Telemarketing Sales Rule (TSR) and TCPA

Telemarketing Sales Rule (TSR) and TCPA: A Comprehensive Guide for CIPP/US Exam Preparation

Introduction

The Telemarketing Sales Rule (TSR) and the Telephone Consumer Protection Act (TCPA) are two of the most significant U.S. federal regulations governing how businesses can contact consumers via telephone, text messages, and other telecommunications channels. For CIPP/US candidates, understanding these laws is essential because they represent key limits on private-sector collection and use of personal information, particularly in the context of direct marketing and consumer outreach.

Why Are the TSR and TCPA Important?

These laws are critically important for several reasons:

1. Consumer Privacy Protection: Both the TSR and TCPA were enacted to protect consumers from unwanted, intrusive, and often deceptive telemarketing practices. They establish boundaries on when, how, and to whom businesses can direct marketing communications.

2. Significant Enforcement and Penalties: Violations of both the TSR and TCPA carry substantial penalties. The TCPA allows for a private right of action with statutory damages of $500 per violation (trebled to $1,500 for willful violations), which has led to a massive volume of class action litigation. The TSR is enforced by the Federal Trade Commission (FTC) and can result in civil penalties of up to $50,120 per violation.

3. Broad Applicability: These laws affect virtually every business that engages in telemarketing or uses telephone-based outreach, including calls, text messages, prerecorded messages, and fax communications.

4. Foundation for Do Not Call Framework: Together, the TSR and TCPA form the backbone of the National Do Not Call Registry and related do-not-call protections, which are among the most well-known consumer privacy mechanisms in the United States.

5. Intersection with Modern Technology: As technology evolves, these laws continue to be tested by new communication methods such as robocalls, auto-dialers, text messaging, and VoIP technology, making them highly relevant to contemporary privacy practice.

What Is the Telephone Consumer Protection Act (TCPA)?

The TCPA was enacted by Congress in 1991 and is codified at 47 U.S.C. § 227. It is enforced by the Federal Communications Commission (FCC) and also provides a private right of action for consumers.

Key Provisions of the TCPA:

1. Restrictions on Automated and Prerecorded Calls: The TCPA restricts the use of automatic telephone dialing systems (ATDS), prerecorded voice messages, and artificial voice messages to residential and wireless telephone numbers without prior express consent.

2. Prior Express Consent vs. Prior Express Written Consent: The TCPA distinguishes between these two consent standards. For telemarketing calls using an ATDS or prerecorded voice to wireless numbers, prior express written consent is required. For non-telemarketing calls (such as informational calls), prior express consent (which can be oral) may suffice.

3. Do Not Call Provisions: The TCPA requires the FCC to establish a national Do Not Call Registry. Telemarketers are prohibited from calling numbers on the registry unless they have an established business relationship with the consumer or have obtained prior express written consent.

4. Company-Specific Do Not Call Lists: In addition to the national registry, the TCPA requires companies to maintain their own internal do-not-call lists and honor consumer requests not to be called.

5. Restrictions on Unsolicited Fax Advertisements: The TCPA, as amended by the Junk Fax Prevention Act of 2005, prohibits sending unsolicited fax advertisements without prior express invitation or permission.

6. Time-of-Day Restrictions: Telemarketing calls may not be made before 8:00 a.m. or after 9:00 p.m. in the consumer's local time zone.

7. Caller Identification Requirements: Telemarketers must transmit caller ID information and identify themselves at the beginning of the call.

8. Private Right of Action: Consumers may bring suit in state court for violations, seeking actual damages or statutory damages of $500 per violation, which may be trebled to $1,500 for willful or knowing violations.

9. Definition of ATDS: The Supreme Court's 2021 decision in Facebook v. Duguid narrowed the definition of an ATDS to equipment that uses a random or sequential number generator to either store or produce phone numbers and dial those numbers. This decision significantly narrowed the scope of TCPA liability related to auto-dialers.

What Is the Telemarketing Sales Rule (TSR)?

The TSR was promulgated by the FTC in 1995 under the authority of the Telemarketing and Consumer Fraud and Abuse Prevention Act (Telemarketing Act) of 1994. It was significantly amended in 2003 and has been updated several times since.

Key Provisions of the TSR:

1. Scope: The TSR applies to telemarketing, which is defined as a plan, program, or campaign conducted to induce the purchase of goods or services or to induce a charitable contribution, involving more than one interstate telephone call. Importantly, the TSR applies to both outbound calls made by telemarketers and certain inbound calls (such as those generated by direct mail that includes a free gift or prize promotion).

2. Do Not Call Provisions: The TSR established the framework for the National Do Not Call Registry, maintained by the FTC. Telemarketers are prohibited from calling consumers whose numbers are on the registry, with limited exceptions (prior express written permission or an established business relationship within the previous 18 months, or a consumer inquiry within the previous 3 months).

3. Entity-Specific Do Not Call Lists: Sellers and telemarketers must maintain entity-specific do-not-call lists and honor consumer requests not to receive further calls.

4. Prohibition on Deceptive and Abusive Practices: The TSR prohibits a range of deceptive and abusive telemarketing practices, including:
- Misrepresenting the cost, quality, or nature of goods or services
- Misrepresenting material restrictions, limitations, or conditions
- Making false or misleading statements to induce payment
- Threatening, intimidating, or using profane language
- Causing the telephone to ring repeatedly with the intent to annoy or harass

5. Prerecorded Message Rules (Robocall Rules): The TSR prohibits the use of prerecorded messages in telemarketing calls unless the consumer has given express written agreement (signed, written consent) to receive such calls. Prerecorded messages must also provide an automated opt-out mechanism.

6. Abandoned Call Rules: The TSR limits the rate of abandoned calls (calls where no agent is available when the consumer answers) to no more than 3% of all calls answered by a live person on a per-campaign, per-day basis. If a call is abandoned, the telemarketer must play a prerecorded message identifying the seller and providing a phone number.

7. Required Disclosures: Telemarketers must promptly disclose:
- The identity of the seller
- That the purpose of the call is to sell goods or services
- The nature of the goods or services
- In prize promotions, that no purchase or payment is necessary to win

8. Payment Restrictions: The TSR includes specific provisions restricting certain payment methods in telemarketing, including prohibitions on the use of remotely created checks and cash-to-cash money transfers in many telemarketing transactions, and restrictions on the use of novel payment methods that facilitate fraud.

9. Prohibition on Unauthorized Billing: The TSR prohibits billing consumers for goods or services without the consumer's express informed consent.

10. Fee Advance Restrictions: The TSR includes specific provisions regarding advance fee schemes, including rules for credit repair services, debt relief services, recovery room operations, and investment opportunities. For example, debt relief companies are prohibited from charging fees before they have successfully settled or otherwise resolved the consumer's debt.

How Do the TSR and TCPA Work Together?

While both laws regulate telemarketing, they are enforced by different agencies and have different mechanisms:

Feature	TCPA	TSR
Enacted	1991	1995 (amended 2003)
Authority	Congress (statute)	FTC (regulation under Telemarketing Act)
Primary Enforcer	FCC; State AGs; Private litigants	FTC; State AGs
Private Right of Action	Yes ($500-$1,500 per violation)	No direct private right of action under TSR (but state AGs can enforce)
Do Not Call Registry	FCC rules implement registry	FTC maintains the registry
Entities Covered	Broad (any caller using regulated technology)	Telemarketers and sellers (excludes certain entities like banks, common carriers, nonprofits, and insurance companies that are regulated by other agencies)

Key Distinction on Covered Entities: The TSR does not apply to entities that are not within the FTC's jurisdiction, such as banks and financial institutions (which are regulated by the Consumer Financial Protection Bureau), common carriers, nonprofit organizations, and insurance companies. However, the TCPA has broader applicability and can apply to these entities as well.

Important Exemptions and Exceptions

For exam purposes, it is important to understand key exemptions:

- Established Business Relationship (EBR): Under the TSR, a company may call a consumer on the Do Not Call Registry if it has an existing business relationship (transaction within the last 18 months or inquiry within the last 3 months). The TCPA has similar provisions.

- Prior Express Written Consent: Both laws allow calls if the consumer has provided appropriate consent.

- Tax-Exempt Nonprofits: Generally exempt from the TSR (since they are outside FTC jurisdiction), but the TCPA may still apply to their calls.

- Business-to-Business Calls: The TSR and TCPA primarily focus on calls to consumers. B2B calls are generally not covered by the Do Not Call Registry provisions, though other provisions may still apply.

- Informational Calls: Calls that are purely informational (not marketing) may be subject to different rules, especially under the TCPA, where the consent standard may be lower for non-telemarketing calls.

Recent Developments and Trends

1. Facebook v. Duguid (2021): The U.S. Supreme Court narrowed the TCPA's definition of ATDS, reducing potential liability for businesses that use targeted dialing systems rather than random or sequential number generators.

2. TCPA Constitutionality: In Barr v. American Association of Political Consultants (2020), the Supreme Court struck down a government-debt exception to the TCPA's robocall ban as an unconstitutional content-based restriction on speech, but severed the exception rather than invalidating the entire robocall ban.

3. FCC One-to-One Consent Rule: In 2023, the FCC adopted new rules requiring one-to-one consent for robocalls and robotexts, meaning consumers must consent to receive calls from a specific seller, rather than providing blanket consent to multiple sellers through a single form (effective January 2025).

4. Reassigned Numbers: The FCC has established a Reassigned Numbers Database to help callers avoid calling numbers that have been reassigned to new consumers.

5. State Mini-TCPA Laws: Many states have enacted their own telemarketing laws, often with stricter requirements than the federal TCPA and TSR. States like Florida, Oklahoma, and Washington have passed particularly aggressive laws expanding restrictions on telemarketing calls and texts.

How to Answer Questions on TSR and TCPA in the CIPP/US Exam

When approaching exam questions on these topics, consider the following framework:

1. Identify the Law: Determine whether the question pertains to the TCPA (FCC-enforced statute with private right of action) or the TSR (FTC-enforced regulation). Look for clues such as the type of entity, enforcement mechanism, or specific provisions referenced.

2. Identify the Communication Method: Determine whether the scenario involves live calls, prerecorded/robocalls, text messages, faxes, or a combination. Different rules apply to different communication methods.

3. Identify the Type of Number: Determine whether the call is to a residential landline, a wireless number, or a business number. The TCPA has different rules for calls to wireless versus landline numbers.

4. Check for Consent: Analyze whether the consumer has provided the appropriate level of consent (prior express consent vs. prior express written consent) and whether any exceptions apply.

5. Check the Do Not Call Registry: Determine whether the consumer's number is on the National Do Not Call Registry and whether any exemptions (EBR, prior consent) apply.

6. Consider Enforcement: Identify who can enforce the law (FTC, FCC, state attorneys general, private litigants) and what remedies are available.

Exam Tips: Answering Questions on Telemarketing Sales Rule (TSR) and TCPA

Tip 1: Know Which Agency Enforces Which Law
The FTC enforces the TSR; the FCC enforces the TCPA. Both the FTC and FCC maintain aspects of the Do Not Call framework. If a question asks about FTC authority, think TSR. If it asks about FCC authority or private lawsuits, think TCPA.

Tip 2: Remember the Private Right of Action Distinction
The TCPA provides a private right of action; the TSR does not. This is a commonly tested distinction. If a question involves a consumer suing a telemarketer directly, it is most likely a TCPA question.

Tip 3: Understand the Consent Hierarchy
Prior express written consent is the highest standard and is required for telemarketing robocalls to wireless numbers under the TCPA. Prior express consent (which can be oral) applies to non-telemarketing automated calls. No consent is needed for manually dialed, live-voice calls to landlines (though Do Not Call rules still apply).

Tip 4: Know the Established Business Relationship Exception
Under the TSR, an EBR exists if there was a transaction within 18 months or an inquiry within 3 months. This exception allows calls to numbers on the Do Not Call Registry but does NOT override a company-specific do-not-call request.

Tip 5: Remember TSR Jurisdiction Limits
The TSR does not apply to banks, federal credit unions, savings institutions, common carriers, airlines, nonprofits, or insurance companies because these entities fall outside FTC jurisdiction. The TCPA, however, applies more broadly.

Tip 6: Distinguish Between the National DNC Registry and Company-Specific DNC Lists
Both the TSR and TCPA require companies to maintain internal do-not-call lists. A consumer's request to a specific company to stop calling must be honored regardless of whether the consumer is on the national registry. Company-specific requests override the EBR exception.

Tip 7: Know the Facebook v. Duguid Standard
After the Supreme Court's decision, an ATDS under the TCPA must use a random or sequential number generator. Systems that dial from stored lists of specific numbers are not ATDS under this narrowed definition. This is a high-profile case likely to appear on the exam.

Tip 8: Pay Attention to Text Messages
The FCC has ruled that text messages are considered "calls" under the TCPA. Therefore, the same consent requirements that apply to phone calls also apply to text messages, including marketing texts sent via an ATDS or prerecorded system.

Tip 9: Know the Abandoned Call Rate
Under the TSR, the abandoned call rate cannot exceed 3% per campaign per day. This is a specific number that may be tested.

Tip 10: Watch for Trick Questions About Faxes
Unsolicited fax advertisements are prohibited under the TCPA unless the sender has prior express permission or an established business relationship. The Junk Fax Prevention Act of 2005 amended the TCPA to address fax advertising specifically.

Tip 11: Remember Penalty Amounts
TCPA statutory damages: $500 per violation (up to $1,500 for willful violations). These are per-violation amounts, meaning a single campaign can generate enormous liability in class actions. FTC civil penalties under the TSR can exceed $50,000 per violation.

Tip 12: Consider State Laws
Many states have their own telemarketing laws that may be more restrictive than federal law. If a question mentions a state-specific restriction that goes beyond the TSR or TCPA, remember that state laws can impose additional requirements on top of federal requirements.

Tip 13: Understand the Broader Privacy Context
In the CIPP/US framework, the TSR and TCPA fall under the category of limits on private-sector collection and use of personal information. These laws limit how businesses can use consumers' telephone numbers for marketing purposes. Connect these laws to broader themes of consumer consent, notice, choice, and the FTC's role in consumer protection.

Summary Comparison Chart for Quick Review

TCPA:
- Federal statute (1991)
- Enforced by FCC, state AGs, private litigants
- Covers calls, texts, faxes to residential and wireless numbers
- Private right of action ($500/$1,500 per violation)
- Broad applicability (covers most entities)
- Requires prior express written consent for telemarketing robocalls to wireless numbers
- ATDS definition narrowed by Facebook v. Duguid

TSR:
- FTC regulation (1995, amended 2003)
- Enforced by FTC and state AGs
- No private right of action
- Does not cover entities outside FTC jurisdiction (banks, nonprofits, common carriers, etc.)
- Maintains National Do Not Call Registry
- Prohibits deceptive and abusive telemarketing practices
- 3% abandoned call rate limit
- Advance fee restrictions for debt relief, credit repair
- EBR exception: 18 months (transaction) or 3 months (inquiry)

By mastering these distinctions and applying the analytical framework described above, CIPP/US candidates will be well-prepared to answer questions about the TSR and TCPA on the certification exam.