FTC Telemarketing Sales Rule and text messages: what's officially covered

The FTC's TSR covers text messages sent for telemarketing. Learn the official rules, consent requirements, and penalties up to $51,744 per violation.

LeadCompliant Team
24 min read
In This Article

Last updated 2026-07-10

Person holding smartphone at a desk, representing text message compliance review
Person holding smartphone at a desk, representing text message compliance review

TL;DR

The FTC's Telemarketing Sales Rule covers text messages used for telemarketing, not only phone calls. Senders need prior express consent, must honor opt-outs immediately, and cannot text numbers on the National Do Not Call Registry. Violations carry civil penalties up to $51,744 per message. The TCPA runs alongside the TSR and adds its own layer of liability.

Does the FTC Telemarketing Sales Rule actually apply to text messages?

Yes, officially. The FTC's Telemarketing Sales Rule (TSR), codified at 16 CFR Part 310, covers "telemarketing" broadly. The rule defines telemarketing as a plan, program, or campaign to induce the purchase of goods or services through the use of one or more telephones, and the FTC treats text messages sent for that purpose as covered. [1]

The TSR was written with voice calls in mind. The agency's guidance has since confirmed that SMS and MMS campaigns promoting sales, soliciting donations, or inducing a transaction sit under the same prohibitions. Send a text that says "Buy now, 20% off today only," and the FTC treats that message the same way it treats an outbound sales call. [2]

This surprises a lot of teams. The Telephone Consumer Protection Act (TCPA), enforced by the FCC, gets most of the press. But the TSR adds a separate, parallel obligation. You can be fully TCPA-compliant and still violate the TSR, and the reverse is true too. Running both checklists is not optional if you're doing outbound SMS at any scale.

One practical note. The TSR's text rules bite hardest for commercial sellers and telemarketers, including lead generators. Purely informational texts (appointment reminders, shipping notifications, two-factor codes) generally fall outside the TSR because they don't induce a purchase. The line blurs the moment you add a promotional message or a buy-now link.

What does the TSR actually say about texts? The exact statutory and rule language

The base TSR text does not use the words "text" or "SMS," but the FTC's guidance and enforcement history treat them as covered. The rule prohibits telemarketers from initiating an outbound telephone call to induce a purchase from a person who has not given prior express consent and whose number is on the National Do Not Call Registry. [1]

The FTC's definition of "outbound telephone call" at 16 CFR 310.2 is where texts get caught: a telephone call initiated by a telemarketer to induce the purchase of goods or services. The agency's position is that an SMS is a form of telephone communication. Enforcement actions have treated commercial texts as telephone calls under this framework. [2]

For authoritative language, the FTC's Negative Option Rule and TSR amendments are worth reading directly. The amended rule tightened requirements around negative-option marketing, which shows up constantly in subscription SMS funnels: you cannot use a text to enroll someone in a recurring subscription without clear, unambiguous disclosure of the terms before you collect any payment information. [3]

The TCPA (47 U.S.C. § 227) is the statute most people cite for text complaints. The TSR is the FTC's independent enforcement hook. Both apply. The TCPA states that it is unlawful "to make any call (other than a call made for emergency purposes or made with the prior express consent of the called party) using any automatic telephone dialing system" to a wireless number. [4] An SMS sent by an auto-dialer hits that provision directly.

The TSR requires "prior express consent" for covered telemarketing texts. The recipient must agree, before your first message, to receive that category of communication from you or your company. [1]

Most compliance attorneys treat TSR consent as prior express written consent in practice, because the TCPA's parallel requirement for texts to cell phones is explicitly written consent (under the FCC's 2012 amendments and the 2024 one-to-one consent order). The FTC has not used the word "written" in the TSR for texts, but a verbal opt-in you cannot document is a bad position to defend. [5]

Here is what written consent looks like for SMS. The consumer sees a clear disclosure explaining: (1) they're agreeing to receive autodialed or prerecorded text messages, (2) who is sending them, (3) the general subject matter, and (4) that consent is not a condition of purchase. They then check a box or sign (a typed name on a web form counts). You store a timestamped record of that action. [6]

What does not work: a pre-checked box buried in your terms of service, a blanket consent to "communications" that never mentions texts, or consent gathered by a third-party lead generator that named a different sender. The FCC's one-to-one consent rule, effective January 2025, made that third-party-list problem much sharper. Each seller must be identified in the consent at the moment the consumer gives it. [5]

For any team buying leads and texting them, the consent chain is the biggest legal risk you carry. See our coverage of cold calling for how the same consent logic plays out in voice.

Does the National Do Not Call Registry apply to texts?

Yes. The National Do Not Call (DNC) Registry, maintained by the FTC, applies to telemarketing text messages. [2] If a consumer's number is registered and you send them a commercial text promoting a product or service, that is a TSR violation, full stop.

The registry covers any plan or campaign to induce the purchase of goods or services by telephone, and the agency's position is that this reaches SMS. Telemarketers must scrub their text lists against the DNC registry before sending, exactly as they would for outbound voice. [2]

Registering is free for consumers. Telemarketers pay to access the registry for scrubbing. Fees are set annually. As of 2024, the fee is $75 per area code per year, with the first five area codes free, and access to all area codes costs $18,936 annually. [7]

One common misunderstanding: the existing business relationship (EBR) exemption exists in the TSR, but it's narrow. The EBR lasts 18 months from the most recent transaction, or 3 months from when the consumer made an inquiry. Once those windows close, the EBR can't override a DNC registration. For texts specifically, get explicit written consent anyway. The EBR was built around voice calls and gives you thin cover in the SMS context.

How do TSR text message rules compare to TCPA text message rules?

This is where compliance teams get genuinely confused, so here is the clearest table I can give you.

RuleEnforced byApplies to texts?Consent standardPer-violation penalty
Telemarketing Sales Rule (TSR), 16 CFR Part 310FTCYes, for telemarketing textsPrior express consent (written recommended)Up to $51,744 per violation [8]
TCPA, 47 U.S.C. § 227FCC + private plaintiffsYes, for autodialed/prerecorded texts to cell phonesPrior express written consent$500 to $1,500 per text [4]
FCC One-to-One Consent Rule (2024)FCCYesOne identified seller per consent eventStacks with TCPA penalties [5]
State DNC/telemarketing lawsState AGsVariesVaries, often stricterVaries, sometimes $10,000+ per call/text

The biggest difference is the private right of action. The TCPA lets any individual consumer sue you directly, no government agency required. Class action lawyers have built whole practices on TCPA violations because of it. The TSR is enforced by the FTC (and state AGs under concurrent jurisdiction), so there's no direct consumer lawsuit under the TSR. That doesn't make the TSR softer. FTC enforcement can produce multi-million-dollar civil penalties and injunctions that shut a business down.

For outbound SMS teams, the TCPA is usually the faster litigation threat because of private suits. A TSR violation that triggers an FTC investigation can be existential. In 2023 and 2024, the FTC brought several actions against SMS-heavy lead generation operations, citing TSR violations alongside deceptive practice claims. [8]

Key TSR and TCPA numbers for text message compliance Official thresholds, penalties, and timeframes every SMS sender should know 52k Max TSR civil penalty per text violation 500 TCPA statutory damages per text (min) 1,500 TCPA statutory damages per text (max, willful) 18 DNC Registry: existing busi… relationship window (months) Source: FTC (16 CFR Part 310, penalty notices), FCC (47 U.S.C. § 227), 2024-2025

What are the TSR opt-out rules for text messages?

The TSR requires telemarketers to honor do-not-contact requests immediately. For texts, industry practice and FTC guidance line up: when a consumer replies STOP (or sends any clear opt-out signal), you stop texting them, and you can't re-add them without fresh consent. [1]

The TSR's requirement at 16 CFR 310.4 is that a telemarketer must immediately record and honor do-not-call requests. For texts, "immediately" means the opt-out clears before your next send. Most major SMS platforms handle this automatically. The danger is manual list management or third-party platforms that don't sync opt-outs across your whole database. [1]

Here's a scenario that produces violations constantly. A consumer opts out of a company's promotional texts via STOP. Their number stays on a purchased list that gets loaded into a new campaign three weeks later. The second batch of texts is a clean TSR violation, and a TCPA violation too. The fact that you didn't know the number sat on a previous opt-out list is not a defense.

The fix is one suppression list across all campaigns and all platforms. Every opt-out appends to that master list. Every new campaign upload gets suppressed against it before the first message goes out. This isn't complicated. It just needs someone to own it. Teams that never assign clear ownership of the suppression list are the ones who end up in enforcement actions.

A STOP reply is the recognized opt-out signal for SMS. Consumers can also opt out through any other clear expression of unwillingness: "Take me off your list," "Don't text me," or a written complaint. Your opt-out logic should catch those too, beyond the keyword STOP.

What TSR disclosures are required in a telemarketing text message?

The TSR at 16 CFR 310.4 requires telemarketers to make specific disclosures promptly when making a telemarketing contact: (1) the identity of the seller, (2) that the purpose of the call (or text) is to sell goods or services, and (3) the nature of the goods or services. [1]

For texts, these disclosures have to be in the message or immediately accessible from it. Sending "Click here" with a link to a product page likely falls short. Sending "[Company Name]: Get 20% off our [Product]. Reply STOP to opt out. Terms: [link]" gets much closer to compliant.

The amended TSR also requires specific disclosures for negative-option offers (subscriptions, free trials, continuity plans). Before you obtain any billing information, the texter must clearly disclose the fact that it's a subscription, the cancellation policy, the amount and frequency of charges, and the deadline for canceling to avoid a charge. Burying this in a linked terms page does not satisfy the requirement. The disclosure has to be clear and conspicuous, which for an SMS means it probably needs to sit in the message body or on a short landing page that appears before any payment step. [3]

State laws pile on their own disclosure requirements. California, Florida, and Texas all have state telemarketing statutes that can run stricter than the federal TSR. If you're texting into those states, and you almost certainly are, check state-specific requirements on top of the federal baseline.

What penalties can the FTC impose for TSR text message violations?

The FTC can seek civil penalties of up to $51,744 per violation under the TSR. [8] That number is not per campaign. It is not per day. It is per message, per recipient, in cases where the FTC treats each text as a separate violation.

Enforcement actions against SMS marketers have produced settlements and judgments in the millions. The FTC's action against Dish Network, which covered both calls and texts, ended in a $280 million judgment. [9] Most small teams will never see that scale. But an enforcement action involving even a few thousand texts can create seven-figure exposure before you add attorney fees.

TSR civil penalties adjust annually for inflation under the Federal Civil Penalties Inflation Adjustment Act. The $51,744 figure is the ceiling as of the most recent adjustment. [8]

Beyond dollars, the FTC can seek injunctive relief: a court order that bars you from telemarketing entirely, or that forces you to run a compliance program monitored by a court-appointed overseer. For a company whose core business is outbound SMS, an injunction is worse than any penalty.

State attorneys general can bring separate actions under the TSR's concurrent enforcement provision, and they can pursue state telemarketing and consumer protection claims at the same time. A single bad SMS campaign can trigger both a federal FTC action and a state AG action at once.

Are B2B text messages exempt from the TSR?

Partially, and the exemption is narrower than most sales teams assume. The TSR's business-to-business exemption at 16 CFR 310.6 excludes calls to businesses where the seller isn't offering a consumer good or service. [1]

For SMS, this means that if you text a business decision-maker about a business product, the TSR's main requirements (DNC scrubbing, consent, disclosure) generally don't apply, because the DNC registry only covers residential and personal wireless numbers, not business lines. But the FTC's position is that if the recipient's cell phone is a personal device, even one used for business, it may fall under the residential wireless protections.

The practical problem is that most B2B outreach lands on personal cell phones. A VP of Sales at a mid-size company probably has her mobile number on LinkedIn or in a data tool. That's a personal wireless number, even if she uses it for work. Texting it with a sales pitch may not qualify for the B2B exemption and almost certainly needs TCPA-compliant consent. [4]

So for B2B SMS: the TSR exemption may cover the text itself, but the TCPA consent requirement for autodialed texts to wireless numbers applies regardless. Teams running B2B outbound through SMS platforms that use auto-dialers need TCPA consent even when the TSR exemption holds. This is one of the most common misunderstandings in outbound sales. Our piece on what is cold calling in sales covers how the B2B exemption works in voice, which follows the same logic.

How should a small outbound team structure TSR-compliant text message compliance?

Here is what a workable program looks like for a team of ten or fewer running outbound SMS.

First, get written consent in your funnel before the first text goes out. A web form with a clear, unchecked disclosure checkbox is the standard mechanism. The disclosure should name your company, say texts will be sent for marketing, give an approximate frequency, and state that consent is not required to purchase. Keep a timestamped record of every consent event. [6]

Second, scrub your list against the National DNC Registry before every campaign. The FTC requires telemarketers to access the registry at least every 31 days and to use a list no older than 31 days for any given campaign. [2] Don't skip this even if your list came from a vendor that claims it already scrubbed. Pull your own scrub.

Third, keep one suppression list. Every opt-out (STOP replies, verbal requests, written complaints) goes on it. Every new campaign upload gets compared to it. This is the step most teams skip and most enforcement actions trace back to.

Fourth, put required disclosures in your messages or immediately before any transaction step. Company name, purpose of the text, and opt-out instructions (Reply STOP) belong in your first message to any new recipient.

Fifth, if you run subscriptions or free trials, the TSR's negative-option disclosures apply before you collect any payment information. Read 16 CFR 310.4 carefully, or have counsel read it for you.

LeadCompliant's free compliance kit includes a TSR/TCPA checklist and a consent disclosure template you can drop into your web forms. A checklist doesn't replace legal counsel. It does make your first conversation with a lawyer much shorter and cheaper.

Document everything. Date-stamped consent records, scrub confirmations, suppression list exports. If the FTC ever opens an investigation, your documentation is the difference between a quick close and a long, expensive one.

What changed in the TSR and TCPA rules recently that affects text senders?

Two changes deserve attention from any team running outbound SMS in 2024 and 2025.

The FTC's 2023 amendments to the TSR tightened negative-option marketing rules. If your SMS flow includes a free trial, a subscription upsell, or any recurring billing, you must provide clear and conspicuous disclosure of all material terms before obtaining billing information, and you must get affirmative consent to those terms separately from any other consent. "Negative option" means the consumer is enrolled unless they act to cancel. The FTC found widespread abuse of this in SMS funnels. [3]

The FCC's one-to-one consent rule, effective January 2025, changed how consent works for lead generators and multi-seller platforms. Under prior rules, a single consumer consent form could name a broad category of sellers and be sold to many of them. The new rule requires each seller to be identified at the point of consent, and requires the consumer's opt-in to be logically and topically related to the seller's category. [5] That ended the broad consent model behind a lot of lead generation.

For teams buying SMS-ready leads, the one-to-one rule means asking vendors for a copy of the exact consent form used, confirming your company was named, and checking the consent timestamp against your outreach date. Leads that miss these standards expose you to TCPA liability even if the vendor guarantees compliance. If you use AI cold calling tools or AI-assisted text platforms, consent-chain verification matters even more because volume is higher and errors scale.

The FTC also proposed rule amendments in 2023 that would address AI-generated calls and texts directly. Final rules were not issued as of mid-2025, but the direction is toward stricter disclosure for AI-generated content in telemarketing.

What should I do if my company received an FTC civil investigative demand about text messages?

Stop texting immediately, or at minimum suspend any campaign that might be related to the inquiry. Get a lawyer who specifically handles FTC enforcement, not a general business attorney, before you respond to anything. This is not the place to handle it internally.

A civil investigative demand (CID) is the FTC's version of a subpoena. Respond incompletely or incorrectly and that becomes its own problem. The FTC can use your CID response to identify additional violations beyond the ones that triggered the inquiry.

Preserve everything: consent records, suppression lists, campaign logs, send reports, and any communications with SMS platforms or lead vendors. Delete nothing. Litigation hold obligations attach the moment you have reason to believe a government investigation is underway, and a CID is exactly that reason.

If you don't yet have a lawyer and a CID arrives, the FTC's legal library explains the process at a basic level. [10] Don't rely on those pages to shape your response. They describe the process, not the strategy.

For teams that haven't received a CID but want to assess exposure, a self-audit using the TSR and TCPA checklists is a reasonable start. LeadCompliant's compliance kit includes a gap-analysis worksheet for this. After that worksheet, a 30-minute call with a TCPA-specialized attorney is usually enough to tell you whether you have a serious problem or just routine cleanup.

Frequently asked questions

Does the FTC TSR apply to text messages sent by automated platforms?

Yes. The FTC treats text messages sent by automated platforms as telemarketing calls under the TSR when they induce a purchase. Automation doesn't change the analysis. The fact that software sent the message rather than a human does not exempt it. You still need prior express consent, DNC compliance, and required disclosures. The volume that automation enables just raises the stakes.

Can I text someone who gave me their number on a business card?

A business card is not consent to receive marketing texts. It means the person shared contact information. Under both the TSR and the TCPA, you need affirmative agreement to receive commercial texts specifically. A card exchange might support a call in some B2B contexts, but sending promotional texts to that number without explicit consent is risky and likely non-compliant.

Does the DNC Registry apply to texts sent to existing customers?

The existing business relationship (EBR) exemption under the TSR can allow contact with existing customers even when their number is on the DNC Registry, but only for 18 months from the last transaction. After that window, the DNC registration controls. For texts, many compliance attorneys recommend fresh written consent instead of relying on the EBR, because the exemption was designed for voice calls and offers thinner protection for SMS.

What is the maximum TSR penalty per text message?

The FTC can seek up to $51,744 per violation under the TSR, and each non-compliant text can count as a separate violation. The ceiling adjusts annually for inflation under the Federal Civil Penalties Inflation Adjustment Act. In large-scale actions involving thousands of texts, this produces exposure in the tens of millions of dollars before any TCPA liability is added.

How is the FTC TSR different from the TCPA for text messages?

The TSR is an FTC rule enforced by the government, with no private right of action. The TCPA is a federal statute enforced by the FCC and by private plaintiffs in federal court. Consumers can sue you directly for TCPA violations, which is why TCPA class actions are common. TSR violations result in FTC enforcement, including civil penalties and injunctions. Both laws apply at once to telemarketing texts.

Do non-profit organizations have to follow TSR text rules?

Non-profits are largely exempt from the TSR, but the exemption is not absolute. The TSR exempts calls by non-profit organizations at 16 CFR 310.6, but if a for-profit company does the calling or texting on the non-profit's behalf, that company is a telemarketer and may be covered. Charitable solicitation texts by actual non-profits running their own programs are generally outside TSR scope, but verify with counsel for any specific situation.

Can I send a single prospecting text to a cell number without consent under the TSR?

No, not safely. The TSR requires prior express consent before sending telemarketing texts. A single unsolicited message is still a violation if the number is on the DNC Registry or if you lack consent. The TCPA separately prohibits autodialed texts to wireless numbers without prior express written consent, regardless of volume. There is no one-free-text exemption in either rule.

Does the TSR require a specific opt-out mechanism in text messages?

The TSR requires do-not-contact requests to be honored immediately but does not specify a technical mechanism. Industry standard and CTIA guidelines treat STOP as the keyword for SMS opt-out, and the FTC's enforcement posture matches that standard. Your messages should include opt-out instructions, and your system must process opt-outs before the next send. Ignoring a STOP reply is a clear TSR and TCPA violation.

Does the FTC TSR cover texts about financial products like loans or insurance?

Yes. The TSR covers telemarketing for a broad range of goods and services, including financial products. Some financial services face additional federal regulation (CFPB rules, state insurance regulations), but the TSR's baseline requirements still apply to any text campaign that induces a purchase or application. Texts promoting mortgage offers, personal loans, or insurance quotes sit squarely inside TSR scope.

What records do I need to keep to prove TSR compliance for text messages?

Keep timestamped consent records for every contact on your text list, including the exact disclosure language shown at the time of consent. Keep suppression list exports showing when each number was added. Keep campaign logs showing which numbers were messaged, when, and what message went out. Keep DNC scrub confirmations with dates. The FTC recommends retaining telemarketing records for two years, and many attorneys suggest three given state statute of limitations variations.

What happened in recent FTC enforcement actions involving text messages?

The FTC has targeted SMS-heavy lead generators and subscription marketers in recent years. Cases have involved deceptive negative-option subscriptions marketed via text, texts sent without consent, and texts to DNC-registered numbers. The Dish Network settlement, one of the largest, reached $280 million and covered both calls and texts. Smaller actions have settled in the $1 to $10 million range for mid-size operations.

Are political text messages covered by the FTC TSR?

Generally no. Political messages that solicit votes or express political views are not covered by the TSR because they don't solicit the purchase of goods or services. But fundraising texts asking for money may implicate the TSR if sent by a for-profit fundraising vendor on behalf of a political organization. The TCPA applies separately to political texts sent via auto-dialer, even where the TSR does not.

The one-to-one consent requirement discussed in 2024 and 2025 comes from the FCC's TCPA rulemaking, effective January 2025, not from the TSR. The FTC has not issued a parallel one-to-one rule, but the TSR's prior express consent requirement always implied consent must be directed to the actual sender. The FCC's rule sharpened this for TCPA purposes. Both agencies now point the same direction: consent must name the specific seller.

Sources

  1. FTC, 16 CFR Part 310 Telemarketing Sales Rule (full rule text): TSR defines telemarketing and requires prior express consent; telemarketers must immediately honor do-not-call requests under 16 CFR 310.4
  2. FTC, National Do Not Call Registry information for businesses: The National DNC Registry applies to telemarketing text messages; scrubbing required at least every 31 days
  3. FTC, Negative Option Rule and TSR amendments: FTC 2023 TSR amendments require clear and conspicuous disclosure of all material terms before billing information is collected for negative-option/subscription offers
  4. Cornell LII, 47 U.S.C. § 227 Telephone Consumer Protection Act: TCPA prohibits autodialed calls/texts to wireless numbers without prior express written consent; statutory damages $500 to $1,500 per violation
  5. FTC, Complying with the Telemarketing Sales Rule (FTC business guidance): Prior express consent for telemarketing contacts must be documented; consent must not be a condition of purchase
  6. FTC, National Do Not Call Registry (donotcall.gov fee schedule): DNC registry access fees: $75 per area code per year; first five area codes free; full national access costs approximately $18,936 annually as of 2024
  7. FTC, Penalty Offenses and civil penalty adjustments: TSR civil penalties up to $51,744 per violation, adjusted annually under the Federal Civil Penalties Inflation Adjustment Act
  8. FTC, Press Releases (FTC v. Dish Network $280 million judgment): FTC v. Dish Network resulted in a $280 million judgment covering TSR violations including unsolicited calls and texts to DNC-registered numbers
  9. FTC, Legal Library (civil investigative demand resources): The FTC uses civil investigative demands as subpoenas in telemarketing enforcement investigations

Disclaimer: LeadCompliant is a compliance review tool, not a law firm. We do not provide legal advice. Consult with a TCPA attorney for legal guidance on specific compliance questions. Compliance scores, audits, and risk assessments are informational only.

LeadCompliant Team

LeadCompliant provides expert guidance and tools to help you succeed. Our content is reviewed for accuracy and kept up to date.

Related Articles

Related Glossary Terms

LeadCompliant
Build My Kit