SiriusXM’s $28 million TCPA settlement hit its final approval hearing on May 11, 2026, in the Central District of Illinois. The case — Campbell v. SiriusXM Radio, Inc., No. 2:22-cv-2261 — covers consumers who received more than one telemarketing call from SiriusXM within a 12-month period between April 27, 2019, and October 31, 2025, despite either being on the National Do Not Call Registry or having asked to be added to SiriusXM’s internal Do Not Call list. The operational lesson buried inside the case is more important than the headline number.
The “internal DNC” failure mode
The National DNC Registry is a known compliance surface. Most callers scrub against it. But the internal DNC list — the list of consumers who have specifically asked your company to stop calling them — is where SiriusXM (and most large outbound callers) repeatedly bleeds. The plaintiffs in Campbell were able to assemble a class because the company couldn’t reliably honor its own internal opt-out requests across a six-year window. That’s an operational data problem, not a legal one.
The TCPA requires that an internal DNC request be honored within a reasonable time — typically construed as 30 days — and that the request persist indefinitely once made. For any large outbound calling operation, this means an internal DNC list has to: (1) capture every opt-out across every channel (phone, web, text reply, email, mail), (2) propagate that opt-out to every system that initiates contact, and (3) survive every data migration, vendor switch, and platform consolidation that happens over the years.
Where it breaks
The places SiriusXM almost certainly broke down are the places most operators break down:
Channel fragmentation. Customer asks an inbound rep to stop calling. That rep notes it in the support CRM. The outbound dialer reads from a different system. The opt-out doesn’t propagate. Next call goes out two weeks later.
Vendor and platform changes. Migration from one telephony platform to another, or one CRM to another, frequently drops the historical DNC flag. Suddenly a number that’s been opted out for three years is “fresh” again from the dialer’s perspective.
Reassigned numbers. The number that opted out belongs to one person. Two years later, the number belongs to someone else. Your DNC list still has the opt-out. Now you’re not calling the person who asked you to stop — but the rules around this are nuanced and have moved repeatedly in recent years.
Affiliate and partner calls. Calls placed by partners, resellers, or acquisition targets on your behalf. The opt-out you captured doesn’t make it into their dialers. The customer experiences these as calls from you.
The class-action economics
Per the settlement framework, SiriusXM’s $28 million covers a class spanning roughly six and a half years. Per-claimant payouts are capped (claim deadline was March 21, 2026), but the structural cost — attorney’s fees, claims administration, ongoing class-counsel oversight — is significant. The settlement also triggers internal remediation obligations: SiriusXM’s internal DNC processes will be under heightened scrutiny going forward, and any future violation in this area carries dramatically increased exposure.
For operators, the math to internalize: the $28M number is the visible cost. The invisible cost is the ongoing operational discipline required to keep this from happening again. Most companies eat that invisible cost only after the visible one materializes.
One operational hedge worth building into your dialing stack: scrub every outbound list against known TCPA plaintiffs before you launch. TCPALitigatorList.com maintains a continuously updated database of numbers tied to professional plaintiffs and frequent TCPA filers, and a five-minute suppression pass against that file is a lot cheaper than a single class certification fight.
An operator’s audit checklist
Five things to verify about your internal DNC infrastructure this week:
First, every channel where a customer can request to stop being contacted feeds into a single source-of-truth opt-out table. Second, that table is read by every system that initiates outbound contact, with a documented SLA on propagation (24 hours is reasonable; 30 days is the legal ceiling, not the operational target). Third, opt-outs persist through every data migration, with explicit reconciliation steps in the migration playbook. Fourth, partner and affiliate calling is governed by a contractual requirement that your DNC list be shared and honored. Fifth, you have a quarterly audit process that picks 25 random opt-outs and verifies that no contact has gone out since the opt-out date. If you can’t pass that audit cleanly, you’re a Campbell defendant waiting to happen.
Sources
Campbell v. SiriusXM Radio, Inc., No. 2:22-cv-2261 (C.D. Ill.); settlement website sxmtcpasettlement.com; Inside Radio and TopClassActions reporting.