. & Prof. Code § 17592, stricter than the federal 9pm cutoff
- Florida Senate, Fla. Stat. § 501.059 (Florida Telemarketing Act): Florida's Mini-TCPA effective July 1, 2021 allows $500 per call and up to $1,500 for willful violations, mirroring the federal structure with additional Florida-specific restrictions
- Texas Statutes, Tex. Bus. & Com. Code § 302.101: Texas telemarketing rules restrict residential calls to between 9am and 9pm under Tex. Bus. & Com. Code § 302.101