The Ultimate Guide to TCPA 1:1 Consent (With Examples)

Have you ever picked up your phone and seen yet another spammy text or robocall selling you something you didn’t ask for? You’re not the only one. According to the Federal Trade Commission (FTC), U.S. consumers reported more than 5 million unwanted robocalls in just one year. And that’s only the people who took the time to file a complaint.

To help fix the problem, the Telephone Consumer Protection Act (TCPA) was created. It gives people more control over who contacts them—and how. Then, in 2023, the FCC introduced a new rule called the TCPA1:1 consent requirement.

This rule would have made marketers ask for clear permission before contacting someone on behalf of each brand. No more vague fine print. No more blanket permissions. It was designed to change how digital marketing and lead generation worked. But in a surprise twist, the rule was struck down just before it could take effect.

In this guide, we’ll discuss everything you need to know:

• What the TCPA and TCPA1:1 consent rule were meant to do
  
• Why the rule was canceled at the last minute
  
• What rules still apply—and what’s getting stricter in 2025
  
• And how to stay compliant without slowing down your growth
  

Because here’s the truth: following TCPA rules isn’t just about staying legal. It’s also smart business. Break the rules, and you could face fines from $500 to $1,500 per message. But follow them, and you build trust. That trust leads to more sales, more referrals, and customers who actually want to hear from you

 

What Is the TCPA1:1 Consent Rule?

The Telephone Consumer Protection Act (TCPA) has been around since 1991. It was created because people were fed up with unwanted calls and faxes. Over time, the law has grown to include rules for robocalls, auto-texts, and pre-recorded messages. The goal has always been simple—let people decide who can contact them, and how.

To help enforce this, the FCC added more rules. In 2003, they created the Do Not Call Registry. In 2012, they made it mandatory to get written consent before sending robocalls or texts. It’s always been about giving people a real choice before their phones start buzzing with things they never asked for.

Then came something new—the TCPA1:1 consent rule.

What Does TCPA1:1 Consent Mean?

The 1:1 consent rule was the FCC’s way of making the rules tighter. It was meant to change what “prior express written consent” (PEWC) really meant.

Before, one consent could allow many companies to contact you. For example, if you filled out a form on a comparison website, that one action might have given permission to several brands all at once.

Under TCPA1:1, that would no longer work. The new rule said you’d have to give permission to each brand one by one. A clear “yes” for each one—not a general okay for all. Think of it like this: instead of saying, “Anyone can call me,” you’re now saying, “Only this one company I agreed to.”

Why Did the FCC Want This Change?

The FCC had a big reason: lead generators.

These are sites that collect your contact info—like your name, phone number, or what you’re interested in—and then send it to other companies. With older rules, those companies could contact you using a blanket consent, even if you’d never heard of them.

That wasn’t fair to the consumer.

The TCPA1:1 rule was created to stop that. It was meant to bring more clarity and control. No more fine print. No more sneaky disclaimers. Just clean, honest permission—one brand at a time.

Key Provisions of the 1:1 Consent Rule

If the TCPA1:1 rule had gone into effect on January 27, 2025, here’s what it would have changed:

• One brand at a time: You would have to give permission to each company separately. One checkbox couldn’t cover ten different brands anymore.
• Clear and honest info: You had to be told upfront that you were agreeing to get robocalls or texts. These messages might use auto-dialers or prerecorded voices.
• Messages that make sense: The messages you got had to match what you showed interest in. If you asked about auto insurance, they couldn’t send you ads for something random—like dog grooming.

This would’ve been a big shift. Many businesses would need to change how they collect permission, rewrite contracts, and clean up how they share customer data.

Why the TCPA1:1 Consent Rule Was Canceled

For months, businesses were getting ready for one of the biggest compliance changes in years. The FCC’s TCPA1:1 rule had everyone on edge—especially marketers and lead generators who rely on shared opt-ins. Then, just days before it was supposed to begin, everything changed

A Sudden Pause No One Expected

The FCC approved the TCPA1:1 rule back in December 2023. It was set to start on January 27, 2025. The countdown had begun. Companies were moving fast—rewriting forms, updating consent flows, and changing contracts. This wasn’t a small change. It was a big shift in how consent had to be collected.

But on January 24, 2025—just three days before the rule was set to go live—the FCC suddenly paused it. They said the rule might not be ready, and that court challenges were creating too much uncertainty. So, they pushed it back by up to 12 months. Businesses let out a breath.

But later that same day, the Eleventh Circuit Court of Appeals gave an even bigger surprise: not only was the rule delayed—it was canceled altogether.

What the Court Actually Decided

Here’s the simple version: the court ruled that the FCC went too far. The TCPA says businesses must get “prior express consent” from consumers. But it doesn’t say that consent must be given brand by brand. It also doesn’t say messages have to stay tied to the exact thing the person first asked about.

The FCC had added extra rules that weren’t in the original law. And that’s not allowed. The court said the FCC’s version didn’t match what Congress wrote. So instead of sending it back for changes, the court threw it out completely.

What That Means for You

If your business had been scrambling to prepare—you’re not alone. A lot of companies were doing the same. This ruling gives everyone a bit of breathing room.

The good news is, you can still use shared consent forms and lead sources—as long as your language is clear and meets the current TCPA standards.

But don’t let your guard down.

The original TCPA rules still apply. You still need clear written permission before sending robocalls or automated texts. You still have to respect opt-outs. And starting April 11, 2025, you’ll need to process unsubscribe requests within 10 business days.

So yes—the TCPA1:1 rule is gone. But the rules are still strict. Now’s a good time to double-check your outreach strategy and make sure your consent records are clean before the next round of enforcement begins.

TCPA Still Matters: Why Consent Is Critical

Just because the TCPA1:1 rule got canceled doesn’t mean you can start texting or calling anyone you want. That would be a huge mistake. The Telephone Consumer Protection Act (TCPA) is still active. And in 2025, it’s becoming even more important for how businesses should talk to customers.

Why Getting Clear Consent Still Matters

At its core, the TCPA is about fairness. If you’re going to send a robocall, a mass text, or a pre-recorded voice message, you need clear written permission. This is called Prior Express Written Consent (PEWC)—and it’s not optional.

Just having someone’s number isn’t enough. You need proof that they said “yes.” You also need to show how and when they gave consent. That could be a form on your website, a checkbox, or a third-party record. But however you collect it, it needs to be solid—because if someone questions it, the proof is on you.

Penalties for Violating the TCPA

Not following the rules isn’t just a legal slip-up. It can cost your business in fines, lawsuits, and public trust. These aren’t the kind of mistakes you can quietly fix later. If you get it wrong, the consequences can hit hard—and fast.

Financial Penalties That Add Up Fast

Let’s talk numbers. If you break the TCPA, each illegal call or text can cost you $500—even if no one complains. If the court believes you did it knowingly, that fine jumps to $1,500 per message.

Think about that. Just 10 messages to the wrong list could cost $15,000. One campaign with no proper consent? That could easily turn into a six-figure problem. And this isn’t just theory—it’s already happened to plenty of companies.

Legal Trouble: More Than Just Fines

The legal stress is real. The TCPA allows people to file class action lawsuits. That means a group of consumers can come together and sue your business in one big case.

Even if you settle, these cases drag on. They cost time, money, and peace of mind. Investors start to worry. And if you end up in court, you’ll need solid proof of consent—because the judge will expect you to show it.

Your Business Could Get Put on Hold

If a judge says your outreach doesn’t follow the rules, they can stop your campaigns on the spot. That means no texts. No calls. Nothing—until your systems are fixed.

For some companies, that brings sales and marketing to a standstill. Leads dry up. Revenue drops. And suddenly, you’re not just solving a legal issue—you’re rebuilding your whole outreach strategy under pressure.

The Damage to Your Reputation

The worst part is the damage to your brand. And it can last even longer than the lawsuit.

Once people hear that your company was sued for spammy calls or texts, trust starts to fade. More people unsubscribe. Complaints pile up online. Even your loyal customers may start to question you.

And in today’s world, trust matters more than ever. Once it’s gone, it can take years to rebuild. For some companies, it never comes back.

Main TCPA Consent Requirements

Compliance doesn’t usually spark excitement. But when it comes to TCPA1:1 and the rules around it, knowing the basics can save you from a lot of stress, fines, and damage to your reputation. The best part is you don’t need to be a lawyer to get it right. Lets discuss all these requirements in detail!

1. Prior Express Written Consent (PEWC)

Before you send anyone a promo text or a robocall, ask yourself this: Did they clearly say “yes”—and can I prove it?

That’s what PEWC means. Just because someone typed their number into a form doesn’t mean they agreed to hear from you. If you’re using automated calls or texting tools, you need proper permission—with their signature.

Now, don’t worry—it doesn’t have to be handwritten. A digital checkbox, a signed web form, or anything that leaves a clear trail works just fine. As long as you can pull it up later, you’re good. Think of it like a digital handshake. Without it? You’re just one wrong message away from a costly penalty.

2. Clear and Conspicuous Disclosure

Getting consent is one thing. But making sure people understand what they’re saying “yes” to? That’s just being honest.

TCPA rules say you have to explain everything clearly—no tricks, no fine print hiding in legal talk. Tell people who’s going to contact them and what kind of messages they’ll get. Planning to use a robot voice or pre-recorded message? Say it upfront.

It should be so simple that even someone who’s never heard of the TCPA can understand it. If your message isn’t that easy to follow, it’s probably not compliant. People deserve to know what they’re signing up for. This rule just makes sure they actually do.

3. Respecting the Do Not Call (DNC) Registry

If someone puts their number on the Do Not Call list, they mean it. They don’t want marketing messages—unless they say otherwise.

So here’s the deal: if a number’s on the DNC list and you don’t have clear permission, don’t call or text them. Period. No “just one quick text” excuses. That still counts as a violation.

Also, remember that texts are treated just like calls under the TCPA. And phone carriers are getting really smart about blocking anything that seems spammy. If your number gets flagged, your message might not even go through—and your brand reputation could take a serious hit.

4. Record-Keeping Requirements

Let’s say you did everything right. You got permission. You were upfront. You followed all the rules. That’s great! But here’s the next big question: Can you prove it?

The law wants you to keep a record of each person’s consent—for at least five years. That means more than just a name and phone number. You need the date, the exact wording they agreed to, and how the consent was collected.

And if you’re buying leads from someone else? Don’t assume they’ve got it covered. Ask for the documents. If there’s no record, you’re the one at risk—not them.

5. Revocation of Consent (Effective April 11, 2025)

Here’s a big update that puts even more power in the consumer’s hands.

Starting April 11, 2025, people can take back their consent at any time—and in any way that makes sense. That might be replying “STOP” to a text, telling a rep on the phone, or even leaving a quick voicemail. If they say they want out, you’ve got 10 business days to honor it.

You’re allowed to send one final message just to confirm what they’re unsubscribing from. But that message can’t include any marketing or offers—just the facts. This new rule is about making it easier for people to change their minds, and for businesses to respect that, no questions asked.

TCPA Exceptions: When Consent Isn’t Required

The TCPA usually puts some pretty strict rules around marketing texts and calls. But not every message is trying to sell something. Sometimes, it’s just about helping people, keeping them safe, or giving them info they actually need. And for moments like that, the law gives you a bit of room.

These exceptions are built on common sense — and they make space for doing the right thing without having to ask for permission first.

When It’s Urgent—and People Need to Know

In real emergencies, the rules take a backseat.

If there’s a wildfire, a health outbreak, or a serious storm coming, people need to hear about it fast. That means it’s okay to send a message without waiting for consent.

Whether it’s a text, a call, or an automated alert — the point is to protect people. And when something serious is happening, sharing life-saving info matters more than checking a box.

When It’s Part of a Service Someone Already Uses

You order something online, and the company texts you an update. Or your bank notices something off and sends a fraud alert. Maybe your dentist gives you a heads-up about tomorrow’s appointment.

These aren’t sales messages — they’re just helpful reminders or updates. They’re called transactional or relationship-based messages.

Since the person already has a connection with your business, you’re allowed to send these without extra permission. And truthfully? Most folks appreciate the heads-up. It’s part of good service, not pushy selling.

When You’re Simply Following Up—Not Selling

Sometimes someone cancels a booking, opts out of future messages, or just asks for confirmation. In that case, you can send one quick follow-up message to close the loop.

Like if someone replies “STOP” to a text, you’re allowed to send one final message confirming they’ve been removed.

But here’s the thing — that message has to be clean. No discounts, no clever offers, no “wait, don’t go” type stuff. Just a simple, respectful confirmation. That’s it.

ATDS and Text Message Compliance Rules

If you’re texting your customers as part of your outreach, the TCPA wants you to hit pause and think—especially if you’re using automation. Whether it’s a flash sale alert or a quick appointment reminder, there’s one big question: is this message being auto-dialed?

Let’s break down what the rules say today—and what they actually mean for how you send texts.

What Counts as an ATDS in the Current World?

ATDS stands for Automatic Telephone Dialing System. Under the TCPA, using one can trigger stricter rules. But for a long time, no one was quite sure what really counted.

Was every texting tool a problem? Was it okay if a human hit “send”? Could software land you in trouble even if it just helped organize things?

Thankfully, recent court decisions made it a bit clearer.

In simple terms, an ATDS is any system that stores or creates phone numbers and sends messages automatically—without a person doing it manually. So, if your platform sends out messages in bulk without someone pressing send each time, that could count.

Now, courts look at how you actually use your texting tool—not just what it’s capable of. If your system could auto-text but you’ve got it set to send manually, you’re likely fine. But if you’ve set it up to blast out texts from a saved list, no human involved, that’s riskier.

Why all the focus? Because people see texts as personal. And when they feel spammed, they get upset—fast.

Smart (and Safe) SMS Compliance Tips

The safest approach is  to act like every marketing text is coming from an ATDS, even if it isn’t. That way, you’re always playing it safe—and respectful.

Here’s how:

1. Get clear permission first. Don’t send marketing texts without documented, written consent. Just having someone’s phone number doesn’t mean you’re good to go. You need a real “yes”—with proof you can keep.
2. Make it easy to opt out. Every single message should tell people how to unsubscribe. A simple “Reply STOP to unsubscribe” at the end works just fine. Don’t make them guess.
3. Never assume consent. Just because someone made a purchase or gave you their number once doesn’t mean they want texts. When in doubt, send a one-time opt-in message first. If they reply “yes,” then you’re good to go.

Final Thoughts

If you’ve been leaning on 1:1 consent as your safety net, it’s time to take another look. That approach doesn’t hold up anymore. With new TCPA revocation rules just around the corner, there’s less room for error now. What used to be flexible guidance is turning into real legal requirements. In short? Staying ahead isn’t just smart—it’s necessary.

But here’s the good news: staying compliant doesn’t have to be scary or stiff. With the right tools and a clear process, following the rules can feel natural. It’s about turning good habits into part of your everyday routine. Tools like TrustedForm make it easy to collect consent, keep records tidy, and do it all without losing your personal touch. Less stress, fewer risks—and a lot more peace of mind.

And this isn’t just about avoiding trouble. Let’s be honest—privacy matters more than ever. People are watching how businesses handle their data. When you build your brand on respect and honesty, you stand out. In fact, simply honoring someone’s boundaries could become your biggest edge in today’s trust-focused world.

So don’t wait for a mistake to force a fix. Make compliance part of how you work every day. Keep things simple. Stay honest. And always put trust first. Because when you show people you care about how you connect, you’re not just following rules—you’re building real, lasting relationships.

FAQs

1. What is the new one-to-one consent rule under TCPA?

Starting January 27, 2025, the FCC’s new rule says this loud and clear: each business must get separate, written permission from you before sending robocalls or texts. In other words, no more vague, blanket consents where you check one box and suddenly hear from a dozen different companies.

Let’s say you’re on a comparison site looking for insurance quotes. With this rule, you’ll need to opt in separately for each company you’re actually interested in hearing from. Each one must clearly explain what kind of calls or texts you’re signing up for—no more surprises.

2. Why did the FCC make this change now?

Because the old system was being abused—badly. The FCC found that a huge number of spammy calls and texts were coming from lead generators claiming to have your consent… when they really didn’t.

The new one-to-one rule closes that loophole. It protects your inbox and phone line from being flooded just because you clicked one “Get My Quote” button. The FCC wants to keep comparison sites helpful—but without the shady side effects.

3. Does this mean live calls with a third party are also restricted?

Not exactly. If a live agent connects you to a third party during the same live call (and they’re not using automated dialing or recorded messages), this rule doesn’t apply.

But here’s the catch: if that third party wants to call or text you later using robocalls or automated systems, they’ll still need to get your written OK first. So yes, follow-up robocalls are a no-go without that specific consent.

4. Where can I read the official ruling myself?

If you’re the type who likes reading things straight from the source, here you go:

• Second Report and Order (PDF)
• Federal Register Summary

Both documents lay out the legal framework behind the rule—and exactly what it means for businesses and consumers.

5. Has the TCPA changed over the years?

Absolutely. The FCC has kept tightening the screws, especially as tech evolves. In 2024, they made it easier for people to revoke consent—if you say “stop,” companies have to stop. They’re also now looking at how AI-powered calls are being used (and abused), with new rules expected soon.

6. What if my number’s already on the Do Not Call list?

Being on the National Do Not Call Registry adds an extra layer of protection. But here’s something many people miss: if you give written consent to a specific company, they can still legally call or text you—even if your number is on the list.

That’s why it’s important to read the fine print when filling out forms online. If you’re giving consent, make sure it’s to the companies you actually want to hear from—and no one else.