Most insurance agents think about compliance as one thing. "We follow TCPA." But TCPA is enforced by the FCC. The DNC Registry is enforced by the FTC under a different law. Your state AG enforces a third set of rules entirely. And consumers can sue you directly under a private right of action that bypasses all of them. These are not the same law, not the same agency, and not the same standard.
The Three Federal Frameworks
1. The Telephone Consumer Protection Act (TCPA) — Enforced by the FCC
The TCPA (47 U.S.C. § 227) was enacted in 1991 and is administered by the Federal Communications Commission. It prohibits: autodialed or prerecorded calls to cell phones without prior express consent; calls before 8am or after 9pm local time; and failing to maintain and honor do-not-call lists. Penalties: $500–$1,500 per violation, with a private right of action for consumers.[1]
Key enforcement mechanism: private class action lawsuits. This is the framework that generates the massive headline verdicts.
2. The Telemarketing Sales Rule (TSR) — Enforced by the FTC
The TSR (16 C.F.R. Part 310) establishes the National Do Not Call Registry, restricts calling hours, mandates specific disclosures, and prohibits deceptive telemarketing practices. Civil penalties: up to $51,744 per violation, enforced by the FTC directly.[2]
The Dish Network case ($341 million) was an FTC-led enforcement action, not a private lawsuit.[3]
3. State Consumer Protection Laws — Enforced by State AGs
Over 35 states have their own telemarketing statutes, some stricter than federal law. Florida, California, Texas, New York, and Illinois are the most active enforcement states for insurance telemarketing violations.
How the Three Frameworks Interact
The same call can violate multiple frameworks simultaneously:
- An autodialed call to a cell phone without consent violates TCPA (FCC) → $500–$1,500/call
- The same call to a DNC-registered number violates TSR (FTC) → up to $51,744/call
- If the number is in California and the call came from outside California → separate state penalties
- The consumer can independently file a TCPA class action → statutory damages × class size
What Insurance Agents Specifically Need to Know
The most dangerous assumption in insurance telemarketing is "we've been TCPA compliant so we're fine." TCPA compliance doesn't protect you from FTC enforcement of DNC violations. FTC compliance doesn't protect you from a TCPA class action. You need to be clean across all three.
In its 2023 enforcement report, the FTC noted that health insurance was among the top five most-complained-about telemarketing categories for the fifth consecutive year.[4]
Your Compliance Baseline Across All Three Frameworks
- FCC/TCPA: Documented consent for ATDS cell phone calls. No prerecorded messages without consent. Calling hours enforced. Internal DNC honored.
- FTC/TSR: National DNC registry scrubbed every 31 days. State DNC lists checked. Written compliance policy. Disclosures on every call.
- State: Verify current law for every state you're dialing into. Florida, California, Texas, New York all have additional requirements.
References
- Telephone Consumer Protection Act, 47 U.S.C. § 227. FCC enforcement authority and private right of action.
- Telemarketing Sales Rule, 16 C.F.R. Part 310. FTC enforcement authority and civil penalty schedule.
- United States v. Dish Network LLC, No. 3:09-cv-03073 (C.D. Ill. 2017). $341 million judgment.
- Federal Trade Commission. (2023). National Do Not Call Registry Data Book FY 2023.
